diff options
| author | rwatson <rwatson@FreeBSD.org> | 2009-07-28 21:39:58 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2009-07-28 21:39:58 +0000 |
| commit | 21e3bcee4378f043e902dc1bab9ac2915235f40a (patch) | |
| tree | 441a5395402f45cf8439af427c181e056625d4f4 /sys/kern/vfs_lookup.c | |
| parent | fa74d2c7e54f546f30ebc8df6467929fa74d72f6 (diff) | |
| download | FreeBSD-src-21e3bcee4378f043e902dc1bab9ac2915235f40a.zip FreeBSD-src-21e3bcee4378f043e902dc1bab9ac2915235f40a.tar.gz | |
Audit file descriptors passed to fooat(2) system calls, which are used
instead of the root/current working directory as the starting point for
lookups. Up to two such descriptors can be audited. Add audit record
BSM encoding for fooat(2).
Note: due to an error in the OpenBSM 1.1p1 configuration file, a
further change is required to that file in order to fix openat(2)
auditing.
Approved by: re (kib)
Reviewed by: rdivacky (fooat(2) portions)
Obtained from: TrustedBSD Project
MFC after: 1 month
Diffstat (limited to 'sys/kern/vfs_lookup.c')
| -rw-r--r-- | sys/kern/vfs_lookup.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index e154c56..2f3b54e 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -203,8 +203,13 @@ namei(struct nameidata *ndp) if (ndp->ni_startdir != NULL) { dp = ndp->ni_startdir; error = 0; - } else if (ndp->ni_dirfd != AT_FDCWD) + } else if (ndp->ni_dirfd != AT_FDCWD) { + if (cnp->cn_flags & AUDITVNODE1) + AUDIT_ARG_ATFD1(ndp->ni_dirfd); + if (cnp->cn_flags & AUDITVNODE2) + AUDIT_ARG_ATFD2(ndp->ni_dirfd); error = fgetvp(td, ndp->ni_dirfd, &dp); + } if (error != 0 || dp != NULL) { FILEDESC_SUNLOCK(fdp); if (error == 0 && dp->v_type != VDIR) { |
