PERFORCE change 91014 for review

Sat Feb 4 00:48:21 GMT 2006

http://perforce.freebsd.org/chv.cgi?CH=91014

Change 91014 by wsalamon at gretsch on 2006/02/04 00:47:28

	Audit the nmount(2) system call.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#24 edit
.. //depot/projects/trustedbsd/audit3/sys/kern/syscalls.c#15 edit
.. //depot/projects/trustedbsd/audit3/sys/kern/syscalls.master#27 edit
.. //depot/projects/trustedbsd/audit3/sys/kern/vfs_mount.c#8 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#5 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/syscall.h#15 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/syscall.mk#16 edit
.. //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#19 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/kern/init_sysent.c#24 (text+ko) ====

@@ -407,7 +407,7 @@
 	{ AS(nfsclnt_args), (sy_call_t *)nosys, AUE_NULL },	/* 375 = nfsclnt */
 	{ SYF_MPSAFE | AS(eaccess_args), (sy_call_t *)eaccess, AUE_EACCESS },	/* 376 = eaccess */
 	{ 0, (sy_call_t *)nosys, AUE_NULL },			/* 377 = afs_syscall */
-	{ AS(nmount_args), (sy_call_t *)nmount, AUE_NULL },	/* 378 = nmount */
+	{ AS(nmount_args), (sy_call_t *)nmount, AUE_NMOUNT },	/* 378 = nmount */
 	{ SYF_MPSAFE | 0, (sy_call_t *)kse_exit, AUE_NULL },	/* 379 = kse_exit */
 	{ SYF_MPSAFE | AS(kse_wakeup_args), (sy_call_t *)kse_wakeup, AUE_NULL },	/* 380 = kse_wakeup */
 	{ SYF_MPSAFE | AS(kse_create_args), (sy_call_t *)kse_create, AUE_NULL },	/* 381 = kse_create */

==== //depot/projects/trustedbsd/audit3/sys/kern/syscalls.c#15 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/kern/syscalls.master#27 (text+ko) ====

@@ -662,7 +662,7 @@
 375	AUE_NULL	NOIMPL	{ int nfsclnt(int flag, caddr_t argp); }
 376	AUE_EACCESS	MSTD	{ int eaccess(char *path, int flags); }
 377	AUE_NULL	UNIMPL	afs_syscall
-378	AUE_NULL	STD	{ int nmount(struct iovec *iovp, \
+378	AUE_NMOUNT	STD	{ int nmount(struct iovec *iovp, \
 				    unsigned int iovcnt, int flags); }
 379	AUE_NULL	MSTD	{ int kse_exit(void); }
 380	AUE_NULL	MSTD	{ int kse_wakeup(struct kse_mailbox *mbx); }

==== //depot/projects/trustedbsd/audit3/sys/kern/vfs_mount.c#8 (text+ko) ====

@@ -373,9 +373,6 @@
 	int error;
 	u_int iovcnt;
 
-	/* XXXAUDIT Audit is not complete for nmount() yet; need to create
-	 * a new audit event. 
-	 */
 	AUDIT_ARG(fflags, uap->flags);
 
 	/* Kick out MNT_ROOTFS early as it is legal internally */
@@ -394,6 +391,7 @@
 	if (error)
 		return (error);
 	iov = auio->uio_iov;
+	AUDIT_ARG(iovec, iov, iovcnt);
 	for (i = 0; i < iovcnt; i++) {
 		if (iov->iov_len > MMAXOPTIONLEN) {
 			free(auio, M_IOV);

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm.c#5 (text+ko) ====

@@ -818,6 +818,18 @@
 		UPATH1_VNODE1_TOKENS;
 		break;
 
+	case AUE_NMOUNT:
+		if (ARG_IS_VALID(kar, ARG_FFLAGS)) {
+			tok = au_to_arg32(3, "flags", ar->ar_arg_fflags);
+			kau_write(rec, tok);
+		}
+		if (ARG_IS_VALID(kar, ARG_IOVECSTR)) {
+			tok = au_to_text(ar->ar_arg_iovecstr);
+			kau_write(rec, tok);
+		}
+		UPATH1_VNODE1_TOKENS;
+		break;
+
 	case AUE_MSGCTL:
 		ar->ar_event = msgctl_to_event(ar->ar_arg_svipc_cmd);
 		/* Fall through */

==== //depot/projects/trustedbsd/audit3/sys/sys/syscall.h#15 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/sys/syscall.mk#16 (text+ko) ====


==== //depot/projects/trustedbsd/audit3/sys/sys/sysproto.h#19 (text+ko) ====

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

