summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Vander Stoep2018-01-03 13:04:26 -0600
committerJeff Vander Stoep2018-01-03 14:52:58 -0600
commit54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2 (patch)
treec33ab1a380292d04a224dfbd35879547e91d5541 /logd/libaudit.c
parent93d344d98cd02d66c3aac8067718be828ea283f9 (diff)
downloadplatform-system-core-54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2.tar.gz
platform-system-core-54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2.tar.xz
platform-system-core-54c7a5f1e7a0b3ce3df2b69129aff3477d2275d2.zip
LogAudit: remove dynamic rate limiter
Select a low rate-limit to cut down on logspam and resulting performance regressions. Functionally reverts 247d682fe1b0dd4c8f149b7f5c89c546df17873a (logd: sepolicy dynamic rate limiting) and sets a static low rate-limit. Before 247d682f, the limit was statically set to 20. 247d682f continued to support 20, but if sustained dropped the limit to 5. This revert leaves us at 5 so as not to impact performance. Test: /data/nativetest/logd-unit-tests/logd-unit-tests \ --gtest_filter=logd.sepolicy_rate_limiter [ PASSED ] 1 test. Bug: 71538411 Change-Id: I6c92f4ba825cc24beb8f1f1b79258fa8097c837b
Diffstat (limited to 'logd/libaudit.c')
-rw-r--r--logd/libaudit.c23
1 files changed, 2 insertions, 21 deletions
diff --git a/logd/libaudit.c b/logd/libaudit.c
index dfd56f23a..9d9a85742 100644
--- a/logd/libaudit.c
+++ b/logd/libaudit.c
@@ -160,7 +160,8 @@ int audit_setup(int fd, pid_t pid) {
160 * and the the mask set to AUDIT_STATUS_PID 160 * and the the mask set to AUDIT_STATUS_PID
161 */ 161 */
162 status.pid = pid; 162 status.pid = pid;
163 status.mask = AUDIT_STATUS_PID; 163 status.mask = AUDIT_STATUS_PID | AUDIT_STATUS_RATE_LIMIT;
164 status.rate_limit = AUDIT_RATE_LIMIT; /* audit entries per second */
164 165
165 /* Let the kernel know this pid will be registering for audit events */ 166 /* Let the kernel know this pid will be registering for audit events */
166 rc = audit_send(fd, AUDIT_SET, &status, sizeof(status)); 167 rc = audit_send(fd, AUDIT_SET, &status, sizeof(status));
@@ -183,26 +184,6 @@ int audit_setup(int fd, pid_t pid) {
183 return 0; 184 return 0;
184} 185}
185 186
186int audit_rate_limit(int fd, unsigned rate_limit) {
187 int rc;
188 struct audit_message rep;
189 struct audit_status status;
190
191 memset(&status, 0, sizeof(status));
192
193 status.mask = AUDIT_STATUS_RATE_LIMIT;
194 status.rate_limit = rate_limit; /* audit entries per second */
195
196 rc = audit_send(fd, AUDIT_SET, &status, sizeof(status));
197 if (rc < 0) {
198 return rc;
199 }
200
201 audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0);
202
203 return 0;
204}
205
206int audit_open() { 187int audit_open() {
207 return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT); 188 return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT);
208} 189}