From owner-p4-projects Mon Apr 8 17: 5: 4 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id EEF8037B405; Mon, 8 Apr 2002 17:04:50 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 315B637B404 for ; Mon, 8 Apr 2002 17:04:50 -0700 (PDT) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g3904os10370 for perforce@freebsd.org; Mon, 8 Apr 2002 17:04:50 -0700 (PDT) (envelope-from arr@freebsd.org) Date: Mon, 8 Apr 2002 17:04:50 -0700 (PDT) Message-Id: <200204090004.g3904os10370@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to arr@freebsd.org using -f From: "Andrew R. Reiter" Subject: PERFORCE change 9409 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=9409 Change 9409 by arr@arr_shibby on 2002/04/08 17:04:44 - Remove sysctl tunable (this is unrealistic). - Add SYSINIT for audit_init() routine to be called at startup. For the moment we are using the same subsystem startup value as the TrustedBSD MAC code. Affected files ... ... //depot/projects/trustedbsd/audit/sys/kern/kern_audit.c#15 edit Differences ... ==== //depot/projects/trustedbsd/audit/sys/kern/kern_audit.c#15 (text+ko) ==== @@ -47,7 +47,6 @@ #include -int sysctl_handle_enable(SYSCTL_HANDLER_ARGS); void audit_write_thread(void *); static __inline audit_record_t *audit_record_alloc(vm_zone_t, u_long *); static __inline void audit_record_free(audit_record_t *, vm_zone_t, u_long *); @@ -137,14 +136,13 @@ return; bzero(ai, sizeof(*ai)); - mtx_init(&ai->ai_mtx, "audit info lock", MTX_DEF); + mtx_init(&ai->ai_mtx, "audit info lock", 0, MTX_DEF); vp = audit_write_init(audit_file, td, &cred); if (vp == NULL) panic("Unable to init audit system.\n"); - zone = zinit("AUDIT", sizeof(audit_record_t), - pool_size, 0, 4); + zone = zinit("AUDIT", sizeof(audit_record_t), pool_size, 0, 4); if (zone == NULL) panic("audit_init: unable to init audit record zone"); @@ -163,10 +161,8 @@ err = kthread_create(&audit_write_thread, ai, NULL, RFNOWAIT, "TrustedBSD audit write thread"); } +SYSINIT(tbsd_audit, SI_ORDER_ANY, SI_SUB_MAC, &audit_init, NULL); -/* - * Executed when the audit system is turned off. - */ void audit_shutdown(int what, void *arg, struct thread *td) { @@ -201,54 +197,6 @@ wakeup((caddr_t)&record_queue); } -int -sysctl_handle_enable(SYSCTL_HANDLER_ARGS) -{ - int err = 0; - unsigned int state; - audit_record_t *ar; - struct aud_sysctl_enable *ev = NULL; - struct proc *p = req->td->td_proc; - - err = SYSCTL_OUT(req, arg1, sizeof(unsigned int)); - if (err || !req->newptr) - goto enqueue; - - if (securelevel > 0) { - return(EPERM); - } - - state = audit_system_state; - err = SYSCTL_IN(req, arg1, sizeof(unsigned int)); - if (err || (audit_system_state == state)) - return(0); - - /* - * Init ainfo. - */ - if (state < audit_system_state) { - audit_init(0, &ainfo, req->td); - goto enqueue; - } else { - audit_shutdown(0, &ainfo, req->td); - return(0); - } -enqueue: - /* XXX arr: crashes on mtx_lock of ai_mtx. - ar = audit_record_init(AUD_SYSCTL_ENABLE, sizeof(*ev), &ainfo); - PROC_LOCK(p); - ar->ar_subj.as_pid = p->p_pid; - ar->ar_subj.as_euid = p->p_ucred->cr_uid; - ar->ar_subj.as_uid = p->p_ucred->cr_ruid; - ar->ar_subj.as_gid = p->p_ucred->cr_rgid; - PROC_UNLOCK(p); - ev = &ar->ar_evinfo.sysctlenable; - ev->as_val = audit_system_state; - audit_record_enqueue(ar); - */ - return(0); -} - struct vnode * audit_write_init(const char *path, struct thread *td, struct ucred **cred) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message