PERFORCE change 78654 for review
Wayne Salamon
wsalamon at FreeBSD.org
Fri Jun 17 01:41:37 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=78654
Change 78654 by wsalamon at rickenbacker on 2005/06/17 01:40:59
Update the kernel changes to auditctl(), for real this time.
Affected files ...
.. //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#12 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#22 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#12 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#12 (text+ko) ====
==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#22 (text+ko) ====
@@ -1215,7 +1215,6 @@
struct nameidata nd;
struct ucred *cred;
struct vnode *vp;
- union auditctl_udata udata;
int error = 0;
int flags;
@@ -1223,70 +1222,44 @@
if (error)
return (error);
- /* Some commands don't have associated data; only copy in data if
- * it is there.
- */
- if (uap->data != NULL) {
- if ((uap->length <= 0) ||
- (uap->length > sizeof(union auditctl_udata)))
- return (EINVAL);
-
- error = copyin(uap->data, (void *)&udata, uap->length);
- if (error)
- return error;
- }
-
vp = NULL;
cred = NULL;
- switch (uap->cmd) {
- case AC_SETLOGFILE:
- /*
- * If a path is specified, open the replacement vnode, perform
- * validity checks, and grab another reference to the current
- * credential.
- */
- if (udata.ac_path == NULL)
- return (EINVAL);
+ /*
+ * If a path is specified, open the replacement vnode, perform
+ * validity checks, and grab another reference to the current
+ * credential.
+ */
+ if (uap->path == NULL)
+ return (EINVAL);
- fn = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
- error = copyinstr(udata.ac_path, fn, MAXPATHLEN, NULL);
- if (error != 0)
- goto err_out;
+ fn = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+ error = copyinstr(uap->path, fn, MAXPATHLEN, NULL);
+ if (error != 0)
+ goto err_out;
- mtx_lock(&Giant);
- NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fn, td);
- flags = audit_open_flags;
- error = vn_open(&nd, &flags, 0, -1);
- if (error) {
- mtx_unlock(&Giant);
- goto err_out;
- }
- VOP_UNLOCK(nd.ni_vp, 0, td);
- vp = nd.ni_vp;
- if (vp->v_type != VREG) {
- vn_close(vp, audit_close_flags,
- td->td_ucred, td);
- mtx_unlock(&Giant);
- error = EINVAL;
- goto err_out;
- }
- cred = td->td_ucred;
- crhold(cred);
- audit_suspended = 0;
-
+ mtx_lock(&Giant);
+ NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, fn, td);
+ flags = audit_open_flags;
+ error = vn_open(&nd, &flags, 0, -1);
+ if (error) {
+ mtx_unlock(&Giant);
+ goto err_out;
+ }
+ VOP_UNLOCK(nd.ni_vp, 0, td);
+ vp = nd.ni_vp;
+ if (vp->v_type != VREG) {
+ vn_close(vp, audit_close_flags, td->td_ucred, td);
mtx_unlock(&Giant);
- audit_rotate_vnode(cred, vp);
- break;
+ error = EINVAL;
+ goto err_out;
+ }
+ cred = td->td_ucred;
+ crhold(cred);
+ audit_suspended = 0;
- case AC_SHUTDOWN:
- audit_shutdown();
- break;
-
- case AC_SENDTRIGGER:
- error = send_trigger(udata.ac_trigger);
- break;
- }
+ mtx_unlock(&Giant);
+ audit_rotate_vnode(cred, vp);
err_out:
if (fn)
==== //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#12 (text+ko) ====
@@ -1336,9 +1336,7 @@
char length_l_[PADL_(u_int)]; u_int length; char length_r_[PADR_(u_int)];
};
struct auditctl_args {
- char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)];
- char data_l_[PADL_(void *)]; void * data; char data_r_[PADR_(void *)];
- char length_l_[PADL_(u_int)]; u_int length; char length_r_[PADR_(u_int)];
+ char path_l_[PADL_(char *)]; char * path; char path_r_[PADR_(char *)];
};
int nosys(struct thread *, struct nosys_args *);
void sys_exit(struct thread *, struct sys_exit_args *);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list