Date: Thu, 25 Sep 2003 06:37:56 -0700 (PDT) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 38573 for review Message-ID: <200309251337.h8PDbuvh096772@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=38573 Change 38573 by areisse@areisse_tislabs on 2003/09/25 06:37:02 fix auditing of capabilities Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.c#5 edit .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.h#5 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.c#5 (text+ko) ==== @@ -97,8 +97,8 @@ void avc_dump_av(security_class_t tclass, access_vector_t av) { char **common_pts = 0; - access_vector_t common_base = 0; - int i, i2, perm; + access_vector_t common_base = 0, perm; + int i, i2; if (av == 0) { printk(" null"); @@ -561,7 +561,13 @@ printk(" key=%d", a->u.ipc_id); break; case AVC_AUDIT_DATA_CAP: - printk(" capability=%s", capv_to_text (a->u.cap)); + { + const char *capt = capv_to_text (a->u.cap); + if (capt[7] == '!') + printk (" capability=<%lld>", a->u.cap); + else + printk(" capability=%s", capv_to_text (a->u.cap)); + } break; case AVC_AUDIT_DATA_FS: if (a->u.fs.vp) { ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.h#5 (text+ko) ==== @@ -14,6 +14,8 @@ #include <unistd.h> #endif /* _KERNEL */ +#include <sys/capability.h> + #include <security/sebsd/flask.h> #include <security/sebsd/sebsd.h> #include <security/sebsd/avc/av_permissions.h> @@ -63,7 +65,7 @@ u16 port; u32 daddr; } net; - int cap; + cap_value_t cap; int ipc_id; } u; };
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309251337.h8PDbuvh096772>