diff options
Diffstat (limited to 'sys')
-rw-r--r-- | sys/bsm/audit.h | 7 | ||||
-rw-r--r-- | sys/bsm/audit_kevents.h | 22 | ||||
-rw-r--r-- | sys/security/audit/audit_bsm_errno.c | 4 | ||||
-rw-r--r-- | sys/security/audit/audit_bsm_token.c | 15 |
4 files changed, 20 insertions, 28 deletions
diff --git a/sys/bsm/audit.h b/sys/bsm/audit.h index 53eeadb..24cc583 100644 --- a/sys/bsm/audit.h +++ b/sys/bsm/audit.h @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#4 + * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#5 * $FreeBSD$ */ @@ -66,8 +66,9 @@ #define AUDIT_TRIGGER_CLOSE_AND_DIE 4 /* Terminate audit. */ #define AUDIT_TRIGGER_NO_SPACE 5 /* Below min free space. */ #define AUDIT_TRIGGER_ROTATE_USER 6 /* User requests rotate. */ -#define AUDIT_TRIGGER_INITIALIZE 7 /* Initialize audit. */ -#define AUDIT_TRIGGER_MAX 7 +#define AUDIT_TRIGGER_INITIALIZE 7 /* User initialize of auditd. */ +#define AUDIT_TRIGGER_EXPIRE_TRAILS 8 /* User expiration of trails. */ +#define AUDIT_TRIGGER_MAX 8 /* * The special device filename (FreeBSD). diff --git a/sys/bsm/audit_kevents.h b/sys/bsm/audit_kevents.h index 3276cac..40aec77 100644 --- a/sys/bsm/audit_kevents.h +++ b/sys/bsm/audit_kevents.h @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#4 + * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#5 * $FreeBSD$ */ @@ -587,6 +587,8 @@ #define AUE_CAP_GETMODE 43189 /* TrustedBSD. */ #define AUE_POSIX_SPAWN 43190 /* Darwin. */ #define AUE_FSGETPATH 43191 /* Darwin. */ +#define AUE_PREAD 43192 /* Darwin/FreeBSD. */ +#define AUE_PWRITE 43193 /* Darwin/FreeBSD. */ /* * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the @@ -658,7 +660,6 @@ /* * Possible desired future values based on review of BSD/Darwin system calls. */ -#define AUE_ACCESSEXTENDED AUE_NULL #define AUE_ATGETMSG AUE_NULL #define AUE_ATPUTMSG AUE_NULL #define AUE_ATSOCKET AUE_NULL @@ -669,11 +670,9 @@ #define AUE_BSDTHREADCREATE AUE_NULL #define AUE_BSDTHREADTERMINATE AUE_NULL #define AUE_BSDTHREADREGISTER AUE_NULL -#define AUE_CHMODEXTENDED AUE_NULL #define AUE_CHUD AUE_NULL #define AUE_CSOPS AUE_NULL #define AUE_DUP AUE_NULL -#define AUE_FCHMODEXTENDED AUE_NULL #define AUE_FDATASYNC AUE_NULL #define AUE_FFSCTL AUE_NULL #define AUE_FGETATTRLIST AUE_NULL @@ -683,11 +682,10 @@ #define AUE_FSCTL AUE_NULL #define AUE_FSETATTRLIST AUE_NULL #define AUE_FSETXATTR AUE_NULL -#define AUE_FSTATEXTENDED AUE_NULL #define AUE_FSTATFS64 AUE_NULL #define AUE_FSTATV AUE_NULL #define AUE_FSTAT64 AUE_NULL -#define AUE_FSTAT64EXTENDED AUE_NULL +#define AUE_FSTAT64_EXTENDED AUE_NULL #define AUE_GCCONTROL AUE_NULL #define AUE_GETDIRENTRIES64 AUE_NULL #define AUE_GETDTABLESIZE AUE_NULL @@ -721,21 +719,15 @@ #define AUE_ISSETUGID AUE_NULL #define AUE_LIOLISTIO AUE_NULL #define AUE_LISTXATTR AUE_NULL -#define AUE_LSTATEXTENDED AUE_NULL #define AUE_LSTATV AUE_NULL #define AUE_LSTAT64 AUE_NULL -#define AUE_LSTAT64EXTENDED AUE_NULL +#define AUE_LSTAT64_EXTENDED AUE_NULL #define AUE_MADVISE AUE_NULL #define AUE_MINCORE AUE_NULL #define AUE_MKCOMPLEX AUE_NULL -#define AUE_MKDIREXTENDED AUE_NULL -#define AUE_MKFIFOEXTENDED AUE_NULL #define AUE_MODWATCH AUE_NULL #define AUE_MSGCL AUE_NULL #define AUE_MSYNC AUE_NULL -#define AUE_OPENEXTENDED AUE_NULL -#define AUE_PREAD AUE_NULL -#define AUE_PWRITE AUE_NULL #define AUE_PREADV AUE_NULL #define AUE_PROCINFO AUE_NULL #define AUE_PTHREADCANCELED AUE_NULL @@ -779,15 +771,13 @@ #define AUE_SIGWAIT AUE_NULL #define AUE_SSTK AUE_NULL #define AUE_STACKSNAPSHOT AUE_NULL -#define AUE_STATEXTENDED AUE_NULL #define AUE_STATFS64 AUE_NULL #define AUE_STATV AUE_NULL #define AUE_STAT64 AUE_NULL -#define AUE_STAT64EXTENDED AUE_NULL +#define AUE_STAT64_EXTENDED AUE_NULL #define AUE_SYNC AUE_NULL #define AUE_SYSCALL AUE_NULL #define AUE_TABLE AUE_NULL -#define AUE_UMASKEXTENDED AUE_NULL #define AUE_VMPRESSUREMONITOR AUE_NULL #define AUE_WAITEVENT AUE_NULL #define AUE_WAITID AUE_NULL diff --git a/sys/security/audit/audit_bsm_errno.c b/sys/security/audit/audit_bsm_errno.c index 782ce62..ccca41e 100644 --- a/sys/security/audit/audit_bsm_errno.c +++ b/sys/security/audit/audit_bsm_errno.c @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#12 + * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#17 */ #include <sys/cdefs.h> @@ -496,7 +496,7 @@ static const struct bsm_errno bsm_errnos[] = { #else ERRNO_NO_LOCAL_MAPPING, #endif - ES("Malfored Macho file") }, + ES("Malformed Macho file") }, { BSM_ERRNO_EPOLICY, #ifdef EPOLICY EPOLICY, diff --git a/sys/security/audit/audit_bsm_token.c b/sys/security/audit/audit_bsm_token.c index a30fa53..56f0ceb 100644 --- a/sys/security/audit/audit_bsm_token.c +++ b/sys/security/audit/audit_bsm_token.c @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#86 + * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90 */ #include <sys/cdefs.h> @@ -139,7 +139,7 @@ au_to_attr32(struct vnode_au_info *vni) token_t *t; u_char *dptr = NULL; u_int16_t pad0_16 = 0; - u_int16_t pad0_32 = 0; + u_int32_t pad0_32 = 0; GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 3 * sizeof(u_int32_t) + sizeof(u_int64_t) + sizeof(u_int32_t)); @@ -186,7 +186,7 @@ au_to_attr64(struct vnode_au_info *vni) token_t *t; u_char *dptr = NULL; u_int16_t pad0_16 = 0; - u_int16_t pad0_32 = 0; + u_int32_t pad0_32 = 0; GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 3 * sizeof(u_int32_t) + sizeof(u_int64_t) * 2); @@ -439,7 +439,8 @@ au_to_ipc_perm(struct ipc_perm *perm) u_char *dptr = NULL; u_int16_t pad0 = 0; - GET_TOKEN_AREA(t, dptr, 12 * sizeof(u_int16_t) + sizeof(u_int32_t)); + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 12 * sizeof(u_int16_t) + + sizeof(u_int32_t)); ADD_U_CHAR(dptr, AUT_IPC_PERM); @@ -869,13 +870,13 @@ au_to_socket_ex(u_short so_domain, u_short so_type, 5 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t)); else if (so_domain == AF_INET6) GET_TOKEN_AREA(t, dptr, sizeof(u_char) + - 5 * sizeof(u_int16_t) + 16 * sizeof(u_int32_t)); + 5 * sizeof(u_int16_t) + 8 * sizeof(u_int32_t)); else return (NULL); ADD_U_CHAR(dptr, AUT_SOCKET_EX); - ADD_U_INT16(dptr, so_domain); /* XXXRW: explicitly convert? */ - ADD_U_INT16(dptr, so_type); /* XXXRW: explicitly convert? */ + ADD_U_INT16(dptr, au_domain_to_bsm(so_domain)); + ADD_U_INT16(dptr, au_socket_type_to_bsm(so_type)); if (so_domain == AF_INET) { ADD_U_INT16(dptr, AU_IPv4); sin = (struct sockaddr_in *)sa_local; |