Date: Tue, 27 Jul 2010 17:30:13 +0300 From: Efstratios Karatzas <gpf.kira@gmail.com> To: soc-status@freebsd.org, trustedbsd-audit@trustedbsd.org Subject: Audit Kernel Events, weekly report #8 Message-ID: <AANLkTin7u6TTuAVQSeFOA4PewWLgxxZA4010jZqHtuiT@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Last week I implemented a method for audit to keep multiple audit records through a tree like data structure kept with each thread. The code is in perforce and as far as I can tell, is working just fine. This should cover most cases, although we may have to supplement this with a method for each kernel module to keep/update its own audit record without messing with the thread's audit record (td_ar). The wiki page has been updated to reflect the remaining stuff in my todo list. I would really appreciate some feedback from any Audit dev. http://wiki.freebsd.org/SOC2010EfstratiosKaratzas Thank you -- Efstratios "GPF" Karatzas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTin7u6TTuAVQSeFOA4PewWLgxxZA4010jZqHtuiT>