Commit Graph

121888 Commits

Author SHA1 Message Date
Søren Schmidt
52c7e322b2 Unbreak DMA dumo on Intel 31224. 2006-02-06 19:17:48 +00:00
Robert Watson
f10a5f6cc4 Add information on audit pipe special devices, which allow user processes
to "tee" the BSM record stream for the purposes of live monitoring,
intrusion detection, etc.  Support for audit pipes will be committed in
the near future.

Obtained from:	TrustedBSD Project
2006-02-06 18:41:00 +00:00
Olivier Houchard
123f34932c Use memory clobbers, to be on the safe side.
Suggested by:	jhb
2006-02-06 18:29:05 +00:00
Olivier Houchard
2a3b10658d rwlock expects the struct thread to be aligned on 8 bytes, so make sure
thread0 is.
2006-02-06 16:03:10 +00:00
Ruslan Ermilov
e497d0cdba Two fixes:
- Run send queue down to completion, not just one packet.
  It has been observed to cause a stall queue otherwise.

- Prevent queueing multiple function calls to a node.

MFC after:	3 days
2006-02-06 14:30:21 +00:00
David Xu
83154c48d6 Always clear thread info buffer to zero. 2006-02-06 11:54:19 +00:00
Jeff Roberson
04f6d3effa - Add a ref count to the mount structure. Sleep for up to 3 seconds in
vfs_mount_destroy waiting for this ref to hit 0.  We don't print an
   error if we are rebooting as the root mount always retains some refernces
   by init proc.
 - Acquire a mnt ref for every vnode allocated to a mount point.  Drop this
   ref only once vdestroy() has been called and the mount has been freed.
 - No longer NULL the v_mount pointer in delmntque() so that we may release
   the ref after vgone() has been called.  This allows us to guarantee
   that the mount point structure will be valid until the last vnode has
   lost its last ref.
 - Fix a few places that rely on checking v_mount to detect recycling.

Sponsored by:	Isilon Systems, Inc.
MFC After:	1 week
2006-02-06 10:19:50 +00:00
Jeff Roberson
2f0bca553a - Don't check v_mount for NULL to determine if a vnode has been recycled.
Use the more appropriate VI_DOOMED flag instead.

Sponsored by:	Isilon Systems, Inc.
MFC After:	1 week
2006-02-06 10:15:27 +00:00
Jeff Roberson
b73f64c484 - Fix silly VI locking that is used to check a single flag. The vnode
lock also protects this flag so it is not necessary.
 - Don't rely on v_mount to detect whether or not we've been recycled, use
   the more appropriate VI_DOOMED instead.

Sponsored by:	Isilon Systems, Inc.
MFC After:	1 week
2006-02-06 10:14:12 +00:00
Jeff Roberson
36a52c3cae - Add the global 'rebooting' variable that is used to detect when
boot() has been called.

Sponsored by:	Isilon Systems, Inc.
MFC After:	1 week
2006-02-06 10:12:00 +00:00
Jeff Roberson
c4be19469a - Remove ifdef disabled code that doesn't have a chance of working anymore. 2006-02-06 10:10:42 +00:00
David Xu
ea8e65b0fa Add members pl_sigmask and pl_siglist into ptrace_lwpinfo to get lwp's
signal mask and pending signals.
2006-02-06 09:41:56 +00:00
Xin LI
11d5abebd2 Attempt to fix DHCP address acquisition which was broken by rev. 1.133.
MFC After:	3 days
2006-02-06 06:49:57 +00:00
David Xu
9224f6b811 1. Eliminate compile warnings.
2. Add command 'thread signal' to print out current thread's signal mask
   and pending signals.
2006-02-06 06:07:56 +00:00
Robert Watson
9653775b18 Regenerate. 2006-02-06 02:00:32 +00:00
Robert Watson
c983324ef5 Prefer AUE_FOO audit identifiers to AUE_O_FOO, which are largely left
over from the Darwin implementation.

When we implement a system call as a wrapper to sysctl(), audit it as
AUE_SYSCTL.  This leads to greater compatibility with Solaris audit
trails as sysctl() argument tokens are not the same as the ones for
the originaly system calls (i.e., setdomainname()).

Replace references to AUE_ events that are equivilent to AUE_NULL with
AUE_NULL.  In the case of process signal configuration, this is
because these events do not require auditing.

Move from the Darwin spelling of getsockopt() to the FreeBSD/Solaris
one.

Audit nmount().

Obtained from:	TrustedBSD Project
2006-02-06 02:00:06 +00:00
Robert Watson
89964dd284 When exiting a thread, submit any pending record. Today, we don't
audit thread exit, but should that happen, this will prevent
unhappiness, as the thread exit system call will never return, and
hence not commit the record.

Pointed out by/with:	cognet
Obtained from:		TrustedBSD Project
2006-02-06 01:51:08 +00:00
Robert Watson
3f4b50a482 Regenerate. 2006-02-06 01:40:48 +00:00
Robert Watson
35d982a761 Assign audit event identifiers to Linux i386 system calls.
Obtained from:	TrustedBSD Project
2006-02-06 01:40:30 +00:00
Robert Watson
6b28a1b2a3 Regenerate. 2006-02-06 01:16:00 +00:00
Robert Watson
4790bb223e Reflect fix in Linux setfsgid() event name from OpenBSM in the alpha
linux system call table.

Obtained from:	TrustedBSD Project
2006-02-06 01:13:47 +00:00
Robert Watson
8c32c1901b Merge OpenBSM 1.0 alpha 3 include file changes from contrib/openbsm/bsm
to sys/bsm:

- Correct error in definition of audit event for Linux setfsgid().
- Add audit event identifier for sysarch().

Obtained from:	TrustedBSD Project
2006-02-06 01:12:46 +00:00
Wayne Salamon
2f8a46d5ff Audit the arguments (user/group IDs) for the system calls that set these IDs.
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
2006-02-06 00:32:33 +00:00
Wayne Salamon
ad20c8f325 Audit the args to rfork(), and the child PID for all fork system calls.
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
2006-02-06 00:28:50 +00:00
Wayne Salamon
de3007e8f3 Audit the pid being requested in wait4().
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
2006-02-06 00:19:09 +00:00
Ceri Davies
67e4c7efd5 Another update for reality: "dangerously dedicated" mode is now
achieved by hitting 'F', which is no longer undocumented.

PR:		bin/92533
Submitted by:	Rudolf Cejka <cejkar at fit.vutbr dot cz>
2006-02-06 00:06:39 +00:00
Robert Watson
a29c2a4bf4 This commit was generated by cvs2svn to compensate for changes in r155364,
which included commits to RCS files with non-trunk default branches.
2006-02-06 00:06:04 +00:00
Robert Watson
23bf6e2091 Vendor branch import of OpenBSM 1.0 alpha 3:
- Man page formatting, cross reference, mlinks, and accuracy improvements.
- auditd and tools now compile and run on FreeBSD/arm.
- auditd will now fchown() the trail file to the audit review group, if
  defined at compile-time.
- Added AUE_SYSARCH for FreeBSD.
- Definition of AUE_SETFSGID fixed for Linux.

Many thanks to:	brueffer, cognet
Obtained from:	TrustedBSD Project
2006-02-06 00:06:04 +00:00
Robert Watson
41efe1543c Correct typo in sample CVS import line: must specify full path to the
CVS repository on repoman.
2006-02-06 00:03:39 +00:00
Wayne Salamon
a750d0b2a2 Add auditing of arguments to the close() and fstat() system calls. Much more
argument auditing yet to come, for remaining system calls in this file.

Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
2006-02-05 23:57:32 +00:00
Robert Watson
570d840b52 Regenerate. 2006-02-05 23:28:46 +00:00
Robert Watson
b11c14d6e9 Assign audit event identfiers to Xenix system calls. Note: AUE_EACCESS
is assigned to xenix_eaccess() instead of AUE_ACCESS, as that is the
intended meaning of the system call.  xenix_eaccess() should be
reimplemented using our native eaccess() implementation so that it
works as intended.

Obtained from:	TrustedBSD Project
2006-02-05 23:28:01 +00:00
Robert Watson
ad3a6a7d36 Correct help line: list targets, not names of files generated by targets
when no argument is provided to make.

MFC after:	1 week
2006-02-05 23:25:19 +00:00
Robert Watson
4334cc4f81 Regenerate (accidentally also committed in commit that updated
syscalls.isc).
2006-02-05 23:16:20 +00:00
Robert Watson
60be92dd8d Assign audit event identifiers to ibcs2 ISC system calls.
Obtained from:	TrustedBSD Project
2006-02-05 23:15:22 +00:00
Max Laier
d662ee1c20 pflog is a separate module now.
Submitted by:	Antoine Brodin
PR:		kern/88271
MFC after:	1 week
2006-02-05 22:38:08 +00:00
Olivier Houchard
697e7cb715 Backout rev 1.12. It would have been a good thing, if gcc was smart enough
not to generate bad code.
2006-02-05 22:06:12 +00:00
Robert Watson
00c28d9678 On process exit, audit the return value of the process, and commit the
record immediately, as this system call never returns.

Obtained from:	TrustedBSD Project
2006-02-05 21:08:25 +00:00
Robert Watson
6e8525ce84 When GC'ing a thread, assert that it has no active audit record.
This should not happen, but with this assert, brueffer and I would
not have spent 45 minutes trying to figure out why he wasn't
seeing audit records with the audit version in CVS.

Obtained from:	TrustedBSD Project
2006-02-05 21:06:09 +00:00
Bruce A. Mah
2ca173bc23 Add some new release notes for 2006 security advisories:
SA-06:{01,02,03,04,05,06,07}.

(SA-06:08 does not appear to apply to CURRENT.)

Bump copyright date while here.
2006-02-05 20:54:53 +00:00
Robert Watson
cd573a850c Assign gid 77 to audit instead of gid 73. The ports group list did not
include '73', which was assigned in a ports passwd entry to ircservices.

Pointed out by:	ceri
2006-02-05 19:34:09 +00:00
Ceri Davies
f944e9be98 The rpc.pcnfsd server was in the base for a little over seven minutes
back in 1994.  Change the example entry to point at the port, as per
the entries for uucpd et al.
2006-02-05 19:23:05 +00:00
Ceri Davies
759d68677f Correct a user-visible typo. 2006-02-05 18:57:01 +00:00
Ceri Davies
a8d7f86323 Gratuitous "typo in comment" fix. 2006-02-05 18:49:52 +00:00
Ceri Davies
9ca95cfad3 Bring these files somewhat into the present.
Perform some rewording while here.

Remove register.hlp, since the code that deals with it was removed
nearly 7 years ago.
2006-02-05 18:46:46 +00:00
Robert Watson
5ba29bf644 Change group for /var/audit to audit, so that audit review can be
delegated to non-administrators.

Obtained from:	TrustedBSD Project
2006-02-05 18:22:56 +00:00
Robert Watson
bbcf7c3697 Allocate an 'audit' group, membership in which will grant the audit
review right by virtue of read file permission on /var/audit and its
contents.

Obtained from:	TrustedBSD Project
2006-02-05 18:04:39 +00:00
Alexander Leidinger
9d978cc757 Convert NULL checks into KASSERT (and move them before the first
dereferencing) since a NULL value would be a bug here.

Note: Both affected functions look very similar. A refactoring may
be beneficial.

CID:		483, 485
Found with:	Coverity Prevent(tm)
Discussed with:	ariff
MFC after:	5 days
2006-02-05 17:47:26 +00:00
Warner Losh
d87076c835 an driver not endian clean, so don't enable on sparc64 2006-02-05 17:38:28 +00:00
Alexander Leidinger
693b471cc5 forced commit: previous commit was CID 429 2006-02-05 17:35:13 +00:00