When writing audit logs to disk, we need to ensure that the IVs are allocated under a lock. We also need to ensure that when writing an audit entry to disk, the IVs are written in the right order. We currently do this by taking a lock from the start of encrypting a log line until the log has been written to disk. This can be very slow.

An alternate proposal would be to perform the encryption under lock A and add the encrypted log line to a heap, then release the lock. Later, when the file writer is free, take the file writer lock under lock B and write the first item from the heap to disk.