summaryrefslogtreecommitdiffstats
path: root/sys/security/audit
diff options
context:
space:
mode:
Diffstat (limited to 'sys/security/audit')
-rw-r--r--sys/security/audit/audit.h2
-rw-r--r--sys/security/audit/audit_arg.c4
-rw-r--r--sys/security/audit/audit_bsm.c3
-rw-r--r--sys/security/audit/audit_private.h1
-rw-r--r--sys/security/audit/bsm_token.c16
5 files changed, 21 insertions, 5 deletions
diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h
index dd55875..559d571 100644
--- a/sys/security/audit/audit.h
+++ b/sys/security/audit/audit.h
@@ -114,7 +114,7 @@ void audit_arg_auditon(union auditon_udata *udata);
void audit_arg_file(struct proc *p, struct file *fp);
void audit_arg_argv(char *argv, int argc, int length);
void audit_arg_envv(char *envv, int envc, int length);
-void audit_arg_rights(cap_rights_t rights);
+void audit_arg_rights(cap_rights_t *rightsp);
void audit_arg_fcntl_rights(uint32_t fcntlrights);
void audit_sysclose(struct thread *td, int fd);
void audit_cred_copy(struct ucred *src, struct ucred *dest);
diff --git a/sys/security/audit/audit_arg.c b/sys/security/audit/audit_arg.c
index 4927be0..2e86842 100644
--- a/sys/security/audit/audit_arg.c
+++ b/sys/security/audit/audit_arg.c
@@ -861,7 +861,7 @@ audit_arg_envv(char *envv, int envc, int length)
}
void
-audit_arg_rights(cap_rights_t rights)
+audit_arg_rights(cap_rights_t *rightsp)
{
struct kaudit_record *ar;
@@ -869,7 +869,7 @@ audit_arg_rights(cap_rights_t rights)
if (ar == NULL)
return;
- ar->k_ar.ar_arg_rights = rights;
+ ar->k_ar.ar_arg_rights = *rightsp;
ARG_SET_VALID(ar, ARG_RIGHTS);
}
diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c
index 03b3c23..9f29ece 100644
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@@ -1611,14 +1611,13 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
}
break;
- case AUE_CAP_NEW:
case AUE_CAP_RIGHTS_LIMIT:
/*
* XXXRW/XXXJA: Would be nice to audit socket/etc information.
*/
FD_VNODE1_TOKENS;
if (ARG_IS_VALID(kar, ARG_RIGHTS)) {
- tok = au_to_arg64(2, "rights", ar->ar_arg_rights);
+ tok = au_to_rights(&ar->ar_arg_rights);
kau_write(rec, tok);
}
break;
diff --git a/sys/security/audit/audit_private.h b/sys/security/audit/audit_private.h
index e23ba08..b5c373a 100644
--- a/sys/security/audit/audit_private.h
+++ b/sys/security/audit/audit_private.h
@@ -41,6 +41,7 @@
#error "no user-serviceable parts inside"
#endif
+#include <sys/caprights.h>
#include <sys/ipc.h>
#include <sys/socket.h>
#include <sys/ucred.h>
diff --git a/sys/security/audit/bsm_token.c b/sys/security/audit/bsm_token.c
index 6d0d67f..763d597 100644
--- a/sys/security/audit/bsm_token.c
+++ b/sys/security/audit/bsm_token.c
@@ -835,6 +835,22 @@ au_to_process_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
tid));
}
+token_t *
+au_to_rights(cap_rights_t *rightsp)
+{
+ token_t *t;
+ u_char *dptr;
+ int i;
+
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(*rightsp));
+
+ ADD_U_CHAR(dptr, AUT_RIGHTS);
+ for (i = 0; i < nitems(rightsp->cr_rights); i++)
+ ADD_U_INT64(dptr, rightsp->cr_rights[i]);
+
+ return (t);
+}
+
/*
* token ID 1 byte
* error status 1 byte
OpenPOWER on IntegriCloud