From 20a9b30021810cb9d9be3ea013ee19b5cec7b704 Mon Sep 17 00:00:00 2001 From: rwatson Date: Mon, 5 Jun 2006 13:34:23 +0000 Subject: [PATCH] Audit command, uid arguments for quotactl(). Audit the mode argument to mkfifo(). Audit the target path passed to symlink(). Submitted by: wsalamon Obtained from: TrustedBSD Project --- sys/kern/vfs_extattr.c | 4 ++++ sys/kern/vfs_syscalls.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c index 35f381ebc0fd..95552ef5c4a7 100644 --- a/sys/kern/vfs_extattr.c +++ b/sys/kern/vfs_extattr.c @@ -183,6 +183,8 @@ quotactl(td, uap) int error; struct nameidata nd; + AUDIT_ARG(cmd, uap->cmd); + AUDIT_ARG(uid, uap->uid); if (jailed(td->td_ucred) && !prison_quotas) return (EPERM); NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, @@ -1303,6 +1305,7 @@ kern_mkfifo(struct thread *td, char *path, enum uio_seg pathseg, int mode) struct nameidata nd; int vfslocked; + AUDIT_ARG(mode, mode); restart: bwillwrite(); NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, @@ -1518,6 +1521,7 @@ kern_symlink(struct thread *td, char *path, char *link, enum uio_seg segflg) if ((error = copyinstr(path, syspath, MAXPATHLEN, NULL)) != 0) goto out; } + AUDIT_ARG(text, syspath); restart: bwillwrite(); NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 35f381ebc0fd..95552ef5c4a7 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -183,6 +183,8 @@ quotactl(td, uap) int error; struct nameidata nd; + AUDIT_ARG(cmd, uap->cmd); + AUDIT_ARG(uid, uap->uid); if (jailed(td->td_ucred) && !prison_quotas) return (EPERM); NDINIT(&nd, LOOKUP, FOLLOW | MPSAFE | AUDITVNODE1, @@ -1303,6 +1305,7 @@ kern_mkfifo(struct thread *td, char *path, enum uio_seg pathseg, int mode) struct nameidata nd; int vfslocked; + AUDIT_ARG(mode, mode); restart: bwillwrite(); NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1, @@ -1518,6 +1521,7 @@ kern_symlink(struct thread *td, char *path, char *link, enum uio_seg segflg) if ((error = copyinstr(path, syspath, MAXPATHLEN, NULL)) != 0) goto out; } + AUDIT_ARG(text, syspath); restart: bwillwrite(); NDINIT(&nd, CREATE, LOCKPARENT | SAVENAME | MPSAFE | AUDITVNODE1,