PERFORCE change 6240 for review
Robert Watson
rwatson at FreeBSD.org
Tue Feb 5 14:05:51 GMT 2002
When the audit log is opened, you should cache the ucred used to open the
file. Later when you write to it, use that ucred. That way, if the file
is stored on a medium requiring an appropriate credentials for writes
(such as a network audit store), the writes will succeed. Also, once we
have MAC in place, we may gate reads and writes, and revocation may occur
on label changes of the files. Something like the following would
probably work fine...
static struct sx audit_lock;
static struct ucred *audit_cred;
static struct vnode *audit_vp;
...
error = vn_open(vp, ...);
if (error != 0)
return (errror);
...
sx_xlock(&audit_lock); /* exclusive */
save_cred = audit_cred;
audit_cred = crhold(td->td_proc->p_ucred);
save_vp = audit_vp;
audit_vp = vp;
sx_unlock(&audit_lock);
if (save_cred)
crfree(save_cred);
vn_close(save_vp);
...
Might want to check with John as to whether the crhold() should actually
happen outside of the sx_elock.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list