svn commit: r195252 - in head/sys: kern security/audit

Robert Watson rwatson at FreeBSD.org
Wed Jul 1 18:54:51 UTC 2009 

Author: rwatson
Date: Wed Jul  1 18:54:49 2009
New Revision: 195252
URL: http://svn.freebsd.org/changeset/base/195252

Log:
  Define missing audit argument macro AUDIT_ARG_SOCKET(), and
  capture the domain, type, and protocol arguments to socket(2)
  and socketpair(2).
  
  Approved by:	re (audit argument blanket)
  MFC after:	3 days

Modified:
  head/sys/kern/uipc_syscalls.c
  head/sys/security/audit/audit.h

Modified: head/sys/kern/uipc_syscalls.c
==============================================================================
--- head/sys/kern/uipc_syscalls.c	Wed Jul  1 18:12:50 2009	(r195251)
+++ head/sys/kern/uipc_syscalls.c	Wed Jul  1 18:54:49 2009	(r195252)
@@ -70,6 +70,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/ktrace.h>
 #endif
 
+#include <security/audit/audit.h>
 #include <security/mac/mac_framework.h>
 
 #include <vm/vm.h>
@@ -161,6 +162,7 @@ socket(td, uap)
 	struct file *fp;
 	int fd, error;
 
+	AUDIT_ARG_SOCKET(uap->domain, uap->type, uap->protocol);
 #ifdef MAC
 	error = mac_socket_check_create(td->td_ucred, uap->domain, uap->type,
 	    uap->protocol);
@@ -586,6 +588,7 @@ kern_socketpair(struct thread *td, int d
 	struct socket *so1, *so2;
 	int fd, error;
 
+	AUDIT_ARG_SOCKET(domain, type, protocol);
 #ifdef MAC
 	/* We might want to have a separate check for socket pairs. */
 	error = mac_socket_check_create(td->td_ucred, domain, type,

Modified: head/sys/security/audit/audit.h
==============================================================================
--- head/sys/security/audit/audit.h	Wed Jul  1 18:12:50 2009	(r195251)
+++ head/sys/security/audit/audit.h	Wed Jul  1 18:54:49 2009	(r195252)
@@ -297,6 +297,11 @@ void	 audit_thread_free(struct thread *t
 		audit_arg_sgid((sgid));					\
 } while (0)
 
+#define	AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol) do {		\
+	if (AUDITING_TD(curthread))					\
+		audit_arg_socket((sodomain), (sotype), (soprotocol));	\
+} while (0)
+
 #define	AUDIT_ARG_SUID(suid) do {					\
 	if (AUDITING_TD(curthread))					\
 		audit_arg_suid((suid));					\
@@ -375,6 +380,7 @@ void	 audit_thread_free(struct thread *t
 #define	AUDIT_ARG_RUID(ruid)
 #define	AUDIT_ARG_SIGNUM(signum)
 #define	AUDIT_ARG_SGID(sgid)
+#define	AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol)
 #define	AUDIT_ARG_SUID(suid)
 #define	AUDIT_ARG_TEXT(text)
 #define	AUDIT_ARG_UID(uid)

More information about the svn-src-head mailing list