diff options
author | csjp <csjp@FreeBSD.org> | 2013-01-17 21:02:53 +0000 |
---|---|---|
committer | csjp <csjp@FreeBSD.org> | 2013-01-17 21:02:53 +0000 |
commit | b7ec793bc800e8ebcc73c3f5371a4bf478262d8f (patch) | |
tree | 5c06259daa2f363763e9f4bdbfc79a9349fdf0e5 /sys/security/audit/audit.c | |
parent | 6fd273a1c075120d4b9d6069e73e110d3d4fc218 (diff) | |
download | FreeBSD-src-b7ec793bc800e8ebcc73c3f5371a4bf478262d8f.zip FreeBSD-src-b7ec793bc800e8ebcc73c3f5371a4bf478262d8f.tar.gz |
Implement the zonename token for jailed processes. If
a process has an auditid/preselection masks specified, and
is jailed, include the zonename (jailname) token as a
part of the audit record.
Reviewed by: pjd
MFC after: 2 weeks
Diffstat (limited to 'sys/security/audit/audit.c')
-rw-r--r-- | sys/security/audit/audit.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index 2063c9d..cb3406d 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$"); #include <sys/filedesc.h> #include <sys/fcntl.h> #include <sys/ipc.h> +#include <sys/jail.h> #include <sys/kernel.h> #include <sys/kthread.h> #include <sys/malloc.h> @@ -211,6 +212,7 @@ audit_record_ctor(void *mem, int size, void *arg, int flags) struct kaudit_record *ar; struct thread *td; struct ucred *cred; + struct prison *pr; KASSERT(sizeof(*ar) == size, ("audit_record_ctor: wrong size")); @@ -233,6 +235,17 @@ audit_record_ctor(void *mem, int size, void *arg, int flags) ar->k_ar.ar_subj_pid = td->td_proc->p_pid; ar->k_ar.ar_subj_amask = cred->cr_audit.ai_mask; ar->k_ar.ar_subj_term_addr = cred->cr_audit.ai_termid; + /* + * If this process is jailed, make sure we capture the name of the + * jail so we can use it to generate a zonename token when we covert + * this record to BSM. + */ + if (jailed(cred)) { + pr = cred->cr_prison; + (void) strlcpy(ar->k_ar.ar_jailname, pr->pr_name, + sizeof(ar->k_ar.ar_jailname)); + } else + ar->k_ar.ar_jailname[0] = '\0'; return (0); } |