Date: Sun, 17 Aug 2008 03:26:56 GMT From: Diego Giagio <diego@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 147628 for review Message-ID: <200808170326.m7H3QuPu032291@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=147628 Change 147628 by diego@diego_black on 2008/08/17 03:26:41 Also forgot to submit this one. Need some coffee. Affected files ... .. //depot/projects/soc2008/diego-audit/src/sys/security/audit/audit.h#15 edit Differences ... ==== //depot/projects/soc2008/diego-audit/src/sys/security/audit/audit.h#15 (text) ==== @@ -127,30 +127,22 @@ /* * Functions for auditing packet filter events. */ -void audit_pfil_enter(unsigned short event, struct thread *td); +int audit_pfil_enter(unsigned short event, struct thread *td); void audit_pfil_exit(int error, struct thread *td); -void audit_ipfw_enable(int error); -void audit_ipfw_disable(int error); -void audit_ipfw_addrule(int set, int rulenum, int error); -void audit_ipfw_delrule(int set, int rulenum, int error); -void audit_ipfw_flush(int error); -void audit_ipfw_addtable(u_int table, int error); -void audit_ipfw_deltable(u_int table, int error); -void audit_ipfw_flushtable(u_int table, int error); +void audit_ipfw_enable(void); +void audit_ipfw_disable(void); +void audit_ipfw_addrule(int set, int rulenum); +void audit_ipfw_delrule(int set, int rulenum); +void audit_ipfw_flush(void); +void audit_ipfw_addtable(u_int table); +void audit_ipfw_deltable(u_int table); +void audit_ipfw_flushtable(u_int table); void audit_ipfw_flow4_begin(u_int32_t src, u_int16_t src_port, - u_int32_t dst, u_int16_t dst_port, int error); + u_int32_t dst, u_int16_t dst_port); struct in6_addr; void audit_ipfw_flow6_begin(struct in6_addr *src, u_int16_t src_port, - struct in6_addr *dst, u_int16_t dst_port, int error); - -void audit_pf_enable(int error); -void audit_pf_disable(int error); -void audit_pf_addrule(char *anchor, int nrules, int error); -void audit_pf_delrule(char *anchor, int error); -void audit_pf_flush(char *anchor, int nrules, int error); -void audit_pf_addtable(char *anchor, char *table, int nadd, int error); -void audit_pf_deltable(char *anchor, char *table, int ndel, int error); + struct in6_addr *dst, u_int16_t dst_port); /* * The remaining kernel functions are conditionally compiled in as they are @@ -194,7 +186,7 @@ void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info); void audit_arg_upath(struct thread *td, char *upath, u_int64_t flags); void audit_arg_vnode(struct vnode *vp, u_int64_t flags); -void audit_arg_text(char *text); +void audit_arg_text(char *text, ...); void audit_arg_cmd(int cmd); void audit_arg_svipc_cmd(int cmd); void audit_arg_svipc_perm(struct ipc_perm *perm); @@ -230,16 +222,28 @@ } \ } while (0) +#define AUDIT_PFIL_ENTER(code, td, error) do { \ + if (audit_enabled) { \ + error = audit_pfil_enter(code, td); \ + } \ +} while (0) + /* - * Wrap the audit_syscall_exit() function so that it is called only when - * auditing is enabled, or we have a audit record on the thread. It is - * possible that an audit record was begun before auditing was turned off. + * Wrap audit_syscall_exit() and audit_pfil_exit() functions so that they are + * called only when auditing is enabled, or we have a audit record on the + * thread. It it is possible that an audit record was begun before auditing + * was turned off. */ #define AUDIT_SYSCALL_EXIT(error, td) do { \ if (audit_enabled || (td->td_ar != NULL)) \ audit_syscall_exit(error, td); \ } while (0) +#define AUDIT_PFIL_EXIT(error, td) do { \ + if (audit_enabled || (td->td_ar != NULL)) \ + audit_pfil_exit(error, td); \ +} while (0) + /* * A Macro to wrap the audit_sysclose() function. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808170326.m7H3QuPu032291>