This repository has been archived by the owner on Nov 8, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
logd: sepolicy dynamic rate limiting
Processing overhead for selinux violation messages is costly. We want to deal with bursts of violations, but we have no intent of allowing that sustained burst to go unabated as there is a cost of processing and battery usage. Tunables in libaudit.h are: AUDIT_RATE_LIMIT_DEFAULT 20 /* acceptable burst rate */ AUDIT_RATE_LIMIT_BURST_DURATION 10 /* number of seconds of burst */ AUDIT_RATE_LIMIT_MAX 5 /* acceptable sustained rate */ Since we can only asymptotically handle DEFAULT rate, we set an upper threshold of half way between the MAX and DEFAULT rate. Default kernel audit subsystem message rate is set to 20 a second. If sepolicy exceeds 125 violation messages over up to ten seconds (>=~12/s), tell kernel audit subsystem to drop the rate to 5 messages a second. If rate drops below 50 messages over the past ten seconds (<5/s), tell kernel it is ok to increase the burst rate back to 20 messages a second. Test: gTest logd-unit-tests --gtest_filter=logd.sepolicy_rate_limiter_* Bug: 27878170 Change-Id: I843f8dcfbb3ecfbbe94a4865ea332c858e3be7f2
- Loading branch information
Mark Salyzyn
committed
Jan 4, 2017
1 parent
fe05f1c
commit 247d682
Showing
6 changed files
with
266 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.