PERFORCE change 177957 for review
Efstratios Karatzas
gpf at FreeBSD.org
Sat May 8 16:24:18 UTC 2010
http://p4web.freebsd.org/@@177957?ac=10
Change 177957 by gpf at gpf_desktop on 2010/05/08 16:24:10
* a few extra rpcs:
null,noop,getatrr,setattr,
lookup,access
* auditing user creds that are
sent along with the rpc sounds good->todo
procedures serviced: 17/23
ps: i m not really auditing any information
for null or noop
Affected files ...
.. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#5 edit
.. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#5 edit
Differences ...
==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#5 (text+ko) ====
@@ -199,6 +199,7 @@
caddr_t dpos = nfsd->nd_dpos;
struct ucred *cred = nfsd->nd_cr;
struct vnode *vp = NULL;
+ struct vnode *AUDIT_vp = NULL;
nfsfh_t nfh;
fhandle_t *fhp;
u_int32_t *tl;
@@ -219,6 +220,9 @@
tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
nam, &rdonly, TRUE);
+
+ AUDIT_vp = vp;
+
if (error) {
nfsm_reply(NFSX_UNSIGNED);
nfsm_srvpostop_attr(1, NULL);
@@ -255,6 +259,24 @@
if (vp)
vput(vp);
VFS_UNLOCK_GIANT(vfslocked);
+
+ /* XXX AUDIT */
+ if (AUDITING_TD(curthread)) {
+ if (AUDIT_vp != NULL) {
+ struct thread *td = curthread;
+ char *fullpath, *freepath;
+
+ AUDIT_ARG_VNODE1(AUDIT_vp);
+
+ freepath = NULL;
+ vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+ if (freepath != NULL) {
+ AUDIT_ARG_UPATH1(td, fullpath);
+ free(freepath, M_TEMP);
+ }
+ }
+ }
+
return(error);
}
@@ -273,6 +295,7 @@
struct vattr va;
struct vattr *vap = &va;
struct vnode *vp = NULL;
+ struct vnode *AUDIT_vp = NULL;
nfsfh_t nfh;
fhandle_t *fhp;
caddr_t bpos;
@@ -286,6 +309,9 @@
nfsm_srvmtofh(fhp);
error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp, nam,
&rdonly, TRUE);
+
+ AUDIT_vp = vp;
+
if (error) {
nfsm_reply(0);
error = 0;
@@ -308,6 +334,24 @@
if (vp)
vput(vp);
VFS_UNLOCK_GIANT(vfslocked);
+
+ /* XXX AUDIT */
+ if (AUDITING_TD(curthread)) {
+ if (AUDIT_vp != NULL) {
+ struct thread *td = curthread;
+ char *fullpath, *freepath;
+
+ AUDIT_ARG_VNODE1(AUDIT_vp);
+
+ freepath = NULL;
+ vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+ if (freepath != NULL) {
+ AUDIT_ARG_UPATH1(td, fullpath);
+ free(freepath, M_TEMP);
+ }
+ }
+ }
+
return(error);
}
@@ -327,6 +371,7 @@
struct nfsv2_sattr *sp;
struct nfs_fattr *fp;
struct vnode *vp = NULL;
+ struct vnode *AUDIT_vp = NULL;
nfsfh_t nfh;
fhandle_t *fhp;
u_int32_t *tl;
@@ -395,6 +440,9 @@
*/
error = nfsrv_fhtovp(fhp, 1, &vp, &tvfslocked, nfsd, slp,
nam, &rdonly, TRUE);
+
+ AUDIT_vp = vp;
+
vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
if (error) {
nfsm_reply(2 * NFSX_UNSIGNED);
@@ -466,6 +514,24 @@
vput(vp);
vn_finished_write(mp);
VFS_UNLOCK_GIANT(vfslocked);
+
+ /* XXX AUDIT */
+ if (AUDITING_TD(curthread)) {
+ if (AUDIT_vp != NULL) {
+ struct thread *td = curthread;
+ char *fullpath, *freepath;
+
+ AUDIT_ARG_VNODE1(AUDIT_vp);
+
+ freepath = NULL;
+ vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+ if (freepath != NULL) {
+ AUDIT_ARG_UPATH1(td, fullpath);
+ free(freepath, M_TEMP);
+ }
+ }
+ }
+
return(error);
}
@@ -483,6 +549,7 @@
struct nfs_fattr *fp;
struct nameidata nd, ind, *ndp = &nd;
struct vnode *vp, *dirp = NULL;
+ struct vnode *AUDIT_vp = NULL;
nfsfh_t nfh;
fhandle_t *fhp;
caddr_t bpos;
@@ -611,6 +678,9 @@
* the same potential blocking reason ) and reply.
*/
vp = ndp->ni_vp;
+
+ AUDIT_vp = vp;
+
bzero((caddr_t)fhp, sizeof(nfh));
fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
error = VOP_VPTOFH(vp, &fhp->fh_fid);
@@ -650,6 +720,24 @@
}
NDFREE(&nd, NDF_ONLY_PNBUF);
VFS_UNLOCK_GIANT(vfslocked);
+
+ /* XXX AUDIT */
+ if (AUDITING_TD(curthread)) {
+ if (AUDIT_vp != NULL) {
+ struct thread *td = curthread;
+ char *fullpath, *freepath;
+
+ AUDIT_ARG_VNODE1(AUDIT_vp);
+
+ freepath = NULL;
+ vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+ if (freepath != NULL) {
+ AUDIT_ARG_UPATH1(td, fullpath);
+ free(freepath, M_TEMP);
+ }
+ }
+ }
+
return (error);
}
@@ -719,7 +807,9 @@
uiop->uio_td = NULL;
error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
nam, &rdonly, TRUE);
- link_vp = vp;
+
+ link_vp = vp;
+
if (error) {
nfsm_reply(2 * NFSX_UNSIGNED);
if (v3)
==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#5 (text) ====
@@ -1580,8 +1580,7 @@
tok = au_to_arg32(0, "prev mask", ar->ar_retval);
kau_write(rec, tok);
break;
-
-
+
case AUE_NFS_CREATE:
case AUE_NFS_READ:
case AUE_NFS_WRITE:
@@ -1590,6 +1589,10 @@
case AUE_NFS_READLINK:
case AUE_NFS_REMOVE:
case AUE_NFS_RMDIR:
+ case AUE_NFS_GETATTR:
+ case AUE_NFS_SETATTR:
+ case AUE_NFS_ACCESS:
+ case AUE_NFS_LOOKUP:
if (ARG_IS_VALID(kar, ARG_MODE)) {
tok = au_to_arg32(3, "mode", ar->ar_arg_mode);
kau_write(rec, tok);
@@ -1605,6 +1608,10 @@
}
UPATH1_VNODE1_TOKENS;
break;
+
+ case AUE_NFS_NOOP:
+ case AUE_NFS_NULL:
+ break;
case AUE_NFS_LINK:
case AUE_NFS_RENAME:
More information about the p4-projects
mailing list