Date: Sat, 20 Aug 2016 20:28:08 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r304544 - in head/sys: kern security/audit Message-ID: <201608202028.u7KKS84V024163@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Sat Aug 20 20:28:08 2016 New Revision: 304544 URL: https://svnweb.freebsd.org/changeset/base/304544 Log: Audit the accepted (or rejected) username argument to setlogin(2). (NB: This was likely a mismerge from XNU in audit support, where the text argument to setlogin(2) is captured -- but as a text token, whereas this change uses the dedicated login-name field in struct audit_record.) MFC after: 2 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/kern_prot.c head/sys/security/audit/audit.h head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/kern_prot.c ============================================================================== --- head/sys/kern/kern_prot.c Sat Aug 20 20:15:36 2016 (r304543) +++ head/sys/kern/kern_prot.c Sat Aug 20 20:28:08 2016 (r304544) @@ -2105,6 +2105,7 @@ sys_setlogin(struct thread *td, struct s error = EINVAL; return (error); } + AUDIT_ARG_LOGIN(logintmp); PROC_LOCK(p); SESS_LOCK(p->p_session); strcpy(p->p_session->s_login, logintmp); Modified: head/sys/security/audit/audit.h ============================================================================== --- head/sys/security/audit/audit.h Sat Aug 20 20:15:36 2016 (r304543) +++ head/sys/security/audit/audit.h Sat Aug 20 20:28:08 2016 (r304544) @@ -212,6 +212,11 @@ void audit_thread_free(struct thread *t audit_arg_groupset((gidset), (gidset_size)); \ } while (0) +#define AUDIT_ARG_LOGIN(login) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_login((login)); \ +} while (0) + #define AUDIT_ARG_MODE(mode) do { \ if (AUDITING_TD(curthread)) \ audit_arg_mode((mode)); \ @@ -354,6 +359,7 @@ void audit_thread_free(struct thread *t #define AUDIT_ARG_FFLAGS(fflags) #define AUDIT_ARG_GID(gid) #define AUDIT_ARG_GROUPSET(gidset, gidset_size) +#define AUDIT_ARG_LOGIN(login) #define AUDIT_ARG_MODE(mode) #define AUDIT_ARG_OWNER(uid, gid) #define AUDIT_ARG_PID(pid) Modified: head/sys/security/audit/audit_bsm.c ============================================================================== --- head/sys/security/audit/audit_bsm.c Sat Aug 20 20:15:36 2016 (r304543) +++ head/sys/security/audit/audit_bsm.c Sat Aug 20 20:28:08 2016 (r304544) @@ -1394,8 +1394,8 @@ kaudit_to_bsm(struct kaudit_record *kar, break; case AUE_SETLOGIN: - if (ARG_IS_VALID(kar, ARG_TEXT)) { - tok = au_to_text(ar->ar_arg_text); + if (ARG_IS_VALID(kar, ARG_LOGIN)) { + tok = au_to_text(ar->ar_arg_login); kau_write(rec, tok); } break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608202028.u7KKS84V024163>