diff options
Diffstat (limited to 'sys/security')
-rw-r--r-- | sys/security/audit/audit.h | 8 | ||||
-rw-r--r-- | sys/security/audit/audit_arg.c | 6 | ||||
-rw-r--r-- | sys/security/audit/audit_bsm.c | 15 |
3 files changed, 23 insertions, 6 deletions
diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h index 733a3c7..dd55875 100644 --- a/sys/security/audit/audit.h +++ b/sys/security/audit/audit.h @@ -95,7 +95,7 @@ void audit_arg_pid(pid_t pid); void audit_arg_process(struct proc *p); void audit_arg_signum(u_int signum); void audit_arg_socket(int sodomain, int sotype, int soprotocol); -void audit_arg_sockaddr(struct thread *td, struct sockaddr *sa); +void audit_arg_sockaddr(struct thread *td, int dirfd, struct sockaddr *sa); void audit_arg_auid(uid_t auid); void audit_arg_auditinfo(struct auditinfo *au_info); void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info); @@ -267,9 +267,9 @@ void audit_thread_free(struct thread *td); audit_arg_socket((sodomain), (sotype), (soprotocol)); \ } while (0) -#define AUDIT_ARG_SOCKADDR(td, sa) do { \ +#define AUDIT_ARG_SOCKADDR(td, dirfd, sa) do { \ if (AUDITING_TD(curthread)) \ - audit_arg_sockaddr((td), (sa)); \ + audit_arg_sockaddr((td), (dirfd), (sa)); \ } while (0) #define AUDIT_ARG_SUID(suid) do { \ @@ -365,7 +365,7 @@ void audit_thread_free(struct thread *td); #define AUDIT_ARG_SIGNUM(signum) #define AUDIT_ARG_SGID(sgid) #define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol) -#define AUDIT_ARG_SOCKADDR(td, sa) +#define AUDIT_ARG_SOCKADDR(td, dirfd, sa) #define AUDIT_ARG_SUID(suid) #define AUDIT_ARG_TEXT(text) #define AUDIT_ARG_UID(uid) diff --git a/sys/security/audit/audit_arg.c b/sys/security/audit/audit_arg.c index ec04b8b..4927be0 100644 --- a/sys/security/audit/audit_arg.c +++ b/sys/security/audit/audit_arg.c @@ -441,7 +441,7 @@ audit_arg_socket(int sodomain, int sotype, int soprotocol) } void -audit_arg_sockaddr(struct thread *td, struct sockaddr *sa) +audit_arg_sockaddr(struct thread *td, int dirfd, struct sockaddr *sa) { struct kaudit_record *ar; @@ -463,7 +463,9 @@ audit_arg_sockaddr(struct thread *td, struct sockaddr *sa) break; case AF_UNIX: - audit_arg_upath1(td, AT_FDCWD, + if (dirfd != AT_FDCWD) + audit_arg_atfd1(dirfd); + audit_arg_upath1(td, dirfd, ((struct sockaddr_un *)sa)->sun_path); ARG_SET_VALID(ar, ARG_SADDRUNIX); break; diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c index 9c69b1e..03b3c23 100644 --- a/sys/security/audit/audit_bsm.c +++ b/sys/security/audit/audit_bsm.c @@ -554,6 +554,21 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau) /* XXX Need to handle ARG_SADDRINET6 */ break; + case AUE_BINDAT: + case AUE_CONNECTAT: + ATFD1_TOKENS(1); + if (ARG_IS_VALID(kar, ARG_FD)) { + tok = au_to_arg32(2, "fd", ar->ar_arg_fd); + kau_write(rec, tok); + } + if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) { + tok = au_to_sock_unix((struct sockaddr_un *) + &ar->ar_arg_sockaddr); + kau_write(rec, tok); + UPATH1_TOKENS; + } + break; + case AUE_SOCKET: case AUE_SOCKETPAIR: if (ARG_IS_VALID(kar, ARG_SOCKINFO)) { |