When auditing unmount(2), capture FSID arguments as regular text strings

rather than as paths, which would lead to them being treated as relative pathnames and hence confusingly converted into absolute pathnames. Capture flags to unmount(2) via an argument token. Approved by: re (audit argument blanket) MFC after: 3 days
2009-07-01 16:56:56 +00:00 · 2009-07-01 16:56:56 +00:00 · 6d5a61563a
commit 6d5a61563a
parent a4c5a1c315
2 changed files with 11 additions and 1 deletions
--- a/sys/kern/vfs_mount.c
+++ b/sys/kern/vfs_mount.c
@ -1113,6 +1113,7 @@ unmount(td, uap)
 	char *pathbuf;
 	int error, id0, id1;

+	AUDIT_ARG_VALUE(uap->flags);
 	if (jailed(td->td_ucred) || usermount == 0) {
 		error = priv_check(td, PRIV_VFS_UNMOUNT);
 		if (error)
@ -1125,9 +1126,9 @@ unmount(td, uap)
 		free(pathbuf, M_TEMP);
 		return (error);
 	}
-	AUDIT_ARG_UPATH(td, pathbuf, ARG_UPATH1);
 	mtx_lock(&Giant);
 	if (uap->flags & MNT_BYFSID) {
+		AUDIT_ARG_TEXT(pathbuf);
 		/* Decode the filesystem ID. */
 		if (sscanf(pathbuf, "FSID:%d:%d", &id0, &id1) != 2) {
 			mtx_unlock(&Giant);
@ -1143,6 +1144,7 @@ unmount(td, uap)
 		}
 		mtx_unlock(&mountlist_mtx);
 	} else {
+		AUDIT_ARG_UPATH(td, pathbuf, ARG_UPATH1);
 		mtx_lock(&mountlist_mtx);
 		TAILQ_FOREACH_REVERSE(mp, &mountlist, mntlist, mnt_list) {
 			if (strcmp(mp->mnt_stat.f_mntonname, pathbuf) == 0)
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@ -1070,7 +1070,15 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 		break;

 	case AUE_UMOUNT:
+		if (ARG_IS_VALID(kar, ARG_VALUE)) {
+			tok = au_to_arg32(1, "flags", ar->ar_arg_value);
+			kau_write(rec, tok);
+		}
 		UPATH1_VNODE1_TOKENS;
+		if (ARG_IS_VALID(kar, ARG_TEXT)) {
+			tok = au_to_text(ar->ar_arg_text);
+			kau_write(rec, tok);
+		}
 		break;

 	case AUE_MSGCTL: