AUDIT: Honour audit_backlog_limit again.

The limit on the number of outstanding audit messages was inadvertently
removed with the switch to queuing skbs directly for sending by a kernel
thread. Put it back again.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
David Woodhouse 2005-05-19 14:55:56 +01:00
parent 7063e6c717
commit fb19b4c6aa

View file

@ -613,6 +613,18 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, int type)
if (!audit_initialized)
return NULL;
if (audit_backlog_limit
&& skb_queue_len(&audit_skb_queue) > audit_backlog_limit) {
if (audit_rate_check())
printk(KERN_WARNING
"audit: audit_backlog=%d > "
"audit_backlog_limit=%d\n",
skb_queue_len(&audit_skb_queue),
audit_backlog_limit);
audit_log_lost("backlog limit exceeded");
return NULL;
}
ab = audit_buffer_alloc(ctx, GFP_ATOMIC, type);
if (!ab) {
audit_log_lost("out of memory in audit_log_start");