From owner-p4-projects@FreeBSD.ORG  Thu Sep 14 15:19:32 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 3BB2B16A412; Thu, 14 Sep 2006 15:19:32 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DA61D16A403
	for <perforce@freebsd.org>; Thu, 14 Sep 2006 15:19:31 +0000 (UTC)
	(envelope-from csjp@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9E14143D45
	for <perforce@freebsd.org>; Thu, 14 Sep 2006 15:19:31 +0000 (GMT)
	(envelope-from csjp@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k8EFJVrw020159
	for <perforce@freebsd.org>; Thu, 14 Sep 2006 15:19:31 GMT
	(envelope-from csjp@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k8EFJUgS020156
	for perforce@freebsd.org; Thu, 14 Sep 2006 15:19:31 GMT
	(envelope-from csjp@freebsd.org)
Date: Thu, 14 Sep 2006 15:19:31 GMT
Message-Id: <200609141519.k8EFJUgS020156@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	csjp@freebsd.org using -f
From: "Christian S.J. Peron" <csjp@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 106100 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Sep 2006 15:19:32 -0000

http://perforce.freebsd.org/chv.cgi?CH=106100

Change 106100 by csjp@csjp_xor on 2006/09/14 15:19:12

	Fix processing of userspace records, Right now, if the kernel record is not
	selected, then the userspace record is thrown away along with it, even if
	the userspace record itself was selected.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit.c#36 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_private.h#32 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#22 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#15 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit.c#36 (text+ko) ====

@@ -399,8 +399,8 @@
 	if (audit_pipe_preselect(auid, event, class, sorf,
 	    ar->k_ar_commit & AR_PRESELECT_TRAIL) != 0)
 		ar->k_ar_commit |= AR_PRESELECT_PIPE;
-	if ((ar->k_ar_commit & (AR_PRESELECT_TRAIL | AR_PRESELECT_PIPE)) ==
-	    0) {
+	if ((ar->k_ar_commit & (AR_PRESELECT_TRAIL | AR_PRESELECT_PIPE |
+	    AR_PRESELECT_USER_TRAIL | AR_PRESELECT_USER_PIPE)) == 0) {
 		mtx_lock(&audit_mtx);
 		audit_pre_q_len--;
 		mtx_unlock(&audit_mtx);

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_private.h#32 (text+ko) ====

@@ -96,6 +96,8 @@
 #define	AR_PRESELECT_TRAIL	0x00001000U
 #define	AR_PRESELECT_PIPE	0x00002000U
 
+#define	AR_PRESELECT_USER_TRAIL	0x00004000U
+#define	AR_PRESELECT_USER_PIPE	0x00008000U
 /*
  * Audit data is generated as a stream of struct audit_record structures,
  * linked by struct kaudit_record, and contain storage for possible audit so

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#22 (text+ko) ====

@@ -139,6 +139,13 @@
 	ar->k_udata = rec;
 	ar->k_ulen  = uap->length;
 	ar->k_ar_commit |= AR_COMMIT_USER;
+	/*
+	 * Currently we assume that all preselection has been performed in
+	 * userspace. We unconditionally set these masks so that the records
+	 * get committed both to the trail and pipe. In the future we will
+	 * want to setup kernel based preselection.
+	 */
+	ar->k_ar_commit |= (AR_PRESELECT_USER_TRAIL | AR_PRESELECT_USER_PIPE);
 	return (0);
 
 free_out:

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_worker.c#15 (text+ko) ====

@@ -322,8 +322,8 @@
 	au_id_t auid;
 	int sorf;
 
-	if ((ar->k_ar_commit & AR_COMMIT_USER) &&
-	    (ar->k_ar_commit & AR_PRESELECT_TRAIL)) {
+	if ((ar->k_ar_commit & AR_COMMIT_USER) != 0 &&
+	    (ar->k_ar_commit & AR_PRESELECT_USER_TRAIL)) {
 		error = audit_record_write(audit_vp, audit_cred, audit_td,
 		    ar->k_udata, ar->k_ulen);
 		if (error && audit_panic_on_write_fail)
@@ -331,11 +331,14 @@
 		else if (error)
 			printf("audit_worker: write error %d\n", error);
 	}
-	if ((ar->k_ar_commit & AR_COMMIT_USER) &&
-	    (ar->k_ar_commit & AR_PRESELECT_PIPE))
+	if ((ar->k_ar_commit & AR_COMMIT_USER) != 0 &&
+	    (ar->k_ar_commit & AR_PRESELECT_USER_PIPE)) {
 		audit_pipe_submit_user(ar->k_udata, ar->k_ulen);
+	}
 
-	if (!(ar->k_ar_commit & AR_COMMIT_KERNEL))
+	if (!(ar->k_ar_commit & AR_COMMIT_KERNEL) ||
+	    ((ar->k_ar_commit & AR_PRESELECT_PIPE) == 0 &&
+	    (ar->k_ar_commit & AR_PRESELECT_TRAIL) == 0))
 		return;
 
 	auid = ar->k_ar.ar_subj_auid;