diff options
author | rwatson <rwatson@FreeBSD.org> | 2009-07-28 21:39:58 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2009-07-28 21:39:58 +0000 |
commit | 21e3bcee4378f043e902dc1bab9ac2915235f40a (patch) | |
tree | 441a5395402f45cf8439af427c181e056625d4f4 /sys/security/audit/audit_private.h | |
parent | fa74d2c7e54f546f30ebc8df6467929fa74d72f6 (diff) | |
download | FreeBSD-src-21e3bcee4378f043e902dc1bab9ac2915235f40a.zip FreeBSD-src-21e3bcee4378f043e902dc1bab9ac2915235f40a.tar.gz |
Audit file descriptors passed to fooat(2) system calls, which are used
instead of the root/current working directory as the starting point for
lookups. Up to two such descriptors can be audited. Add audit record
BSM encoding for fooat(2).
Note: due to an error in the OpenBSM 1.1p1 configuration file, a
further change is required to that file in order to fix openat(2)
auditing.
Approved by: re (kib)
Reviewed by: rdivacky (fooat(2) portions)
Obtained from: TrustedBSD Project
MFC after: 1 month
Diffstat (limited to 'sys/security/audit/audit_private.h')
-rw-r--r-- | sys/security/audit/audit_private.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/security/audit/audit_private.h b/sys/security/audit/audit_private.h index 0da2f2d..97433df 100644 --- a/sys/security/audit/audit_private.h +++ b/sys/security/audit/audit_private.h @@ -196,6 +196,8 @@ struct audit_record { gid_t ar_arg_gid; struct groupset ar_arg_groups; int ar_arg_fd; + int ar_arg_atfd1; + int ar_arg_atfd2; int ar_arg_fflags; mode_t ar_arg_mode; int ar_arg_dev; @@ -323,6 +325,7 @@ void au_evclassmap_insert(au_event_t event, au_class_t class); au_class_t au_event_class(au_event_t event); au_event_t audit_ctlname_to_sysctlevent(int name[], uint64_t valid_arg); au_event_t audit_flags_and_error_to_openevent(int oflags, int error); +au_event_t audit_flags_and_error_to_openatevent(int oflags, int error); au_event_t audit_msgctl_to_event(int cmd); au_event_t audit_semctl_to_event(int cmr); void audit_canon_path(struct thread *td, char *path, char *cpath); |