diff options
| author | wsalamon <wsalamon@FreeBSD.org> | 2006-07-06 19:33:38 +0000 |
|---|---|---|
| committer | wsalamon <wsalamon@FreeBSD.org> | 2006-07-06 19:33:38 +0000 |
| commit | 3f67fc0a689b5565e39164dca8f10f2a585b89ea (patch) | |
| tree | c74044ca45ca3cab0a79f0d343ad4a8b9fb64322 | |
| parent | fba25d1a754804379178ae34fd57aad4a2a22cfe (diff) | |
| download | FreeBSD-src-3f67fc0a689b5565e39164dca8f10f2a585b89ea.zip FreeBSD-src-3f67fc0a689b5565e39164dca8f10f2a585b89ea.tar.gz | |
Audit the remaining parameters to the extattr system calls. Generate
the audit records for those calls.
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
| -rw-r--r-- | sys/kern/vfs_extattr.c | 28 | ||||
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 28 | ||||
| -rw-r--r-- | sys/security/audit/audit_bsm.c | 59 |
3 files changed, 115 insertions, 0 deletions
diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c index 95552ef..4d6868c 100644 --- a/sys/kern/vfs_extattr.c +++ b/sys/kern/vfs_extattr.c @@ -4371,6 +4371,8 @@ extattrctl(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, fnvfslocked, error; + AUDIT_ARG(cmd, uap->cmd); + AUDIT_ARG(value, uap->attrnamespace); /* * uap->attrname is not always defined. We check again later when we * invoke the VFS call so as to pass in NULL there if needed. @@ -4381,6 +4383,7 @@ extattrctl(td, uap) if (error) return (error); } + AUDIT_ARG(text, attrname); vfslocked = fnvfslocked = 0; /* @@ -4509,9 +4512,12 @@ extattr_set_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4541,9 +4547,11 @@ extattr_set_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4576,9 +4584,11 @@ extattr_set_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4683,9 +4693,12 @@ extattr_get_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4715,9 +4728,11 @@ extattr_get_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4750,9 +4765,11 @@ extattr_get_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4827,9 +4844,12 @@ extattr_delete_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4856,9 +4876,11 @@ extattr_delete_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4887,9 +4909,11 @@ extattr_delete_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4985,6 +5009,8 @@ extattr_list_fd(td, uap) struct file *fp; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) return (error); @@ -5011,6 +5037,7 @@ extattr_list_file(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); @@ -5040,6 +5067,7 @@ extattr_list_link(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 95552ef..4d6868c 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -4371,6 +4371,8 @@ extattrctl(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, fnvfslocked, error; + AUDIT_ARG(cmd, uap->cmd); + AUDIT_ARG(value, uap->attrnamespace); /* * uap->attrname is not always defined. We check again later when we * invoke the VFS call so as to pass in NULL there if needed. @@ -4381,6 +4383,7 @@ extattrctl(td, uap) if (error) return (error); } + AUDIT_ARG(text, attrname); vfslocked = fnvfslocked = 0; /* @@ -4509,9 +4512,12 @@ extattr_set_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4541,9 +4547,11 @@ extattr_set_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4576,9 +4584,11 @@ extattr_set_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4683,9 +4693,12 @@ extattr_get_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4715,9 +4728,11 @@ extattr_get_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4750,9 +4765,11 @@ extattr_get_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4827,9 +4844,12 @@ extattr_delete_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4856,9 +4876,11 @@ extattr_delete_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4887,9 +4909,11 @@ extattr_delete_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4985,6 +5009,8 @@ extattr_list_fd(td, uap) struct file *fp; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) return (error); @@ -5011,6 +5037,7 @@ extattr_list_file(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); @@ -5040,6 +5067,7 @@ extattr_list_link(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c index de20c60..8252b93 100644 --- a/sys/security/audit/audit_bsm.c +++ b/sys/security/audit/audit_bsm.c @@ -36,6 +36,7 @@ #include <sys/malloc.h> #include <sys/mutex.h> #include <sys/socket.h> +#include <sys/extattr.h> #include <sys/fcntl.h> #include <sys/user.h> #include <sys/systm.h> @@ -237,6 +238,29 @@ kau_free(struct au_record *rec) } \ } while (0) \ +#define EXTATTR_TOKENS do { \ + if (ARG_IS_VALID(kar, ARG_VALUE)) { \ + switch (ar->ar_arg_value) { \ + case EXTATTR_NAMESPACE_USER: \ + tok = au_to_text(EXTATTR_NAMESPACE_USER_STRING);\ + break; \ + case EXTATTR_NAMESPACE_SYSTEM: \ + tok = au_to_text(EXTATTR_NAMESPACE_SYSTEM_STRING);\ + break; \ + default: \ + tok = au_to_arg32(3, "attrnamespace", \ + ar->ar_arg_value); \ + break; \ + } \ + kau_write(rec, tok); \ + } \ + /* attrname is in the text field */ \ + if (ARG_IS_VALID(kar, ARG_TEXT)) { \ + tok = au_to_text(ar->ar_arg_text); \ + kau_write(rec, tok); \ + } \ +} while (0) + /* * Implement auditing for the auditon() system call. The audit tokens that * are generated depend on the command that was sent into the auditon() @@ -612,6 +636,41 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau) UPATH1_VNODE1_TOKENS; break; + case AUE_EXTATTRCTL: + UPATH1_VNODE1_TOKENS; + if (ARG_IS_VALID(kar, ARG_CMD)) { + tok = au_to_arg32(2, "cmd", ar->ar_arg_cmd); + kau_write(rec, tok); + } + /* extattrctl(2) filename parameter is in upath2/vnode2 */ + UPATH2_TOKENS; + VNODE2_TOKENS; + EXTATTR_TOKENS; + break; + + case AUE_EXTATTR_GET_FILE: + case AUE_EXTATTR_SET_FILE: + case AUE_EXTATTR_LIST_FILE: + case AUE_EXTATTR_DELETE_FILE: + case AUE_EXTATTR_GET_LINK: + case AUE_EXTATTR_SET_LINK: + case AUE_EXTATTR_LIST_LINK: + case AUE_EXTATTR_DELETE_LINK: + UPATH1_VNODE1_TOKENS; + EXTATTR_TOKENS; + break; + + case AUE_EXTATTR_GET_FD: + case AUE_EXTATTR_SET_FD: + case AUE_EXTATTR_LIST_FD: + case AUE_EXTATTR_DELETE_FD: + if (ARG_IS_VALID(kar, ARG_FD)) { + tok = au_to_arg32(2, "fd", ar->ar_arg_fd); + kau_write(rec, tok); + } + EXTATTR_TOKENS; + break; + case AUE_FCHMOD: if (ARG_IS_VALID(kar, ARG_MODE)) { tok = au_to_arg32(2, "new file mode", |
