From owner-svn-src-head@freebsd.org Sun Jul 10 11:49:11 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C0934B83156; Sun, 10 Jul 2016 11:49:11 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 930DE1962; Sun, 10 Jul 2016 11:49:11 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u6ABnAOA027221; Sun, 10 Jul 2016 11:49:10 GMT (envelope-from rwatson@FreeBSD.org) Received: (from rwatson@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u6ABnAPl027220; Sun, 10 Jul 2016 11:49:10 GMT (envelope-from rwatson@FreeBSD.org) Message-Id: <201607101149.u6ABnAPl027220@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rwatson set sender to rwatson@FreeBSD.org using -f From: Robert Watson Date: Sun, 10 Jul 2016 11:49:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r302524 - head/sys/vm X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Jul 2016 11:49:11 -0000 Author: rwatson Date: Sun Jul 10 11:49:10 2016 New Revision: 302524 URL: https://svnweb.freebsd.org/changeset/base/302524 Log: When mmap(2) is used with a vnode, capture vnode attributes in the audit trail. This was not required for Common Criteria auditing (which requires only that the intent to read or write be audited at the time of open(2)), but is useful for contemporary live analysis and forensics. MFC after: 3 days Sponsored by: DARPA, AFRL Modified: head/sys/vm/vm_mmap.c Modified: head/sys/vm/vm_mmap.c ============================================================================== --- head/sys/vm/vm_mmap.c Sun Jul 10 10:53:50 2016 (r302523) +++ head/sys/vm/vm_mmap.c Sun Jul 10 11:49:10 2016 (r302524) @@ -1245,6 +1245,7 @@ vm_mmap_vnode(struct thread *td, vm_size locktype = LK_SHARED; if ((error = vget(vp, locktype, td)) != 0) return (error); + AUDIT_ARG_VNODE1(vp); foff = *foffp; flags = *flagsp; obj = vp->v_object;