cvs commit: src/sys/security/audit audit.h audit_arg.c audit_bsm.c audit_bsm_token.c audit_syscalls.c

Christian S.J. Peron csjp at FreeBSD.org
Wed Jun 27 17:01:16 UTC 2007


csjp        2007-06-27 17:01:15 UTC

  FreeBSD src repository

  Modified files:
    sys/security/audit   audit.h audit_arg.c audit_bsm.c 
                         audit_bsm_token.c audit_syscalls.c 
  Log:
  - Add audit_arg_audinfo_addr() for auditing the arguments for setaudit_addr(2)
  - In audit_bsm.c, make sure all the arguments: ARG_AUID, ARG_ASID, ARG_AMASK,
    and ARG_TERMID{_ADDR} are valid before auditing their arguments. (This is done
    for both setaudit and setaudit_addr.
  - Audit the arguments passed to setaudit_addr(2)
  - AF_INET6 does not equate to AU_IPv6. Change this in au_to_in_addr_ex() so the
    audit token is created with the correct type. This fixes the processing of the
    in_addr_ex token in users pace.
  - Change the size of the token (as generated by the kernel) from 5*4 bytes to
    4*4 bytes (the correct size of an ip6 address)
  - Correct regression from ucred work which resulted in getaudit() not returning
    E2BIG if the subject had an ip6 termid
  - Correct slight regression in getaudit(2) which resulted in the size of a pointer
    being passed instead of the size of the structure. (This resulted in invalid
    auditinfo data being returned via getaudit(2))
  
  Reviewed by:    rwatson
  Approved by:    re@ (kensmith)
  Obtained from:  TrustedBSD Project
  MFC after:      1 month
  
  Revision  Changes    Path
  1.14      +1 -0      src/sys/security/audit/audit.h
  1.15      +22 -0     src/sys/security/audit/audit_arg.c
  1.19      +35 -2     src/sys/security/audit/audit_bsm.c
  1.14      +2 -2      src/sys/security/audit/audit_bsm_token.c
  1.21      +7 -2      src/sys/security/audit/audit_syscalls.c


More information about the cvs-src mailing list