1/*
2 * Copyright (c) 1999-2005 Apple Inc.
3 * Copyright (c) 2005 Robert N. M. Watson
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
--- 15 unchanged lines hidden (view full) ---
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28 * POSSIBILITY OF SUCH DAMAGE.
29 */
30
31#include <sys/cdefs.h>
32__FBSDID("$FreeBSD: head/sys/security/audit/audit_bsm_klib.c 181053 2008-07-31 09:54:35Z rwatson $");
33
34#include <sys/param.h>
35#include <sys/fcntl.h>
36#include <sys/filedesc.h>
37#include <sys/libkern.h>
38#include <sys/malloc.h>
39#include <sys/mount.h>
40#include <sys/proc.h>
41#include <sys/sem.h>
42#include <sys/syscall.h>
43#include <sys/sysctl.h>
44#include <sys/sysent.h>
45#include <sys/vnode.h>
46
47#include <bsm/audit.h>
48#include <bsm/audit_kevents.h>
49#include <security/audit/audit.h>
--- 421 unchanged lines hidden (view full) ---
471}
472
473/*
474 * Create a canonical path from given path by prefixing either the root
475 * directory, or the current working directory. If the process working
476 * directory is NULL, we could use 'rootvnode' to obtain the root directory,
477 * but this results in a volfs name written to the audit log. So we will
478 * leave the filename starting with '/' in the audit log in this case.
479 *
480 * XXXRW: Since we combine two paths here, ideally a buffer of size
481 * MAXPATHLEN * 2 would be passed in.
482 */
483void
484audit_canon_path(struct thread *td, char *path, char *cpath)
485{
486 char *bufp;
487 char *retbuf, *freebuf;
488 struct vnode *vnp;
489 struct filedesc *fdp;
490 int cisr, error, vfslocked;
491
492 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
493 "audit_canon_path() at %s:%d", __FILE__, __LINE__);
494
495 fdp = td->td_proc->p_fd;
496 bufp = path;
497 cisr = 0;
498 FILEDESC_SLOCK(fdp);
499 if (*(path) == '/') {
500 while (*(bufp) == '/')
501 bufp++; /* Skip leading '/'s. */
502 /*
503 * If no process root, or it is the same as the system root,
504 * audit the path as passed in with a single '/'.
505 */
506 if ((fdp->fd_rdir == NULL) ||
507 (fdp->fd_rdir == rootvnode)) {
508 vnp = NULL;
509 bufp--; /* Restore one '/'. */
510 } else {
511 vnp = fdp->fd_rdir; /* Use process root. */
512 vref(vnp);
513 }
514 } else {
515 vnp = fdp->fd_cdir; /* Prepend the current dir. */
516 cisr = (fdp->fd_rdir == fdp->fd_cdir);
517 vref(vnp);
518 bufp = path;
519 }
520 FILEDESC_SUNLOCK(fdp);
521 if (vnp != NULL) {
522 /*
523 * XXX: vn_fullpath() on FreeBSD is "less reliable" than
524 * vn_getpath() on Darwin, so this will need more attention
525 * in the future. Also, the question and string bounding
526 * here seems a bit questionable and will also require
527 * attention.
528 */
529 vfslocked = VFS_LOCK_GIANT(vnp->v_mount);
530 vn_lock(vnp, LK_EXCLUSIVE | LK_RETRY);
531 error = vn_fullpath(td, vnp, &retbuf, &freebuf);
532 if (error == 0) {
533 /* Copy and free buffer allocated by vn_fullpath().
534 * If the current working directory was the same as
535 * the root directory, and the path was a relative
536 * pathname, do not separate the two components with
537 * the '/' character.
538 */
539 snprintf(cpath, MAXPATHLEN, "%s%s%s", retbuf,
540 cisr ? "" : "/", bufp);
541 free(freebuf, M_TEMP);
542 } else
543 cpath[0] = '\0';
544 vput(vnp);
545 VFS_UNLOCK_GIANT(vfslocked);
546 } else
547 strlcpy(cpath, bufp, MAXPATHLEN);
548}
2 * Copyright (c) 1999-2005 Apple Inc.
3 * Copyright (c) 2005 Robert N. M. Watson
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
--- 15 unchanged lines hidden (view full) ---
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28 * POSSIBILITY OF SUCH DAMAGE.
29 */
30
31#include <sys/cdefs.h>
32__FBSDID("$FreeBSD: head/sys/security/audit/audit_bsm_klib.c 181053 2008-07-31 09:54:35Z rwatson $");
33
34#include <sys/param.h>
35#include <sys/fcntl.h>
36#include <sys/filedesc.h>
37#include <sys/libkern.h>
38#include <sys/malloc.h>
39#include <sys/mount.h>
40#include <sys/proc.h>
41#include <sys/sem.h>
42#include <sys/syscall.h>
43#include <sys/sysctl.h>
44#include <sys/sysent.h>
45#include <sys/vnode.h>
46
47#include <bsm/audit.h>
48#include <bsm/audit_kevents.h>
49#include <security/audit/audit.h>
--- 421 unchanged lines hidden (view full) ---
471}
472
473/*
474 * Create a canonical path from given path by prefixing either the root
475 * directory, or the current working directory. If the process working
476 * directory is NULL, we could use 'rootvnode' to obtain the root directory,
477 * but this results in a volfs name written to the audit log. So we will
478 * leave the filename starting with '/' in the audit log in this case.
479 *
480 * XXXRW: Since we combine two paths here, ideally a buffer of size
481 * MAXPATHLEN * 2 would be passed in.
482 */
483void
484audit_canon_path(struct thread *td, char *path, char *cpath)
485{
486 char *bufp;
487 char *retbuf, *freebuf;
488 struct vnode *vnp;
489 struct filedesc *fdp;
490 int cisr, error, vfslocked;
491
492 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
493 "audit_canon_path() at %s:%d", __FILE__, __LINE__);
494
495 fdp = td->td_proc->p_fd;
496 bufp = path;
497 cisr = 0;
498 FILEDESC_SLOCK(fdp);
499 if (*(path) == '/') {
500 while (*(bufp) == '/')
501 bufp++; /* Skip leading '/'s. */
502 /*
503 * If no process root, or it is the same as the system root,
504 * audit the path as passed in with a single '/'.
505 */
506 if ((fdp->fd_rdir == NULL) ||
507 (fdp->fd_rdir == rootvnode)) {
508 vnp = NULL;
509 bufp--; /* Restore one '/'. */
510 } else {
511 vnp = fdp->fd_rdir; /* Use process root. */
512 vref(vnp);
513 }
514 } else {
515 vnp = fdp->fd_cdir; /* Prepend the current dir. */
516 cisr = (fdp->fd_rdir == fdp->fd_cdir);
517 vref(vnp);
518 bufp = path;
519 }
520 FILEDESC_SUNLOCK(fdp);
521 if (vnp != NULL) {
522 /*
523 * XXX: vn_fullpath() on FreeBSD is "less reliable" than
524 * vn_getpath() on Darwin, so this will need more attention
525 * in the future. Also, the question and string bounding
526 * here seems a bit questionable and will also require
527 * attention.
528 */
529 vfslocked = VFS_LOCK_GIANT(vnp->v_mount);
530 vn_lock(vnp, LK_EXCLUSIVE | LK_RETRY);
531 error = vn_fullpath(td, vnp, &retbuf, &freebuf);
532 if (error == 0) {
533 /* Copy and free buffer allocated by vn_fullpath().
534 * If the current working directory was the same as
535 * the root directory, and the path was a relative
536 * pathname, do not separate the two components with
537 * the '/' character.
538 */
539 snprintf(cpath, MAXPATHLEN, "%s%s%s", retbuf,
540 cisr ? "" : "/", bufp);
541 free(freebuf, M_TEMP);
542 } else
543 cpath[0] = '\0';
544 vput(vnp);
545 VFS_UNLOCK_GIANT(vfslocked);
546 } else
547 strlcpy(cpath, bufp, MAXPATHLEN);
548}