From owner-cvs-src@FreeBSD.ORG  Thu Feb  2 19:04:32 2006
Return-Path: <owner-cvs-src@FreeBSD.ORG>
X-Original-To: cvs-src@FreeBSD.org
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1AE6D16A420;
	Thu,  2 Feb 2006 19:04:32 +0000 (GMT)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8C80443D4C;
	Thu,  2 Feb 2006 19:04:27 +0000 (GMT)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 1D4B046C89;
	Thu,  2 Feb 2006 14:04:11 -0500 (EST)
Date: Thu, 2 Feb 2006 19:06:22 +0000 (GMT)
From: Robret Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Julian Elischer <julian@elischer.org>
In-Reply-To: <43E25416.6020508@elischer.org>
Message-ID: <20060202190352.I38507@fledge.watson.org>
References: <200602020132.k121WwT3024973@repoman.freebsd.org>
	<43E25416.6020508@elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_exit.c kern_fork.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2006 19:04:32 -0000


On Thu, 2 Feb 2006, Julian Elischer wrote:

> Robert Watson wrote:
>
>> rwatson     2006-02-02 01:32:58 UTC
>> 
>>  FreeBSD src repository
>> 
>>  Modified files:
>>    sys/kern             kern_exit.c kern_fork.c  Log:
>>  Hook up audit to fork() and exit() events.  These changes manage the
>>  audit state on processes, not auditing of these events.
>>   Much work by:   wsalamon
>>  Obtained from:  TrustedBSD Project
>>   Revision  Changes    Path
>>  1.277     +5 -0      src/sys/kern/kern_exit.c
>>  1.254     +11 -1     src/sys/kern/kern_fork.c
>> 
> shouldn't these be implemented by supplying event handlers for exit and fork 
> instead of adding code to exit and fork themselves?

This is made tricky by the complex nature of fork() and the need to do things 
in specific orders during fork.  However, it should be possible to move the 
MAC and AUDIT allocation and free code into the proc ctor and proc dtor, and 
think about adding new event handlers for those two events.

Robert N M Watson