Add new fields to process-related data structures:
- td_ar to struct thread, which holds the in-progress audit record during a system call. - p_au to struct proc, which holds per-process audit state, such as the audit identifier, audit terminal, and process audit masks. In the earlier implementation, td_ar was added to the zero'd section of struct thread. In order to facilitate merging to RELENG_6, it has been moved to the end of the data structure, requiring explicit initalization in the thread constructor. Much help from: wsalamon Obtained from: TrustedBSD Project
This commit is contained in:
parent
b560f9379f
commit
36f0dbe4c4
@ -43,6 +43,8 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/ktr.h>
|
||||
#include <sys/umtx.h>
|
||||
|
||||
#include <security/audit/audit.h>
|
||||
|
||||
#include <vm/vm.h>
|
||||
#include <vm/vm_extern.h>
|
||||
#include <vm/uma.h>
|
||||
@ -133,6 +135,10 @@ thread_ctor(void *mem, int size, void *arg, int flags)
|
||||
* next thread.
|
||||
*/
|
||||
td->td_critnest = 1;
|
||||
|
||||
#ifdef AUDIT
|
||||
audit_thread_alloc(td);
|
||||
#endif
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
@ -1015,6 +1015,16 @@ audit_proc_alloc(struct proc *p)
|
||||
//printf("audit_proc_alloc: pid %d p_au %p\n", p->p_pid, p->p_au);
|
||||
}
|
||||
|
||||
/*
|
||||
* Allocate storage for a new thread.
|
||||
*/
|
||||
void
|
||||
audit_thread_alloc(struct thread *td)
|
||||
{
|
||||
|
||||
td->td_ar = NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize the audit information for the a process, presumably the first
|
||||
* process in the system.
|
||||
|
@ -180,6 +180,7 @@ void audit_proc_init(struct proc *p);
|
||||
void audit_proc_fork(struct proc *parent,
|
||||
struct proc *child);
|
||||
void audit_proc_free(struct proc *p);
|
||||
void audit_thread_alloc(struct thread *td);
|
||||
|
||||
/*
|
||||
* Define a macro to wrap the audit_arg_* calls by checking the global
|
||||
|
@ -150,6 +150,8 @@ struct pargs {
|
||||
* either lock is sufficient for read access, but both locks must be held
|
||||
* for write access.
|
||||
*/
|
||||
struct auditinfo;
|
||||
struct kaudit_record;
|
||||
struct kg_sched;
|
||||
struct nlminfo;
|
||||
struct kaioinfo;
|
||||
@ -325,6 +327,7 @@ struct thread {
|
||||
volatile u_int td_critnest; /* (k*) Critical section nest level. */
|
||||
struct mdthread td_md; /* (k) Any machine-dependent fields. */
|
||||
struct td_sched *td_sched; /* (*) Scheduler-specific data. */
|
||||
struct kaudit_record *td_ar; /* (k) Active audit record, if any. */
|
||||
};
|
||||
|
||||
/*
|
||||
@ -613,6 +616,7 @@ struct proc {
|
||||
struct p_sched *p_sched; /* (*) Scheduler-specific data. */
|
||||
STAILQ_HEAD(, ktr_request) p_ktr; /* (o) KTR event queue. */
|
||||
LIST_HEAD(, mqueue_notifier) p_mqnotifier; /* (c) mqueue notifiers.*/
|
||||
struct auditinfo *p_au; /* (c) Process audit properties. */
|
||||
};
|
||||
|
||||
#define p_session p_pgrp->pg_session
|
||||
|
Loading…
Reference in New Issue
Block a user