From owner-p4-projects@FreeBSD.ORG  Sat Feb  4 00:48:25 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id DB35316A48F; Sat,  4 Feb 2006 00:48:23 +0000 (GMT)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 22EDB16A420
	for <perforce@freebsd.org>; Sat,  4 Feb 2006 00:48:23 +0000 (GMT)
	(envelope-from wsalamon@computer.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 26B4D43D45
	for <perforce@freebsd.org>; Sat,  4 Feb 2006 00:48:22 +0000 (GMT)
	(envelope-from wsalamon@computer.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k140mLlI058268
	for <perforce@freebsd.org>; Sat, 4 Feb 2006 00:48:21 GMT
	(envelope-from wsalamon@computer.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k140mLkb058264
	for perforce@freebsd.org; Sat, 4 Feb 2006 00:48:21 GMT
	(envelope-from wsalamon@computer.org)
Date: Sat, 4 Feb 2006 00:48:21 GMT
Message-Id: <200602040048.k140mLkb058264@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	wsalamon@computer.org using -f
From: Wayne Salamon <wsalamon@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 91014 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Feb 2006 00:48:25 -0000

http://perforce.freebsd.org/chv.cgi?CH=91014

Change 91014 by wsalamon@gretsch on 2006/02/04 00:47:28

	Audit the nmount(2) system call.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#24 edit
.. //depot/projects/trustedbsd/audit3/sys/kern/syscalls.c#15 edit
.. //depot/projects/trustedbsd/audit3/sys/kern/syscalls.master#27 edit
.. //depot/projects/trustedbsd/audit3/sys/kern/vfs_mount.c#8 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#5 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/syscall.h#15 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/syscall.mk#16 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#19 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#24 (text+ko) ====

@@ -407,7 +407,7 @@
 	{ AS(nfsclnt_args), (sy_call_t *)nosys, AUE_NULL },	/* 375 = nfsclnt */
 	{ SYF_MPSAFE | AS(eaccess_args), (sy_call_t *)eaccess, AUE_EACCESS },	/* 376 = eaccess */
 	{ 0, (sy_call_t *)nosys, AUE_NULL },			/* 377 = afs_syscall */
-	{ AS(nmount_args), (sy_call_t *)nmount, AUE_NULL },	/* 378 = nmount */
+	{ AS(nmount_args), (sy_call_t *)nmount, AUE_NMOUNT },	/* 378 = nmount */
 	{ SYF_MPSAFE | 0, (sy_call_t *)kse_exit, AUE_NULL },	/* 379 = kse_exit */
 	{ SYF_MPSAFE | AS(kse_wakeup_args), (sy_call_t *)kse_wakeup, AUE_NULL },	/* 380 = kse_wakeup */
 	{ SYF_MPSAFE | AS(kse_create_args), (sy_call_t *)kse_create, AUE_NULL },	/* 381 = kse_create */

==== //depot/projects/trustedbsd/audit3/sys/kern/syscalls.c#15 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/kern/syscalls.master#27 (text+ko) ====

@@ -662,7 +662,7 @@
 375	AUE_NULL	NOIMPL	{ int nfsclnt(int flag, caddr_t argp); }
 376	AUE_EACCESS	MSTD	{ int eaccess(char *path, int flags); }
 377	AUE_NULL	UNIMPL	afs_syscall
-378	AUE_NULL	STD	{ int nmount(struct iovec *iovp, \
+378	AUE_NMOUNT	STD	{ int nmount(struct iovec *iovp, \
 				    unsigned int iovcnt, int flags); }
 379	AUE_NULL	MSTD	{ int kse_exit(void); }
 380	AUE_NULL	MSTD	{ int kse_wakeup(struct kse_mailbox *mbx); }

==== //depot/projects/trustedbsd/audit3/sys/kern/vfs_mount.c#8 (text+ko) ====

@@ -373,9 +373,6 @@
 	int error;
 	u_int iovcnt;
 
-	/* XXXAUDIT Audit is not complete for nmount() yet; need to create
-	 * a new audit event. 
-	 */
 	AUDIT_ARG(fflags, uap->flags);
 
 	/* Kick out MNT_ROOTFS early as it is legal internally */
@@ -394,6 +391,7 @@
 	if (error)
 		return (error);
 	iov = auio->uio_iov;
+	AUDIT_ARG(iovec, iov, iovcnt);
 	for (i = 0; i < iovcnt; i++) {
 		if (iov->iov_len > MMAXOPTIONLEN) {
 			free(auio, M_IOV);

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#5 (text+ko) ====

@@ -818,6 +818,18 @@
 		UPATH1_VNODE1_TOKENS;
 		break;
 
+	case AUE_NMOUNT:
+		if (ARG_IS_VALID(kar, ARG_FFLAGS)) {
+			tok = au_to_arg32(3, "flags", ar->ar_arg_fflags);
+			kau_write(rec, tok);
+		}
+		if (ARG_IS_VALID(kar, ARG_IOVECSTR)) {
+			tok = au_to_text(ar->ar_arg_iovecstr);
+			kau_write(rec, tok);
+		}
+		UPATH1_VNODE1_TOKENS;
+		break;
+
 	case AUE_MSGCTL:
 		ar->ar_event = msgctl_to_event(ar->ar_arg_svipc_cmd);
 		/* Fall through */

==== //depot/projects/trustedbsd/audit3/sys/sys/syscall.h#15 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/sys/syscall.mk#16 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#19 (text+ko) ====