diff options
author | Christian S.J. Peron <csjp@FreeBSD.org> | 2008-11-11 21:57:03 +0000 |
---|---|---|
committer | Christian S.J. Peron <csjp@FreeBSD.org> | 2008-11-11 21:57:03 +0000 |
commit | ffbcef5a426cd6fb07d317b9d2fdb4c57b38eac2 (patch) | |
tree | 2ceb633e1416058aa83b2e9857eeac5b851912fd /sys/security/audit/audit.c | |
parent | 46da6c48696efda9f4690390189b54ab390f6dea (diff) | |
download | src-ffbcef5a426cd6fb07d317b9d2fdb4c57b38eac2.tar.gz src-ffbcef5a426cd6fb07d317b9d2fdb4c57b38eac2.zip |
Notes
Diffstat (limited to 'sys/security/audit/audit.c')
-rw-r--r-- | sys/security/audit/audit.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index 737c693a30fb..8680ad3a4018 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -158,6 +158,45 @@ struct cv audit_watermark_cv; static struct cv audit_fail_cv; /* + * Kernel audit information. This will store the current audit address + * or host information that the kernel will use when it's generating + * audit records. This data is modified by the A_GET{SET}KAUDIT auditon(2) + * command. + */ +static struct auditinfo_addr audit_kinfo; +static struct rwlock audit_kinfo_lock; + +#define KINFO_LOCK_INIT() rw_init(&audit_kinfo_lock, "kernel audit info lock") +#define KINFO_RLOCK() rw_rlock(&audit_kinfo_lock) +#define KINFO_WLOCK() rw_wlock(&audit_kinfo_lock) +#define KINFO_RUNLOCK() rw_runlock(&audit_kinfo_lock) +#define KINFO_WUNLOCK() rw_wunlock(&audit_kinfo_lock) + +void +audit_set_kinfo(struct auditinfo_addr *ak) +{ + + KASSERT(ak->ai_termid.at_type == AU_IPv4 || + ak->ai_termid.at_type == AU_IPv6, + ("audit_set_kinfo: invalid address type")); + KINFO_WLOCK(); + audit_kinfo = *ak; + KINFO_WUNLOCK(); +} + +void +audit_get_kinfo(struct auditinfo_addr *ak) +{ + + KASSERT(audit_kinfo.ai_termid.at_type == AU_IPv4 || + audit_kinfo.ai_termid.at_type == AU_IPv6, + ("audit_set_kinfo: invalid address type")); + KINFO_RLOCK(); + *ak = audit_kinfo; + KINFO_RUNLOCK(); +} + +/* * Construct an audit record for the passed thread. */ static int @@ -241,7 +280,11 @@ audit_init(void) audit_qctrl.aq_bufsz = AQ_BUFSZ; audit_qctrl.aq_minfree = AU_FS_MINFREE; + audit_kinfo.ai_termid.at_type = AU_IPv4; + audit_kinfo.ai_termid.at_addr[0] = INADDR_ANY; + mtx_init(&audit_mtx, "audit_mtx", NULL, MTX_DEF); + KINFO_LOCK_INIT(); cv_init(&audit_worker_cv, "audit_worker_cv"); cv_init(&audit_watermark_cv, "audit_watermark_cv"); cv_init(&audit_fail_cv, "audit_fail_cv"); |