Date: Mon, 28 Jun 2004 23:22:34 GMT From: Wayne Salamon <wsalamon@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 56034 for review Message-ID: <200406282322.i5SNMYsR067955@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=56034 Change 56034 by wsalamon@wsalamon_epi on 2004/06/28 23:21:44 Hook the audit files into the build system. Modify proc.h to add the audit record to the thread and proc struct. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/conf/NOTES#2 edit .. //depot/projects/trustedbsd/audit3/sys/conf/files#2 edit .. //depot/projects/trustedbsd/audit3/sys/conf/options#2 edit .. //depot/projects/trustedbsd/audit3/sys/i386/conf/AUDIT#1 add .. //depot/projects/trustedbsd/audit3/sys/sys/proc.h#2 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/conf/NOTES#2 (text+ko) ==== @@ -828,6 +828,9 @@ ##################################################################### # SECURITY POLICY PARAMETERS +# Support for BSM audit +options AUDIT + # Support for Mandatory Access Control (MAC): options MAC options MAC_BIBA ==== //depot/projects/trustedbsd/audit3/sys/conf/files#2 (text+ko) ==== @@ -1613,6 +1613,10 @@ posix4/p1003_1b.c standard posix4/posix4_mib.c standard kern/uipc_sem.c optional p1003_1b_semaphores +security/audit/kern_audit.c standard +security/audit/kern_bsm_audit.c optional audit +security/audit/kern_bsm_klib.c optional audit +security/audit/kern_bsm_token.c optional audit security/mac/mac_inet.c optional mac inet security/mac/mac_label.c optional mac security/mac/mac_net.c optional mac ==== //depot/projects/trustedbsd/audit3/sys/conf/options#2 (text+ko) ==== @@ -49,6 +49,7 @@ # Miscellaneous options. ADAPTIVE_MUTEXES ALQ +AUDIT opt_global.h CODA_COMPAT_5 opt_coda.h COMPAT_43 opt_compat.h COMPAT_FREEBSD4 opt_compat.h ==== //depot/projects/trustedbsd/audit3/sys/sys/proc.h#2 (text+ko) ==== @@ -148,8 +148,10 @@ * either lock is sufficient for read access, but both locks must be held * for write access. */ +struct auditinfo; struct ithd; struct ke_sched; +struct kaudit_record; struct kg_sched; struct nlminfo; struct p_sched; @@ -303,6 +305,7 @@ volatile u_int td_generation; /* (k) Enable detection of preemption */ stack_t td_sigstk; /* (k) Stack ptr and on-stack flag. */ int td_kflags; /* (c) Flags for KSE threading. */ + struct kaudit_record *td_ar; /* (k) Active audit record, if any. */ #define td_endzero td_base_pri @@ -613,6 +616,7 @@ void *p_emuldata; /* (c) Emulator state data. */ struct label *p_label; /* (*) Proc (not subject) MAC label. */ struct p_sched *p_sched; /* (*) Scheduler-specific data. */ + struct auditinfo *p_au; /* (c) Process audit properties. */ }; #define p_session p_pgrp->pg_session
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200406282322.i5SNMYsR067955>