Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\audit.c Create Date:2022-07-28 11:22:20
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:audit_rate_check

Proto:static inline int audit_rate_check(void)

Type:int

Parameter:Nothing

313  last_check = 0
314  messages = 0
315  DEFINE_SPINLOCK(lock)
319  retval = 0
321  If Not If audit_rate_limit is non-zero, limit the rate of sending audit records* to that number per second. This prevents DoS attacks, but results in* audit records being dropped. Then Return 1
323  spin_lock_irqsave( & lock, flags)
324  If ++messages < If audit_rate_limit is non-zero, limit the rate of sending audit records* to that number per second. This prevents DoS attacks, but results in* audit records being dropped. Then
325  retval = 1
326  Else
327  now = jiffies
328  elapsed = now - last_check
329  If elapsed > HZ Then
330  last_check = now
331  messages = 0
332  retval = 1
335  spin_unlock_irqrestore( & lock, flags)
337  Return retval
Caller
NameDescribe
audit_log_startaudit_log_start - obtain an audit buffer*@ctx: audit_context (may be NULL)*@gfp_mask: type of allocation*@type: audit message type* Returns audit_buffer pointer on success or NULL on error
audit_log_endaudit_log_end - end one audit record*@ab: the audit_buffer* We can not do a netlink send inside an irq context because it blocks (last* arg, flags, is not set to MSG_DONTWAIT), so the audit buffer is placed on a* queue and a tasklet is scheduled to remove