summaryrefslogtreecommitdiffstats
path: root/sys/kern
diff options
context:
space:
mode:
authorwsalamon <wsalamon@FreeBSD.org>2006-07-06 19:33:38 +0000
committerwsalamon <wsalamon@FreeBSD.org>2006-07-06 19:33:38 +0000
commit3f67fc0a689b5565e39164dca8f10f2a585b89ea (patch)
treec74044ca45ca3cab0a79f0d343ad4a8b9fb64322 /sys/kern
parentfba25d1a754804379178ae34fd57aad4a2a22cfe (diff)
downloadFreeBSD-src-3f67fc0a689b5565e39164dca8f10f2a585b89ea.zip
FreeBSD-src-3f67fc0a689b5565e39164dca8f10f2a585b89ea.tar.gz
Audit the remaining parameters to the extattr system calls. Generate
the audit records for those calls. Obtained from: TrustedBSD Project Approved by: rwatson (mentor)
Diffstat (limited to 'sys/kern')
-rw-r--r--sys/kern/vfs_extattr.c28
-rw-r--r--sys/kern/vfs_syscalls.c28
2 files changed, 56 insertions, 0 deletions
diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c
index 95552ef..4d6868c 100644
--- a/sys/kern/vfs_extattr.c
+++ b/sys/kern/vfs_extattr.c
@@ -4371,6 +4371,8 @@ extattrctl(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, fnvfslocked, error;
+ AUDIT_ARG(cmd, uap->cmd);
+ AUDIT_ARG(value, uap->attrnamespace);
/*
* uap->attrname is not always defined. We check again later when we
* invoke the VFS call so as to pass in NULL there if needed.
@@ -4381,6 +4383,7 @@ extattrctl(td, uap)
if (error)
return (error);
}
+ AUDIT_ARG(text, attrname);
vfslocked = fnvfslocked = 0;
/*
@@ -4509,9 +4512,12 @@ extattr_set_fd(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
@@ -4541,9 +4547,11 @@ extattr_set_file(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4576,9 +4584,11 @@ extattr_set_link(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4683,9 +4693,12 @@ extattr_get_fd(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
@@ -4715,9 +4728,11 @@ extattr_get_file(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4750,9 +4765,11 @@ extattr_get_link(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4827,9 +4844,12 @@ extattr_delete_fd(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
@@ -4856,9 +4876,11 @@ extattr_delete_file(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return(error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4887,9 +4909,11 @@ extattr_delete_link(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return(error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4985,6 +5009,8 @@ extattr_list_fd(td, uap)
struct file *fp;
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
return (error);
@@ -5011,6 +5037,7 @@ extattr_list_file(td, uap)
struct nameidata nd;
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
error = namei(&nd);
@@ -5040,6 +5067,7 @@ extattr_list_link(td, uap)
struct nameidata nd;
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
error = namei(&nd);
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index 95552ef..4d6868c 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -4371,6 +4371,8 @@ extattrctl(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, fnvfslocked, error;
+ AUDIT_ARG(cmd, uap->cmd);
+ AUDIT_ARG(value, uap->attrnamespace);
/*
* uap->attrname is not always defined. We check again later when we
* invoke the VFS call so as to pass in NULL there if needed.
@@ -4381,6 +4383,7 @@ extattrctl(td, uap)
if (error)
return (error);
}
+ AUDIT_ARG(text, attrname);
vfslocked = fnvfslocked = 0;
/*
@@ -4509,9 +4512,12 @@ extattr_set_fd(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
@@ -4541,9 +4547,11 @@ extattr_set_file(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4576,9 +4584,11 @@ extattr_set_link(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4683,9 +4693,12 @@ extattr_get_fd(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
@@ -4715,9 +4728,11 @@ extattr_get_file(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4750,9 +4765,11 @@ extattr_get_link(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4827,9 +4844,12 @@ extattr_delete_fd(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return (error);
+ AUDIT_ARG(text, attrname);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
@@ -4856,9 +4876,11 @@ extattr_delete_file(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return(error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4887,9 +4909,11 @@ extattr_delete_link(td, uap)
char attrname[EXTATTR_MAXNAMELEN];
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
error = copyinstr(uap->attrname, attrname, EXTATTR_MAXNAMELEN, NULL);
if (error)
return(error);
+ AUDIT_ARG(text, attrname);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
@@ -4985,6 +5009,8 @@ extattr_list_fd(td, uap)
struct file *fp;
int vfslocked, error;
+ AUDIT_ARG(fd, uap->fd);
+ AUDIT_ARG(value, uap->attrnamespace);
error = getvnode(td->td_proc->p_fd, uap->fd, &fp);
if (error)
return (error);
@@ -5011,6 +5037,7 @@ extattr_list_file(td, uap)
struct nameidata nd;
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
NDINIT(&nd, LOOKUP, MPSAFE | FOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
error = namei(&nd);
@@ -5040,6 +5067,7 @@ extattr_list_link(td, uap)
struct nameidata nd;
int vfslocked, error;
+ AUDIT_ARG(value, uap->attrnamespace);
NDINIT(&nd, LOOKUP, MPSAFE | NOFOLLOW | AUDITVNODE1, UIO_USERSPACE,
uap->path, td);
error = namei(&nd);
OpenPOWER on IntegriCloud