From owner-svn-src-head@FreeBSD.ORG Wed Jul 1 18:54:49 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AC63C106564A; Wed, 1 Jul 2009 18:54:49 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 997728FC18; Wed, 1 Jul 2009 18:54:49 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n61Isnnm021007; Wed, 1 Jul 2009 18:54:49 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n61IsnaF021004; Wed, 1 Jul 2009 18:54:49 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200907011854.n61IsnaF021004@svn.freebsd.org> From: Robert Watson Date: Wed, 1 Jul 2009 18:54:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r195252 - in head/sys: kern security/audit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jul 2009 18:54:51 -0000 Author: rwatson Date: Wed Jul 1 18:54:49 2009 New Revision: 195252 URL: http://svn.freebsd.org/changeset/base/195252 Log: Define missing audit argument macro AUDIT_ARG_SOCKET(), and capture the domain, type, and protocol arguments to socket(2) and socketpair(2). Approved by: re (audit argument blanket) MFC after: 3 days Modified: head/sys/kern/uipc_syscalls.c head/sys/security/audit/audit.h Modified: head/sys/kern/uipc_syscalls.c ============================================================================== --- head/sys/kern/uipc_syscalls.c Wed Jul 1 18:12:50 2009 (r195251) +++ head/sys/kern/uipc_syscalls.c Wed Jul 1 18:54:49 2009 (r195252) @@ -70,6 +70,7 @@ __FBSDID("$FreeBSD$"); #include #endif +#include #include #include @@ -161,6 +162,7 @@ socket(td, uap) struct file *fp; int fd, error; + AUDIT_ARG_SOCKET(uap->domain, uap->type, uap->protocol); #ifdef MAC error = mac_socket_check_create(td->td_ucred, uap->domain, uap->type, uap->protocol); @@ -586,6 +588,7 @@ kern_socketpair(struct thread *td, int d struct socket *so1, *so2; int fd, error; + AUDIT_ARG_SOCKET(domain, type, protocol); #ifdef MAC /* We might want to have a separate check for socket pairs. */ error = mac_socket_check_create(td->td_ucred, domain, type, Modified: head/sys/security/audit/audit.h ============================================================================== --- head/sys/security/audit/audit.h Wed Jul 1 18:12:50 2009 (r195251) +++ head/sys/security/audit/audit.h Wed Jul 1 18:54:49 2009 (r195252) @@ -297,6 +297,11 @@ void audit_thread_free(struct thread *t audit_arg_sgid((sgid)); \ } while (0) +#define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_socket((sodomain), (sotype), (soprotocol)); \ +} while (0) + #define AUDIT_ARG_SUID(suid) do { \ if (AUDITING_TD(curthread)) \ audit_arg_suid((suid)); \ @@ -375,6 +380,7 @@ void audit_thread_free(struct thread *t #define AUDIT_ARG_RUID(ruid) #define AUDIT_ARG_SIGNUM(signum) #define AUDIT_ARG_SGID(sgid) +#define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol) #define AUDIT_ARG_SUID(suid) #define AUDIT_ARG_TEXT(text) #define AUDIT_ARG_UID(uid)