Date: Mon, 12 Jan 2004 20:56:06 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 45247 for review Message-ID: <200401130456.i0D4u6Y7097777@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=45247 Change 45247 by rwatson@rwatson_paprika on 2004/01/12 20:55:37 Set up process audit state when creating the first process. Destroy audit state when destroying a process. When forking a process, initialize the new process and inherit state. Affected files ... .. //depot/projects/trustedbsd/audit2/sys/kern/init_main.c#2 edit .. //depot/projects/trustedbsd/audit2/sys/kern/kern_exit.c#2 edit .. //depot/projects/trustedbsd/audit2/sys/kern/kern_fork.c#2 edit Differences ... ==== //depot/projects/trustedbsd/audit2/sys/kern/init_main.c#2 (text+ko) ==== @@ -49,6 +49,7 @@ #include <sys/param.h> #include <sys/kernel.h> +#include <sys/audit.h> #include <sys/exec.h> #include <sys/file.h> #include <sys/filedesc.h> @@ -76,6 +77,8 @@ #include <machine/cpu.h> +#include <security/audit/kern_audit.h> + #include <vm/vm.h> #include <vm/vm_param.h> #include <vm/pmap.h> @@ -394,6 +397,9 @@ p->p_ucred->cr_uidinfo = uifind(0); p->p_ucred->cr_ruidinfo = uifind(0); p->p_ucred->cr_prison = NULL; /* Don't jail it. */ +#ifdef AUDIT + audit_proc_init(p); +#endif #ifdef MAC mac_create_proc0(p->p_ucred); #endif ==== //depot/projects/trustedbsd/audit2/sys/kern/kern_exit.c#2 (text+ko) ==== @@ -74,6 +74,8 @@ #include <sys/ktrace.h> #endif +#include <security/audit/kern_audit.h> + #include <vm/vm.h> #include <vm/vm_extern.h> #include <vm/vm_param.h> @@ -181,6 +183,10 @@ p->p_flag |= P_WEXIT; PROC_UNLOCK(p); +#ifdef AUDIT + audit_syscall_exit(0, p, td); +#endif + /* Are we a task leader? */ if (p == p->p_leader) { mtx_lock(&ppeers_lock); @@ -682,6 +688,9 @@ */ crfree(p->p_ucred); p->p_ucred = NULL; +#ifdef AUDIT + audit_proc_free(p); +#endif pargs_drop(p->p_args); p->p_args = NULL; sigacts_free(p->p_sigacts); ==== //depot/projects/trustedbsd/audit2/sys/kern/kern_fork.c#2 (text+ko) ==== @@ -70,6 +70,8 @@ #include <sys/jail.h> #include <sys/sx.h> +#include <security/audit/kern_audit.h> + #include <vm/vm.h> #include <vm/pmap.h> #include <vm/vm_map.h> @@ -507,6 +509,9 @@ mtx_unlock_spin(&sched_lock); p2->p_ucred = crhold(td->td_ucred); td2->td_ucred = crhold(p2->p_ucred); /* XXXKSE */ +#ifdef AUDIT + audit_proc_fork(p1, p2); +#endif pargs_hold(p2->p_args);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401130456.i0D4u6Y7097777>