From owner-svn-src-all@FreeBSD.ORG  Thu Jan 17 21:02:54 2013
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id EC54FDD;
 Thu, 17 Jan 2013 21:02:54 +0000 (UTC)
 (envelope-from csjp@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id DD3B6D7;
 Thu, 17 Jan 2013 21:02:54 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r0HL2s9w095158;
 Thu, 17 Jan 2013 21:02:54 GMT (envelope-from csjp@svn.freebsd.org)
Received: (from csjp@localhost)
 by svn.freebsd.org (8.14.5/8.14.5/Submit) id r0HL2sjL095155;
 Thu, 17 Jan 2013 21:02:54 GMT (envelope-from csjp@svn.freebsd.org)
Message-Id: <201301172102.r0HL2sjL095155@svn.freebsd.org>
From: "Christian S.J. Peron" <csjp@FreeBSD.org>
Date: Thu, 17 Jan 2013 21:02:54 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r245573 - head/sys/security/audit
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jan 2013 21:02:55 -0000

Author: csjp
Date: Thu Jan 17 21:02:53 2013
New Revision: 245573
URL: http://svnweb.freebsd.org/changeset/base/245573

Log:
  Implement the zonename token for jailed processes.  If
  a process has an auditid/preselection masks specified, and
  is jailed, include the zonename (jailname) token as a
  part of the audit record.
  
  Reviewed by:	pjd
  MFC after:	2 weeks

Modified:
  head/sys/security/audit/audit.c
  head/sys/security/audit/audit_bsm.c
  head/sys/security/audit/audit_private.h

Modified: head/sys/security/audit/audit.c
==============================================================================
--- head/sys/security/audit/audit.c	Thu Jan 17 20:21:56 2013	(r245572)
+++ head/sys/security/audit/audit.c	Thu Jan 17 21:02:53 2013	(r245573)
@@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/filedesc.h>
 #include <sys/fcntl.h>
 #include <sys/ipc.h>
+#include <sys/jail.h>
 #include <sys/kernel.h>
 #include <sys/kthread.h>
 #include <sys/malloc.h>
@@ -211,6 +212,7 @@ audit_record_ctor(void *mem, int size, v
 	struct kaudit_record *ar;
 	struct thread *td;
 	struct ucred *cred;
+	struct prison *pr;
 
 	KASSERT(sizeof(*ar) == size, ("audit_record_ctor: wrong size"));
 
@@ -233,6 +235,17 @@ audit_record_ctor(void *mem, int size, v
 	ar->k_ar.ar_subj_pid = td->td_proc->p_pid;
 	ar->k_ar.ar_subj_amask = cred->cr_audit.ai_mask;
 	ar->k_ar.ar_subj_term_addr = cred->cr_audit.ai_termid;
+	/*
+	 * If this process is jailed, make sure we capture the name of the
+	 * jail so we can use it to generate a zonename token when we covert
+	 * this record to BSM.
+	 */
+	if (jailed(cred)) {
+		pr = cred->cr_prison;
+		(void) strlcpy(ar->k_ar.ar_jailname, pr->pr_name,
+		    sizeof(ar->k_ar.ar_jailname));
+	} else
+		ar->k_ar.ar_jailname[0] = '\0';
 	return (0);
 }
 

Modified: head/sys/security/audit/audit_bsm.c
==============================================================================
--- head/sys/security/audit/audit_bsm.c	Thu Jan 17 20:21:56 2013	(r245572)
+++ head/sys/security/audit/audit_bsm.c	Thu Jan 17 21:02:53 2013	(r245573)
@@ -462,7 +462,7 @@ audit_sys_auditon(struct audit_record *a
 int
 kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 {
-	struct au_token *tok, *subj_tok;
+	struct au_token *tok, *subj_tok, *jail_tok;
 	struct au_record *rec;
 	au_tid_t tid;
 	struct audit_record *ar;
@@ -475,8 +475,13 @@ kaudit_to_bsm(struct kaudit_record *kar,
 	rec = kau_open();
 
 	/*
-	 * Create the subject token.
+	 * Create the subject token.  If this credential was jailed be sure to
+	 * generate a zonename token.
 	 */
+	if (ar->ar_jailname[0] != '\0')
+		jail_tok = au_to_zonename(ar->ar_jailname);
+	else
+		jail_tok = NULL;
 	switch (ar->ar_subj_term_addr.at_type) {
 	case AU_IPv4:
 		tid.port = ar->ar_subj_term_addr.at_port;
@@ -1623,11 +1628,15 @@ kaudit_to_bsm(struct kaudit_record *kar,
 		/*
 		 * Write the subject token so it is properly freed here.
 		 */
+		if (jail_tok != NULL)
+			kau_write(rec, jail_tok);
 		kau_write(rec, subj_tok);
 		kau_free(rec);
 		return (BSM_NOAUDIT);
 	}
 
+	if (jail_tok != NULL)
+		kau_write(rec, jail_tok);
 	kau_write(rec, subj_tok);
 	tok = au_to_return32(au_errno_to_bsm(ar->ar_errno), ar->ar_retval);
 	kau_write(rec, tok);  /* Every record gets a return token */

Modified: head/sys/security/audit/audit_private.h
==============================================================================
--- head/sys/security/audit/audit_private.h	Thu Jan 17 20:21:56 2013	(r245572)
+++ head/sys/security/audit/audit_private.h	Thu Jan 17 21:02:53 2013	(r245573)
@@ -230,6 +230,7 @@ struct audit_record {
 	int			ar_arg_exitretval;
 	struct sockaddr_storage ar_arg_sockaddr;
 	cap_rights_t		ar_arg_rights;
+	char			ar_jailname[MAXHOSTNAMELEN];
 };
 
 /*