diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-06-05 15:32:07 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-06-05 15:32:07 +0000 |
commit | 590882238f6227120968085933b61a58b05d0213 (patch) | |
tree | 3e4b09a3bd05356610da21e969a7fe0ff6e2cfd5 /sys | |
parent | 3b3f1e138b58b973a7139caeca8251b3e9594cb2 (diff) | |
download | FreeBSD-src-590882238f6227120968085933b61a58b05d0213.zip FreeBSD-src-590882238f6227120968085933b61a58b05d0213.tar.gz |
Audit some arguments to nmount(), mount(), umount().
Submitted by: wsalamon
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/vfs_mount.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c index 205ef6f..66a2fea 100644 --- a/sys/kern/vfs_mount.c +++ b/sys/kern/vfs_mount.c @@ -63,6 +63,8 @@ __FBSDID("$FreeBSD$"); #include <machine/stdarg.h> +#include <security/audit/audit.h> + #include "opt_rootdevname.h" #include "opt_ddb.h" #include "opt_mac.h" @@ -374,6 +376,8 @@ nmount(td, uap) int error; u_int iovcnt; + AUDIT_ARG(fflags, uap->flags); + /* Kick out MNT_ROOTFS early as it is legal internally */ if (uap->flags & MNT_ROOTFS) return (EINVAL); @@ -733,12 +737,15 @@ mount(td, uap) struct mntarg *ma = NULL; int error; + AUDIT_ARG(fflags, uap->flags); + /* Kick out MNT_ROOTFS early as it is legal internally */ uap->flags &= ~MNT_ROOTFS; fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK); error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL); if (!error) { + AUDIT_ARG(text, fstype); mtx_lock(&Giant); /* XXX ? */ vfsp = vfs_byname_kld(fstype, td, &error); mtx_unlock(&Giant); @@ -826,7 +833,8 @@ vfs_domount( /* * Get vnode to be covered */ - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_SYSSPACE, + fspath, td); if ((error = namei(&nd)) != 0) return (error); NDFREE(&nd, NDF_ONLY_PNBUF); @@ -1054,6 +1062,7 @@ unmount(td, uap) free(pathbuf, M_TEMP); return (error); } + AUDIT_ARG(upath, td, pathbuf, ARG_UPATH1); if (uap->flags & MNT_BYFSID) { /* Decode the filesystem ID. */ if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) { |