Commit Graph

21 Commits

Author SHA1 Message Date
rwatson
374fe7d761 Merge OpenBSM 1.0 changes to src/sys/bsm:
- Remove AU_.* hard-coded audit class constants, as udit classes are now
  entirely dynamically configured using /etc/security/audit_class.

Obtained from:	TrustedBSD Project
2007-10-29 18:47:25 +00:00
rwatson
0b34555b1b Merge OpenBSM 1.0 alpha 15 changes to src/sys/bsm:
- Synchronized audit event list to Solaris, picking up the *at(2) system call
  definitions, now required for FreeBSD and Linux.  Added additional events
  for *at(2) system calls not present in Solaris.

Obtained from:	TrustedBSD Project
Approved by:	re (hrs)
2007-07-22 12:28:13 +00:00
rwatson
8422d21fb8 Change $P4$ ID strings to P4 ID strings so that they are not auto-expanded
when integrated back into Perforce.  This avoids unnecessary conflicts
during the loopback of files maintained in Perforce.
2007-04-17 12:27:08 +00:00
rwatson
d4578a6a42 Update src/sys/bsm for OpenBSM 1.0 alpha 14 import.
Add new audit event types.
2007-04-16 16:13:10 +00:00
csjp
b5e55a3e62 Add an entry for AUT_ZONENAME and the prototype for the au_to_zonename()
function that will be implemented shortly. This is being done for the
openbsm import.
2007-04-15 17:24:41 +00:00
rwatson
46ab66becf Merge OpenBSM 1.0 alpha 12 import changes into src/sys/bsm. New events
for the Linuxulator.

MFC after:	3 days
Obtained from:	TrustedBSD Project
2006-09-25 12:22:07 +00:00
rwatson
8e2099e1ea Merge OpenBSM 1.0 alpha 11 changes into src/sys/bsm and src/sys/security;
primarily, add new event identifiers and update trigger names.

Obtained from:	TrustedBSD Project
2006-09-21 07:27:02 +00:00
rwatson
079c101b83 Merge OpenBSM 1.0 alpha 10 changes into src/sys/bsm; comment spelling
fixes.

Obtained from:	TrustedBSD Project
2006-09-02 10:49:44 +00:00
wsalamon
c62317c442 Audit the argv and env vectors passed in on exec:
Add the argument auditing functions for argv and env.
  Add kernel-specific versions of the tokenizer functions for the
  arg and env represented as a char array.
  Implement the AUDIT_ARGV and AUDIT_ARGE audit policy commands to
  enable/disable argv/env auditing.
  Call the argument auditing from the exec system calls.

Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
2006-09-01 11:45:40 +00:00
rwatson
0e87efb2f4 Update kernel OpenBSM parts, especially src/sys/bsm, for the OpenBSM
1.0 alpha 9 import.  See the OpenBSM import commit message for a
detailed summary of changes.

Obtained from:  TrustedBSD Project
2006-08-26 08:17:58 +00:00
rwatson
0ba9449007 Merge OpenBSM 1.0 alpha 7 new AUE_ event identifiers to kernel version
of audit_kevents.h.

Obtained from:	TrustedBSD Project
2006-07-03 14:45:43 +00:00
rwatson
f97c237bdf Merge OpenBSM 1.0 alpha 7 nested time.h include to kernel version of
audit_record.h.

Obtained from:	TrustedBSD Project
2006-07-03 14:44:13 +00:00
rwatson
9e64ea9a41 Merge OpenBSM 1.0 alpha 6 version of audit_record.h to src/sys:
- Cleanup of AUR_ data types.
- Comment fixes.
- au_close_token() definition.
- Break out of kernel vs. user space token interfaces for headers.

Note: this may briefly break the kernel build until other kernel files are
updated to match.

Obtained from:	TrustedBSD Project
2006-06-05 13:00:52 +00:00
rwatson
f1c4b465e6 Merge OpenBSM 1.0 alpha 6 changes to bsm/audit.h into src/sys: respell
statistics variables.

Submitted by:	Martin Fong <martin dot fong at sri dot com>
Obtained from:	TrustedBSD Project
2006-06-05 12:55:45 +00:00
rwatson
d39e49362c Update src/sys/bsm for OpenBSM 1.0 alpha 5 changes:
- Add new comments.
- Move private data structures from public audit.h to audit_internal.h to
  avoid exposing queue.h macros to undesiring consumers.

Obtained from:	TrustedBSD Project
2006-03-04 16:54:21 +00:00
rwatson
3011a662a5 Merge OpenBSM 1.0 alpha 3 include file changes from contrib/openbsm/bsm
to sys/bsm:

- Correct error in definition of audit event for Linux setfsgid().
- Add audit event identifier for sysarch().

Obtained from:	TrustedBSD Project
2006-02-06 01:12:46 +00:00
rwatson
73b452fbc8 Merge OpenBSM 1.0 alpha 2 kernel audit events into src/sys/bsm. Almost
entirely new audit event identifiers for FreeBSD, Linux, and POSIX.1b
system calls.

Obtained from:	TrustedBSD Project
2006-02-04 13:22:44 +00:00
rwatson
57bf2d086c Update src/sys/bsm include files to match OpenBSM (albeit with a
couple of FreeBSD-specific modifications that may be merged out
later).  These include files define the basic audit data
structures, types, and definitions use by the kernel, or shared
by the kernel and user space.

Obtained from:	TrustedBSD Project, Apple Computer, Inc.
2006-02-01 19:54:22 +00:00
rwatson
bbbde97163 For consistency with more system include files, add a trailing '_' to
the define guards in audit_kevents.h.
2005-05-29 16:11:34 +00:00
rwatson
0a2b7da874 Add place-holder audit.h that defines only au_event_t, which is needed
in order to modify the system call table to include event identifiers.
The full audit.h will be merged at a later date.

Obtained from:	TrustedBSD Project
2005-05-29 16:10:33 +00:00
rwatson
327d9af4ae Add a stub audit_kevents.h, which defines exactly one audit event:
AUE_NULL.  This is a place-holder to allow other audit infrastructure
to be introduced, such as an updated syscalls.master file format,
while the license on the real audit_kevents.h is fixed.
2005-02-02 14:27:36 +00:00