Date: Sun, 30 May 2010 17:41:53 GMT From: Efstratios Karatzas <gpf@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 178979 for review Message-ID: <201005301741.o4UHfrQd085347@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@178979?ac=10 Change 178979 by gpf@gpf_desktop on 2010/05/30 17:41:08 - for the current nfs implementation: Keep track of the vap->va_mode attribute when a new file is created via VOP_create/mknod/symlink/mkdir Also, keep track of the flags for VOP_read/write - forgot to ad the new argument to the usage() function of praudit, done. Affected files ... .. //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/bin/praudit/praudit.c#4 edit .. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#13 edit .. //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#9 edit Differences ... ==== //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/bin/praudit/praudit.c#4 (text) ==== @@ -59,7 +59,7 @@ usage(void) { - fprintf(stderr, "usage: praudit [-lpx] [-r | -s] [-d del] " + fprintf(stderr, "usage: praudit [-lpxc] [-r | -s] [-d del] " "[file ...]\n"); exit(1); } ==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c#13 (text+ko) ==== @@ -1359,6 +1359,7 @@ uiop->uio_segflg = UIO_SYSSPACE; uiop->uio_td = NULL; uiop->uio_offset = off; + AUDIT_ARG_FFLAGS(ioflags); error = VOP_WRITE(vp, uiop, ioflags, cred); /* Unlocked write. */ nfsrvstats.srvvop_writes++; @@ -1554,6 +1555,7 @@ break; }; } + AUDIT_ARG_MODE(vap->va_mode); /* * Iff doesn't exist, create it @@ -1808,7 +1810,8 @@ minor = fxdr_unsigned(u_int32_t, *tl); vap->va_rdev = makedev(major, minor); } - + AUDIT_ARG_MODE(vap->va_mode); + /* * Iff doesn't exist, create it. */ @@ -1821,7 +1824,7 @@ vap->va_mode = 0; if (vtyp == VSOCK) { vrele(nd.ni_startdir); - nd.ni_startdir = NULL; + nd.ni_startdir = NULL; error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap); AUDIT_vp = nd.ni_vp; @@ -2563,7 +2566,7 @@ if (pathcp != NULL) AUDIT_ARG_UPATH2(curthread, pathcp); - + AUDIT_ARG_MODE(vap->va_mode); /* * issue symlink op. SAVESTART is set so the underlying path component * is only freed by the VOP if an error occurs. @@ -2757,6 +2760,7 @@ error = EEXIST; goto out; } + AUDIT_ARG_MODE(vap->va_mode); /* * Issue mkdir op. Since SAVESTART is not set, the pathname ==== //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c#9 (text) ==== @@ -1580,11 +1580,16 @@ tok = au_to_arg32(0, "prev mask", ar->ar_retval); kau_write(rec, tok); break; - + case AUE_NFS_CREATE: - case AUE_NFS_READ: - case AUE_NFS_WRITE: case AUE_NFS_MKDIR: + case AUE_NFS_MKNODE: + if (ARG_IS_VALID(kar, ARG_MODE)) { + tok = au_to_arg32(3, "mode", ar->ar_arg_mode); + kau_write(rec, tok); + } + /* FALLTHROUGH */ + case AUE_NFS_READDIR: case AUE_NFS_READDIR_PLUS: case AUE_NFS_READLINK: @@ -1594,22 +1599,30 @@ case AUE_NFS_SETATTR: case AUE_NFS_ACCESS: case AUE_NFS_LOOKUP: - case AUE_NFS_MKNODE: case AUE_NFS_COMMIT: case AUE_NFS_PATHCONF: case AUE_NFS_STATFS: case AUE_NFS_FSINFO: - if (ARG_IS_VALID(kar, ARG_MODE)) { - tok = au_to_arg32(3, "mode", ar->ar_arg_mode); + UPATH1_VNODE1_TOKENS; + if (ARG_IS_VALID(kar, ARG_TEXT)) { + tok = au_to_text(ar->ar_arg_text); + kau_write(rec, tok); + } + break; + + case AUE_NFS_READ: + case AUE_NFS_WRITE: + if (ARG_IS_VALID(kar, ARG_FFLAGS)) { + tok = au_to_arg32(2, "flags", ar->ar_arg_fflags); kau_write(rec, tok); - } + } UPATH1_VNODE1_TOKENS; if (ARG_IS_VALID(kar, ARG_TEXT)) { tok = au_to_text(ar->ar_arg_text); kau_write(rec, tok); } break; - + case AUE_NFS_NOOP: case AUE_NFS_NULL: if (ARG_IS_VALID(kar, ARG_TEXT)) { @@ -1618,14 +1631,16 @@ } break; - case AUE_NFS_SYMLINK: - case AUE_NFS_LINK: - case AUE_NFS_RENAME: - UPATH1_VNODE1_TOKENS; + case AUE_NFS_SYMLINK: if (ARG_IS_VALID(kar, ARG_MODE)) { tok = au_to_arg32(3, "mode", ar->ar_arg_mode); kau_write(rec, tok); } + /* FALLTHROUGH */ + + case AUE_NFS_LINK: + case AUE_NFS_RENAME: + UPATH1_VNODE1_TOKENS; UPATH2_TOKENS; if (ARG_IS_VALID(kar, ARG_TEXT)) { tok = au_to_text(ar->ar_arg_text);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201005301741.o4UHfrQd085347>