Fix audit of chflagsat, lgetfh, and setfib

These syscalls were always supposed to have been auditted, but due to oversights never were. PR: 228374 Reported by: aniketp Reviewed by: aniketp MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D16388
2018-07-22 14:11:52 +00:00 · 2018-07-22 14:11:52 +00:00 · 12395dc9f6
commit 12395dc9f6
parent 002d00355c
4 changed files with 3 additions and 18 deletions
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@ -770,6 +770,7 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 	case AUE_PROFILE:
 	case AUE_RTPRIO:
 	case AUE_SEMSYS:
+	case AUE_SETFIB:
 	case AUE_SHMSYS:
 	case AUE_SETPGRP:
 	case AUE_SETRLIMIT:
@ -810,6 +811,7 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 	case AUE_JAIL:
 	case AUE_LUTIMES:
 	case AUE_NFS_GETFH:
+	case AUE_LGETFH:
 	case AUE_LSTAT:
 	case AUE_LPATHCONF:
 	case AUE_PATHCONF:
@ -851,6 +853,7 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)

 	case AUE_CHFLAGS:
 	case AUE_LCHFLAGS:
+	case AUE_CHFLAGSAT:
 		if (ARG_IS_VALID(kar, ARG_FFLAGS)) {
 			tok = au_to_arg32(2, "flags", ar->ar_arg_fflags);
 			kau_write(rec, tok);
--- a/tests/sys/audit/file-attribute-access.c
+++ b/tests/sys/audit/file-attribute-access.c
@ -383,9 +383,6 @@ ATF_TC_HEAD(lgetfh_success, tc)

 ATF_TC_BODY(lgetfh_success, tc)
 {
-	/* BSM conversion requested for unknown event 43061 */
-	atf_tc_expect_fail("PR 228374: lgetfh(2) does not get audited in success mode");
-
 	/* Symbolic link needs to exist to get a file-handle */
 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
 	const char *regex = "lgetfh.*return,success";
@ -409,9 +406,6 @@ ATF_TC_HEAD(lgetfh_failure, tc)

 ATF_TC_BODY(lgetfh_failure, tc)
 {
-	/* BSM conversion requested for unknown event 43061 */
-	atf_tc_expect_fail("PR 228374: lgetfh(2) does not get audited in failure mode");
-
 	const char *regex = "lgetfh.*return,failure";
 	FILE *pipefd = setup(fds, "fa");
 	/* Failure reason: symbolic link does not exist */
--- a/tests/sys/audit/file-attribute-modify.c
+++ b/tests/sys/audit/file-attribute-modify.c
@ -701,9 +701,6 @@ ATF_TC_HEAD(chflagsat_success, tc)

 ATF_TC_BODY(chflagsat_success, tc)
 {
-	/* BSM conversion requested for unknown event 43209 */
-	atf_tc_expect_fail("PR 228374: chflagsat(2) does not get audited in success mode");
-
 	/* File needs to exist to call chflagsat(2) */
 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
 	FILE *pipefd = setup(fds, auclass);
@ -727,9 +724,6 @@ ATF_TC_HEAD(chflagsat_failure, tc)

 ATF_TC_BODY(chflagsat_failure, tc)
 {
-	/* BSM conversion requested for unknown event 43209 */
-	atf_tc_expect_fail("PR 228374: chflagsat(2) does not get audited in failure mode");
-
 	FILE *pipefd = setup(fds, auclass);
 	/* Failure reason: file does not exist */
 	ATF_REQUIRE_EQ(-1, chflagsat(AT_FDCWD, errpath, SF_IMMUTABLE, 0));
--- a/tests/sys/audit/network.c
+++ b/tests/sys/audit/network.c
@ -1097,9 +1097,6 @@ ATF_TC_HEAD(setfib_success, tc)

 ATF_TC_BODY(setfib_success, tc)
 {
-	/* BSM conversion requested for unknown event 43228 */
-	atf_tc_expect_fail("PR 228374: setfib(2) does not get audited in success mode");
-
 	pid = getpid();
 	snprintf(extregex, sizeof(extregex), "setfib.*%d.*return,success", pid);

@ -1123,9 +1120,6 @@ ATF_TC_HEAD(setfib_failure, tc)

 ATF_TC_BODY(setfib_failure, tc)
 {
-	/* BSM conversion requested for unknown event 43228 */
-	atf_tc_expect_fail("PR 228374: setfib(2) does not get audited in failure mode");
-
 	pid = getpid();
 	snprintf(extregex, sizeof(extregex), "setfib.*%d.*return,failure", pid);