From owner-p4-projects@FreeBSD.ORG Wed May 3 16:03:15 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 1449D16A416; Wed, 3 May 2006 16:03:15 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C72CB16A40B for ; Wed, 3 May 2006 16:03:14 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E39B43D46 for ; Wed, 3 May 2006 16:03:09 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k43G39YI069549 for ; Wed, 3 May 2006 16:03:09 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k43G39ga069544 for perforce@freebsd.org; Wed, 3 May 2006 16:03:09 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Wed, 3 May 2006 16:03:09 GMT Message-Id: <200605031603.k43G39ga069544@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 96597 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 May 2006 16:03:15 -0000 http://perforce.freebsd.org/chv.cgi?CH=96597 Change 96597 by rwatson@rwatson_zoo on 2006/05/03 16:02:56 Comment on preselection at top. Add memory type for per-auid preselection structures. Assert mutex when checking for interest. Acquire mutex in external API for preselection. Comment on why we initialize preselection masks for pipes the way we do. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#17 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#17 (text+ko) ==== @@ -55,7 +55,8 @@ * Implementation of a clonable special device providing a live stream of BSM * audit data. This is a "tee" of the data going to the file. It provides * unreliable but timely access to audit events. Consumers of this interface - * should be very careful to avoid introducing event cycles. + * should be very careful to avoid introducing event cycles. Consumers may + * express interest via a set of preselection ioctls. */ /* @@ -64,6 +65,8 @@ static MALLOC_DEFINE(M_AUDIT_PIPE, "audit_pipe", "Audit pipes"); static MALLOC_DEFINE(M_AUDIT_PIPE_ENTRY, "audit_pipeent", "Audit pipe entries and buffers"); +static MALLOC_DEFINE(M_AUDIT_PIPE_PRESELECT, "audit_pipe_preselect", + "Audit pipe preselection structure"); /* * Audit pipe buffer parameters. @@ -205,6 +208,8 @@ { struct audit_pipe_preselect *app; + mtx_assert(&audit_pipe_mtx, MA_OWNED); + TAILQ_FOREACH(app, &ap->ap_preselect_list, app_list) { if (app->app_auid == auid) break; @@ -231,10 +236,14 @@ { struct audit_pipe *ap; + mtx_lock(&audit_pipe_mtx); TAILQ_FOREACH(ap, &audit_pipe_list, ap_list) { - if (audit_pipe_preselect_check(ap, auid, event, class, sorf)) + if (audit_pipe_preselect_check(ap, auid, event, class, sorf)) { + mtx_lock(&audit_pipe_mtx); return (1); + } } + mtx_unlock(&audit_pipe_mtx); return (0); } @@ -376,6 +385,16 @@ return (NULL); ap->ap_qlimit = AUDIT_PIPE_QLIMIT_DEFAULT; TAILQ_INIT(&ap->ap_queue); + + /* + * Initialize pre-selection state to match all events by default, and + * have no particular auid-specific entries. This allows praudit(1) + * to be run directly on an audit pipe without any configuration or + * special handling. However, it also requires that applications + * flush the pipe after specifying preselection prequirements so that + * they don't see events captured before they completed + * configuration. + */ bzero(&ap->ap_preselect_flags, sizeof(ap->ap_preselect_flags)); ap->ap_preselect_flags.am_success = 0xffffffff; ap->ap_preselect_flags.am_failure = 0xffffffff;