audit: ensure userspace is penalized the same as the kernel when under pressure
authorPaul Moore <paul@paul-moore.com>
Mon, 13 Dec 2021 20:45:20 +0000 (15:45 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 27 Jan 2022 09:54:16 +0000 (10:54 +0100)
commitb6f7f0ad5af5fa049dcb703db186423af9226e25
treeee5654f2a04f39490f54fbea832fd11fbd22afbf
parent5d54ed155031a4b13cd92b3deb404673d82d7504
audit: ensure userspace is penalized the same as the kernel when under pressure

[ Upstream commit 8f110f530635af44fff1f4ee100ecef0bac62510 ]

Due to the audit control mutex necessary for serializing audit
userspace messages we haven't been able to block/penalize userspace
processes that attempt to send audit records while the system is
under audit pressure.  The result is that privileged userspace
applications have a priority boost with respect to audit as they are
not bound by the same audit queue throttling as the other tasks on
the system.

This patch attempts to restore some balance to the system when under
audit pressure by blocking these privileged userspace tasks after
they have finished their audit processing, and dropped the audit
control mutex, but before they return to userspace.

Reported-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Tested-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
kernel/audit.c