[Midnightbsd-cvs] src [8490] trunk/sys: remove redundant call to AUDIT_ARG_UPATH1.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sun Sep 18 18:37:09 EDT 2016
Revision: 8490
http://svnweb.midnightbsd.org/src/?rev=8490
Author: laffer1
Date: 2016-09-18 18:37:09 -0400 (Sun, 18 Sep 2016)
Log Message:
-----------
remove redundant call to AUDIT_ARG_UPATH1. add event handling for missing events
Modified Paths:
--------------
trunk/sys/kern/vfs_lookup.c
trunk/sys/kern/vfs_mount.c
trunk/sys/security/audit/audit.c
trunk/sys/security/audit/audit.h
trunk/sys/security/audit/audit_arg.c
trunk/sys/security/audit/audit_bsm.c
trunk/sys/security/audit/audit_bsm_klib.c
trunk/sys/security/audit/audit_private.h
trunk/sys/security/audit/audit_worker.c
Modified: trunk/sys/kern/vfs_lookup.c
===================================================================
--- trunk/sys/kern/vfs_lookup.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/kern/vfs_lookup.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -173,17 +173,6 @@
error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf,
MAXPATHLEN, (size_t *)&ndp->ni_pathlen);
- if (error == 0) {
- /*
- * If we are auditing the kernel pathname, save the user
- * pathname.
- */
- if (cnp->cn_flags & AUDITVNODE1)
- AUDIT_ARG_UPATH1(td, cnp->cn_pnbuf);
- if (cnp->cn_flags & AUDITVNODE2)
- AUDIT_ARG_UPATH2(td, cnp->cn_pnbuf);
- }
-
/*
* Don't allow empty pathnames.
*/
@@ -222,6 +211,14 @@
ndp->ni_rootdir = fdp->fd_rdir;
ndp->ni_topdir = fdp->fd_jdir;
+ /*
+ * If we are auditing the kernel pathname, save the user pathname.
+ */
+ if (cnp->cn_flags & AUDITVNODE1)
+ AUDIT_ARG_UPATH1(td, ndp->ni_dirfd, cnp->cn_pnbuf);
+ if (cnp->cn_flags & AUDITVNODE2)
+ AUDIT_ARG_UPATH2(td, ndp->ni_dirfd, cnp->cn_pnbuf);
+
dp = NULL;
if (cnp->cn_pnbuf[0] != '/') {
if (ndp->ni_startdir != NULL) {
Modified: trunk/sys/kern/vfs_mount.c
===================================================================
--- trunk/sys/kern/vfs_mount.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/kern/vfs_mount.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -1169,7 +1169,6 @@
}
mtx_unlock(&mountlist_mtx);
} else {
- AUDIT_ARG_UPATH1(td, pathbuf);
/*
* Try to find global path for path argument.
*/
Modified: trunk/sys/security/audit/audit.c
===================================================================
--- trunk/sys/security/audit/audit.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -691,7 +691,7 @@
if (path != NULL) {
pathp = &ar->k_ar.ar_arg_upath1;
*pathp = malloc(MAXPATHLEN, M_AUDITPATH, M_WAITOK);
- audit_canon_path(td, path, *pathp);
+ audit_canon_path(td, AT_FDCWD, path, *pathp);
ARG_SET_VALID(ar, ARG_UPATH1);
}
ar->k_ar.ar_arg_signum = td->td_proc->p_sig;
Modified: trunk/sys/security/audit/audit.h
===================================================================
--- trunk/sys/security/audit/audit.h 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit.h 2016-09-18 22:37:09 UTC (rev 8490)
@@ -99,8 +99,8 @@
void audit_arg_auid(uid_t auid);
void audit_arg_auditinfo(struct auditinfo *au_info);
void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info);
-void audit_arg_upath1(struct thread *td, char *upath);
-void audit_arg_upath2(struct thread *td, char *upath);
+void audit_arg_upath1(struct thread *td, int dirfd, char *upath);
+void audit_arg_upath2(struct thread *td, int dirfd, char *upath);
void audit_arg_vnode1(struct vnode *vp);
void audit_arg_vnode2(struct vnode *vp);
void audit_arg_text(char *text);
@@ -276,14 +276,14 @@
audit_arg_uid((uid)); \
} while (0)
-#define AUDIT_ARG_UPATH1(td, upath) do { \
+#define AUDIT_ARG_UPATH1(td, dirfd, upath) do { \
if (AUDITING_TD(curthread)) \
- audit_arg_upath1((td), (upath)); \
+ audit_arg_upath1((td), (dirfd), (upath)); \
} while (0)
-#define AUDIT_ARG_UPATH2(td, upath) do { \
+#define AUDIT_ARG_UPATH2(td, dirfd, upath) do { \
if (AUDITING_TD(curthread)) \
- audit_arg_upath2((td), (upath)); \
+ audit_arg_upath2((td), (dirfd), (upath)); \
} while (0)
#define AUDIT_ARG_VALUE(value) do { \
@@ -356,8 +356,8 @@
#define AUDIT_ARG_SUID(suid)
#define AUDIT_ARG_TEXT(text)
#define AUDIT_ARG_UID(uid)
-#define AUDIT_ARG_UPATH1(td, upath)
-#define AUDIT_ARG_UPATH2(td, upath)
+#define AUDIT_ARG_UPATH1(td, dirfd, upath)
+#define AUDIT_ARG_UPATH2(td, dirfd, upath)
#define AUDIT_ARG_VALUE(value)
#define AUDIT_ARG_VNODE1(vp)
#define AUDIT_ARG_VNODE2(vp)
Modified: trunk/sys/security/audit/audit_arg.c
===================================================================
--- trunk/sys/security/audit/audit_arg.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit_arg.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -463,7 +463,8 @@
break;
case AF_UNIX:
- audit_arg_upath1(td, ((struct sockaddr_un *)sa)->sun_path);
+ audit_arg_upath1(td, AT_FDCWD,
+ ((struct sockaddr_un *)sa)->sun_path);
ARG_SET_VALID(ar, ARG_SADDRUNIX);
break;
/* XXXAUDIT: default:? */
@@ -710,16 +711,16 @@
* freed when the audit record is freed.
*/
static void
-audit_arg_upath(struct thread *td, char *upath, char **pathp)
+audit_arg_upath(struct thread *td, int dirfd, char *upath, char **pathp)
{
if (*pathp == NULL)
*pathp = malloc(MAXPATHLEN, M_AUDITPATH, M_WAITOK);
- audit_canon_path(td, upath, *pathp);
+ audit_canon_path(td, dirfd, upath, *pathp);
}
void
-audit_arg_upath1(struct thread *td, char *upath)
+audit_arg_upath1(struct thread *td, int dirfd, char *upath)
{
struct kaudit_record *ar;
@@ -727,12 +728,12 @@
if (ar == NULL)
return;
- audit_arg_upath(td, upath, &ar->k_ar.ar_arg_upath1);
+ audit_arg_upath(td, dirfd, upath, &ar->k_ar.ar_arg_upath1);
ARG_SET_VALID(ar, ARG_UPATH1);
}
void
-audit_arg_upath2(struct thread *td, char *upath)
+audit_arg_upath2(struct thread *td, int dirfd, char *upath)
{
struct kaudit_record *ar;
@@ -740,7 +741,7 @@
if (ar == NULL)
return;
- audit_arg_upath(td, upath, &ar->k_ar.ar_arg_upath2);
+ audit_arg_upath(td, dirfd, upath, &ar->k_ar.ar_arg_upath2);
ARG_SET_VALID(ar, ARG_UPATH2);
}
Modified: trunk/sys/security/audit/audit_bsm.c
===================================================================
--- trunk/sys/security/audit/audit_bsm.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit_bsm.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -724,13 +724,6 @@
*/
break;
- case AUE_MKFIFO:
- if (ARG_IS_VALID(kar, ARG_MODE)) {
- tok = au_to_arg32(2, "mode", ar->ar_arg_mode);
- kau_write(rec, tok);
- }
- /* FALLTHROUGH */
-
case AUE_CHDIR:
case AUE_CHROOT:
case AUE_FSTATAT:
@@ -743,6 +736,7 @@
case AUE_LPATHCONF:
case AUE_PATHCONF:
case AUE_READLINK:
+ case AUE_READLINKAT:
case AUE_REVOKE:
case AUE_RMDIR:
case AUE_SEARCHFS:
@@ -762,6 +756,8 @@
case AUE_ACCESS:
case AUE_EACCESS:
+ case AUE_FACCESSAT:
+ ATFD1_TOKENS(1);
UPATH1_VNODE1_TOKENS;
if (ARG_IS_VALID(kar, ARG_VALUE)) {
tok = au_to_arg32(2, "mode", ar->ar_arg_value);
@@ -1059,6 +1055,10 @@
break;
case AUE_MKDIR:
+ case AUE_MKDIRAT:
+ case AUE_MKFIFO:
+ case AUE_MKFIFOAT:
+ ATFD1_TOKENS(1);
if (ARG_IS_VALID(kar, ARG_MODE)) {
tok = au_to_arg32(2, "mode", ar->ar_arg_mode);
kau_write(rec, tok);
@@ -1067,6 +1067,8 @@
break;
case AUE_MKNOD:
+ case AUE_MKNODAT:
+ ATFD1_TOKENS(1);
if (ARG_IS_VALID(kar, ARG_MODE)) {
tok = au_to_arg32(2, "mode", ar->ar_arg_mode);
kau_write(rec, tok);
@@ -1546,10 +1548,12 @@
break;
case AUE_SYMLINK:
+ case AUE_SYMLINKAT:
if (ARG_IS_VALID(kar, ARG_TEXT)) {
tok = au_to_text(ar->ar_arg_text);
kau_write(rec, tok);
}
+ ATFD1_TOKENS(1);
UPATH1_VNODE1_TOKENS;
break;
Modified: trunk/sys/security/audit/audit_bsm_klib.c
===================================================================
--- trunk/sys/security/audit/audit_bsm_klib.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit_bsm_klib.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -462,13 +462,13 @@
* leave the filename starting with '/' in the audit log in this case.
*/
void
-audit_canon_path(struct thread *td, char *path, char *cpath)
+audit_canon_path(struct thread *td, int dirfd, char *path, char *cpath)
{
struct vnode *cvnp, *rvnp;
char *rbuf, *fbuf, *copy;
struct filedesc *fdp;
struct sbuf sbf;
- int error, cwir;
+ int error, needslash, vfslocked;
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL, "%s: at %s:%d",
__func__, __FILE__, __LINE__);
@@ -491,10 +491,27 @@
* path.
*/
if (*path != '/') {
- cvnp = fdp->fd_cdir;
- vhold(cvnp);
+ if (dirfd == AT_FDCWD) {
+ cvnp = fdp->fd_cdir;
+ vhold(cvnp);
+ } else {
+ /* XXX: fgetvp() that vhold()s vnode instead of vref()ing it would be better */
+ error = fgetvp(td, dirfd, 0, &cvnp);
+ if (error) {
+ cpath[0] = '\0';
+ if (rvnp != NULL)
+ vdrop(rvnp);
+ return;
+ }
+ vhold(cvnp);
+ vfslocked = VFS_LOCK_GIANT(cvnp->v_mount);
+ vrele(cvnp);
+ VFS_UNLOCK_GIANT(vfslocked);
+ }
+ needslash = (fdp->fd_rdir != cvnp);
+ } else {
+ needslash = 1;
}
- cwir = (fdp->fd_rdir == fdp->fd_cdir);
FILEDESC_SUNLOCK(fdp);
/*
* NB: We require that the supplied array be at least MAXPATHLEN bytes
@@ -536,7 +553,7 @@
(void) sbuf_cat(&sbf, rbuf);
free(fbuf, M_TEMP);
}
- if (cwir == 0 || (cwir != 0 && cvnp == NULL))
+ if (needslash)
(void) sbuf_putc(&sbf, '/');
/*
* Now that we have processed any alternate root and relative path
Modified: trunk/sys/security/audit/audit_private.h
===================================================================
--- trunk/sys/security/audit/audit_private.h 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit_private.h 2016-09-18 22:37:09 UTC (rev 8490)
@@ -388,7 +388,8 @@
au_event_t audit_flags_and_error_to_openatevent(int oflags, int error);
au_event_t audit_msgctl_to_event(int cmd);
au_event_t audit_semctl_to_event(int cmr);
-void audit_canon_path(struct thread *td, char *path, char *cpath);
+void audit_canon_path(struct thread *td, int dirfd, char *path,
+ char *cpath);
au_event_t auditon_command_event(int cmd);
/*
Modified: trunk/sys/security/audit/audit_worker.c
===================================================================
--- trunk/sys/security/audit/audit_worker.c 2016-09-18 22:36:05 UTC (rev 8489)
+++ trunk/sys/security/audit/audit_worker.c 2016-09-18 22:37:09 UTC (rev 8490)
@@ -88,6 +88,7 @@
static int audit_file_rotate_wait;
static struct ucred *audit_cred;
static struct vnode *audit_vp;
+static off_t audit_size;
static struct sx audit_worker_lock;
#define AUDIT_WORKER_LOCK_INIT() sx_init(&audit_worker_lock, \
@@ -115,7 +116,6 @@
struct statfs *mnt_stat;
int error, vfslocked;
static int cur_fail;
- struct vattr vattr;
long temp;
AUDIT_WORKER_LOCK_ASSERT();
@@ -134,12 +134,6 @@
error = VFS_STATFS(vp->v_mount, mnt_stat);
if (error)
goto fail;
- vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
- error = VOP_GETATTR(vp, &vattr, cred);
- VOP_UNLOCK(vp, 0);
- if (error)
- goto fail;
- audit_fstat.af_currsz = vattr.va_size;
/*
* We handle four different space-related limits:
@@ -196,11 +190,11 @@
* to the daemon. This is only approximate, which is fine as more
* records may be generated before the daemon rotates the file.
*/
- if ((audit_fstat.af_filesz != 0) && (audit_file_rotate_wait == 0) &&
- (vattr.va_size >= audit_fstat.af_filesz)) {
+ if (audit_fstat.af_filesz != 0 &&
+ audit_size >= audit_fstat.af_filesz * (audit_file_rotate_wait + 1)) {
AUDIT_WORKER_LOCK_ASSERT();
- audit_file_rotate_wait = 1;
+ audit_file_rotate_wait++;
(void)audit_send_trigger(AUDIT_TRIGGER_ROTATE_KERNEL);
}
@@ -239,6 +233,8 @@
goto fail_enospc;
else if (error)
goto fail;
+ AUDIT_WORKER_LOCK_ASSERT();
+ audit_size += len;
/*
* Catch completion of a queue drain here; if we're draining and the
@@ -452,10 +448,20 @@
struct ucred *old_audit_cred;
struct vnode *old_audit_vp;
int vfslocked;
+ struct vattr vattr;
KASSERT((cred != NULL && vp != NULL) || (cred == NULL && vp == NULL),
("audit_rotate_vnode: cred %p vp %p", cred, vp));
+ if (vp != NULL) {
+ vn_lock(vp, LK_SHARED | LK_RETRY);
+ if (VOP_GETATTR(vp, &vattr, cred) != 0)
+ vattr.va_size = 0;
+ VOP_UNLOCK(vp, 0);
+ } else {
+ vattr.va_size = 0;
+ }
+
/*
* Rotate the vnode/cred, and clear the rotate flag so that we will
* send a rotate trigger if the new file fills.
@@ -465,6 +471,7 @@
old_audit_vp = audit_vp;
audit_cred = cred;
audit_vp = vp;
+ audit_size = vattr.va_size;
audit_file_rotate_wait = 0;
audit_enabled = (audit_vp != NULL);
AUDIT_WORKER_UNLOCK();
More information about the Midnightbsd-cvs
mailing list