audit: optimize audit_compare_dname_path

In the cases where we already know the length of the parent, pass it as a parm so we don't need to recompute it. In the cases where we don't know the length, pass in AUDIT_NAME_FULL (-1) to indicate that it should be determined. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

audit: optimize audit_compare_dname_path
In the cases where we already know the length of the parent, pass it as a parm so we don't need to recompute it. In the cases where we don't know the length, pass in AUDIT_NAME_FULL (-1) to indicate that it should be determined. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Jeff Layton · Al Viro
1 parent 29e9a3467c
Showing 4 changed files with 20 additions and 12 deletions Side-by-side Diff
kernel/audit.h
kernel/audit_watch.c
kernel/auditfilter.c
kernel/auditsc.c
@@ -74,12 +74,15 @@
 	return (ino & (AUDIT_INODE_BUCKETS-1));
 }
  
+/* Indicates that audit should log the full pathname. */
+#define AUDIT_NAME_FULL -1
+
 extern int audit_match_class(int class, unsigned syscall);
 extern int audit_comparator(const u32 left, const u32 op, const u32 right);
 extern int audit_uid_comparator(kuid_t left, u32 op, kuid_t right);
 extern int audit_gid_comparator(kgid_t left, u32 op, kgid_t right);
 extern int parent_len(const char *path);
-extern int audit_compare_dname_path(const char *dname, const char *path);
+extern int audit_compare_dname_path(const char *dname, const char *path, int plen);
 extern struct sk_buff *	    audit_make_reply(int pid, int seq, int type,
 					     int done, int multi,
 					     const void *payload, int size);
@@ -265,7 +265,8 @@
 	/* Run all of the watches on this parent looking for the one that
 	 * matches the given dname */
 	list_for_each_entry_safe(owatch, nextw, &parent->watches, wlist) {
-		if (audit_compare_dname_path(dname, owatch->path))
+		if (audit_compare_dname_path(dname, owatch->path,
+					     AUDIT_NAME_FULL))
 			continue;
  
 		/* If the update involves invalidating rules, do the inode-based
@@ -1328,11 +1328,17 @@
 	return p - path;
 }
  
-/* Compare given dentry name with last component in given path,
- * return of 0 indicates a match. */
-int audit_compare_dname_path(const char *dname, const char *path)
+/**
+ * audit_compare_dname_path - compare given dentry name with last component in
+ * 			      given path. Return of 0 indicates a match.
+ * @dname:	dentry name that we're comparing
+ * @path:	full pathname that we're comparing
+ * @parentlen:	length of the parent if known. Passing in AUDIT_NAME_FULL
+ * 		here indicates that we must compute this value.
+ */
+int audit_compare_dname_path(const char *dname, const char *path, int parentlen)
 {
-	int dlen, pathlen, parentlen;
+	int dlen, pathlen;
 	const char *p;
  
 	dlen = strlen(dname);
@@ -1340,7 +1346,7 @@
 	if (pathlen < dlen)
 		return 1;
  
-	parentlen = parent_len(path);
+	parentlen = parentlen == AUDIT_NAME_FULL ? parent_len(path) : parentlen;
 	if (pathlen - parentlen != dlen)
 		return 1;
  
@@ -81,9 +81,6 @@
  * a name dynamically and also add those to the list anchored by names_list. */
 #define AUDIT_NAMES	5
  
-/* Indicates that audit should log the full pathname. */
-#define AUDIT_NAME_FULL -1
-
 /* no execve audit message should be longer than this (userspace limits) */
 #define MAX_EXECVE_AUDIT_LEN 7500
  
@@ -2222,7 +2219,7 @@
 			continue;
  
 		if (n->ino == parent->i_ino &&
-		    !audit_compare_dname_path(dname, n->name)) {
+		    !audit_compare_dname_path(dname, n->name, n->name_len)) {
 			found_parent = n->name;
 			goto add_names;
 		}
@@ -2235,7 +2232,8 @@
  
 		/* strcmp() is the more likely scenario */
 		if (!strcmp(dname, n->name) ||
-		     !audit_compare_dname_path(dname, n->name)) {
+		    !audit_compare_dname_path(dname, n->name,
+						AUDIT_NAME_FULL)) {
 			if (inode)
 				audit_copy_inode(n, dentry, inode);
 			else
...	...	@@ -74,12 +74,15 @@
74	74	return (ino & (AUDIT_INODE_BUCKETS-1));
75	75	}
76	76
	77	+/* Indicates that audit should log the full pathname. */
	78	+#define AUDIT_NAME_FULL -1
	79	+
77	80	extern int audit_match_class(int class, unsigned syscall);
78	81	extern int audit_comparator(const u32 left, const u32 op, const u32 right);
79	82	extern int audit_uid_comparator(kuid_t left, u32 op, kuid_t right);
80	83	extern int audit_gid_comparator(kgid_t left, u32 op, kgid_t right);
81	84	extern int parent_len(const char *path);
82		-extern int audit_compare_dname_path(const char dname, const char path);
	85	+extern int audit_compare_dname_path(const char dname, const char path, int plen);
83	86	extern struct sk_buff * audit_make_reply(int pid, int seq, int type,
84	87	int done, int multi,
85	88	const void *payload, int size);
...	...	@@ -265,7 +265,8 @@
265	265	/* Run all of the watches on this parent looking for the one that
266	266	* matches the given dname */
267	267	list_for_each_entry_safe(owatch, nextw, &parent->watches, wlist) {
268		- if (audit_compare_dname_path(dname, owatch->path))
	268	+ if (audit_compare_dname_path(dname, owatch->path,
	269	+ AUDIT_NAME_FULL))
269	270	continue;
270	271
271	272	/* If the update involves invalidating rules, do the inode-based
...	...	@@ -1328,11 +1328,17 @@
1328	1328	return p - path;
1329	1329	}
1330	1330
1331		-/* Compare given dentry name with last component in given path,
1332		- * return of 0 indicates a match. */
1333		-int audit_compare_dname_path(const char dname, const char path)
	1331	+/**
	1332	+ * audit_compare_dname_path - compare given dentry name with last component in
	1333	+ * given path. Return of 0 indicates a match.
	1334	+ * @dname: dentry name that we're comparing
	1335	+ * @path: full pathname that we're comparing
	1336	+ * @parentlen: length of the parent if known. Passing in AUDIT_NAME_FULL
	1337	+ * here indicates that we must compute this value.
	1338	+ */
	1339	+int audit_compare_dname_path(const char dname, const char path, int parentlen)
1334	1340	{
1335		- int dlen, pathlen, parentlen;
	1341	+ int dlen, pathlen;
1336	1342	const char *p;
1337	1343
1338	1344	dlen = strlen(dname);
...	...	@@ -1340,7 +1346,7 @@
1340	1346	if (pathlen < dlen)
1341	1347	return 1;
1342	1348
1343		- parentlen = parent_len(path);
	1349	+ parentlen = parentlen == AUDIT_NAME_FULL ? parent_len(path) : parentlen;
1344	1350	if (pathlen - parentlen != dlen)
1345	1351	return 1;
1346	1352
...	...	@@ -81,9 +81,6 @@
81	81	* a name dynamically and also add those to the list anchored by names_list. */
82	82	#define AUDIT_NAMES 5
83	83
84		-/* Indicates that audit should log the full pathname. */
85		-#define AUDIT_NAME_FULL -1
86		-
87	84	/* no execve audit message should be longer than this (userspace limits) */
88	85	#define MAX_EXECVE_AUDIT_LEN 7500
89	86
...	...	@@ -2222,7 +2219,7 @@
2222	2219	continue;
2223	2220
2224	2221	if (n->ino == parent->i_ino &&
2225		- !audit_compare_dname_path(dname, n->name)) {
	2222	+ !audit_compare_dname_path(dname, n->name, n->name_len)) {
2226	2223	found_parent = n->name;
2227	2224	goto add_names;
2228	2225	}
...	...	@@ -2235,7 +2232,8 @@
2235	2232
2236	2233	/* strcmp() is the more likely scenario */
2237	2234	if (!strcmp(dname, n->name) \|\|
2238		- !audit_compare_dname_path(dname, n->name)) {
	2235	+ !audit_compare_dname_path(dname, n->name,
	2236	+ AUDIT_NAME_FULL)) {
2239	2237	if (inode)
2240	2238	audit_copy_inode(n, dentry, inode);
2241	2239	else