diff options
author | Jeff Vander Stoep | 2018-01-03 13:04:26 -0600 |
---|---|---|
committer | Jeff Vander Stoep | 2018-01-03 14:52:58 -0600 |
commit | 54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2 (patch) | |
tree | c33ab1a380292d04a224dfbd35879547e91d5541 /logd/libaudit.c | |
parent | 93d344d98cd02d66c3aac8067718be828ea283f9 (diff) | |
download | platform-system-core-54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2.tar.gz platform-system-core-54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2.tar.xz platform-system-core-54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2.zip |
LogAudit: remove dynamic rate limiter
Select a low rate-limit to cut down on logspam and resulting
performance regressions.
Functionally reverts 247d682fe1b0dd4c8f149b7f5c89c546df17873a
(logd: sepolicy dynamic rate limiting) and sets a static low
rate-limit. Before 247d682f, the limit was statically set to 20.
247d682f continued to support 20, but if sustained dropped the limit
to 5. This revert leaves us at 5 so as not to impact performance.
Test: /data/nativetest/logd-unit-tests/logd-unit-tests \
--gtest_filter=logd.sepolicy_rate_limiter
[ PASSED ] 1 test.
Bug: 71538411
Change-Id: I6c92f4ba825cc24beb8f1f1b79258fa8097c837b
Diffstat (limited to 'logd/libaudit.c')
-rw-r--r-- | logd/libaudit.c | 23 |
1 files changed, 2 insertions, 21 deletions
diff --git a/logd/libaudit.c b/logd/libaudit.c index dfd56f23a..9d9a85742 100644 --- a/logd/libaudit.c +++ b/logd/libaudit.c | |||
@@ -160,7 +160,8 @@ int audit_setup(int fd, pid_t pid) { | |||
160 | * and the the mask set to AUDIT_STATUS_PID | 160 | * and the the mask set to AUDIT_STATUS_PID |
161 | */ | 161 | */ |
162 | status.pid = pid; | 162 | status.pid = pid; |
163 | status.mask = AUDIT_STATUS_PID; | 163 | status.mask = AUDIT_STATUS_PID | AUDIT_STATUS_RATE_LIMIT; |
164 | status.rate_limit = AUDIT_RATE_LIMIT; /* audit entries per second */ | ||
164 | 165 | ||
165 | /* Let the kernel know this pid will be registering for audit events */ | 166 | /* Let the kernel know this pid will be registering for audit events */ |
166 | rc = audit_send(fd, AUDIT_SET, &status, sizeof(status)); | 167 | rc = audit_send(fd, AUDIT_SET, &status, sizeof(status)); |
@@ -183,26 +184,6 @@ int audit_setup(int fd, pid_t pid) { | |||
183 | return 0; | 184 | return 0; |
184 | } | 185 | } |
185 | 186 | ||
186 | int audit_rate_limit(int fd, unsigned rate_limit) { | ||
187 | int rc; | ||
188 | struct audit_message rep; | ||
189 | struct audit_status status; | ||
190 | |||
191 | memset(&status, 0, sizeof(status)); | ||
192 | |||
193 | status.mask = AUDIT_STATUS_RATE_LIMIT; | ||
194 | status.rate_limit = rate_limit; /* audit entries per second */ | ||
195 | |||
196 | rc = audit_send(fd, AUDIT_SET, &status, sizeof(status)); | ||
197 | if (rc < 0) { | ||
198 | return rc; | ||
199 | } | ||
200 | |||
201 | audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0); | ||
202 | |||
203 | return 0; | ||
204 | } | ||
205 | |||
206 | int audit_open() { | 187 | int audit_open() { |
207 | return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT); | 188 | return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT); |
208 | } | 189 | } |