audit_syscalls.c (163207) | audit_syscalls.c (164033) |
---|---|
1/* 2 * Copyright (c) 1999-2005 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * | 1/* 2 * Copyright (c) 1999-2005 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * |
29 * $FreeBSD: head/sys/security/audit/audit_syscalls.c 163207 2006-10-10 15:49:10Z csjp $ | 29 * $FreeBSD: head/sys/security/audit/audit_syscalls.c 164033 2006-11-06 13:42:10Z rwatson $ |
30 */ 31 32#include <sys/param.h> 33#include <sys/mount.h> 34#include <sys/namei.h> | 30 */ 31 32#include <sys/param.h> 33#include <sys/mount.h> 34#include <sys/namei.h> |
35#include <sys/priv.h> |
|
35#include <sys/proc.h> 36#include <sys/sysproto.h> 37#include <sys/systm.h> 38#include <sys/vnode.h> 39#include <sys/jail.h> 40 41#include <bsm/audit.h> 42#include <bsm/audit_kevents.h> --- 18 unchanged lines hidden (view full) --- 61audit(struct thread *td, struct audit_args *uap) 62{ 63 int error; 64 void * rec; 65 struct kaudit_record *ar; 66 67 if (jailed(td->td_ucred)) 68 return (ENOSYS); | 36#include <sys/proc.h> 37#include <sys/sysproto.h> 38#include <sys/systm.h> 39#include <sys/vnode.h> 40#include <sys/jail.h> 41 42#include <bsm/audit.h> 43#include <bsm/audit_kevents.h> --- 18 unchanged lines hidden (view full) --- 62audit(struct thread *td, struct audit_args *uap) 63{ 64 int error; 65 void * rec; 66 struct kaudit_record *ar; 67 68 if (jailed(td->td_ucred)) 69 return (ENOSYS); |
69 error = suser(td); | 70 error = priv_check(td, PRIV_AUDIT_SUBMIT); |
70 if (error) 71 return (error); 72 73 if ((uap->length <= 0) || (uap->length > audit_qctrl.aq_bufsz)) 74 return (EINVAL); 75 76 ar = currecord(); 77 --- 73 unchanged lines hidden (view full) --- 151{ 152 int error; 153 union auditon_udata udata; 154 struct proc *tp; 155 156 if (jailed(td->td_ucred)) 157 return (ENOSYS); 158 AUDIT_ARG(cmd, uap->cmd); | 71 if (error) 72 return (error); 73 74 if ((uap->length <= 0) || (uap->length > audit_qctrl.aq_bufsz)) 75 return (EINVAL); 76 77 ar = currecord(); 78 --- 73 unchanged lines hidden (view full) --- 152{ 153 int error; 154 union auditon_udata udata; 155 struct proc *tp; 156 157 if (jailed(td->td_ucred)) 158 return (ENOSYS); 159 AUDIT_ARG(cmd, uap->cmd); |
159 error = suser(td); | 160 error = priv_check(td, PRIV_AUDIT_CONTROL); |
160 if (error) 161 return (error); 162 163 if ((uap->length <= 0) || (uap->length > sizeof(union auditon_udata))) 164 return (EINVAL); 165 166 memset((void *)&udata, 0, sizeof(udata)); 167 --- 231 unchanged lines hidden (view full) --- 399int 400getauid(struct thread *td, struct getauid_args *uap) 401{ 402 int error; 403 au_id_t id; 404 405 if (jailed(td->td_ucred)) 406 return (ENOSYS); | 161 if (error) 162 return (error); 163 164 if ((uap->length <= 0) || (uap->length > sizeof(union auditon_udata))) 165 return (EINVAL); 166 167 memset((void *)&udata, 0, sizeof(udata)); 168 --- 231 unchanged lines hidden (view full) --- 400int 401getauid(struct thread *td, struct getauid_args *uap) 402{ 403 int error; 404 au_id_t id; 405 406 if (jailed(td->td_ucred)) 407 return (ENOSYS); |
407 error = suser(td); | 408 error = priv_check(td, PRIV_AUDIT_GETAUDIT); |
408 if (error) 409 return (error); 410 411 /* 412 * XXX: Integer read on static pointer dereference: doesn't need 413 * locking? 414 */ 415 PROC_LOCK(td->td_proc); --- 7 unchanged lines hidden (view full) --- 423int 424setauid(struct thread *td, struct setauid_args *uap) 425{ 426 int error; 427 au_id_t id; 428 429 if (jailed(td->td_ucred)) 430 return (ENOSYS); | 409 if (error) 410 return (error); 411 412 /* 413 * XXX: Integer read on static pointer dereference: doesn't need 414 * locking? 415 */ 416 PROC_LOCK(td->td_proc); --- 7 unchanged lines hidden (view full) --- 424int 425setauid(struct thread *td, struct setauid_args *uap) 426{ 427 int error; 428 au_id_t id; 429 430 if (jailed(td->td_ucred)) 431 return (ENOSYS); |
431 error = suser(td); | 432 error = priv_check(td, PRIV_AUDIT_SETAUDIT); |
432 if (error) 433 return (error); 434 435 error = copyin(uap->auid, &id, sizeof(id)); 436 if (error) 437 return (error); 438 439 audit_arg_auid(id); --- 23 unchanged lines hidden (view full) --- 463int 464getaudit(struct thread *td, struct getaudit_args *uap) 465{ 466 struct auditinfo ai; 467 int error; 468 469 if (jailed(td->td_ucred)) 470 return (ENOSYS); | 433 if (error) 434 return (error); 435 436 error = copyin(uap->auid, &id, sizeof(id)); 437 if (error) 438 return (error); 439 440 audit_arg_auid(id); --- 23 unchanged lines hidden (view full) --- 464int 465getaudit(struct thread *td, struct getaudit_args *uap) 466{ 467 struct auditinfo ai; 468 int error; 469 470 if (jailed(td->td_ucred)) 471 return (ENOSYS); |
471 error = suser(td); | 472 error = priv_check(td, PRIV_AUDIT_GETAUDIT); |
472 if (error) 473 return (error); 474 475 PROC_LOCK(td->td_proc); 476 ai = *td->td_proc->p_au; 477 PROC_UNLOCK(td->td_proc); 478 479 return (copyout(&ai, uap->auditinfo, sizeof(ai))); --- 4 unchanged lines hidden (view full) --- 484int 485setaudit(struct thread *td, struct setaudit_args *uap) 486{ 487 struct auditinfo ai; 488 int error; 489 490 if (jailed(td->td_ucred)) 491 return (ENOSYS); | 473 if (error) 474 return (error); 475 476 PROC_LOCK(td->td_proc); 477 ai = *td->td_proc->p_au; 478 PROC_UNLOCK(td->td_proc); 479 480 return (copyout(&ai, uap->auditinfo, sizeof(ai))); --- 4 unchanged lines hidden (view full) --- 485int 486setaudit(struct thread *td, struct setaudit_args *uap) 487{ 488 struct auditinfo ai; 489 int error; 490 491 if (jailed(td->td_ucred)) 492 return (ENOSYS); |
492 error = suser(td); | 493 error = priv_check(td, PRIV_AUDIT_SETAUDIT); |
493 if (error) 494 return (error); 495 496 error = copyin(uap->auditinfo, &ai, sizeof(ai)); 497 if (error) 498 return (error); 499 500 audit_arg_auditinfo(&ai); --- 12 unchanged lines hidden (view full) --- 513/* ARGSUSED */ 514int 515getaudit_addr(struct thread *td, struct getaudit_addr_args *uap) 516{ 517 int error; 518 519 if (jailed(td->td_ucred)) 520 return (ENOSYS); | 494 if (error) 495 return (error); 496 497 error = copyin(uap->auditinfo, &ai, sizeof(ai)); 498 if (error) 499 return (error); 500 501 audit_arg_auditinfo(&ai); --- 12 unchanged lines hidden (view full) --- 514/* ARGSUSED */ 515int 516getaudit_addr(struct thread *td, struct getaudit_addr_args *uap) 517{ 518 int error; 519 520 if (jailed(td->td_ucred)) 521 return (ENOSYS); |
521 error = suser(td); | 522 error = priv_check(td, PRIV_AUDIT_GETAUDIT); |
522 if (error) 523 return (error); 524 return (ENOSYS); 525} 526 527/* MPSAFE */ 528/* ARGSUSED */ 529int 530setaudit_addr(struct thread *td, struct setaudit_addr_args *uap) 531{ 532 int error; 533 534 if (jailed(td->td_ucred)) 535 return (ENOSYS); | 523 if (error) 524 return (error); 525 return (ENOSYS); 526} 527 528/* MPSAFE */ 529/* ARGSUSED */ 530int 531setaudit_addr(struct thread *td, struct setaudit_addr_args *uap) 532{ 533 int error; 534 535 if (jailed(td->td_ucred)) 536 return (ENOSYS); |
536 error = suser(td); | 537 error = priv_check(td, PRIV_AUDIT_SETAUDIT); |
537 if (error) 538 return (error); 539 return (ENOSYS); 540} 541 542/* 543 * MPSAFE 544 * Syscall to manage audit files. --- 7 unchanged lines hidden (view full) --- 552 struct nameidata nd; 553 struct ucred *cred; 554 struct vnode *vp; 555 int error = 0; 556 int flags, vfslocked; 557 558 if (jailed(td->td_ucred)) 559 return (ENOSYS); | 538 if (error) 539 return (error); 540 return (ENOSYS); 541} 542 543/* 544 * MPSAFE 545 * Syscall to manage audit files. --- 7 unchanged lines hidden (view full) --- 553 struct nameidata nd; 554 struct ucred *cred; 555 struct vnode *vp; 556 int error = 0; 557 int flags, vfslocked; 558 559 if (jailed(td->td_ucred)) 560 return (ENOSYS); |
560 error = suser(td); | 561 error = priv_check(td, PRIV_AUDIT_CONTROL); |
561 if (error) 562 return (error); 563 564 vp = NULL; 565 cred = NULL; 566 567 /* 568 * If a path is specified, open the replacement vnode, perform --- 122 unchanged lines hidden --- | 562 if (error) 563 return (error); 564 565 vp = NULL; 566 cred = NULL; 567 568 /* 569 * If a path is specified, open the replacement vnode, perform --- 122 unchanged lines hidden --- |