AUDIT: Speed up audit_filter_syscall() for the non-auditable case.

It was showing up fairly high on profiles even when no rules were set. Make sure the common path stays as fast as possible. Signed-off-by: David Woodhouse <dwmw2@infradead.org>

AUDIT: Speed up audit_filter_syscall() for the non-auditable case.
It was showing up fairly high on profiles even when no rules were set. Make sure the common path stays as fast as possible. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
c3896495 · David Woodhouse · 413a1c75 · c3896495
Commit c3896495 authored Aug 17, 2005 by David Woodhouse
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 10 deletions

kernel/auditsc.c kernel/auditsc.c +12 -10

No files found.
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -513,20 +513,23 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
 					     struct list_head *list)
 {
 	struct audit_entry *e;
-	enum audit_state   state;
+	enum audit_state state;
-	int		   word = AUDIT_WORD(ctx->major);
-	int		   bit  = AUDIT_BIT(ctx->major);
 	if (audit_pid && tsk->tgid == audit_pid)
 		return AUDIT_DISABLED;
 	rcu_read_lock();
-	list_for_each_entry_rcu(e, list, list) {
+	if (!list_empty(list)) {
-		if ((e->rule.mask[word] & bit) == bit
+		    int word = AUDIT_WORD(ctx->major);
- 		    && audit_filter_rules(tsk, &e->rule, ctx, &state)) {
+		    int bit  = AUDIT_BIT(ctx->major);
-			rcu_read_unlock();
-			return state;
+		    list_for_each_entry_rcu(e, list, list) {
-		}
+			    if ((e->rule.mask[word] & bit) == bit
+				&& audit_filter_rules(tsk, &e->rule, ctx, &state)) {
+				    rcu_read_unlock();
+				    return state;
+			    }
+		    }
 	}
 	rcu_read_unlock();
 	return AUDIT_BUILD_CONTEXT;
@@ -1023,7 +1026,6 @@ void audit_syscall_exit(struct task_struct *tsk, int valid, long return_code)
 	} else {
 		audit_free_names(context);
 		audit_free_aux(context);
-		audit_zero_context(context, context->state);
 		tsk->audit_context = context;
 	}
 out: