Date: Fri, 30 Sep 2005 18:32:41 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 84576 for review Message-ID: <200509301832.j8UIWfaF074777@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=84576 Change 84576 by rwatson@rwatson_peppercorn on 2005/09/30 18:32:16 Audit additional path data in name lookups associated with VFS system calls. In almost all cases, audit arguments as the first path in the record. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/kern/vfs_syscalls.c#16 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/kern/vfs_syscalls.c#16 (text+ko) ==== @@ -195,7 +195,8 @@ if (jailed(td->td_ucred) && !prison_quotas) return (EPERM); mtx_lock(&Giant); - NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, FOLLOW | AUDITVNPATH1, UIO_USERSPACE, uap->path, + td); if ((error = namei(&nd)) != 0) { mtx_unlock(&Giant); return (error); @@ -847,7 +848,7 @@ error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL); if (error) return (error); - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, UIO_USERSPACE, uap->path, td); error = namei(&nd); if (error) @@ -1197,7 +1198,8 @@ return (error); restart: bwillwrite(); - NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE, pathseg, path, td); + NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -1301,7 +1303,8 @@ restart: bwillwrite(); - NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE, pathseg, path, td); + NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -1424,7 +1427,7 @@ int error; bwillwrite(); - NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE, segflg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNPATH1, segflg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -1440,7 +1443,8 @@ VFS_UNLOCK_GIANT(vfslocked); return (error); } - NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE, segflg, link, td); + NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNPATH2, + segflg, link, td); if ((error = namei(&nd)) == 0) { lvfslocked = NDHASGIANT(&nd); if (nd.ni_vp != NULL) { @@ -1514,7 +1518,7 @@ } restart: bwillwrite(); - NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE, + NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNPATH1, segflg, link, td); if ((error = namei(&nd)) != 0) goto out; @@ -1583,8 +1587,8 @@ restart: bwillwrite(); - NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | MPSAFE, UIO_USERSPACE, - uap->path, td); + NDINIT(&nd, DELETE, LOCKPARENT | DOWHITEOUT | MPSAFE | AUDITVNPATH1, + UIO_USERSPACE, uap->path, td); error = namei(&nd); if (error) return (error); @@ -1650,7 +1654,8 @@ restart: bwillwrite(); - NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE, pathseg, path, td); + NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -1892,7 +1897,8 @@ tmpcred->cr_uid = cred->cr_ruid; tmpcred->cr_groups[0] = cred->cr_rgid; td->td_ucred = tmpcred; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) goto out1; vfslocked = NDHASGIANT(&nd); @@ -1930,8 +1936,8 @@ int vfslocked; int error; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, UIO_USERSPACE, - uap->path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, + UIO_USERSPACE, uap->path, td); if ((error = namei(&nd)) != 0) return (error); vp = nd.ni_vp; @@ -2241,7 +2247,8 @@ struct nameidata nd; int error, vfslocked; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -2292,7 +2299,8 @@ struct nameidata nd; int vfslocked; - NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE, pathseg, path, td); + NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); NDFREE(&nd, NDF_ONLY_PNBUF); @@ -2866,7 +2874,8 @@ if ((error = getutimes(tptr, tptrseg, ts)) != 0) return (error); - NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE, pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNPATH1, pathseg, path, + td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -2910,7 +2919,8 @@ if ((error = getutimes(tptr, tptrseg, ts)) != 0) return (error); - NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE, pathseg, path, td); + NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNPATH1, pathseg, path, + td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -2999,7 +3009,8 @@ if (length < 0) return(EINVAL); - NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE, pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNPATH1, pathseg, path, + td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -3228,11 +3239,11 @@ bwillwrite(); #ifdef MAC - NDINIT(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE, - pathseg, from, td); + NDINIT(&fromnd, DELETE, LOCKPARENT | LOCKLEAF | SAVESTART | MPSAFE | + AUDITVNPATH1, pathseg, from, td); #else - NDINIT(&fromnd, DELETE, WANTPARENT | SAVESTART | MPSAFE, - pathseg, from, td); + NDINIT(&fromnd, DELETE, WANTPARENT | SAVESTART | MPSAFE | + AUDITVNPATH1, pathseg, from, td); #endif if ((error = namei(&fromnd)) != 0) return (error); @@ -3254,7 +3265,7 @@ goto out1; } NDINIT(&tond, RENAME, LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART | - MPSAFE, pathseg, to, td); + MPSAFE | AUDITVNPATH2, pathseg, to, td); if (fromnd.ni_vp->v_type == VDIR) tond.ni_cnd.cn_flags |= WILLBEDIR; if ((error = namei(&tond)) != 0) { @@ -3362,7 +3373,8 @@ restart: bwillwrite(); - NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE, segflg, path, td); + NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNPATH1, + segflg, path, td); nd.ni_cnd.cn_flags |= WILLBEDIR; if ((error = namei(&nd)) != 0) return (error); @@ -3446,7 +3458,8 @@ restart: bwillwrite(); - NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE, pathseg, path, td); + NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF | MPSAFE | AUDITVNPATH1, + pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -3835,8 +3848,8 @@ struct nameidata nd; int vfslocked; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, UIO_USERSPACE, - uap->path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, + UIO_USERSPACE, uap->path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -3924,7 +3937,7 @@ error = suser(td); if (error) return (error); - NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE, + NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, UIO_USERSPACE, uap->fname, td); error = namei(&nd); if (error) @@ -3963,7 +3976,7 @@ error = suser(td); if (error) return (error); - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNPATH1, UIO_USERSPACE, uap->fname, td); error = namei(&nd); if (error) @@ -4351,8 +4364,8 @@ */ filename_vp = NULL; if (uap->filename != NULL) { - NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | LOCKLEAF, - UIO_USERSPACE, uap->filename, td); + NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | LOCKLEAF | + AUDITVNPATH2, UIO_USERSPACE, uap->filename, td); error = namei(&nd); if (error) return (error); @@ -4362,7 +4375,8 @@ } /* uap->path is always defined. */ - NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) { if (filename_vp != NULL) @@ -4506,7 +4520,8 @@ if (error) return (error); - NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return (error); @@ -4540,7 +4555,8 @@ if (error) return (error); - NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return (error); @@ -4678,7 +4694,8 @@ if (error) return (error); - NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return (error); @@ -4712,7 +4729,8 @@ if (error) return (error); - NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return (error); @@ -4817,7 +4835,8 @@ if (error) return(error); - NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return(error); @@ -4847,7 +4866,8 @@ if (error) return(error); - NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return(error); @@ -4966,7 +4986,8 @@ struct nameidata nd; int vfslocked, error; - NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return (error); @@ -4994,7 +5015,8 @@ struct nameidata nd; int vfslocked, error; - NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNPATH1, UIO_USERSPACE, + uap->path, td); error = namei(&nd); if (error) return (error);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509301832.j8UIWfaF074777>