PERFORCE change 85424 for review

Robert Watson rwatson at FreeBSD.org
Mon Oct 17 11:31:07 GMT 2005 

http://perforce.freebsd.org/chv.cgi?CH=85424

Change 85424 by rwatson at rwatson_zoo on 2005/10/17 11:30:43

	Minor white space tweaks.
	
	Annotate a minor multi-threading race, in which one thread can give
	up privilege while another thread modifies audit state, resulting
	in a possibly inconsistent condition.  This may not be significant.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#4 (text+ko) ====

@@ -174,6 +174,7 @@
 		if (audit_panic_on_write_fail)
 			udata.au_policy |= AUDIT_AHLT;
 		break;
+
 	case A_SETPOLICY:
 		if (udata.au_policy & ~(AUDIT_CNT|AUDIT_AHLT))
 			return (EINVAL);
@@ -183,15 +184,19 @@
 		audit_fail_stop = ((udata.au_policy & AUDIT_CNT) == 0);
 		audit_panic_on_write_fail = (udata.au_policy & AUDIT_AHLT);
 		break;
+
 	case A_GETKMASK:
 		udata.au_mask = audit_nae_mask;
 		break;
+
 	case A_SETKMASK:
 		audit_nae_mask = udata.au_mask;
 		break;
+
 	case A_GETQCTRL:
 		udata.au_qctrl = audit_qctrl;
 		break;
+
 	case A_SETQCTRL:
 		if ((udata.au_qctrl.aq_hiwater > AQ_MAXHIGH) ||
 		    (udata.au_qctrl.aq_lowater >= udata.au_qctrl.aq_hiwater) ||
@@ -204,30 +209,38 @@
 		/* XXX The queue delay value isn't used with the kernel. */
 		audit_qctrl.aq_delay = -1;
 		break;
+
 	case A_GETCWD:
 		return (ENOSYS);
 		break;
+
 	case A_GETCAR:
 		return (ENOSYS);
 		break;
+
 	case A_GETSTAT:
 		return (ENOSYS);
 		break;
+
 	case A_SETSTAT:
 		return (ENOSYS);
 		break;
+
 	case A_SETUMASK:
 		return (ENOSYS);
 		break;
+
 	case A_SETSMASK:
 		return (ENOSYS);
 		break;
+
 	case A_GETCOND:
 		if (audit_enabled && !audit_suspended)
 			udata.au_cond = AUC_AUDITING;
 		else
 			udata.au_cond = AUC_NOAUDIT;
 		break;
+
 	case A_SETCOND:
 		if (udata.au_cond == AUC_NOAUDIT) 
 			audit_suspended = 1;
@@ -238,14 +251,17 @@
 			audit_shutdown(NULL, 0);
 		}
 		break;
+
 	case A_GETCLASS:
 		udata.au_evclass.ec_class = 
 			au_event_class(udata.au_evclass.ec_number);
 		break;
+
 	case A_SETCLASS:
 		au_evclassmap_insert(udata.au_evclass.ec_number,
 					udata.au_evclass.ec_class);
 		break;
+
 	case A_GETPINFO:
 		if (udata.au_aupinfo.ap_pid < 1) 
 			return (EINVAL);
@@ -266,6 +282,7 @@
 		udata.au_aupinfo.ap_asid = tp->p_au->ai_asid;
 		PROC_UNLOCK(tp);
 		break;
+
 	case A_SETPMASK:
 		if (udata.au_aupinfo.ap_pid < 1) 
 			return (EINVAL);
@@ -280,25 +297,31 @@
 			udata.au_aupinfo.ap_mask.am_failure;
 		PROC_UNLOCK(tp);
 		break;
+
 	case A_SETFSIZE:
 		if ((udata.au_fstat.af_filesz != 0) &&
 		   (udata.au_fstat.af_filesz < MIN_AUDIT_FILE_SIZE))
 			return (EINVAL);
 		audit_fstat.af_filesz = udata.au_fstat.af_filesz;
 		break;
+
 	case A_GETFSIZE:
 		udata.au_fstat.af_filesz = audit_fstat.af_filesz;
 		udata.au_fstat.af_currsz = audit_fstat.af_currsz;
 		break;
+
 	case A_GETPINFO_ADDR:
 		return (ENOSYS);
 		break;
+
 	case A_GETKAUDIT:
 		return (ENOSYS);
 		break;
+
 	case A_SETKAUDIT:
 		return (ENOSYS);
 		break;
+
 	case A_SENDTRIGGER:
 		if ((udata.au_trigger < AUDIT_TRIGGER_MIN) ||
 		    (udata.au_trigger > AUDIT_TRIGGER_MAX))
@@ -380,6 +403,8 @@
 	 * XXXAUDIT: Might need locking to serialize audit events in the same
 	 * order as change events?  Or maybe that's an under-solveable
 	 * problem.
+	 *
+	 * XXXRW: Test privilege while holding the proc lock?
 	 */     
 	PROC_LOCK(td->td_proc);
 	td->td_proc->p_au->ai_auid = id;
@@ -428,6 +453,9 @@
 
 	audit_arg_auditinfo(&ai);
 
+	/*
+	 * XXXRW: Test privilege while holding the proc lock?
+	*/
 	PROC_LOCK(td->td_proc);
 	*td->td_proc->p_au = ai;
 	PROC_UNLOCK(td->td_proc);
@@ -534,54 +562,63 @@
 int
 audit(struct thread *td, struct audit_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 auditon(struct thread *td, struct auditon_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 getauid(struct thread *td, struct getauid_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 setauid(struct thread *td, struct setauid_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 getaudit(struct thread *td, struct getaudit_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 setaudit(struct thread *td, struct setaudit_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 getaudit_addr(struct thread *td, struct getaudit_addr_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 setaudit_addr(struct thread *td, struct setaudit_addr_args *uap)
 {
+
 	return (ENOSYS);
 }
 
 int
 auditctl(struct thread *td, struct auditctl_args *uap)
 {
+
 	return (ENOSYS);
 }
 
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list