diff options
author | pjd <pjd@FreeBSD.org> | 2013-03-02 21:11:30 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2013-03-02 21:11:30 +0000 |
commit | 702516e70b2669b5076691a0b760b4a37a8c06a2 (patch) | |
tree | 5dbc48bdb7b78718e22183ef377b76f2e3bc74c2 /sys/security/audit | |
parent | 5026b7b931be858ac65f951dc40069f970064606 (diff) | |
download | FreeBSD-src-702516e70b2669b5076691a0b760b4a37a8c06a2.zip FreeBSD-src-702516e70b2669b5076691a0b760b4a37a8c06a2.tar.gz |
- Implement two new system calls:
int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen);
int connectat(int fd, int s, const struct sockaddr *name, socklen_t namelen);
which allow to bind and connect respectively to a UNIX domain socket with a
path relative to the directory associated with the given file descriptor 'fd'.
- Add manual pages for the new syscalls.
- Make the new syscalls available for processes in capability mode sandbox.
- Add capability rights CAP_BINDAT and CAP_CONNECTAT that has to be present on
the directory descriptor for the syscalls to work.
- Update audit(4) to support those two new syscalls and to handle path
in sockaddr_un structure relative to the given directory descriptor.
- Update procstat(1) to recognize the new capability rights.
- Document the new capability rights in cap_rights_limit(2).
Sponsored by: The FreeBSD Foundation
Discussed with: rwatson, jilles, kib, des
Diffstat (limited to 'sys/security/audit')
-rw-r--r-- | sys/security/audit/audit.h | 8 | ||||
-rw-r--r-- | sys/security/audit/audit_arg.c | 6 | ||||
-rw-r--r-- | sys/security/audit/audit_bsm.c | 15 |
3 files changed, 23 insertions, 6 deletions
diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h index 733a3c7..dd55875 100644 --- a/sys/security/audit/audit.h +++ b/sys/security/audit/audit.h @@ -95,7 +95,7 @@ void audit_arg_pid(pid_t pid); void audit_arg_process(struct proc *p); void audit_arg_signum(u_int signum); void audit_arg_socket(int sodomain, int sotype, int soprotocol); -void audit_arg_sockaddr(struct thread *td, struct sockaddr *sa); +void audit_arg_sockaddr(struct thread *td, int dirfd, struct sockaddr *sa); void audit_arg_auid(uid_t auid); void audit_arg_auditinfo(struct auditinfo *au_info); void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info); @@ -267,9 +267,9 @@ void audit_thread_free(struct thread *td); audit_arg_socket((sodomain), (sotype), (soprotocol)); \ } while (0) -#define AUDIT_ARG_SOCKADDR(td, sa) do { \ +#define AUDIT_ARG_SOCKADDR(td, dirfd, sa) do { \ if (AUDITING_TD(curthread)) \ - audit_arg_sockaddr((td), (sa)); \ + audit_arg_sockaddr((td), (dirfd), (sa)); \ } while (0) #define AUDIT_ARG_SUID(suid) do { \ @@ -365,7 +365,7 @@ void audit_thread_free(struct thread *td); #define AUDIT_ARG_SIGNUM(signum) #define AUDIT_ARG_SGID(sgid) #define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol) -#define AUDIT_ARG_SOCKADDR(td, sa) +#define AUDIT_ARG_SOCKADDR(td, dirfd, sa) #define AUDIT_ARG_SUID(suid) #define AUDIT_ARG_TEXT(text) #define AUDIT_ARG_UID(uid) diff --git a/sys/security/audit/audit_arg.c b/sys/security/audit/audit_arg.c index ec04b8b..4927be0 100644 --- a/sys/security/audit/audit_arg.c +++ b/sys/security/audit/audit_arg.c @@ -441,7 +441,7 @@ audit_arg_socket(int sodomain, int sotype, int soprotocol) } void -audit_arg_sockaddr(struct thread *td, struct sockaddr *sa) +audit_arg_sockaddr(struct thread *td, int dirfd, struct sockaddr *sa) { struct kaudit_record *ar; @@ -463,7 +463,9 @@ audit_arg_sockaddr(struct thread *td, struct sockaddr *sa) break; case AF_UNIX: - audit_arg_upath1(td, AT_FDCWD, + if (dirfd != AT_FDCWD) + audit_arg_atfd1(dirfd); + audit_arg_upath1(td, dirfd, ((struct sockaddr_un *)sa)->sun_path); ARG_SET_VALID(ar, ARG_SADDRUNIX); break; diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c index 9c69b1e..03b3c23 100644 --- a/sys/security/audit/audit_bsm.c +++ b/sys/security/audit/audit_bsm.c @@ -554,6 +554,21 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau) /* XXX Need to handle ARG_SADDRINET6 */ break; + case AUE_BINDAT: + case AUE_CONNECTAT: + ATFD1_TOKENS(1); + if (ARG_IS_VALID(kar, ARG_FD)) { + tok = au_to_arg32(2, "fd", ar->ar_arg_fd); + kau_write(rec, tok); + } + if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) { + tok = au_to_sock_unix((struct sockaddr_un *) + &ar->ar_arg_sockaddr); + kau_write(rec, tok); + UPATH1_TOKENS; + } + break; + case AUE_SOCKET: case AUE_SOCKETPAIR: if (ARG_IS_VALID(kar, ARG_SOCKINFO)) { |