Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 30 Nov 2012 23:21:56 +0000 (UTC)
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r243727 - head/sys/security/audit
Message-ID:  <201211302321.qAUNLuer074662@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: pjd
Date: Fri Nov 30 23:21:55 2012
New Revision: 243727
URL: http://svnweb.freebsd.org/changeset/base/243727

Log:
  IFp4 @208452:
  
  Audit handling for missing events:
  - AUE_READLINKAT
  - AUE_FACCESSAT
  - AUE_MKDIRAT
  - AUE_MKFIFOAT
  - AUE_MKNODAT
  - AUE_SYMLINKAT
  
  Sponsored by:	FreeBSD Foundation (auditdistd)
  MFC after:	2 weeks

Modified:
  head/sys/security/audit/audit_bsm.c

Modified: head/sys/security/audit/audit_bsm.c
==============================================================================
--- head/sys/security/audit/audit_bsm.c	Fri Nov 30 23:18:49 2012	(r243726)
+++ head/sys/security/audit/audit_bsm.c	Fri Nov 30 23:21:55 2012	(r243727)
@@ -724,13 +724,6 @@ kaudit_to_bsm(struct kaudit_record *kar,
 		 */
 		break;
 
-	case AUE_MKFIFO:
-		if (ARG_IS_VALID(kar, ARG_MODE)) {
-			tok = au_to_arg32(2, "mode", ar->ar_arg_mode);
-			kau_write(rec, tok);
-		}
-		/* FALLTHROUGH */
-
 	case AUE_CHDIR:
 	case AUE_CHROOT:
 	case AUE_FSTATAT:
@@ -743,6 +736,7 @@ kaudit_to_bsm(struct kaudit_record *kar,
 	case AUE_LPATHCONF:
 	case AUE_PATHCONF:
 	case AUE_READLINK:
+	case AUE_READLINKAT:
 	case AUE_REVOKE:
 	case AUE_RMDIR:
 	case AUE_SEARCHFS:
@@ -762,6 +756,8 @@ kaudit_to_bsm(struct kaudit_record *kar,
 
 	case AUE_ACCESS:
 	case AUE_EACCESS:
+	case AUE_FACCESSAT:
+		ATFD1_TOKENS(1);
 		UPATH1_VNODE1_TOKENS;
 		if (ARG_IS_VALID(kar, ARG_VALUE)) {
 			tok = au_to_arg32(2, "mode", ar->ar_arg_value);
@@ -1059,6 +1055,10 @@ kaudit_to_bsm(struct kaudit_record *kar,
 		break;
 
 	case AUE_MKDIR:
+	case AUE_MKDIRAT:
+	case AUE_MKFIFO:
+	case AUE_MKFIFOAT:
+		ATFD1_TOKENS(1);
 		if (ARG_IS_VALID(kar, ARG_MODE)) {
 			tok = au_to_arg32(2, "mode", ar->ar_arg_mode);
 			kau_write(rec, tok);
@@ -1067,6 +1067,8 @@ kaudit_to_bsm(struct kaudit_record *kar,
 		break;
 
 	case AUE_MKNOD:
+	case AUE_MKNODAT:
+		ATFD1_TOKENS(1);
 		if (ARG_IS_VALID(kar, ARG_MODE)) {
 			tok = au_to_arg32(2, "mode", ar->ar_arg_mode);
 			kau_write(rec, tok);
@@ -1546,10 +1548,12 @@ kaudit_to_bsm(struct kaudit_record *kar,
 		break;
 
 	case AUE_SYMLINK:
+	case AUE_SYMLINKAT:
 		if (ARG_IS_VALID(kar, ARG_TEXT)) {
 			tok = au_to_text(ar->ar_arg_text);
 			kau_write(rec, tok);
 		}
+		ATFD1_TOKENS(1);
 		UPATH1_VNODE1_TOKENS;
 		break;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211302321.qAUNLuer074662>