Date: Mon, 8 Apr 2002 17:04:50 -0700 (PDT) From: "Andrew R. Reiter" <arr@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 9409 for review Message-ID: <200204090004.g3904os10370@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=9409 Change 9409 by arr@arr_shibby on 2002/04/08 17:04:44 - Remove sysctl tunable (this is unrealistic). - Add SYSINIT for audit_init() routine to be called at startup. For the moment we are using the same subsystem startup value as the TrustedBSD MAC code. Affected files ... ... //depot/projects/trustedbsd/audit/sys/kern/kern_audit.c#15 edit Differences ... ==== //depot/projects/trustedbsd/audit/sys/kern/kern_audit.c#15 (text+ko) ==== @@ -47,7 +47,6 @@ #include <vm/vm_zone.h> -int sysctl_handle_enable(SYSCTL_HANDLER_ARGS); void audit_write_thread(void *); static __inline audit_record_t *audit_record_alloc(vm_zone_t, u_long *); static __inline void audit_record_free(audit_record_t *, vm_zone_t, u_long *); @@ -137,14 +136,13 @@ return; bzero(ai, sizeof(*ai)); - mtx_init(&ai->ai_mtx, "audit info lock", MTX_DEF); + mtx_init(&ai->ai_mtx, "audit info lock", 0, MTX_DEF); vp = audit_write_init(audit_file, td, &cred); if (vp == NULL) panic("Unable to init audit system.\n"); - zone = zinit("AUDIT", sizeof(audit_record_t), - pool_size, 0, 4); + zone = zinit("AUDIT", sizeof(audit_record_t), pool_size, 0, 4); if (zone == NULL) panic("audit_init: unable to init audit record zone"); @@ -163,10 +161,8 @@ err = kthread_create(&audit_write_thread, ai, NULL, RFNOWAIT, "TrustedBSD audit write thread"); } +SYSINIT(tbsd_audit, SI_ORDER_ANY, SI_SUB_MAC, &audit_init, NULL); -/* - * Executed when the audit system is turned off. - */ void audit_shutdown(int what, void *arg, struct thread *td) { @@ -201,54 +197,6 @@ wakeup((caddr_t)&record_queue); } -int -sysctl_handle_enable(SYSCTL_HANDLER_ARGS) -{ - int err = 0; - unsigned int state; - audit_record_t *ar; - struct aud_sysctl_enable *ev = NULL; - struct proc *p = req->td->td_proc; - - err = SYSCTL_OUT(req, arg1, sizeof(unsigned int)); - if (err || !req->newptr) - goto enqueue; - - if (securelevel > 0) { - return(EPERM); - } - - state = audit_system_state; - err = SYSCTL_IN(req, arg1, sizeof(unsigned int)); - if (err || (audit_system_state == state)) - return(0); - - /* - * Init ainfo. - */ - if (state < audit_system_state) { - audit_init(0, &ainfo, req->td); - goto enqueue; - } else { - audit_shutdown(0, &ainfo, req->td); - return(0); - } -enqueue: - /* XXX arr: crashes on mtx_lock of ai_mtx. - ar = audit_record_init(AUD_SYSCTL_ENABLE, sizeof(*ev), &ainfo); - PROC_LOCK(p); - ar->ar_subj.as_pid = p->p_pid; - ar->ar_subj.as_euid = p->p_ucred->cr_uid; - ar->ar_subj.as_uid = p->p_ucred->cr_ruid; - ar->ar_subj.as_gid = p->p_ucred->cr_rgid; - PROC_UNLOCK(p); - ev = &ar->ar_evinfo.sysctlenable; - ev->as_val = audit_system_state; - audit_record_enqueue(ar); - */ - return(0); -} - struct vnode * audit_write_init(const char *path, struct thread *td, struct ucred **cred) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204090004.g3904os10370>