From owner-svn-src-all@freebsd.org Tue Dec 1 19:34:49 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 892F54B2116; Tue, 1 Dec 2020 19:34:49 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ClskK2h06z4lFZ; Tue, 1 Dec 2020 19:34:49 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4CD011B092; Tue, 1 Dec 2020 19:34:49 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0B1JYnnP003815; Tue, 1 Dec 2020 19:34:49 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0B1JYkm7003800; Tue, 1 Dec 2020 19:34:46 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <202012011934.0B1JYkm7003800@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 1 Dec 2020 19:34:46 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r368249 - in releng: 12.1/sys/amd64/linux 12.1/sys/amd64/linux32 12.1/sys/arm64/linux 12.1/sys/compat/freebsd32 12.1/sys/i386/linux 12.1/sys/kern 12.2/sys/amd64/linux 12.2/sys/amd64/lin... X-SVN-Group: releng X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in releng: 12.1/sys/amd64/linux 12.1/sys/amd64/linux32 12.1/sys/arm64/linux 12.1/sys/compat/freebsd32 12.1/sys/i386/linux 12.1/sys/kern 12.2/sys/amd64/linux 12.2/sys/amd64/linux32 12.2/sys/arm64/linux... X-SVN-Commit-Revision: 368249 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2020 19:34:49 -0000 Author: gordon Date: Tue Dec 1 19:34:45 2020 New Revision: 368249 URL: https://svnweb.freebsd.org/changeset/base/368249 Log: Fix execve/fexecve system call auditing. Approved by: so Security: FreeBSD-EN-20:19.audit Modified: releng/12.1/sys/amd64/linux/linux_machdep.c releng/12.1/sys/amd64/linux32/linux32_machdep.c releng/12.1/sys/arm64/linux/linux_machdep.c releng/12.1/sys/compat/freebsd32/freebsd32_misc.c releng/12.1/sys/i386/linux/linux_machdep.c releng/12.1/sys/kern/kern_exec.c releng/12.1/sys/kern/subr_syscall.c releng/12.2/sys/amd64/linux/linux_machdep.c releng/12.2/sys/amd64/linux32/linux32_machdep.c releng/12.2/sys/arm64/linux/linux_machdep.c releng/12.2/sys/compat/freebsd32/freebsd32_misc.c releng/12.2/sys/i386/linux/linux_machdep.c releng/12.2/sys/kern/kern_exec.c releng/12.2/sys/kern/subr_syscall.c Modified: releng/12.1/sys/amd64/linux/linux_machdep.c ============================================================================== --- releng/12.1/sys/amd64/linux/linux_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/amd64/linux/linux_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -81,6 +81,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -107,6 +109,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(path, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.1/sys/amd64/linux32/linux32_machdep.c ============================================================================== --- releng/12.1/sys/amd64/linux32/linux32_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/amd64/linux32/linux32_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -69,6 +69,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -143,6 +145,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(path, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.1/sys/arm64/linux/linux_machdep.c ============================================================================== --- releng/12.1/sys/arm64/linux/linux_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/arm64/linux/linux_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -38,6 +38,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -74,6 +76,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(path, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.1/sys/compat/freebsd32/freebsd32_misc.c ============================================================================== --- releng/12.1/sys/compat/freebsd32/freebsd32_misc.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/compat/freebsd32/freebsd32_misc.c Tue Dec 1 19:34:45 2020 (r368249) @@ -440,6 +440,7 @@ freebsd32_execve(struct thread *td, struct freebsd32_e if (error == 0) error = kern_execve(td, &eargs, NULL); post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } @@ -460,6 +461,7 @@ freebsd32_fexecve(struct thread *td, struct freebsd32_ error = kern_execve(td, &eargs, NULL); } post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.1/sys/i386/linux/linux_machdep.c ============================================================================== --- releng/12.1/sys/i386/linux/linux_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/i386/linux/linux_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -61,6 +61,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -116,6 +118,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(newpath, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.1/sys/kern/kern_exec.c ============================================================================== --- releng/12.1/sys/kern/kern_exec.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/kern/kern_exec.c Tue Dec 1 19:34:45 2020 (r368249) @@ -224,6 +224,7 @@ sys_execve(struct thread *td, struct execve_args *uap) if (error == 0) error = kern_execve(td, &args, NULL); post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } @@ -251,6 +252,7 @@ sys_fexecve(struct thread *td, struct fexecve_args *ua error = kern_execve(td, &args, NULL); } post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } @@ -279,6 +281,7 @@ sys___mac_execve(struct thread *td, struct __mac_execv if (error == 0) error = kern_execve(td, &args, uap->mac_p); post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); #else return (ENOSYS); Modified: releng/12.1/sys/kern/subr_syscall.c ============================================================================== --- releng/12.1/sys/kern/subr_syscall.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.1/sys/kern/subr_syscall.c Tue Dec 1 19:34:45 2020 (r368249) @@ -133,6 +133,16 @@ syscallenter(struct thread *td) AUDIT_SYSCALL_ENTER(sa->code, td); error = (sa->callp->sy_call)(td, sa->args); + + /* + * Note that some syscall implementations (e.g., sys_execve) + * will commit the audit record just before their final return. + * These were done under the assumption that nothing of interest + * would happen between their return and here, where we would + * normally commit the audit record. These assumptions will + * need to be revisited should any substantial logic be added + * above. + */ AUDIT_SYSCALL_EXIT(error, td); /* Save the latest error return value. */ Modified: releng/12.2/sys/amd64/linux/linux_machdep.c ============================================================================== --- releng/12.2/sys/amd64/linux/linux_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/amd64/linux/linux_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -81,6 +81,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -107,6 +109,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(path, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.2/sys/amd64/linux32/linux32_machdep.c ============================================================================== --- releng/12.2/sys/amd64/linux32/linux32_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/amd64/linux32/linux32_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -69,6 +69,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -138,6 +140,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(path, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.2/sys/arm64/linux/linux_machdep.c ============================================================================== --- releng/12.2/sys/arm64/linux/linux_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/arm64/linux/linux_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -38,6 +38,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -74,6 +76,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(path, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.2/sys/compat/freebsd32/freebsd32_misc.c ============================================================================== --- releng/12.2/sys/compat/freebsd32/freebsd32_misc.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/compat/freebsd32/freebsd32_misc.c Tue Dec 1 19:34:45 2020 (r368249) @@ -440,6 +440,7 @@ freebsd32_execve(struct thread *td, struct freebsd32_e if (error == 0) error = kern_execve(td, &eargs, NULL); post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } @@ -460,6 +461,7 @@ freebsd32_fexecve(struct thread *td, struct freebsd32_ error = kern_execve(td, &eargs, NULL); } post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.2/sys/i386/linux/linux_machdep.c ============================================================================== --- releng/12.2/sys/i386/linux/linux_machdep.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/i386/linux/linux_machdep.c Tue Dec 1 19:34:45 2020 (r368249) @@ -61,6 +61,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include #include @@ -111,6 +113,7 @@ linux_execve(struct thread *td, struct linux_execve_ar free(newpath, M_TEMP); if (error == 0) error = linux_common_execve(td, &eargs); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } Modified: releng/12.2/sys/kern/kern_exec.c ============================================================================== --- releng/12.2/sys/kern/kern_exec.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/kern/kern_exec.c Tue Dec 1 19:34:45 2020 (r368249) @@ -224,6 +224,7 @@ sys_execve(struct thread *td, struct execve_args *uap) if (error == 0) error = kern_execve(td, &args, NULL); post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } @@ -251,6 +252,7 @@ sys_fexecve(struct thread *td, struct fexecve_args *ua error = kern_execve(td, &args, NULL); } post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); } @@ -279,6 +281,7 @@ sys___mac_execve(struct thread *td, struct __mac_execv if (error == 0) error = kern_execve(td, &args, uap->mac_p); post_execve(td, error, oldvmspace); + AUDIT_SYSCALL_EXIT(error == EJUSTRETURN ? 0 : error, td); return (error); #else return (ENOSYS); Modified: releng/12.2/sys/kern/subr_syscall.c ============================================================================== --- releng/12.2/sys/kern/subr_syscall.c Tue Dec 1 19:34:44 2020 (r368248) +++ releng/12.2/sys/kern/subr_syscall.c Tue Dec 1 19:34:45 2020 (r368249) @@ -142,6 +142,16 @@ syscallenter(struct thread *td) AUDIT_SYSCALL_ENTER(sa->code, td); error = (sa->callp->sy_call)(td, sa->args); + + /* + * Note that some syscall implementations (e.g., sys_execve) + * will commit the audit record just before their final return. + * These were done under the assumption that nothing of interest + * would happen between their return and here, where we would + * normally commit the audit record. These assumptions will + * need to be revisited should any substantial logic be added + * above. + */ AUDIT_SYSCALL_EXIT(error, td); /* Save the latest error return value. */