Author: rwatson
Date: Wed Jul 1 22:47:45 2009
New Revision: 195267
URL: http://svn.freebsd.org/changeset/base/195267
Log:
For access(2) and eaccess(2), audit the requested access mode.
Approved by: re (audit argument blanket)
MFC after: 3 days
Modified:
head/sys/kern/vfs_syscalls.c
head/sys/security/audit/audit_bsm.c
Modified: head/sys/kern/vfs_syscalls.c
==============================================================================
--- head/sys/kern/vfs_syscalls.c Wed Jul 1 22:45:19 2009
(r195266)
+++ head/sys/kern/vfs_syscalls.c Wed Jul 1 22:47:45 2009
(r195267)
@@ -2133,6 +2133,7 @@ kern_accessat(struct thread *td, int fd,
td->td_ucred = tmpcred;
} else
cred = tmpcred = td->td_ucred;
+ AUDIT_ARG_VALUE(mode);
NDINIT_AT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE |
AUDITVNODE1, pathseg, path, fd, td);
if ((error = namei(&nd)) != 0)
Modified: head/sys/security/audit/audit_bsm.c
==============================================================================
--- head/sys/security/audit/audit_bsm.c Wed Jul 1 22:45:19 2009
(r195266)
+++ head/sys/security/audit/audit_bsm.c Wed Jul 1 22:47:45 2009
(r195267)
@@ -706,10 +706,8 @@ kaudit_to_bsm(struct kaudit_record *kar,
}
/* FALLTHROUGH */
- case AUE_ACCESS:
case AUE_CHDIR:
case AUE_CHROOT:
- case AUE_EACCESS:
case AUE_GETATTRLIST:
case AUE_JAIL:
case AUE_LUTIMES:
@@ -732,6 +730,15 @@ kaudit_to_bsm(struct kaudit_record *kar,
UPATH1_VNODE1_TOKENS;
break;
+ case AUE_ACCESS:
+ case AUE_EACCESS:
+ UPATH1_VNODE1_TOKENS;
+ if (ARG_IS_VALID(kar, ARG_VALUE)) {
+ tok = au_to_arg32(1, "mode", ar->ar_arg_value);
+ kau_write(rec, tok);
+ }
+ break;
+
case AUE_FHSTATFS:
case AUE_FHOPEN:
case AUE_FHSTAT:
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
