From owner-p4-projects@FreeBSD.ORG Mon Oct 17 08:04:54 2005 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id C35B216A421; Mon, 17 Oct 2005 08:04:53 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A4D816A41F for ; Mon, 17 Oct 2005 08:04:53 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09C6343D48 for ; Mon, 17 Oct 2005 08:04:53 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j9H84qnA038151 for ; Mon, 17 Oct 2005 08:04:52 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j9H84qm2038148 for perforce@freebsd.org; Mon, 17 Oct 2005 08:04:52 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Mon, 17 Oct 2005 08:04:52 GMT Message-Id: <200510170804.j9H84qm2038148@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 85416 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Oct 2005 08:04:54 -0000 http://perforce.freebsd.org/chv.cgi?CH=85416 Change 85416 by rwatson@rwatson_peppercorn on 2005/10/17 08:03:52 Remove bsm_rec_count, bsm_free_q, and bsm_audit_mutex: since we are sleeping M_WAITOK in the malloc, we are guaranteed to succeed, and don't need to provide our own local cache. Working from the malloc cache is actually faster than providing our own cache; if more caching is required for this memory type, a UMA type can be added. Style and white space cleanups. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_bsm_audit.c#19 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_bsm_audit.c#19 (text+ko) ==== @@ -43,23 +43,7 @@ #include #include -/* The number of BSM records allocated. */ -static int bsm_rec_count = 0; - /* - * Records that can be recycled are maintained in the list given below - * The maximum number of elements that can be present in this list is - * bounded by MAX_AUDIT_RECORDS. Memory allocated for these records are never - * freed - */ -static LIST_HEAD(, au_record) bsm_free_q; - -/* - * Lock for serializing access to the list of audit records. - */ -static struct mtx bsm_audit_mutex; - -/* * Forward declares. */ static void audit_sys_auditon(struct audit_record *ar, @@ -71,9 +55,8 @@ void kau_init(void) { + printf("BSM auditing present\n"); - LIST_INIT(&bsm_free_q); - mtx_init(&bsm_audit_mutex, "bsm_audit_mutex", NULL, MTX_DEF); au_evclassmap_init(); } @@ -88,72 +71,38 @@ static struct au_record * kau_open(void) { - struct au_record *rec = NULL; + struct au_record *rec; - /* - * Find an unused record, remove it from the free list, mark as used - */ - mtx_lock(&bsm_audit_mutex); - if (!LIST_EMPTY(&bsm_free_q)) { - rec = LIST_FIRST(&bsm_free_q); - LIST_REMOVE(rec, au_rec_q); - } - mtx_unlock(&bsm_audit_mutex); - - if (rec == NULL) { - mtx_lock(&bsm_audit_mutex); - if (bsm_rec_count >= MAX_AUDIT_RECORDS) { - /* XXX We need to increase size of MAX_AUDIT_RECORDS */ - mtx_unlock(&bsm_audit_mutex); - return NULL; - } - mtx_unlock(&bsm_audit_mutex); - - /* - * Create a new BSM kernel record. - */ - rec = malloc(sizeof(*rec), M_AUDIT, M_WAITOK); - rec->data = malloc(MAX_AUDIT_RECORD_SIZE * sizeof(u_char), - M_AUDIT, M_WAITOK); - mtx_lock(&bsm_audit_mutex); - bsm_rec_count++; - mtx_unlock(&bsm_audit_mutex); - } - memset(rec->data, 0, MAX_AUDIT_RECORD_SIZE); - + rec = malloc(sizeof(*rec), M_AUDIT, M_WAITOK); + rec->data = malloc(MAX_AUDIT_RECORD_SIZE * sizeof(u_char), M_AUDIT, + M_WAITOK | M_ZERO); TAILQ_INIT(&rec->token_q); rec->len = 0; rec->used = 1; - return rec; + return (rec); } /* - * Store the token with the record descriptor - * + * Store the token with the record descriptor. */ static int kau_write(struct au_record *rec, struct au_token *tok) { - if(tok == NULL) { + + /* XXXRW: KASSERT, void return instead? */ + if (tok == NULL) return -1; /* Invalid Token */ - } - /* Add the token to the tail */ - /* - * XXX Not locking here -- we should not be writing to - * XXX the same audit record from different threads - */ TAILQ_INSERT_TAIL(&rec->token_q, tok, tokens); - - rec->len += tok->len; /* grow record length by token size bytes */ + rec->len += tok->len; - return 0; + return (0); } /* - * Close out the audit record by adding the header token, identifying - * any missing tokens. Write out the tokens to the record memory. + * Close out the audit record by adding the header token, identifying any + * missing tokens. Write out the tokens to the record memory. */ static void kau_close(struct au_record *rec, struct timespec *ctime, short event) @@ -164,22 +113,22 @@ struct timeval tm; tot_rec_size = rec->len + BSM_HEADER_SIZE + BSM_TRAILER_SIZE; - if(tot_rec_size <= MAX_AUDIT_RECORD_SIZE) { + if (tot_rec_size <= MAX_AUDIT_RECORD_SIZE) { /* Create the header token */ tm.tv_usec = ctime->tv_nsec / 1000; tm.tv_sec = ctime->tv_sec; hdr = au_to_header32(tot_rec_size, event, 0, tm); - if(hdr != NULL) { + if (hdr != NULL) { /* Add to head of list */ TAILQ_INSERT_HEAD(&rec->token_q, hdr, tokens); trail = au_to_trailer(tot_rec_size); - if(trail != NULL) { - TAILQ_INSERT_TAIL(&rec->token_q, trail, tokens); - } + if (trail != NULL) + TAILQ_INSERT_TAIL(&rec->token_q, trail, + tokens); } - /* Serialize token data to the record */ + /* Serialize token data to the record. */ rec->len = tot_rec_size; dptr = rec->data; @@ -194,7 +143,8 @@ * Free a BSM audit record by releasing all the tokens and clearing the * audit record information. */ -void kau_free(struct au_record *rec) +void +kau_free(struct au_record *rec) { struct au_token *tok; @@ -207,108 +157,96 @@ rec->used = 0; rec->len = 0; - - mtx_lock(&bsm_audit_mutex); - - /* Add the record to the freelist */ - LIST_INSERT_HEAD(&bsm_free_q, rec, au_rec_q); - - mtx_unlock(&bsm_audit_mutex); - + free(tok, M_AUDIT); } /* * XXX May want turn some (or all) of these macros into functions in order * to reduce the generated code sized. */ -#define UPATH1_TOKENS \ - do { \ - if (ar->ar_valid_arg & ARG_UPATH1) { \ - tok = au_to_path(ar->ar_arg_upath1); \ - kau_write(rec, tok); \ - } \ - } while (0) +#define UPATH1_TOKENS do { \ + if (ar->ar_valid_arg & ARG_UPATH1) { \ + tok = au_to_path(ar->ar_arg_upath1); \ + kau_write(rec, tok); \ + } \ +} while (0) -#define UPATH2_TOKENS \ - do { \ - if (ar->ar_valid_arg & ARG_UPATH2) { \ - tok = au_to_path(ar->ar_arg_upath2); \ - kau_write(rec, tok); \ - } \ - } while (0) +#define UPATH2_TOKENS do { \ + if (ar->ar_valid_arg & ARG_UPATH2) { \ + tok = au_to_path(ar->ar_arg_upath2); \ + kau_write(rec, tok); \ + } \ +} while (0) -#define KPATH1_VNODE1_TOKENS \ - do { \ - if (ar->ar_valid_arg & ARG_KPATH1) { \ - tok = au_to_path(ar->ar_arg_kpath1); \ - kau_write(rec, tok); \ - } \ - if (ar->ar_valid_arg & ARG_VNODE1) { \ - tok = au_to_attr32(&ar->ar_arg_vnode1);\ - kau_write(rec, tok); \ - } \ - } while (0) +#define KPATH1_VNODE1_TOKENS do { \ + if (ar->ar_valid_arg & ARG_KPATH1) { \ + tok = au_to_path(ar->ar_arg_kpath1); \ + kau_write(rec, tok); \ + } \ + if (ar->ar_valid_arg & ARG_VNODE1) { \ + tok = au_to_attr32(&ar->ar_arg_vnode1); \ + kau_write(rec, tok); \ + } \ +} while (0) -#define KPATH1_VNODE1_OR_UPATH1_TOKENS \ - do { \ - if (ar->ar_valid_arg & ARG_KPATH1) { \ - tok = au_to_path(ar->ar_arg_kpath1); \ - kau_write(rec, tok); \ - } else { \ - UPATH1_TOKENS; \ - } \ - if (ar->ar_valid_arg & ARG_VNODE1) { \ - tok = au_to_attr32(&ar->ar_arg_vnode1);\ - kau_write(rec, tok); \ - } \ - } while (0) +#define KPATH1_VNODE1_OR_UPATH1_TOKENS do { \ + if (ar->ar_valid_arg & ARG_KPATH1) { \ + tok = au_to_path(ar->ar_arg_kpath1); \ + kau_write(rec, tok); \ + } else { \ + UPATH1_TOKENS; \ + } \ + if (ar->ar_valid_arg & ARG_VNODE1) { \ + tok = au_to_attr32(&ar->ar_arg_vnode1); \ + kau_write(rec, tok); \ + } \ +} while (0) -#define KPATH2_VNODE2_TOKENS \ - do { \ - if (ar->ar_valid_arg & ARG_KPATH2) { \ - tok = au_to_path(ar->ar_arg_kpath2); \ - kau_write(rec, tok); \ - } \ - if (ar->ar_valid_arg & ARG_VNODE2) { \ - tok = au_to_attr32(&ar->ar_arg_vnode2);\ - kau_write(rec, tok); \ - } \ - } while (0) +#define KPATH2_VNODE2_TOKENS do { \ + if (ar->ar_valid_arg & ARG_KPATH2) { \ + tok = au_to_path(ar->ar_arg_kpath2); \ + kau_write(rec, tok); \ + } \ + if (ar->ar_valid_arg & ARG_VNODE2) { \ + tok = au_to_attr32(&ar->ar_arg_vnode2); \ + kau_write(rec, tok); \ + } \ +} while (0) -#define FD_KPATH1_VNODE1_TOKENS \ - do { \ - if (ar->ar_valid_arg & ARG_KPATH1) { \ - tok = au_to_path(ar->ar_arg_kpath1); \ - kau_write(rec, tok); \ - if (ar->ar_valid_arg & ARG_VNODE1) { \ - tok = au_to_attr32(&ar->ar_arg_vnode1);\ - kau_write(rec, tok); \ - } \ - } else { \ - tok = au_to_arg32(1, "no path: fd", ar->ar_arg_fd); \ - kau_write(rec, tok); \ - } \ - } while (0) +#define FD_KPATH1_VNODE1_TOKENS do { \ + if (ar->ar_valid_arg & ARG_KPATH1) { \ + tok = au_to_path(ar->ar_arg_kpath1); \ + kau_write(rec, tok); \ + if (ar->ar_valid_arg & ARG_VNODE1) { \ + tok = au_to_attr32(&ar->ar_arg_vnode1); \ + kau_write(rec, tok); \ + } \ + } else { \ + tok = au_to_arg32(1, "no path: fd", ar->ar_arg_fd); \ + kau_write(rec, tok); \ + } \ +} while (0) -#define PROCESS_PID_TOKENS(argn) \ - do { \ +#define PROCESS_PID_TOKENS(argn) do { \ if ((ar->ar_arg_pid > 0) /* Kill a single process */ \ && (ar->ar_valid_arg & ARG_PROCESS)) { \ - tok = au_to_process(ar->ar_arg_auid, ar->ar_arg_euid, \ - ar->ar_arg_egid, ar->ar_arg_ruid, \ - ar->ar_arg_rgid, ar->ar_arg_pid, \ - ar->ar_arg_asid, &ar->ar_arg_termid); \ + tok = au_to_process(ar->ar_arg_auid, \ + ar->ar_arg_euid, ar->ar_arg_egid, \ + ar->ar_arg_ruid, ar->ar_arg_rgid, \ + ar->ar_arg_pid, ar->ar_arg_asid, \ + &ar->ar_arg_termid); \ kau_write(rec, tok); \ } else { \ - tok = au_to_arg32(argn, "process", ar->ar_arg_pid);\ + tok = au_to_arg32(argn, "process", \ + ar->ar_arg_pid); \ kau_write(rec, tok); \ } \ } while (0) \ /* - * Implement auditing for the auditon() system call. The audit tokens - * that are generated depend on the command that was sent into the - * auditon() system call. + * Implement auditing for the auditon() system call. The audit tokens that + * are generated depend on the command that was sent into the auditon() + * system call. */ static void audit_sys_auditon(struct audit_record *ar, struct au_record *rec) @@ -325,6 +263,7 @@ ar->ar_arg_auditon.au_flags); kau_write(rec, tok); break; + case A_SETKMASK: tok = au_to_arg32(2, "setkmask:as_success", ar->ar_arg_auditon.au_mask.am_success); @@ -333,6 +272,7 @@ ar->ar_arg_auditon.au_mask.am_failure); kau_write(rec, tok); break; + case A_SETQCTRL: tok = au_to_arg32(3, "setqctrl:aq_hiwater", ar->ar_arg_auditon.au_qctrl.aq_hiwater); @@ -350,6 +290,7 @@ ar->ar_arg_auditon.au_qctrl.aq_minfree); kau_write(rec, tok); break; + case A_SETUMASK: tok = au_to_arg32(3, "setumask:as_success", ar->ar_arg_auditon.au_auinfo.ai_mask.am_success); @@ -358,6 +299,7 @@ ar->ar_arg_auditon.au_auinfo.ai_mask.am_failure); kau_write(rec, tok); break; + case A_SETSMASK: tok = au_to_arg32(3, "setsmask:as_success", ar->ar_arg_auditon.au_auinfo.ai_mask.am_success); @@ -366,6 +308,7 @@ ar->ar_arg_auditon.au_auinfo.ai_mask.am_failure); kau_write(rec, tok); break; + case A_SETCOND: if (sizeof(ar->ar_arg_auditon.au_cond) > 4) tok = au_to_arg64(3, "setcond", @@ -375,6 +318,7 @@ ar->ar_arg_auditon.au_cond); kau_write(rec, tok); break; + case A_SETCLASS: tok = au_to_arg32(2, "setclass:ec_event", ar->ar_arg_auditon.au_evclass.ec_number); @@ -383,6 +327,7 @@ ar->ar_arg_auditon.au_evclass.ec_class); kau_write(rec, tok); break; + case A_SETPMASK: tok = au_to_arg32(2, "setpmask:as_success", ar->ar_arg_auditon.au_aupinfo.ap_mask.am_success); @@ -391,11 +336,13 @@ ar->ar_arg_auditon.au_aupinfo.ap_mask.am_failure); kau_write(rec, tok); break; + case A_SETFSIZE: tok = au_to_arg32(2, "setfsize:filesize", ar->ar_arg_auditon.au_fstat.af_filesz); kau_write(rec, tok); break; + default: break; } @@ -1083,7 +1030,7 @@ printf("BSM conversion requested for unknown event %d\n", ar->ar_event); kau_free(rec); - return BSM_NOAUDIT; + return (BSM_NOAUDIT); } kau_write(rec, subj_tok); @@ -1093,7 +1040,7 @@ kau_close(rec, &ar->ar_endtime, ar->ar_event); *pau = rec; - return BSM_SUCCESS; + return (BSM_SUCCESS); } /*