freebsd-skq/sys/security
rwatson 6f79887fc5 Historically, /dev/auditpipe has allows only whole records to be read via
read(2), which meant that records longer than the buffer passed to read(2)
were dropped.  Instead take the approach of allowing partial reads to be
continued across multiple system calls more in the style of streaming
character device.

This means retaining a record on the per-pipe queue in a partially read
state, so maintain a current offset into the record.  Keep the record on
the queue during a read, so add a new lock, ap_sx, to serialize removal
of records from the queue by either read(2) or ioctl(2) requesting a pipe
flush.  Modify the kqueue handler to return bytes left in the current
record rather than simply the size of the current record.

It is now possible to use praudit, which used the standard FILE * buffer
sizes, to track much larger record sizes from /dev/auditpipe, such as
very long command lines to execve(2).

MFC after:	2 months
Sponsored by:	Apple, Inc.
2008-10-31 14:40:21 +00:00
..
audit Historically, /dev/auditpipe has allows only whole records to be read via 2008-10-31 14:40:21 +00:00
mac Break out strictly credential-related portions of mac_process.c into a 2008-10-28 21:53:10 +00:00
mac_biba Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary 2008-10-28 13:44:11 +00:00
mac_bsdextended The V* flags passed using an accmode_t to the access() and open() 2008-10-30 10:13:53 +00:00
mac_ifoff Introduce two related changes to the TrustedBSD MAC Framework: 2008-08-23 15:26:36 +00:00
mac_lomac Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary 2008-10-28 13:44:11 +00:00
mac_mls Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary 2008-10-28 13:44:11 +00:00
mac_none Introduce two related changes to the TrustedBSD MAC Framework: 2008-08-23 15:26:36 +00:00
mac_partition Rename three MAC entry points from _proc_ to _cred_ to reflect the fact 2008-10-28 11:33:06 +00:00
mac_portacl Introduce two related changes to the TrustedBSD MAC Framework: 2008-08-23 15:26:36 +00:00
mac_seeotheruids Add a mac_inpcb_check_visible implementation to all MAC policies 2008-10-17 15:11:12 +00:00
mac_stub Commit part of accmode_t changes that I missed in previous commit. 2008-10-28 21:57:32 +00:00
mac_test Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary 2008-10-28 13:44:11 +00:00