Date: Wed, 21 Sep 2005 10:59:09 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 84045 for review Message-ID: <200509211059.j8LAx9JB040777@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=84045 Change 84045 by rwatson@rwatson_zoo on 2005/09/21 10:58:23 Switch to switch() in audit_arg_file(). Use f_vnode pointer instead of f_data, which lets us audit paths for fifos. wsalamon suggests in the future we might actually want to audit f_vnode unconditionally, if non-NULL, regardless of f_type. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#32 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#32 (text+ko) ==== @@ -2159,17 +2159,18 @@ /* * XXXAUDIT: Why is the (ar == NULL) test only in the socket case? */ - if (fp->f_type == DTYPE_VNODE) { - vp = fp->f_data; + switch (fp->f_type) { + case DTYPE_VNODE: + case DTYPE_FIFO: + vp = fp->f_vnode; vfslocked = VFS_LOCK_GIANT(vp->v_mount); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); audit_arg_vnpath(vp, ARG_VNODE1); VOP_UNLOCK(vp, 0, curthread); VFS_UNLOCK_GIANT(vfslocked); - return; - } + break; - if (fp->f_type == DTYPE_SOCKET) { + case DTYPE_SOCKET: ar = currecord(); if (ar == NULL) return; @@ -2198,7 +2199,11 @@ pcb->inp_lport; ar->k_ar.ar_valid_arg |= ARG_SOCKINFO; } + break; + + default: /* XXXAUDIT: else? */ + break; } }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509211059.j8LAx9JB040777>