Audit Kernel Events, weekly report #8
Efstratios Karatzas
gpf.kira at gmail.com
Tue Jul 27 14:30:15 UTC 2010
Last week I implemented a method for audit to keep multiple audit
records through a tree like data structure kept with each thread. The
code is in perforce and as far as I can tell, is working just fine.
This should cover most cases, although we may have to supplement this
with a method for each kernel module to keep/update its own audit
record without messing with the thread's audit record (td_ar). The
wiki page has been updated to reflect the remaining stuff in my todo
list. I would really appreciate some feedback from any Audit dev.
http://wiki.freebsd.org/SOC2010EfstratiosKaratzas
Thank you
--
Efstratios "GPF" Karatzas
More information about the soc-status
mailing list