From owner-p4-projects@FreeBSD.ORG  Sat May  8 16:24:18 2010
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id A0AED1065673; Sat,  8 May 2010 16:24:18 +0000 (UTC)
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 4CC0D1065687
	for <perforce@FreeBSD.org>; Sat,  8 May 2010 16:24:18 +0000 (UTC)
	(envelope-from gpf@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 3B4E68FC2C
	for <perforce@FreeBSD.org>; Sat,  8 May 2010 16:24:18 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o48GOII7021812
	for <perforce@FreeBSD.org>; Sat, 8 May 2010 16:24:18 GMT
	(envelope-from gpf@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o48GOIcf021810
	for perforce@freebsd.org; Sat, 8 May 2010 16:24:18 GMT
	(envelope-from gpf@FreeBSD.org)
Date: Sat, 8 May 2010 16:24:18 GMT
Message-Id: <201005081624.o48GOIcf021810@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	gpf@FreeBSD.org using -f
From: Efstratios Karatzas <gpf@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Precedence: bulk
Cc: 
Subject: PERFORCE change 177957 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 May 2010 16:24:18 -0000

http://p4web.freebsd.org/@@177957?ac=10

Change 177957 by gpf@gpf_desktop on 2010/05/08 16:24:10

	* a few extra rpcs:
	null,noop,getatrr,setattr,
	lookup,access
	* auditing user creds that are 
	sent along with the rpc sounds good->todo
	procedures serviced: 17/23
	ps: i m not really auditing any information
	for null or noop

Affected files ...

.. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#5 edit
.. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#5 edit

Differences ...

==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#5 (text+ko) ====

@@ -199,6 +199,7 @@
 	caddr_t dpos = nfsd->nd_dpos;
 	struct ucred *cred = nfsd->nd_cr;
 	struct vnode *vp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	u_int32_t *tl;
@@ -219,6 +220,9 @@
 	tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
 	error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
 	    nam, &rdonly, TRUE);
+
+	AUDIT_vp = vp;
+
 	if (error) {
 		nfsm_reply(NFSX_UNSIGNED);
 		nfsm_srvpostop_attr(1, NULL);
@@ -255,6 +259,24 @@
 	if (vp)
 		vput(vp);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return(error);
 }
 
@@ -273,6 +295,7 @@
 	struct vattr va;
 	struct vattr *vap = &va;
 	struct vnode *vp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	caddr_t bpos;
@@ -286,6 +309,9 @@
 	nfsm_srvmtofh(fhp);
 	error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp, nam,
 	    &rdonly, TRUE);
+
+	AUDIT_vp = vp;
+
 	if (error) {
 		nfsm_reply(0);
 		error = 0;
@@ -308,6 +334,24 @@
 	if (vp)
 		vput(vp);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return(error);
 }
 
@@ -327,6 +371,7 @@
 	struct nfsv2_sattr *sp;
 	struct nfs_fattr *fp;
 	struct vnode *vp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	u_int32_t *tl;
@@ -395,6 +440,9 @@
 	 */
 	error = nfsrv_fhtovp(fhp, 1, &vp, &tvfslocked, nfsd, slp,
 	    nam, &rdonly, TRUE);
+
+	AUDIT_vp = vp;
+
 	vfslocked = nfsrv_lockedpair(vfslocked, tvfslocked);
 	if (error) {
 		nfsm_reply(2 * NFSX_UNSIGNED);
@@ -466,6 +514,24 @@
 		vput(vp);
 	vn_finished_write(mp);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return(error);
 }
 
@@ -483,6 +549,7 @@
 	struct nfs_fattr *fp;
 	struct nameidata nd, ind, *ndp = &nd;
 	struct vnode *vp, *dirp = NULL;
+	struct vnode *AUDIT_vp = NULL;
 	nfsfh_t nfh;
 	fhandle_t *fhp;
 	caddr_t bpos;
@@ -611,6 +678,9 @@
 	 * the same potential blocking reason ) and reply.
 	 */
 	vp = ndp->ni_vp;
+	
+	AUDIT_vp = vp;
+	
 	bzero((caddr_t)fhp, sizeof(nfh));
 	fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
 	error = VOP_VPTOFH(vp, &fhp->fh_fid);
@@ -650,6 +720,24 @@
 	}
 	NDFREE(&nd, NDF_ONLY_PNBUF);
 	VFS_UNLOCK_GIANT(vfslocked);
+	
+	/* XXX AUDIT */	
+	if (AUDITING_TD(curthread)) {
+		if (AUDIT_vp != NULL) {
+			struct thread *td = curthread;
+			char *fullpath, *freepath;
+
+			AUDIT_ARG_VNODE1(AUDIT_vp);
+
+			freepath = NULL;
+			vn_fullpath_global(td, AUDIT_vp, &fullpath, &freepath);
+			if (freepath != NULL) {
+				AUDIT_ARG_UPATH1(td, fullpath);
+				free(freepath, M_TEMP);
+			}
+		}
+	}
+	
 	return (error);
 }
 
@@ -719,7 +807,9 @@
 	uiop->uio_td = NULL;
 	error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
 	    nam, &rdonly, TRUE);
-	link_vp = vp;	    
+
+	link_vp = vp;
+	
 	if (error) {
 		nfsm_reply(2 * NFSX_UNSIGNED);
 		if (v3)

==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#5 (text) ====

@@ -1580,8 +1580,7 @@
 		tok = au_to_arg32(0, "prev mask", ar->ar_retval);
 		kau_write(rec, tok);
 		break;
-	
-		
+			
 	case AUE_NFS_CREATE:
 	case AUE_NFS_READ:
 	case AUE_NFS_WRITE:
@@ -1590,6 +1589,10 @@
 	case AUE_NFS_READLINK:
 	case AUE_NFS_REMOVE:
 	case AUE_NFS_RMDIR:
+	case AUE_NFS_GETATTR:
+	case AUE_NFS_SETATTR:
+	case AUE_NFS_ACCESS:
+	case AUE_NFS_LOOKUP:
 		if (ARG_IS_VALID(kar, ARG_MODE)) {
 			tok = au_to_arg32(3, "mode", ar->ar_arg_mode);
 			kau_write(rec, tok);
@@ -1605,6 +1608,10 @@
 		}
 		UPATH1_VNODE1_TOKENS;
 		break;
+
+	case AUE_NFS_NOOP:
+	case AUE_NFS_NULL:
+		break;
 	
 	case AUE_NFS_LINK:
 	case AUE_NFS_RENAME: