Add auditing of arguments to the close() and fstat() system calls. Much more

argument auditing yet to come, for remaining system calls in this file. Obtained from: TrustedBSD Project Approved by: rwatson (mentor)
2006-02-05 23:57:32 +00:00 · 2006-02-05 23:57:32 +00:00 · a750d0b2a2
commit a750d0b2a2
parent 570d840b52
1 changed files with 10 additions and 0 deletions
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@ -69,6 +69,8 @@ __FBSDID("$FreeBSD$");
 #include <sys/unistd.h>
 #include <sys/vnode.h>

+#include <security/audit/audit.h>
+
 #include <vm/uma.h>

 #include <ddb/ddb.h>
@ -980,6 +982,9 @@ close(td, uap)
 	error = 0;
 	holdleaders = 0;
 	fdp = td->td_proc->p_fd;
+
+	AUDIT_SYSCLOSE(td, fd);
+
 	FILEDESC_LOCK(fdp);
 	if ((unsigned)fd >= fdp->fd_nfiles ||
 	    (fp = fdp->fd_ofiles[fd]) == NULL) {
@ -1085,8 +1090,13 @@ kern_fstat(struct thread *td, int fd, struct stat *sbp)
 	struct file *fp;
 	int error;

+	AUDIT_ARG(fd, fd);
+
 	if ((error = fget(td, fd, &fp)) != 0)
 		return (error);
+
+	AUDIT_ARG(file, td->td_proc, fp);
+
 	error = fo_stat(fp, sbp, td->td_ucred, td);
 	fdrop(fp, td);
 	return (error);