PERFORCE change 122002 for review
Christian S.J. Peron
csjp at FreeBSD.org
Wed Jun 20 01:15:45 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=122002
Change 122002 by csjp at push on 2007/06/20 01:15:41
- Add audit_arg_audinfo_addr() for auditing the arguments for setaudit_addr(2)
- In audit_bsm.c, make sure all the arguments: ARG_AUID, ARG_ASID, ARG_AMASK,
and ARG_TERMID{_ADDR} are valid before auditing their arguments. (This is done
for both setaudit and setaudit_addr.
- Audit the arguments passed to setaudit_addr(2)
- AF_INET6 does not equate to AU_IPv6. Change this in au_to_in_addr_ex() so the
audit token is created with the correct type. This fixes the processing of the
in_addr_ex token in userspace.
- Change the size of the token (as generated by the kernel) from 5*4 bytes to
4*4 bytes (the correct size of an ip6 address)
- Correct regression from ucred work which resulted in getaudit() not returning
E2BIG if the subject had an ip6 termid
- Correct slight regression in getaudit(2) which resulted in the size of a pointer
being passed instead of the size of the structure. (This resulted in invalid
auditinfo data being returned via getaudit(2))
Affected files ...
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit.h#27 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_arg.c#33 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#29 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm_token.c#35 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#44 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit.h#27 (text+ko) ====
@@ -158,6 +158,7 @@
void audit_arg_sockaddr(struct thread *td, struct sockaddr *sa);
void audit_arg_auid(uid_t auid);
void audit_arg_auditinfo(struct auditinfo *au_info);
+void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info);
void audit_arg_upath(struct thread *td, char *upath, u_int64_t flags);
void audit_arg_vnode(struct vnode *vp, u_int64_t flags);
void audit_arg_text(char *text);
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_arg.c#33 (text+ko) ====
@@ -467,6 +467,28 @@
}
void
+audit_arg_auditinfo_addr(struct auditinfo_addr *au_info)
+{
+ struct kaudit_record *ar;
+
+ ar = currecord();
+ if (ar == NULL)
+ return;
+
+ ar->k_ar.ar_arg_auid = au_info->ai_auid;
+ ar->k_ar.ar_arg_asid = au_info->ai_asid;
+ ar->k_ar.ar_arg_amask.am_success = au_info->ai_mask.am_success;
+ ar->k_ar.ar_arg_amask.am_failure = au_info->ai_mask.am_failure;
+ ar->k_ar.ar_arg_termid_addr.at_type = au_info->ai_termid.at_type;
+ ar->k_ar.ar_arg_termid_addr.at_port = au_info->ai_termid.at_port;
+ ar->k_ar.ar_arg_termid_addr.at_addr[0] = au_info->ai_termid.at_addr[0];
+ ar->k_ar.ar_arg_termid_addr.at_addr[1] = au_info->ai_termid.at_addr[1];
+ ar->k_ar.ar_arg_termid_addr.at_addr[2] = au_info->ai_termid.at_addr[2];
+ ar->k_ar.ar_arg_termid_addr.at_addr[3] = au_info->ai_termid.at_addr[3];
+ ARG_SET_VALID(ar, ARG_AUID | ARG_ASID | ARG_AMASK | ARG_TERMID_ADDR);
+}
+
+void
audit_arg_text(char *text)
{
struct kaudit_record *ar;
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#29 (text+ko) ====
@@ -512,7 +512,10 @@
break;
case AUE_SETAUDIT:
- if (ARG_IS_VALID(kar, ARG_AUID)) {
+ if (ARG_IS_VALID(kar, ARG_AUID) &&
+ ARG_IS_VALID(kar, ARG_ASID) &&
+ ARG_IS_VALID(kar, ARG_AMASK) &&
+ ARG_IS_VALID(kar, ARG_TERMID)) {
tok = au_to_arg32(1, "setaudit:auid",
ar->ar_arg_auid);
kau_write(rec, tok);
@@ -535,7 +538,37 @@
break;
case AUE_SETAUDIT_ADDR:
- break; /* XXX need to add arguments */
+ if (ARG_IS_VALID(kar, ARG_AUID) &&
+ ARG_IS_VALID(kar, ARG_ASID) &&
+ ARG_IS_VALID(kar, ARG_AMASK) &&
+ ARG_IS_VALID(kar, ARG_TERMID_ADDR)) {
+ tok = au_to_arg32(1, "setaudit_addr:auid",
+ ar->ar_arg_auid);
+ kau_write(rec, tok);
+ tok = au_to_arg32(1, "setaudit_addr:as_success",
+ ar->ar_arg_amask.am_success);
+ kau_write(rec, tok);
+ tok = au_to_arg32(1, "setaudit_addr:as_failure",
+ ar->ar_arg_amask.am_failure);
+ kau_write(rec, tok);
+ tok = au_to_arg32(1, "setaudit_addr:asid",
+ ar->ar_arg_asid);
+ kau_write(rec, tok);
+ tok = au_to_arg32(1, "setaudit_addr:type",
+ ar->ar_arg_termid_addr.at_type);
+ kau_write(rec, tok);
+ tok = au_to_arg32(1, "setaudit_addr:port",
+ ar->ar_arg_termid_addr.at_port);
+ kau_write(rec, tok);
+ if (ar->ar_arg_termid_addr.at_type == AU_IPv6)
+ tok = au_to_in_addr_ex((struct in6_addr *)
+ &ar->ar_arg_termid_addr.at_addr[0]);
+ if (ar->ar_arg_termid_addr.at_type == AU_IPv4)
+ tok = au_to_in_addr((struct in_addr *)
+ &ar->ar_arg_termid_addr.at_addr[0]);
+ kau_write(rec, tok);
+ }
+ break;
case AUE_AUDITON:
/*
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm_token.c#35 (text+ko) ====
@@ -358,13 +358,13 @@
{
token_t *t;
u_char *dptr = NULL;
- u_int32_t type = AF_INET6;
+ u_int32_t type = AU_IPv6;
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(uint32_t));
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
ADD_U_INT32(dptr, type);
- ADD_MEM(dptr, internet_addr, 5 * sizeof(uint32_t));
+ ADD_MEM(dptr, internet_addr, 4 * sizeof(uint32_t));
return (t);
}
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#44 (text+ko) ====
@@ -514,13 +514,15 @@
error = priv_check(td, PRIV_AUDIT_GETAUDIT);
if (error)
return (error);
+ if (td->td_ucred->cr_audit.ai_termid.at_type == AU_IPv6)
+ return (E2BIG);
bzero(&ai, sizeof(ai));
ai.ai_auid = td->td_ucred->cr_audit.ai_auid;
ai.ai_mask = td->td_ucred->cr_audit.ai_mask;
ai.ai_asid = td->td_ucred->cr_audit.ai_asid;
ai.ai_termid.machine = td->td_ucred->cr_audit.ai_termid.at_addr[0];
ai.ai_termid.port = td->td_ucred->cr_audit.ai_termid.at_port;
- return (copyout(&ai, uap->auditinfo, sizeof(&ai)));
+ return (copyout(&ai, uap->auditinfo, sizeof(ai)));
}
/* ARGSUSED */
@@ -596,7 +598,10 @@
error = copyin(uap->auditinfo_addr, &aia, sizeof(aia));
if (error)
return (error);
- /* XXXRW: Audit argument. */
+ audit_arg_auditinfo_addr(&aia);
+ if (aia.ai_termid.at_type != AU_IPv6 &&
+ aia.ai_termid.at_type != AU_IPv4)
+ return (EINVAL);
newcred = crget();
PROC_LOCK(td->td_proc);
oldcred = td->td_proc->p_ucred;
More information about the p4-projects
mailing list