svn commit: r195255 - head/sys/kern
Robert Watson
rwatson at FreeBSD.org
Wed Jul 1 19:55:12 UTC 2009
Author: rwatson
Date: Wed Jul 1 19:55:11 2009
New Revision: 195255
URL: http://svn.freebsd.org/changeset/base/195255
Log:
Audit file descriptor numbers for various socket-related system calls.
Approved by: re (audit argument blanket)
MFC after: 3 days
Modified:
head/sys/kern/uipc_syscalls.c
Modified: head/sys/kern/uipc_syscalls.c
==============================================================================
--- head/sys/kern/uipc_syscalls.c Wed Jul 1 19:55:07 2009 (r195254)
+++ head/sys/kern/uipc_syscalls.c Wed Jul 1 19:55:11 2009 (r195255)
@@ -217,6 +217,7 @@ kern_bind(td, fd, sa)
struct file *fp;
int error;
+ AUDIT_ARG_FD(fd);
error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
if (error)
return (error);
@@ -247,6 +248,7 @@ listen(td, uap)
struct file *fp;
int error;
+ AUDIT_ARG_FD(uap->s);
error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL);
if (error == 0) {
so = fp->f_data;
@@ -340,6 +342,7 @@ kern_accept(struct thread *td, int s, st
return (EINVAL);
}
+ AUDIT_ARG_FD(s);
fdp = td->td_proc->p_fd;
error = getsock(fdp, s, &headfp, &fflag);
if (error)
@@ -530,6 +533,7 @@ kern_connect(td, fd, sa)
int error;
int interrupted = 0;
+ AUDIT_ARG_FD(fd);
error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
if (error)
return (error);
@@ -738,6 +742,7 @@ kern_sendit(td, s, mp, flags, control, s
struct uio *ktruio = NULL;
#endif
+ AUDIT_ARG_FD(s);
error = getsock(td->td_proc->p_fd, s, &fp, NULL);
if (error)
return (error);
@@ -937,6 +942,7 @@ kern_recvit(td, s, mp, fromseg, controlp
if(controlp != NULL)
*controlp = 0;
+ AUDIT_ARG_FD(s);
error = getsock(td->td_proc->p_fd, s, &fp, NULL);
if (error)
return (error);
@@ -1252,6 +1258,7 @@ shutdown(td, uap)
struct file *fp;
int error;
+ AUDIT_ARG_FD(uap->s);
error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL);
if (error == 0) {
so = fp->f_data;
@@ -1314,6 +1321,7 @@ kern_setsockopt(td, s, level, name, val,
panic("kern_setsockopt called with bad valseg");
}
+ AUDIT_ARG_FD(s);
error = getsock(td->td_proc->p_fd, s, &fp, NULL);
if (error == 0) {
so = fp->f_data;
@@ -1394,6 +1402,7 @@ kern_getsockopt(td, s, level, name, val,
panic("kern_getsockopt called with bad valseg");
}
+ AUDIT_ARG_FD(s);
error = getsock(td->td_proc->p_fd, s, &fp, NULL);
if (error == 0) {
so = fp->f_data;
@@ -1457,6 +1466,7 @@ kern_getsockname(struct thread *td, int
if (*alen < 0)
return (EINVAL);
+ AUDIT_ARG_FD(fd);
error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
if (error)
return (error);
@@ -1556,6 +1566,7 @@ kern_getpeername(struct thread *td, int
if (*alen < 0)
return (EINVAL);
+ AUDIT_ARG_FD(fd);
error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
if (error)
return (error);
@@ -1811,6 +1822,7 @@ kern_sendfile(struct thread *td, struct
* File offset must be positive. If it goes beyond EOF
* we send only the header/trailer and no payload data.
*/
+ AUDIT_ARG_FD(uap->fd);
if ((error = fgetvp_read(td, uap->fd, &vp)) != 0)
goto out;
vfslocked = VFS_LOCK_GIANT(vp->v_mount);
@@ -2285,6 +2297,7 @@ sctp_peeloff(td, uap)
u_int fflag;
fdp = td->td_proc->p_fd;
+ AUDIT_ARG_FD(uap->sd);
error = fgetsock(td, uap->sd, &head, &fflag);
if (error)
goto done2;
@@ -2392,6 +2405,7 @@ sctp_generic_sendmsg (td, uap)
}
}
+ AUDIT_ARG_FD(uap->sd);
error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL);
if (error)
goto sctp_bad;
@@ -2493,6 +2507,7 @@ sctp_generic_sendmsg_iov(td, uap)
}
}
+ AUDIT_ARG_FD(uap->sd);
error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL);
if (error)
goto sctp_bad1;
@@ -2591,6 +2606,8 @@ sctp_generic_recvmsg(td, uap)
#ifdef KTRACE
struct uio *ktruio = NULL;
#endif
+
+ AUDIT_ARG_FD(uap->sd);
error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL);
if (error) {
return (error);
More information about the svn-src-all
mailing list