Date: Sun, 13 Jul 2008 23:41:26 GMT From: Vincenzo Iozzo <snagg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 145181 for review Message-ID: <200807132341.m6DNfQUK079564@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=145181 Change 145181 by snagg@snagg_macosx on 2008/07/13 23:40:36 Fixed some typos, added the ability to get a complete record with a GET on a specific pid. Change name conventions. Affected files ... .. //depot/projects/soc2008/snagg-audit/sys/security/audit/audit_ioctl.h#17 edit .. //depot/projects/soc2008/snagg-audit/sys/security/audit/audit_pipe.c#27 edit Differences ... ==== //depot/projects/soc2008/snagg-audit/sys/security/audit/audit_ioctl.h#17 (text) ==== @@ -38,11 +38,9 @@ * structures, add new revised ones to be used by new ioctls, and keep the * old structures and ioctls for backwards compatibility. */ - -struct auditpipe_ioctl_preselect_pid { - au_id_t aip_auid; - au_mask_t aip_mask; - pid_t app_pid; +struct auditpipe_ioctl_preselect_proc { + int aipp_flag; + pid_t aipp_pid; }; struct auditpipe_ioctl_preselect{ @@ -55,7 +53,7 @@ */ #define AUDITPIPE_PRESELECT_MODE_TRAIL 1 /* Global audit trail. */ #define AUDITPIPE_PRESELECT_MODE_LOCAL 2 /* Local audit trail. */ -#define AUDITPIPE_PRESELECT_MODE_PID 3 /*Pid based audit trail*/ +#define AUDITPIPE_PRESELECT_MODE_PROC 3 /* Pid based audit trail. */ /* * Ioctls to read and control the behavior of individual audit pipe devices. @@ -79,12 +77,12 @@ #define AUDITPIPE_SET_PRESELECT_MODE _IOW(AUDITPIPE_IOBASE, 15, int) #define AUDITPIPE_FLUSH _IO(AUDITPIPE_IOBASE, 16) #define AUDITPIPE_GET_MAXAUDITDATA _IOR(AUDITPIPE_IOBASE, 17, u_int) -#define AUDITPIPE_GET_PRESELECT_PID _IOR(AUDITPIPE_IOBASE, 18, \ - struct auditpipe_ioctl_preselect_pid) -#define AUDITPIPE_SET_PRESELECT_PID _IOW(AUDITPIPE_IOBASE, 19, \ - struct auditpipe_ioctl_preselect_pid) -#define AUDITPIPE_DELETE_PRESELECT_PID _IOW(AUDITPIPE_IOBASE, 20, pid_t) -#define AUDITPIPE_FLUSH_PRESELECT_PID _IO(AUDITPIPE_IOBASE, 21) +#define AUDITPIPE_GET_PRESELECT_PROC _IOWR(AUDITPIPE_IOBASE, 18, \ + struct auditpipe_ioctl_preselect_proc) +#define AUDITPIPE_SET_PRESELECT_PROC _IOW(AUDITPIPE_IOBASE, 19, \ + struct auditpipe_ioctl_preselect_proc) +#define AUDITPIPE_DELETE_PRESELECT_PROC _IOW(AUDITPIPE_IOBASE, 20, pid_t) +#define AUDITPIPE_FLUSH_PRESELECT_PROC _IO(AUDITPIPE_IOBASE, 21) /* * Ioctls to retrieve audit pipe statistics. ==== //depot/projects/soc2008/snagg-audit/sys/security/audit/audit_pipe.c#27 (text) ==== @@ -27,7 +27,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/security/audit/audit_pipe.c,v 1.16 2008/06/11 18:55:19 ed Exp $"); +__FBSDID("$FreeBSD: src/sys/security/audit/audit_pipe.c,v 1.15 2008/04/13 22:06:56 rwatson Exp $"); #include <sys/param.h> #include <sys/condvar.h> @@ -96,12 +96,11 @@ * We may want to consider a more space/time-efficient data structure once * usage patterns for per-auid specifications are clear. */ - struct audit_pipe_preselect { au_id_t app_auid; au_mask_t app_mask; pid_t app_pid; - int app_event_len; + int app_flag; TAILQ_ENTRY(audit_pipe_preselect) app_list; }; @@ -180,7 +179,7 @@ static struct cdevsw audit_pipe_cdevsw = { .d_version = D_VERSION, - .d_flags = D_PSEUDO | D_NEEDGIANT | D_NEEDMINOR, + .d_flags = D_PSEUDO | D_NEEDGIANT, .d_open = audit_pipe_open, .d_close = audit_pipe_close, .d_read = audit_pipe_read, @@ -218,24 +217,21 @@ free(ape->ape_record, M_AUDIT_PIPE_ENTRY); free(ape, M_AUDIT_PIPE_ENTRY); } - /* - * Find an audit pipe preselection specification for a pid, - * if any. + * Find an audit pipe preselection specification for a pid, if any. */ static struct audit_pipe_preselect * -audit_pipe_preselect_find_pid(struct audit_pipe *ap, pid_t app_pid) +audit_pipe_preselect_find_proc(struct audit_pipe *ap, pid_t app_pid) { struct audit_pipe_preselect *app; mtx_assert(&audit_pipe_mtx, MA_OWNED); TAILQ_FOREACH(app, &ap->ap_preselect_list, app_list) { - if(app->app_pid == app_pid) + if (app->app_pid == app_pid) return (app); } - return (NULL); } @@ -278,62 +274,65 @@ } /* - * Check if there's an entry for a given pid + * Check if there's an entry for a given pid. */ static int -audit_pipe_preselect_get_pid(struct audit_pipe *ap, pid_t pid) +audit_pipe_preselect_get_proc(struct audit_pipe *ap, pid_t pid, + struct auditpipe_ioctl_preselect_proc *aipp) { struct audit_pipe_preselect *app; int error; mtx_lock(&audit_pipe_mtx); - app = audit_pipe_preselect_find_pid(ap, pid); - if(app != NULL) + app = audit_pipe_preselect_find_proc(ap, pid); + if (app != NULL) { + aipp->aipp_pid = pid; + aipp->aipp_flag = app->app_flag; error = 0; - else + }else error = ENOENT; mtx_unlock(&audit_pipe_mtx); - return(error); + return (error); } /* * Add a new entry for a specifc event. Add a new entry if needed; * otherwise, update the current entry. */ -static void -audit_pipe_preselect_set_pid(struct audit_pipe *ap, pid_t app_pid) +static int +audit_pipe_preselect_set_proc(struct audit_pipe *ap, + struct auditpipe_ioctl_preselect_proc *aipp) { struct audit_pipe_preselect *app, *app_new; - int found; - + + if (aipp->aipp_pid < 0) + return (EINVAL); - KASSERT(app_pid >= 0, ("Pid is invalid")); - /* - * Pessimistically assume that the entry for this pid doesn't - * exist, and allocate. We will free it if it is unneeded. + * Pessimistically assume that the entry for this pid doesn't exist, + * and allocate. We will free it if it is unneeded. */ app_new = malloc(sizeof(*app_new), M_AUDIT_PIPE_PRESELECT, M_WAITOK); - mtx_lock(&audit_pipe_mtx); - + /* - * Search for the entry by its pid + * Search for the entry by its pid. */ - app = audit_pipe_preselect_find_pid(ap, app_pid); - found = (app != NULL) ? 1: 0; - if(!found) { + app = audit_pipe_preselect_find_proc(ap, aipp->aipp_pid); + if (app == NULL) { app = app_new; app_new = NULL; - app->app_pid = app_pid; + app->app_pid = aipp->aipp_pid; + app->app_flag = aipp->aipp_flag; TAILQ_INSERT_TAIL(&ap->ap_preselect_list, app, app_list); - } + } mtx_unlock(&audit_pipe_mtx); - if (app_new != NULL) { + if (app_new != NULL) free(app_new, M_AUDIT_PIPE_PRESELECT); - } + + return (0); } /* @@ -368,12 +367,12 @@ * Delete a per-pid entry on an audit pipe wiping the whole entry. */ static int -audit_pipe_preselect_delete_pid(struct audit_pipe *ap, pid_t pid) +audit_pipe_preselect_delete_proc(struct audit_pipe *ap, pid_t pid) { struct audit_pipe_preselect *app; mtx_lock(&audit_pipe_mtx); - app = audit_pipe_preselect_find_pid(ap, pid); + app = audit_pipe_preselect_find_proc(ap, pid); if (app != NULL) { TAILQ_REMOVE(&ap->ap_preselect_list, app, app_list); mtx_unlock(&audit_pipe_mtx); @@ -381,7 +380,6 @@ return (0); } else mtx_unlock(&audit_pipe_mtx); - return (ENOENT); } @@ -408,32 +406,6 @@ } /* - * Delete all per-events entry on an audit pipe. - */ -static void -audit_pipe_preselect_pid_flush_locked(struct audit_pipe *ap) -{ - struct audit_pipe_preselect *app; - - mtx_assert(&audit_pipe_mtx, MA_OWNED); - - while ((app = TAILQ_FIRST(&ap->ap_preselect_list)) != NULL) { - TAILQ_REMOVE(&ap->ap_preselect_list, app, app_list); - if (app != NULL) - free(app, M_AUDIT_PIPE_PRESELECT); - } -} - -static void -audit_pipe_preselect_pid_flush(struct audit_pipe *ap) -{ - - mtx_lock(&audit_pipe_mtx); - audit_pipe_preselect_pid_flush_locked(ap); - mtx_unlock(&audit_pipe_mtx); -} - -/* * Delete all per-auid masks on an audit pipe. */ static void @@ -493,10 +465,10 @@ } else return (au_preselect(event, class, &app->app_mask, sorf)); - - case AUDITPIPE_PRESELECT_MODE_PID: - app = audit_pipe_preselect_find_pid(ap, app_pid); - if(app != NULL) + + case AUDITPIPE_PRESELECT_MODE_PROC: + app = audit_pipe_preselect_find_proc(ap, app_pid); + if (app != NULL) return (1); else break; @@ -825,7 +797,7 @@ struct thread *td) { struct auditpipe_ioctl_preselect *aip; - struct auditpipe_ioctl_preselect_pid *aip_pid; + struct auditpipe_ioctl_preselect_proc *aip_pid; struct audit_pipe *ap; au_mask_t *maskp; int error, mode; @@ -948,18 +920,17 @@ error = audit_pipe_preselect_get(ap, aip->aip_auid, &aip->aip_mask); break; - - case AUDITPIPE_GET_PRESELECT_PID: - aip_pid = (struct auditpipe_ioctl_preselect_pid *)data; - error = audit_pipe_preselect_get_pid(ap, aip_pid->app_pid); + + case AUDITPIPE_GET_PRESELECT_PROC: + aip_pid = (struct auditpipe_ioctl_preselect_proc *)data; + error = audit_pipe_preselect_get_proc(ap, aip_pid->aipp_pid, aip_pid); break; - case AUDITPIPE_SET_PRESELECT_PID: - aip_pid = (struct auditpipe_ioctl_preselect_pid *)data; - audit_pipe_preselect_set_pid(ap, aip_pid->app_pid); - error = 0; + case AUDITPIPE_SET_PRESELECT_PROC: + aip_pid = (struct auditpipe_ioctl_preselect_proc *)data; + error = audit_pipe_preselect_set_proc(ap, aip_pid); break; - + case AUDITPIPE_SET_PRESELECT_AUID: aip = (struct auditpipe_ioctl_preselect *)data; audit_pipe_preselect_set(ap, aip->aip_auid, aip->aip_mask); @@ -971,21 +942,17 @@ error = audit_pipe_preselect_delete(ap, auid); break; - case AUDITPIPE_DELETE_PRESELECT_PID: + case AUDITPIPE_DELETE_PRESELECT_PROC: app_pid = *(pid_t *)data; - error = audit_pipe_preselect_delete_pid(ap, app_pid); + error = audit_pipe_preselect_delete_proc(ap, app_pid); break; - + case AUDITPIPE_FLUSH_PRESELECT_AUID: + case AUDITPIPE_FLUSH_PRESELECT_PROC: audit_pipe_preselect_flush(ap); error = 0; break; - case AUDITPIPE_FLUSH_PRESELECT_PID: - audit_pipe_preselect_pid_flush(ap); - error = 0; - break; - case AUDITPIPE_GET_PRESELECT_MODE: mtx_lock(&audit_pipe_mtx); *(int *)data = ap->ap_preselect_mode; @@ -998,7 +965,8 @@ switch (mode) { case AUDITPIPE_PRESELECT_MODE_TRAIL: case AUDITPIPE_PRESELECT_MODE_LOCAL: - case AUDITPIPE_PRESELECT_MODE_PID: + case AUDITPIPE_PRESELECT_MODE_PROC: + audit_pipe_preselect_flush(ap); mtx_lock(&audit_pipe_mtx); ap->ap_preselect_mode = mode; mtx_unlock(&audit_pipe_mtx);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200807132341.m6DNfQUK079564>