Date: Mon, 25 Aug 2008 01:06:00 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 148312 for review Message-ID: <200808250106.m7P160v8002153@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=148312 Change 148312 by rwatson@rwatson_freebsd_capabilities on 2008/08/25 01:05:56 For AUE_FEXECVE, audit file descriptor and vnode information. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_exec.c#13 edit .. //depot/projects/trustedbsd/capabilities/src/sys/security/audit/audit_bsm.c#5 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_exec.c#13 (text+ko) ==== @@ -426,12 +426,14 @@ imgp->vp = binvp; } else { /* XXXRW: Possibly should just be CAP_FEXECVE? */ + AUDIT_ARG(fd, args->fd); error = fgetvp_read(td, args->fd, CAP_READ | CAP_FEXECVE, &binvp); if (error) goto exec_fail; vfslocked = VFS_LOCK_GIANT(binvp->v_mount); vn_lock(binvp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG(vnode, binvp, ARG_VNODE1); imgp->vp = binvp; } ==== //depot/projects/trustedbsd/capabilities/src/sys/security/audit/audit_bsm.c#5 (text) ==== @@ -763,6 +763,11 @@ break; case AUE_FEXECVE: + if (ARG_IS_VALID(kar, ARG_FD)) { + tok = au_to_arg32(1, "fd", ar->ar_arg_fd); + kau_write(rec, tok); + } + case AUE_EXECVE: if (ARG_IS_VALID(kar, ARG_ARGV)) { tok = au_to_exec_args(ar->ar_arg_argv,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808250106.m7P160v8002153>