From owner-svn-src-head@freebsd.org Sun Jul 10 08:04:04 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4C908B8593F; Sun, 10 Jul 2016 08:04:04 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EDE65117C; Sun, 10 Jul 2016 08:04:03 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u6A84335045946; Sun, 10 Jul 2016 08:04:03 GMT (envelope-from rwatson@FreeBSD.org) Received: (from rwatson@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u6A842gr045943; Sun, 10 Jul 2016 08:04:02 GMT (envelope-from rwatson@FreeBSD.org) Message-Id: <201607100804.u6A842gr045943@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rwatson set sender to rwatson@FreeBSD.org using -f From: Robert Watson Date: Sun, 10 Jul 2016 08:04:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r302514 - in head/sys: kern vm X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Jul 2016 08:04:04 -0000 Author: rwatson Date: Sun Jul 10 08:04:02 2016 New Revision: 302514 URL: https://svnweb.freebsd.org/changeset/base/302514 Log: Audit file-descriptor arguments to I/O system calls such as read(2), write(2), dup(2), and mmap(2). This auditing is not required by the Common Criteria (and hence was not being performed), but is valuable in both contemporary live analysis and forensic use cases. MFC after: 3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/kern_descrip.c head/sys/kern/sys_generic.c head/sys/vm/vm_mmap.c Modified: head/sys/kern/kern_descrip.c ============================================================================== --- head/sys/kern/kern_descrip.c Sun Jul 10 04:33:16 2016 (r302513) +++ head/sys/kern/kern_descrip.c Sun Jul 10 08:04:02 2016 (r302514) @@ -820,6 +820,9 @@ kern_dup(struct thread *td, u_int mode, MPASS((flags & ~(FDDUP_FLAG_CLOEXEC)) == 0); MPASS(mode < FDDUP_LASTMODE); + AUDIT_ARG_FD(old); + /* XXXRW: if (flags & FDDUP_FIXED) AUDIT_ARG_FD2(new); */ + /* * Verify we have a valid descriptor to dup from and possibly to * dup to. Unlike dup() and dup2(), fcntl()'s F_DUPFD should Modified: head/sys/kern/sys_generic.c ============================================================================== --- head/sys/kern/sys_generic.c Sun Jul 10 04:33:16 2016 (r302513) +++ head/sys/kern/sys_generic.c Sun Jul 10 08:04:02 2016 (r302514) @@ -363,6 +363,8 @@ dofileread(td, fd, fp, auio, offset, fla struct uio *ktruio = NULL; #endif + AUDIT_ARG_FD(fd); + /* Finish zero length reads right here */ if (auio->uio_resid == 0) { td->td_retval[0] = 0; @@ -576,6 +578,7 @@ dofilewrite(td, fd, fp, auio, offset, fl struct uio *ktruio = NULL; #endif + AUDIT_ARG_FD(fd); auio->uio_rw = UIO_WRITE; auio->uio_td = td; auio->uio_offset = offset; Modified: head/sys/vm/vm_mmap.c ============================================================================== --- head/sys/vm/vm_mmap.c Sun Jul 10 04:33:16 2016 (r302513) +++ head/sys/vm/vm_mmap.c Sun Jul 10 08:04:02 2016 (r302514) @@ -74,6 +74,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -206,6 +207,7 @@ sys_mmap(td, uap) pos = uap->pos; fp = NULL; + AUDIT_ARG_FD(uap->fd); /* * Ignore old flags that used to be defined but did not do anything.