diff options
author | wsalamon <wsalamon@FreeBSD.org> | 2006-07-06 19:33:38 +0000 |
---|---|---|
committer | wsalamon <wsalamon@FreeBSD.org> | 2006-07-06 19:33:38 +0000 |
commit | 3f67fc0a689b5565e39164dca8f10f2a585b89ea (patch) | |
tree | c74044ca45ca3cab0a79f0d343ad4a8b9fb64322 /sys/kern | |
parent | fba25d1a754804379178ae34fd57aad4a2a22cfe (diff) | |
download | FreeBSD-src-3f67fc0a689b5565e39164dca8f10f2a585b89ea.zip FreeBSD-src-3f67fc0a689b5565e39164dca8f10f2a585b89ea.tar.gz |
Audit the remaining parameters to the extattr system calls. Generate
the audit records for those calls.
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
Diffstat (limited to 'sys/kern')
-rw-r--r-- | sys/kern/vfs_extattr.c | 28 | ||||
-rw-r--r-- | sys/kern/vfs_syscalls.c | 28 |
2 files changed, 56 insertions, 0 deletions
diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c index 95552ef..4d6868c 100644 --- a/sys/kern/vfs_extattr.c +++ b/sys/kern/vfs_extattr.c @@ -4371,6 +4371,8 @@ extattrctl(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, fnvfslocked, error; + AUDIT_ARG(cmd, uap->cmd); + AUDIT_ARG(value, uap->attrnamespace); /* * uap->attrname is not always defined. We check again later when we * invoke the VFS call so as to pass in NULL there if needed. @@ -4381,6 +4383,7 @@ extattrctl(td, uap) if (error) return (error); } + AUDIT_ARG(text, attrname); vfslocked = fnvfslocked = 0; /* @@ -4509,9 +4512,12 @@ extattr_set_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4541,9 +4547,11 @@ extattr_set_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4576,9 +4584,11 @@ extattr_set_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4683,9 +4693,12 @@ extattr_get_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4715,9 +4728,11 @@ extattr_get_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4750,9 +4765,11 @@ extattr_get_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4827,9 +4844,12 @@ extattr_delete_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4856,9 +4876,11 @@ extattr_delete_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4887,9 +4909,11 @@ extattr_delete_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4985,6 +5009,8 @@ extattr_list_fd(td, uap) struct file *fp; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) return (error); @@ -5011,6 +5037,7 @@ extattr_list_file(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); @@ -5040,6 +5067,7 @@ extattr_list_link(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 95552ef..4d6868c 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -4371,6 +4371,8 @@ extattrctl(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, fnvfslocked, error; + AUDIT_ARG(cmd, uap->cmd); + AUDIT_ARG(value, uap->attrnamespace); /* * uap->attrname is not always defined. We check again later when we * invoke the VFS call so as to pass in NULL there if needed. @@ -4381,6 +4383,7 @@ extattrctl(td, uap) if (error) return (error); } + AUDIT_ARG(text, attrname); vfslocked = fnvfslocked = 0; /* @@ -4509,9 +4512,12 @@ extattr_set_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4541,9 +4547,11 @@ extattr_set_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4576,9 +4584,11 @@ extattr_set_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4683,9 +4693,12 @@ extattr_get_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4715,9 +4728,11 @@ extattr_get_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4750,9 +4765,11 @@ extattr_get_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4827,9 +4844,12 @@ extattr_delete_fd(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return (error); + AUDIT_ARG(text, attrname); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) @@ -4856,9 +4876,11 @@ extattr_delete_file(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4887,9 +4909,11 @@ extattr_delete_link(td, uap) char attrname[EXTATTR_MAXNAMELEN]; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL); if (error) return(error); + AUDIT_ARG(text, attrname); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); @@ -4985,6 +5009,8 @@ extattr_list_fd(td, uap) struct file *fp; int vfslocked, error; + AUDIT_ARG(fd, uap->fd); + AUDIT_ARG(value, uap->attrnamespace); error = getvnode(td->td_proc->p_fd, uap->fd, &fp); if (error) return (error); @@ -5011,6 +5037,7 @@ extattr_list_file(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); @@ -5040,6 +5067,7 @@ extattr_list_link(td, uap) struct nameidata nd; int vfslocked, error; + AUDIT_ARG(value, uap->attrnamespace); NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); |