Currently kernel audit events for jail_set(2), jail_get(2), jail_attach(2),
jail_remove(2) and finally setloginclass(2) are not being converted and committed into userspace. Add the cases for these syscalls and make sure they are being converted properly. Reviewed by: bz, kevans MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D23882
This commit is contained in:
parent
5aa5420ff2
commit
1018b2ff00
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=358471
@ -809,6 +809,19 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
|
||||
case AUE_FUTIMESAT:
|
||||
case AUE_GETATTRLIST:
|
||||
case AUE_JAIL:
|
||||
break;
|
||||
|
||||
/*
|
||||
* NB: We may want to verify that the appropriate
|
||||
* audit args are being processed here, but I think
|
||||
* a bit analysis is required.
|
||||
*/
|
||||
case AUE_JAIL_GET:
|
||||
case AUE_JAIL_SET:
|
||||
case AUE_JAIL_ATTACH:
|
||||
case AUE_JAIL_REMOVE:
|
||||
break;
|
||||
|
||||
case AUE_LUTIMES:
|
||||
case AUE_NFS_GETFH:
|
||||
case AUE_LGETFH:
|
||||
@ -1474,6 +1487,9 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
|
||||
}
|
||||
break;
|
||||
|
||||
case AUE_SETLOGINCLASS:
|
||||
break;
|
||||
|
||||
case AUE_SETPRIORITY:
|
||||
if (ARG_IS_VALID(kar, ARG_CMD)) {
|
||||
tok = au_to_arg32(1, "which", ar->ar_arg_cmd);
|
||||
|
Loading…
Reference in New Issue
Block a user