From: Tony Jones <tonyj@suse.de>
Date: Wed, 27 Apr 2011 13:10:49 +0000 (+0200)
Subject: audit: acquire creds selectively to reduce atomic op overhead
X-Git-Tag: v3.0-rc1~344^2~10
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f562988350361bf4118dd3c3e192dff763b493d9;p=pandora-kernel.git

audit: acquire creds selectively to reduce atomic op overhead

Commit c69e8d9c01db ("CRED: Use RCU to access another task's creds and to
release a task's own creds") added calls to get_task_cred and put_cred in
audit_filter_rules.  Profiling with a large number of audit rules active
on the exit chain shows that we are spending upto 48% in this routine for
syscall intensive tests, most of which is in the atomic ops.

1. The code should be accessing tsk->cred rather than tsk->real_cred.
2. Since tsk is current (or tsk is being created by copy_process) access to
tsk->cred without rcu read lock is possible.  At the request of the audit
maintainer, a new flag has been added to audit_filter_rules in order to make
this explicit and guide future code.

Signed-off-by: Tony Jones <tonyj@suse.de>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
---

Reading git-diff-tree failed