From owner-svn-src-all@freebsd.org Tue Nov 22 00:41:26 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 52862C4D342; Tue, 22 Nov 2016 00:41:26 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 24664DF9; Tue, 22 Nov 2016 00:41:26 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id uAM0fPPR043072; Tue, 22 Nov 2016 00:41:25 GMT (envelope-from rwatson@FreeBSD.org) Received: (from rwatson@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id uAM0fP4n043070; Tue, 22 Nov 2016 00:41:25 GMT (envelope-from rwatson@FreeBSD.org) Message-Id: <201611220041.uAM0fP4n043070@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rwatson set sender to rwatson@FreeBSD.org using -f From: Robert Watson Date: Tue, 22 Nov 2016 00:41:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r308947 - in head/sys: kern security/audit X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Nov 2016 00:41:26 -0000 Author: rwatson Date: Tue Nov 22 00:41:24 2016 New Revision: 308947 URL: https://svnweb.freebsd.org/changeset/base/308947 Log: Audit 'fd' and 'cmd' arguments to fcntl(2), and when generating BSM, always audit the file-descriptor number and vnode information for all fnctl(2) commands, not just locking-related ones. This was likely an oversight in the original adaptation of this code from XNU. MFC after: 3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/kern_descrip.c head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/kern_descrip.c ============================================================================== --- head/sys/kern/kern_descrip.c Tue Nov 22 00:27:19 2016 (r308946) +++ head/sys/kern/kern_descrip.c Tue Nov 22 00:41:24 2016 (r308947) @@ -495,6 +495,8 @@ kern_fcntl(struct thread *td, int fd, in p = td->td_proc; fdp = p->p_fd; + AUDIT_ARG_FD(cmd); + AUDIT_ARG_CMD(cmd); switch (cmd) { case F_DUPFD: tmp = arg; Modified: head/sys/security/audit/audit_bsm.c ============================================================================== --- head/sys/security/audit/audit_bsm.c Tue Nov 22 00:27:19 2016 (r308946) +++ head/sys/security/audit/audit_bsm.c Tue Nov 22 00:41:24 2016 (r308947) @@ -979,10 +979,7 @@ kaudit_to_bsm(struct kaudit_record *kar, au_fcntl_cmd_to_bsm(ar->ar_arg_cmd)); kau_write(rec, tok); } - if (ar->ar_arg_cmd == F_GETLK || ar->ar_arg_cmd == F_SETLK || - ar->ar_arg_cmd == F_SETLKW) { - FD_VNODE1_TOKENS; - } + FD_VNODE1_TOKENS; break; case AUE_FCHFLAGS: