From owner-svn-src-head@FreeBSD.ORG Wed Jul 1 16:56:56 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C99A81065670; Wed, 1 Jul 2009 16:56:56 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 9CF2E8FC0A; Wed, 1 Jul 2009 16:56:56 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n61GuuUm018459; Wed, 1 Jul 2009 16:56:56 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n61Guuii018456; Wed, 1 Jul 2009 16:56:56 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200907011656.n61Guuii018456@svn.freebsd.org> From: Robert Watson Date: Wed, 1 Jul 2009 16:56:56 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r195247 - in head/sys: kern security/audit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jul 2009 16:56:57 -0000 Author: rwatson Date: Wed Jul 1 16:56:56 2009 New Revision: 195247 URL: http://svn.freebsd.org/changeset/base/195247 Log: When auditing unmount(2), capture FSID arguments as regular text strings rather than as paths, which would lead to them being treated as relative pathnames and hence confusingly converted into absolute pathnames. Capture flags to unmount(2) via an argument token. Approved by: re (audit argument blanket) MFC after: 3 days Modified: head/sys/kern/vfs_mount.c head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/vfs_mount.c ============================================================================== --- head/sys/kern/vfs_mount.c Wed Jul 1 16:42:03 2009 (r195246) +++ head/sys/kern/vfs_mount.c Wed Jul 1 16:56:56 2009 (r195247) @@ -1113,6 +1113,7 @@ unmount(td, uap) char *pathbuf; int error, id0, id1; + AUDIT_ARG_VALUE(uap->flags); if (jailed(td->td_ucred) || usermount == 0) { error = priv_check(td, PRIV_VFS_UNMOUNT); if (error) @@ -1125,9 +1126,9 @@ unmount(td, uap) free(pathbuf, M_TEMP); return (error); } - AUDIT_ARG_UPATH(td, pathbuf, ARG_UPATH1); mtx_lock(&Giant); if (uap->flags & MNT_BYFSID) { + AUDIT_ARG_TEXT(pathbuf); /* Decode the filesystem ID. */ if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { mtx_unlock(&Giant); @@ -1143,6 +1144,7 @@ unmount(td, uap) } mtx_unlock(&mountlist_mtx); } else { + AUDIT_ARG_UPATH(td, pathbuf, ARG_UPATH1); mtx_lock(&mountlist_mtx); TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) { if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0) Modified: head/sys/security/audit/audit_bsm.c ============================================================================== --- head/sys/security/audit/audit_bsm.c Wed Jul 1 16:42:03 2009 (r195246) +++ head/sys/security/audit/audit_bsm.c Wed Jul 1 16:56:56 2009 (r195247) @@ -1070,7 +1070,15 @@ kaudit_to_bsm(struct kaudit_record *kar, break; case AUE_UMOUNT: + if (ARG_IS_VALID(kar, ARG_VALUE)) { + tok = au_to_arg32(1, "flags", ar->ar_arg_value); + kau_write(rec, tok); + } UPATH1_VNODE1_TOKENS; + if (ARG_IS_VALID(kar, ARG_TEXT)) { + tok = au_to_text(ar->ar_arg_text); + kau_write(rec, tok); + } break; case AUE_MSGCTL: