diff options
| -rw-r--r-- | sys/bsm/audit.h | 28 | ||||
| -rw-r--r-- | sys/bsm/audit_internal.h | 2 | ||||
| -rw-r--r-- | sys/bsm/audit_kevents.h | 5 | ||||
| -rw-r--r-- | sys/bsm/audit_record.h | 2 | ||||
| -rw-r--r-- | sys/security/audit/audit_worker.c | 2 |
5 files changed, 19 insertions, 20 deletions
diff --git a/sys/bsm/audit.h b/sys/bsm/audit.h index 46821e8..61686ef 100644 --- a/sys/bsm/audit.h +++ b/sys/bsm/audit.h @@ -30,7 +30,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#31 $ + * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#34 $ * $FreeBSD$ */ @@ -59,23 +59,19 @@ * Triggers for the audit daemon. */ #define AUDIT_TRIGGER_MIN 1 -#define AUDIT_TRIGGER_LOW_SPACE 1 -#define AUDIT_TRIGGER_OPEN_NEW 2 -#define AUDIT_TRIGGER_READ_FILE 3 -#define AUDIT_TRIGGER_CLOSE_AND_DIE 4 -#define AUDIT_TRIGGER_NO_SPACE 5 -#define AUDIT_TRIGGER_MAX 5 +#define AUDIT_TRIGGER_LOW_SPACE 1 /* Below low watermark. */ +#define AUDIT_TRIGGER_ROTATE_KERNEL 2 /* Kernel requests rotate. */ +#define AUDIT_TRIGGER_READ_FILE 3 /* Re-read config file. */ +#define AUDIT_TRIGGER_CLOSE_AND_DIE 4 /* Terminate audit. */ +#define AUDIT_TRIGGER_NO_SPACE 5 /* Below min free space. */ +#define AUDIT_TRIGGER_ROTATE_USER 6 /* User requests roate. */ +#define AUDIT_TRIGGER_MAX 6 /* - * Special file that will be read for trigger events from the kernel - * (FreeBSD). - */ -#define AUDIT_TRIGGER_FILE "/dev/audit" - -/* - * The special device filename. + * The special device filename (FreeBSD). */ #define AUDITDEV_FILENAME "audit" +#define AUDIT_TRIGGER_FILE ("/dev/" AUDITDEV_FILENAME) /* * Pre-defined audit IDs @@ -182,12 +178,12 @@ #define AUDIT_PERZONE 0x2000 /* - * Audit queue control parameters. + * Default audit queue control parameters. */ #define AQ_HIWATER 100 #define AQ_MAXHIGH 10000 #define AQ_LOWATER 10 -#define AQ_BUFSZ 1024 +#define AQ_BUFSZ MAXAUDITDATA #define AQ_MAXBUFSZ 1048576 /* diff --git a/sys/bsm/audit_internal.h b/sys/bsm/audit_internal.h index 39d04c0..63e5638 100644 --- a/sys/bsm/audit_internal.h +++ b/sys/bsm/audit_internal.h @@ -34,7 +34,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#11 $ + * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#14 $ * $FreeBSD$ */ diff --git a/sys/bsm/audit_kevents.h b/sys/bsm/audit_kevents.h index be4f102..3e60ee0 100644 --- a/sys/bsm/audit_kevents.h +++ b/sys/bsm/audit_kevents.h @@ -30,7 +30,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#26 $ + * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#28 $ * $FreeBSD$ */ @@ -468,6 +468,9 @@ #define AUE_EXTATTR_SET_LINK 43111 /* FreeBSD. */ #define AUE_EXTATTR_LIST_LINK 43112 /* FreeBSD. */ #define AUE_EXTATTR_DELETE_LINK 43113 /* FreeBSD. */ +#define AUE_KENV 43114 /* FreeBSD. */ +#define AUE_JAIL_ATTACH 43115 /* FreeBSD. */ +#define AUE_SYSCTL_WRITE 43116 /* FreeBSD. */ /* * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the diff --git a/sys/bsm/audit_record.h b/sys/bsm/audit_record.h index b1c975b..b10bbd7 100644 --- a/sys/bsm/audit_record.h +++ b/sys/bsm/audit_record.h @@ -30,7 +30,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#19 $ + * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#21 $ * $FreeBSD$ */ diff --git a/sys/security/audit/audit_worker.c b/sys/security/audit/audit_worker.c index cfe46fa..e0fbb7b 100644 --- a/sys/security/audit/audit_worker.c +++ b/sys/security/audit/audit_worker.c @@ -194,7 +194,7 @@ audit_record_write(struct vnode *vp, struct ucred *cred, struct thread *td, (audit_file_rotate_wait == 0) && (vattr.va_size >= audit_fstat.af_filesz)) { audit_file_rotate_wait = 1; - (void)send_trigger(AUDIT_TRIGGER_OPEN_NEW); + (void)send_trigger(AUDIT_TRIGGER_ROTATE_KERNEL); } /* |
