Update a number of comments:
- Replace XXX with Note: in several cases where observations are made about future functionality rather than problems or bugs. - Remove an XXX comment about byte order and au_to_ip() -- IP headers must be submitted in network byte order. Add a comment to this effect. - Mention that we don't implement select/poll for /dev/audit. Obtained from: TrustedBSD Project
This commit is contained in:
parent
687cc5fe5c
commit
ecb6fa46c8
@ -312,9 +312,9 @@ audit_new(int event, struct thread *td)
|
||||
return (NULL);
|
||||
|
||||
/*
|
||||
* XXX: The number of outstanding uncommitted audit records is
|
||||
* limited to the number of concurrent threads servicing system
|
||||
* calls in the kernel.
|
||||
* Note: the number of outstanding uncommitted audit records is
|
||||
* limited to the number of concurrent threads servicing system calls
|
||||
* in the kernel.
|
||||
*/
|
||||
ar = uma_zalloc_arg(audit_record_zone, td, M_WAITOK);
|
||||
ar->k_ar.ar_event = event;
|
||||
@ -503,7 +503,7 @@ audit_syscall_enter(unsigned short code, struct thread *td)
|
||||
* processes, do that here rather than trying to allocate
|
||||
* another audit record.
|
||||
*
|
||||
* XXXRW: We might wish to be able to continue here in the
|
||||
* Note: we might wish to be able to continue here in the
|
||||
* future, if the system recovers. That should be possible
|
||||
* by means of checking the condition in a loop around
|
||||
* cv_wait(). It might be desirable to reevaluate whether an
|
||||
|
@ -338,6 +338,8 @@ au_to_in_addr_ex(struct in6_addr *internet_addr)
|
||||
/*
|
||||
* token ID 1 byte
|
||||
* ip header 20 bytes
|
||||
*
|
||||
* The IP header should be submitted in network byte order.
|
||||
*/
|
||||
token_t *
|
||||
au_to_ip(struct ip *ip)
|
||||
@ -348,9 +350,6 @@ au_to_ip(struct ip *ip)
|
||||
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(struct ip));
|
||||
|
||||
ADD_U_CHAR(dptr, AUT_IP);
|
||||
/*
|
||||
* XXXRW: Any byte order work needed on the IP header before writing?
|
||||
*/
|
||||
ADD_MEM(dptr, ip, sizeof(struct ip));
|
||||
|
||||
return (t);
|
||||
|
@ -42,12 +42,17 @@
|
||||
|
||||
/*
|
||||
* Structures and operations to support the basic character special device
|
||||
* used to communicate with userland.
|
||||
* used to communicate with userland. /dev/audit reliably delivers one-byte
|
||||
* messages to a listening application (or discards them if there is no
|
||||
* listening application).
|
||||
*
|
||||
* Currently, select/poll are not supported on the trigger device.
|
||||
*/
|
||||
struct trigger_info {
|
||||
unsigned int trigger;
|
||||
TAILQ_ENTRY(trigger_info) list;
|
||||
};
|
||||
|
||||
static MALLOC_DEFINE(M_AUDITTRIGGER, "audit_trigger", "Audit trigger events");
|
||||
static struct cdev *audit_dev;
|
||||
static int audit_isopen = 0;
|
||||
@ -132,7 +137,7 @@ send_trigger(unsigned int trigger)
|
||||
return (ENODEV);
|
||||
|
||||
/*
|
||||
* XXXAUDIT: Use a condition variable instead of msleep/wakeup?
|
||||
* Note: Use a condition variable instead of msleep/wakeup?
|
||||
*/
|
||||
ti = malloc(sizeof *ti, M_AUDITTRIGGER, M_WAITOK);
|
||||
mtx_lock(&audit_trigger_mtx);
|
||||
|
@ -226,7 +226,7 @@ audit_record_write(struct vnode *vp, struct ucred *cred, struct thread *td,
|
||||
audit_in_failure = 1;
|
||||
} else if (audit_in_failure) {
|
||||
/*
|
||||
* XXXRW: If we want to handle recovery, this is the
|
||||
* Note: if we want to handle recovery, this is the
|
||||
* spot to do it: unset audit_in_failure, and issue a
|
||||
* wakeup on the cv.
|
||||
*/
|
||||
@ -246,8 +246,8 @@ audit_record_write(struct vnode *vp, struct ucred *cred, struct thread *td,
|
||||
* true, since audit_in_failure can only be set of audit_fail_stop is
|
||||
* set.
|
||||
*
|
||||
* XXXRW: If we handle recovery from audit_in_failure, then we need
|
||||
* to make panic here conditional.
|
||||
* Note: if we handle recovery from audit_in_failure, then we need to
|
||||
* make panic here conditional.
|
||||
*/
|
||||
if (audit_in_failure) {
|
||||
if (audit_q_len == 0 && audit_pre_q_len == 0) {
|
||||
@ -297,9 +297,9 @@ audit_record_write(struct vnode *vp, struct ucred *cred, struct thread *td,
|
||||
* the global replacement variables. Signal consumers as needed that the
|
||||
* rotation has taken place.
|
||||
*
|
||||
* XXXRW: The global variables and CVs used to signal the audit_worker to
|
||||
* perform a rotation are essentially a message queue of depth 1. It would
|
||||
* be much nicer to actually use a message queue.
|
||||
* The global variables and CVs used to signal the audit_worker to perform a
|
||||
* rotation are essentially a message queue of depth 1. It would be much
|
||||
* nicer to actually use a message queue.
|
||||
*/
|
||||
static void
|
||||
audit_worker_rotate(struct ucred **audit_credp, struct vnode **audit_vpp,
|
||||
@ -323,9 +323,6 @@ audit_worker_rotate(struct ucred **audit_credp, struct vnode **audit_vpp,
|
||||
|
||||
audit_enabled = (*audit_vpp != NULL);
|
||||
|
||||
/*
|
||||
* XXX: What to do about write failures here?
|
||||
*/
|
||||
if (old_vp != NULL) {
|
||||
AUDIT_PRINTF(("Closing old audit file\n"));
|
||||
mtx_unlock(&audit_mtx);
|
||||
@ -520,11 +517,9 @@ audit_worker(void *arg)
|
||||
* this call, so the caller should not release either.
|
||||
*
|
||||
* XXXAUDIT: Review synchronize communication logic. Really, this is a
|
||||
* message queue of depth 1.
|
||||
*
|
||||
* XXXAUDIT: Enhance the comments below to indicate that we are basically
|
||||
* acquiring ownership of the communications queue, inserting our message,
|
||||
* and waiting for an acknowledgement.
|
||||
* message queue of depth 1. We are essentially acquiring ownership of the
|
||||
* communications queue, inserting our message, and waiting for an
|
||||
* acknowledgement.
|
||||
*/
|
||||
void
|
||||
audit_rotate_vnode(struct ucred *cred, struct vnode *vp)
|
||||
|
Loading…
Reference in New Issue
Block a user