From owner-cvs-all@FreeBSD.ORG Wed Jun 27 17:01:16 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 490C216A469; Wed, 27 Jun 2007 17:01:16 +0000 (UTC) (envelope-from csjp@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id 3BEC713C4BD; Wed, 27 Jun 2007 17:01:16 +0000 (UTC) (envelope-from csjp@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l5RH1GQi070990; Wed, 27 Jun 2007 17:01:16 GMT (envelope-from csjp@repoman.freebsd.org) Received: (from csjp@localhost) by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l5RH1Guj070989; Wed, 27 Jun 2007 17:01:16 GMT (envelope-from csjp) Message-Id: <200706271701.l5RH1Guj070989@repoman.freebsd.org> From: "Christian S.J. Peron" Date: Wed, 27 Jun 2007 17:01:15 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Cc: Subject: cvs commit: src/sys/security/audit audit.h audit_arg.c audit_bsm.c audit_bsm_token.c audit_syscalls.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jun 2007 17:01:16 -0000 csjp 2007-06-27 17:01:15 UTC FreeBSD src repository Modified files: sys/security/audit audit.h audit_arg.c audit_bsm.c audit_bsm_token.c audit_syscalls.c Log: - Add audit_arg_audinfo_addr() for auditing the arguments for setaudit_addr(2) - In audit_bsm.c, make sure all the arguments: ARG_AUID, ARG_ASID, ARG_AMASK, and ARG_TERMID{_ADDR} are valid before auditing their arguments. (This is done for both setaudit and setaudit_addr. - Audit the arguments passed to setaudit_addr(2) - AF_INET6 does not equate to AU_IPv6. Change this in au_to_in_addr_ex() so the audit token is created with the correct type. This fixes the processing of the in_addr_ex token in users pace. - Change the size of the token (as generated by the kernel) from 5*4 bytes to 4*4 bytes (the correct size of an ip6 address) - Correct regression from ucred work which resulted in getaudit() not returning E2BIG if the subject had an ip6 termid - Correct slight regression in getaudit(2) which resulted in the size of a pointer being passed instead of the size of the structure. (This resulted in invalid auditinfo data being returned via getaudit(2)) Reviewed by: rwatson Approved by: re@ (kensmith) Obtained from: TrustedBSD Project MFC after: 1 month Revision Changes Path 1.14 +1 -0 src/sys/security/audit/audit.h 1.15 +22 -0 src/sys/security/audit/audit_arg.c 1.19 +35 -2 src/sys/security/audit/audit_bsm.c 1.14 +2 -2 src/sys/security/audit/audit_bsm_token.c 1.21 +7 -2 src/sys/security/audit/audit_syscalls.c