FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F12.4 2022-03-30T16:41:07Z 2022-03-30T16:41:07Z Gordon Bergling gbe@FreeBSD.org 2022-03-27T17:56:15Z urn:sha1:2b22c9bc14c693f619ff410fac21c6b44cdf1a1a - s/seach/search/ (cherry picked from commit 1920133d8fb77004c2d312f8b141e653d9a29e91) 2020-08-29T16:27:21Z Simon J. Gerraty sjg@FreeBSD.org 2020-08-29T16:27:21Z urn:sha1:abc2fa57c134ba583c16416855e1c52cc366ad78 v_writecount can actually be < 0 for text, so check for v_writecount > 0 MFC of r362125 Reviewed by: stevek 2020-05-28T17:08:39Z Ryan Moeller freqlabs@FreeBSD.org 2020-05-28T17:08:39Z urn:sha1:90117b016d8de520fb6cd7494a1bcc499abd9ccb Deduplicate fsid comparisons Comparing fsid_t objects requires internal knowledge of the fsid structure and yet this is duplicated across a number of places in the code. Simplify by creating a fsidcmp function (macro). Reviewed by: mjg, rmacklem Approved by: mav (mentor) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D24749 2020-01-30T16:11:19Z Alexander Motin mav@FreeBSD.org 2020-01-30T16:11:19Z urn:sha1:8bfbf2fb6fc12b06c341ff2a5a6e81eced88a93f Create new EINTEGRITY error with message "Integrity check failed". An integrity check such as a check-hash or a cross-correlation failed. The integrity error falls between EINVAL that identifies errors in parameters to a system call and EIO that identifies errors with the underlying storage media. EINTEGRITY is typically raised by intermediate kernel layers such as a filesystem or an in-kernel GEOM subsystem when they detect inconsistencies. Uses include allowing the mount(8) command to return a different exit value to automate the running of fsck(8) during a system boot. These changes make no use of the new error, they just add it. Later commits will be made for the use of the new error number and it will be added to additional manual pages as appropriate. Approved by: mckusick 2019-04-26T11:12:51Z Marcin Wojtas mw@FreeBSD.org 2019-04-26T11:12:51Z urn:sha1:6a4971e2a643f85a90dbbedc5c72064ede51bcb9 Submitted by: Kornel Duleba <mindal@semihalf.com> Obtained from: Semihalf Sponsored by: Stormshield 2018-10-02T15:58:17Z Robert Watson rwatson@FreeBSD.org 2018-10-02T15:58:17Z urn:sha1:2ddefb6d5d71b66bd2f25208fa39d754ffb3755d system-call entry and whenever audit arguments or return values are captured: 1. Expose a single global, audit_syscalls_enabled, which controls whether the audit framework is entered, rather than exposing components of the policy -- e.g., if the trail is enabled, suspended, etc. 2. Introduce a new function audit_syscalls_enabled_update(), which is called to update audit_syscalls_enabled whenever an aspect of the policy changes, so that the value can be updated. 3. Remove a check of trail enablement/suspension from audit_new() -- at the point where this function has been entered, we believe that system-call auditing is already in force, or we wouldn't get here, so simply proceed to more expensive policy checks. 4. Use an audit-provided global, audit_dtrace_enabled, rather than a dtaudit-provided global, to provide policy indicating whether dtaudit would like system calls to be audited. 5. Do some minor cosmetic renaming to clarify what various variables are for. These changes collectively arrange it so that traditional audit (trail, pipes) or the DTrace audit provider can enable system-call probes without the other configured. Otherwise, dtaudit cannot capture system-call data without auditd(8) started. Reviewed by: gnn Sponsored by: DARPA, AFRL Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D17348 2018-09-03T14:26:43Z Robert Watson rwatson@FreeBSD.org 2018-09-03T14:26:43Z urn:sha1:deea362c80aa7bcafc889b8ede78af1e75c1f3d5 /etc/security/audit_event to provide a list of audit event-number <-> name mappings. However, this occurs too late for anonymous tracing. With this change, adding 'audit_event_load="YES"' to /boot/loader.conf will cause the boot loader to preload the file, and then the kernel audit code will parse it to register an initial set of audit event-number <-> name mappings. Those mappings can later be updated by auditd(8) if the configuration file changes. Reviewed by: gnn, asomers, markj, allanjude Discussed with: jhb Approved by: re (kib) MFC after: 1 week Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D16589 2018-08-01T03:46:07Z Mark Johnston markj@FreeBSD.org 2018-08-01T03:46:07Z urn:sha1:6324de037cb6ee621855384588e11d603c931d46 The buffer size may be used to initialize an sbuf in MAC_POLICY_EXTERNALIZE, and without this constraint it's possible to trigger an assertion failure in the sbuf code. With INVARIANTS disabled, the first attempt to write to the sbuf will fail. Reported by: pho Reviewed by: delphij MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D16527 2018-07-23T16:56:49Z Andriy Gapon avg@FreeBSD.org 2018-07-23T16:56:49Z urn:sha1:dc8240f0da053a368dba65e1e4f9ee0b6bd5fa3f PR: 229983 Submitted by: Aniket Pandey <aniketp@iitk.ac.in> Reported by: Aniket Pandey <aniketp@iitk.ac.in> MFC after: 1 week 2018-07-22T14:11:52Z Alan Somers asomers@FreeBSD.org 2018-07-22T14:11:52Z urn:sha1:12395dc9f6bfd1e40ac41ef8fb6af966ad647a2e These syscalls were always supposed to have been auditted, but due to oversights never were. PR: 228374 Reported by: aniketp Reviewed by: aniketp MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D16388