PERFORCE change 91243 for review
Robert Watson
rwatson at FreeBSD.org
Mon Feb 6 17:02:04 GMT 2006
http://perforce.freebsd.org/chv.cgi?CH=91243
Change 91243 by rwatson at rwatson_zoo on 2006/02/06 17:01:03
If the user process passed a buffer too short for a record, drop it
and loop, rather than returning truncated data to user space. This
is a "truncated drop".
Count truncated record drops in the audit pipe stats.
Affected files ...
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#3 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#3 (text+ko) ====
@@ -85,6 +85,7 @@
u_int64_t ap_inserts; /* Records added. */
u_int64_t ap_reads; /* Records read. */
u_int64_t ap_drops; /* Records dropped. */
+ u_int64_t ap_truncates; /* Records too long. */
TAILQ_HEAD(, audit_pipe_entry) ap_queue;
@@ -228,7 +229,7 @@
ape = TAILQ_FIRST(&ap->ap_queue);
KASSERT((ape == NULL && ap->ap_qlen == 0) ||
- (ape != NULL && ap->ap_qlen != 0), ("audit_pipe_read: qlen"));
+ (ape != NULL && ap->ap_qlen != 0), ("audit_pipe_pop: qlen"));
if (ape == NULL)
return (NULL);
TAILQ_REMOVE(&ap->ap_queue, ape, ape_queue);
@@ -404,6 +405,15 @@
mtx_unlock(&audit_pipe_mtx);
return (error);
}
+ /*
+ * Simply drop records that are too long and keep waiting, as
+ * this helps maintain the discreet record interface.
+ */
+ if (ape->ape_record_len < uio->uio_resid) {
+ audit_pipe_entry_free(ape);
+ ap->ap_truncates++;
+ continue;
+ }
}
mtx_unlock(&audit_pipe_mtx);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list