svn commit: r308947 - in head/sys: kern security/audit
Robert Watson
rwatson at FreeBSD.org
Tue Nov 22 00:41:26 UTC 2016
Author: rwatson
Date: Tue Nov 22 00:41:24 2016
New Revision: 308947
URL: https://svnweb.freebsd.org/changeset/base/308947
Log:
Audit 'fd' and 'cmd' arguments to fcntl(2), and when generating BSM,
always audit the file-descriptor number and vnode information for all
fnctl(2) commands, not just locking-related ones. This was likely an
oversight in the original adaptation of this code from XNU.
MFC after: 3 days
Sponsored by: DARPA, AFRL
Modified:
head/sys/kern/kern_descrip.c
head/sys/security/audit/audit_bsm.c
Modified: head/sys/kern/kern_descrip.c
==============================================================================
--- head/sys/kern/kern_descrip.c Tue Nov 22 00:27:19 2016 (r308946)
+++ head/sys/kern/kern_descrip.c Tue Nov 22 00:41:24 2016 (r308947)
@@ -495,6 +495,8 @@ kern_fcntl(struct thread *td, int fd, in
p = td->td_proc;
fdp = p->p_fd;
+ AUDIT_ARG_FD(cmd);
+ AUDIT_ARG_CMD(cmd);
switch (cmd) {
case F_DUPFD:
tmp = arg;
Modified: head/sys/security/audit/audit_bsm.c
==============================================================================
--- head/sys/security/audit/audit_bsm.c Tue Nov 22 00:27:19 2016 (r308946)
+++ head/sys/security/audit/audit_bsm.c Tue Nov 22 00:41:24 2016 (r308947)
@@ -979,10 +979,7 @@ kaudit_to_bsm(struct kaudit_record *kar,
au_fcntl_cmd_to_bsm(ar->ar_arg_cmd));
kau_write(rec, tok);
}
- if (ar->ar_arg_cmd == F_GETLK || ar->ar_arg_cmd == F_SETLK ||
- ar->ar_arg_cmd == F_SETLKW) {
- FD_VNODE1_TOKENS;
- }
+ FD_VNODE1_TOKENS;
break;
case AUE_FCHFLAGS:
More information about the svn-src-all
mailing list