PERFORCE change 90909 for review
Robert Watson
rwatson at FreeBSD.org
Thu Feb 2 02:02:11 GMT 2006
http://perforce.freebsd.org/chv.cgi?CH=90909
Change 90909 by rwatson at rwatson_peppercorn on 2006/02/02 02:01:11
Stub comments about what audit for AUE_SENDFILE will need to
capture. This also suppresses the conversion warning for event
364.
Note: this may require some work, as up until now we've needed only
to audit a single file descriptor per system call. sendfile() uses
two, so will require expanding our in-kernel audit record.
Affected files ...
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#3 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#3 (text+ko) ====
@@ -439,6 +439,19 @@
}
break;
+ case AUE_SENDFILE:
+ /*
+ * XXXRW: While sendfile() is effectively a combination of
+ * read() and write(), it is useful to audit if only because
+ * it performs IPC/network I/O. We will need to eventually
+ * audit the following information to be complete:
+ *
+ * - socket information
+ * - file descriptor information for two file descriptors
+ * - file information
+ */
+ break;
+
case AUE_ACCT:
if (ARG_IS_VALID(kar, ARG_UPATH1)) {
UPATH1_VNODE1_TOKENS;
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list