Date: Sat, 4 Feb 2006 13:43:50 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 91059 for review Message-ID: <200602041343.k14Dhoaa014009@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=91059 Change 91059 by rwatson@rwatson_peppercorn on 2006/02/04 13:43:31 Further tweaks to main system call audit events: - Prefer AUE_FOO over AUE_O_FOO. - Use AUE_SYSCTL instead of AUE_O_FOO for system calls now implemented as wrappers around sysctl. - Mark as AUE_NULL calls that we probably won't implement auditing for, and where the AUE_FOO define is to AUE_NULL. - Use correct spelling for AUE_GETSOCKOPT rather than compatibility spelling for Darwin. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#26 edit .. //depot/projects/trustedbsd/audit3/sys/kern/syscalls.c#17 edit .. //depot/projects/trustedbsd/audit3/sys/kern/syscalls.master#29 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#26 (text+ko) ==== @@ -113,11 +113,11 @@ { SYF_MPSAFE | 0, (sy_call_t *)getpgrp, AUE_GETPGRP }, /* 81 = getpgrp */ { SYF_MPSAFE | AS(setpgid_args), (sy_call_t *)setpgid, AUE_SETPGRP }, /* 82 = setpgid */ { SYF_MPSAFE | AS(setitimer_args), (sy_call_t *)setitimer, AUE_SETITIMER }, /* 83 = setitimer */ - { compat(SYF_MPSAFE | 0,wait), AUE_O_WAIT }, /* 84 = old wait */ + { compat(SYF_MPSAFE | 0,wait), AUE_WAIT4 }, /* 84 = old wait */ { SYF_MPSAFE | AS(swapon_args), (sy_call_t *)swapon, AUE_SWAPON }, /* 85 = swapon */ { SYF_MPSAFE | AS(getitimer_args), (sy_call_t *)getitimer, AUE_GETITIMER }, /* 86 = getitimer */ - { compat(SYF_MPSAFE | AS(gethostname_args),gethostname), AUE_O_GETHOSTNAME }, /* 87 = old gethostname */ - { compat(SYF_MPSAFE | AS(sethostname_args),sethostname), AUE_O_SETHOSTNAME }, /* 88 = old sethostname */ + { compat(SYF_MPSAFE | AS(gethostname_args),gethostname), AUE_SYSCTL }, /* 87 = old gethostname */ + { compat(SYF_MPSAFE | AS(sethostname_args),sethostname), AUE_SYSCTL }, /* 88 = old sethostname */ { SYF_MPSAFE | 0, (sy_call_t *)getdtablesize, AUE_GETDTABLESIZE }, /* 89 = getdtablesize */ { SYF_MPSAFE | AS(dup2_args), (sy_call_t *)dup2, AUE_DUP2 }, /* 90 = dup2 */ { 0, (sy_call_t *)nosys, AUE_NULL }, /* 91 = getdopt */ @@ -130,24 +130,24 @@ { SYF_MPSAFE | AS(connect_args), (sy_call_t *)connect, AUE_CONNECT }, /* 98 = connect */ { compat(SYF_MPSAFE | AS(accept_args),accept), AUE_ACCEPT }, /* 99 = old accept */ { SYF_MPSAFE | AS(getpriority_args), (sy_call_t *)getpriority, AUE_GETPRIORITY }, /* 100 = getpriority */ - { compat(SYF_MPSAFE | AS(osend_args),send), AUE_O_SEND }, /* 101 = old send */ - { compat(SYF_MPSAFE | AS(orecv_args),recv), AUE_O_RECV }, /* 102 = old recv */ + { compat(SYF_MPSAFE | AS(osend_args),send), AUE_SEND }, /* 101 = old send */ + { compat(SYF_MPSAFE | AS(orecv_args),recv), AUE_RECV }, /* 102 = old recv */ { compat(SYF_MPSAFE | AS(osigreturn_args),sigreturn), AUE_SIGRETURN }, /* 103 = old sigreturn */ { SYF_MPSAFE | AS(bind_args), (sy_call_t *)bind, AUE_BIND }, /* 104 = bind */ { SYF_MPSAFE | AS(setsockopt_args), (sy_call_t *)setsockopt, AUE_SETSOCKOPT }, /* 105 = setsockopt */ { SYF_MPSAFE | AS(listen_args), (sy_call_t *)listen, AUE_LISTEN }, /* 106 = listen */ { 0, (sy_call_t *)nosys, AUE_NULL }, /* 107 = obsolete vtimes */ - { compat(SYF_MPSAFE | AS(osigvec_args),sigvec), AUE_O_SIGVEC }, /* 108 = old sigvec */ - { compat(SYF_MPSAFE | AS(osigblock_args),sigblock), AUE_O_SIGBLOCK }, /* 109 = old sigblock */ - { compat(SYF_MPSAFE | AS(osigsetmask_args),sigsetmask), AUE_O_SIGSETMASK }, /* 110 = old sigsetmask */ - { compat(SYF_MPSAFE | AS(osigsuspend_args),sigsuspend), AUE_SIGSUSPEND }, /* 111 = old sigsuspend */ - { compat(SYF_MPSAFE | AS(osigstack_args),sigstack), AUE_O_SIGSTACK }, /* 112 = old sigstack */ - { compat(SYF_MPSAFE | AS(orecvmsg_args),recvmsg), AUE_O_RECVMSG }, /* 113 = old recvmsg */ - { compat(SYF_MPSAFE | AS(osendmsg_args),sendmsg), AUE_O_SENDMSG }, /* 114 = old sendmsg */ + { compat(SYF_MPSAFE | AS(osigvec_args),sigvec), AUE_NULL }, /* 108 = old sigvec */ + { compat(SYF_MPSAFE | AS(osigblock_args),sigblock), AUE_NULL }, /* 109 = old sigblock */ + { compat(SYF_MPSAFE | AS(osigsetmask_args),sigsetmask), AUE_NULL }, /* 110 = old sigsetmask */ + { compat(SYF_MPSAFE | AS(osigsuspend_args),sigsuspend), AUE_NULL }, /* 111 = old sigsuspend */ + { compat(SYF_MPSAFE | AS(osigstack_args),sigstack), AUE_NULL }, /* 112 = old sigstack */ + { compat(SYF_MPSAFE | AS(orecvmsg_args),recvmsg), AUE_RECVMSG }, /* 113 = old recvmsg */ + { compat(SYF_MPSAFE | AS(osendmsg_args),sendmsg), AUE_SENDMSG }, /* 114 = old sendmsg */ { 0, (sy_call_t *)nosys, AUE_NULL }, /* 115 = obsolete vtrace */ { SYF_MPSAFE | AS(gettimeofday_args), (sy_call_t *)gettimeofday, AUE_GETTIMEOFDAY }, /* 116 = gettimeofday */ { SYF_MPSAFE | AS(getrusage_args), (sy_call_t *)getrusage, AUE_GETRUSAGE }, /* 117 = getrusage */ - { SYF_MPSAFE | AS(getsockopt_args), (sy_call_t *)getsockopt, AUE_GTSOCKOPT }, /* 118 = getsockopt */ + { SYF_MPSAFE | AS(getsockopt_args), (sy_call_t *)getsockopt, AUE_GETSOCKOPT }, /* 118 = getsockopt */ { 0, (sy_call_t *)nosys, AUE_NULL }, /* 119 = resuba */ { SYF_MPSAFE | AS(readv_args), (sy_call_t *)readv, AUE_READV }, /* 120 = readv */ { SYF_MPSAFE | AS(writev_args), (sy_call_t *)writev, AUE_WRITEV }, /* 121 = writev */ @@ -158,8 +158,8 @@ { SYF_MPSAFE | AS(setreuid_args), (sy_call_t *)setreuid, AUE_SETREUID }, /* 126 = setreuid */ { SYF_MPSAFE | AS(setregid_args), (sy_call_t *)setregid, AUE_SETREGID }, /* 127 = setregid */ { SYF_MPSAFE | AS(rename_args), (sy_call_t *)rename, AUE_RENAME }, /* 128 = rename */ - { compat(SYF_MPSAFE | AS(otruncate_args),truncate), AUE_O_TRUNCATE }, /* 129 = old truncate */ - { compat(SYF_MPSAFE | AS(oftruncate_args),ftruncate), AUE_O_FTRUNCATE }, /* 130 = old ftruncate */ + { compat(SYF_MPSAFE | AS(otruncate_args),truncate), AUE_TRUNCATE }, /* 129 = old truncate */ + { compat(SYF_MPSAFE | AS(oftruncate_args),ftruncate), AUE_FTRUNCATE }, /* 130 = old ftruncate */ { SYF_MPSAFE | AS(flock_args), (sy_call_t *)flock, AUE_FLOCK }, /* 131 = flock */ { SYF_MPSAFE | AS(mkfifo_args), (sy_call_t *)mkfifo, AUE_MKFIFO }, /* 132 = mkfifo */ { SYF_MPSAFE | AS(sendto_args), (sy_call_t *)sendto, AUE_SENDTO }, /* 133 = sendto */ @@ -170,12 +170,12 @@ { SYF_MPSAFE | AS(utimes_args), (sy_call_t *)utimes, AUE_UTIMES }, /* 138 = utimes */ { 0, (sy_call_t *)nosys, AUE_NULL }, /* 139 = obsolete 4.2 sigreturn */ { SYF_MPSAFE | AS(adjtime_args), (sy_call_t *)adjtime, AUE_ADJTIME }, /* 140 = adjtime */ - { compat(SYF_MPSAFE | AS(ogetpeername_args),getpeername), AUE_O_GETPEERNAME }, /* 141 = old getpeername */ - { compat(SYF_MPSAFE | 0,gethostid), AUE_O_GETHOSTID }, /* 142 = old gethostid */ - { compat(SYF_MPSAFE | AS(osethostid_args),sethostid), AUE_O_SETHOSTID }, /* 143 = old sethostid */ - { compat(SYF_MPSAFE | AS(ogetrlimit_args),getrlimit), AUE_O_GETRLIMIT }, /* 144 = old getrlimit */ - { compat(SYF_MPSAFE | AS(osetrlimit_args),setrlimit), AUE_O_SETRLIMIT }, /* 145 = old setrlimit */ - { compat(SYF_MPSAFE | AS(okillpg_args),killpg), AUE_O_KILLPG }, /* 146 = old killpg */ + { compat(SYF_MPSAFE | AS(ogetpeername_args),getpeername), AUE_GETPEERNAME }, /* 141 = old getpeername */ + { compat(SYF_MPSAFE | 0,gethostid), AUE_SYSCTL }, /* 142 = old gethostid */ + { compat(SYF_MPSAFE | AS(osethostid_args),sethostid), AUE_SYSCTL }, /* 143 = old sethostid */ + { compat(SYF_MPSAFE | AS(ogetrlimit_args),getrlimit), AUE_GETRLIMIT }, /* 144 = old getrlimit */ + { compat(SYF_MPSAFE | AS(osetrlimit_args),setrlimit), AUE_SETRLIMIT }, /* 145 = old setrlimit */ + { compat(SYF_MPSAFE | AS(okillpg_args),killpg), AUE_KILLPG }, /* 146 = old killpg */ { SYF_MPSAFE | 0, (sy_call_t *)setsid, AUE_SETSID }, /* 147 = setsid */ { SYF_MPSAFE | AS(quotactl_args), (sy_call_t *)quotactl, AUE_QUOTACTL }, /* 148 = quotactl */ { compat(SYF_MPSAFE | 0,quota), AUE_O_QUOTA }, /* 149 = old quota */ ==== //depot/projects/trustedbsd/audit3/sys/kern/syscalls.c#17 (text+ko) ==== ==== //depot/projects/trustedbsd/audit3/sys/kern/syscalls.master#29 (text+ko) ==== @@ -184,14 +184,14 @@ 82 AUE_SETPGRP MSTD { int setpgid(int pid, int pgid); } 83 AUE_SETITIMER MSTD { int setitimer(u_int which, struct \ itimerval *itv, struct itimerval *oitv); } -84 AUE_O_WAIT MCOMPAT { int wait(void); } +84 AUE_WAIT4 MCOMPAT { int wait(void); } 85 AUE_SWAPON MSTD { int swapon(char *name); } 86 AUE_GETITIMER MSTD { int getitimer(u_int which, \ struct itimerval *itv); } -87 AUE_O_GETHOSTNAME MCOMPAT { int gethostname(char *hostname, \ +87 AUE_SYSCTL MCOMPAT { int gethostname(char *hostname, \ u_int len); } gethostname \ gethostname_args int -88 AUE_O_SETHOSTNAME MCOMPAT { int sethostname(char *hostname, \ +88 AUE_SYSCTL MCOMPAT { int sethostname(char *hostname, \ u_int len); } sethostname \ sethostname_args int 89 AUE_GETDTABLESIZE MSTD { int getdtablesize(void); } @@ -213,9 +213,9 @@ 99 AUE_ACCEPT MCPT_NOA { int accept(int s, caddr_t name, \ int *anamelen); } accept accept_args int 100 AUE_GETPRIORITY MSTD { int getpriority(int which, int who); } -101 AUE_O_SEND MCOMPAT { int send(int s, caddr_t buf, int len, \ +101 AUE_SEND MCOMPAT { int send(int s, caddr_t buf, int len, \ int flags); } -102 AUE_O_RECV MCOMPAT { int recv(int s, caddr_t buf, int len, \ +102 AUE_RECV MCOMPAT { int recv(int s, caddr_t buf, int len, \ int flags); } 103 AUE_SIGRETURN MCOMPAT { int sigreturn( \ struct osigcontext *sigcntxp); } @@ -225,25 +225,25 @@ caddr_t val, int valsize); } 106 AUE_LISTEN MSTD { int listen(int s, int backlog); } 107 AUE_NULL OBSOL vtimes -108 AUE_O_SIGVEC MCOMPAT { int sigvec(int signum, struct sigvec *nsv, \ +108 AUE_NULL MCOMPAT { int sigvec(int signum, struct sigvec *nsv, \ struct sigvec *osv); } -109 AUE_O_SIGBLOCK MCOMPAT { int sigblock(int mask); } -110 AUE_O_SIGSETMASK MCOMPAT { int sigsetmask(int mask); } -111 AUE_SIGSUSPEND MCOMPAT { int sigsuspend(osigset_t mask); } +109 AUE_NULL MCOMPAT { int sigblock(int mask); } +110 AUE_NULL MCOMPAT { int sigsetmask(int mask); } +111 AUE_NULL MCOMPAT { int sigsuspend(osigset_t mask); } ; XXX note nonstandard (bogus) calling convention - the libc stub passes ; us the mask, not a pointer to it. -112 AUE_O_SIGSTACK MCOMPAT { int sigstack(struct sigstack *nss, \ +112 AUE_NULL MCOMPAT { int sigstack(struct sigstack *nss, \ struct sigstack *oss); } -113 AUE_O_RECVMSG MCOMPAT { int recvmsg(int s, struct omsghdr *msg, \ +113 AUE_RECVMSG MCOMPAT { int recvmsg(int s, struct omsghdr *msg, \ int flags); } -114 AUE_O_SENDMSG MCOMPAT { int sendmsg(int s, caddr_t msg, \ +114 AUE_SENDMSG MCOMPAT { int sendmsg(int s, caddr_t msg, \ int flags); } 115 AUE_NULL OBSOL vtrace 116 AUE_GETTIMEOFDAY MSTD { int gettimeofday(struct timeval *tp, \ struct timezone *tzp); } 117 AUE_GETRUSAGE MSTD { int getrusage(int who, \ struct rusage *rusage); } -118 AUE_GTSOCKOPT MSTD { int getsockopt(int s, int level, int name, \ +118 AUE_GETSOCKOPT MSTD { int getsockopt(int s, int level, int name, \ caddr_t val, int *avalsize); } 119 AUE_NULL UNIMPL resuba (BSD/OS 2.x) 120 AUE_READV MSTD { int readv(int fd, struct iovec *iovp, \ @@ -261,8 +261,8 @@ 126 AUE_SETREUID MSTD { int setreuid(int ruid, int euid); } 127 AUE_SETREGID MSTD { int setregid(int rgid, int egid); } 128 AUE_RENAME MSTD { int rename(char *from, char *to); } -129 AUE_O_TRUNCATE MCOMPAT { int truncate(char *path, long length); } -130 AUE_O_FTRUNCATE MCOMPAT { int ftruncate(int fd, long length); } +129 AUE_TRUNCATE MCOMPAT { int truncate(char *path, long length); } +130 AUE_FTRUNCATE MCOMPAT { int ftruncate(int fd, long length); } 131 AUE_FLOCK MSTD { int flock(int fd, int how); } 132 AUE_MKFIFO MSTD { int mkfifo(char *path, int mode); } 133 AUE_SENDTO MSTD { int sendto(int s, caddr_t buf, size_t len, \ @@ -277,15 +277,15 @@ 139 AUE_NULL OBSOL 4.2 sigreturn 140 AUE_ADJTIME MSTD { int adjtime(struct timeval *delta, \ struct timeval *olddelta); } -141 AUE_O_GETPEERNAME MCOMPAT { int getpeername(int fdes, caddr_t asa, \ +141 AUE_GETPEERNAME MCOMPAT { int getpeername(int fdes, caddr_t asa, \ int *alen); } -142 AUE_O_GETHOSTID MCOMPAT { long gethostid(void); } -143 AUE_O_SETHOSTID MCOMPAT { int sethostid(long hostid); } -144 AUE_O_GETRLIMIT MCOMPAT { int getrlimit(u_int which, struct \ +142 AUE_SYSCTL MCOMPAT { long gethostid(void); } +143 AUE_SYSCTL MCOMPAT { int sethostid(long hostid); } +144 AUE_GETRLIMIT MCOMPAT { int getrlimit(u_int which, struct \ orlimit *rlp); } -145 AUE_O_SETRLIMIT MCOMPAT { int setrlimit(u_int which, \ +145 AUE_SETRLIMIT MCOMPAT { int setrlimit(u_int which, \ struct orlimit *rlp); } -146 AUE_O_KILLPG MCOMPAT { int killpg(int pgid, int signum); } +146 AUE_KILLPG MCOMPAT { int killpg(int pgid, int signum); } 147 AUE_SETSID MSTD { int setsid(void); } 148 AUE_QUOTACTL MSTD { int quotactl(char *path, int cmd, int uid, \ caddr_t arg); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602041343.k14Dhoaa014009>