/* ARGSUSED */
int
setauid(struct thread *td, struct setauid_args *uap)
{
struct ucred *newcred, *oldcred;
au_id_t id;
int error;
if (jailed(td->td_ucred))
return (ENOSYS);
error = copyin(uap->auid, &id, sizeof(id));
if (error)
return (error);
audit_arg_auid(id);
newcred = crget();
PROC_LOCK(td->td_proc);
oldcred = td->td_proc->p_ucred;
crcopy(newcred, oldcred);
#ifdef MAC
error = mac_cred_check_setauid(oldcred, id);
if (error)
goto fail;
#endif
error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT, 0);
if (error)
goto fail;
newcred->cr_audit.ai_auid = id;
td->td_proc->p_ucred = newcred;
PROC_UNLOCK(td->td_proc);
crfree(oldcred);
return (0);
fail:
PROC_UNLOCK(td->td_proc);
crfree(newcred);
return (error);
}
/*
* Drop a reference from the cred structure, free it if the reference count
* reaches 0.
*
* NOTE: because we used atomic_add_int() above, without a spinlock, we
* must also use atomic_subtract_int() below. A spinlock is required
* in crfree() to handle multiple callers racing the refcount to 0.
*
* MPSAFE
*/
void
crfree(struct ucred *cr)
{
if (cr->cr_ref <= 0)
panic("Freeing already free credential! %p", cr);
if (atomic_fetchadd_int(&cr->cr_ref, -1) == 1) {
/*
* Some callers of crget(), such as nfs_statfs(),
* allocate a temporary credential, but don't
* allocate a uidinfo structure.
*/
if (cr->cr_uidinfo != NULL) {
uidrop(cr->cr_uidinfo);
cr->cr_uidinfo = NULL;
}
if (cr->cr_ruidinfo != NULL) {
uidrop(cr->cr_ruidinfo);
cr->cr_ruidinfo = NULL;
}
/*
* Destroy empty prisons
*/
if (jailed(cr))
prison_free(cr->cr_prison);
cr->cr_prison = NULL; /* safety */
kfree((caddr_t)cr, M_CRED);
}
}
/*
* Find a set based on an id. Returns it with a ref.
*/
static struct cpuset *
cpuset_lookup(cpusetid_t setid, struct thread *td)
{
struct cpuset *set;
if (setid == CPUSET_INVALID)
return (NULL);
mtx_lock_spin(&cpuset_lock);
LIST_FOREACH(set, &cpuset_ids, cs_link)
if (set->cs_id == setid)
break;
if (set)
cpuset_ref(set);
mtx_unlock_spin(&cpuset_lock);
KASSERT(td != NULL, ("[%s:%d] td is NULL", __func__, __LINE__));
if (set != NULL && jailed(td->td_ucred)) {
struct cpuset *jset, *tset;
jset = td->td_ucred->cr_prison->pr_cpuset;
for (tset = set; tset != NULL; tset = tset->cs_parent)
if (tset == jset)
break;
if (tset == NULL) {
cpuset_rel(set);
set = NULL;
}
}
return (set);
}
int
vop_helper_setattr_flags(u_int32_t *ino_flags, u_int32_t vaflags,
uid_t uid, struct ucred *cred)
{
int error;
/*
* If uid doesn't match only a privileged user can change the flags
*/
if (cred->cr_uid != uid &&
(error = priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0))) {
return(error);
}
if (cred->cr_uid == 0 &&
(!jailed(cred)|| jail_chflags_allowed)) {
if ((*ino_flags & (SF_NOUNLINK|SF_IMMUTABLE|SF_APPEND)) &&
securelevel > 0)
return (EPERM);
*ino_flags = vaflags;
} else {
if (*ino_flags & (SF_NOUNLINK|SF_IMMUTABLE|SF_APPEND) ||
(vaflags & UF_SETTABLE) != vaflags)
return (EPERM);
*ino_flags &= SF_SETTABLE;
*ino_flags |= vaflags & UF_SETTABLE;
}
return(0);
}
/*
* Return 1 if we should do proper source address selection or are not jailed.
* We will return 0 if we should bypass source address selection in favour
* of the primary jail IPv6 address. Only in this case *ia will be updated and
* returned in NBO.
* Return EAFNOSUPPORT, in case this jail does not allow IPv6.
*/
int
prison_saddrsel_ip6(struct ucred *cred, struct in6_addr *ia6)
{
struct prison *pr;
struct in6_addr lia6;
int error;
KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
KASSERT(ia6 != NULL, ("%s: ia6 is NULL", __func__));
if (!jailed(cred))
return (1);
pr = cred->cr_prison;
if (pr->pr_flags & PR_IP6_SADDRSEL)
return (1);
lia6 = in6addr_any;
error = prison_get_ip6(cred, &lia6);
if (error)
return (error);
if (IN6_IS_ADDR_UNSPECIFIED(&lia6))
return (1);
bcopy(&lia6, ia6, sizeof(struct in6_addr));
return (0);
}
/*
* Called with a modifying token held, but must still obtain p_spin to
* actually replace p_ucred to handle races against syscall entry from
* other threads which cache p_ucred->td_ucred.
*
* (the threads will only get the spin-lock, and they only need to in
* the case where td_ucred != p_ucred so this is optimal).
*/
struct ucred *
cratom_proc(struct proc *p)
{
struct ucred *oldcr;
struct ucred *newcr;
oldcr = p->p_ucred;
if (oldcr->cr_ref == 1)
return(oldcr);
newcr = crget(); /* this might block */
oldcr = p->p_ucred; /* so re-cache oldcr (do not re-test) */
*newcr = *oldcr;
if (newcr->cr_uidinfo)
uihold(newcr->cr_uidinfo);
if (newcr->cr_ruidinfo)
uihold(newcr->cr_ruidinfo);
if (jailed(newcr))
prison_hold(newcr->cr_prison);
newcr->cr_ref = 1;
spin_lock(&p->p_spin);
p->p_ucred = newcr;
spin_unlock(&p->p_spin);
crfree(oldcr);
return newcr;
}
/*
* Returns holding the prison mutex if return non-NULL.
*/
static struct prison *
linux_get_prison(struct thread *td)
{
register struct prison *pr;
register struct linux_prison *lpr;
KASSERT(td == curthread, ("linux_get_prison() called on !curthread"));
if (!jailed(td->td_ucred))
return (NULL);
pr = td->td_ucred->cr_prison;
mtx_lock(&pr->pr_mtx);
if (pr->pr_linux == NULL) {
/*
* If we don't have a linux prison structure yet, allocate
* one. We have to handle the race where another thread
* could be adding a linux prison to this process already.
*/
mtx_unlock(&pr->pr_mtx);
lpr = malloc(sizeof(struct linux_prison), M_PRISON,
M_WAITOK | M_ZERO);
mtx_lock(&pr->pr_mtx);
if (pr->pr_linux == NULL)
pr->pr_linux = lpr;
else
free(lpr, M_PRISON);
}
return (pr);
}
static char *
spa_history_zone(void)
{
#ifdef _KERNEL
/* XXX: pr_hostname can be changed by default from within a jail! */
if (jailed(curthread->td_ucred))
return (curthread->td_ucred->cr_prison->pr_hostname);
#endif
return (NULL);
}
/* ARGSUSED */
int
getauid(struct thread *td, struct getauid_args *uap)
{
int error;
if (jailed(td->td_ucred))
return (ENOSYS);
error = priv_check(td, PRIV_AUDIT_GETAUDIT);
if (error)
return (error);
return (copyout(&td->td_ucred->cr_audit.ai_auid, uap->auid,
sizeof(td->td_ucred->cr_audit.ai_auid)));
}
/*
* Initiate connection to peer.
* Create a template for use in transmissions on this connection.
* Enter SYN_SENT state, and mark socket as connecting.
* Start keep-alive timer, and seed output sequence space.
* Send initial segment on connection.
*/
static int
tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
struct sockaddr_in *sinp;
//printf("tcp_usr_connect: called \n");
sinp = (struct sockaddr_in *)nam;
if (nam->sa_len != sizeof (*sinp))
return (EINVAL);
//printf("tcp_usr_connect: called family=%d\n", sinp->sin_family);
/*
* Must disallow TCP ``connections'' to multicast addresses.
*/
if (sinp->sin_family == AF_INET
&& IN_MULTICAST(ntohl(sinp->sin_addr.s_addr)))
return (EAFNOSUPPORT);
//printf("tcp_usr_connect: called 3\n");
#ifdef MAXHE_TODO
if (jailed(td->td_ucred))
prison_remote_ip(td->td_ucred, 0, &sinp->sin_addr.s_addr);
#endif // MAXHE_TODO
TCPDEBUG0;
INP_INFO_WLOCK(&tcbinfo);
inp = sotoinpcb(so);
KASSERT(inp != NULL, ("tcp_usr_connect: inp == NULL"));
INP_LOCK(inp);
#ifdef MAXHE_TODO
if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
error = EINVAL;
//printf("tcp_usr_connect: error = EINVAL\n");
goto out;
}
#endif // MAXHE_TODO
tp = intotcpcb(inp);
TCPDEBUG1();
//printf("tcp_usr_connect: calling tcp_connect\n");
if ((error = tcp_connect(tp, nam, td)) != 0)
goto out;
error = tcp_output(tp);
out:
//printf("tcp_usr_connect: return error=%d\n", error);
TCPDEBUG2(PRU_CONNECT);
INP_UNLOCK(inp);
INP_INFO_WUNLOCK(&tcbinfo);
return (error);
}
/* ARGSUSED */
int
getaudit_addr(struct thread *td, struct getaudit_addr_args *uap)
{
int error;
if (jailed(td->td_ucred))
return (ENOSYS);
if (uap->length < sizeof(*uap->auditinfo_addr))
return (EOVERFLOW);
error = priv_check(td, PRIV_AUDIT_GETAUDIT);
if (error)
return (error);
return (copyout(&td->td_ucred->cr_audit, uap->auditinfo_addr,
sizeof(*uap->auditinfo_addr)));
}
/*
* Dup cred struct to a new held one.
*/
struct ucred *
crdup(struct ucred *cr)
{
struct ucred *newcr;
newcr = crget();
*newcr = *cr;
if (newcr->cr_uidinfo)
uihold(newcr->cr_uidinfo);
if (newcr->cr_ruidinfo)
uihold(newcr->cr_ruidinfo);
if (jailed(newcr))
prison_hold(newcr->cr_prison);
newcr->cr_ref = 1;
return (newcr);
}
/*
* Copy cred structure to a new one and free the old one.
*
* MPSAFE (*cr must be stable)
*/
struct ucred *
crcopy(struct ucred *cr)
{
struct ucred *newcr;
if (cr->cr_ref == 1)
return (cr);
newcr = crget();
*newcr = *cr;
if (newcr->cr_uidinfo)
uihold(newcr->cr_uidinfo);
if (newcr->cr_ruidinfo)
uihold(newcr->cr_ruidinfo);
if (jailed(newcr))
prison_hold(newcr->cr_prison);
newcr->cr_ref = 1;
crfree(cr);
return (newcr);
}
/*
* Construct an audit record for the passed thread.
*/
static int
audit_record_ctor(void *mem, int size, void *arg, int flags)
{
struct kaudit_record *ar;
struct thread *td;
struct ucred *cred;
struct prison *pr;
KASSERT(sizeof(*ar) == size, ("audit_record_ctor: wrong size"));
td = arg;
ar = mem;
bzero(ar, sizeof(*ar));
ar->k_ar.ar_magic = AUDIT_RECORD_MAGIC;
nanotime(&ar->k_ar.ar_starttime);
/*
* Export the subject credential.
*/
cred = td->td_ucred;
cru2x(cred, &ar->k_ar.ar_subj_cred);
ar->k_ar.ar_subj_ruid = cred->cr_ruid;
ar->k_ar.ar_subj_rgid = cred->cr_rgid;
ar->k_ar.ar_subj_egid = cred->cr_groups[0];
ar->k_ar.ar_subj_auid = cred->cr_audit.ai_auid;
ar->k_ar.ar_subj_asid = cred->cr_audit.ai_asid;
ar->k_ar.ar_subj_pid = td->td_proc->p_pid;
ar->k_ar.ar_subj_amask = cred->cr_audit.ai_mask;
ar->k_ar.ar_subj_term_addr = cred->cr_audit.ai_termid;
/*
* If this process is jailed, make sure we capture the name of the
* jail so we can use it to generate a zonename token when we covert
* this record to BSM.
*/
if (jailed(cred)) {
pr = cred->cr_prison;
(void) strlcpy(ar->k_ar.ar_jailname, pr->pr_name,
sizeof(ar->k_ar.ar_jailname));
} else
ar->k_ar.ar_jailname[0] = '\0';
return (0);
}
/* ARGSUSED */
int
setaudit(struct thread *td, struct setaudit_args *uap)
{
struct ucred *newcred, *oldcred;
struct auditinfo ai;
int error;
if (jailed(td->td_ucred))
return (ENOSYS);
error = copyin(uap->auditinfo, &ai, sizeof(ai));
if (error)
return (error);
audit_arg_auditinfo(&ai);
newcred = crget();
PROC_LOCK(td->td_proc);
oldcred = td->td_proc->p_ucred;
crcopy(newcred, oldcred);
#ifdef MAC
error = mac_cred_check_setaudit(oldcred, &ai);
if (error)
goto fail;
#endif
error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT, 0);
if (error)
goto fail;
bzero(&newcred->cr_audit, sizeof(newcred->cr_audit));
newcred->cr_audit.ai_auid = ai.ai_auid;
newcred->cr_audit.ai_mask = ai.ai_mask;
newcred->cr_audit.ai_asid = ai.ai_asid;
newcred->cr_audit.ai_termid.at_addr[0] = ai.ai_termid.machine;
newcred->cr_audit.ai_termid.at_port = ai.ai_termid.port;
newcred->cr_audit.ai_termid.at_type = AU_IPv4;
td->td_proc->p_ucred = newcred;
PROC_UNLOCK(td->td_proc);
crfree(oldcred);
return (0);
fail:
PROC_UNLOCK(td->td_proc);
crfree(newcred);
return (error);
}
/*
* Atomize a cred structure so it can be modified without polluting
* other references to it.
*
* MPSAFE (however, *pcr must be stable)
*/
struct ucred *
cratom(struct ucred **pcr)
{
struct ucred *oldcr;
struct ucred *newcr;
oldcr = *pcr;
if (oldcr->cr_ref == 1)
return (oldcr);
newcr = crget();
*newcr = *oldcr;
if (newcr->cr_uidinfo)
uihold(newcr->cr_uidinfo);
if (newcr->cr_ruidinfo)
uihold(newcr->cr_ruidinfo);
if (jailed(newcr))
prison_hold(newcr->cr_prison);
newcr->cr_ref = 1;
crfree(oldcr);
*pcr = newcr;
return (newcr);
}
/* ARGSUSED */
int
setaudit_addr(struct thread *td, struct setaudit_addr_args *uap)
{
struct ucred *newcred, *oldcred;
struct auditinfo_addr aia;
int error;
if (jailed(td->td_ucred))
return (ENOSYS);
error = copyin(uap->auditinfo_addr, &aia, sizeof(aia));
if (error)
return (error);
audit_arg_auditinfo_addr(&aia);
if (aia.ai_termid.at_type != AU_IPv6 &&
aia.ai_termid.at_type != AU_IPv4)
return (EINVAL);
newcred = crget();
PROC_LOCK(td->td_proc);
oldcred = td->td_proc->p_ucred;
crcopy(newcred, oldcred);
#ifdef MAC
error = mac_cred_check_setaudit_addr(oldcred, &aia);
if (error)
goto fail;
#endif
error = priv_check_cred(oldcred, PRIV_AUDIT_SETAUDIT, 0);
if (error)
goto fail;
newcred->cr_audit = aia;
td->td_proc->p_ucred = newcred;
PROC_UNLOCK(td->td_proc);
crfree(oldcred);
return (0);
fail:
PROC_UNLOCK(td->td_proc);
crfree(newcred);
return (error);
}
/* ARGSUSED */
int
getaudit(struct thread *td, struct getaudit_args *uap)
{
struct auditinfo ai;
struct ucred *cred;
int error;
cred = td->td_ucred;
if (jailed(cred))
return (ENOSYS);
error = priv_check(td, PRIV_AUDIT_GETAUDIT);
if (error)
return (error);
if (cred->cr_audit.ai_termid.at_type == AU_IPv6)
return (E2BIG);
bzero(&ai, sizeof(ai));
ai.ai_auid = cred->cr_audit.ai_auid;
ai.ai_mask = cred->cr_audit.ai_mask;
ai.ai_asid = cred->cr_audit.ai_asid;
ai.ai_termid.machine = cred->cr_audit.ai_termid.at_addr[0];
ai.ai_termid.port = cred->cr_audit.ai_termid.at_port;
return (copyout(&ai, uap->auditinfo, sizeof(ai)));
}
/*
* Modify the set 'set' to use a copy of the mask provided. Apply this new
* mask to restrict all children in the tree. Checks for validity before
* applying the changes.
*/
static int
cpuset_modify(struct cpuset *set, cpuset_t *mask)
{
struct cpuset *root;
int error;
error = priv_check(curthread, PRIV_SCHED_CPUSET);
if (error)
return (error);
/*
* In case we are called from within the jail
* we do not allow modifying the dedicated root
* cpuset of the jail but may still allow to
* change child sets.
*/
if (jailed(curthread->td_ucred) &&
set->cs_flags & CPU_SET_ROOT)
return (EPERM);
/*
* Verify that we have access to this set of
* cpus.
*/
root = set->cs_parent;
if (root && !CPU_SUBSET(&root->cs_mask, mask))
return (EINVAL);
mtx_lock_spin(&cpuset_lock);
error = cpuset_testupdate(set, mask);
if (error)
goto out;
cpuset_update(set, mask);
CPU_COPY(mask, &set->cs_mask);
out:
mtx_unlock_spin(&cpuset_lock);
return (error);
}
/*
* Atomize a cred structure so it can be modified without polluting
* other references to it.
*
* MPSAFE (however, *pcr must be stable)
*/
struct ucred *
cratom(struct ucred **pcr)
{
struct ucred *oldcr;
struct ucred *newcr;
oldcr = *pcr;
if (oldcr->cr_ref == 1)
return (oldcr);
newcr = crget(); /* this might block */
oldcr = *pcr; /* re-cache after potentially blocking */
*newcr = *oldcr;
if (newcr->cr_uidinfo)
uihold(newcr->cr_uidinfo);
if (newcr->cr_ruidinfo)
uihold(newcr->cr_ruidinfo);
if (jailed(newcr))
prison_hold(newcr->cr_prison);
newcr->cr_ref = 1;
crfree(oldcr);
*pcr = newcr;
return (newcr);
}
/*
* Fill in a struct kinfo_proc.
*
* NOTE! We may be asked to fill in kinfo_proc for a zombied process, and
* the process may be in the middle of being deallocated. Check all pointers
* for NULL.
*
* Caller must hold p->p_token
*/
void
fill_kinfo_proc(struct proc *p, struct kinfo_proc *kp)
{
struct session *sess;
struct pgrp *pgrp;
struct vmspace *vm;
pgrp = p->p_pgrp;
sess = pgrp ? pgrp->pg_session : NULL;
bzero(kp, sizeof(*kp));
kp->kp_paddr = (uintptr_t)p;
kp->kp_fd = (uintptr_t)p->p_fd;
kp->kp_flags = p->p_flags;
kp->kp_stat = p->p_stat;
kp->kp_lock = p->p_lock;
kp->kp_acflag = p->p_acflag;
kp->kp_traceflag = p->p_traceflag;
kp->kp_siglist = p->p_siglist;
if (p->p_sigacts) {
kp->kp_sigignore = p->p_sigignore; /* p_sigacts-> */
kp->kp_sigcatch = p->p_sigcatch; /* p_sigacts-> */
kp->kp_sigflag = p->p_sigacts->ps_flag;
}
kp->kp_start = p->p_start;
strncpy(kp->kp_comm, p->p_comm, sizeof(kp->kp_comm) - 1);
kp->kp_comm[sizeof(kp->kp_comm) - 1] = 0;
if (p->p_ucred) {
kp->kp_uid = p->p_ucred->cr_uid;
kp->kp_ngroups = p->p_ucred->cr_ngroups;
if (p->p_ucred->cr_groups) {
bcopy(p->p_ucred->cr_groups, kp->kp_groups,
NGROUPS * sizeof(kp->kp_groups[0]));
}
kp->kp_ruid = p->p_ucred->cr_ruid;
kp->kp_svuid = p->p_ucred->cr_svuid;
kp->kp_rgid = p->p_ucred->cr_rgid;
kp->kp_svgid = p->p_ucred->cr_svgid;
}
kp->kp_pid = p->p_pid;
if (p->p_oppid != 0)
kp->kp_ppid = p->p_oppid;
else
kp->kp_ppid = p->p_pptr != NULL ? p->p_pptr->p_pid : -1;
if (pgrp) {
kp->kp_pgid = pgrp->pg_id;
kp->kp_jobc = pgrp->pg_jobc;
}
if (sess) {
kp->kp_sid = sess->s_sid;
bcopy(sess->s_login, kp->kp_login, MAXLOGNAME);
if (sess->s_ttyvp != NULL)
kp->kp_auxflags |= KI_CTTY;
if ((p->p_session != NULL) && SESS_LEADER(p))
kp->kp_auxflags |= KI_SLEADER;
}
if (sess && (p->p_flags & P_CONTROLT) != 0 && sess->s_ttyp != NULL) {
kp->kp_tdev = dev2udev(sess->s_ttyp->t_dev);
if (sess->s_ttyp->t_pgrp != NULL)
kp->kp_tpgid = sess->s_ttyp->t_pgrp->pg_id;
else
kp->kp_tpgid = -1;
if (sess->s_ttyp->t_session != NULL)
kp->kp_tsid = sess->s_ttyp->t_session->s_sid;
else
kp->kp_tsid = -1;
} else {
kp->kp_tdev = NOUDEV;
}
kp->kp_exitstat = p->p_xstat;
kp->kp_nthreads = p->p_nthreads;
kp->kp_nice = p->p_nice;
kp->kp_swtime = p->p_swtime;
if ((vm = p->p_vmspace) != NULL) {
#ifdef _KERNEL
/*sysref_get(&vm->vm_sysref);*/
/*lwkt_gettoken(&vm->vm_map.token);*/
#endif
kp->kp_vm_map_size = vm->vm_map.size;
kp->kp_vm_rssize = vmspace_resident_count(vm);
#ifdef _KERNEL
/*XXX MP RACES */
/*kp->kp_vm_prssize = vmspace_president_count(vm);*/
#endif
kp->kp_vm_swrss = vm->vm_swrss;
kp->kp_vm_tsize = vm->vm_tsize;
kp->kp_vm_dsize = vm->vm_dsize;
kp->kp_vm_ssize = vm->vm_ssize;
#ifdef _KERNEL
/*lwkt_reltoken(&vm->vm_map.token);*/
/*sysref_put(&vm->vm_sysref);*/
#endif
}
if (p->p_ucred && jailed(p->p_ucred))
kp->kp_jailid = p->p_ucred->cr_prison->pr_id;
kp->kp_ru = p->p_ru;
kp->kp_cru = p->p_cru;
}
/*
* Layout:
* - column counts
* - header
* - single-threaded process
* - multi-threaded process
* - thread in a MT process
*
* 1 2 3 4 5 6 7
* 1234567890123456789012345678901234567890123456789012345678901234567890
* pid ppid pgrp uid state wmesg wchan cmd
* <pid> <ppi> <pgi> <uid> <stat> < wmesg > < wchan > <name>
* <pid> <ppi> <pgi> <uid> <stat> (threaded) <command>
* <tid > <stat> < wmesg > < wchan > <name>
*
* For machines with 64-bit pointers, we expand the wchan field 8 more
* characters.
*/
void
db_ps(db_expr_t addr, boolean_t hasaddr, db_expr_t count, char *modif)
{
volatile struct proc *p, *pp;
volatile struct thread *td;
struct ucred *cred;
struct pgrp *pgrp;
char state[9];
int np, rflag, sflag, dflag, lflag, wflag;
np = nprocs;
if (!LIST_EMPTY(&allproc))
p = LIST_FIRST(&allproc);
else
p = &proc0;
#ifdef __LP64__
db_printf(" pid ppid pgrp uid state wmesg wchan cmd\n");
#else
db_printf(" pid ppid pgrp uid state wmesg wchan cmd\n");
#endif
while (--np >= 0 && !db_pager_quit) {
if (p == NULL) {
db_printf("oops, ran out of processes early!\n");
break;
}
pp = p->p_pptr;
if (pp == NULL)
pp = p;
cred = p->p_ucred;
pgrp = p->p_pgrp;
db_printf("%5d %5d %5d %5d ", p->p_pid, pp->p_pid,
pgrp != NULL ? pgrp->pg_id : 0,
cred != NULL ? cred->cr_ruid : 0);
/* Determine our primary process state. */
switch (p->p_state) {
case PRS_NORMAL:
if (P_SHOULDSTOP(p))
state[0] = 'T';
else {
/*
* One of D, L, R, S, W. For a
* multithreaded process we will use
* the state of the thread with the
* highest precedence. The
* precendence order from high to low
* is R, L, D, S, W. If no thread is
* in a sane state we use '?' for our
* primary state.
*/
rflag = sflag = dflag = lflag = wflag = 0;
FOREACH_THREAD_IN_PROC(p, td) {
if (td->td_state == TDS_RUNNING ||
td->td_state == TDS_RUNQ ||
td->td_state == TDS_CAN_RUN)
rflag++;
if (TD_ON_LOCK(td))
lflag++;
if (TD_IS_SLEEPING(td)) {
if (!(td->td_flags & TDF_SINTR))
dflag++;
else
sflag++;
}
if (TD_AWAITING_INTR(td))
wflag++;
}
if (rflag)
state[0] = 'R';
else if (lflag)
state[0] = 'L';
else if (dflag)
state[0] = 'D';
else if (sflag)
state[0] = 'S';
else if (wflag)
state[0] = 'W';
else
state[0] = '?';
}
break;
case PRS_NEW:
state[0] = 'N';
break;
case PRS_ZOMBIE:
state[0] = 'Z';
break;
default:
state[0] = 'U';
break;
}
state[1] = '\0';
/* Additional process state flags. */
if (!(p->p_flag & P_INMEM))
strlcat(state, "W", sizeof(state));
if (p->p_flag & P_TRACED)
strlcat(state, "X", sizeof(state));
if (p->p_flag & P_WEXIT && p->p_state != PRS_ZOMBIE)
strlcat(state, "E", sizeof(state));
if (p->p_flag & P_PPWAIT)
strlcat(state, "V", sizeof(state));
if (p->p_flag & P_SYSTEM || p->p_lock > 0)
strlcat(state, "L", sizeof(state));
if (p->p_session != NULL && SESS_LEADER(p))
strlcat(state, "s", sizeof(state));
/* Cheated here and didn't compare pgid's. */
if (p->p_flag & P_CONTROLT)
strlcat(state, "+", sizeof(state));
if (cred != NULL && jailed(cred))
strlcat(state, "J", sizeof(state));
db_printf(" %-6.6s ", state);
if (p->p_flag & P_HADTHREADS) {
#ifdef __LP64__
db_printf(" (threaded) ");
#else
db_printf(" (threaded) ");
#endif
if (p->p_flag & P_SYSTEM)
db_printf("[");
db_printf("%s", p->p_comm);
if (p->p_flag & P_SYSTEM)
db_printf("]");
db_printf("\n");
}
FOREACH_THREAD_IN_PROC(p, td) {
dumpthread(p, td, p->p_flag & P_HADTHREADS);
if (db_pager_quit)
break;
}
p = LIST_NEXT(p, p_list);
if (p == NULL && np > 0)
p = LIST_FIRST(&zombproc);
}
int
procfs_doprocstatus(PFS_FILL_ARGS)
{
struct session *sess;
struct thread *tdfirst;
struct tty *tp;
struct ucred *cr;
const char *wmesg;
char *pc;
char *sep;
int pid, ppid, pgid, sid;
int i;
pid = p->p_pid;
PROC_LOCK(p);
ppid = p->p_pptr ? p->p_pptr->p_pid : 0;
pgid = p->p_pgrp->pg_id;
sess = p->p_pgrp->pg_session;
SESS_LOCK(sess);
sid = sess->s_leader ? sess->s_leader->p_pid : 0;
/* comm pid ppid pgid sid tty ctty,sldr start ut st wmsg
euid ruid rgid,egid,groups[1 .. ngroups]
*/
pc = p->p_comm;
do {
if (*pc < 33 || *pc > 126 || *pc == '\\')
sbuf_printf(sb, "\\%03o", *pc);
else
sbuf_putc(sb, *pc);
} while (*++pc);
sbuf_printf(sb, " %d %d %d %d ", pid, ppid, pgid, sid);
if ((p->p_flag & P_CONTROLT) && (tp = sess->s_ttyp))
sbuf_printf(sb, "%s ", devtoname(tp->t_dev));
else
sbuf_printf(sb, "- ");
sep = "";
if (sess->s_ttyvp) {
sbuf_printf(sb, "%sctty", sep);
sep = ",";
}
if (SESS_LEADER(p)) {
sbuf_printf(sb, "%ssldr", sep);
sep = ",";
}
SESS_UNLOCK(sess);
if (*sep != ',') {
sbuf_printf(sb, "noflags");
}
tdfirst = FIRST_THREAD_IN_PROC(p);
thread_lock(tdfirst);
if (tdfirst->td_wchan != NULL) {
KASSERT(tdfirst->td_wmesg != NULL,
("wchan %p has no wmesg", tdfirst->td_wchan));
wmesg = tdfirst->td_wmesg;
} else
wmesg = "nochan";
thread_unlock(tdfirst);
if (p->p_flag & P_INMEM) {
struct timeval start, ut, st;
PROC_SLOCK(p);
calcru(p, &ut, &st);
PROC_SUNLOCK(p);
start = p->p_stats->p_start;
timevaladd(&start, &boottime);
sbuf_printf(sb, " %jd,%ld %jd,%ld %jd,%ld",
(intmax_t)start.tv_sec, start.tv_usec,
(intmax_t)ut.tv_sec, ut.tv_usec,
(intmax_t)st.tv_sec, st.tv_usec);
} else
sbuf_printf(sb, " -1,-1 -1,-1 -1,-1");
sbuf_printf(sb, " %s", wmesg);
cr = p->p_ucred;
sbuf_printf(sb, " %lu %lu %lu",
(u_long)cr->cr_uid,
(u_long)cr->cr_ruid,
(u_long)cr->cr_rgid);
/* egid (cr->cr_svgid) is equal to cr_ngroups[0]
see also getegid(2) in /sys/kern/kern_prot.c */
for (i = 0; i < cr->cr_ngroups; i++) {
sbuf_printf(sb, ",%lu", (u_long)cr->cr_groups[i]);
}
if (jailed(cr)) {
mtx_lock(&cr->cr_prison->pr_mtx);
sbuf_printf(sb, " %s",
prison_name(td->td_ucred->cr_prison, cr->cr_prison));
mtx_unlock(&cr->cr_prison->pr_mtx);
} else {
sbuf_printf(sb, " -");
}
PROC_UNLOCK(p);
sbuf_printf(sb, "\n");
return (0);
}
/*
* VFS Operations.
*
* mount system call
*/
static int
devfs_vfs_mount(struct mount *mp, char *path, caddr_t data, struct ucred *cred)
{
struct devfs_mount_info info;
struct devfs_mnt_data *mnt;
size_t size;
int error;
devfs_debug(DEVFS_DEBUG_DEBUG, "(vfsops) devfs_mount() called!\n");
if (mp->mnt_flag & MNT_UPDATE)
return (EOPNOTSUPP);
if (data == NULL) {
bzero(&info, sizeof(info));
} else {
if ((error = copyin(data, &info, sizeof(info))) != 0)
return (error);
}
mp->mnt_flag |= MNT_LOCAL;
mp->mnt_kern_flag |= MNTK_NOSTKMNT | MNTK_ALL_MPSAFE;
mp->mnt_data = NULL;
vfs_getnewfsid(mp);
size = sizeof("devfs") - 1;
bcopy("devfs", mp->mnt_stat.f_mntfromname, size);
bzero(mp->mnt_stat.f_mntfromname + size, MNAMELEN - size);
copyinstr(path, mp->mnt_stat.f_mntonname,
sizeof(mp->mnt_stat.f_mntonname) -1, &size);
devfs_vfs_statfs(mp, &mp->mnt_stat, cred);
/*
* XXX: save other mount info passed from userland or so.
*/
mnt = kmalloc(sizeof(*mnt), M_DEVFS, M_WAITOK | M_ZERO);
lockmgr(&devfs_lock, LK_EXCLUSIVE);
mp->mnt_data = (qaddr_t)mnt;
if (info.flags & DEVFS_MNT_JAIL)
mnt->jailed = 1;
else
mnt->jailed = jailed(cred);
mnt->leak_count = 0;
mnt->file_count = 0;
mnt->mp = mp;
TAILQ_INIT(&mnt->orphan_list);
mnt->root_node = devfs_allocp(Nroot, "", NULL, mp, NULL);
KKASSERT(mnt->root_node);
lockmgr(&devfs_lock, LK_RELEASE);
vfs_add_vnodeops(mp, &devfs_vnode_norm_vops, &mp->mnt_vn_norm_ops);
vfs_add_vnodeops(mp, &devfs_vnode_dev_vops, &mp->mnt_vn_spec_ops);
devfs_debug(DEVFS_DEBUG_DEBUG, "calling devfs_mount_add\n");
devfs_mount_add(mnt);
return (0);
}
/* ARGSUSED */
int
auditon(struct thread *td, struct auditon_args *uap)
{
struct ucred *cred, *newcred, *oldcred;
int error;
union auditon_udata udata;
struct proc *tp;
if (jailed(td->td_ucred))
return (ENOSYS);
AUDIT_ARG_CMD(uap->cmd);
#ifdef MAC
error = mac_system_check_auditon(td->td_ucred, uap->cmd);
if (error)
return (error);
#endif
error = priv_check(td, PRIV_AUDIT_CONTROL);
if (error)
return (error);
if ((uap->length <= 0) || (uap->length > sizeof(union auditon_udata)))
return (EINVAL);
memset((void *)&udata, 0, sizeof(udata));
/*
* Some of the GET commands use the arguments too.
*/
switch (uap->cmd) {
case A_SETPOLICY:
case A_OLDSETPOLICY:
case A_SETKMASK:
case A_SETQCTRL:
case A_OLDSETQCTRL:
case A_SETSTAT:
case A_SETUMASK:
case A_SETSMASK:
case A_SETCOND:
case A_OLDSETCOND:
case A_SETCLASS:
case A_SETPMASK:
case A_SETFSIZE:
case A_SETKAUDIT:
case A_GETCLASS:
case A_GETPINFO:
case A_GETPINFO_ADDR:
case A_SENDTRIGGER:
error = copyin(uap->data, (void *)&udata, uap->length);
if (error)
return (error);
AUDIT_ARG_AUDITON(&udata);
break;
}
/*
* XXXAUDIT: Locking?
*/
switch (uap->cmd) {
case A_OLDGETPOLICY:
case A_GETPOLICY:
if (uap->length == sizeof(udata.au_policy64)) {
if (!audit_fail_stop)
udata.au_policy64 |= AUDIT_CNT;
if (audit_panic_on_write_fail)
udata.au_policy64 |= AUDIT_AHLT;
if (audit_argv)
udata.au_policy64 |= AUDIT_ARGV;
if (audit_arge)
udata.au_policy64 |= AUDIT_ARGE;
break;
}
if (uap->length != sizeof(udata.au_policy))
return (EINVAL);
if (!audit_fail_stop)
udata.au_policy |= AUDIT_CNT;
if (audit_panic_on_write_fail)
udata.au_policy |= AUDIT_AHLT;
if (audit_argv)
udata.au_policy |= AUDIT_ARGV;
if (audit_arge)
udata.au_policy |= AUDIT_ARGE;
break;
case A_OLDSETPOLICY:
case A_SETPOLICY:
if (uap->length == sizeof(udata.au_policy64)) {
if (udata.au_policy & (~AUDIT_CNT|AUDIT_AHLT|
AUDIT_ARGV|AUDIT_ARGE))
return (EINVAL);
audit_fail_stop = ((udata.au_policy64 & AUDIT_CNT) ==
0);
audit_panic_on_write_fail = (udata.au_policy64 &
AUDIT_AHLT);
audit_argv = (udata.au_policy64 & AUDIT_ARGV);
audit_arge = (udata.au_policy64 & AUDIT_ARGE);
break;
}
if (uap->length != sizeof(udata.au_policy))
return (EINVAL);
if (udata.au_policy & ~(AUDIT_CNT|AUDIT_AHLT|AUDIT_ARGV|
AUDIT_ARGE))
return (EINVAL);
/*
* XXX - Need to wake up waiters if the policy relaxes?
*/
audit_fail_stop = ((udata.au_policy & AUDIT_CNT) == 0);
audit_panic_on_write_fail = (udata.au_policy & AUDIT_AHLT);
audit_argv = (udata.au_policy & AUDIT_ARGV);
audit_arge = (udata.au_policy & AUDIT_ARGE);
break;
case A_GETKMASK:
if (uap->length != sizeof(udata.au_mask))
return (EINVAL);
udata.au_mask = audit_nae_mask;
break;
case A_SETKMASK:
if (uap->length != sizeof(udata.au_mask))
return (EINVAL);
audit_nae_mask = udata.au_mask;
break;
case A_OLDGETQCTRL:
case A_GETQCTRL:
if (uap->length == sizeof(udata.au_qctrl64)) {
udata.au_qctrl64.aq64_hiwater =
(u_int64_t)audit_qctrl.aq_hiwater;
udata.au_qctrl64.aq64_lowater =
(u_int64_t)audit_qctrl.aq_lowater;
udata.au_qctrl64.aq64_bufsz =
(u_int64_t)audit_qctrl.aq_bufsz;
udata.au_qctrl64.aq64_minfree =
(u_int64_t)audit_qctrl.aq_minfree;
break;
}
if (uap->length != sizeof(udata.au_qctrl))
return (EINVAL);
udata.au_qctrl = audit_qctrl;
break;
case A_OLDSETQCTRL:
case A_SETQCTRL:
if (uap->length == sizeof(udata.au_qctrl64)) {
if ((udata.au_qctrl64.aq64_hiwater > AQ_MAXHIGH) ||
(udata.au_qctrl64.aq64_lowater >=
udata.au_qctrl.aq_hiwater) ||
(udata.au_qctrl64.aq64_bufsz > AQ_MAXBUFSZ) ||
(udata.au_qctrl64.aq64_minfree < 0) ||
(udata.au_qctrl64.aq64_minfree > 100))
return (EINVAL);
audit_qctrl.aq_hiwater =
(int)udata.au_qctrl64.aq64_hiwater;
audit_qctrl.aq_lowater =
(int)udata.au_qctrl64.aq64_lowater;
audit_qctrl.aq_bufsz =
(int)udata.au_qctrl64.aq64_bufsz;
audit_qctrl.aq_minfree =
(int)udata.au_qctrl64.aq64_minfree;
audit_qctrl.aq_delay = -1; /* Not used. */
break;
}
if (uap->length != sizeof(udata.au_qctrl))
return (EINVAL);
if ((udata.au_qctrl.aq_hiwater > AQ_MAXHIGH) ||
(udata.au_qctrl.aq_lowater >= udata.au_qctrl.aq_hiwater) ||
(udata.au_qctrl.aq_bufsz > AQ_MAXBUFSZ) ||
(udata.au_qctrl.aq_minfree < 0) ||
(udata.au_qctrl.aq_minfree > 100))
return (EINVAL);
audit_qctrl = udata.au_qctrl;
/* XXX The queue delay value isn't used with the kernel. */
audit_qctrl.aq_delay = -1;
break;
case A_GETCWD:
return (ENOSYS);
break;
case A_GETCAR:
return (ENOSYS);
break;
case A_GETSTAT:
return (ENOSYS);
break;
case A_SETSTAT:
return (ENOSYS);
break;
case A_SETUMASK:
return (ENOSYS);
break;
case A_SETSMASK:
return (ENOSYS);
break;
case A_OLDGETCOND:
case A_GETCOND:
if (uap->length == sizeof(udata.au_cond64)) {
if (audit_enabled && !audit_suspended)
udata.au_cond64 = AUC_AUDITING;
else
udata.au_cond64 = AUC_NOAUDIT;
break;
}
if (uap->length != sizeof(udata.au_cond))
return (EINVAL);
if (audit_enabled && !audit_suspended)
udata.au_cond = AUC_AUDITING;
else
udata.au_cond = AUC_NOAUDIT;
break;
case A_OLDSETCOND:
case A_SETCOND:
if (uap->length == sizeof(udata.au_cond64)) {
if (udata.au_cond64 == AUC_NOAUDIT)
audit_suspended = 1;
if (udata.au_cond64 == AUC_AUDITING)
audit_suspended = 0;
if (udata.au_cond64 == AUC_DISABLED) {
audit_suspended = 1;
audit_shutdown(NULL, 0);
}
break;
}
if (uap->length != sizeof(udata.au_cond))
return (EINVAL);
if (udata.au_cond == AUC_NOAUDIT)
audit_suspended = 1;
if (udata.au_cond == AUC_AUDITING)
audit_suspended = 0;
if (udata.au_cond == AUC_DISABLED) {
audit_suspended = 1;
audit_shutdown(NULL, 0);
}
break;
case A_GETCLASS:
if (uap->length != sizeof(udata.au_evclass))
return (EINVAL);
udata.au_evclass.ec_class = au_event_class(
udata.au_evclass.ec_number);
break;
case A_SETCLASS:
if (uap->length != sizeof(udata.au_evclass))
return (EINVAL);
au_evclassmap_insert(udata.au_evclass.ec_number,
udata.au_evclass.ec_class);
break;
case A_GETPINFO:
if (uap->length != sizeof(udata.au_aupinfo))
return (EINVAL);
if (udata.au_aupinfo.ap_pid < 1)
return (ESRCH);
if ((tp = pfind(udata.au_aupinfo.ap_pid)) == NULL)
return (ESRCH);
if ((error = p_cansee(td, tp)) != 0) {
PROC_UNLOCK(tp);
return (error);
}
cred = tp->p_ucred;
if (cred->cr_audit.ai_termid.at_type == AU_IPv6) {
PROC_UNLOCK(tp);
return (EINVAL);
}
udata.au_aupinfo.ap_auid = cred->cr_audit.ai_auid;
udata.au_aupinfo.ap_mask.am_success =
cred->cr_audit.ai_mask.am_success;
udata.au_aupinfo.ap_mask.am_failure =
cred->cr_audit.ai_mask.am_failure;
udata.au_aupinfo.ap_termid.machine =
cred->cr_audit.ai_termid.at_addr[0];
udata.au_aupinfo.ap_termid.port =
(dev_t)cred->cr_audit.ai_termid.at_port;
udata.au_aupinfo.ap_asid = cred->cr_audit.ai_asid;
PROC_UNLOCK(tp);
break;
case A_SETPMASK:
if (uap->length != sizeof(udata.au_aupinfo))
return (EINVAL);
if (udata.au_aupinfo.ap_pid < 1)
return (ESRCH);
newcred = crget();
if ((tp = pfind(udata.au_aupinfo.ap_pid)) == NULL) {
crfree(newcred);
return (ESRCH);
}
if ((error = p_cansee(td, tp)) != 0) {
PROC_UNLOCK(tp);
crfree(newcred);
return (error);
}
oldcred = tp->p_ucred;
crcopy(newcred, oldcred);
newcred->cr_audit.ai_mask.am_success =
udata.au_aupinfo.ap_mask.am_success;
newcred->cr_audit.ai_mask.am_failure =
udata.au_aupinfo.ap_mask.am_failure;
td->td_proc->p_ucred = newcred;
PROC_UNLOCK(tp);
crfree(oldcred);
break;
case A_SETFSIZE:
if (uap->length != sizeof(udata.au_fstat))
return (EINVAL);
if ((udata.au_fstat.af_filesz != 0) &&
(udata.au_fstat.af_filesz < MIN_AUDIT_FILE_SIZE))
return (EINVAL);
audit_fstat.af_filesz = udata.au_fstat.af_filesz;
break;
case A_GETFSIZE:
if (uap->length != sizeof(udata.au_fstat))
return (EINVAL);
udata.au_fstat.af_filesz = audit_fstat.af_filesz;
udata.au_fstat.af_currsz = audit_fstat.af_currsz;
break;
case A_GETPINFO_ADDR:
if (uap->length != sizeof(udata.au_aupinfo_addr))
return (EINVAL);
if (udata.au_aupinfo_addr.ap_pid < 1)
return (ESRCH);
if ((tp = pfind(udata.au_aupinfo_addr.ap_pid)) == NULL)
return (ESRCH);
cred = tp->p_ucred;
udata.au_aupinfo_addr.ap_auid = cred->cr_audit.ai_auid;
udata.au_aupinfo_addr.ap_mask.am_success =
cred->cr_audit.ai_mask.am_success;
udata.au_aupinfo_addr.ap_mask.am_failure =
cred->cr_audit.ai_mask.am_failure;
udata.au_aupinfo_addr.ap_termid = cred->cr_audit.ai_termid;
udata.au_aupinfo_addr.ap_asid = cred->cr_audit.ai_asid;
PROC_UNLOCK(tp);
break;
case A_GETKAUDIT:
if (uap->length != sizeof(udata.au_kau_info))
return (EINVAL);
audit_get_kinfo(&udata.au_kau_info);
break;
case A_SETKAUDIT:
if (uap->length != sizeof(udata.au_kau_info))
return (EINVAL);
if (udata.au_kau_info.ai_termid.at_type != AU_IPv4 &&
udata.au_kau_info.ai_termid.at_type != AU_IPv6)
return (EINVAL);
audit_set_kinfo(&udata.au_kau_info);
break;
case A_SENDTRIGGER:
if (uap->length != sizeof(udata.au_trigger))
return (EINVAL);
if ((udata.au_trigger < AUDIT_TRIGGER_MIN) ||
(udata.au_trigger > AUDIT_TRIGGER_MAX))
return (EINVAL);
return (audit_send_trigger(udata.au_trigger));
default:
return (EINVAL);
}
/*
* Copy data back to userspace for the GET comands.
*/
switch (uap->cmd) {
case A_GETPOLICY:
case A_OLDGETPOLICY:
case A_GETKMASK:
case A_GETQCTRL:
case A_OLDGETQCTRL:
case A_GETCWD:
case A_GETCAR:
case A_GETSTAT:
case A_GETCOND:
case A_OLDGETCOND:
case A_GETCLASS:
case A_GETPINFO:
case A_GETFSIZE:
case A_GETPINFO_ADDR:
case A_GETKAUDIT:
error = copyout((void *)&udata, uap->data, uap->length);
if (error)
return (error);
break;
}
return (0);
}
/* ARGSUSED */
int
audit(struct thread *td, struct audit_args *uap)
{
int error;
void * rec;
struct kaudit_record *ar;
if (jailed(td->td_ucred))
return (ENOSYS);
error = priv_check(td, PRIV_AUDIT_SUBMIT);
if (error)
return (error);
if ((uap->length <= 0) || (uap->length > audit_qctrl.aq_bufsz))
return (EINVAL);
ar = currecord();
/*
* If there's no current audit record (audit() itself not audited)
* commit the user audit record.
*/
if (ar == NULL) {
/*
* This is not very efficient; we're required to allocate a
* complete kernel audit record just so the user record can
* tag along.
*
* XXXAUDIT: Maybe AUE_AUDIT in the system call context and
* special pre-select handling?
*/
td->td_ar = audit_new(AUE_NULL, td);
if (td->td_ar == NULL)
return (ENOTSUP);
td->td_pflags |= TDP_AUDITREC;
ar = td->td_ar;
}
if (uap->length > MAX_AUDIT_RECORD_SIZE)
return (EINVAL);
rec = malloc(uap->length, M_AUDITDATA, M_WAITOK);
error = copyin(uap->record, rec, uap->length);
if (error)
goto free_out;
/* Verify the record. */
if (bsm_rec_verify(rec) == 0) {
error = EINVAL;
goto free_out;
}
#ifdef MAC
error = mac_system_check_audit(td->td_ucred, rec, uap->length);
if (error)
goto free_out;
#endif
/*
* Attach the user audit record to the kernel audit record. Because
* this system call is an auditable event, we will write the user
* record along with the record for this audit event.
*
* XXXAUDIT: KASSERT appropriate starting values of k_udata, k_ulen,
* k_ar_commit & AR_COMMIT_USER?
*/
ar->k_udata = rec;
ar->k_ulen = uap->length;
ar->k_ar_commit |= AR_COMMIT_USER;
/*
* Currently we assume that all preselection has been performed in
* userspace. We unconditionally set these masks so that the records
* get committed both to the trail and pipe. In the future we will
* want to setup kernel based preselection.
*/
ar->k_ar_commit |= (AR_PRESELECT_USER_TRAIL | AR_PRESELECT_USER_PIPE);
return (0);
free_out:
/*
* audit_syscall_exit() will free the audit record on the thread even
* if we allocated it above.
*/
free(rec, M_AUDITDATA);
return (error);
}
/* ARGSUSED */
int
auditctl(struct thread *td, struct auditctl_args *uap)
{
struct nameidata nd;
struct ucred *cred;
struct vnode *vp;
int error = 0;
int flags, vfslocked;
if (jailed(td->td_ucred))
return (ENOSYS);
error = priv_check(td, PRIV_AUDIT_CONTROL);
if (error)
return (error);
vp = NULL;
cred = NULL;
/*
* If a path is specified, open the replacement vnode, perform
* validity checks, and grab another reference to the current
* credential.
*
* On Darwin, a NULL path argument is also used to disable audit.
*/
if (uap->path == NULL)
return (EINVAL);
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1,
UIO_USERSPACE, uap->path, td);
flags = AUDIT_OPEN_FLAGS;
error = vn_open(&nd, &flags, 0, NULL);
if (error)
return (error);
vfslocked = NDHASGIANT(&nd);
vp = nd.ni_vp;
#ifdef MAC
error = mac_system_check_auditctl(td->td_ucred, vp);
VOP_UNLOCK(vp, 0);
if (error) {
vn_close(vp, AUDIT_CLOSE_FLAGS, td->td_ucred, td);
VFS_UNLOCK_GIANT(vfslocked);
return (error);
}
#else
VOP_UNLOCK(vp, 0);
#endif
NDFREE(&nd, NDF_ONLY_PNBUF);
if (vp->v_type != VREG) {
vn_close(vp, AUDIT_CLOSE_FLAGS, td->td_ucred, td);
VFS_UNLOCK_GIANT(vfslocked);
return (EINVAL);
}
VFS_UNLOCK_GIANT(vfslocked);
cred = td->td_ucred;
crhold(cred);
/*
* XXXAUDIT: Should audit_suspended actually be cleared by
* audit_worker?
*/
audit_suspended = 0;
audit_rotate_vnode(cred, vp);
return (error);
}
