Audit some arguments to nmount(), mount(), umount().

Submitted by:	wsalamon
Obtained from:	TrustedBSD Project

1 files changed, 10 insertions, 1 deletions

diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c
index 205ef6f..66a2fea 100644
--- a/sys/kern/vfs_mount.c
+++ b/sys/kern/vfs_mount.c
@@ -63,6 +63,8 @@ __FBSDID("$FreeBSD$");
 
 #include <machine/stdarg.h>
 
+#include <security/audit/audit.h>
+
 #include "opt_rootdevname.h"
 #include "opt_ddb.h"
 #include "opt_mac.h"
@@ -374,6 +376,8 @@ nmount(td, uap)
 	int error;
 	u_int iovcnt;
 
+	AUDIT_ARG(fflags, uap->flags);
+
 	/* Kick out MNT_ROOTFS early as it is legal internally */
 	if (uap->flags & MNT_ROOTFS)
 		return (EINVAL);
@@ -733,12 +737,15 @@ mount(td, uap)
 	struct mntarg *ma = NULL;
 	int error;
 
+	AUDIT_ARG(fflags, uap->flags);
+
 	/* Kick out MNT_ROOTFS early as it is legal internally */
 	uap->flags &= ~MNT_ROOTFS;
 
 	fstype = malloc(MFSNAMELEN, M_TEMP, M_WAITOK);
 	error = copyinstr(uap->type, fstype, MFSNAMELEN, NULL);
 	if (!error) {
+		AUDIT_ARG(text, fstype);
 		mtx_lock(&Giant);	/* XXX ? */
 		vfsp = vfs_byname_kld(fstype, td, &error);
 		mtx_unlock(&Giant);
@@ -826,7 +833,8 @@ vfs_domount(
 	/*
 	 * Get vnode to be covered
 	 */
-	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fspath, td);
+	NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, UIO_SYSSPACE,
+	    fspath, td);
 	if ((error = namei(&nd)) != 0)
 		return (error);
 	NDFREE(&nd, NDF_ONLY_PNBUF);
@@ -1054,6 +1062,7 @@ unmount(td, uap)
 		free(pathbuf, M_TEMP);
 		return (error);
 	}
+	AUDIT_ARG(upath, td, pathbuf, ARG_UPATH1);
 	if (uap->flags & MNT_BYFSID) {
 		/* Decode the filesystem ID. */
 		if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) {