diff options
| author | csjp <csjp@FreeBSD.org> | 2007-06-27 17:01:15 +0000 |
|---|---|---|
| committer | csjp <csjp@FreeBSD.org> | 2007-06-27 17:01:15 +0000 |
| commit | 94aa9c0f8b63e76f554e76d5ec581082203c4478 (patch) | |
| tree | ff21f1ad4087308d421c4f0f749dd35dbdc69f8f /sys/security/audit/audit_arg.c | |
| parent | b6308c8f7001f33f151abce3acba2f74d9a3614f (diff) | |
| download | FreeBSD-src-94aa9c0f8b63e76f554e76d5ec581082203c4478.zip FreeBSD-src-94aa9c0f8b63e76f554e76d5ec581082203c4478.tar.gz | |
- Add audit_arg_audinfo_addr() for auditing the arguments for setaudit_addr(2)
- In audit_bsm.c, make sure all the arguments: ARG_AUID, ARG_ASID, ARG_AMASK,
and ARG_TERMID{_ADDR} are valid before auditing their arguments. (This is done
for both setaudit and setaudit_addr.
- Audit the arguments passed to setaudit_addr(2)
- AF_INET6 does not equate to AU_IPv6. Change this in au_to_in_addr_ex() so the
audit token is created with the correct type. This fixes the processing of the
in_addr_ex token in users pace.
- Change the size of the token (as generated by the kernel) from 5*4 bytes to
4*4 bytes (the correct size of an ip6 address)
- Correct regression from ucred work which resulted in getaudit() not returning
E2BIG if the subject had an ip6 termid
- Correct slight regression in getaudit(2) which resulted in the size of a pointer
being passed instead of the size of the structure. (This resulted in invalid
auditinfo data being returned via getaudit(2))
Reviewed by: rwatson
Approved by: re@ (kensmith)
Obtained from: TrustedBSD Project
MFC after: 1 month
Diffstat (limited to 'sys/security/audit/audit_arg.c')
| -rw-r--r-- | sys/security/audit/audit_arg.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/sys/security/audit/audit_arg.c b/sys/security/audit/audit_arg.c index 6cf0d5c..678076d 100644 --- a/sys/security/audit/audit_arg.c +++ b/sys/security/audit/audit_arg.c @@ -467,6 +467,28 @@ audit_arg_auditinfo(struct auditinfo *au_info) } void +audit_arg_auditinfo_addr(struct auditinfo_addr *au_info) +{ + struct kaudit_record *ar; + + ar = currecord(); + if (ar == NULL) + return; + + ar->k_ar.ar_arg_auid = au_info->ai_auid; + ar->k_ar.ar_arg_asid = au_info->ai_asid; + ar->k_ar.ar_arg_amask.am_success = au_info->ai_mask.am_success; + ar->k_ar.ar_arg_amask.am_failure = au_info->ai_mask.am_failure; + ar->k_ar.ar_arg_termid_addr.at_type = au_info->ai_termid.at_type; + ar->k_ar.ar_arg_termid_addr.at_port = au_info->ai_termid.at_port; + ar->k_ar.ar_arg_termid_addr.at_addr[0] = au_info->ai_termid.at_addr[0]; + ar->k_ar.ar_arg_termid_addr.at_addr[1] = au_info->ai_termid.at_addr[1]; + ar->k_ar.ar_arg_termid_addr.at_addr[2] = au_info->ai_termid.at_addr[2]; + ar->k_ar.ar_arg_termid_addr.at_addr[3] = au_info->ai_termid.at_addr[3]; + ARG_SET_VALID(ar, ARG_AUID | ARG_ASID | ARG_AMASK | ARG_TERMID_ADDR); +} + +void audit_arg_text(char *text) { struct kaudit_record *ar; |
