Re: [RFC][PATCH] audit: Simplify by assuming the callers socket buffer is large enough
From: David Miller
Date: Sat Mar 08 2014 - 01:35:50 EST
From: Steve Grubb <sgrubb@xxxxxxxxxx>
Date: Fri, 07 Mar 2014 22:27:28 -0500
> On Friday, March 07, 2014 07:48:01 PM David Miller wrote:
>> From: Eric Paris <eparis@xxxxxxxxxx>
>> Date: Fri, 07 Mar 2014 17:52:02 -0500
>>
>> > Audit is non-tolerant to failure and loss.
>>
>> Netlink is not a loss-less transport.
>
> Perhaps. But in all our testing over the years its been very good.
What I really meant by that was that there is flow control.
You can push as much data reliably over it as you want, but you have
to block when the socket limits are hit.
And I'd say you might as well make the creator of the event do the
blocking rather than making other threads do this.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/