diff options
| author | csjp <csjp@FreeBSD.org> | 2007-06-27 17:01:15 +0000 |
|---|---|---|
| committer | csjp <csjp@FreeBSD.org> | 2007-06-27 17:01:15 +0000 |
| commit | 94aa9c0f8b63e76f554e76d5ec581082203c4478 (patch) | |
| tree | ff21f1ad4087308d421c4f0f749dd35dbdc69f8f /sys/security/audit/audit_syscalls.c | |
| parent | b6308c8f7001f33f151abce3acba2f74d9a3614f (diff) | |
| download | FreeBSD-src-94aa9c0f8b63e76f554e76d5ec581082203c4478.zip FreeBSD-src-94aa9c0f8b63e76f554e76d5ec581082203c4478.tar.gz | |
- Add audit_arg_audinfo_addr() for auditing the arguments for setaudit_addr(2)
- In audit_bsm.c, make sure all the arguments: ARG_AUID, ARG_ASID, ARG_AMASK,
and ARG_TERMID{_ADDR} are valid before auditing their arguments. (This is done
for both setaudit and setaudit_addr.
- Audit the arguments passed to setaudit_addr(2)
- AF_INET6 does not equate to AU_IPv6. Change this in au_to_in_addr_ex() so the
audit token is created with the correct type. This fixes the processing of the
in_addr_ex token in users pace.
- Change the size of the token (as generated by the kernel) from 5*4 bytes to
4*4 bytes (the correct size of an ip6 address)
- Correct regression from ucred work which resulted in getaudit() not returning
E2BIG if the subject had an ip6 termid
- Correct slight regression in getaudit(2) which resulted in the size of a pointer
being passed instead of the size of the structure. (This resulted in invalid
auditinfo data being returned via getaudit(2))
Reviewed by: rwatson
Approved by: re@ (kensmith)
Obtained from: TrustedBSD Project
MFC after: 1 month
Diffstat (limited to 'sys/security/audit/audit_syscalls.c')
| -rw-r--r-- | sys/security/audit/audit_syscalls.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/sys/security/audit/audit_syscalls.c b/sys/security/audit/audit_syscalls.c index 660c2ee..fa037ab 100644 --- a/sys/security/audit/audit_syscalls.c +++ b/sys/security/audit/audit_syscalls.c @@ -503,13 +503,15 @@ getaudit(struct thread *td, struct getaudit_args *uap) error = priv_check(td, PRIV_AUDIT_GETAUDIT); if (error) return (error); + if (td->td_ucred->cr_audit.ai_termid.at_type == AU_IPv6) + return (E2BIG); bzero(&ai, sizeof(ai)); ai.ai_auid = td->td_ucred->cr_audit.ai_auid; ai.ai_mask = td->td_ucred->cr_audit.ai_mask; ai.ai_asid = td->td_ucred->cr_audit.ai_asid; ai.ai_termid.machine = td->td_ucred->cr_audit.ai_termid.at_addr[0]; ai.ai_termid.port = td->td_ucred->cr_audit.ai_termid.at_port; - return (copyout(&ai, uap->auditinfo, sizeof(&ai))); + return (copyout(&ai, uap->auditinfo, sizeof(ai))); } /* ARGSUSED */ @@ -585,7 +587,10 @@ setaudit_addr(struct thread *td, struct setaudit_addr_args *uap) error = copyin(uap->auditinfo_addr, &aia, sizeof(aia)); if (error) return (error); - /* XXXRW: Audit argument. */ + audit_arg_auditinfo_addr(&aia); + if (aia.ai_termid.at_type != AU_IPv6 && + aia.ai_termid.at_type != AU_IPv4) + return (EINVAL); newcred = crget(); PROC_LOCK(td->td_proc); oldcred = td->td_proc->p_ucred; |
