From owner-p4-projects@FreeBSD.ORG Fri Aug 14 15:54:43 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 8DBC01065692; Fri, 14 Aug 2009 15:54:43 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 38D8F106568E for ; Fri, 14 Aug 2009 15:54:43 +0000 (UTC) (envelope-from marinosi@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 26C718FC55 for ; Fri, 14 Aug 2009 15:54:43 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n7EFshg1092639 for ; Fri, 14 Aug 2009 15:54:43 GMT (envelope-from marinosi@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n7EFshR9092637 for perforce@freebsd.org; Fri, 14 Aug 2009 15:54:43 GMT (envelope-from marinosi@FreeBSD.org) Date: Fri, 14 Aug 2009 15:54:43 GMT Message-Id: <200908141554.n7EFshR9092637@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to marinosi@FreeBSD.org using -f From: Ilias Marinos To: Perforce Change Reviews Cc: Subject: PERFORCE change 167329 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Aug 2009 15:54:43 -0000 http://perforce.freebsd.org/chv.cgi?CH=167329 Change 167329 by marinosi@marinosi_redrum on 2009/08/14 15:54:42 audit.c: - Added device mutex initialization code for all the slices except the base one.(Without it, using a device causes panic). - Removed an unecessary & always true check. (pointed out by rwatson). audit_slice.c: - Added a new write method code. It works fine with strings. - Many comments as it still experimental. Affected files ... .. //depot/projects/soc2009/marinosi_appaudit/src/sys/security/audit/audit.c#22 edit .. //depot/projects/soc2009/marinosi_appaudit/src/sys/security/audit/audit_slice.c#9 edit Differences ... ==== //depot/projects/soc2009/marinosi_appaudit/src/sys/security/audit/audit.c#22 (text) ==== @@ -724,32 +724,24 @@ as_ptr = as; - uprintf("audit_slice_create: Calling audit_slice_init()\n"); /* Initialize the base slice */ audit_slice_init(as, name); - uprintf("audit_slice_create: Returned from audit_slice_init()\n"); - /* * XXXRW: Possibly start worker before creating the device? * FIXED. */ /* Start audit worker thread. */ - uprintf("audit_slice_create: Calling audit_worker_start()\n"); audit_worker_start(as); - uprintf("audit_slice_create: Returned from audit_worker_start()\n"); /* Create the special device node */ - uprintf("audit_slice_create: Calling audit_slice_cdev_init()\n"); audit_slice_cdev_init(as); - uprintf("audit_slice_create: Returned from audit_slice_cdev_init()\n"); /* Insert the slice on the list */ TAILQ_INSERT_TAIL(&audit_slice_q, as, as_q); AUDIT_SLICES_UNLOCK(); - } /* @@ -802,6 +794,13 @@ */ mtx_init(&(as->audit_mtx), "audit_mtx", NULL, MTX_DEF); + /* + * For all the != audit_base_slice slices, we should initialize the + * extra needed variables, mutexes etc here. + */ + if ( as != audit_base_slice ) + mtx_init(&(as->as_dev_mtx), "as_dev_mtx", NULL, MTX_DEF); + cv_init(&(as->audit_worker_cv), "audit_worker_cv"); cv_init(&(as->audit_watermark_cv), "audit_watermark_cv"); cv_init(&(as->audit_fail_cv), "audit_fail_cv"); @@ -840,12 +839,12 @@ */ if (as != NULL) { AUDIT_SLICES_LOCK_ASSERT(); - cv_destroy(&(as)->audit_worker_cv); + /*cv_destroy(&(as)->audit_worker_cv); cv_destroy(&(as)->audit_watermark_cv); cv_destroy(&(as)->audit_fail_cv); sx_destroy(&(as)->audit_worker_lock); - mtx_destroy(&(as)->audit_mtx); - mtx_destroy(&(as)->as_dev_mtx); + mtx_destroy(&(as)->audit_mtx);*/ + mtx_destroy(&(as->as_dev_mtx)); destroy_dev(as->as_dev); TAILQ_REMOVE(&audit_slice_q, as, as_q); free(as, M_AUDITSLICE); @@ -894,24 +893,22 @@ * that improperly? * Base slice should never call audit_slice_commit_rec. */ - if (ar == NULL) { - /* - * This is not very efficient; we're required to allocate a - * complete kernel audit record just so the user record can - * tag along. - * - * XXXAUDIT: Maybe AUE_AUDIT in the system call context and - * special pre-select handling? - * - * XXXRW: Not sure we need to use td->td_ar here at all? The - * base slice may already be using it to record the write - * syscall. - */ - ar = audit_new(AUE_NULL, td, as); - if (ar == NULL) - return (1); - } + /* + * This is not very efficient; we're required to allocate a + * complete kernel audit record just so the user record can + * tag along. + * + * XXXAUDIT: Maybe AUE_AUDIT in the system call context and + * special pre-select handling? + * + * XXXRW: Not sure we need to use td->td_ar here at all? The + * base slice may already be using it to record the write + * syscall. + */ + ar = audit_new(AUE_NULL, td, as); + if (ar == NULL) + return (1); /* * Note: it could be that some records initiated while audit was @@ -1408,7 +1405,6 @@ * Use lock to prevent slice creation/removal while iterating through * the queue, listing the slices. */ - uprintf("Slices List:\n"); AUDIT_SLICES_LOCK(); TAILQ_FOREACH(cur, &audit_slice_q, as_q) { uprintf("%s\n", cur->as_name); ==== //depot/projects/soc2009/marinosi_appaudit/src/sys/security/audit/audit_slice.c#9 (text+ko) ==== @@ -139,7 +139,7 @@ as = dev->si_drv1; mtx_lock(&(as->as_dev_mtx)); - as->as_dev_isopen = 1; + as->as_dev_isopen = 0; /* Do something here */ mtx_unlock(&(as->as_dev_mtx)); @@ -167,18 +167,33 @@ /* Actual work here */ int c, error = 0; - u_int32_t recsz = 0; - int nbytes = 0; /*Remaining bytes */ - struct bsm_rec_hdr *audit_slice_dev_buf; + //u_int32_t recsz = 0; + //int nbytes = 0; /*Remaining bytes */ + char *audit_slice_dev_buf; struct audit_slice *as; void *as_rec = NULL; as = dev->si_drv1; /* Safe malloc the pagesz of the system.*/ - audit_slice_dev_buf = malloc(sizeof(*audit_slice_dev_buf), - M_TEMP, M_WAITOK); + //audit_slice_dev_buf = malloc(sizeof(*audit_slice_dev_buf), + // M_TEMP, M_WAITOK); + audit_slice_dev_buf = (void *)malloc(PAGE_SIZE, M_TEMP, + M_WAITOK | M_ZERO); + + uprintf("[DEV_WRITE_METHOD] of slice %s.\n", as->as_name); + + /* Copy the string in from user memory to kernel memory */ + c = MIN(uio->uio_iov->iov_len,PAGE_SIZE); + error = copyin(uio->uio_iov->iov_base, audit_slice_dev_buf, c); + + /* Null terminate it */ + *(audit_slice_dev_buf + c) = 0; + if (error != 0) + uprintf("Write failed: bad address!\n"); + else + uprintf ("MESSAGE: %s\n", (char *) audit_slice_dev_buf); /* * XXXRW: This seems to handle multiple records/system call, but not * multiple system calls/record. To handle the latter, we need to @@ -186,39 +201,51 @@ * into until we have a complete record which we can then submit to * audit. */ - while (uio->uio_resid > 0) { - c = MIN((int)uio->uio_resid, sizeof(*audit_slice_dev_buf)); - if ( c == (int)uio->uio_resid ) - break; +// while (uio->uio_resid > 0) { +// c = MIN((int)uio->uio_resid, sizeof(*audit_slice_dev_buf)); +// if ( c == (int)uio->uio_resid ) +// break; +// +// /* Fetch the bsm record's header */ +// error = uiomove(audit_slice_dev_buf, c, uio); +// if (error) +// break; +// +// /* +// * Store the actual record's size. Add some checks before +// * this. +// * +// * XXXRW: for example, perhaps we shouldn't accept records +// * longer than MAX_AUDIT_RECORD_SIZE, or less than +// * sizeof(*audit_slice_dev_buf). +// */ +// recsz = be32toh(audit_slice_dev_buf->rec_byte_count); +// as_rec = (void *)malloc((unsigned long)recsz, M_AUDITBSM, +// M_WAITOK | M_ZERO); +// +// /* Copy the header at the start of record */ +// memmove(as_rec, audit_slice_dev_buf, +// sizeof(audit_slice_dev_buf)); +// +// nbytes = (int)recsz - sizeof(audit_slice_dev_buf); +// error = uiomove(as_rec, nbytes, uio); +// if (error) +// break; + + //audit_slice_commit_rec( as_rec, as); + +// uprintf("Size to be fetched: %d\n", uio->uio_resid); +// c = MIN((int)uio->uio_resid, PAGE_SIZE); +// error = uiomove(audit_slice_dev_buf, c, uio); +// if (error) +// break; + //uprintf("[DEV_WRITE_METHOD] of slice %s: %s\n", + // as->as_name, (char *) audit_slice_dev_buf); - /* Fetch the bsm record's header */ - error = uiomove(audit_slice_dev_buf, c, uio); - if (error) - break; - /* - * Store the actual record's size. Add some checks before - * this. - * - * XXXRW: for example, perhaps we shouldn't accept records - * longer than MAX_AUDIT_RECORD_SIZE, or less than - * sizeof(*audit_slice_dev_buf). - */ - recsz = be32toh(audit_slice_dev_buf->rec_byte_count); - as_rec = (void *)malloc((unsigned long)recsz, M_AUDITBSM, - M_WAITOK | M_ZERO); - /* Copy the header at the start of record */ - memmove(as_rec, audit_slice_dev_buf, - sizeof(audit_slice_dev_buf)); - nbytes = (int)recsz - sizeof(audit_slice_dev_buf); - error = uiomove(as_rec, nbytes, uio); - if (error) - break; - - audit_slice_commit_rec( as_rec, as); - } +// } /* * XXXRW: Only free as_rec if we allocated it. @@ -263,9 +290,12 @@ audit_slice_cdev_init(struct audit_slice *as) { + + as->perms = 0700; + /* Create the special device file. */ as->as_dev = make_dev(&audit_slice_cdevsw, as->unit, as->uid, as->gid, - as->perms, "%s", as->as_name); + as->perms, "auditslice/%s", as->as_name); } /*