FreeBSD Mail Archives

Date:      Sat, 8 May 2010 16:24:18 GMT
From:      Efstratios Karatzas <gpf@FreeBSD.org>
To:        Perforce Change Reviews <perforce@FreeBSD.org>
Subject:   PERFORCE change 177957 for review
Message-ID:  <201005081624.o48GOIcf021810@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help

http://p4web.freebsd.org/@@177957?ac=10

Change 177957 by gpf@gpf_desktop on 2010/05/08 16:24:10

	* a few extra rpcs:
	null,noop,getatrr,setattr,
	lookup,access
	* auditing user creds that are 
	sent along with the rpc sounds good->todo
	procedures serviced: 17/23
	ps: i m not really auditing any information
	for null or noop

Affected files ...

.. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#5 edit
.. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#5 edit

Differences ...

==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#5 (text+ko) ====

@@ -199,6 +199,7 @@
 	caddr_t dpos = nfsd->nd_dpos;
 	struct ucred *cred = nfsd->nd_cr;
 	struct vnode *vp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	u_int32_t *tl;
@@ -219,6 +220,9 @@
 	tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
 	error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
 	    nam, &rdonly, TRUE);
+
+	AUDIT_vp = vp;
+
 	if (error) {
 		nfsm_reply(NFSX_UNSIGNED);
 		nfsm_srvpostop_attr(1, NULL);
@@ -255,6 +259,24 @@
 	if (vp)
 		vput(vp);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return(error);
 }
 
@@ -273,6 +295,7 @@
 	struct vattr va;
 	struct vattr *vap = &va;
 	struct vnode *vp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	caddr_t bpos;
@@ -286,6 +309,9 @@
 	nfsm_srvmtofh(fhp);
 	error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp, nam,
 	    &rdonly, TRUE);
+
+	AUDIT_vp = vp;
+
 	if (error) {
 		nfsm_reply(0);
 		error = 0;
@@ -308,6 +334,24 @@
 	if (vp)
 		vput(vp);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return(error);
 }
 
@@ -327,6 +371,7 @@
 	struct nfsv2_sattr *sp;
 	struct nfs_fattr *fp;
 	struct vnode *vp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	u_int32_t *tl;
@@ -395,6 +440,9 @@
 	 */
 	error = nfsrv_fhtovp(fhp, 1, &vp, &tvfslocked, nfsd, slp,
 	    nam, &rdonly, TRUE);
+
+	AUDIT_vp = vp;
+
 	vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
 	if (error) {
 		nfsm_reply(2 * NFSX_UNSIGNED);
@@ -466,6 +514,24 @@
 		vput(vp);
 	vn_finished_write(mp);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return(error);
 }
 
@@ -483,6 +549,7 @@
 	struct nfs_fattr *fp;
 	struct nameidata nd, ind, *ndp = &nd;
 	struct vnode *vp, *dirp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	caddr_t bpos;
@@ -611,6 +678,9 @@
 	 * the same potential blocking reason ) and reply.
 	 */
 	vp = ndp->ni_vp;
+	
+	AUDIT_vp = vp;
+	
 	bzero((caddr_t)fhp, sizeof(nfh));
 	fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
 	error = VOP_VPTOFH(vp, &fhp->fh_fid);
@@ -650,6 +720,24 @@
 	}
 	NDFREE(&nd, NDF_ONLY_PNBUF);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return (error);
 }
 
@@ -719,7 +807,9 @@
 	uiop->uio_td = NULL;
 	error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
 	    nam, &rdonly, TRUE);
-	link_vp = vp;	    
+
+	link_vp = vp;
+	
 	if (error) {
 		nfsm_reply(2 * NFSX_UNSIGNED);
 		if (v3)

==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#5 (text) ====

@@ -1580,8 +1580,7 @@
 		tok = au_to_arg32(0, "prev mask", ar->ar_retval);
 		kau_write(rec, tok);
 		break;
-	
-		
+			
 	case AUE_NFS_CREATE:
 	case AUE_NFS_READ:
 	case AUE_NFS_WRITE:
@@ -1590,6 +1589,10 @@
 	case AUE_NFS_READLINK:
 	case AUE_NFS_REMOVE:
 	case AUE_NFS_RMDIR:
+	case AUE_NFS_GETATTR:
+	case AUE_NFS_SETATTR:
+	case AUE_NFS_ACCESS:
+	case AUE_NFS_LOOKUP:
 		if (ARG_IS_VALID(kar, ARG_MODE)) {
 			tok = au_to_arg32(3, "mode", ar->ar_arg_mode);
 			kau_write(rec, tok);
@@ -1605,6 +1608,10 @@
 		}
 		UPATH1_VNODE1_TOKENS;
 		break;
+
+	case AUE_NFS_NOOP:
+	case AUE_NFS_NULL:
+		break;
 	
 	case AUE_NFS_LINK:
 	case AUE_NFS_RENAME:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201005081624.o48GOIcf021810>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation