From owner-svn-src-head@FreeBSD.ORG  Wed Jul  1 19:55:11 2009
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C9EE6106564A;
	Wed,  1 Jul 2009 19:55:11 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id B7B008FC14;
	Wed,  1 Jul 2009 19:55:11 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n61JtBNV022307;
	Wed, 1 Jul 2009 19:55:11 GMT (envelope-from rwatson@svn.freebsd.org)
Received: (from rwatson@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id n61JtBah022305;
	Wed, 1 Jul 2009 19:55:11 GMT (envelope-from rwatson@svn.freebsd.org)
Message-Id: <200907011955.n61JtBah022305@svn.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Wed, 1 Jul 2009 19:55:11 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-head@freebsd.org
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r195255 - head/sys/kern
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2009 19:55:12 -0000

Author: rwatson
Date: Wed Jul  1 19:55:11 2009
New Revision: 195255
URL: http://svn.freebsd.org/changeset/base/195255

Log:
  Audit file descriptor numbers for various socket-related system calls.
  
  Approved by:	re (audit argument blanket)
  MFC after:	3 days

Modified:
  head/sys/kern/uipc_syscalls.c

Modified: head/sys/kern/uipc_syscalls.c
==============================================================================
--- head/sys/kern/uipc_syscalls.c	Wed Jul  1 19:55:07 2009	(r195254)
+++ head/sys/kern/uipc_syscalls.c	Wed Jul  1 19:55:11 2009	(r195255)
@@ -217,6 +217,7 @@ kern_bind(td, fd, sa)
 	struct file *fp;
 	int error;
 
+	AUDIT_ARG_FD(fd);
 	error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
 	if (error)
 		return (error);
@@ -247,6 +248,7 @@ listen(td, uap)
 	struct file *fp;
 	int error;
 
+	AUDIT_ARG_FD(uap->s);
 	error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL);
 	if (error == 0) {
 		so = fp->f_data;
@@ -340,6 +342,7 @@ kern_accept(struct thread *td, int s, st
 			return (EINVAL);
 	}
 
+	AUDIT_ARG_FD(s);
 	fdp = td->td_proc->p_fd;
 	error = getsock(fdp, s, &headfp, &fflag);
 	if (error)
@@ -530,6 +533,7 @@ kern_connect(td, fd, sa)
 	int error;
 	int interrupted = 0;
 
+	AUDIT_ARG_FD(fd);
 	error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
 	if (error)
 		return (error);
@@ -738,6 +742,7 @@ kern_sendit(td, s, mp, flags, control, s
 	struct uio *ktruio = NULL;
 #endif
 
+	AUDIT_ARG_FD(s);
 	error = getsock(td->td_proc->p_fd, s, &fp, NULL);
 	if (error)
 		return (error);
@@ -937,6 +942,7 @@ kern_recvit(td, s, mp, fromseg, controlp
 	if(controlp != NULL)
 		*controlp = 0;
 
+	AUDIT_ARG_FD(s);
 	error = getsock(td->td_proc->p_fd, s, &fp, NULL);
 	if (error)
 		return (error);
@@ -1252,6 +1258,7 @@ shutdown(td, uap)
 	struct file *fp;
 	int error;
 
+	AUDIT_ARG_FD(uap->s);
 	error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL);
 	if (error == 0) {
 		so = fp->f_data;
@@ -1314,6 +1321,7 @@ kern_setsockopt(td, s, level, name, val,
 		panic("kern_setsockopt called with bad valseg");
 	}
 
+	AUDIT_ARG_FD(s);
 	error = getsock(td->td_proc->p_fd, s, &fp, NULL);
 	if (error == 0) {
 		so = fp->f_data;
@@ -1394,6 +1402,7 @@ kern_getsockopt(td, s, level, name, val,
 		panic("kern_getsockopt called with bad valseg");
 	}
 
+	AUDIT_ARG_FD(s);
 	error = getsock(td->td_proc->p_fd, s, &fp, NULL);
 	if (error == 0) {
 		so = fp->f_data;
@@ -1457,6 +1466,7 @@ kern_getsockname(struct thread *td, int 
 	if (*alen < 0)
 		return (EINVAL);
 
+	AUDIT_ARG_FD(fd);
 	error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
 	if (error)
 		return (error);
@@ -1556,6 +1566,7 @@ kern_getpeername(struct thread *td, int 
 	if (*alen < 0)
 		return (EINVAL);
 
+	AUDIT_ARG_FD(fd);
 	error = getsock(td->td_proc->p_fd, fd, &fp, NULL);
 	if (error)
 		return (error);
@@ -1811,6 +1822,7 @@ kern_sendfile(struct thread *td, struct 
 	 * File offset must be positive.  If it goes beyond EOF
 	 * we send only the header/trailer and no payload data.
 	 */
+	AUDIT_ARG_FD(uap->fd);
 	if ((error = fgetvp_read(td, uap->fd, &vp)) != 0)
 		goto out;
 	vfslocked = VFS_LOCK_GIANT(vp->v_mount);
@@ -2285,6 +2297,7 @@ sctp_peeloff(td, uap)
 	u_int fflag;
 
 	fdp = td->td_proc->p_fd;
+	AUDIT_ARG_FD(uap->sd);
 	error = fgetsock(td, uap->sd, &head, &fflag);
 	if (error)
 		goto done2;
@@ -2392,6 +2405,7 @@ sctp_generic_sendmsg (td, uap)
 		}
 	}
 
+	AUDIT_ARG_FD(uap->sd);
 	error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL);
 	if (error)
 		goto sctp_bad;
@@ -2493,6 +2507,7 @@ sctp_generic_sendmsg_iov(td, uap)
 		}
 	}
 
+	AUDIT_ARG_FD(uap->sd);
 	error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL);
 	if (error)
 		goto sctp_bad1;
@@ -2591,6 +2606,8 @@ sctp_generic_recvmsg(td, uap)
 #ifdef KTRACE
 	struct uio *ktruio = NULL;
 #endif
+
+	AUDIT_ARG_FD(uap->sd);
 	error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL);
 	if (error) {
 		return (error);