Date: Sat, 18 Dec 2010 17:01:34 GMT From: Efstratios Karatzas <gpf@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 187034 for review Message-ID: <201012181701.oBIH1YXU065511@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@187034?ac=10 Change 187034 by gpf@gpf_desktop on 2010/12/18 17:01:26 bugfix: some of the functions in audit_arg.c were being called directly and not through the appropriate macros that check if we are auditing atm. e.g. This caused audit_arg_auditinfo() to pagefault because of a missing audit_record in case we were not auditing naflags:ad (for the setaudit syscall). Remember that now we *do* have an kaudit_record even if we are not auditing an event because we need to keep some state. The audit_record on the other hand is allocated on demand. I also added macros for other audit_arg_* functions that were missing. Affected files ... .. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit.h#13 edit .. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_arg.c#10 edit .. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_syscalls.c#2 edit Differences ... ==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit.h#13 (text) ==== @@ -167,11 +167,26 @@ audit_arg_atfd2((atfd)); \ } while (0) +#define AUDIT_ARG_AUDITINFO(au_info) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_auditinfo((au_info)); \ +} while (0) + +#define AUDIT_ARG_AUDITINFO_ADDR(au_info) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_auditinfo_addr((au_info)); \ +} while (0) + #define AUDIT_ARG_AUDITON(udata) do { \ if (AUDITING_TD(curthread)) \ audit_arg_auditon((udata)); \ } while (0) +#define AUDIT_ARG_AUID(auid) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_auid((auid)); \ +} while (0) + #define AUDIT_ARG_CLIENTID(clientid) do { \ if (AUDITING_TD(curthread)) \ audit_arg_clientid((clientid)); \ @@ -187,6 +202,11 @@ audit_arg_cmd((cmd)); \ } while (0) +#define AUDIT_ARG_CTLNAME(name, namelen) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_ctlname((name), (namelen)); \ +} while (0) + #define AUDIT_ARG_DEV(dev) do { \ if (AUDITING_TD(curthread)) \ audit_arg_dev((dev)); \ @@ -237,6 +257,11 @@ audit_arg_groupset((gidset), (gidset_size)); \ } while (0) +#define AUDIT_ARG_LEN(len) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_len((len)); \ +} while (0) + #define AUDIT_ARG_LOCKOWNER(lockowner, size) do { \ if (AUDITING_TD(curthread)) \ audit_arg_lockowner((lockowner), (size)); \ @@ -247,6 +272,16 @@ audit_arg_locktype((locktype)); \ } while (0) +#define AUDIT_ARG_LOGIN(login) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_login((login)); \ +} while (0) + +#define AUDIT_ARG_MASK(mask) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_mask((mask)); \ +} while (0) + #define AUDIT_ARG_MODE(mode) do { \ if (AUDITING_TD(curthread)) \ audit_arg_mode((mode)); \ @@ -307,6 +342,31 @@ audit_arg_suid((suid)); \ } while (0) +#define AUDIT_ARG_SVIPC_CMD(cmd) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_svipc_cmd((cmd)); \ +} while (0) + +#define AUDIT_ARG_SVIPC_PERM(perm) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_svipc_perm((perm)); \ +} while (0) + +#define AUDIT_ARG_SVIPC_ID(id) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_svipc_id((id)); \ +} while (0) + +#define AUDIT_ARG_SVIPC_ADDR(addr) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_svipc_addr((addr)); \ +} while (0) + +#define AUDIT_ARG_SVIPC_IPC_PERM(uid, gid, mode) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_svipc_ipc_perm((uid), (gid), (mode)); \ +} while (0) + #define AUDIT_ARG_TEXT(text) do { \ if (AUDITING_TD(curthread)) \ audit_arg_text((text)); \ @@ -415,9 +475,13 @@ #define AUDIT_ARG_ARGV(argv, argc, length) #define AUDIT_ARG_ATFD1(atfd) #define AUDIT_ARG_ATFD2(atfd) +#define AUDIT_ARG_AUDITINFO(au_info) +#define AUDIT_ARG_AUDITINFO_ADDR(au_info) #define AUDIT_ARG_AUDITON(udata) +#define AUDIT_ARG_AUID(auid) #define AUDIT_ARG_CLIENTID(clientid) #define AUDIT_ARG_CLIENTNAME(clientname, size) +#define AUDIT_ARG_CTLNAME(name, namelen) #define AUDIT_ARG_CMD(cmd) #define AUDIT_ARG_DEV(dev) #define AUDIT_ARG_EGID(egid) @@ -429,8 +493,11 @@ #define AUDIT_ARG_FFLAGS(fflags) #define AUDIT_ARG_GID(gid) #define AUDIT_ARG_GROUPSET(gidset, gidset_size) +#define AUDIT_ARG_LEN(len) #define AUDIT_ARG_LOCKOWNER(lockowner, size) #define AUDIT_ARG_LOCKTYPE(locktype) +#define AUDIT_ARG_LOGIN(login) +#define AUDIT_ARG_MASK(mask) #define AUDIT_ARG_MODE(mode) #define AUDIT_ARG_OWNER(uid, gid) #define AUDIT_ARG_PID(pid) @@ -443,6 +510,11 @@ #define AUDIT_ARG_SOCKADDR_IN(sin) #define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol) #define AUDIT_ARG_SUID(suid) +#define AUDIT_ARG_SVIPC_CMD(cmd) +#define AUDIT_ARG_SVIPC_PERM(perm) +#define AUDIT_ARG_SVIPC_ID(id) +#define AUDIT_ARG_SVIPC_ADDR(addr) +#define AUDIT_ARG_SVIPC_IPC_PERM(uid, gid, mode) #define AUDIT_ARG_TEXT(text) #define AUDIT_ARG_UID(uid) #define AUDIT_ARG_UPATH1(td, upath) ==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_arg.c#10 (text) ==== @@ -52,7 +52,7 @@ /* * Calls to manipulate elements of the audit record structure from system - * call code. Macro wrappers will prevent this functions from being entered + * call code. Macro wrappers will prevent these functions from being entered * if auditing is disabled, avoiding the function call cost. We check the * thread audit record pointer anyway, as the audit condition could change, * and pre-selection may not have allocated an audit record for this event. ==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_syscalls.c#2 (text) ==== @@ -586,7 +586,7 @@ error = copyin(uap->auid, &id, sizeof(id)); if (error) return (error); - audit_arg_auid(id); + AUDIT_ARG_AUID(id); newcred = crget(); PROC_LOCK(td->td_proc); oldcred = td->td_proc->p_ucred; @@ -651,7 +651,7 @@ error = copyin(uap->auditinfo, &ai, sizeof(ai)); if (error) return (error); - audit_arg_auditinfo(&ai); + AUDIT_ARG_AUDITINFO(&ai); newcred = crget(); PROC_LOCK(td->td_proc); oldcred = td->td_proc->p_ucred; @@ -711,7 +711,7 @@ error = copyin(uap->auditinfo_addr, &aia, sizeof(aia)); if (error) return (error); - audit_arg_auditinfo_addr(&aia); + AUDIT_ARG_AUDITINFO_ADDR(&aia); if (aia.ai_termid.at_type != AU_IPv6 && aia.ai_termid.at_type != AU_IPv4) return (EINVAL);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201012181701.oBIH1YXU065511>