d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Audit the flag argument to the nfssvc(2) system call.

Browse Source 
Obtained from:	TrustedBSD Project
Sponsored by:	Apple, Inc.
This commit is contained in:
Robert Watson 2009-02-08 14:04:08 +00:00
parent d2a4cd29be
commit 4ba1f444c5
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=188311
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/nfsserver/nfs_syscalls.c
View File

@ -137,6 +137,8 @@ nfssvc(struct thread *td, struct nfssvc_args *uap)
KASSERT(!mtx_owned(&Giant), ("nfssvc(): called with Giant"));
AUDIT_ARG(cmd, uap->flag);
error = priv_check(td, PRIV_NFS_DAEMON);
if (error)
return (error);

10
sys/security/audit/audit_bsm.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999-2005 Apple Inc.
* Copyright (c) 1999-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -639,7 +639,6 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
case AUE_MODLOAD:
case AUE_MODUNLOAD:
case AUE_MSGSYS:
case AUE_NFS_SVC:
case AUE_NTP_ADJTIME:
case AUE_PIPE:
case AUE_PROFILE:
@ -1017,6 +1016,13 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
}
/* FALLTHROUGH */
case AUE_NFS_SVC:
if (ARG_IS_VALID(kar, ARG_CMD)) {
tok = au_to_arg32(1, "request", ar->ar_arg_cmd);
kau_write(rec, tok);
}
break;
case AUE_UMOUNT:
UPATH1_VNODE1_TOKENS;
break;