Author: rwatson Date: Wed Jul 1 22:47:45 2009 New Revision: 195267 URL: http://svn.freebsd.org/changeset/base/195267
Log: For access(2) and eaccess(2), audit the requested access mode. Approved by: re (audit argument blanket) MFC after: 3 days Modified: head/sys/kern/vfs_syscalls.c head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Wed Jul 1 22:45:19 2009 (r195266) +++ head/sys/kern/vfs_syscalls.c Wed Jul 1 22:47:45 2009 (r195267) @@ -2133,6 +2133,7 @@ kern_accessat(struct thread *td, int fd, td->td_ucred = tmpcred; } else cred = tmpcred = td->td_ucred; + AUDIT_ARG_VALUE(mode); NDINIT_AT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | AUDITVNODE1, pathseg, path, fd, td); if ((error = namei(&nd)) != 0) Modified: head/sys/security/audit/audit_bsm.c ============================================================================== --- head/sys/security/audit/audit_bsm.c Wed Jul 1 22:45:19 2009 (r195266) +++ head/sys/security/audit/audit_bsm.c Wed Jul 1 22:47:45 2009 (r195267) @@ -706,10 +706,8 @@ kaudit_to_bsm(struct kaudit_record *kar, } /* FALLTHROUGH */ - case AUE_ACCESS: case AUE_CHDIR: case AUE_CHROOT: - case AUE_EACCESS: case AUE_GETATTRLIST: case AUE_JAIL: case AUE_LUTIMES: @@ -732,6 +730,15 @@ kaudit_to_bsm(struct kaudit_record *kar, UPATH1_VNODE1_TOKENS; break; + case AUE_ACCESS: + case AUE_EACCESS: + UPATH1_VNODE1_TOKENS; + if (ARG_IS_VALID(kar, ARG_VALUE)) { + tok = au_to_arg32(1, "mode", ar->ar_arg_value); + kau_write(rec, tok); + } + break; + case AUE_FHSTATFS: case AUE_FHOPEN: case AUE_FHSTAT: _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"