summaryrefslogtreecommitdiffstats
path: root/sys/kern/kern_fork.c
diff options
context:
space:
mode:
authorrwatson <rwatson@FreeBSD.org>2006-02-02 01:32:58 +0000
committerrwatson <rwatson@FreeBSD.org>2006-02-02 01:32:58 +0000
commit53a606d94a7da0968ad20b2ee1517097923d514f (patch)
tree1354f44ce3f9ef606f42213772e3546b28a2cd73 /sys/kern/kern_fork.c
parent7a4b60ef35b8c1a8db22204fdc55f2c477cb9f1f (diff)
downloadFreeBSD-src-53a606d94a7da0968ad20b2ee1517097923d514f.zip
FreeBSD-src-53a606d94a7da0968ad20b2ee1517097923d514f.tar.gz
Hook up audit to fork() and exit() events. These changes manage the
audit state on processes, not auditing of these events. Much work by: wsalamon Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/kern/kern_fork.c')
-rw-r--r--sys/kern/kern_fork.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index 5d300c9..5a2c042 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -66,6 +66,8 @@ __FBSDID("$FreeBSD$");
#include <sys/sx.h>
#include <sys/signalvar.h>
+#include <security/audit/audit.h>
+
#include <vm/vm.h>
#include <vm/pmap.h>
#include <vm/vm_map.h>
@@ -271,6 +273,9 @@ fork1(td, flags, pages, procp)
#ifdef MAC
mac_init_proc(newproc);
#endif
+#ifdef AUDIT
+ audit_proc_alloc(newproc);
+#endif
knlist_init(&newproc->p_klist, &newproc->p_mtx, NULL, NULL, NULL);
STAILQ_INIT(&newproc->p_ktr);
@@ -492,7 +497,9 @@ again:
mtx_unlock_spin(&sched_lock);
p2->p_ucred = crhold(td->td_ucred);
td2->td_ucred = crhold(p2->p_ucred); /* XXXKSE */
-
+#ifdef AUDIT
+ audit_proc_fork(p1, p2);
+#endif
pargs_hold(p2->p_args);
if (flags & RFSIGSHARE) {
@@ -731,6 +738,9 @@ fail:
#ifdef MAC
mac_destroy_proc(newproc);
#endif
+#ifdef AUDIT
+ audit_proc_free(newproc);
+#endif
uma_zfree(proc_zone, newproc);
if (p1->p_flag & P_HADTHREADS) {
PROC_LOCK(p1);
OpenPOWER on IntegriCloud