Skip to content

Commit feade40

Browse files
stevegrubbstevegrubb
committed
auditd: use atomic access for log_fd
Updated log_fd to match the existing flush pattern by declaring it as ATOMIC_INT under HAVE_ATOMIC and volatile ATOMIC_INT otherwise. Replaced bare log_fd reads in initialization, shutdown, logging-state reporting, the flush thread, synchronous flush handling, space checks, rotation, and reconfigure paths with AUDIT_ATOMIC_LOAD(...). Replaced bare log_fd writes that invalidate or publish the descriptor with AUDIT_ATOMIC_STORE(...), including init/open and all suspend/exec/error handling paths requested.
1 parent 475face commit feade40

1 file changed

Lines changed: 32 additions & 28 deletions

File tree

src/auditd-event.c

Lines changed: 32 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,11 @@ static void init_flush_thread(void);
7979

8080
/* Local Data */
8181
static struct daemon_conf *config;
82-
static volatile int log_fd;
82+
#ifdef HAVE_ATOMIC
83+
static ATOMIC_INT log_fd;
84+
#else
85+
static volatile ATOMIC_INT log_fd;
86+
#endif
8387
static FILE *log_file = NULL;
8488
static unsigned int disk_err_warning = 0;
8589
static int fs_space_warning = 0;
@@ -140,7 +144,7 @@ void write_logging_state(FILE *f)
140144
fprintf(f,"logs detected last rotate/shift = %u\n", known_logs);
141145
fprintf(f, "space left on partition = %s\n",
142146
fs_space_left ? "yes" : "no");
143-
rc = fstatfs(log_fd, &buf);
147+
rc = fstatfs(AUDIT_ATOMIC_LOAD(log_fd), &buf);
144148
if (rc == 0) {
145149
fprintf(f, "Logging partition free space = %llu MiB\n",
146150
(long long unsigned)
@@ -167,8 +171,8 @@ void shutdown_events(void)
167171
pthread_cancel(flush_thread);
168172
free((void *)format_buf);
169173
auparse_destroy_ext(au, AUPARSE_DESTROY_ALL);
170-
if (log_fd >= 0)
171-
fsync(log_fd);
174+
if (AUDIT_ATOMIC_LOAD(log_fd) >= 0)
175+
fsync(AUDIT_ATOMIC_LOAD(log_fd));
172176
if (log_file)
173177
fclose(log_file);
174178
}
@@ -177,17 +181,17 @@ int init_event(struct daemon_conf *conf)
177181
{
178182
/* Store the netlink descriptor and config info away */
179183
config = conf;
180-
log_fd = -1;
184+
AUDIT_ATOMIC_STORE(log_fd, -1);
181185

182186
/* Now open the log */
183187
if (config->daemonize == D_BACKGROUND) {
184188
fix_disk_permissions();
185189
if (open_audit_log())
186190
return 1;
187-
setup_percentages(config, log_fd);
191+
setup_percentages(config, AUDIT_ATOMIC_LOAD(log_fd));
188192
} else {
189-
log_fd = 1; // stdout
190-
log_file = fdopen(log_fd, "a");
193+
AUDIT_ATOMIC_STORE(log_fd, 1); // stdout
194+
log_file = fdopen(AUDIT_ATOMIC_LOAD(log_fd), "a");
191195
if (log_file == NULL) {
192196
audit_msg(LOG_ERR,
193197
"Error setting up stdout descriptor (%s)",
@@ -255,8 +259,8 @@ static void *flush_thread_main(void *arg)
255259
AUDIT_ATOMIC_STORE(flush, 0);
256260
pthread_mutex_unlock(&flush_lock);
257261

258-
if (log_fd >= 0)
259-
fsync(log_fd);
262+
if (AUDIT_ATOMIC_LOAD(log_fd) >= 0)
263+
fsync(AUDIT_ATOMIC_LOAD(log_fd));
260264
}
261265
return NULL;
262266
}
@@ -672,8 +676,8 @@ void handle_event(struct auditd_event *e)
672676
if (config->daemonize == D_BACKGROUND) {
673677
if (config->flush == FT_INCREMENTAL) {
674678
/* EIO is only likely failure */
675-
if (log_fd >= 0 &&
676-
fsync(log_fd) != 0) {
679+
if (AUDIT_ATOMIC_LOAD(log_fd) >= 0 &&
680+
fsync(AUDIT_ATOMIC_LOAD(log_fd)) != 0) {
677681
do_disk_error_action(
678682
"fsync",
679683
errno);
@@ -803,7 +807,7 @@ static void check_log_file_size(void)
803807
if (log_file)
804808
fclose(log_file);
805809
log_file = NULL;
806-
log_fd = -1;
810+
AUDIT_ATOMIC_STORE(log_fd, -1);
807811
logging_suspended = 1;
808812
exec_child_pid =
809813
safe_exec(config->max_log_file_exe);
@@ -821,7 +825,7 @@ static void check_log_file_size(void)
821825
if (log_file)
822826
fclose(log_file);
823827
log_file = NULL;
824-
log_fd = -1;
828+
AUDIT_ATOMIC_STORE(log_fd, -1);
825829
logging_suspended = 1;
826830
break;
827831
case SZ_ROTATE:
@@ -849,10 +853,10 @@ static void check_space_left(void)
849853
int rc;
850854
struct statfs buf;
851855

852-
if (log_fd < 0)
856+
if (AUDIT_ATOMIC_LOAD(log_fd) < 0)
853857
return;
854858

855-
rc = fstatfs(log_fd, &buf);
859+
rc = fstatfs(AUDIT_ATOMIC_LOAD(log_fd), &buf);
856860
if (rc == 0) {
857861
if (buf.f_bavail < 5) {
858862
/* we won't consume the last 5 blocks */
@@ -973,7 +977,7 @@ static void do_space_left_action(int admin)
973977
if (log_file)
974978
fclose(log_file);
975979
log_file = NULL;
976-
log_fd = -1;
980+
AUDIT_ATOMIC_STORE(log_fd, -1);
977981
logging_suspended = 1;
978982
if (admin)
979983
safe_exec(config->admin_space_left_exe);
@@ -989,7 +993,7 @@ static void do_space_left_action(int admin)
989993
if (log_file)
990994
fclose(log_file);
991995
log_file = NULL;
992-
log_fd = -1;
996+
AUDIT_ATOMIC_STORE(log_fd, -1);
993997
logging_suspended = 1;
994998
break;
995999
case FA_SINGLE:
@@ -1034,7 +1038,7 @@ static void do_disk_full_action(void)
10341038
if (log_file)
10351039
fclose(log_file);
10361040
log_file = NULL;
1037-
log_fd = -1;
1041+
AUDIT_ATOMIC_STORE(log_fd, -1);
10381042
logging_suspended = 1;
10391043
safe_exec(config->disk_full_exe);
10401044
break;
@@ -1047,7 +1051,7 @@ static void do_disk_full_action(void)
10471051
if (log_file)
10481052
fclose(log_file);
10491053
log_file = NULL;
1050-
log_fd = -1;
1054+
AUDIT_ATOMIC_STORE(log_fd, -1);
10511055
logging_suspended = 1;
10521056
break;
10531057
case FA_SINGLE:
@@ -1091,7 +1095,7 @@ static void do_disk_error_action(const char *func, int err)
10911095
if (log_file)
10921096
fclose(log_file);
10931097
log_file = NULL;
1094-
log_fd = -1;
1098+
AUDIT_ATOMIC_STORE(log_fd, -1);
10951099
logging_suspended = 1;
10961100
safe_exec(config->disk_error_exe);
10971101
break;
@@ -1104,7 +1108,7 @@ static void do_disk_error_action(const char *func, int err)
11041108
if (log_file)
11051109
fclose(log_file);
11061110
log_file = NULL;
1107-
log_fd = -1;
1111+
AUDIT_ATOMIC_STORE(log_fd, -1);
11081112
logging_suspended = 1;
11091113
break;
11101114
case FA_SINGLE:
@@ -1230,19 +1234,19 @@ static void rotate_logs(unsigned int num_logs, unsigned int keep_logs)
12301234
/* Close audit file. fchmod and fchown errors are not fatal because we
12311235
* already adjusted log file permissions and ownership when opening the
12321236
* log file. */
1233-
if (log_fd >= 0) {
1234-
if (fchmod(log_fd, config->log_group ? S_IRUSR|S_IRGRP :
1237+
if (AUDIT_ATOMIC_LOAD(log_fd) >= 0) {
1238+
if (fchmod(AUDIT_ATOMIC_LOAD(log_fd), config->log_group ? S_IRUSR|S_IRGRP :
12351239
S_IRUSR) < 0){
12361240
audit_msg(LOG_WARNING, "Couldn't change permissions while "
12371241
"rotating log file (%s)", strerror(errno));
12381242
}
1239-
if (fchown(log_fd, 0, config->log_group) < 0) {
1243+
if (fchown(AUDIT_ATOMIC_LOAD(log_fd), 0, config->log_group) < 0) {
12401244
audit_msg(LOG_WARNING, "Couldn't change ownership while "
12411245
"rotating log file (%s)", strerror(errno));
12421246
}
12431247
}
12441248
if (log_file) {
1245-
log_fd = -1;
1249+
AUDIT_ATOMIC_STORE(log_fd, -1);
12461250
fclose(log_file);
12471251
log_file = NULL;
12481252
}
@@ -1443,7 +1447,7 @@ static int open_audit_log(void)
14431447
return 1;
14441448
}
14451449

1446-
log_fd = lfd;
1450+
AUDIT_ATOMIC_STORE(log_fd, lfd);
14471451
log_file = fdopen(lfd, "a");
14481452
if (log_file == NULL) {
14491453
audit_msg(LOG_CRIT, "Error setting up log descriptor (%s)",
@@ -1774,7 +1778,7 @@ static void reconfigure(struct auditd_event *e)
17741778
* having to call check_log_file_size to restore it. */
17751779
int saved_suspend = logging_suspended;
17761780

1777-
setup_percentages(oconf, log_fd);
1781+
setup_percentages(oconf, AUDIT_ATOMIC_LOAD(log_fd));
17781782
fs_space_warning = 0;
17791783
fs_admin_space_warning = 0;
17801784
fs_space_left = 1;

0 commit comments

Comments
 (0)