PERFORCE change 91293 for review
Robert Watson
rwatson at FreeBSD.org
Mon Feb 6 23:08:34 GMT 2006
http://perforce.freebsd.org/chv.cgi?CH=91293
Change 91293 by rwatson at rwatson_zoo on 2006/02/06 23:07:37
Integrate TrustedBSD base branch from FreeBSD CVS:
- Loop back ibcs2 system call table audit identifiers.
- Loop back audit pipe support.
- Loop back audit UMA allocation for audit records.
- kern_eaccess().
Affected files ...
.. //depot/projects/trustedbsd/base/sys/alpha/linux/linux_machdep.c#14 integrate
.. //depot/projects/trustedbsd/base/sys/alpha/osf1/osf1_misc.c#25 integrate
.. //depot/projects/trustedbsd/base/sys/amd64/linux32/linux32_machdep.c#5 integrate
.. //depot/projects/trustedbsd/base/sys/arm/at91/if_ate.c#2 integrate
.. //depot/projects/trustedbsd/base/sys/compat/freebsd32/freebsd32_misc.c#17 integrate
.. //depot/projects/trustedbsd/base/sys/compat/svr4/svr4_misc.c#29 integrate
.. //depot/projects/trustedbsd/base/sys/conf/files#95 integrate
.. //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_misc.c#17 integrate
.. //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_proto.h#10 integrate
.. //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_syscall.h#9 integrate
.. //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_sysent.c#11 integrate
.. //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_xenix.c#10 integrate
.. //depot/projects/trustedbsd/base/sys/i386/ibcs2/syscalls.master#9 integrate
.. //depot/projects/trustedbsd/base/sys/i386/linux/linux_machdep.c#20 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_exec.c#56 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_exit.c#48 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_fork.c#51 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_kse.c#9 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_kthread.c#13 integrate
.. //depot/projects/trustedbsd/base/sys/kern/vfs_syscalls.c#66 integrate
.. //depot/projects/trustedbsd/base/sys/security/audit/audit.c#2 integrate
.. //depot/projects/trustedbsd/base/sys/security/audit/audit_pipe.c#1 branch
.. //depot/projects/trustedbsd/base/sys/security/audit/audit_private.h#2 integrate
.. //depot/projects/trustedbsd/base/sys/sys/imgact.h#12 integrate
.. //depot/projects/trustedbsd/base/sys/sys/syscallsubr.h#14 integrate
Differences ...
==== //depot/projects/trustedbsd/base/sys/alpha/linux/linux_machdep.c#14 (text+ko) ====
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/alpha/linux/linux_machdep.c,v 1.36 2005/02/18 18:32:32 jhb Exp $");
+__FBSDID("$FreeBSD: src/sys/alpha/linux/linux_machdep.c,v 1.37 2006/02/06 22:06:52 jhb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -81,7 +81,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/alpha/osf1/osf1_misc.c#25 (text+ko) ====
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/alpha/osf1/osf1_misc.c,v 1.58 2005/09/28 07:03:01 rwatson Exp $");
+__FBSDID("$FreeBSD: src/sys/alpha/osf1/osf1_misc.c,v 1.59 2006/02/06 22:06:52 jhb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -1246,7 +1246,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/amd64/linux32/linux32_machdep.c#5 (text+ko) ====
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/amd64/linux32/linux32_machdep.c,v 1.10 2005/06/24 17:41:27 jhb Exp $");
+__FBSDID("$FreeBSD: src/sys/amd64/linux32/linux32_machdep.c,v 1.11 2006/02/06 22:06:53 jhb Exp $");
#include <sys/param.h>
#include <sys/kernel.h>
@@ -205,7 +205,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/arm/at91/if_ate.c#2 (text) ====
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/arm/at91/if_ate.c,v 1.1 2006/02/04 23:32:13 imp Exp $");
+__FBSDID("$FreeBSD: src/sys/arm/at91/if_ate.c,v 1.2 2006/02/06 22:17:42 cognet Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -181,13 +181,13 @@
ate_get_mac(sc, eaddr);
+ sc->ifp = ifp = if_alloc(IFT_ETHER);
if (mii_phy_probe(dev, &sc->miibus, ate_ifmedia_upd, ate_ifmedia_sts)) {
device_printf(dev, "Cannot find my PHY.\n");
err = ENXIO;
goto out;
}
- sc->ifp = ifp = if_alloc(IFT_ETHER);
ifp->if_softc = sc;
if_initname(ifp, device_get_name(dev), device_get_unit(dev));
ifp->if_mtu = ETHERMTU;
@@ -611,6 +611,8 @@
BUS_DMASYNC_PREWRITE);
continue;
}
+ mb->m_len = sc->rx_descs[i].status &
+ ETH_LEN_MASK;
/*
* For the last buffer, set the wrap bit so
* the controller restarts from the first
@@ -817,7 +819,7 @@
/*
* Enable some parts of the MAC that are needed always (like the
* MII bus. This turns off the RE and TE bits, which will remain
- * off until atestart() is called to turn them on. With RE and TE
+ * off until ateinit() is called to turn them on. With RE and TE
* turned off, there's no DMA to worry about after this write.
*/
WR4(sc, ETH_CTL, ETH_CTL_MPE);
==== //depot/projects/trustedbsd/base/sys/compat/freebsd32/freebsd32_misc.c#17 (text+ko) ====
@@ -25,7 +25,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/compat/freebsd32/freebsd32_misc.c,v 1.49 2006/01/20 16:22:06 ambrisko Exp $");
+__FBSDID("$FreeBSD: src/sys/compat/freebsd32/freebsd32_misc.c,v 1.50 2006/02/06 22:06:53 jhb Exp $");
#include "opt_compat.h"
@@ -324,7 +324,6 @@
uap->argv, uap->envv);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/compat/svr4/svr4_misc.c#29 (text+ko) ====
@@ -33,7 +33,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/compat/svr4/svr4_misc.c,v 1.83 2005/10/19 09:33:15 davidxu Exp $");
+__FBSDID("$FreeBSD: src/sys/compat/svr4/svr4_misc.c,v 1.84 2006/02/06 22:06:53 jhb Exp $");
#include "opt_mac.h"
@@ -175,7 +175,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
@@ -195,7 +194,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/conf/files#95 (text+ko) ====
@@ -1,4 +1,4 @@
-# $FreeBSD: src/sys/conf/files,v 1.1093 2006/02/03 00:36:19 mjacob Exp $
+# $FreeBSD: src/sys/conf/files,v 1.1095 2006/02/06 22:50:39 rwatson Exp $
#
# The long compile-with and dependency lines are required because of
# limitations in config: backslash-newline doesn't work in strings, and
@@ -1829,13 +1829,14 @@
posix4/p1003_1b.c standard
posix4/posix4_mib.c standard
rpc/rpcclnt.c optional nfsclient
+security/audit/audit.c optional audit
security/audit/audit_arg.c optional audit
-security/audit/audit_syscalls.c standard
-security/audit/audit_trigger.c optional audit
-security/audit/audit.c optional audit
security/audit/audit_bsm.c optional audit
security/audit/audit_bsm_klib.c optional audit
security/audit/audit_bsm_token.c optional audit
+security/audit/audit_pipe.c optional audit
+security/audit/audit_syscalls.c standard
+security/audit/audit_trigger.c optional audit
security/mac/mac_inet.c optional mac inet
security/mac/mac_label.c optional mac
security/mac/mac_net.c optional mac
==== //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_misc.c#17 (text+ko) ====
@@ -47,7 +47,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/i386/ibcs2/ibcs2_misc.c,v 1.61 2005/07/07 19:29:42 jhb Exp $");
+__FBSDID("$FreeBSD: src/sys/i386/ibcs2/ibcs2_misc.c,v 1.62 2006/02/06 22:06:53 jhb Exp $");
/*
* IBCS2 compatibility module.
@@ -207,7 +207,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
@@ -227,7 +226,6 @@
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_proto.h#10 (text+ko) ====
@@ -2,7 +2,7 @@
* System call prototypes.
*
* DO NOT EDIT-- this file is automatically generated.
- * $FreeBSD: src/sys/i386/ibcs2/ibcs2_proto.h,v 1.22 2005/07/13 20:35:08 jhb Exp $
+ * $FreeBSD: src/sys/i386/ibcs2/ibcs2_proto.h,v 1.23 2006/02/06 22:15:00 rwatson Exp $
* created from FreeBSD: src/sys/i386/ibcs2/syscalls.master,v 1.21 2005/07/13 20:32:42 jhb Exp
*/
==== //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_syscall.h#9 (text+ko) ====
@@ -2,7 +2,7 @@
* System call numbers.
*
* DO NOT EDIT-- this file is automatically generated.
- * $FreeBSD: src/sys/i386/ibcs2/ibcs2_syscall.h,v 1.19 2005/07/13 20:35:08 jhb Exp $
+ * $FreeBSD: src/sys/i386/ibcs2/ibcs2_syscall.h,v 1.20 2006/02/06 22:15:00 rwatson Exp $
* created from FreeBSD: src/sys/i386/ibcs2/syscalls.master,v 1.21 2005/07/13 20:32:42 jhb Exp
*/
==== //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_sysent.c#11 (text+ko) ====
@@ -2,7 +2,7 @@
* System call switch table.
*
* DO NOT EDIT-- this file is automatically generated.
- * $FreeBSD: src/sys/i386/ibcs2/ibcs2_sysent.c,v 1.24 2005/07/13 20:35:08 jhb Exp $
+ * $FreeBSD: src/sys/i386/ibcs2/ibcs2_sysent.c,v 1.25 2006/02/06 22:15:00 rwatson Exp $
* created from FreeBSD: src/sys/i386/ibcs2/syscalls.master,v 1.21 2005/07/13 20:32:42 jhb Exp
*/
@@ -19,68 +19,68 @@
/* The casts are bogus but will do for now. */
struct sysent ibcs2_sysent[] = {
{ SYF_MPSAFE | 0, (sy_call_t *)nosys, AUE_NULL }, /* 0 = syscall */
- { SYF_MPSAFE | AS(sys_exit_args), (sy_call_t *)sys_exit, AUE_NULL }, /* 1 = exit */
- { SYF_MPSAFE | 0, (sy_call_t *)fork, AUE_NULL }, /* 2 = fork */
+ { SYF_MPSAFE | AS(sys_exit_args), (sy_call_t *)sys_exit, AUE_EXIT }, /* 1 = exit */
+ { SYF_MPSAFE | 0, (sy_call_t *)fork, AUE_FORK }, /* 2 = fork */
{ AS(ibcs2_read_args), (sy_call_t *)ibcs2_read, AUE_NULL }, /* 3 = ibcs2_read */
{ SYF_MPSAFE | AS(write_args), (sy_call_t *)write, AUE_NULL }, /* 4 = write */
- { SYF_MPSAFE | AS(ibcs2_open_args), (sy_call_t *)ibcs2_open, AUE_NULL }, /* 5 = ibcs2_open */
- { SYF_MPSAFE | AS(close_args), (sy_call_t *)close, AUE_NULL }, /* 6 = close */
- { SYF_MPSAFE | AS(ibcs2_wait_args), (sy_call_t *)ibcs2_wait, AUE_NULL }, /* 7 = ibcs2_wait */
- { SYF_MPSAFE | AS(ibcs2_creat_args), (sy_call_t *)ibcs2_creat, AUE_NULL }, /* 8 = ibcs2_creat */
- { SYF_MPSAFE | AS(link_args), (sy_call_t *)link, AUE_NULL }, /* 9 = link */
- { SYF_MPSAFE | AS(ibcs2_unlink_args), (sy_call_t *)ibcs2_unlink, AUE_NULL }, /* 10 = ibcs2_unlink */
- { SYF_MPSAFE | AS(ibcs2_execv_args), (sy_call_t *)ibcs2_execv, AUE_NULL }, /* 11 = ibcs2_execv */
- { SYF_MPSAFE | AS(ibcs2_chdir_args), (sy_call_t *)ibcs2_chdir, AUE_NULL }, /* 12 = ibcs2_chdir */
+ { SYF_MPSAFE | AS(ibcs2_open_args), (sy_call_t *)ibcs2_open, AUE_OPEN_RWTC }, /* 5 = ibcs2_open */
+ { SYF_MPSAFE | AS(close_args), (sy_call_t *)close, AUE_CLOSE }, /* 6 = close */
+ { SYF_MPSAFE | AS(ibcs2_wait_args), (sy_call_t *)ibcs2_wait, AUE_WAIT4 }, /* 7 = ibcs2_wait */
+ { SYF_MPSAFE | AS(ibcs2_creat_args), (sy_call_t *)ibcs2_creat, AUE_CREAT }, /* 8 = ibcs2_creat */
+ { SYF_MPSAFE | AS(link_args), (sy_call_t *)link, AUE_LINK }, /* 9 = link */
+ { SYF_MPSAFE | AS(ibcs2_unlink_args), (sy_call_t *)ibcs2_unlink, AUE_UNLINK }, /* 10 = ibcs2_unlink */
+ { SYF_MPSAFE | AS(ibcs2_execv_args), (sy_call_t *)ibcs2_execv, AUE_EXECVE }, /* 11 = ibcs2_execv */
+ { SYF_MPSAFE | AS(ibcs2_chdir_args), (sy_call_t *)ibcs2_chdir, AUE_CHDIR }, /* 12 = ibcs2_chdir */
{ SYF_MPSAFE | AS(ibcs2_time_args), (sy_call_t *)ibcs2_time, AUE_NULL }, /* 13 = ibcs2_time */
- { SYF_MPSAFE | AS(ibcs2_mknod_args), (sy_call_t *)ibcs2_mknod, AUE_NULL }, /* 14 = ibcs2_mknod */
- { SYF_MPSAFE | AS(ibcs2_chmod_args), (sy_call_t *)ibcs2_chmod, AUE_NULL }, /* 15 = ibcs2_chmod */
- { SYF_MPSAFE | AS(ibcs2_chown_args), (sy_call_t *)ibcs2_chown, AUE_NULL }, /* 16 = ibcs2_chown */
+ { SYF_MPSAFE | AS(ibcs2_mknod_args), (sy_call_t *)ibcs2_mknod, AUE_MKNOD }, /* 14 = ibcs2_mknod */
+ { SYF_MPSAFE | AS(ibcs2_chmod_args), (sy_call_t *)ibcs2_chmod, AUE_CHMOD }, /* 15 = ibcs2_chmod */
+ { SYF_MPSAFE | AS(ibcs2_chown_args), (sy_call_t *)ibcs2_chown, AUE_CHOWN }, /* 16 = ibcs2_chown */
{ SYF_MPSAFE | AS(obreak_args), (sy_call_t *)obreak, AUE_NULL }, /* 17 = obreak */
- { SYF_MPSAFE | AS(ibcs2_stat_args), (sy_call_t *)ibcs2_stat, AUE_NULL }, /* 18 = ibcs2_stat */
- { SYF_MPSAFE | AS(ibcs2_lseek_args), (sy_call_t *)ibcs2_lseek, AUE_NULL }, /* 19 = ibcs2_lseek */
+ { SYF_MPSAFE | AS(ibcs2_stat_args), (sy_call_t *)ibcs2_stat, AUE_STAT }, /* 18 = ibcs2_stat */
+ { SYF_MPSAFE | AS(ibcs2_lseek_args), (sy_call_t *)ibcs2_lseek, AUE_LSEEK }, /* 19 = ibcs2_lseek */
{ SYF_MPSAFE | 0, (sy_call_t *)getpid, AUE_NULL }, /* 20 = getpid */
- { AS(ibcs2_mount_args), (sy_call_t *)ibcs2_mount, AUE_NULL }, /* 21 = ibcs2_mount */
- { AS(ibcs2_umount_args), (sy_call_t *)ibcs2_umount, AUE_NULL }, /* 22 = ibcs2_umount */
- { SYF_MPSAFE | AS(ibcs2_setuid_args), (sy_call_t *)ibcs2_setuid, AUE_NULL }, /* 23 = ibcs2_setuid */
- { SYF_MPSAFE | 0, (sy_call_t *)getuid, AUE_NULL }, /* 24 = getuid */
- { SYF_MPSAFE | AS(ibcs2_stime_args), (sy_call_t *)ibcs2_stime, AUE_NULL }, /* 25 = ibcs2_stime */
- { SYF_MPSAFE | AS(ptrace_args), (sy_call_t *)ptrace, AUE_NULL }, /* 26 = ptrace */
+ { AS(ibcs2_mount_args), (sy_call_t *)ibcs2_mount, AUE_MOUNT }, /* 21 = ibcs2_mount */
+ { AS(ibcs2_umount_args), (sy_call_t *)ibcs2_umount, AUE_UMOUNT }, /* 22 = ibcs2_umount */
+ { SYF_MPSAFE | AS(ibcs2_setuid_args), (sy_call_t *)ibcs2_setuid, AUE_SETUID }, /* 23 = ibcs2_setuid */
+ { SYF_MPSAFE | 0, (sy_call_t *)getuid, AUE_GETUID }, /* 24 = getuid */
+ { SYF_MPSAFE | AS(ibcs2_stime_args), (sy_call_t *)ibcs2_stime, AUE_SETTIMEOFDAY }, /* 25 = ibcs2_stime */
+ { SYF_MPSAFE | AS(ptrace_args), (sy_call_t *)ptrace, AUE_PTRACE }, /* 26 = ptrace */
{ SYF_MPSAFE | AS(ibcs2_alarm_args), (sy_call_t *)ibcs2_alarm, AUE_NULL }, /* 27 = ibcs2_alarm */
- { SYF_MPSAFE | AS(ibcs2_fstat_args), (sy_call_t *)ibcs2_fstat, AUE_NULL }, /* 28 = ibcs2_fstat */
+ { SYF_MPSAFE | AS(ibcs2_fstat_args), (sy_call_t *)ibcs2_fstat, AUE_FSTAT }, /* 28 = ibcs2_fstat */
{ SYF_MPSAFE | 0, (sy_call_t *)ibcs2_pause, AUE_NULL }, /* 29 = ibcs2_pause */
{ SYF_MPSAFE | AS(ibcs2_utime_args), (sy_call_t *)ibcs2_utime, AUE_NULL }, /* 30 = ibcs2_utime */
{ SYF_MPSAFE | AS(ibcs2_stty_args), (sy_call_t *)ibcs2_stty, AUE_NULL }, /* 31 = ibcs2_stty */
{ SYF_MPSAFE | AS(ibcs2_gtty_args), (sy_call_t *)ibcs2_gtty, AUE_NULL }, /* 32 = ibcs2_gtty */
- { SYF_MPSAFE | AS(ibcs2_access_args), (sy_call_t *)ibcs2_access, AUE_NULL }, /* 33 = ibcs2_access */
- { SYF_MPSAFE | AS(ibcs2_nice_args), (sy_call_t *)ibcs2_nice, AUE_NULL }, /* 34 = ibcs2_nice */
- { SYF_MPSAFE | AS(ibcs2_statfs_args), (sy_call_t *)ibcs2_statfs, AUE_NULL }, /* 35 = ibcs2_statfs */
+ { SYF_MPSAFE | AS(ibcs2_access_args), (sy_call_t *)ibcs2_access, AUE_ACCESS }, /* 33 = ibcs2_access */
+ { SYF_MPSAFE | AS(ibcs2_nice_args), (sy_call_t *)ibcs2_nice, AUE_NICE }, /* 34 = ibcs2_nice */
+ { SYF_MPSAFE | AS(ibcs2_statfs_args), (sy_call_t *)ibcs2_statfs, AUE_STATFS }, /* 35 = ibcs2_statfs */
{ SYF_MPSAFE | 0, (sy_call_t *)sync, AUE_NULL }, /* 36 = sync */
- { SYF_MPSAFE | AS(ibcs2_kill_args), (sy_call_t *)ibcs2_kill, AUE_NULL }, /* 37 = ibcs2_kill */
- { SYF_MPSAFE | AS(ibcs2_fstatfs_args), (sy_call_t *)ibcs2_fstatfs, AUE_NULL }, /* 38 = ibcs2_fstatfs */
+ { SYF_MPSAFE | AS(ibcs2_kill_args), (sy_call_t *)ibcs2_kill, AUE_KILL }, /* 37 = ibcs2_kill */
+ { SYF_MPSAFE | AS(ibcs2_fstatfs_args), (sy_call_t *)ibcs2_fstatfs, AUE_FSTATFS }, /* 38 = ibcs2_fstatfs */
{ SYF_MPSAFE | AS(ibcs2_pgrpsys_args), (sy_call_t *)ibcs2_pgrpsys, AUE_NULL }, /* 39 = ibcs2_pgrpsys */
{ SYF_MPSAFE | AS(ibcs2_xenix_args), (sy_call_t *)ibcs2_xenix, AUE_NULL }, /* 40 = ibcs2_xenix */
{ SYF_MPSAFE | AS(dup_args), (sy_call_t *)dup, AUE_NULL }, /* 41 = dup */
- { SYF_MPSAFE | 0, (sy_call_t *)pipe, AUE_NULL }, /* 42 = pipe */
+ { SYF_MPSAFE | 0, (sy_call_t *)pipe, AUE_PIPE }, /* 42 = pipe */
{ SYF_MPSAFE | AS(ibcs2_times_args), (sy_call_t *)ibcs2_times, AUE_NULL }, /* 43 = ibcs2_times */
- { SYF_MPSAFE | AS(profil_args), (sy_call_t *)profil, AUE_NULL }, /* 44 = profil */
+ { SYF_MPSAFE | AS(profil_args), (sy_call_t *)profil, AUE_PROFILE }, /* 44 = profil */
{ SYF_MPSAFE | AS(ibcs2_plock_args), (sy_call_t *)ibcs2_plock, AUE_NULL }, /* 45 = ibcs2_plock */
- { SYF_MPSAFE | AS(ibcs2_setgid_args), (sy_call_t *)ibcs2_setgid, AUE_NULL }, /* 46 = ibcs2_setgid */
- { SYF_MPSAFE | 0, (sy_call_t *)getgid, AUE_NULL }, /* 47 = getgid */
+ { SYF_MPSAFE | AS(ibcs2_setgid_args), (sy_call_t *)ibcs2_setgid, AUE_SETGID }, /* 46 = ibcs2_setgid */
+ { SYF_MPSAFE | 0, (sy_call_t *)getgid, AUE_GETGID }, /* 47 = getgid */
{ SYF_MPSAFE | AS(ibcs2_sigsys_args), (sy_call_t *)ibcs2_sigsys, AUE_NULL }, /* 48 = ibcs2_sigsys */
- { AS(ibcs2_msgsys_args), (sy_call_t *)ibcs2_msgsys, AUE_NULL }, /* 49 = ibcs2_msgsys */
+ { AS(ibcs2_msgsys_args), (sy_call_t *)ibcs2_msgsys, AUE_MSGSYS }, /* 49 = ibcs2_msgsys */
{ SYF_MPSAFE | AS(ibcs2_sysi86_args), (sy_call_t *)ibcs2_sysi86, AUE_NULL }, /* 50 = ibcs2_sysi86 */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 51 = ibcs2_acct */
- { AS(ibcs2_shmsys_args), (sy_call_t *)ibcs2_shmsys, AUE_NULL }, /* 52 = ibcs2_shmsys */
- { AS(ibcs2_semsys_args), (sy_call_t *)ibcs2_semsys, AUE_NULL }, /* 53 = ibcs2_semsys */
- { AS(ibcs2_ioctl_args), (sy_call_t *)ibcs2_ioctl, AUE_NULL }, /* 54 = ibcs2_ioctl */
+ { AS(ibcs2_shmsys_args), (sy_call_t *)ibcs2_shmsys, AUE_SHMSYS }, /* 52 = ibcs2_shmsys */
+ { AS(ibcs2_semsys_args), (sy_call_t *)ibcs2_semsys, AUE_SEMSYS }, /* 53 = ibcs2_semsys */
+ { AS(ibcs2_ioctl_args), (sy_call_t *)ibcs2_ioctl, AUE_IOCTL }, /* 54 = ibcs2_ioctl */
{ SYF_MPSAFE | AS(ibcs2_uadmin_args), (sy_call_t *)ibcs2_uadmin, AUE_NULL }, /* 55 = ibcs2_uadmin */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 56 = nosys */
{ SYF_MPSAFE | AS(ibcs2_utssys_args), (sy_call_t *)ibcs2_utssys, AUE_NULL }, /* 57 = ibcs2_utssys */
- { SYF_MPSAFE | AS(fsync_args), (sy_call_t *)fsync, AUE_NULL }, /* 58 = fsync */
- { SYF_MPSAFE | AS(ibcs2_execve_args), (sy_call_t *)ibcs2_execve, AUE_NULL }, /* 59 = ibcs2_execve */
- { SYF_MPSAFE | AS(umask_args), (sy_call_t *)umask, AUE_NULL }, /* 60 = umask */
- { SYF_MPSAFE | AS(chroot_args), (sy_call_t *)chroot, AUE_NULL }, /* 61 = chroot */
- { SYF_MPSAFE | AS(ibcs2_fcntl_args), (sy_call_t *)ibcs2_fcntl, AUE_NULL }, /* 62 = ibcs2_fcntl */
+ { SYF_MPSAFE | AS(fsync_args), (sy_call_t *)fsync, AUE_FSYNC }, /* 58 = fsync */
+ { SYF_MPSAFE | AS(ibcs2_execve_args), (sy_call_t *)ibcs2_execve, AUE_EXECVE }, /* 59 = ibcs2_execve */
+ { SYF_MPSAFE | AS(umask_args), (sy_call_t *)umask, AUE_UMASK }, /* 60 = umask */
+ { SYF_MPSAFE | AS(chroot_args), (sy_call_t *)chroot, AUE_CHROOT }, /* 61 = chroot */
+ { SYF_MPSAFE | AS(ibcs2_fcntl_args), (sy_call_t *)ibcs2_fcntl, AUE_FCNTL }, /* 62 = ibcs2_fcntl */
{ SYF_MPSAFE | AS(ibcs2_ulimit_args), (sy_call_t *)ibcs2_ulimit, AUE_NULL }, /* 63 = ibcs2_ulimit */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 64 = reserved for unix/pc */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 65 = reserved for unix/pc */
@@ -97,20 +97,20 @@
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 76 = obsolete rfs_rdebug */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 77 = obsolete rfs_rfstop */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 78 = rfs_rfsys */
- { SYF_MPSAFE | AS(ibcs2_rmdir_args), (sy_call_t *)ibcs2_rmdir, AUE_NULL }, /* 79 = ibcs2_rmdir */
- { SYF_MPSAFE | AS(ibcs2_mkdir_args), (sy_call_t *)ibcs2_mkdir, AUE_NULL }, /* 80 = ibcs2_mkdir */
- { AS(ibcs2_getdents_args), (sy_call_t *)ibcs2_getdents, AUE_NULL }, /* 81 = ibcs2_getdents */
+ { SYF_MPSAFE | AS(ibcs2_rmdir_args), (sy_call_t *)ibcs2_rmdir, AUE_RMDIR }, /* 79 = ibcs2_rmdir */
+ { SYF_MPSAFE | AS(ibcs2_mkdir_args), (sy_call_t *)ibcs2_mkdir, AUE_MKDIR }, /* 80 = ibcs2_mkdir */
+ { AS(ibcs2_getdents_args), (sy_call_t *)ibcs2_getdents, AUE_GETDIRENTRIES }, /* 81 = ibcs2_getdents */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 82 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 83 = nosys */
{ SYF_MPSAFE | AS(ibcs2_sysfs_args), (sy_call_t *)ibcs2_sysfs, AUE_NULL }, /* 84 = ibcs2_sysfs */
- { SYF_MPSAFE | AS(ibcs2_getmsg_args), (sy_call_t *)ibcs2_getmsg, AUE_NULL }, /* 85 = ibcs2_getmsg */
- { SYF_MPSAFE | AS(ibcs2_putmsg_args), (sy_call_t *)ibcs2_putmsg, AUE_NULL }, /* 86 = ibcs2_putmsg */
- { AS(ibcs2_poll_args), (sy_call_t *)ibcs2_poll, AUE_NULL }, /* 87 = ibcs2_poll */
+ { SYF_MPSAFE | AS(ibcs2_getmsg_args), (sy_call_t *)ibcs2_getmsg, AUE_GETMSG }, /* 85 = ibcs2_getmsg */
+ { SYF_MPSAFE | AS(ibcs2_putmsg_args), (sy_call_t *)ibcs2_putmsg, AUE_PUTMSG }, /* 86 = ibcs2_putmsg */
+ { AS(ibcs2_poll_args), (sy_call_t *)ibcs2_poll, AUE_POLL }, /* 87 = ibcs2_poll */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 88 = nosys */
{ SYF_MPSAFE | AS(ibcs2_secure_args), (sy_call_t *)ibcs2_secure, AUE_NULL }, /* 89 = ibcs2_secure */
- { SYF_MPSAFE | AS(ibcs2_symlink_args), (sy_call_t *)ibcs2_symlink, AUE_NULL }, /* 90 = ibcs2_symlink */
- { SYF_MPSAFE | AS(ibcs2_lstat_args), (sy_call_t *)ibcs2_lstat, AUE_NULL }, /* 91 = ibcs2_lstat */
- { SYF_MPSAFE | AS(ibcs2_readlink_args), (sy_call_t *)ibcs2_readlink, AUE_NULL }, /* 92 = ibcs2_readlink */
+ { SYF_MPSAFE | AS(ibcs2_symlink_args), (sy_call_t *)ibcs2_symlink, AUE_SYMLINK }, /* 90 = ibcs2_symlink */
+ { SYF_MPSAFE | AS(ibcs2_lstat_args), (sy_call_t *)ibcs2_lstat, AUE_LSTAT }, /* 91 = ibcs2_lstat */
+ { SYF_MPSAFE | AS(ibcs2_readlink_args), (sy_call_t *)ibcs2_readlink, AUE_READLINK }, /* 92 = ibcs2_readlink */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 93 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 94 = nosys */
{ 0, (sy_call_t *)nosys, AUE_NULL }, /* 95 = nosys */
==== //depot/projects/trustedbsd/base/sys/i386/ibcs2/ibcs2_xenix.c#10 (text+ko) ====
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/i386/ibcs2/ibcs2_xenix.c,v 1.35 2005/07/07 19:28:55 jhb Exp $");
+__FBSDID("$FreeBSD: src/sys/i386/ibcs2/ibcs2_xenix.c,v 1.36 2006/02/06 22:00:52 jhb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -216,7 +216,7 @@
bsd_flags |= X_OK;
CHECKALTEXIST(td, uap->path, &path);
- error = kern_access(td, path, UIO_SYSSPACE, bsd_flags);
+ error = kern_eaccess(td, path, UIO_SYSSPACE, bsd_flags);
free(path, M_TEMP);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/i386/ibcs2/syscalls.master#9 (text+ko) ====
@@ -1,10 +1,10 @@
- $FreeBSD: src/sys/i386/ibcs2/syscalls.master,v 1.21 2005/07/13 20:32:42 jhb Exp $
+ $FreeBSD: src/sys/i386/ibcs2/syscalls.master,v 1.22 2006/02/06 22:14:50 rwatson Exp $
; @(#)syscalls.master 8.1 (Berkeley) 7/19/93
; System call name/number master file (or rather, slave, from IBCS2).
; Processed to created ibcs2_sysent.c, ibcs2_syscalls.c and ibcs2_syscall.h.
-; Columns: number type nargs name alt{name,tag,rtyp}/comments
+; Columns: number audit type nargs name alt{name,tag,rtyp}/comments
; number system call number, must be in order
; audit the audit event associated with the system call
; A value of AUE_NULL means no auditing, but it also means that
@@ -36,45 +36,45 @@
; #ifdef's, etc. may be included, and are copied to the output files.
0 AUE_NULL MNOPROTO { int nosys(void); } syscall nosys_args int
-1 AUE_NULL MNOPROTO { void sys_exit(int rval); } exit \
+1 AUE_EXIT MNOPROTO { void sys_exit(int rval); } exit \
sys_exit_args void
-2 AUE_NULL MNOPROTO { int fork(void); }
+2 AUE_FORK MNOPROTO { int fork(void); }
3 AUE_NULL STD { int ibcs2_read(int fd, char *buf, \
u_int nbytes); }
4 AUE_NULL MNOPROTO { int write(int fd, char *buf, \
u_int nbytes); }
-5 AUE_NULL MSTD { int ibcs2_open(char *path, int flags, \
+5 AUE_OPEN_RWTC MSTD { int ibcs2_open(char *path, int flags, \
int mode); }
-6 AUE_NULL MNOPROTO { int close(int fd); }
-7 AUE_NULL MSTD { int ibcs2_wait(int a1, int a2, int a3); }
-8 AUE_NULL MSTD { int ibcs2_creat(char *path, int mode); }
-9 AUE_NULL MNOPROTO { int link(char *path, char *link); }
-10 AUE_NULL MSTD { int ibcs2_unlink(char *path); }
-11 AUE_NULL MSTD { int ibcs2_execv(char *path, char **argp); }
-12 AUE_NULL MSTD { int ibcs2_chdir(char *path); }
+6 AUE_CLOSE MNOPROTO { int close(int fd); }
+7 AUE_WAIT4 MSTD { int ibcs2_wait(int a1, int a2, int a3); }
+8 AUE_CREAT MSTD { int ibcs2_creat(char *path, int mode); }
+9 AUE_LINK MNOPROTO { int link(char *path, char *link); }
+10 AUE_UNLINK MSTD { int ibcs2_unlink(char *path); }
+11 AUE_EXECVE MSTD { int ibcs2_execv(char *path, char **argp); }
+12 AUE_CHDIR MSTD { int ibcs2_chdir(char *path); }
13 AUE_NULL MSTD { int ibcs2_time(ibcs2_time_t *tp); }
-14 AUE_NULL MSTD { int ibcs2_mknod(char* path, int mode, \
+14 AUE_MKNOD MSTD { int ibcs2_mknod(char* path, int mode, \
int dev); }
-15 AUE_NULL MSTD { int ibcs2_chmod(char *path, int mode); }
-16 AUE_NULL MSTD { int ibcs2_chown(char *path, int uid, \
+15 AUE_CHMOD MSTD { int ibcs2_chmod(char *path, int mode); }
+16 AUE_CHOWN MSTD { int ibcs2_chown(char *path, int uid, \
int gid); }
17 AUE_NULL MNOPROTO { int obreak(caddr_t nsize); }
-18 AUE_NULL MSTD { int ibcs2_stat(char* path, \
+18 AUE_STAT MSTD { int ibcs2_stat(char* path, \
struct ibcs2_stat *st); }
-19 AUE_NULL MSTD { long ibcs2_lseek(int fd, long offset, \
+19 AUE_LSEEK MSTD { long ibcs2_lseek(int fd, long offset, \
int whence); }
20 AUE_NULL MNOPROTO { pid_t getpid(void); }
-21 AUE_NULL STD { int ibcs2_mount(char *special, char *dir, \
+21 AUE_MOUNT STD { int ibcs2_mount(char *special, char *dir, \
int flags, int fstype, char *data, \
int len); }
-22 AUE_NULL STD { int ibcs2_umount(char *name); }
-23 AUE_NULL MSTD { int ibcs2_setuid(int uid); }
-24 AUE_NULL MNOPROTO { uid_t getuid(void); }
-25 AUE_NULL MSTD { int ibcs2_stime(long *timep); }
-26 AUE_NULL MNOPROTO { int ptrace(int req, pid_t pid, \
+22 AUE_UMOUNT STD { int ibcs2_umount(char *name); }
+23 AUE_SETUID MSTD { int ibcs2_setuid(int uid); }
+24 AUE_GETUID MNOPROTO { uid_t getuid(void); }
+25 AUE_SETTIMEOFDAY MSTD { int ibcs2_stime(long *timep); }
+26 AUE_PTRACE MNOPROTO { int ptrace(int req, pid_t pid, \
caddr_t addr, int data); }
27 AUE_NULL MSTD { int ibcs2_alarm(unsigned sec); }
-28 AUE_NULL MSTD { int ibcs2_fstat(int fd, \
+28 AUE_FSTAT MSTD { int ibcs2_fstat(int fd, \
struct ibcs2_stat *st); }
29 AUE_NULL MSTD { int ibcs2_pause(void); }
30 AUE_NULL MSTD { int ibcs2_utime(char *path, \
@@ -83,14 +83,14 @@
struct sgttyb *buf); }
32 AUE_NULL MSTD { int ibcs2_gtty(int fd, \
struct sgttyb *buf); }
-33 AUE_NULL MSTD { int ibcs2_access(char *path, int flags); }
-34 AUE_NULL MSTD { int ibcs2_nice(int incr); }
-35 AUE_NULL MSTD { int ibcs2_statfs(char *path, \
+33 AUE_ACCESS MSTD { int ibcs2_access(char *path, int flags); }
+34 AUE_NICE MSTD { int ibcs2_nice(int incr); }
+35 AUE_STATFS MSTD { int ibcs2_statfs(char *path, \
struct ibcs2_statfs *buf, int len, \
int fstype); }
36 AUE_NULL MNOPROTO { int sync(void); }
-37 AUE_NULL MSTD { int ibcs2_kill(int pid, int signo); }
-38 AUE_NULL MSTD { int ibcs2_fstatfs(int fd, \
+37 AUE_KILL MSTD { int ibcs2_kill(int pid, int signo); }
+38 AUE_FSTATFS MSTD { int ibcs2_fstatfs(int fd, \
struct ibcs2_statfs *buf, int len, \
int fstype); }
39 AUE_NULL MSTD { int ibcs2_pgrpsys(int type, caddr_t dummy, \
@@ -98,35 +98,35 @@
40 AUE_NULL MSTD { int ibcs2_xenix(int a1, int a2, int a3, \
int a4, int a5); }
41 AUE_NULL MNOPROTO { int dup(u_int fd); }
-42 AUE_NULL MNOPROTO { int pipe(void); }
+42 AUE_PIPE MNOPROTO { int pipe(void); }
43 AUE_NULL MSTD { int ibcs2_times(struct tms *tp); }
-44 AUE_NULL MNOPROTO { int profil(caddr_t samples, u_int size, \
+44 AUE_PROFILE MNOPROTO { int profil(caddr_t samples, u_int size, \
u_int offset, u_int scale); }
45 AUE_NULL MSTD { int ibcs2_plock(int cmd); }
-46 AUE_NULL MSTD { int ibcs2_setgid(int gid); }
-47 AUE_NULL MNOPROTO { gid_t getgid(void); }
+46 AUE_SETGID MSTD { int ibcs2_setgid(int gid); }
+47 AUE_GETGID MNOPROTO { gid_t getgid(void); }
48 AUE_NULL MSTD { int ibcs2_sigsys(int sig, ibcs2_sig_t fp); }
-49 AUE_NULL STD { int ibcs2_msgsys(int which, int a2, \
+49 AUE_MSGSYS STD { int ibcs2_msgsys(int which, int a2, \
int a3, int a4, int a5, int a6); }
50 AUE_NULL MSTD { int ibcs2_sysi86(int cmd, int *arg); }
51 AUE_NULL UNIMPL ibcs2_acct
-52 AUE_NULL STD { int ibcs2_shmsys(int which, int a2, \
+52 AUE_SHMSYS STD { int ibcs2_shmsys(int which, int a2, \
int a3, int a4); }
-53 AUE_NULL STD { int ibcs2_semsys(int which, int a2, \
+53 AUE_SEMSYS STD { int ibcs2_semsys(int which, int a2, \
int a3, int a4, int a5); }
-54 AUE_NULL STD { int ibcs2_ioctl(int fd, int cmd, \
+54 AUE_IOCTL STD { int ibcs2_ioctl(int fd, int cmd, \
caddr_t data); }
55 AUE_NULL MSTD { int ibcs2_uadmin(int cmd, int func, \
caddr_t data); }
56 AUE_NULL UNIMPL nosys
57 AUE_NULL MSTD { int ibcs2_utssys(int a1, int a2, \
int flag); }
-58 AUE_NULL MNOPROTO { int fsync(int fd); }
-59 AUE_NULL MSTD { int ibcs2_execve(char *path, char **argp, \
+58 AUE_FSYNC MNOPROTO { int fsync(int fd); }
+59 AUE_EXECVE MSTD { int ibcs2_execve(char *path, char **argp, \
char **envp); }
-60 AUE_NULL MNOPROTO { int umask(int newmask); }
-61 AUE_NULL MNOPROTO { int chroot(char *path); }
-62 AUE_NULL MSTD { int ibcs2_fcntl(int fd, int cmd, \
+60 AUE_UMASK MNOPROTO { int umask(int newmask); }
+61 AUE_CHROOT MNOPROTO { int chroot(char *path); }
+62 AUE_FCNTL MSTD { int ibcs2_fcntl(int fd, int cmd, \
char *arg); }
63 AUE_NULL MSTD { long ibcs2_ulimit(int cmd, int newlimit); }
64 AUE_NULL UNIMPL reserved for unix/pc
@@ -144,30 +144,30 @@
76 AUE_NULL OBSOL rfs_rdebug
77 AUE_NULL OBSOL rfs_rfstop
78 AUE_NULL UNIMPL rfs_rfsys
-79 AUE_NULL MSTD { int ibcs2_rmdir(char *path); }
-80 AUE_NULL MSTD { int ibcs2_mkdir(char *path, int mode); }
-81 AUE_NULL STD { int ibcs2_getdents(int fd, char *buf, \
+79 AUE_RMDIR MSTD { int ibcs2_rmdir(char *path); }
+80 AUE_MKDIR MSTD { int ibcs2_mkdir(char *path, int mode); }
+81 AUE_GETDIRENTRIES STD { int ibcs2_getdents(int fd, char *buf, \
int nbytes); }
82 AUE_NULL UNIMPL nosys
83 AUE_NULL UNIMPL nosys
84 AUE_NULL MSTD { int ibcs2_sysfs(int cmd, caddr_t d1, \
char *buf); }
-85 AUE_NULL MSTD { int ibcs2_getmsg(int fd, \
+85 AUE_GETMSG MSTD { int ibcs2_getmsg(int fd, \
struct ibcs2_stropts *ctl, \
struct ibcs2_stropts *dat, int *flags); }
-86 AUE_NULL MSTD { int ibcs2_putmsg(int fd, \
+86 AUE_PUTMSG MSTD { int ibcs2_putmsg(int fd, \
struct ibcs2_stropts *ctl, \
struct ibcs2_stropts *dat, int flags); }
-87 AUE_NULL STD { int ibcs2_poll(struct ibcs2_poll *fds, \
+87 AUE_POLL STD { int ibcs2_poll(struct ibcs2_poll *fds, \
long nfds, int timeout); }
88 AUE_NULL UNIMPL nosys
89 AUE_NULL MSTD { int ibcs2_secure(int cmd, int a1, int a2, \
int a3, int a4, int a5); }
-90 AUE_NULL MSTD { int ibcs2_symlink(char *path, \
+90 AUE_SYMLINK MSTD { int ibcs2_symlink(char *path, \
char *link); }
-91 AUE_NULL MSTD { int ibcs2_lstat(char *path, \
+91 AUE_LSTAT MSTD { int ibcs2_lstat(char *path, \
struct ibcs2_stat *st); }
-92 AUE_NULL MSTD { int ibcs2_readlink(char *path, char *buf, \
+92 AUE_READLINK MSTD { int ibcs2_readlink(char *path, char *buf, \
int count); }
93 AUE_NULL UNIMPL nosys
94 AUE_NULL UNIMPL nosys
==== //depot/projects/trustedbsd/base/sys/i386/linux/linux_machdep.c#20 (text+ko) ====
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/i386/linux/linux_machdep.c,v 1.49 2005/08/01 17:35:48 sobomax Exp $");
+__FBSDID("$FreeBSD: src/sys/i386/linux/linux_machdep.c,v 1.50 2006/02/06 22:06:53 jhb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -122,7 +122,6 @@
free(newpath, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
- exec_free_args(&eargs);
return (error);
}
==== //depot/projects/trustedbsd/base/sys/kern/kern_exec.c#56 (text+ko) ====
@@ -25,7 +25,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.288 2006/02/02 08:39:39 jeff Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.289 2006/02/06 22:06:54 jhb Exp $");
#include "opt_hwpmc_hooks.h"
#include "opt_ktrace.h"
@@ -86,6 +86,7 @@
static int sysctl_kern_stackprot(SYSCTL_HANDLER_ARGS);
static int do_execve(struct thread *td, struct image_args *args,
struct mac *mac_p);
+static void exec_free_args(struct image_args *);
/* XXX This should be vm_size_t. */
SYSCTL_PROC(_kern, KERN_PS_STRINGS, ps_strings, CTLTYPE_ULONG|CTLFLAG_RD,
@@ -181,12 +182,8 @@
error = exec_copyin_args(&args, uap->fname, UIO_USERSPACE,
uap->argv, uap->envv);
-
if (error == 0)
error = kern_execve(td, &args, NULL);
-
- exec_free_args(&args);
-
return (error);
}
@@ -218,12 +215,8 @@
error = exec_copyin_args(&args, uap->fname, UIO_USERSPACE,
uap->argv, uap->envv);
-
if (error == 0)
error = kern_execve(td, &args, uap->mac_p);
-
- exec_free_args(&args);
-
return (error);
#else
return (ENOSYS);
@@ -776,19 +769,6 @@
p->p_flag &= ~P_INEXEC;
PROC_UNLOCK(p);
- if (imgp->vmspace_destroyed) {
- /* sorry, no more process anymore. exit gracefully */
-#ifdef MAC
- mac_execve_exit(imgp);
- if (interplabel != NULL)
- mac_vnode_label_free(interplabel);
-#endif
- VFS_UNLOCK_GIANT(vfslocked);
- exec_free_args(args);
- exit1(td, W_EXITCODE(0, SIGABRT));
- /* NOT REACHED */
- error = 0;
- }
done2:
#ifdef MAC
mac_execve_exit(imgp);
@@ -796,6 +776,13 @@
mac_vnode_label_free(interplabel);
#endif
VFS_UNLOCK_GIANT(vfslocked);
+ exec_free_args(args);
+
+ if (error && imgp->vmspace_destroyed) {
+ /* sorry, no more process anymore. exit gracefully */
+ exit1(td, W_EXITCODE(0, SIGABRT));
+ /* NOT REACHED */
+ }
return (error);
}
@@ -1036,7 +1023,7 @@
return (0);
}
-void
+static void
exec_free_args(struct image_args *args)
{
==== //depot/projects/trustedbsd/base/sys/kern/kern_exit.c#48 (text+ko) ====
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_exit.c,v 1.280 2006/02/06 00:19:09 wsalamon Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_exit.c,v 1.281 2006/02/06 21:56:13 jhb Exp $");
#include "opt_compat.h"
#include "opt_ktrace.h"
@@ -508,12 +508,6 @@
psignal(p->p_pptr, p->p_sigparent);
}
PROC_UNLOCK(p->p_pptr);
-
- /*
- * If this is a kthread, then wakeup anyone waiting for it to exit.
- */
- if (p->p_flag & P_KTHREAD)
- wakeup(p);
PROC_UNLOCK(p);
/*
==== //depot/projects/trustedbsd/base/sys/kern/kern_fork.c#51 (text+ko) ====
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_fork.c,v 1.255 2006/02/06 00:28:50 wsalamon Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_fork.c,v 1.256 2006/02/06 21:54:47 jhb Exp $");
#include "opt_ktrace.h"
#include "opt_mac.h"
@@ -805,14 +805,11 @@
* Check if a kernel thread misbehaved and returned from its main
* function.
*/
- PROC_LOCK(p);
if (p->p_flag & P_KTHREAD) {
- PROC_UNLOCK(p);
printf("Kernel thread \"%s\" (pid %d) exited prematurely.\n",
p->p_comm, p->p_pid);
kthread_exit(0);
}
- PROC_UNLOCK(p);
mtx_assert(&Giant, MA_NOTOWNED);
}
==== //depot/projects/trustedbsd/base/sys/kern/kern_kse.c#9 (text+ko) ====
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_kse.c,v 1.220 2005/11/03 04:49:16 davidxu Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_kse.c,v 1.221 2006/02/06 22:06:54 jhb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -266,7 +266,6 @@
args.argv, args.envp);
if (error == 0)
error = kern_execve(td, &iargs, NULL);
- exec_free_args(&iargs);
if (error == 0) {
PROC_LOCK(p);
SIGSETOR(td->td_siglist, args.sigpend);
==== //depot/projects/trustedbsd/base/sys/kern/kern_kthread.c#13 (text+ko) ====
@@ -25,7 +25,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_kthread.c,v 1.34 2005/01/06 23:35:39 imp Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_kthread.c,v 1.35 2006/02/06 21:56:13 jhb Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -129,11 +129,23 @@
td = curthread;
p = td->td_proc;
+
+ /*
+ * Reparent curthread from proc0 to init so that the zombie
+ * is harvested.
+ */
sx_xlock(&proctree_lock);
PROC_LOCK(p);
proc_reparent(p, initproc);
PROC_UNLOCK(p);
sx_xunlock(&proctree_lock);
+
+ /*
+ * Wakeup anyone waiting for us to exit.
+ */
+ wakeup(p);
+
+ /* Buh-bye! */
exit1(td, W_EXITCODE(ecode, 0));
}
==== //depot/projects/trustedbsd/base/sys/kern/vfs_syscalls.c#66 (text+ko) ====
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/vfs_syscalls.c,v 1.404 2006/02/06 10:15:27 jeff Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/vfs_syscalls.c,v 1.405 2006/02/06 22:00:52 jhb Exp $");
#include "opt_compat.h"
#include "opt_mac.h"
@@ -1915,18 +1915,24 @@
int flags;
} */ *uap;
{
+
+ return (kern_eaccess(td, uap->path, UIO_USERSPACE, uap->flags));
+}
+
+int
+kern_eaccess(struct thread *td, char *path, enum uio_seg pathseg, int flags)
+{
struct nameidata nd;
struct vnode *vp;
int vfslocked;
int error;
- NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, UIO_USERSPACE,
- uap->path, td);
+ NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE, pathseg, path, td);
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
vfslocked = NDHASGIANT(&nd);
- error = vn_access(vp, uap->flags, td->td_ucred, td);
+ error = vn_access(vp, flags, td->td_ucred, td);
NDFREE(&nd, NDF_ONLY_PNBUF);
vput(vp);
VFS_UNLOCK_GIANT(vfslocked);
==== //depot/projects/trustedbsd/base/sys/security/audit/audit.c#2 (text) ====
@@ -1,5 +1,6 @@
/*
* Copyright (c) 1999-2005 Apple Computer, Inc.
+ * Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +27,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/sys/security/audit/audit.c,v 1.3 2006/02/05 21:06:09 rwatson Exp $
+ * $FreeBSD: src/sys/security/audit/audit.c,v 1.5 2006/02/06 22:50:39 rwatson Exp $
*/
#include <sys/param.h>
@@ -56,14 +57,17 @@
#include <sys/unistd.h>
#include <sys/vnode.h>
+#include <bsm/audit.h>
+#include <bsm/audit_kevents.h>
+
#include <netinet/in.h>
#include <netinet/in_pcb.h>
-#include <bsm/audit.h>
-#include <bsm/audit_kevents.h>
#include <security/audit/audit.h>
#include <security/audit/audit_private.h>
+#include <vm/uma.h>
+
/*
* The AUDIT_EXCESSIVELY_VERBOSE define enables a number of
* gratuitously noisy printf's to the console. Due to the
@@ -77,8 +81,8 @@
#define AUDIT_PRINTF(X)
#endif
+static uma_zone_t audit_record_zone;
static MALLOC_DEFINE(M_AUDITPROC, "audit_proc", "Audit process storage");
-static MALLOC_DEFINE(M_AUDITREC, "audit_rec", "Audit event records");
MALLOC_DEFINE(M_AUDITDATA, "audit_data", "Audit data storage");
MALLOC_DEFINE(M_AUDITPATH, "audit_path", "Audit path storage");
MALLOC_DEFINE(M_AUDITTEXT, "audit_text", "Audit text storage");
@@ -193,25 +197,58 @@
static int audit_file_rotate_wait;
/*
- * Perform a deep free of an audit record (core record and referenced objects)
+ * Construct an audit record for the passed thread.
*/
+static int
+audit_record_ctor(void *mem, int size, void *arg, int flags)
+{
+ struct kaudit_record *ar;
+ struct thread *td;
+
+ KASSERT(sizeof(*ar) == size, ("audit_record_ctor: wrong size"));
+
+ td = arg;
+ ar = mem;
+ bzero(ar, sizeof(*ar));
+ ar->k_ar.ar_magic = AUDIT_RECORD_MAGIC;
+ nanotime(&ar->k_ar.ar_starttime);
+
+ /*
+ * Export the subject credential.
+ *
+ * XXXAUDIT: td_ucred access is OK without proc lock, but some other
+ * fields here may require the proc lock.
+ */
+ cru2x(td->td_ucred, &ar->k_ar.ar_subj_cred);
+ ar->k_ar.ar_subj_ruid = td->td_ucred->cr_ruid;
+ ar->k_ar.ar_subj_rgid = td->td_ucred->cr_rgid;
+ ar->k_ar.ar_subj_egid = td->td_ucred->cr_groups[0];
+ ar->k_ar.ar_subj_auid = td->td_proc->p_au->ai_auid;
+ ar->k_ar.ar_subj_asid = td->td_proc->p_au->ai_asid;
+ ar->k_ar.ar_subj_pid = td->td_proc->p_pid;
+ ar->k_ar.ar_subj_amask = td->td_proc->p_au->ai_mask;
+ ar->k_ar.ar_subj_term = td->td_proc->p_au->ai_termid;
+ bcopy(td->td_proc->p_comm, ar->k_ar.ar_subj_comm, MAXCOMLEN);
+
+ return (0);
+}
+
static void
-audit_record_free(struct kaudit_record *ar)
+audit_record_dtor(void *mem, int size, void *arg)
{
+ struct kaudit_record *ar;
+
+ KASSERT(sizeof(*ar) == size, ("audit_record_dtor: wrong size"));
- if (ar->k_ar.ar_arg_upath1 != NULL) {
+ ar = mem;
+ if (ar->k_ar.ar_arg_upath1 != NULL)
free(ar->k_ar.ar_arg_upath1, M_AUDITPATH);
- }
- if (ar->k_ar.ar_arg_upath2 != NULL) {
+ if (ar->k_ar.ar_arg_upath2 != NULL)
free(ar->k_ar.ar_arg_upath2, M_AUDITPATH);
- }
- if (ar->k_ar.ar_arg_text != NULL) {
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list