From owner-p4-projects  Wed Aug  7  5:45:18 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 1623F37B401; Wed,  7 Aug 2002 05:45:02 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0349237B400
	for <perforce@freebsd.org>; Wed,  7 Aug 2002 05:45:01 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 924BE43E3B
	for <perforce@freebsd.org>; Wed,  7 Aug 2002 05:45:00 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g77Cj0JU074163
	for <perforce@freebsd.org>; Wed, 7 Aug 2002 05:45:00 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g77Cj0Nk074160
	for perforce@freebsd.org; Wed, 7 Aug 2002 05:45:00 -0700 (PDT)
Date: Wed, 7 Aug 2002 05:45:00 -0700 (PDT)
Message-Id: <200208071245.g77Cj0Nk074160@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 15637 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15637

Change 15637 by rwatson@rwatson_tislabs on 2002/08/07 05:44:19

	Teach the accounting system to cache the credential used for file
	system activity.  This permits accounting to operate with a high
	integrity credential when logging data on low-integrity processes
	(et al).  The credential will be preserved in the same manner
	as normal accounting configuration information when disk space
	runs low (etc).

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_acct.c#7 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_acct.c#7 (text+ko) ====

@@ -86,8 +86,10 @@
  * Accounting vnode pointer, saved vnode pointer, and flags for each.
  */
 static struct	vnode *acctp;
+static struct	ucred *acctcred;
 static int	acctflags;
 static struct	vnode *savacctp;
+static struct	ucred *savacctcred;
 static int	savacctflags;
 
 /*
@@ -155,8 +157,10 @@
 		callout_stop(&acctwatch_callout);
 		error = vn_close((acctp != NULLVP ? acctp : savacctp),
 		    (acctp != NULLVP ? acctflags : savacctflags),
-		    td->td_ucred, td);
+		    (acctcred != NOCRED ? acctcred : savacctcred), td);
 		acctp = savacctp = NULLVP;
+		crfree(acctcred != NOCRED ? acctcred : savacctcred);
+		acctcred = savacctcred = NOCRED;
 	}
 	if (SCARG(uap, path) == NULL)
 		goto done2;
@@ -166,6 +170,7 @@
 	 * free space watcher.
 	 */
 	acctp = nd.ni_vp;
+	acctcred = crhold(td->td_ucred);
 	acctflags = flags;
 	callout_init(&acctwatch_callout, 0);
 	acctwatch(NULL);
@@ -260,9 +265,9 @@
 	/*
 	 * Write the accounting information to the file.
 	 */
-	VOP_LEASE(vp, td, td->td_ucred, LEASE_WRITE);
+	VOP_LEASE(vp, td, acctcred, LEASE_WRITE);
 	return (vn_rdwr(UIO_WRITE, vp, (caddr_t)&acct, sizeof (acct),
-	    (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, td->td_ucred,
+	    (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, acctcred,
 	    (int *)0, td));
 }
 
@@ -320,23 +325,29 @@
 
 	if (savacctp != NULLVP) {
 		if (savacctp->v_type == VBAD) {
-			(void) vn_close(savacctp, savacctflags, NOCRED, NULL);
+			(void) vn_close(savacctp, savacctflags, savacctcred,
+			    NULL);
 			savacctp = NULLVP;
+			savacctcred = NOCRED;
 			return;
 		}
 		(void)VFS_STATFS(savacctp->v_mount, &sb, (struct thread *)0);
 		if (sb.f_bavail > acctresume * sb.f_blocks / 100) {
 			acctp = savacctp;
+			acctcred = savacctcred;
 			acctflags = savacctflags;
 			savacctp = NULLVP;
+			savacctcred = NOCRED;
 			log(LOG_NOTICE, "Accounting resumed\n");
 		}
 	} else {
 		if (acctp == NULLVP)
 			return;
 		if (acctp->v_type == VBAD) {
-			(void) vn_close(acctp, acctflags, NOCRED, NULL);
+			(void) vn_close(acctp, acctflags, acctcred, NULL);
 			acctp = NULLVP;
+			crfree(acctcred);
+			acctcred = NOCRED;
 			return;
 		}
 		(void)VFS_STATFS(acctp->v_mount, &sb, (struct thread *)0);
@@ -344,6 +355,7 @@
 			savacctp = acctp;
 			savacctflags = acctflags;
 			acctp = NULLVP;
+			acctcred = NOCRED;
 			log(LOG_NOTICE, "Accounting suspended\n");
 		}
 	}

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message