Author: rwatson
Date: Sun Jul 10 09:50:21 2016
New Revision: 302519
URL: https://svnweb.freebsd.org/changeset/base/302519
Log:
Audit the file-descriptor number argument for openat(2). Remove a comment
about the desirability of auditing the number, as it was in fact in the
wrong place (in the common path for open(2) and openat(2), and only the
latter accepts a file-descriptor argument). Where other ABIs support
openat(2), it may be necessary to do additional argument auditing as it is
not performed in kern_openat(9).
MFC after: 3 days
Sponsored by: DARPA, AFRL
Modified:
head/sys/kern/vfs_syscalls.c
Modified: head/sys/kern/vfs_syscalls.c
==============================================================================
--- head/sys/kern/vfs_syscalls.c Sun Jul 10 08:38:10 2016
(r302518)
+++ head/sys/kern/vfs_syscalls.c Sun Jul 10 09:50:21 2016
(r302519)
@@ -942,6 +942,7 @@ int
sys_openat(struct thread *td, struct openat_args *uap)
{
+ AUDIT_ARG_FD(uap->fd);
return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
uap->mode));
}
@@ -962,7 +963,6 @@ kern_openat(struct thread *td, int fd, c
AUDIT_ARG_FFLAGS(flags);
AUDIT_ARG_MODE(mode);
- /* XXX: audit dirfd */
cap_rights_init(&rights, CAP_LOOKUP);
flags_to_rights(flags, &rights);
/*
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
