svn commit: r191270 - in head/sys: bsm conf security/audit
Robert Watson
rwatson at FreeBSD.org
Sun Apr 19 14:53:18 UTC 2009
Author: rwatson
Date: Sun Apr 19 14:53:17 2009
New Revision: 191270
URL: http://svn.freebsd.org/changeset/base/191270
Log:
Merge OpenBSM 1.1 changes to the FreeBSD 8.x kernel:
- Add and use mapping of fcntl(2) commands to new BSM constant space.
- Adopt (int) rather than (long) arguments to a number of auditon(2)
commands, as has happened in Solaris, and add compatibility code to
handle the old comments.
Note that BSM_PF_IEEE80211 is partially but not fully removed, as the
userspace OpenBSM 1.1alpha5 code still depends on it. Once userspace
is updated, I'll GCC the kernel constant.
MFC after: 2 weeks
Sponsored by: Apple, Inc.
Obtained from: TrustedBSD Project
Portions submitted by: sson
Modified:
head/sys/bsm/audit.h
head/sys/bsm/audit_kevents.h
head/sys/bsm/audit_record.h
head/sys/conf/files
head/sys/security/audit/audit.c
head/sys/security/audit/audit_bsm.c
head/sys/security/audit/audit_bsm_domain.c
head/sys/security/audit/audit_bsm_fcntl.c
head/sys/security/audit/audit_bsm_token.c
head/sys/security/audit/audit_private.h
head/sys/security/audit/audit_syscalls.c
Modified: head/sys/bsm/audit.h
==============================================================================
--- head/sys/bsm/audit.h Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/bsm/audit.h Sun Apr 19 14:53:17 2009 (r191270)
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2005 Apple Inc.
+ * Copyright (c) 2005-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,21 +26,15 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#5
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9
* $FreeBSD$
*/
-#ifndef _BSM_AUDIT_H
+#ifndef _BSM_AUDIT_H
#define _BSM_AUDIT_H
-#ifdef __APPLE__
-/* Temporary until rdar://problem/6133383 is resolved. */
-#include <sys/types.h>
#include <sys/param.h>
-#include <sys/socket.h>
-#include <sys/cdefs.h>
-#include <sys/queue.h>
-#endif /* __APPLE__ */
+#include <sys/types.h>
#define AUDIT_RECORD_MAGIC 0x828a0f1b
#define MAX_AUDIT_RECORDS 20
@@ -101,20 +95,20 @@
/*
* auditon(2) commands.
*/
-#define A_GETPOLICY 2
-#define A_SETPOLICY 3
+#define A_OLDGETPOLICY 2
+#define A_OLDSETPOLICY 3
#define A_GETKMASK 4
#define A_SETKMASK 5
-#define A_GETQCTRL 6
-#define A_SETQCTRL 7
+#define A_OLDGETQCTRL 6
+#define A_OLDSETQCTRL 7
#define A_GETCWD 8
#define A_GETCAR 9
#define A_GETSTAT 12
#define A_SETSTAT 13
#define A_SETUMASK 14
#define A_SETSMASK 15
-#define A_GETCOND 20
-#define A_SETCOND 21
+#define A_OLDGETCOND 20
+#define A_OLDSETCOND 21
#define A_GETCLASS 22
#define A_SETCLASS 23
#define A_GETPINFO 24
@@ -126,6 +120,12 @@
#define A_SETKAUDIT 30
#define A_SENDTRIGGER 31
#define A_GETSINFO_ADDR 32
+#define A_GETPOLICY 33
+#define A_SETPOLICY 34
+#define A_GETQCTRL 35
+#define A_SETQCTRL 36
+#define A_GETCOND 37
+#define A_SETCOND 38
/*
* Audit policy controls.
@@ -216,7 +216,6 @@ struct auditpinfo {
au_mask_t ap_mask; /* Audit masks. */
au_tid_t ap_termid; /* Terminal ID. */
au_asid_t ap_asid; /* Audit session ID. */
- u_int64_t ap_flags; /* Audit session flags. */
};
typedef struct auditpinfo auditpinfo_t;
@@ -226,15 +225,12 @@ struct auditpinfo_addr {
au_mask_t ap_mask; /* Audit masks. */
au_tid_addr_t ap_termid; /* Terminal ID. */
au_asid_t ap_asid; /* Audit session ID. */
+ u_int64_t ap_flags; /* Audit session flags. */
};
typedef struct auditpinfo_addr auditpinfo_addr_t;
struct au_session {
auditinfo_addr_t *as_aia_p; /* Ptr to full audit info. */
-#define as_asid as_aia_p->ai_asid
-#define as_auid as_aia_p->ai_auid
-#define as_termid as_aia_p->ai_termid
-
au_mask_t as_mask; /* Process Audit Masks. */
};
typedef struct au_session au_session_t;
@@ -245,13 +241,22 @@ typedef struct au_session au_sessi
typedef struct au_token token_t;
/*
- * Kernel audit queue control parameters.
+ * Kernel audit queue control parameters:
+ * Default: Maximum:
+ * aq_hiwater: AQ_HIWATER (100) AQ_MAXHIGH (10000)
+ * aq_lowater: AQ_LOWATER (10) <aq_hiwater
+ * aq_bufsz: AQ_BUFSZ (32767) AQ_MAXBUFSZ (1048576)
+ * aq_delay: 20 20000 (not used)
*/
struct au_qctrl {
- size_t aq_hiwater;
- size_t aq_lowater;
- size_t aq_bufsz;
- clock_t aq_delay;
+ int aq_hiwater; /* Max # of audit recs in queue when */
+ /* threads with new ARs get blocked. */
+
+ int aq_lowater; /* # of audit recs in queue when */
+ /* blocked threads get unblocked. */
+
+ int aq_bufsz; /* Max size of audit record for audit(2). */
+ int aq_delay; /* Queue delay (not used). */
int aq_minfree; /* Minimum filesystem percent free space. */
};
typedef struct au_qctrl au_qctrl_t;
@@ -308,6 +313,13 @@ int getaudit(struct auditinfo *);
int setaudit(const struct auditinfo *);
int getaudit_addr(struct auditinfo_addr *, int);
int setaudit_addr(const struct auditinfo_addr *, int);
+
+#ifdef __APPLE_API_PRIVATE
+#include <mach/port.h>
+mach_port_name_t audit_session_self(void);
+au_asid_t audit_session_join(mach_port_name_t port);
+#endif /* __APPLE_API_PRIVATE */
+
#endif /* defined(_KERNEL) || defined(KERNEL) */
__END_DECLS
Modified: head/sys/bsm/audit_kevents.h
==============================================================================
--- head/sys/bsm/audit_kevents.h Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/bsm/audit_kevents.h Sun Apr 19 14:53:17 2009 (r191270)
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2005 Apple Inc.
+ * Copyright (c) 2005-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#5
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#6
* $FreeBSD$
*/
@@ -34,6 +34,12 @@
#define _BSM_AUDIT_KEVENTS_H_
/*
+ * The reserved event numbers for kernel events are 1...2047 and 43001..44900.
+ */
+#define AUE_IS_A_KEVENT(e) (((e) > 0 && (e) < 2048) || \
+ ((e) > 43000 && (e) < 45000))
+
+/*
* Values marked as AUE_NULL are not required to be audited as per CAPP.
*
* Some conflicts exist in the assignment of name to event number mappings
@@ -589,6 +595,8 @@
#define AUE_FSGETPATH 43191 /* Darwin. */
#define AUE_PREAD 43192 /* Darwin/FreeBSD. */
#define AUE_PWRITE 43193 /* Darwin/FreeBSD. */
+#define AUE_FSCTL 43194 /* Darwin. */
+#define AUE_FFSCTL 43195 /* Darwin. */
/*
* Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
@@ -674,12 +682,10 @@
#define AUE_CSOPS AUE_NULL
#define AUE_DUP AUE_NULL
#define AUE_FDATASYNC AUE_NULL
-#define AUE_FFSCTL AUE_NULL
#define AUE_FGETATTRLIST AUE_NULL
#define AUE_FGETXATTR AUE_NULL
#define AUE_FLISTXATTR AUE_NULL
#define AUE_FREMOVEXATTR AUE_NULL
-#define AUE_FSCTL AUE_NULL
#define AUE_FSETATTRLIST AUE_NULL
#define AUE_FSETXATTR AUE_NULL
#define AUE_FSTATFS64 AUE_NULL
Modified: head/sys/bsm/audit_record.h
==============================================================================
--- head/sys/bsm/audit_record.h Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/bsm/audit_record.h Sun Apr 19 14:53:17 2009 (r191270)
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2005-2008 Apple Inc.
+ * Copyright (c) 2005-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#9
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#10
* $FreeBSD$
*/
@@ -286,10 +286,12 @@ token_t *au_to_zonename(const char *zone
*/
int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
int au_bsm_to_errno(u_char bsm_error, int *errorp);
+int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
int au_bsm_to_socket_type(u_short bsm_socket_type,
int *local_socket_typep);
u_short au_domain_to_bsm(int local_domain);
u_char au_errno_to_bsm(int local_errno);
+u_short au_fcntl_cmd_to_bsm(int local_fcntl_command);
u_short au_socket_type_to_bsm(int local_socket_type);
__END_DECLS
Modified: head/sys/conf/files
==============================================================================
--- head/sys/conf/files Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/conf/files Sun Apr 19 14:53:17 2009 (r191270)
@@ -2528,6 +2528,7 @@ security/audit/audit_arg.c optional audi
security/audit/audit_bsm.c optional audit
security/audit/audit_bsm_domain.c optional audit
security/audit/audit_bsm_errno.c optional audit
+security/audit/audit_bsm_fcntl.c optional audit
security/audit/audit_bsm_klib.c optional audit
security/audit/audit_bsm_socket_type.c optional audit
security/audit/audit_bsm_token.c optional audit
Modified: head/sys/security/audit/audit.c
==============================================================================
--- head/sys/security/audit/audit.c Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit.c Sun Apr 19 14:53:17 2009 (r191270)
@@ -129,8 +129,8 @@ struct mtx audit_mtx;
* outstanding in the system.
*/
struct kaudit_queue audit_q;
-size_t audit_q_len;
-size_t audit_pre_q_len;
+int audit_q_len;
+int audit_pre_q_len;
/*
* Audit queue control settings (minimum free, low/high water marks, etc.)
Modified: head/sys/security/audit/audit_bsm.c
==============================================================================
--- head/sys/security/audit/audit_bsm.c Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit_bsm.c Sun Apr 19 14:53:17 2009 (r191270)
@@ -287,13 +287,20 @@ audit_sys_auditon(struct audit_record *a
struct au_token *tok;
switch (ar->ar_arg_cmd) {
+ case A_OLDSETPOLICY:
+ if ((size_t)ar->ar_arg_len == sizeof(int64_t)) {
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "policy",
+ ar->ar_arg_auditon.au_policy64);
+ kau_write(rec, tok);
+ break;
+ }
+ /* FALLTHROUGH */
case A_SETPOLICY:
- if (sizeof(ar->ar_arg_auditon.au_flags) > 4)
- tok = au_to_arg64(1, "policy",
- ar->ar_arg_auditon.au_flags);
- else
- tok = au_to_arg32(1, "policy",
- ar->ar_arg_auditon.au_flags);
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
+ tok = au_to_arg32(1, "policy", ar->ar_arg_auditon.au_policy);
kau_write(rec, tok);
break;
@@ -306,20 +313,42 @@ audit_sys_auditon(struct audit_record *a
kau_write(rec, tok);
break;
+ case A_OLDSETQCTRL:
+ if ((size_t)ar->ar_arg_len == sizeof(au_qctrl64_t)) {
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "setqctrl:aq_hiwater",
+ ar->ar_arg_auditon.au_qctrl64.aq64_hiwater);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "setqctrl:aq_lowater",
+ ar->ar_arg_auditon.au_qctrl64.aq64_lowater);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "setqctrl:aq_bufsz",
+ ar->ar_arg_auditon.au_qctrl64.aq64_bufsz);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "setqctrl:aq_delay",
+ ar->ar_arg_auditon.au_qctrl64.aq64_delay);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "setqctrl:aq_minfree",
+ ar->ar_arg_auditon.au_qctrl64.aq64_minfree);
+ kau_write(rec, tok);
+ break;
+ }
+ /* FALLTHROUGH */
case A_SETQCTRL:
tok = au_to_arg32(3, "setqctrl:aq_hiwater",
ar->ar_arg_auditon.au_qctrl.aq_hiwater);
kau_write(rec, tok);
- tok = au_to_arg32(3, "setqctrl:aq_lowater",
+ tok = au_to_arg32(2, "setqctrl:aq_lowater",
ar->ar_arg_auditon.au_qctrl.aq_lowater);
kau_write(rec, tok);
- tok = au_to_arg32(3, "setqctrl:aq_bufsz",
+ tok = au_to_arg32(2, "setqctrl:aq_bufsz",
ar->ar_arg_auditon.au_qctrl.aq_bufsz);
kau_write(rec, tok);
- tok = au_to_arg32(3, "setqctrl:aq_delay",
+ tok = au_to_arg32(2, "setqctrl:aq_delay",
ar->ar_arg_auditon.au_qctrl.aq_delay);
kau_write(rec, tok);
- tok = au_to_arg32(3, "setqctrl:aq_minfree",
+ tok = au_to_arg32(2, "setqctrl:aq_minfree",
ar->ar_arg_auditon.au_qctrl.aq_minfree);
kau_write(rec, tok);
break;
@@ -334,34 +363,47 @@ audit_sys_auditon(struct audit_record *a
break;
case A_SETSMASK:
- tok = au_to_arg32(3, "setsmask:as_success",
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
+ tok = au_to_arg32(2, "setsmask:as_success",
ar->ar_arg_auditon.au_auinfo.ai_mask.am_success);
kau_write(rec, tok);
- tok = au_to_arg32(3, "setsmask:as_failure",
+ tok = au_to_arg32(2, "setsmask:as_failure",
ar->ar_arg_auditon.au_auinfo.ai_mask.am_failure);
kau_write(rec, tok);
break;
+ case A_OLDSETCOND:
+ if ((size_t)ar->ar_arg_len == sizeof(int64_t)) {
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
+ tok = au_to_arg64(2, "setcond",
+ ar->ar_arg_auditon.au_cond64);
+ kau_write(rec, tok);
+ break;
+ }
+ /* FALLTHROUGH */
case A_SETCOND:
- if (sizeof(ar->ar_arg_auditon.au_cond) > 4)
- tok = au_to_arg64(3, "setcond",
- ar->ar_arg_auditon.au_cond);
- else
- tok = au_to_arg32(3, "setcond",
- ar->ar_arg_auditon.au_cond);
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
+ tok = au_to_arg32(3, "setcond", ar->ar_arg_auditon.au_cond);
kau_write(rec, tok);
break;
case A_SETCLASS:
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
tok = au_to_arg32(2, "setclass:ec_event",
ar->ar_arg_auditon.au_evclass.ec_number);
kau_write(rec, tok);
- tok = au_to_arg32(3, "setclass:ec_class",
+ tok = au_to_arg32(2, "setclass:ec_class",
ar->ar_arg_auditon.au_evclass.ec_class);
kau_write(rec, tok);
break;
case A_SETPMASK:
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
tok = au_to_arg32(2, "setpmask:as_success",
ar->ar_arg_auditon.au_aupinfo.ap_mask.am_success);
kau_write(rec, tok);
@@ -371,6 +413,8 @@ audit_sys_auditon(struct audit_record *a
break;
case A_SETFSIZE:
+ tok = au_to_arg32(3, "length", ar->ar_arg_len);
+ kau_write(rec, tok);
tok = au_to_arg32(2, "setfsize:filesize",
ar->ar_arg_auditon.au_fstat.af_filesz);
kau_write(rec, tok);
@@ -847,12 +891,13 @@ kaudit_to_bsm(struct kaudit_record *kar,
break;
case AUE_FCNTL:
+ if (ARG_IS_VALID(kar, ARG_CMD)) {
+ tok = au_to_arg32(2, "cmd",
+ au_fcntl_cmd_to_bsm(ar->ar_arg_cmd));
+ kau_write(rec, tok);
+ }
if (ar->ar_arg_cmd == F_GETLK || ar->ar_arg_cmd == F_SETLK ||
ar->ar_arg_cmd == F_SETLKW) {
- if (ARG_IS_VALID(kar, ARG_CMD)) {
- tok = au_to_arg32(2, "cmd", ar->ar_arg_cmd);
- kau_write(rec, tok);
- }
FD_VNODE1_TOKENS;
}
break;
Modified: head/sys/security/audit/audit_bsm_domain.c
==============================================================================
--- head/sys/security/audit/audit_bsm_domain.c Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit_bsm_domain.c Sun Apr 19 14:53:17 2009 (r191270)
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#2
+ * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#3
*/
#include <sys/cdefs.h>
@@ -324,13 +324,6 @@ static const struct bsm_domain bsm_domai
PF_NO_LOCAL_MAPPING
#endif
},
- { BSM_PF_IEEE80211,
-#ifdef PF_IEEE80211
- PF_IEEE80211
-#else
- PF_NO_LOCAL_MAPPING
-#endif
- },
{ BSM_PF_AX25,
#ifdef PF_AX25
PF_AX25
Modified: head/sys/security/audit/audit_bsm_fcntl.c
==============================================================================
--- head/sys/security/audit/audit_bsm_fcntl.c Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit_bsm_fcntl.c Sun Apr 19 14:53:17 2009 (r191270)
@@ -27,16 +27,18 @@
* POSSIBILITY OF SUCH DAMAGE.
*
* P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_fcntl.c#2
- * $FreeBSD$
*/
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
#include <sys/param.h>
#include <sys/fcntl.h>
-#include <config/config.h>
+#include <security/audit/audit.h>
#include <bsm/audit_fcntl.h>
-#include <bsm/libbsm.h>
+#include <bsm/audit_record.h>
struct bsm_fcntl_cmd {
u_short bfc_bsm_fcntl_cmd;
Modified: head/sys/security/audit/audit_bsm_token.c
==============================================================================
--- head/sys/security/audit/audit_bsm_token.c Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit_bsm_token.c Sun Apr 19 14:53:17 2009 (r191270)
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90
+ * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91
*/
#include <sys/cdefs.h>
@@ -1460,7 +1460,7 @@ au_to_header32_ex(int rec_size, au_event
if (gettimeofday(&tm, NULL) == -1)
return (NULL);
- if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) {
+ if (audit_get_kaudit(&aia, sizeof(aia)) != 0) {
if (errno != ENOSYS)
return (NULL);
return (au_to_header32_tm(rec_size, e_type, e_mod, tm));
Modified: head/sys/security/audit/audit_private.h
==============================================================================
--- head/sys/security/audit/audit_private.h Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit_private.h Sun Apr 19 14:53:17 2009 (r191270)
@@ -118,18 +118,34 @@ struct socket_au_info {
u_short so_lport; /* Local port. */
};
+/*
+ * The following is used for A_OLDSETQCTRL and AU_OLDGETQCTRL and a 64-bit
+ * userland.
+ */
+struct au_qctrl64 {
+ u_int64_t aq64_hiwater;
+ u_int64_t aq64_lowater;
+ u_int64_t aq64_bufsz;
+ u_int64_t aq64_delay;
+ u_int64_t aq64_minfree;
+};
+typedef struct au_qctrl64 au_qctrl64_t;
+
union auditon_udata {
char *au_path;
- long au_cond;
- long au_flags;
- long au_policy;
+ int au_cond;
+ int au_flags;
+ int au_policy;
int au_trigger;
+ int64_t au_cond64;
+ int64_t au_policy64;
au_evclass_map_t au_evclass;
au_mask_t au_mask;
auditinfo_t au_auinfo;
auditpinfo_t au_aupinfo;
auditpinfo_addr_t au_aupinfo_addr;
au_qctrl_t au_qctrl;
+ au_qctrl64_t au_qctrl64;
au_stat_t au_stat;
au_fstat_t au_fstat;
auditinfo_addr_t au_kau_info;
@@ -275,8 +291,8 @@ extern struct mtx audit_mtx;
extern struct cv audit_watermark_cv;
extern struct cv audit_worker_cv;
extern struct kaudit_queue audit_q;
-extern size_t audit_q_len;
-extern size_t audit_pre_q_len;
+extern int audit_q_len;
+extern int audit_pre_q_len;
extern int audit_in_failure;
/*
Modified: head/sys/security/audit/audit_syscalls.c
==============================================================================
--- head/sys/security/audit/audit_syscalls.c Sun Apr 19 13:48:42 2009 (r191269)
+++ head/sys/security/audit/audit_syscalls.c Sun Apr 19 14:53:17 2009 (r191270)
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 1999-2005 Apple Inc.
+ * Copyright (c) 1999-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -187,12 +187,15 @@ auditon(struct thread *td, struct audito
*/
switch (uap->cmd) {
case A_SETPOLICY:
+ case A_OLDSETPOLICY:
case A_SETKMASK:
case A_SETQCTRL:
+ case A_OLDSETQCTRL:
case A_SETSTAT:
case A_SETUMASK:
case A_SETSMASK:
case A_SETCOND:
+ case A_OLDSETCOND:
case A_SETCLASS:
case A_SETPMASK:
case A_SETFSIZE:
@@ -212,7 +215,22 @@ auditon(struct thread *td, struct audito
* XXXAUDIT: Locking?
*/
switch (uap->cmd) {
+ case A_OLDGETPOLICY:
+ if (uap->length == sizeof(udata.au_policy64)) {
+ if (!audit_fail_stop)
+ udata.au_policy64 |= AUDIT_CNT;
+ if (audit_panic_on_write_fail)
+ udata.au_policy64 |= AUDIT_AHLT;
+ if (audit_argv)
+ udata.au_policy64 |= AUDIT_ARGV;
+ if (audit_arge)
+ udata.au_policy64 |= AUDIT_ARGE;
+ break;
+ }
+ /* FALLTHROUGH */
case A_GETPOLICY:
+ if (uap->length != sizeof(udata.au_policy))
+ return (EINVAL);
if (!audit_fail_stop)
udata.au_policy |= AUDIT_CNT;
if (audit_panic_on_write_fail)
@@ -223,7 +241,23 @@ auditon(struct thread *td, struct audito
udata.au_policy |= AUDIT_ARGE;
break;
+ case A_OLDSETPOLICY:
+ if (uap->length == sizeof(udata.au_policy64)) {
+ if (udata.au_policy & (~AUDIT_CNT|AUDIT_AHLT|
+ AUDIT_ARGV|AUDIT_ARGE))
+ return (EINVAL);
+ audit_fail_stop = ((udata.au_policy64 & AUDIT_CNT) ==
+ 0);
+ audit_panic_on_write_fail = (udata.au_policy64 &
+ AUDIT_AHLT);
+ audit_argv = (udata.au_policy64 & AUDIT_ARGV);
+ audit_arge = (udata.au_policy64 & AUDIT_ARGE);
+ break;
+ }
+ /* FALLTHROUGH */
case A_SETPOLICY:
+ if (uap->length != sizeof(udata.au_policy))
+ return (EINVAL);
if (udata.au_policy & ~(AUDIT_CNT|AUDIT_AHLT|AUDIT_ARGV|
AUDIT_ARGE))
return (EINVAL);
@@ -237,18 +271,60 @@ auditon(struct thread *td, struct audito
break;
case A_GETKMASK:
+ if (uap->length != sizeof(udata.au_mask))
+ return (EINVAL);
udata.au_mask = audit_nae_mask;
break;
case A_SETKMASK:
+ if (uap->length != sizeof(udata.au_mask))
+ return (EINVAL);
audit_nae_mask = udata.au_mask;
break;
+ case A_OLDGETQCTRL:
+ if (uap->length == sizeof(udata.au_qctrl64)) {
+ udata.au_qctrl64.aq64_hiwater =
+ (u_int64_t)audit_qctrl.aq_hiwater;
+ udata.au_qctrl64.aq64_lowater =
+ (u_int64_t)audit_qctrl.aq_lowater;
+ udata.au_qctrl64.aq64_bufsz =
+ (u_int64_t)audit_qctrl.aq_bufsz;
+ udata.au_qctrl64.aq64_minfree =
+ (u_int64_t)audit_qctrl.aq_minfree;
+ break;
+ }
+ /* FALLTHROUGH */
case A_GETQCTRL:
+ if (uap->length != sizeof(udata.au_qctrl))
+ return (EINVAL);
udata.au_qctrl = audit_qctrl;
break;
+ case A_OLDSETQCTRL:
+ if (uap->length == sizeof(udata.au_qctrl64)) {
+ if ((udata.au_qctrl64.aq64_hiwater > AQ_MAXHIGH) ||
+ (udata.au_qctrl64.aq64_lowater >=
+ udata.au_qctrl.aq_hiwater) ||
+ (udata.au_qctrl64.aq64_bufsz > AQ_MAXBUFSZ) ||
+ (udata.au_qctrl64.aq64_minfree < 0) ||
+ (udata.au_qctrl64.aq64_minfree > 100))
+ return (EINVAL);
+ audit_qctrl.aq_hiwater =
+ (int)udata.au_qctrl64.aq64_hiwater;
+ audit_qctrl.aq_lowater =
+ (int)udata.au_qctrl64.aq64_lowater;
+ audit_qctrl.aq_bufsz =
+ (int)udata.au_qctrl64.aq64_bufsz;
+ audit_qctrl.aq_minfree =
+ (int)udata.au_qctrl64.aq64_minfree;
+ audit_qctrl.aq_delay = -1; /* Not used. */
+ break;
+ }
+ /* FALLTHROUGH */
case A_SETQCTRL:
+ if (uap->length != sizeof(udata.au_qctrl))
+ return (EINVAL);
if ((udata.au_qctrl.aq_hiwater > AQ_MAXHIGH) ||
(udata.au_qctrl.aq_lowater >= udata.au_qctrl.aq_hiwater) ||
(udata.au_qctrl.aq_bufsz > AQ_MAXBUFSZ) ||
@@ -285,14 +361,40 @@ auditon(struct thread *td, struct audito
return (ENOSYS);
break;
+ case A_OLDGETCOND:
+ if (uap->length == sizeof(udata.au_cond64)) {
+ if (audit_enabled && !audit_suspended)
+ udata.au_cond64 = AUC_AUDITING;
+ else
+ udata.au_cond64 = AUC_NOAUDIT;
+ break;
+ }
+ /* FALLTHROUGH */
case A_GETCOND:
+ if (uap->length != sizeof(udata.au_cond))
+ return (EINVAL);
if (audit_enabled && !audit_suspended)
udata.au_cond = AUC_AUDITING;
else
udata.au_cond = AUC_NOAUDIT;
break;
+ case A_OLDSETCOND:
+ if (uap->length == sizeof(udata.au_cond64)) {
+ if (udata.au_cond64 == AUC_NOAUDIT)
+ audit_suspended = 1;
+ if (udata.au_cond64 == AUC_AUDITING)
+ audit_suspended = 0;
+ if (udata.au_cond64 == AUC_DISABLED) {
+ audit_suspended = 1;
+ audit_shutdown(NULL, 0);
+ }
+ break;
+ }
+ /* FALLTHROUGH */
case A_SETCOND:
+ if (uap->length != sizeof(udata.au_cond))
+ return (EINVAL);
if (udata.au_cond == AUC_NOAUDIT)
audit_suspended = 1;
if (udata.au_cond == AUC_AUDITING)
@@ -304,16 +406,22 @@ auditon(struct thread *td, struct audito
break;
case A_GETCLASS:
+ if (uap->length != sizeof(udata.au_evclass))
+ return (EINVAL);
udata.au_evclass.ec_class = au_event_class(
udata.au_evclass.ec_number);
break;
case A_SETCLASS:
+ if (uap->length != sizeof(udata.au_evclass))
+ return (EINVAL);
au_evclassmap_insert(udata.au_evclass.ec_number,
udata.au_evclass.ec_class);
break;
case A_GETPINFO:
+ if (uap->length != sizeof(udata.au_aupinfo))
+ return (EINVAL);
if (udata.au_aupinfo.ap_pid < 1)
return (ESRCH);
if ((tp = pfind(udata.au_aupinfo.ap_pid)) == NULL)
@@ -341,6 +449,8 @@ auditon(struct thread *td, struct audito
break;
case A_SETPMASK:
+ if (uap->length != sizeof(udata.au_aupinfo))
+ return (EINVAL);
if (udata.au_aupinfo.ap_pid < 1)
return (ESRCH);
newcred = crget();
@@ -365,6 +475,8 @@ auditon(struct thread *td, struct audito
break;
case A_SETFSIZE:
+ if (uap->length != sizeof(udata.au_fstat))
+ return (EINVAL);
if ((udata.au_fstat.af_filesz != 0) &&
(udata.au_fstat.af_filesz < MIN_AUDIT_FILE_SIZE))
return (EINVAL);
@@ -372,11 +484,15 @@ auditon(struct thread *td, struct audito
break;
case A_GETFSIZE:
+ if (uap->length != sizeof(udata.au_fstat))
+ return (EINVAL);
udata.au_fstat.af_filesz = audit_fstat.af_filesz;
udata.au_fstat.af_currsz = audit_fstat.af_currsz;
break;
case A_GETPINFO_ADDR:
+ if (uap->length != sizeof(udata.au_aupinfo_addr))
+ return (EINVAL);
if (udata.au_aupinfo_addr.ap_pid < 1)
return (ESRCH);
if ((tp = pfind(udata.au_aupinfo_addr.ap_pid)) == NULL)
@@ -393,10 +509,14 @@ auditon(struct thread *td, struct audito
break;
case A_GETKAUDIT:
+ if (uap->length != sizeof(udata.au_kau_info))
+ return (EINVAL);
audit_get_kinfo(&udata.au_kau_info);
break;
case A_SETKAUDIT:
+ if (uap->length != sizeof(udata.au_kau_info))
+ return (EINVAL);
if (udata.au_kau_info.ai_termid.at_type != AU_IPv4 &&
udata.au_kau_info.ai_termid.at_type != AU_IPv6)
return (EINVAL);
@@ -404,6 +524,8 @@ auditon(struct thread *td, struct audito
break;
case A_SENDTRIGGER:
+ if (uap->length != sizeof(udata.au_trigger))
+ return (EINVAL);
if ((udata.au_trigger < AUDIT_TRIGGER_MIN) ||
(udata.au_trigger > AUDIT_TRIGGER_MAX))
return (EINVAL);
@@ -418,12 +540,15 @@ auditon(struct thread *td, struct audito
*/
switch (uap->cmd) {
case A_GETPOLICY:
+ case A_OLDGETPOLICY:
case A_GETKMASK:
case A_GETQCTRL:
+ case A_OLDGETQCTRL:
case A_GETCWD:
case A_GETCAR:
case A_GETSTAT:
case A_GETCOND:
+ case A_OLDGETCOND:
case A_GETCLASS:
case A_GETPINFO:
case A_GETFSIZE:
More information about the svn-src-all
mailing list