From owner-cvs-src-old@FreeBSD.ORG  Fri Oct 31 14:40:33 2008
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7333E1065707
	for <cvs-src-old@freebsd.org>; Fri, 31 Oct 2008 14:40:33 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 5EAC18FC25
	for <cvs-src-old@freebsd.org>; Fri, 31 Oct 2008 14:40:33 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id m9VEeX0e056592
	for <cvs-src-old@freebsd.org>; Fri, 31 Oct 2008 14:40:33 GMT
	(envelope-from rwatson@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id m9VEeXwY056591
	for cvs-src-old@freebsd.org; Fri, 31 Oct 2008 14:40:33 GMT
	(envelope-from rwatson@repoman.freebsd.org)
Message-Id: <200810311440.m9VEeXwY056591@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	rwatson@repoman.freebsd.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Date: Fri, 31 Oct 2008 14:40:21 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/security/audit audit_pipe.c
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Oct 2008 14:40:33 -0000

rwatson     2008-10-31 14:40:21 UTC

  FreeBSD src repository

  Modified files:
    sys/security/audit   audit_pipe.c 
  Log:
  SVN rev 184508 on 2008-10-31 14:40:21Z by rwatson
  
  Historically, /dev/auditpipe has allows only whole records to be read via
  read(2), which meant that records longer than the buffer passed to read(2)
  were dropped.  Instead take the approach of allowing partial reads to be
  continued across multiple system calls more in the style of streaming
  character device.
  
  This means retaining a record on the per-pipe queue in a partially read
  state, so maintain a current offset into the record.  Keep the record on
  the queue during a read, so add a new lock, ap_sx, to serialize removal
  of records from the queue by either read(2) or ioctl(2) requesting a pipe
  flush.  Modify the kqueue handler to return bytes left in the current
  record rather than simply the size of the current record.
  
  It is now possible to use praudit, which used the standard FILE * buffer
  sizes, to track much larger record sizes from /dev/auditpipe, such as
  very long command lines to execve(2).
  
  MFC after:      2 months
  Sponsored by:   Apple, Inc.
  
  Revision  Changes    Path
  1.21      +86 -58    src/sys/security/audit/audit_pipe.c