PERFORCE change 78654 for review

Wayne Salamon wsalamon at FreeBSD.org
Fri Jun 17 01:41:39 GMT 2005


http://perforce.freebsd.org/chv.cgi?CH=78654

Change 78654 by wsalamon at rickenbacker on 2005/06/17 01:40:59

	Update the kernel changes to auditctl(), for real this time.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#12 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#22 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#12 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#12 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#22 (text+ko) ====

@@ -1215,7 +1215,6 @@
 	struct nameidata nd;
 	struct ucred *cred;
 	struct vnode *vp;
-	union auditctl_udata udata;
 	int error = 0;
 	int flags;
 
@@ -1223,70 +1222,44 @@
 	if (error)
 		return (error);
 
-	/* Some commands don't have associated data; only copy in data if 
-	 * it is there.
-	 */
-	if (uap->data != NULL) {
-		if ((uap->length <= 0) || 
-		    (uap->length > sizeof(union auditctl_udata)))
-			return (EINVAL);
-
-		error = copyin(uap->data, (void *)&udata, uap->length);
-		if (error)
-			return error;
-	}
-
 	vp = NULL;
 	cred = NULL;
 
-	switch (uap->cmd) {
-	case AC_SETLOGFILE:
-		/*
-		 * If a path is specified, open the replacement vnode, perform
-		 * validity checks, and grab another reference to the current
-		 * credential.
-		 */
-		if (udata.ac_path == NULL)
-			return (EINVAL);
+	/*
+	 * If a path is specified, open the replacement vnode, perform
+	 * validity checks, and grab another reference to the current
+	 * credential.
+	 */
+	if (uap->path == NULL)
+		return (EINVAL);
 
-		fn = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
-		error = copyinstr(udata.ac_path, fn, MAXPATHLEN, NULL);
-		if (error != 0)
-			goto err_out;
+	fn = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+	error = copyinstr(uap->path, fn, MAXPATHLEN, NULL);
+	if (error != 0)
+		goto err_out;
 
-		mtx_lock(&Giant);
-		NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fn, td);
-		flags = audit_open_flags;
-		error = vn_open(&nd, &flags, 0, -1);
-		if (error) {
-			mtx_unlock(&Giant);
-			goto err_out;
-		}
-		VOP_UNLOCK(nd.ni_vp, 0, td);
-		vp = nd.ni_vp;
-		if (vp->v_type != VREG) {
-			vn_close(vp, audit_close_flags, 
-				    td->td_ucred, td);
-			mtx_unlock(&Giant);
-			error = EINVAL;
-			goto err_out;
-		}
-		cred = td->td_ucred;
-		crhold(cred);
-		audit_suspended = 0;
-
+	mtx_lock(&Giant);
+	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fn, td);
+	flags = audit_open_flags;
+	error = vn_open(&nd, &flags, 0, -1);
+	if (error) {
+		mtx_unlock(&Giant);
+		goto err_out;
+	}
+	VOP_UNLOCK(nd.ni_vp, 0, td);
+	vp = nd.ni_vp;
+	if (vp->v_type != VREG) {
+		vn_close(vp, audit_close_flags, td->td_ucred, td);
 		mtx_unlock(&Giant);
-		audit_rotate_vnode(cred, vp);
-		break;
+		error = EINVAL;
+		goto err_out;
+	}
+	cred = td->td_ucred;
+	crhold(cred);
+	audit_suspended = 0;
 
-	case AC_SHUTDOWN:
-		audit_shutdown();
-		break;
-
-	case AC_SENDTRIGGER:
-		error = send_trigger(udata.ac_trigger);
-		break;
-	}
+	mtx_unlock(&Giant);
+	audit_rotate_vnode(cred, vp);
 
 err_out:
 	if (fn)

==== //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#12 (text+ko) ====

@@ -1336,9 +1336,7 @@
 	char length_l_[PADL_(u_int)]; u_int length; char length_r_[PADR_(u_int)];
 };
 struct auditctl_args {
-	char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)];
-	char data_l_[PADL_(void *)]; void * data; char data_r_[PADR_(void *)];
-	char length_l_[PADL_(u_int)]; u_int length; char length_r_[PADR_(u_int)];
+	char path_l_[PADL_(char *)]; char * path; char path_r_[PADR_(char *)];
 };
 int	nosys(struct thread *, struct nosys_args *);
 void	sys_exit(struct thread *, struct sys_exit_args *);


More information about the p4-projects mailing list