From owner-svn-src-all@FreeBSD.ORG Wed Jul 1 22:47:46 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50824106566C; Wed, 1 Jul 2009 22:47:46 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 1C4538FC21; Wed, 1 Jul 2009 22:47:46 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n61Mljlb026222; Wed, 1 Jul 2009 22:47:45 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n61Mljwl026219; Wed, 1 Jul 2009 22:47:45 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200907012247.n61Mljwl026219@svn.freebsd.org> From: Robert Watson Date: Wed, 1 Jul 2009 22:47:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r195267 - in head/sys: kern security/audit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jul 2009 22:47:47 -0000 Author: rwatson Date: Wed Jul 1 22:47:45 2009 New Revision: 195267 URL: http://svn.freebsd.org/changeset/base/195267 Log: For access(2) and eaccess(2), audit the requested access mode. Approved by: re (audit argument blanket) MFC after: 3 days Modified: head/sys/kern/vfs_syscalls.c head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Wed Jul 1 22:45:19 2009 (r195266) +++ head/sys/kern/vfs_syscalls.c Wed Jul 1 22:47:45 2009 (r195267) @@ -2133,6 +2133,7 @@ kern_accessat(struct thread *td, int fd, td->td_ucred = tmpcred; } else cred = tmpcred = td->td_ucred; + AUDIT_ARG_VALUE(mode); NDINIT_AT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | AUDITVNODE1, pathseg, path, fd, td); if ((error = namei(&nd)) != 0) Modified: head/sys/security/audit/audit_bsm.c ============================================================================== --- head/sys/security/audit/audit_bsm.c Wed Jul 1 22:45:19 2009 (r195266) +++ head/sys/security/audit/audit_bsm.c Wed Jul 1 22:47:45 2009 (r195267) @@ -706,10 +706,8 @@ kaudit_to_bsm(struct kaudit_record *kar, } /* FALLTHROUGH */ - case AUE_ACCESS: case AUE_CHDIR: case AUE_CHROOT: - case AUE_EACCESS: case AUE_GETATTRLIST: case AUE_JAIL: case AUE_LUTIMES: @@ -732,6 +730,15 @@ kaudit_to_bsm(struct kaudit_record *kar, UPATH1_VNODE1_TOKENS; break; + case AUE_ACCESS: + case AUE_EACCESS: + UPATH1_VNODE1_TOKENS; + if (ARG_IS_VALID(kar, ARG_VALUE)) { + tok = au_to_arg32(1, "mode", ar->ar_arg_value); + kau_write(rec, tok); + } + break; + case AUE_FHSTATFS: case AUE_FHOPEN: case AUE_FHSTAT: