summaryrefslogtreecommitdiffstats
path: root/sys/security/audit
diff options
context:
space:
mode:
authorjonathan <jonathan@FreeBSD.org>2011-07-18 12:58:18 +0000
committerjonathan <jonathan@FreeBSD.org>2011-07-18 12:58:18 +0000
commit45e47caaf921f9c225ce67c7272e2ddee5dc8c83 (patch)
tree02d86454e8f19be96e4b6cbbf2f5d297ab07d36f /sys/security/audit
parente38a2e71f54be99cbde8b0fd108a1ea2d2637804 (diff)
downloadFreeBSD-src-45e47caaf921f9c225ce67c7272e2ddee5dc8c83.zip
FreeBSD-src-45e47caaf921f9c225ce67c7272e2ddee5dc8c83.tar.gz
Provide ability to audit cap_rights_t arguments.
We wish to be able to audit capability rights arguments; this code provides the necessary infrastructure. This commit does not, of itself, turn on such auditing for any system call; that should follow shortly. Approved by: mentor (rwatson), re (Capsicum blanket) Sponsored by: Google Inc
Diffstat (limited to 'sys/security/audit')
-rw-r--r--sys/security/audit/audit.h7
-rw-r--r--sys/security/audit/audit_arg.c13
-rw-r--r--sys/security/audit/audit_bsm.c22
-rw-r--r--sys/security/audit/audit_private.h2
4 files changed, 44 insertions, 0 deletions
diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h
index f66f33a..dfcd193 100644
--- a/sys/security/audit/audit.h
+++ b/sys/security/audit/audit.h
@@ -114,6 +114,7 @@ void audit_arg_auditon(union auditon_udata *udata);
void audit_arg_file(struct proc *p, struct file *fp);
void audit_arg_argv(char *argv, int argc, int length);
void audit_arg_envv(char *envv, int envc, int length);
+void audit_arg_rights(cap_rights_t rights);
void audit_sysclose(struct thread *td, int fd);
void audit_cred_copy(struct ucred *src, struct ucred *dest);
void audit_cred_destroy(struct ucred *cred);
@@ -235,6 +236,11 @@ void audit_thread_free(struct thread *td);
audit_arg_rgid((rgid)); \
} while (0)
+#define AUDIT_ARG_RIGHTS(rights) do { \
+ if (AUDITING_TD(curthread)) \
+ audit_arg_rights((rights)); \
+} while (0)
+
#define AUDIT_ARG_RUID(ruid) do { \
if (AUDITING_TD(curthread)) \
audit_arg_ruid((ruid)); \
@@ -342,6 +348,7 @@ void audit_thread_free(struct thread *td);
#define AUDIT_ARG_PID(pid)
#define AUDIT_ARG_PROCESS(p)
#define AUDIT_ARG_RGID(rgid)
+#define AUDIT_ARG_RIGHTS(rights)
#define AUDIT_ARG_RUID(ruid)
#define AUDIT_ARG_SIGNUM(signum)
#define AUDIT_ARG_SGID(sgid)
diff --git a/sys/security/audit/audit_arg.c b/sys/security/audit/audit_arg.c
index 562b799..4e155da 100644
--- a/sys/security/audit/audit_arg.c
+++ b/sys/security/audit/audit_arg.c
@@ -865,6 +865,19 @@ audit_arg_envv(char *envv, int envc, int length)
ARG_SET_VALID(ar, ARG_ENVV);
}
+void
+audit_arg_rights(cap_rights_t rights)
+{
+ struct kaudit_record *ar;
+
+ ar = currecord();
+ if (ar == NULL)
+ return;
+
+ ar->k_ar.ar_arg_rights = rights;
+ ARG_SET_VALID(ar, ARG_RIGHTS);
+}
+
/*
* The close() system call uses it's own audit call to capture the path/vnode
* information because those pieces are not easily obtained within the system
diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c
index b4713cc..a8fcd8f 100644
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@@ -1589,6 +1589,28 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
}
break;
+ case AUE_CAP_NEW:
+ /*
+ * XXXRW/XXXJA: Would be nice to audit socket/etc information.
+ */
+ FD_VNODE1_TOKENS;
+ if (ARG_IS_VALID(kar, ARG_RIGHTS)) {
+ tok = au_to_arg64(2, "rights", ar->ar_arg_rights);
+ kau_write(rec, tok);
+ }
+ break;
+
+ case AUE_CAP_GETRIGHTS:
+ if (ARG_IS_VALID(kar, ARG_FD)) {
+ tok = au_to_arg32(1, "fd", ar->ar_arg_fd);
+ kau_write(rec, tok);
+ }
+ break;
+
+ case AUE_CAP_ENTER:
+ case AUE_CAP_GETMODE:
+ break;
+
case AUE_NULL:
default:
printf("BSM conversion requested for unknown event %d\n",
diff --git a/sys/security/audit/audit_private.h b/sys/security/audit/audit_private.h
index b2f2bad..92a0729 100644
--- a/sys/security/audit/audit_private.h
+++ b/sys/security/audit/audit_private.h
@@ -229,6 +229,7 @@ struct audit_record {
int ar_arg_exitstatus;
int ar_arg_exitretval;
struct sockaddr_storage ar_arg_sockaddr;
+ cap_rights_t ar_arg_rights;
};
/*
@@ -288,6 +289,7 @@ struct audit_record {
#define ARG_ENVV 0x0002000000000000ULL
#define ARG_ATFD1 0x0004000000000000ULL
#define ARG_ATFD2 0x0008000000000000ULL
+#define ARG_RIGHTS 0x0010000000000000ULL
#define ARG_NONE 0x0000000000000000ULL
#define ARG_ALL 0xFFFFFFFFFFFFFFFFULL
OpenPOWER on IntegriCloud