freebsd-skq/sys/conf
rwatson 67c4e33a20 Add an experimental DTrace audit provider, which allows users of DTrace to
instrument security event auditing rather than relying on conventional BSM
trail files or audit pipes:

- Add a set of per-event 'commit' probes, which provide access to
  particular auditable events at the time of commit in system-call return.
  These probes gain access to audit data via the in-kernel audit_record
  data structure, providing convenient access to system-call arguments and
  return values in a single probe.

- Add a set of per-event 'bsm' probes, which provide access to particular
  auditable events at the time of BSM record generation in the audit
  worker thread. These probes have access to the in-kernel audit_record
  data structure and BSM representation as would be written to a trail
  file or audit pipe -- i.e., asynchronously in the audit worker thread.

DTrace probe arguments consist of the name of the audit event (to support
future mechanisms of instrumenting multiple events via a single probe --
e.g., using classes), a pointer to the in-kernel audit record, and an
optional pointer to the BSM data and its length. For human convenience,
upper-case audit event names (AUE_...) are converted to lower case in
DTrace.

DTrace scripts can now cause additional audit-based data to be collected
on system calls, and inspect internal and BSM representations of the data.
They do not affect data captured in the audit trail or audit pipes
configured in the system. auditd(8) must be configured and running in
order to provide a database of event information, as well as other audit
configuration parameters (e.g., to capture command-line arguments or
environmental variables) for the provider to operate.

Reviewed by:	gnn, jonathan, markj
Sponsored by:	DARPA, AFRL
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D10149
2017-03-29 19:58:00 +00:00
..
config.mk Move inclusion of opt_printf.h around so that we can compile all the 2017-02-25 22:11:10 +00:00
dtb.mk
files Add an experimental DTrace audit provider, which allows users of DTrace to 2017-03-29 19:58:00 +00:00
files.amd64 Use inline asm instead of unportable intrinsics for the SSE4 crc32 2017-03-26 10:31:48 +00:00
files.arm Add the early hypervisor code needed on 32-bit ARMv7. This will be used 2017-03-22 14:30:02 +00:00
files.arm64 Port the Linux AMX 10G network driver to FreeBSD as axgbe. It is unlikely 2017-02-15 13:56:04 +00:00
files.i386 Use inline asm instead of unportable intrinsics for the SSE4 crc32 2017-03-26 10:31:48 +00:00
files.mips
files.powerpc Add a driver for the RouterBoard RB800 User LED 2017-02-19 19:56:12 +00:00
files.riscv
files.sparc64
kern.mk
kern.opts.mk Remove EISA build option 2017-02-17 06:13:49 +00:00
kern.post.mk Use "build" instead of "all" when building ports modules 2017-02-28 04:48:30 +00:00
kern.pre.mk
kmod_syms.awk
kmod.mk kmod: Fix building assym.o not building missing dependencies. 2017-03-17 18:08:33 +00:00
ldscript.amd64 use INT3 instead of NOP for x86 binary padding 2017-03-19 00:22:13 +00:00
ldscript.arm
ldscript.arm64 Explicitly include all .rodata.* sections in the kernel .rodata. This 2016-09-03 17:23:24 +00:00
ldscript.i386 use INT3 instead of NOP for x86 binary padding 2017-03-19 00:22:13 +00:00
ldscript.mips
ldscript.mips.cfe
ldscript.mips.mips64
ldscript.mips.octeon1
ldscript.powerpc
ldscript.powerpc64
ldscript.powerpcspe
ldscript.riscv
ldscript.sparc64
Makefile.amd64
Makefile.arm
Makefile.arm64
Makefile.i386
Makefile.mips
Makefile.powerpc
Makefile.riscv
Makefile.sparc64
makeLINT.mk
makeLINT.sed
newvers.sh
NOTES Remove EISA bus support for add-in cards. Remove related kernel and 2017-02-16 21:57:35 +00:00
options Remove EISA bus support for add-in cards. Remove related kernel and 2017-02-16 21:57:35 +00:00
options.amd64 Remove SVR4 (System V Release 4) binary compatibility support. 2017-02-28 05:14:42 +00:00
options.arm Remove code for Marvell SoCs that lack a kernel config. 2017-03-17 12:59:16 +00:00
options.arm64
options.i386 Remove SVR4 (System V Release 4) binary compatibility support. 2017-02-28 05:14:42 +00:00
options.mips
options.powerpc
options.riscv
options.sparc64 - While Netra X1 generally show no ill effects when registering a power 2013-03-02 00:37:31 +00:00
systags.sh Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
WITHOUT_SOURCELESS
WITHOUT_SOURCELESS_HOST
WITHOUT_SOURCELESS_UCODE