diff options
| author | Kyle Evans <kevans@FreeBSD.org> | 2020-10-24 14:39:17 +0000 |
|---|---|---|
| committer | Kyle Evans <kevans@FreeBSD.org> | 2020-10-24 14:39:17 +0000 |
| commit | 275c821d3ddab9571c7532c68eb4007dbdea39cf (patch) | |
| tree | 0081bfaba16bd708d6c7608d0795a8d749e9ac4f /sys/kern/subr_syscall.c | |
| parent | b3be0b4d0c42575c8d02901ce821382e67587304 (diff) | |
| download | src-275c821d3ddab9571c7532c68eb4007dbdea39cf.tar.gz src-275c821d3ddab9571c7532c68eb4007dbdea39cf.zip | |
Notes
Diffstat (limited to 'sys/kern/subr_syscall.c')
| -rw-r--r-- | sys/kern/subr_syscall.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/sys/kern/subr_syscall.c b/sys/kern/subr_syscall.c index 5ed9a402caad..381756b37323 100644 --- a/sys/kern/subr_syscall.c +++ b/sys/kern/subr_syscall.c @@ -154,7 +154,18 @@ syscallenter(struct thread *td) td->td_pflags &= ~TDP_NERRNO; else td->td_errno = error; + + /* + * Note that some syscall implementations (e.g., sys_execve) + * will commit the audit record just before their final return. + * These were done under the assumption that nothing of interest + * would happen between their return and here, where we would + * normally commit the audit record. These assumptions will + * need to be revisited should any substantial logic be added + * above. + */ AUDIT_SYSCALL_EXIT(error, td); + #ifdef KDTRACE_HOOKS /* Give the syscall:::return DTrace probe a chance to fire. */ if (__predict_false(sa->callp->sy_return != 0)) |