Date: Wed, 3 May 2006 15:43:47 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 96595 for review Message-ID: <200605031543.k43FhlXH058526@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=96595 Change 96595 by rwatson@rwatson_zoo on 2006/05/03 15:43:11 Default pre-selection masks for pipes to be full tracking, so that praudit on /dev/auditpipe will "just work". Add a flush ioctl that applications can use to empty a pipe of records that may not interest them, but were queued before they set up preselection. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_ioctl.h#7 edit .. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#16 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_ioctl.h#7 (text+ko) ==== @@ -59,7 +59,8 @@ struct auditpipe_preselect) #define AUDITPIPE_SET_PRESELECT_AUID _IOW(AUDITPIPE_IOBASE, 11, \ struct auditpipe_preselect) -#define AUDITPIPE_FLUSH_PRESELECT_AUID _IO(AUDITPIPE_IOBASE, 11) +#define AUDITPIPE_FLUSH_PRESELECT_AUID _IO(AUDITPIPE_IOBASE, 12) +#define AUDITPIPE_FLUSH _IO(AUDITPIPE_IOBASE, 13) /* * Ioctls to retrieve audit pipe statistics. ==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#16 (text+ko) ==== @@ -377,7 +377,11 @@ ap->ap_qlimit = AUDIT_PIPE_QLIMIT_DEFAULT; TAILQ_INIT(&ap->ap_queue); bzero(&ap->ap_preselect_flags, sizeof(ap->ap_preselect_flags)); + ap->ap_preselect_flags.am_success = 0xffffffff; + ap->ap_preselect_flags.am_failure = 0xffffffff; bzero(&ap->ap_preselect_naflags, sizeof(ap->ap_preselect_naflags)); + ap->ap_preselect_naflags.am_success = 0xffffffff; + ap->ap_preselect_naflags.am_failure = 0xffffffff; TAILQ_INIT(&ap->ap_preselect_list); TAILQ_INSERT_HEAD(&audit_pipe_list, ap, ap_list); @@ -388,11 +392,10 @@ } /* - * Free an audit pipe. Assumes mutex is held, audit_pipe is still on the - * global list. Frees any audit pipe entries in the queue. + * Flush all records from an audit pipe; assume mutex is held. */ static void -audit_pipe_free(struct audit_pipe *ap) +audit_pipe_flush(struct audit_pipe *ap) { struct audit_pipe_entry *ape; @@ -405,6 +408,17 @@ ap->ap_qlen--; } KASSERT(ap->ap_qlen == 0, ("audit_pipe_free: ap_qlen")); +} + +/* + * Free an audit pipe. Assumes mutex is held, audit_pipe is still on the + * global list. Frees any audit pipe entries in the queue. + */ +static void +audit_pipe_free(struct audit_pipe *ap) +{ + + audit_pipe_flush(ap); free(ap, M_AUDIT_PIPE); audit_pipe_count--; } @@ -621,6 +635,11 @@ error = EOPNOTSUPP; break; + case AUDITPIPE_FLUSH: + audit_pipe_flush(ap); + error = 0; + break; + case AUDITPIPE_GET_INSERTS: *(u_int *)data = ap->ap_inserts; error = 0;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200605031543.k43FhlXH058526>