Merge kern_sig.c:1.322, sys_process.c:1.136, vfs_vnops.c:1.238 from HEAD

to RELENG_6: Audit the arguments to the kill(2) and killpg(2) system calls. Audit the arguments to the ptrace(2) system call. Make sure that we are adding a path token to the audit record in open(2). Do this by making sure we are using the AUDITVNODE1 mask in the namei flags. Obtained from: TrustedBSD Project
2006-09-03 08:06:59 +00:00 · 2006-09-03 08:06:59 +00:00 · 98409a4741
commit 98409a4741
parent 36b1ebd5c6
3 changed files with 17 additions and 2 deletions
--- a/sys/kern/kern_sig.c
+++ b/sys/kern/kern_sig.c
@ -74,6 +74,8 @@ __FBSDID("$FreeBSD$");

 #include <machine/cpu.h>

+#include <security/audit/audit.h>
+
 #if defined (__alpha__) && !defined(COMPAT_43)
 #error "You *really* need COMPAT_43 on the alpha for longjmp(3)"
 #endif
@ -1398,6 +1400,7 @@ kill(td, uap)
 	register struct proc *p;
 	int error;

+	AUDIT_ARG(signum, uap->signum);
 	if ((u_int)uap->signum > _SIG_MAXSIG)
 		return (EINVAL);

@ -1407,12 +1410,14 @@ kill(td, uap)
 			if ((p = zpfind(uap->pid)) == NULL)
 				return (ESRCH);
 		}
+		AUDIT_ARG(process, p);
 		error = p_cansignal(td, p, uap->signum);
 		if (error == 0 && uap->signum)
 			psignal(p, uap->signum);
 		PROC_UNLOCK(p);
 		return (error);
 	}
+	AUDIT_ARG(pid, uap->pid);
 	switch (uap->pid) {
 	case -1:		/* broadcast signal */
 		return (killpg1(td, uap->signum, 0, 1));
@ -1441,6 +1446,8 @@ okillpg(td, uap)
 	register struct okillpg_args *uap;
 {

+	AUDIT_ARG(signum, uap->signum);
+	AUDIT_ARG(pid, uap->pgid);
 	if ((u_int)uap->signum > _SIG_MAXSIG)
 		return (EINVAL);
 	return (killpg1(td, uap->signum, uap->pgid, 0));
--- a/sys/kern/sys_process.c
+++ b/sys/kern/sys_process.c
@ -49,6 +49,8 @@ __FBSDID("$FreeBSD$");

 #include <machine/reg.h>

+#include <security/audit/audit.h>
+
 #include <vm/vm.h>
 #include <vm/pmap.h>
 #include <vm/vm_extern.h>
@ -397,6 +399,10 @@ ptrace(struct thread *td, struct ptrace_args *uap)
 	if (td->td_proc->p_sysent == &ia32_freebsd_sysvec)
 		wrap32 = 1;
 #endif
+	AUDIT_ARG(pid, uap->pid);
+	AUDIT_ARG(cmd, uap->req);
+	AUDIT_ARG(addr, uap->addr);
+	AUDIT_ARG(value, uap->data);
 	addr = &r;
 	switch (uap->req) {
 	case PT_GETREGS:
@ -549,6 +555,7 @@ kern_ptrace(struct thread *td, int req, pid_t pid, void *addr, int data)
 		error = ESRCH;
 		goto fail;
 	}
+	AUDIT_ARG(process, p);
 	if ((error = p_cansee(td, p)) != 0)
 		goto fail;

--- a/sys/kern/vfs_vnops.c
+++ b/sys/kern/vfs_vnops.c
@ -118,7 +118,8 @@ vn_open_cred(ndp, flagp, cmode, cred, fdidx)
 	fmode = *flagp;
 	if (fmode & O_CREAT) {
 		ndp->ni_cnd.cn_nameiop = CREATE;
-		ndp->ni_cnd.cn_flags = ISOPEN | LOCKPARENT | LOCKLEAF | MPSAFE;
+		ndp->ni_cnd.cn_flags = ISOPEN | LOCKPARENT | LOCKLEAF |
+		    MPSAFE | AUDITVNODE1;
 		if ((fmode & O_EXCL) == 0 && (fmode & O_NOFOLLOW) == 0)
 			ndp->ni_cnd.cn_flags |= FOLLOW;
 		bwillwrite();
@ -178,7 +179,7 @@ vn_open_cred(ndp, flagp, cmode, cred, fdidx)
 		ndp->ni_cnd.cn_nameiop = LOOKUP;
 		ndp->ni_cnd.cn_flags = ISOPEN |
 		    ((fmode & O_NOFOLLOW) ? NOFOLLOW : FOLLOW) |
-		    LOCKSHARED | LOCKLEAF | MPSAFE;
+		    LOCKSHARED | LOCKLEAF | MPSAFE | AUDITVNODE1;
 		if ((error = namei(ndp)) != 0)
 			return (error);
 		ndp->ni_cnd.cn_flags &= ~MPSAFE;