Date: Sun, 10 Jul 2016 09:50:21 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r302519 - head/sys/kern Message-ID: <201607100950.u6A9oLVD082915@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Sun Jul 10 09:50:21 2016 New Revision: 302519 URL: https://svnweb.freebsd.org/changeset/base/302519 Log: Audit the file-descriptor number argument for openat(2). Remove a comment about the desirability of auditing the number, as it was in fact in the wrong place (in the common path for open(2) and openat(2), and only the latter accepts a file-descriptor argument). Where other ABIs support openat(2), it may be necessary to do additional argument auditing as it is not performed in kern_openat(9). MFC after: 3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/vfs_syscalls.c Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Sun Jul 10 08:38:10 2016 (r302518) +++ head/sys/kern/vfs_syscalls.c Sun Jul 10 09:50:21 2016 (r302519) @@ -942,6 +942,7 @@ int sys_openat(struct thread *td, struct openat_args *uap) { + AUDIT_ARG_FD(uap->fd); return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag, uap->mode)); } @@ -962,7 +963,6 @@ kern_openat(struct thread *td, int fd, c AUDIT_ARG_FFLAGS(flags); AUDIT_ARG_MODE(mode); - /* XXX: audit dirfd */ cap_rights_init(&rights, CAP_LOOKUP); flags_to_rights(flags, &rights); /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201607100950.u6A9oLVD082915>