author: Pawel Jakub Dawidek <pjd@FreeBSD.org> 2013-03-02 21:11:30 +0000
committer: Pawel Jakub Dawidek <pjd@FreeBSD.org> 2013-03-02 21:11:30 +0000
commit: 7493f24ee6846df33931904c87493b08400df5bd (patch)
tree: 5dbc48bdb7b78718e22183ef377b76f2e3bc74c2 /sys/security
parent: 136b1ada11e4b3ec91b4b15562ba803e5ab66c10 (diff)
3 files changed, 23 insertions, 6 deletions
diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h
index 733a3c79166f..dd55875be5b4 100644
--- a/sys/security/audit/audit.h
+++ b/sys/security/audit/audit.h
@@ -95,7 +95,7 @@ void	 audit_arg_pid(pid_t pid);
 void	 audit_arg_process(struct proc *p);
 void	 audit_arg_signum(u_int signum);
 void	 audit_arg_socket(int sodomain, int sotype, int soprotocol);
-void	 audit_arg_sockaddr(struct thread *td, struct sockaddr *sa);
+void	 audit_arg_sockaddr(struct thread *td, int dirfd, struct sockaddr *sa);
 void	 audit_arg_auid(uid_t auid);
 void	 audit_arg_auditinfo(struct auditinfo *au_info);
 void	 audit_arg_auditinfo_addr(struct auditinfo_addr *au_info);
@@ -267,9 +267,9 @@ void	 audit_thread_free(struct thread *td);
 		audit_arg_socket((sodomain), (sotype), (soprotocol));	\
 } while (0)
 
-#define	AUDIT_ARG_SOCKADDR(td, sa) do {					\
+#define	AUDIT_ARG_SOCKADDR(td, dirfd, sa) do {				\
 	if (AUDITING_TD(curthread))					\
-		audit_arg_sockaddr((td), (sa));				\
+		audit_arg_sockaddr((td), (dirfd), (sa));		\
 } while (0)
 
 #define	AUDIT_ARG_SUID(suid) do {					\
@@ -365,7 +365,7 @@ void	 audit_thread_free(struct thread *td);
 #define	AUDIT_ARG_SIGNUM(signum)
 #define	AUDIT_ARG_SGID(sgid)
 #define	AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol)
-#define	AUDIT_ARG_SOCKADDR(td, sa)
+#define	AUDIT_ARG_SOCKADDR(td, dirfd, sa)
 #define	AUDIT_ARG_SUID(suid)
 #define	AUDIT_ARG_TEXT(text)
 #define	AUDIT_ARG_UID(uid)
diff --git a/sys/security/audit/audit_arg.c b/sys/security/audit/audit_arg.c
index ec04b8bef7be..4927be0d1349 100644
--- a/sys/security/audit/audit_arg.c
+++ b/sys/security/audit/audit_arg.c
@@ -441,7 +441,7 @@ audit_arg_socket(int sodomain, int sotype, int soprotocol)
 }
 
 void
-audit_arg_sockaddr(struct thread *td, struct sockaddr *sa)
+audit_arg_sockaddr(struct thread *td, int dirfd, struct sockaddr *sa)
 {
 	struct kaudit_record *ar;
 
@@ -463,7 +463,9 @@ audit_arg_sockaddr(struct thread *td, struct sockaddr *sa)
 		break;
 
 	case AF_UNIX:
-		audit_arg_upath1(td, AT_FDCWD,
+		if (dirfd != AT_FDCWD)
+			audit_arg_atfd1(dirfd);
+		audit_arg_upath1(td, dirfd,
 		    ((struct sockaddr_un *)sa)->sun_path);
 		ARG_SET_VALID(ar, ARG_SADDRUNIX);
 		break;
diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c
index 9c69b1e040d6..03b3c23e5c42 100644
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@@ -554,6 +554,21 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 		/* XXX Need to handle ARG_SADDRINET6 */
 		break;
 
+	case AUE_BINDAT:
+	case AUE_CONNECTAT:
+		ATFD1_TOKENS(1);
+		if (ARG_IS_VALID(kar, ARG_FD)) {
+			tok = au_to_arg32(2, "fd", ar->ar_arg_fd);
+			kau_write(rec, tok);
+		}
+		if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) {
+			tok = au_to_sock_unix((struct sockaddr_un *)
+			    &ar->ar_arg_sockaddr);
+			kau_write(rec, tok);
+			UPATH1_TOKENS;
+		}
+		break;
+
 	case AUE_SOCKET:
 	case AUE_SOCKETPAIR:
 		if (ARG_IS_VALID(kar, ARG_SOCKINFO)) {
author	Pawel Jakub Dawidek <pjd@FreeBSD.org>	2013-03-02 21:11:30 +0000
committer	Pawel Jakub Dawidek <pjd@FreeBSD.org>	2013-03-02 21:11:30 +0000
commit	7493f24ee6846df33931904c87493b08400df5bd (patch)
tree	5dbc48bdb7b78718e22183ef377b76f2e3bc74c2 /sys/security
parent	136b1ada11e4b3ec91b4b15562ba803e5ab66c10 (diff)