Attachment 'gpf_audit.diff'
Download 1 --- //depot/vendor/freebsd/src/contrib/openbsm/bin/praudit/praudit.1 2008-12-02 23:35:38.000000000 0000
2 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/bin/praudit/praudit.1 2010-08-06 18:10:43.000000000 0000
3 @@ -77,6 +77,9 @@
4 record and event type are displayed.
5 This option is exclusive from
6 .Fl r .
7 +.It Fl c
8 +Don't map user credentials to the local base system and print them in raw,
9 +numeric form instead. This option is useful when auditing NFS RPCs.
10 .It Fl x
11 Print audit records in the XML output format.
12 .El
13 --- //depot/vendor/freebsd/src/contrib/openbsm/bin/praudit/praudit.c 2008-12-02 23:35:38.000000000 0000
14 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/bin/praudit/praudit.c 2010-08-06 18:10:43.000000000 0000
15 @@ -50,6 +50,7 @@
16 static char *del = ","; /* Default delimiter. */
17 static int oneline = 0;
18 static int raw = 0;
19 +static int rawcred = 0;
20 static int shortfrm = 0;
21 static int partial = 0;
22 static int xml = 0;
23 @@ -58,7 +59,7 @@
24 usage(void)
25 {
26
27 - fprintf(stderr, "usage: praudit [-lpx] [-r | -s] [-d del] "
28 + fprintf(stderr, "usage: praudit [-lpxc] [-r | -s] [-d del] "
29 "[file ...]\n");
30 exit(1);
31 }
32 @@ -93,10 +94,10 @@
33 break;
34 if (xml)
35 au_print_tok_xml(stdout, &tok, del, raw,
36 - shortfrm);
37 + shortfrm, rawcred);
38 else
39 au_print_tok(stdout, &tok, del, raw,
40 - shortfrm);
41 + shortfrm, rawcred);
42 bytesread += tok.len;
43 if (oneline) {
44 if (!xml)
45 @@ -119,8 +120,12 @@
46 int i;
47 FILE *fp;
48
49 - while ((ch = getopt(argc, argv, "d:lprsx")) != -1) {
50 + while ((ch = getopt(argc, argv, "d:lprcsx")) != -1) {
51 switch(ch) {
52 + case 'c':
53 + rawcred = 1;
54 + break;
55 +
56 case 'd':
57 del = optarg;
58 break;
59 --- //depot/vendor/freebsd/src/contrib/openbsm/bsm/libbsm.h 2009-04-19 16:37:15.000000000 0000
60 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/bsm/libbsm.h 2010-08-07 16:49:25.000000000 0000
61 @@ -502,17 +502,21 @@
62 au_tidaddr64_t tid;
63 } au_proc64ex_t;
64
65 +typedef struct {
66 + u_int32_t protocol;
67 +} au_protocol_t;
68 +
69 /*
70 - * error status 1 byte
71 + * error status 4 byte
72 * return value 4 bytes/8 bytes (32-bit/64-bit value)
73 */
74 typedef struct {
75 - u_char status;
76 + u_int32_t status;
77 u_int32_t ret;
78 } au_ret32_t;
79
80 typedef struct {
81 - u_char err;
82 + u_int32_t err;
83 u_int64_t val;
84 } au_ret64_t;
85
86 @@ -661,6 +665,10 @@
87 char *text;
88 } au_text_t;
89
90 +typedef struct {
91 + u_int32_t vtype;
92 +} au_vtype_t;
93 +
94 /*
95 * zonename length 2 bytes
96 * zonename text N bytes + 1 NULL terminator
97 @@ -723,6 +731,7 @@
98 au_proc32ex_t proc32_ex;
99 au_proc64_t proc64;
100 au_proc64ex_t proc64_ex;
101 + au_protocol_t prot;
102 au_ret32_t ret32;
103 au_ret64_t ret64;
104 au_seq_t seq;
105 @@ -735,6 +744,7 @@
106 au_subject64_t subj64;
107 au_subject64ex_t subj64_ex;
108 au_text_t text;
109 + au_vtype_t vtype;
110 au_kevent_t kevent;
111 au_invalid_t invalid;
112 au_trailer_t trail;
113 @@ -820,9 +830,9 @@
114 int au_fetch_tok(tokenstr_t *tok, u_char *buf, int len);
115 //XXX The following interface has different prototype from BSM
116 void au_print_tok(FILE *outfp, tokenstr_t *tok,
117 - char *del, char raw, char sfrm);
118 + char *del, char raw, char sfrm, char rawcred);
119 void au_print_tok_xml(FILE *outfp, tokenstr_t *tok,
120 - char *del, char raw, char sfrm);
121 + char *del, char raw, char sfrm, char rawcred);
122
123 /*
124 * Functions relating to XML output.
125 @@ -836,16 +846,16 @@
126 * the FreeBSD and Mac OS X kernels)
127 */
128 int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
129 -int au_bsm_to_errno(u_char bsm_error, int *errorp);
130 +int au_bsm_to_errno(int bsm_error, int *errorp);
131 int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
132 int au_bsm_to_socket_type(u_short bsm_socket_type,
133 int *local_socket_typep);
134 u_short au_domain_to_bsm(int local_domain);
135 -u_char au_errno_to_bsm(int local_errno);
136 +int au_errno_to_bsm(int local_errno);
137 u_short au_fcntl_cmd_to_bsm(int local_fcntl_command);
138 u_short au_socket_type_to_bsm(int local_socket_type);
139
140 -const char *au_strerror(u_char bsm_error);
141 +const char *au_strerror(int bsm_error);
142 __END_DECLS
143
144 /*
145 --- //depot/vendor/freebsd/src/contrib/openbsm/etc/audit_event 2009-08-02 10:35:25.000000000 0000
146 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/etc/audit_event 2010-07-08 19:00:38.000000000 0000
147 @@ -360,6 +360,71 @@
148 360:AUE_DARWIN_SYSCTL_NONADMIN:sysctl() - non-admin:ot
149 361:AUE_DARWIN_COPYFILE:copyfile():fr,fw
150 #
151 +# NFS-specific kernel events
152 +#
153 +2000:AUE_NFS_NULL:nfsrv_null():ot
154 +2001:AUE_NFS_GETATTR:nfsrv_getattr():fa
155 +2002:AUE_NFS_SETATTR:nfsrv_setattr():fm
156 +2003:AUE_NFS_LOOKUP:nfsrv_lookup():fa,ad
157 +2004:AUE_NFS_ACCESS:nfsrv_access():fa
158 +2005:AUE_NFS_READLINK:nfsrv_readlink():fr
159 +2006:AUE_NFS_READ:nfsrv_read():fr
160 +2007:AUE_NFS_WRITE:nfsrv_write():fw
161 +2008:AUE_NFS_CREATE:nfsrv_create():fc,ad
162 +2009:AUE_NFS_MKDIR:nfsrv_mkdir():fc,ad
163 +2010:AUE_NFS_SYMLINK:nfsrv_symlink():fc,ad
164 +2011:AUE_NFS_MKNOD:nfsrv_mknod():fc,ad
165 +2012:AUE_NFS_REMOVE:nfsrv_remove():fd
166 +2013:AUE_NFS_RMDIR:nfsrv_rmdir():fd
167 +2014:AUE_NFS_RENAME:nfsrv_rename():fc,fd
168 +2015:AUE_NFS_LINK:nfsrv_link():fc
169 +2016:AUE_NFS_READDIR:nfsrv_readdir():fr
170 +2017:AUE_NFS_READDIR_PLUS:nfsrv_readdirplus():fr,ad
171 +2018:AUE_NFS_STATFS:nfsrv_statfs():fa
172 +2019:AUE_NFS_FSINFO:nfsrv_fsinfo():ot
173 +2020:AUE_NFS_PATHCONF:nfsrv_pathconf():fa
174 +2021:AUE_NFS_COMMIT:nfsrv_commit():fw
175 +2022:AUE_NFS_NOOP:nfsrv_noop():no
176 +#
177 +# NFSv4 specific RPC events
178 +#
179 +2023:AUE_NFS_CLOSE:nfsrv_close():cl
180 +2024:AUE_NFS_DELEGPURGE:nfsrv_delegpurge():ad
181 +2025:AUE_NFS_DELEGRETURN:nfsrv_delegreturn():ad
182 +2026:AUE_NFSv4_GETFH:nfsrv4_getfh():ad
183 +2027:AUE_NFS_LOCK:nfsrv_lock():fm
184 +2028:AUE_NFS_LOCKT:nfsrv_lockt():fm
185 +2029:AUE_NFS_LOCKU:nfsrv_locku():fm
186 +2030:AUE_NFS_LOOKUPP:nfsrv_lookupp():fa,ad
187 +2031:AUE_NFS_NVERIFY:nfsrv_nverify():fa
188 +2032:AUE_NFS_OPEN:nfsrv_open():fa
189 +2033:AUE_NFS_OPENATTR:nfsrv_openattr():fa
190 +2034:AUE_NFS_OPENCONFIRM:nfsrv_openconfirm():fa
191 +2035:AUE_NFS_OPENDOWNGRADE:nfsrv_opendowngrade():fm
192 +2036:AUE_NFS_PUTFH:nfsrv_putfh():ad
193 +2037:AUE_NFS_PUTPUBFH:nfsrv_putpubfh():ad
194 +2038:AUE_NFS_PUTROOTFH:nfsrv_putrootfh():ad
195 +2039:AUE_NFS_RENEW:nfsrv_renew():ad
196 +2040:AUE_NFS_RESTOREFH:nfsrv_restorefh():ad
197 +2041:AUE_NFS_SAVEFH:nfsrv_savefh():ad
198 +2042:AUE_NFS_SECINFO:nfsrv_secinfo():ot
199 +2043:AUE_NFS_SETCLIENTID:nfsrv_setclientid():aa
200 +2044:AUE_NFS_SETCLIENTIDCFRM:nfsrv_setclientidcfrm():aa
201 +2045:AUE_NFS_VERIFY:nfsrv_verify():fa
202 +2046:AUE_NFS_RELEASELCKOWN:nfsrv_releaselckown():ad
203 +2047:AUE_NFS_OPEN_R:nfsrv_open() - read:fr
204 +2048:AUE_NFS_OPEN_RC:nfsrv_open() - read, creat:fr,fc,fa,fm
205 +2049:AUE_NFS_OPEN_RTC:nfsrv_open() - read, trunc, creat:fr,fd,fc,fa,fm
206 +2050:AUE_NFS_OPEN_RT:nfsrv_open() - read, trunc:fr,fd,fa,fm
207 +2051:AUE_NFS_OPEN_RW:nfsrv_open() - read, write:fr,fw
208 +2052:AUE_NFS_OPEN_RWC:nfsrv_open() - read, write, creat:fr,fw,fc,fa,fm
209 +2053:AUE_NFS_OPEN_RWTC:nfsrv_open() - read, write, trunc, creat:fr,fw,fd,fc,fa,fm
210 +2054:AUE_NFS_OPEN_RWT:nfsrv_open() - read, write, trunc:fr,fw,fd,fa,fm
211 +2055:AUE_NFS_OPEN_W:nfsrv_open() - write:fw
212 +2056:AUE_NFS_OPEN_WC:nfsrv_open() - write, creat:fw,fc,fa,fm
213 +2057:AUE_NFS_OPEN_WTC:nfsrv_open() - write, trunc, creat:fw,fd,fc,fa,fm
214 +2058:AUE_NFS_OPEN_WT:nfsrv_open() - write, trunc:fw,fd,fa,fm
215 +#
216 # OpenBSM-specific kernel events.
217 #
218 43001:AUE_GETFSSTAT:getfsstat(2):fa
219 --- //depot/vendor/freebsd/src/contrib/openbsm/libbsm/au_errno.3 2009-03-03 17:37:22.000000000 0000
220 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/libbsm/au_errno.3 2010-08-06 18:10:43.000000000 0000
221 @@ -77,7 +77,11 @@
222 function converts a BSM error value to a string, generally by converting first to a
223 local error number and using the local
224 .Xr strerror 3
225 -function, but will also work for errors that are not locally defined.
226 +function, but will also work for errors that are not locally defined. It will also
227 +work for BSM errors limited to specific kernel modules that cannot be serviced
228 +by
229 +.Xr strerror 3 ,
230 +such as NFSv4 error values.
231 .Sh RETURN VALULES
232 On success,
233 .Fn au_bsm_to_errno
234 --- //depot/vendor/freebsd/src/contrib/openbsm/libbsm/bsm_errno.c 2009-07-17 14:37:30.000000000 0000
235 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/libbsm/bsm_errno.c 2010-08-16 13:30:34.000000000 0000
236 @@ -31,6 +31,8 @@
237
238 #include <sys/types.h>
239
240 +#include <fs/nfs/nfsproto.h>
241 +
242 #include <config/config.h>
243
244 #include <bsm/audit_errno.h>
245 @@ -43,17 +45,17 @@
246 * Different operating systems use different numeric constants for different
247 * error numbers, and sometimes error numbers don't exist in more than one
248 * operating system. These routines convert between BSM and local error
249 - * number spaces, subject to the above realities. BSM error numbers are
250 - * stored in a single 8-bit character, so don't have a byte order.
251 + * number spaces, subject to the above realities.
252 *
253 * Don't include string definitions when this code is compiled into a kernel.
254 */
255 struct bsm_errno {
256 int be_bsm_errno;
257 int be_local_errno;
258 + char be_use_strerror;
259 #if !defined(KERNEL) && !defined(_KERNEL)
260 const char *be_strerror;
261 -#endif
262 +#endif
263 };
264
265 #define ERRNO_NO_LOCAL_MAPPING -600
266 @@ -80,610 +82,953 @@
267 * string using strerror(3).
268 */
269 static const struct bsm_errno bsm_errnos[] = {
270 - { BSM_ERRNO_ESUCCESS, 0, ES("Success") },
271 - { BSM_ERRNO_EPERM, EPERM, ES("Operation not permitted") },
272 - { BSM_ERRNO_ENOENT, ENOENT, ES("No such file or directory") },
273 - { BSM_ERRNO_ESRCH, ESRCH, ES("No such process") },
274 - { BSM_ERRNO_EINTR, EINTR, ES("Interrupted system call") },
275 - { BSM_ERRNO_EIO, EIO, ES("Input/output error") },
276 - { BSM_ERRNO_ENXIO, ENXIO, ES("Device not configured") },
277 - { BSM_ERRNO_E2BIG, E2BIG, ES("Argument list too long") },
278 - { BSM_ERRNO_ENOEXEC, ENOEXEC, ES("Exec format error") },
279 - { BSM_ERRNO_EBADF, EBADF, ES("Bad file descriptor") },
280 - { BSM_ERRNO_ECHILD, ECHILD, ES("No child processes") },
281 - { BSM_ERRNO_EAGAIN, EAGAIN, ES("Resource temporarily unavailable") },
282 - { BSM_ERRNO_ENOMEM, ENOMEM, ES("Cannot allocate memory") },
283 - { BSM_ERRNO_EACCES, EACCES, ES("Permission denied") },
284 - { BSM_ERRNO_EFAULT, EFAULT, ES("Bad address") },
285 - { BSM_ERRNO_ENOTBLK, ENOTBLK, ES("Block device required") },
286 - { BSM_ERRNO_EBUSY, EBUSY, ES("Device busy") },
287 - { BSM_ERRNO_EEXIST, EEXIST, ES("File exists") },
288 - { BSM_ERRNO_EXDEV, EXDEV, ES("Cross-device link") },
289 - { BSM_ERRNO_ENODEV, ENODEV, ES("Operation not supported by device") },
290 - { BSM_ERRNO_ENOTDIR, ENOTDIR, ES("Not a directory") },
291 - { BSM_ERRNO_EISDIR, EISDIR, ES("Is a directory") },
292 - { BSM_ERRNO_EINVAL, EINVAL, ES("Invalid argument") },
293 - { BSM_ERRNO_ENFILE, ENFILE, ES("Too many open files in system") },
294 - { BSM_ERRNO_EMFILE, EMFILE, ES("Too many open files") },
295 - { BSM_ERRNO_ENOTTY, ENOTTY, ES("Inappropriate ioctl for device") },
296 - { BSM_ERRNO_ETXTBSY, ETXTBSY, ES("Text file busy") },
297 - { BSM_ERRNO_EFBIG, EFBIG, ES("File too large") },
298 - { BSM_ERRNO_ENOSPC, ENOSPC, ES("No space left on device") },
299 - { BSM_ERRNO_ESPIPE, ESPIPE, ES("Illegal seek") },
300 - { BSM_ERRNO_EROFS, EROFS, ES("Read-only file system") },
301 - { BSM_ERRNO_EMLINK, EMLINK, ES("Too many links") },
302 - { BSM_ERRNO_EPIPE, EPIPE, ES("Broken pipe") },
303 - { BSM_ERRNO_EDOM, EDOM, ES("Numerical argument out of domain") },
304 - { BSM_ERRNO_ERANGE, ERANGE, ES("Result too large") },
305 - { BSM_ERRNO_ENOMSG, ENOMSG, ES("No message of desired type") },
306 - { BSM_ERRNO_EIDRM, EIDRM, ES("Identifier removed") },
307 + { BSM_ERRNO_ESUCCESS, 0, 1, ES("Success") },
308 + { BSM_ERRNO_EPERM, EPERM, 1, ES("Operation not permitted") },
309 + { BSM_ERRNO_ENOENT, ENOENT, 1, ES("No such file or directory") },
310 + { BSM_ERRNO_ESRCH, ESRCH, 1, ES("No such process") },
311 + { BSM_ERRNO_EINTR, EINTR, 1, ES("Interrupted system call") },
312 + { BSM_ERRNO_EIO, EIO, 1, ES("Input/output error") },
313 + { BSM_ERRNO_ENXIO, ENXIO, 1, ES("Device not configured") },
314 + { BSM_ERRNO_E2BIG, E2BIG, 1, ES("Argument list too long") },
315 + { BSM_ERRNO_ENOEXEC, ENOEXEC, 1, ES("Exec format error") },
316 + { BSM_ERRNO_EBADF, EBADF, 1, ES("Bad file descriptor") },
317 + { BSM_ERRNO_ECHILD, ECHILD, 1, ES("No child processes") },
318 + { BSM_ERRNO_EAGAIN, EAGAIN, 1, ES("Resource temporarily unavailable") },
319 + { BSM_ERRNO_ENOMEM, ENOMEM, 1, ES("Cannot allocate memory") },
320 + { BSM_ERRNO_EACCES, EACCES, 1, ES("Permission denied") },
321 + { BSM_ERRNO_EFAULT, EFAULT, 1, ES("Bad address") },
322 + { BSM_ERRNO_ENOTBLK, ENOTBLK, 1, ES("Block device required") },
323 + { BSM_ERRNO_EBUSY, EBUSY, 1, ES("Device busy") },
324 + { BSM_ERRNO_EEXIST, EEXIST, 1, ES("File exists") },
325 + { BSM_ERRNO_EXDEV, EXDEV, 1, ES("Cross-device link") },
326 + { BSM_ERRNO_ENODEV, ENODEV, 1, ES("Operation not supported by device") },
327 + { BSM_ERRNO_ENOTDIR, ENOTDIR, 1, ES("Not a directory") },
328 + { BSM_ERRNO_EISDIR, EISDIR, 1, ES("Is a directory") },
329 + { BSM_ERRNO_EINVAL, EINVAL, 1, ES("Invalid argument") },
330 + { BSM_ERRNO_ENFILE, ENFILE, 1, ES("Too many open files in system") },
331 + { BSM_ERRNO_EMFILE, EMFILE, 1, ES("Too many open files") },
332 + { BSM_ERRNO_ENOTTY, ENOTTY, 1, ES("Inappropriate ioctl for device") },
333 + { BSM_ERRNO_ETXTBSY, ETXTBSY, 1, ES("Text file busy") },
334 + { BSM_ERRNO_EFBIG, EFBIG, 1, ES("File too large") },
335 + { BSM_ERRNO_ENOSPC, ENOSPC, 1, ES("No space left on device") },
336 + { BSM_ERRNO_ESPIPE, ESPIPE, 1, ES("Illegal seek") },
337 + { BSM_ERRNO_EROFS, EROFS, 1, ES("Read-only file system") },
338 + { BSM_ERRNO_EMLINK, EMLINK, 1, ES("Too many links") },
339 + { BSM_ERRNO_EPIPE, EPIPE, 1, ES("Broken pipe") },
340 + { BSM_ERRNO_EDOM, EDOM, 1, ES("Numerical argument out of domain") },
341 + { BSM_ERRNO_ERANGE, ERANGE, 1, ES("Result too large") },
342 + { BSM_ERRNO_ENOMSG, ENOMSG, 1, ES("No message of desired type") },
343 + { BSM_ERRNO_EIDRM, EIDRM, 1, ES("Identifier removed") },
344 { BSM_ERRNO_ECHRNG,
345 #ifdef ECHRNG
346 ECHRNG,
347 #else
348 ERRNO_NO_LOCAL_MAPPING,
349 #endif
350 - ES("Channel number out of range") },
351 + 1, ES("Channel number out of range") },
352 { BSM_ERRNO_EL2NSYNC,
353 #ifdef EL2NSYNC
354 EL2NSYNC,
355 #else
356 ERRNO_NO_LOCAL_MAPPING,
357 #endif
358 - ES("Level 2 not synchronized") },
359 + 1, ES("Level 2 not synchronized") },
360 { BSM_ERRNO_EL3HLT,
361 #ifdef EL3HLT
362 EL3HLT,
363 #else
364 ERRNO_NO_LOCAL_MAPPING,
365 #endif
366 - ES("Level 3 halted") },
367 + 1, ES("Level 3 halted") },
368 { BSM_ERRNO_EL3RST,
369 #ifdef EL3RST
370 EL3RST,
371 #else
372 ERRNO_NO_LOCAL_MAPPING,
373 #endif
374 - ES("Level 3 reset") },
375 + 1, ES("Level 3 reset") },
376 { BSM_ERRNO_ELNRNG,
377 #ifdef ELNRNG
378 ELNRNG,
379 #else
380 ERRNO_NO_LOCAL_MAPPING,
381 #endif
382 - ES("Link number out of range") },
383 + 1, ES("Link number out of range") },
384 { BSM_ERRNO_EUNATCH,
385 #ifdef EUNATCH
386 EUNATCH,
387 #else
388 ERRNO_NO_LOCAL_MAPPING,
389 #endif
390 - ES("Protocol driver not attached") },
391 + 1, ES("Protocol driver not attached") },
392 { BSM_ERRNO_ENOCSI,
393 #ifdef ENOCSI
394 ENOCSI,
395 #else
396 ERRNO_NO_LOCAL_MAPPING,
397 #endif
398 - ES("No CSI structure available") },
399 + 1, ES("No CSI structure available") },
400 { BSM_ERRNO_EL2HLT,
401 #ifdef EL2HLT
402 EL2HLT,
403 #else
404 ERRNO_NO_LOCAL_MAPPING,
405 #endif
406 - ES("Level 2 halted") },
407 - { BSM_ERRNO_EDEADLK, EDEADLK, ES("Resource deadlock avoided") },
408 - { BSM_ERRNO_ENOLCK, ENOLCK, ES("No locks available") },
409 - { BSM_ERRNO_ECANCELED, ECANCELED, ES("Operation canceled") },
410 - { BSM_ERRNO_ENOTSUP, ENOTSUP, ES("Operation not supported") },
411 - { BSM_ERRNO_EDQUOT, EDQUOT, ES("Disc quota exceeded") },
412 + 1, ES("Level 2 halted") },
413 + { BSM_ERRNO_EDEADLK, EDEADLK, 1, ES("Resource deadlock avoided") },
414 + { BSM_ERRNO_ENOLCK, ENOLCK, 1, ES("No locks available") },
415 + { BSM_ERRNO_ECANCELED, ECANCELED, 1, ES("Operation canceled") },
416 + { BSM_ERRNO_ENOTSUP, ENOTSUP, 1, ES("Operation not supported") },
417 + { BSM_ERRNO_EDQUOT, EDQUOT, 1, ES("Disc quota exceeded") },
418 { BSM_ERRNO_EBADE,
419 #ifdef EBADE
420 EBADE,
421 #else
422 ERRNO_NO_LOCAL_MAPPING,
423 #endif
424 - ES("Invalid exchange") },
425 + 1, ES("Invalid exchange") },
426 { BSM_ERRNO_EBADR,
427 #ifdef EBADR
428 EBADR,
429 #else
430 ERRNO_NO_LOCAL_MAPPING,
431 #endif
432 - ES("Invalid request descriptor") },
433 + 1, ES("Invalid request descriptor") },
434 { BSM_ERRNO_EXFULL,
435 #ifdef EXFULL
436 EXFULL,
437 #else
438 ERRNO_NO_LOCAL_MAPPING,
439 #endif
440 - ES("Exchange full") },
441 + 1, ES("Exchange full") },
442 { BSM_ERRNO_ENOANO,
443 #ifdef ENOANO
444 ENOANO,
445 #else
446 ERRNO_NO_LOCAL_MAPPING,
447 #endif
448 - ES("No anode") },
449 + 1, ES("No anode") },
450 { BSM_ERRNO_EBADRQC,
451 #ifdef EBADRQC
452 EBADRQC,
453 #else
454 ERRNO_NO_LOCAL_MAPPING,
455 #endif
456 - ES("Invalid request descriptor") },
457 + 1, ES("Invalid request descriptor") },
458 { BSM_ERRNO_EBADSLT,
459 #ifdef EBADSLT
460 EBADSLT,
461 #else
462 ERRNO_NO_LOCAL_MAPPING,
463 #endif
464 - ES("Invalid slot") },
465 + 1, ES("Invalid slot") },
466 { BSM_ERRNO_EDEADLOCK,
467 #ifdef EDEADLOCK
468 EDEADLOCK,
469 #else
470 ERRNO_NO_LOCAL_MAPPING,
471 #endif
472 - ES("Resource deadlock avoided") },
473 + 1, ES("Resource deadlock avoided") },
474 { BSM_ERRNO_EBFONT,
475 #ifdef EBFONT
476 EBFONT,
477 #else
478 ERRNO_NO_LOCAL_MAPPING,
479 #endif
480 - ES("Bad font file format") },
481 + 1, ES("Bad font file format") },
482 { BSM_ERRNO_EOWNERDEAD,
483 #ifdef EOWNERDEAD
484 EOWNERDEAD,
485 #else
486 ERRNO_NO_LOCAL_MAPPING,
487 #endif
488 - ES("Process died with the lock") },
489 + 1, ES("Process died with the lock") },
490 { BSM_ERRNO_ENOTRECOVERABLE,
491 #ifdef ENOTRECOVERABLE
492 ENOTRECOVERABLE,
493 #else
494 ERRNO_NO_LOCAL_MAPPING,
495 #endif
496 - ES("Lock is not recoverable") },
497 + 1, ES("Lock is not recoverable") },
498 { BSM_ERRNO_ENOSTR,
499 #ifdef ENOSTR
500 ENOSTR,
501 #else
502 ERRNO_NO_LOCAL_MAPPING,
503 #endif
504 - ES("Device not a stream") },
505 + 1, ES("Device not a stream") },
506 { BSM_ERRNO_ENONET,
507 #ifdef ENONET
508 ENONET,
509 #else
510 ERRNO_NO_LOCAL_MAPPING,
511 #endif
512 - ES("Machine is not on the network") },
513 + 1, ES("Machine is not on the network") },
514 { BSM_ERRNO_ENOPKG,
515 #ifdef ENOPKG
516 ENOPKG,
517 #else
518 ERRNO_NO_LOCAL_MAPPING,
519 #endif
520 - ES("Package not installed") },
521 + 1, ES("Package not installed") },
522 { BSM_ERRNO_EREMOTE, EREMOTE,
523 - ES("Too many levels of remote in path") },
524 + 1, ES("Too many levels of remote in path") },
525 { BSM_ERRNO_ENOLINK,
526 #ifdef ENOLINK
527 ENOLINK,
528 #else
529 ERRNO_NO_LOCAL_MAPPING,
530 #endif
531 - ES("Link has been severed") },
532 + 1, ES("Link has been severed") },
533 { BSM_ERRNO_EADV,
534 #ifdef EADV
535 EADV,
536 #else
537 ERRNO_NO_LOCAL_MAPPING,
538 #endif
539 - ES("Advertise error") },
540 + 1, ES("Advertise error") },
541 { BSM_ERRNO_ESRMNT,
542 #ifdef ESRMNT
543 ESRMNT,
544 #else
545 ERRNO_NO_LOCAL_MAPPING,
546 #endif
547 - ES("srmount error") },
548 + 1, ES("srmount error") },
549 { BSM_ERRNO_ECOMM,
550 #ifdef ECOMM
551 ECOMM,
552 #else
553 ERRNO_NO_LOCAL_MAPPING,
554 #endif
555 - ES("Communication error on send") },
556 + 1, ES("Communication error on send") },
557 { BSM_ERRNO_EPROTO,
558 #ifdef EPROTO
559 EPROTO,
560 #else
561 ERRNO_NO_LOCAL_MAPPING,
562 #endif
563 - ES("Protocol error") },
564 + 1, ES("Protocol error") },
565 { BSM_ERRNO_ELOCKUNMAPPED,
566 #ifdef ELOCKUNMAPPED
567 ELOCKUNMAPPED,
568 #else
569 ERRNO_NO_LOCAL_MAPPING,
570 #endif
571 - ES("Locked lock was unmapped") },
572 + 1, ES("Locked lock was unmapped") },
573 { BSM_ERRNO_ENOTACTIVE,
574 #ifdef ENOTACTIVE
575 ENOTACTIVE,
576 #else
577 ERRNO_NO_LOCAL_MAPPING,
578 #endif
579 - ES("Facility is not active") },
580 + 1, ES("Facility is not active") },
581 { BSM_ERRNO_EMULTIHOP,
582 #ifdef EMULTIHOP
583 EMULTIHOP,
584 #else
585 ERRNO_NO_LOCAL_MAPPING,
586 #endif
587 - ES("Multihop attempted") },
588 + 1, ES("Multihop attempted") },
589 { BSM_ERRNO_EBADMSG,
590 #ifdef EBADMSG
591 EBADMSG,
592 #else
593 ERRNO_NO_LOCAL_MAPPING,
594 #endif
595 - ES("Bad message") },
596 - { BSM_ERRNO_ENAMETOOLONG, ENAMETOOLONG, ES("File name too long") },
597 + 1, ES("Bad message") },
598 + { BSM_ERRNO_ENAMETOOLONG, ENAMETOOLONG, 1, ES("File name too long") },
599 { BSM_ERRNO_EOVERFLOW, EOVERFLOW,
600 - ES("Value too large to be stored in data type") },
601 + 1, ES("Value too large to be stored in data type") },
602 { BSM_ERRNO_ENOTUNIQ,
603 #ifdef ENOTUNIQ
604 ENOTUNIQ,
605 #else
606 ERRNO_NO_LOCAL_MAPPING,
607 #endif
608 - ES("Given log name not unique") },
609 + 1, ES("Given log name not unique") },
610 { BSM_ERRNO_EBADFD,
611 #ifdef EBADFD
612 EBADFD,
613 #else
614 ERRNO_NO_LOCAL_MAPPING,
615 #endif
616 - ES("Given f.d. invalid for this operation") },
617 + 1, ES("Given f.d. invalid for this operation") },
618 { BSM_ERRNO_EREMCHG,
619 #ifdef EREMCHG
620 EREMCHG,
621 #else
622 ERRNO_NO_LOCAL_MAPPING,
623 #endif
624 - ES("Remote address changed") },
625 + 1, ES("Remote address changed") },
626 { BSM_ERRNO_ELIBACC,
627 #ifdef ELIBACC
628 ELIBACC,
629 #else
630 ERRNO_NO_LOCAL_MAPPING,
631 #endif
632 - ES("Can't access a needed shared lib") },
633 + 1, ES("Can't access a needed shared lib") },
634 { BSM_ERRNO_ELIBBAD,
635 #ifdef ELIBBAD
636 ELIBBAD,
637 #else
638 ERRNO_NO_LOCAL_MAPPING,
639 #endif
640 - ES("Accessing a corrupted shared lib") },
641 + 1, ES("Accessing a corrupted shared lib") },
642 { BSM_ERRNO_ELIBSCN,
643 #ifdef ELIBSCN
644 ELIBSCN,
645 #else
646 ERRNO_NO_LOCAL_MAPPING,
647 #endif
648 - ES(".lib section in a.out corrupted") },
649 + 1, ES(".lib section in a.out corrupted") },
650 { BSM_ERRNO_ELIBMAX,
651 #ifdef ELIBMAX
652 ELIBMAX,
653 #else
654 ERRNO_NO_LOCAL_MAPPING,
655 #endif
656 - ES("Attempting to link in too many libs") },
657 + 1, ES("Attempting to link in too many libs") },
658 { BSM_ERRNO_ELIBEXEC,
659 #ifdef ELIBEXEC
660 ELIBEXEC,
661 #else
662 ERRNO_NO_LOCAL_MAPPING,
663 #endif
664 - ES("Attempting to exec a shared library") },
665 - { BSM_ERRNO_EILSEQ, EILSEQ, ES("Illegal byte sequence") },
666 - { BSM_ERRNO_ENOSYS, ENOSYS, ES("Function not implemented") },
667 - { BSM_ERRNO_ELOOP, ELOOP, ES("Too many levels of symbolic links") },
668 + 1, ES("Attempting to exec a shared library") },
669 + { BSM_ERRNO_EILSEQ, EILSEQ, 1, ES("Illegal byte sequence") },
670 + { BSM_ERRNO_ENOSYS, ENOSYS, 1, ES("Function not implemented") },
671 + { BSM_ERRNO_ELOOP, ELOOP, 1, ES("Too many levels of symbolic links") },
672 { BSM_ERRNO_ERESTART,
673 #ifdef ERESTART
674 ERESTART,
675 #else
676 ERRNO_NO_LOCAL_MAPPING,
677 #endif
678 - ES("Restart syscall") },
679 + 1, ES("Restart syscall") },
680 { BSM_ERRNO_ESTRPIPE,
681 #ifdef ESTRPIPE
682 ESTRPIPE,
683 #else
684 ERRNO_NO_LOCAL_MAPPING,
685 #endif
686 - ES("If pipe/FIFO, don't sleep in stream head") },
687 - { BSM_ERRNO_ENOTEMPTY, ENOTEMPTY, ES("Directory not empty") },
688 - { BSM_ERRNO_EUSERS, EUSERS, ES("Too many users") },
689 + 1, ES("If pipe/FIFO, don't sleep in stream head") },
690 + { BSM_ERRNO_ENOTEMPTY, ENOTEMPTY, 1, ES("Directory not empty") },
691 + { BSM_ERRNO_EUSERS, EUSERS, 1, ES("Too many users") },
692 { BSM_ERRNO_ENOTSOCK, ENOTSOCK,
693 - ES("Socket operation on non-socket") },
694 + 1, ES("Socket operation on non-socket") },
695 { BSM_ERRNO_EDESTADDRREQ, EDESTADDRREQ,
696 - ES("Destination address required") },
697 - { BSM_ERRNO_EMSGSIZE, EMSGSIZE, ES("Message too long") },
698 + 1, ES("Destination address required") },
699 + { BSM_ERRNO_EMSGSIZE, EMSGSIZE, 1, ES("Message too long") },
700 { BSM_ERRNO_EPROTOTYPE, EPROTOTYPE,
701 - ES("Protocol wrong type for socket") },
702 - { BSM_ERRNO_ENOPROTOOPT, ENOPROTOOPT, ES("Protocol not available") },
703 + 1, ES("Protocol wrong type for socket") },
704 + { BSM_ERRNO_ENOPROTOOPT, ENOPROTOOPT, 1, ES("Protocol not available") },
705 { BSM_ERRNO_EPROTONOSUPPORT, EPROTONOSUPPORT,
706 - ES("Protocol not supported") },
707 + 1, ES("Protocol not supported") },
708 { BSM_ERRNO_ESOCKTNOSUPPORT, ESOCKTNOSUPPORT,
709 - ES("Socket type not supported") },
710 - { BSM_ERRNO_EOPNOTSUPP, EOPNOTSUPP, ES("Operation not supported") },
711 + 1, ES("Socket type not supported") },
712 + { BSM_ERRNO_EOPNOTSUPP, EOPNOTSUPP, 1, ES("Operation not supported") },
713 { BSM_ERRNO_EPFNOSUPPORT, EPFNOSUPPORT,
714 - ES("Protocol family not supported") },
715 + 1, ES("Protocol family not supported") },
716 { BSM_ERRNO_EAFNOSUPPORT, EAFNOSUPPORT,
717 - ES("Address family not supported by protocol family") },
718 - { BSM_ERRNO_EADDRINUSE, EADDRINUSE, ES("Address already in use") },
719 + 1, ES("Address family not supported by protocol family") },
720 + { BSM_ERRNO_EADDRINUSE, EADDRINUSE, 1, ES("Address already in use") },
721 { BSM_ERRNO_EADDRNOTAVAIL, EADDRNOTAVAIL,
722 - ES("Can't assign requested address") },
723 - { BSM_ERRNO_ENETDOWN, ENETDOWN, ES("Network is down") },
724 + 1, ES("Can't assign requested address") },
725 + { BSM_ERRNO_ENETDOWN, ENETDOWN, 1, ES("Network is down") },
726 { BSM_ERRNO_ENETRESET, ENETRESET,
727 - ES("Network dropped connection on reset") },
728 + 1, ES("Network dropped connection on reset") },
729 { BSM_ERRNO_ECONNABORTED, ECONNABORTED,
730 - ES("Software caused connection abort") },
731 - { BSM_ERRNO_ECONNRESET, ECONNRESET, ES("Connection reset by peer") },
732 - { BSM_ERRNO_ENOBUFS, ENOBUFS, ES("No buffer space available") },
733 - { BSM_ERRNO_EISCONN, EISCONN, ES("Socket is already connected") },
734 - { BSM_ERRNO_ENOTCONN, ENOTCONN, ES("Socket is not connected") },
735 + 1, ES("Software caused connection abort") },
736 + { BSM_ERRNO_ECONNRESET, ECONNRESET, 1, ES("Connection reset by peer") },
737 + { BSM_ERRNO_ENOBUFS, ENOBUFS, 1, ES("No buffer space available") },
738 + { BSM_ERRNO_EISCONN, EISCONN, 1, ES("Socket is already connected") },
739 + { BSM_ERRNO_ENOTCONN, ENOTCONN, 1, ES("Socket is not connected") },
740 { BSM_ERRNO_ESHUTDOWN, ESHUTDOWN,
741 - ES("Can't send after socket shutdown") },
742 + 1, ES("Can't send after socket shutdown") },
743 { BSM_ERRNO_ETOOMANYREFS, ETOOMANYREFS,
744 - ES("Too many references: can't splice") },
745 - { BSM_ERRNO_ETIMEDOUT, ETIMEDOUT, ES("Operation timed out") },
746 - { BSM_ERRNO_ECONNREFUSED, ECONNREFUSED, ES("Connection refused") },
747 - { BSM_ERRNO_EHOSTDOWN, EHOSTDOWN, ES("Host is down") },
748 - { BSM_ERRNO_EHOSTUNREACH, EHOSTUNREACH, ES("No route to host") },
749 - { BSM_ERRNO_EALREADY, EALREADY, ES("Operation already in progress") },
750 + 1, ES("Too many references: can't splice") },
751 + { BSM_ERRNO_ETIMEDOUT, ETIMEDOUT, 1, ES("Operation timed out") },
752 + { BSM_ERRNO_ECONNREFUSED, ECONNREFUSED, 1, ES("Connection refused") },
753 + { BSM_ERRNO_EHOSTDOWN, EHOSTDOWN, 1, ES("Host is down") },
754 + { BSM_ERRNO_EHOSTUNREACH, EHOSTUNREACH, 1, ES("No route to host") },
755 + { BSM_ERRNO_EALREADY, EALREADY, 1, ES("Operation already in progress") },
756 { BSM_ERRNO_EINPROGRESS, EINPROGRESS,
757 - ES("Operation now in progress") },
758 - { BSM_ERRNO_ESTALE, ESTALE, ES("Stale NFS file handle") },
759 + 1, ES("Operation now in progress") },
760 + { BSM_ERRNO_ESTALE, ESTALE, 1, ES("Stale NFS file handle") },
761 { BSM_ERRNO_EPROCLIM,
762 #ifdef EPROCLIM
763 EPROCLIM,
764 #else
765 ERRNO_NO_LOCAL_MAPPING,
766 #endif
767 - ES("Too many processes") },
768 + 1, ES("Too many processes") },
769 { BSM_ERRNO_EBADRPC,
770 #ifdef EBADRPC
771 EBADRPC,
772 #else
773 ERRNO_NO_LOCAL_MAPPING,
774 #endif
775 - ES("RPC struct is bad") },
776 + 1, ES("RPC struct is bad") },
777 { BSM_ERRNO_ERPCMISMATCH,
778 #ifdef ERPCMISMATCH
779 ERPCMISMATCH,
780 #else
781 ERRNO_NO_LOCAL_MAPPING,
782 #endif
783 - ES("RPC version wrong") },
784 + 1, ES("RPC version wrong") },
785 { BSM_ERRNO_EPROGUNAVAIL,
786 #ifdef EPROGUNAVAIL
787 EPROGUNAVAIL,
788 #else
789 ERRNO_NO_LOCAL_MAPPING,
790 #endif
791 - ES("RPC prog. not avail") },
792 + 1, ES("RPC prog. not avail") },
793 { BSM_ERRNO_EPROGMISMATCH,
794 #ifdef EPROGMISMATCH
795 EPROGMISMATCH,
796 #else
797 ERRNO_NO_LOCAL_MAPPING,
798 #endif
799 - ES("RPC version wrong") },
800 + 1, ES("RPC version wrong") },
801 { BSM_ERRNO_EPROCUNAVAIL,
802 #ifdef EPROCUNAVAIL
803 EPROCUNAVAIL,
804 #else
805 ERRNO_NO_LOCAL_MAPPING,
806 #endif
807 - ES("Bad procedure for program") },
808 + 1, ES("Bad procedure for program") },
809 { BSM_ERRNO_EFTYPE,
810 #ifdef EFTYPE
811 EFTYPE,
812 #else
813 ERRNO_NO_LOCAL_MAPPING,
814 #endif
815 - ES("Inappropriate file type or format") },
816 + 1, ES("Inappropriate file type or format") },
817 { BSM_ERRNO_EAUTH,
818 #ifdef EAUTH
819 EAUTH,
820 #else
821 ERRNO_NO_LOCAL_MAPPING,
822 #endif
823 - ES("Authenticateion error") },
824 + 1, ES("Authenticateion error") },
825 { BSM_ERRNO_ENEEDAUTH,
826 #ifdef ENEEDAUTH
827 ENEEDAUTH,
828 #else
829 ERRNO_NO_LOCAL_MAPPING,
830 #endif
831 - ES("Need authenticator") },
832 + 1, ES("Need authenticator") },
833 { BSM_ERRNO_ENOATTR,
834 #ifdef ENOATTR
835 ENOATTR,
836 #else
837 ERRNO_NO_LOCAL_MAPPING,
838 #endif
839 - ES("Attribute not found") },
840 + 1, ES("Attribute not found") },
841 { BSM_ERRNO_EDOOFUS,
842 #ifdef EDOOFUS
843 EDOOFUS,
844 #else
845 ERRNO_NO_LOCAL_MAPPING,
846 #endif
847 - ES("Programming error") },
848 + 1, ES("Programming error") },
849 { BSM_ERRNO_EJUSTRETURN,
850 #ifdef EJUSTRETURN
851 EJUSTRETURN,
852 #else
853 ERRNO_NO_LOCAL_MAPPING,
854 #endif
855 - ES("Just return") },
856 + 1, ES("Just return") },
857 { BSM_ERRNO_ENOIOCTL,
858 #ifdef ENOIOCTL
859 ENOIOCTL,
860 #else
861 ERRNO_NO_LOCAL_MAPPING,
862 #endif
863 - ES("ioctl not handled by this layer") },
864 + 1, ES("ioctl not handled by this layer") },
865 { BSM_ERRNO_EDIRIOCTL,
866 #ifdef EDIRIOCTL
867 EDIRIOCTL,
868 #else
869 ERRNO_NO_LOCAL_MAPPING,
870 #endif
871 - ES("do direct ioctl in GEOM") },
872 + 1, ES("do direct ioctl in GEOM") },
873 { BSM_ERRNO_EPWROFF,
874 #ifdef EPWROFF
875 EPWROFF,
876 #else
877 ERRNO_NO_LOCAL_MAPPING,
878 #endif
879 - ES("Device power is off") },
880 + 1, ES("Device power is off") },
881 { BSM_ERRNO_EDEVERR,
882 #ifdef EDEVERR
883 EDEVERR,
884 #else
885 ERRNO_NO_LOCAL_MAPPING,
886 #endif
887 - ES("Device error") },
888 + 1, ES("Device error") },
889 { BSM_ERRNO_EBADEXEC,
890 #ifdef EBADEXEC
891 EBADEXEC,
892 #else
893 ERRNO_NO_LOCAL_MAPPING,
894 #endif
895 - ES("Bad executable") },
896 + 1, ES("Bad executable") },
897 { BSM_ERRNO_EBADARCH,
898 #ifdef EBADARCH
899 EBADARCH,
900 #else
901 ERRNO_NO_LOCAL_MAPPING,
902 #endif
903 - ES("Bad CPU type in executable") },
904 + 1, ES("Bad CPU type in executable") },
905 { BSM_ERRNO_ESHLIBVERS,
906 #ifdef ESHLIBVERS
907 ESHLIBVERS,
908 #else
909 ERRNO_NO_LOCAL_MAPPING,
910 #endif
911 - ES("Shared library version mismatch") },
912 + 1, ES("Shared library version mismatch") },
913 { BSM_ERRNO_EBADMACHO,
914 #ifdef EBADMACHO
915 EBADMACHO,
916 #else
917 ERRNO_NO_LOCAL_MAPPING,
918 #endif
919 - ES("Malformed Macho file") },
920 + 1, ES("Malformed Macho file") },
921 { BSM_ERRNO_EPOLICY,
922 #ifdef EPOLICY
923 EPOLICY,
924 #else
925 ERRNO_NO_LOCAL_MAPPING,
926 #endif
927 - ES("Operation failed by policy") },
928 + 1, ES("Operation failed by policy") },
929 { BSM_ERRNO_EDOTDOT,
930 #ifdef EDOTDOT
931 EDOTDOT,
932 #else
933 ERRNO_NO_LOCAL_MAPPING,
934 #endif
935 - ES("RFS specific error") },
936 + 1, ES("RFS specific error") },
937 { BSM_ERRNO_EUCLEAN,
938 #ifdef EUCLEAN
939 EUCLEAN,
940 #else
941 ERRNO_NO_LOCAL_MAPPING,
942 #endif
943 - ES("Structure needs cleaning") },
944 + 1, ES("Structure needs cleaning") },
945 { BSM_ERRNO_ENOTNAM,
946 #ifdef ENOTNAM
947 ENOTNAM,
948 #else
949 ERRNO_NO_LOCAL_MAPPING,
950 #endif
951 - ES("Not a XENIX named type file") },
952 + 1, ES("Not a XENIX named type file") },
953 { BSM_ERRNO_ENAVAIL,
954 #ifdef ENAVAIL
955 ENAVAIL,
956 #else
957 ERRNO_NO_LOCAL_MAPPING,
958 #endif
959 - ES("No XENIX semaphores available") },
960 + 1, ES("No XENIX semaphores available") },
961 { BSM_ERRNO_EISNAM,
962 #ifdef EISNAM
963 EISNAM,
964 #else
965 ERRNO_NO_LOCAL_MAPPING,
966 #endif
967 - ES("Is a named type file") },
968 + 1, ES("Is a named type file") },
969 { BSM_ERRNO_EREMOTEIO,
970 #ifdef EREMOTEIO
971 EREMOTEIO,
972 #else
973 ERRNO_NO_LOCAL_MAPPING,
974 #endif
975 - ES("Remote I/O error") },
976 + 1, ES("Remote I/O error") },
977 { BSM_ERRNO_ENOMEDIUM,
978 #ifdef ENOMEDIUM
979 ENOMEDIUM,
980 #else
981 ERRNO_NO_LOCAL_MAPPING,
982 #endif
983 - ES("No medium found") },
984 + 1, ES("No medium found") },
985 { BSM_ERRNO_EMEDIUMTYPE,
986 #ifdef EMEDIUMTYPE
987 EMEDIUMTYPE,
988 #else
989 ERRNO_NO_LOCAL_MAPPING,
990 #endif
991 - ES("Wrong medium type") },
992 + 1, ES("Wrong medium type") },
993 { BSM_ERRNO_ENOKEY,
994 #ifdef ENOKEY
995 ENOKEY,
996 #else
997 ERRNO_NO_LOCAL_MAPPING,
998 #endif
999 - ES("Required key not available") },
1000 + 1, ES("Required key not available") },
1001 { BSM_ERRNO_EKEYEXPIRED,
1002 #ifdef EKEEXPIRED
1003 EKEYEXPIRED,
1004 #else
1005 ERRNO_NO_LOCAL_MAPPING,
1006 #endif
1007 - ES("Key has expired") },
1008 + 1, ES("Key has expired") },
1009 { BSM_ERRNO_EKEYREVOKED,
1010 #ifdef EKEYREVOKED
1011 EKEYREVOKED,
1012 #else
1013 ERRNO_NO_LOCAL_MAPPING,
1014 #endif
1015 - ES("Key has been revoked") },
1016 + 1, ES("Key has been revoked") },
1017 { BSM_ERRNO_EKEYREJECTED,
1018 -#ifdef EKEREJECTED
1019 +#ifdef EKEYREJECTED
1020 EKEYREJECTED,
1021 #else
1022 ERRNO_NO_LOCAL_MAPPING,
1023 #endif
1024 - ES("Key was rejected by service") },
1025 + 1, ES("Key was rejected by service") },
1026 + { BSM_NFS_ERRNO_WFLUSH,
1027 +#ifdef NFSERR_WFLUSH
1028 + NFSERR_WFLUSH,
1029 +#else
1030 + ERRNO_NO_LOCAL_MAPPING,
1031 +#endif
1032 + 0, ES("The server's write cache used in the WRITECACHE call got flushed to disk") },
1033 + { BSM_NFS_ERRNO_BADHANDLE,
1034 +#ifdef NFSERR_BADHANDLE
1035 + NFSERR_BADHANDLE,
1036 +#else
1037 + ERRNO_NO_LOCAL_MAPPING,
1038 +#endif
1039 + 0, ES("Illegal NFS filehandle") },
1040 + { BSM_NFS_ERRNO_NOT_SYNC,
1041 +#ifdef NFSERR_NOT_SYNC
1042 + NFSERR_NOT_SYNC,
1043 +#else
1044 + ERRNO_NO_LOCAL_MAPPING,
1045 +#endif
1046 + 0, ES("Update synchronization mismatch detected during a SETATTR operation") },
1047 + { BSM_NFS_ERRNO_BAD_COOKIE,
1048 +#ifdef NFSERR_BAD_COOKIE
1049 + NFSERR_BAD_COOKIE,
1050 +#else
1051 + ERRNO_NO_LOCAL_MAPPING,
1052 +#endif
1053 + 0, ES("READDIR cookie is stale") },
1054 + { BSM_NFS_ERRNO_NOTSUPP,
1055 +#ifdef NFSERR_NOTSUPP
1056 + NFSERR_NOTSUPP,
1057 +#else
1058 + ERRNO_NO_LOCAL_MAPPING,
1059 +#endif
1060 + 0, ES("operation not supported") },
1061 + { BSM_NFS_ERRNO_TOOSMALL,
1062 +#ifdef NFSERR_TOOSMALL
1063 + NFSERR_TOOSMALL,
1064 +#else
1065 + ERRNO_NO_LOCAL_MAPPING,
1066 +#endif
1067 + 0, ES("response limit exceeded") },
1068 + { BSM_NFS_ERRNO_SERVERFAULT,
1069 +#ifdef NFSERR_SERVERFAULT
1070 + NFSERR_SERVERFAULT,
1071 +#else
1072 + ERRNO_NO_LOCAL_MAPPING,
1073 +#endif
1074 + 0, ES("undefined server error") },
1075 + { BSM_NFS_ERRNO_BADTYPE,
1076 +#ifdef NFSERR_BADTYPE
1077 + NFSERR_BADTYPE,
1078 +#else
1079 + ERRNO_NO_LOCAL_MAPPING,
1080 +#endif
1081 + 0, ES("type invalid for CREATE") },
1082 + { BSM_NFS_ERRNO_DELAY,
1083 +#ifdef NFSERR_DELAY
1084 + NFSERR_DELAY,
1085 +#else
1086 + ERRNO_NO_LOCAL_MAPPING,
1087 +#endif
1088 + 0, ES("file \"busy\" - retry") },
1089 + { BSM_NFS_ERRNO_SAME,
1090 +#ifdef NFSERR_SAME
1091 + NFSERR_SAME,
1092 +#else
1093 + ERRNO_NO_LOCAL_MAPPING,
1094 +#endif
1095 + 0, ES("nverify says attrs same") },
1096 + { BSM_NFS_ERRNO_DENIED,
1097 +#ifdef NFSERR_DENIED
1098 + NFSERR_DENIED,
1099 +#else
1100 + ERRNO_NO_LOCAL_MAPPING,
1101 +#endif
1102 + 0, ES("lock unavailable") },
1103 + { BSM_NFS_ERRNO_EXPIRED,
1104 +#ifdef NFSERR_EXPIRED
1105 + NFSERR_EXPIRED,
1106 +#else
1107 + ERRNO_NO_LOCAL_MAPPING,
1108 +#endif
1109 + 0, ES("lock lease expired") },
1110 + { BSM_NFS_ERRNO_LOCKED,
1111 +#ifdef NFSERR_LOCKED
1112 + NFSERR_LOCKED,
1113 +#else
1114 + ERRNO_NO_LOCAL_MAPPING,
1115 +#endif
1116 + 0, ES("I/O failed due to lock") },
1117 + { BSM_NFS_ERRNO_GRACE,
1118 +#ifdef NFSERR_GRACE
1119 + NFSERR_GRACE,
1120 +#else
1121 + ERRNO_NO_LOCAL_MAPPING,
1122 +#endif
1123 + 0, ES("in grace period") },
1124 + { BSM_NFS_ERRNO_FHEXPIRED,
1125 +#ifdef NFSERR_FHEXPIRED
1126 + NFSERR_FHEXPIRED,
1127 +#else
1128 + ERRNO_NO_LOCAL_MAPPING,
1129 +#endif
1130 + 0, ES("filehandle expired") },
1131 + { BSM_NFS_ERRNO_SHAREDENIED,
1132 +#ifdef NFSERR_SHAREDENIED
1133 + NFSERR_SHAREDENIED,
1134 +#else
1135 + ERRNO_NO_LOCAL_MAPPING,
1136 +#endif
1137 + 0, ES("share reserve denied") },
1138 + { BSM_NFS_ERRNO_WRONGSEC,
1139 +#ifdef NFSERR_WRONGSEC
1140 + NFSERR_WRONGSEC,
1141 +#else
1142 + ERRNO_NO_LOCAL_MAPPING,
1143 +#endif
1144 + 0, ES("wrong security flavor") },
1145 + { BSM_NFS_ERRNO_CLIDINUSE,
1146 +#ifdef NFSERR_CLIDINUSE
1147 + NFSERR_CLIDINUSE,
1148 +#else
1149 + ERRNO_NO_LOCAL_MAPPING,
1150 +#endif
1151 + 0, ES("clientid in use") },
1152 + { BSM_NFS_ERRNO_RESOURCE,
1153 +#ifdef NFSERR_RESOURCE
1154 + NFSERR_RESOURCE,
1155 +#else
1156 + ERRNO_NO_LOCAL_MAPPING,
1157 +#endif
1158 + 0, ES("resource exhaustion") },
1159 + { BSM_NFS_ERRNO_MOVED,
1160 +#ifdef NFSERR_MOVED
1161 + NFSERR_MOVED,
1162 +#else
1163 + ERRNO_NO_LOCAL_MAPPING,
1164 +#endif
1165 + 0, ES("filesystem relocated") },
1166 + { BSM_NFS_ERRNO_NOFILEHANDLE,
1167 +#ifdef NFSERR_NOFILEHANDLE
1168 + NFSERR_NOFILEHANDLE,
1169 +#else
1170 + ERRNO_NO_LOCAL_MAPPING,
1171 +#endif
1172 + 0, ES("current FH is not set") },
1173 + { BSM_NFS_ERRNO_MINORVERMISMATCH,
1174 +#ifdef NFSERR_MINORVERMISMATCH
1175 + NFSERR_MINORVERMISMATCH,
1176 +#else
1177 + ERRNO_NO_LOCAL_MAPPING,
1178 +#endif
1179 + 0, ES("minor vers not supp") },
1180 + { BSM_NFS_ERRNO_STALECLIENTID,
1181 +#ifdef NFSERR_STALECLIENTID
1182 + NFSERR_STALECLIENTID,
1183 +#else
1184 + ERRNO_NO_LOCAL_MAPPING,
1185 +#endif
1186 + 0, ES("server has rebooted") },
1187 + { BSM_NFS_ERRNO_STALESTATEID,
1188 +#ifdef NFSERR_STALESTATEID
1189 + NFSERR_STALESTATEID,
1190 +#else
1191 + ERRNO_NO_LOCAL_MAPPING,
1192 +#endif
1193 + 0, ES("server has rebooted") },
1194 + { BSM_NFS_ERRNO_OLDSTATEID,
1195 +#ifdef NFSERR_OLDSTATEID
1196 + NFSERR_OLDSTATEID,
1197 +#else
1198 + ERRNO_NO_LOCAL_MAPPING,
1199 +#endif
1200 + 0, ES("state is out of sync") },
1201 + { BSM_NFS_ERRNO_BADSTATEID,
1202 +#ifdef NFSERR_BADSTATEID
1203 + NFSERR_BADSTATEID,
1204 +#else
1205 + ERRNO_NO_LOCAL_MAPPING,
1206 +#endif
1207 + 0, ES("incorrect stateid") },
1208 + { BSM_NFS_ERRNO_BADSEQID,
1209 +#ifdef NFSERR_BADSEQID
1210 + NFSERR_BADSEQID,
1211 +#else
1212 + ERRNO_NO_LOCAL_MAPPING,
1213 +#endif
1214 + 0, ES("request is out of seq") },
1215 + { BSM_NFS_ERRNO_NOTSAME,
1216 +#ifdef NFSERR_NOTSAME
1217 + NFSERR_NOTSAME,
1218 +#else
1219 + ERRNO_NO_LOCAL_MAPPING,
1220 +#endif
1221 + 0, ES("verify - attrs not same") },
1222 + { BSM_NFS_ERRNO_LOCKRANGE,
1223 +#ifdef NFSERR_LOCKRANGE
1224 + NFSERR_LOCKRANGE,
1225 +#else
1226 + ERRNO_NO_LOCAL_MAPPING,
1227 +#endif
1228 + 0, ES("lock range not supported") },
1229 + { BSM_NFS_ERRNO_SYMLINK,
1230 +#ifdef NFSERR_SYMLINK
1231 + NFSERR_SYMLINK,
1232 +#else
1233 + ERRNO_NO_LOCAL_MAPPING,
1234 +#endif
1235 + 0, ES("should be file/directory") },
1236 + { BSM_NFS_ERRNO_RESTOREFH,
1237 +#ifdef NFSERR_RESTOREFH
1238 + NFSERR_RESTOREFH,
1239 +#else
1240 + ERRNO_NO_LOCAL_MAPPING,
1241 +#endif
1242 + 0, ES("no saved filehandle") },
1243 + { BSM_NFS_ERRNO_LEASEMOVED,
1244 +#ifdef NFSERR_LEASEMOVED
1245 + NFSERR_LEASEMOVED,
1246 +#else
1247 + ERRNO_NO_LOCAL_MAPPING,
1248 +#endif
1249 + 0, ES("some filesystem moved") },
1250 + { BSM_NFS_ERRNO_ATTRNOTSUPP,
1251 +#ifdef NFSERR_ATTRNOTSUPP
1252 + NFSERR_ATTRNOTSUPP,
1253 +#else
1254 + ERRNO_NO_LOCAL_MAPPING,
1255 +#endif
1256 + 0, ES("recommended attr not sup") },
1257 + { BSM_NFS_ERRNO_NOGRACE,
1258 +#ifdef NFSERR_NOGRACE
1259 + NFSERR_NOGRACE,
1260 +#else
1261 + ERRNO_NO_LOCAL_MAPPING,
1262 +#endif
1263 + 0, ES("reclaim outside of grace") },
1264 + { BSM_NFS_ERRNO_RECLAIMBAD,
1265 +#ifdef NFSERR_RECLAIMBAD
1266 + NFSERR_RECLAIMBAD,
1267 +#else
1268 + ERRNO_NO_LOCAL_MAPPING,
1269 +#endif
1270 + 0, ES("reclaim error at server") },
1271 + { BSM_NFS_ERRNO_RECLAIMCONFLICT,
1272 +#ifdef NFSERR_RECLAIMCONFLICT
1273 + NFSERR_RECLAIMCONFLICT,
1274 +#else
1275 + ERRNO_NO_LOCAL_MAPPING,
1276 +#endif
1277 + 0, ES("conflict on reclaim") },
1278 + { BSM_NFS_ERRNO_BADXDR,
1279 +#ifdef NFSERR_BADXDR
1280 + NFSERR_BADXDR,
1281 +#else
1282 + ERRNO_NO_LOCAL_MAPPING,
1283 +#endif
1284 + 0, ES("XDR decode failed") },
1285 + { BSM_NFS_ERRNO_LOCKSHELD,
1286 +#ifdef NFSERR_LOCKSHELD
1287 + NFSERR_LOCKSHELD,
1288 +#else
1289 + ERRNO_NO_LOCAL_MAPPING,
1290 +#endif
1291 + 0, ES("file locks held at CLOSE") },
1292 + { BSM_NFS_ERRNO_OPENMODE,
1293 +#ifdef NFSERR_OPENMODE
1294 + NFSERR_OPENMODE,
1295 +#else
1296 + ERRNO_NO_LOCAL_MAPPING,
1297 +#endif
1298 + 0, ES("conflict in OPEN and I/O") },
1299 + { BSM_NFS_ERRNO_BADOWNER,
1300 +#ifdef NFSERR_BADOWNER
1301 + NFSERR_BADOWNER,
1302 +#else
1303 + ERRNO_NO_LOCAL_MAPPING,
1304 +#endif
1305 + 0, ES("owner translation bad") },
1306 + { BSM_NFS_ERRNO_BADCHAR,
1307 +#ifdef NFSERR_BADCHAR
1308 + NFSERR_BADCHAR,
1309 +#else
1310 + ERRNO_NO_LOCAL_MAPPING,
1311 +#endif
1312 + 0, ES("utf-8 char not supported") },
1313 + { BSM_NFS_ERRNO_BADNAME,
1314 +#ifdef NFSERR_BADNAME
1315 + NFSERR_BADNAME,
1316 +#else
1317 + ERRNO_NO_LOCAL_MAPPING,
1318 +#endif
1319 + 0, ES("name not supported") },
1320 + { BSM_NFS_ERRNO_BADRANGE,
1321 +#ifdef NFSERR_BADRANGE
1322 + NFSERR_BADRANGE,
1323 +#else
1324 + ERRNO_NO_LOCAL_MAPPING,
1325 +#endif
1326 + 0, ES("lock range not supported") },
1327 + { BSM_NFS_ERRNO_LOCKNOTSUPP,
1328 +#ifdef NFSERR_LOCKNOTSUPP
1329 + NFSERR_LOCKNOTSUPP,
1330 +#else
1331 + ERRNO_NO_LOCAL_MAPPING,
1332 +#endif
1333 + 0, ES("no atomic up/downgrade") },
1334 + { BSM_NFS_ERRNO_OPILLEGAL,
1335 +#ifdef NFSERR_OPILLEGAL
1336 + NFSERR_OPILLEGAL,
1337 +#else
1338 + ERRNO_NO_LOCAL_MAPPING,
1339 +#endif
1340 + 0, ES("undefined operation") },
1341 + { BSM_NFS_ERRNO_DEADLOCK,
1342 +#ifdef NFSERR_DEADLOCK
1343 + NFSERR_DEADLOCK,
1344 +#else
1345 + ERRNO_NO_LOCAL_MAPPING,
1346 +#endif
1347 + 0, ES("file locking deadlock") },
1348 + { BSM_NFS_ERRNO_FILEOPEN,
1349 +#ifdef NFSERR_FILEOPEN
1350 + NFSERR_FILEOPEN,
1351 +#else
1352 + ERRNO_NO_LOCAL_MAPPING,
1353 +#endif
1354 + 0, ES("open file blocks op") },
1355 + { BSM_NFS_ERRNO_ADMINREVOKED,
1356 +#ifdef NFSERR_ADMINREVOKED
1357 + NFSERR_ADMINREVOKED,
1358 +#else
1359 + ERRNO_NO_LOCAL_MAPPING,
1360 +#endif
1361 + 0, ES("lockowner state revoked") },
1362 + { BSM_NFS_ERRNO_CBPATHDOWN,
1363 +#ifdef NFSERR_CBPATHDOWN
1364 + NFSERR_CBPATHDOWN,
1365 +#else
1366 + ERRNO_NO_LOCAL_MAPPING,
1367 +#endif
1368 + 0, ES("callback path down") },
1369 };
1370 static const int bsm_errnos_count = sizeof(bsm_errnos) / sizeof(bsm_errnos[0]);
1371
1372 @@ -703,7 +1048,7 @@
1373 * Conversion to the BSM errno space isn't allowed to fail; we simply map to
1374 * BSM_ERRNO_UNKNOWN and let the remote endpoint deal with it.
1375 */
1376 -u_char
1377 +int
1378 au_errno_to_bsm(int local_errno)
1379 {
1380 const struct bsm_errno *bsme;
1381 @@ -715,7 +1060,7 @@
1382 }
1383
1384 static const struct bsm_errno *
1385 -bsm_lookup_errno_bsm(u_char bsm_errno)
1386 +bsm_lookup_errno_bsm(int bsm_errno)
1387 {
1388 int i;
1389
1390 @@ -732,7 +1077,7 @@
1391 * appropriate local mapping.
1392 */
1393 int
1394 -au_bsm_to_errno(u_char bsm_errno, int *errorp)
1395 +au_bsm_to_errno(int bsm_errno, int *errorp)
1396 {
1397 const struct bsm_errno *bsme;
1398
1399 @@ -745,14 +1090,14 @@
1400
1401 #if !defined(KERNEL) && !defined(_KERNEL)
1402 const char *
1403 -au_strerror(u_char bsm_errno)
1404 +au_strerror(int bsm_errno)
1405 {
1406 const struct bsm_errno *bsme;
1407
1408 bsme = bsm_lookup_errno_bsm(bsm_errno);
1409 if (bsme == NULL)
1410 return ("Unrecognized BSM error");
1411 - if (bsme->be_local_errno != ERRNO_NO_LOCAL_MAPPING)
1412 + if (bsme->be_local_errno != ERRNO_NO_LOCAL_MAPPING && bsme->be_use_strerror != 0)
1413 return (strerror(bsme->be_local_errno));
1414 return (bsme->be_strerror);
1415 }
1416 --- //depot/vendor/freebsd/src/contrib/openbsm/libbsm/bsm_io.c 2009-07-17 14:37:30.000000000 0000
1417 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/libbsm/bsm_io.c 2010-08-07 16:49:25.000000000 0000
1418 @@ -60,6 +60,7 @@
1419
1420 #include <sys/stat.h>
1421 #include <sys/socket.h>
1422 +#include <sys/vnode.h>
1423
1424 #include <bsm/libbsm.h>
1425
1426 @@ -587,12 +588,14 @@
1427 * Prints a user value.
1428 */
1429 static void
1430 -print_user(FILE *fp, u_int32_t usr, char raw)
1431 +print_user(FILE *fp, u_int32_t usr, char raw, char rawcred)
1432 {
1433 struct passwd *pwent;
1434
1435 if (raw)
1436 fprintf(fp, "%d", usr);
1437 + else if (rawcred)
1438 + fprintf(fp, "%d", usr);
1439 else {
1440 pwent = getpwuid(usr);
1441 if (pwent != NULL)
1442 @@ -606,12 +609,14 @@
1443 * Prints a group value.
1444 */
1445 static void
1446 -print_group(FILE *fp, u_int32_t grp, char raw)
1447 +print_group(FILE *fp, u_int32_t grp, char raw, char rawcred)
1448 {
1449 struct group *grpent;
1450
1451 if (raw)
1452 fprintf(fp, "%d", grp);
1453 + else if (rawcred)
1454 + fprintf(fp, "%d", grp);
1455 else {
1456 grpent = getgrgid(grp);
1457 if (grpent != NULL)
1458 @@ -773,10 +778,48 @@
1459 }
1460
1461 /*
1462 + * prints a string value for the protocol used
1463 + */
1464 +static void
1465 +print_protocol(FILE *fp, int protocol, char raw)
1466 +{
1467 + char *protocols[] = {
1468 + "NFSv2",
1469 + "NFSv3",
1470 + "NFSv4",
1471 + "Unknown Protocol"
1472 + };
1473 + char *prot;
1474 +
1475 + if (raw)
1476 + fprintf(fp, "%u", protocol);
1477 + else {
1478 + switch (protocol) {
1479 + case ND_NFSV2:
1480 + prot = protocols[0];
1481 + break;
1482 +
1483 + case ND_NFSV3:
1484 + prot = protocols[1];
1485 + break;
1486 +
1487 + case ND_NFSV4:
1488 + prot = protocols[2];
1489 + break;
1490 +
1491 + default:
1492 + prot = protocols[3];
1493 + break;
1494 + }
1495 + fprintf(fp, "%s", prot);
1496 + }
1497 +}
1498 +
1499 +/*
1500 * Prints return value as success or failure.
1501 */
1502 static void
1503 -print_retval(FILE *fp, u_char status, char raw)
1504 +print_retval(FILE *fp, int status, char raw)
1505 {
1506 int error;
1507
1508 @@ -785,21 +828,55 @@
1509 else {
1510 /*
1511 * Convert to a local error number and print the OS's version
1512 - * of the error string if possible. We may want to provide
1513 - * an au_strerror(3) in the future so that we can print
1514 - * strings for non-local errors.
1515 + * of the error string if possible.
1516 + * We are now using au_strerror(3) because strerror(3) may fail
1517 + * to map error codes to error messages for some security events
1518 + * such as NFS RPCs.
1519 */
1520 if (au_bsm_to_errno(status, &error) == 0) {
1521 if (error == 0)
1522 fprintf(fp, "success");
1523 else
1524 - fprintf(fp, "failure : %s", strerror(error));
1525 + fprintf(fp, "failure : %s", au_strerror(status));
1526 } else
1527 fprintf(fp, "failure: Unknown error: %d", status);
1528 }
1529 }
1530
1531 /*
1532 + * prints a string value for a vnode type
1533 + */
1534 +static void
1535 +print_vtype(FILE *fp, int vtype, char raw)
1536 +{
1537 + char *vtypes[] = {
1538 + "VNON",
1539 + "VREG",
1540 + "VDIR",
1541 + "VBLK",
1542 + "VCHR",
1543 + "VLNK",
1544 + "VSOCK",
1545 + "VFIFO",
1546 + "VBAD",
1547 + "VMARKER"
1548 + };
1549 + char *vt;
1550 +
1551 + if (raw)
1552 + fprintf(fp, "%u", vtype);
1553 + else {
1554 + if (vtype != VCHR && vtype != VBLK && vtype != VSOCK && vtype != VFIFO
1555 + && vtype != VNON && vtype != VREG && vtype != VDIR && vtype != VLNK
1556 + && vtype != VBAD && vtype != VMARKER)
1557 + vt = vtypes[VBAD];
1558 + else
1559 + vt = vtypes[vtype];
1560 + fprintf(fp, "%s", vt);
1561 + }
1562 +}
1563 +
1564 +/*
1565 * Prints the exit value.
1566 */
1567 static void
1568 @@ -1645,7 +1722,7 @@
1569
1570 static void
1571 print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1572 - __unused char sfrm, int xml)
1573 + __unused char sfrm, int xml, char rawcred)
1574 {
1575
1576 print_tok_type(fp, tok->id, "attribute", raw, xml);
1577 @@ -1654,10 +1731,10 @@
1578 print_4_bytes(fp, tok->tt.attr32.mode, "%o");
1579 close_attr(fp);
1580 open_attr(fp, "uid");
1581 - print_user(fp, tok->tt.attr32.uid, raw);
1582 + print_user(fp, tok->tt.attr32.uid, raw, rawcred);
1583 close_attr(fp);
1584 open_attr(fp, "gid");
1585 - print_group(fp, tok->tt.attr32.gid, raw);
1586 + print_group(fp, tok->tt.attr32.gid, raw, rawcred);
1587 close_attr(fp);
1588 open_attr(fp, "fsid");
1589 print_4_bytes(fp, tok->tt.attr32.fsid, "%u");
1590 @@ -1673,9 +1750,9 @@
1591 print_delim(fp, del);
1592 print_4_bytes(fp, tok->tt.attr32.mode, "%o");
1593 print_delim(fp, del);
1594 - print_user(fp, tok->tt.attr32.uid, raw);
1595 + print_user(fp, tok->tt.attr32.uid, raw, rawcred);
1596 print_delim(fp, del);
1597 - print_group(fp, tok->tt.attr32.gid, raw);
1598 + print_group(fp, tok->tt.attr32.gid, raw, rawcred);
1599 print_delim(fp, del);
1600 print_4_bytes(fp, tok->tt.attr32.fsid, "%u");
1601 print_delim(fp, del);
1602 @@ -1727,7 +1804,7 @@
1603
1604 static void
1605 print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1606 - __unused char sfrm, int xml)
1607 + __unused char sfrm, int xml, char rawcred)
1608 {
1609
1610 print_tok_type(fp, tok->id, "attribute", raw, xml);
1611 @@ -1736,10 +1813,10 @@
1612 print_4_bytes(fp, tok->tt.attr64.mode, "%o");
1613 close_attr(fp);
1614 open_attr(fp, "uid");
1615 - print_user(fp, tok->tt.attr64.uid, raw);
1616 + print_user(fp, tok->tt.attr64.uid, raw, rawcred);
1617 close_attr(fp);
1618 open_attr(fp, "gid");
1619 - print_group(fp, tok->tt.attr64.gid, raw);
1620 + print_group(fp, tok->tt.attr64.gid, raw, rawcred);
1621 close_attr(fp);
1622 open_attr(fp, "fsid");
1623 print_4_bytes(fp, tok->tt.attr64.fsid, "%u");
1624 @@ -1755,9 +1832,9 @@
1625 print_delim(fp, del);
1626 print_4_bytes(fp, tok->tt.attr64.mode, "%o");
1627 print_delim(fp, del);
1628 - print_user(fp, tok->tt.attr64.uid, raw);
1629 + print_user(fp, tok->tt.attr64.uid, raw, rawcred);
1630 print_delim(fp, del);
1631 - print_group(fp, tok->tt.attr64.gid, raw);
1632 + print_group(fp, tok->tt.attr64.gid, raw, rawcred);
1633 print_delim(fp, del);
1634 print_4_bytes(fp, tok->tt.attr64.fsid, "%u");
1635 print_delim(fp, del);
1636 @@ -2010,7 +2087,7 @@
1637
1638 static void
1639 print_newgroups_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1640 - __unused char sfrm, int xml)
1641 + __unused char sfrm, int xml, char rawcred)
1642 {
1643 int i;
1644
1645 @@ -2018,12 +2095,12 @@
1646 for (i = 0; i < tok->tt.grps.no; i++) {
1647 if (xml) {
1648 fprintf(fp, "<gid>");
1649 - print_group(fp, tok->tt.grps.list[i], raw);
1650 + print_group(fp, tok->tt.grps.list[i], raw, rawcred);
1651 fprintf(fp, "</gid>");
1652 close_tag(fp, tok->id);
1653 } else {
1654 print_delim(fp, del);
1655 - print_group(fp, tok->tt.grps.list[i], raw);
1656 + print_group(fp, tok->tt.grps.list[i], raw, rawcred);
1657 }
1658 }
1659 }
1660 @@ -2316,22 +2393,22 @@
1661
1662 static void
1663 print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1664 - __unused char sfrm, int xml)
1665 + __unused char sfrm, int xml, char rawcred)
1666 {
1667
1668 print_tok_type(fp, tok->id, "IPC perm", raw, xml);
1669 if (xml) {
1670 open_attr(fp, "uid");
1671 - print_user(fp, tok->tt.ipcperm.uid, raw);
1672 + print_user(fp, tok->tt.ipcperm.uid, raw, rawcred);
1673 close_attr(fp);
1674 open_attr(fp, "gid");
1675 - print_group(fp, tok->tt.ipcperm.gid, raw);
1676 + print_group(fp, tok->tt.ipcperm.gid, raw, rawcred);
1677 close_attr(fp);
1678 open_attr(fp, "creator-uid");
1679 - print_user(fp, tok->tt.ipcperm.puid, raw);
1680 + print_user(fp, tok->tt.ipcperm.puid, raw, rawcred);
1681 close_attr(fp);
1682 open_attr(fp, "creator-gid");
1683 - print_group(fp, tok->tt.ipcperm.pgid, raw);
1684 + print_group(fp, tok->tt.ipcperm.pgid, raw, rawcred);
1685 close_attr(fp);
1686 open_attr(fp, "mode");
1687 print_4_bytes(fp, tok->tt.ipcperm.mode, "%o");
1688 @@ -2345,13 +2422,13 @@
1689 close_tag(fp, tok->id);
1690 } else {
1691 print_delim(fp, del);
1692 - print_user(fp, tok->tt.ipcperm.uid, raw);
1693 + print_user(fp, tok->tt.ipcperm.uid, raw, rawcred);
1694 print_delim(fp, del);
1695 - print_group(fp, tok->tt.ipcperm.gid, raw);
1696 + print_group(fp, tok->tt.ipcperm.gid, raw, rawcred);
1697 print_delim(fp, del);
1698 - print_user(fp, tok->tt.ipcperm.puid, raw);
1699 + print_user(fp, tok->tt.ipcperm.puid, raw, rawcred);
1700 print_delim(fp, del);
1701 - print_group(fp, tok->tt.ipcperm.pgid, raw);
1702 + print_group(fp, tok->tt.ipcperm.pgid, raw, rawcred);
1703 print_delim(fp, del);
1704 print_4_bytes(fp, tok->tt.ipcperm.mode, "%o");
1705 print_delim(fp, del);
1706 @@ -2528,25 +2605,25 @@
1707
1708 static void
1709 print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1710 - __unused char sfrm, int xml)
1711 + __unused char sfrm, int xml, char rawcred)
1712 {
1713
1714 print_tok_type(fp, tok->id, "process", raw, xml);
1715 if (xml) {
1716 open_attr(fp, "audit-uid");
1717 - print_user(fp, tok->tt.proc32.auid, raw);
1718 + print_user(fp, tok->tt.proc32.auid, raw, rawcred);
1719 close_attr(fp);
1720 open_attr(fp, "uid");
1721 - print_user(fp, tok->tt.proc32.euid, raw);
1722 + print_user(fp, tok->tt.proc32.euid, raw, rawcred);
1723 close_attr(fp);
1724 open_attr(fp, "gid");
1725 - print_group(fp, tok->tt.proc32.egid, raw);
1726 + print_group(fp, tok->tt.proc32.egid, raw, rawcred);
1727 close_attr(fp);
1728 open_attr(fp, "ruid");
1729 - print_user(fp, tok->tt.proc32.ruid, raw);
1730 + print_user(fp, tok->tt.proc32.ruid, raw, rawcred);
1731 close_attr(fp);
1732 open_attr(fp, "rgid");
1733 - print_group(fp, tok->tt.proc32.rgid, raw);
1734 + print_group(fp, tok->tt.proc32.rgid, raw, rawcred);
1735 close_attr(fp);
1736 open_attr(fp, "pid");
1737 print_4_bytes(fp, tok->tt.proc32.pid, "%u");
1738 @@ -2561,15 +2638,15 @@
1739 close_tag(fp, tok->id);
1740 } else {
1741 print_delim(fp, del);
1742 - print_user(fp, tok->tt.proc32.auid, raw);
1743 + print_user(fp, tok->tt.proc32.auid, raw, rawcred);
1744 print_delim(fp, del);
1745 - print_user(fp, tok->tt.proc32.euid, raw);
1746 + print_user(fp, tok->tt.proc32.euid, raw, rawcred);
1747 print_delim(fp, del);
1748 - print_group(fp, tok->tt.proc32.egid, raw);
1749 + print_group(fp, tok->tt.proc32.egid, raw, rawcred);
1750 print_delim(fp, del);
1751 - print_user(fp, tok->tt.proc32.ruid, raw);
1752 + print_user(fp, tok->tt.proc32.ruid, raw, rawcred);
1753 print_delim(fp, del);
1754 - print_group(fp, tok->tt.proc32.rgid, raw);
1755 + print_group(fp, tok->tt.proc32.rgid, raw, rawcred);
1756 print_delim(fp, del);
1757 print_4_bytes(fp, tok->tt.proc32.pid, "%u");
1758 print_delim(fp, del);
1759 @@ -2641,24 +2718,24 @@
1760
1761 static void
1762 print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1763 - __unused char sfrm, int xml)
1764 + __unused char sfrm, int xml, char rawcred)
1765 {
1766 print_tok_type(fp, tok->id, "process", raw, xml);
1767 if (xml) {
1768 open_attr(fp, "audit-uid");
1769 - print_user(fp, tok->tt.proc64.auid, raw);
1770 + print_user(fp, tok->tt.proc64.auid, raw, rawcred);
1771 close_attr(fp);
1772 open_attr(fp, "uid");
1773 - print_user(fp, tok->tt.proc64.euid, raw);
1774 + print_user(fp, tok->tt.proc64.euid, raw, rawcred);
1775 close_attr(fp);
1776 open_attr(fp, "gid");
1777 - print_group(fp, tok->tt.proc64.egid, raw);
1778 + print_group(fp, tok->tt.proc64.egid, raw, rawcred);
1779 close_attr(fp);
1780 open_attr(fp, "ruid");
1781 - print_user(fp, tok->tt.proc64.ruid, raw);
1782 + print_user(fp, tok->tt.proc64.ruid, raw, rawcred);
1783 close_attr(fp);
1784 open_attr(fp, "rgid");
1785 - print_group(fp, tok->tt.proc64.rgid, raw);
1786 + print_group(fp, tok->tt.proc64.rgid, raw, rawcred);
1787 close_attr(fp);
1788 open_attr(fp, "pid");
1789 print_4_bytes(fp, tok->tt.proc64.pid, "%u");
1790 @@ -2673,15 +2750,15 @@
1791 close_tag(fp, tok->id);
1792 } else {
1793 print_delim(fp, del);
1794 - print_user(fp, tok->tt.proc64.auid, raw);
1795 + print_user(fp, tok->tt.proc64.auid, raw, rawcred);
1796 print_delim(fp, del);
1797 - print_user(fp, tok->tt.proc64.euid, raw);
1798 + print_user(fp, tok->tt.proc64.euid, raw, rawcred);
1799 print_delim(fp, del);
1800 - print_group(fp, tok->tt.proc64.egid, raw);
1801 + print_group(fp, tok->tt.proc64.egid, raw, rawcred);
1802 print_delim(fp, del);
1803 - print_user(fp, tok->tt.proc64.ruid, raw);
1804 + print_user(fp, tok->tt.proc64.ruid, raw, rawcred);
1805 print_delim(fp, del);
1806 - print_group(fp, tok->tt.proc64.rgid, raw);
1807 + print_group(fp, tok->tt.proc64.rgid, raw, rawcred);
1808 print_delim(fp, del);
1809 print_4_bytes(fp, tok->tt.proc64.pid, "%u");
1810 print_delim(fp, del);
1811 @@ -2768,25 +2845,25 @@
1812
1813 static void
1814 print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1815 - __unused char sfrm, int xml)
1816 + __unused char sfrm, int xml, char rawcred)
1817 {
1818
1819 print_tok_type(fp, tok->id, "process_ex", raw, xml);
1820 if (xml) {
1821 open_attr(fp, "audit-uid");
1822 - print_user(fp, tok->tt.proc32_ex.auid, raw);
1823 + print_user(fp, tok->tt.proc32_ex.auid, raw, rawcred);
1824 close_attr(fp);
1825 open_attr(fp, "uid");
1826 - print_user(fp, tok->tt.proc32_ex.euid, raw);
1827 + print_user(fp, tok->tt.proc32_ex.euid, raw, rawcred);
1828 close_attr(fp);
1829 open_attr(fp, "gid");
1830 - print_group(fp, tok->tt.proc32_ex.egid, raw);
1831 + print_group(fp, tok->tt.proc32_ex.egid, raw, rawcred);
1832 close_attr(fp);
1833 open_attr(fp, "ruid");
1834 - print_user(fp, tok->tt.proc32_ex.ruid, raw);
1835 + print_user(fp, tok->tt.proc32_ex.ruid, raw, rawcred);
1836 close_attr(fp);
1837 open_attr(fp, "rgid");
1838 - print_group(fp, tok->tt.proc32_ex.rgid, raw);
1839 + print_group(fp, tok->tt.proc32_ex.rgid, raw, rawcred);
1840 close_attr(fp);
1841 open_attr(fp, "pid");
1842 print_4_bytes(fp, tok->tt.proc32_ex.pid, "%u");
1843 @@ -2802,15 +2879,15 @@
1844 close_tag(fp, tok->id);
1845 } else {
1846 print_delim(fp, del);
1847 - print_user(fp, tok->tt.proc32_ex.auid, raw);
1848 + print_user(fp, tok->tt.proc32_ex.auid, raw, rawcred);
1849 print_delim(fp, del);
1850 - print_user(fp, tok->tt.proc32_ex.euid, raw);
1851 + print_user(fp, tok->tt.proc32_ex.euid, raw, rawcred);
1852 print_delim(fp, del);
1853 - print_group(fp, tok->tt.proc32_ex.egid, raw);
1854 + print_group(fp, tok->tt.proc32_ex.egid, raw, rawcred);
1855 print_delim(fp, del);
1856 - print_user(fp, tok->tt.proc32_ex.ruid, raw);
1857 + print_user(fp, tok->tt.proc32_ex.ruid, raw, rawcred);
1858 print_delim(fp, del);
1859 - print_group(fp, tok->tt.proc32_ex.rgid, raw);
1860 + print_group(fp, tok->tt.proc32_ex.rgid, raw, rawcred);
1861 print_delim(fp, del);
1862 print_4_bytes(fp, tok->tt.proc32_ex.pid, "%u");
1863 print_delim(fp, del);
1864 @@ -2898,24 +2975,24 @@
1865
1866 static void
1867 print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1868 - __unused char sfrm, int xml)
1869 + __unused char sfrm, int xml, char rawcred)
1870 {
1871 print_tok_type(fp, tok->id, "process_ex", raw, xml);
1872 if (xml) {
1873 open_attr(fp, "audit-uid");
1874 - print_user(fp, tok->tt.proc64_ex.auid, raw);
1875 + print_user(fp, tok->tt.proc64_ex.auid, raw, rawcred);
1876 close_attr(fp);
1877 open_attr(fp, "uid");
1878 - print_user(fp, tok->tt.proc64_ex.euid, raw);
1879 + print_user(fp, tok->tt.proc64_ex.euid, raw, rawcred);
1880 close_attr(fp);
1881 open_attr(fp, "gid");
1882 - print_group(fp, tok->tt.proc64_ex.egid, raw);
1883 + print_group(fp, tok->tt.proc64_ex.egid, raw, rawcred);
1884 close_attr(fp);
1885 open_attr(fp, "ruid");
1886 - print_user(fp, tok->tt.proc64_ex.ruid, raw);
1887 + print_user(fp, tok->tt.proc64_ex.ruid, raw, rawcred);
1888 close_attr(fp);
1889 open_attr(fp, "rgid");
1890 - print_group(fp, tok->tt.proc64_ex.rgid, raw);
1891 + print_group(fp, tok->tt.proc64_ex.rgid, raw, rawcred);
1892 close_attr(fp);
1893 open_attr(fp, "pid");
1894 print_4_bytes(fp, tok->tt.proc64_ex.pid, "%u");
1895 @@ -2931,15 +3008,15 @@
1896 close_tag(fp, tok->id);
1897 } else {
1898 print_delim(fp, del);
1899 - print_user(fp, tok->tt.proc64_ex.auid, raw);
1900 + print_user(fp, tok->tt.proc64_ex.auid, raw, rawcred);
1901 print_delim(fp, del);
1902 - print_user(fp, tok->tt.proc64_ex.euid, raw);
1903 + print_user(fp, tok->tt.proc64_ex.euid, raw, rawcred);
1904 print_delim(fp, del);
1905 - print_group(fp, tok->tt.proc64_ex.egid, raw);
1906 + print_group(fp, tok->tt.proc64_ex.egid, raw, rawcred);
1907 print_delim(fp, del);
1908 - print_user(fp, tok->tt.proc64_ex.ruid, raw);
1909 + print_user(fp, tok->tt.proc64_ex.ruid, raw, rawcred);
1910 print_delim(fp, del);
1911 - print_group(fp, tok->tt.proc64_ex.rgid, raw);
1912 + print_group(fp, tok->tt.proc64_ex.rgid, raw, rawcred);
1913 print_delim(fp, del);
1914 print_4_bytes(fp, tok->tt.proc64_ex.pid, "%u");
1915 print_delim(fp, del);
1916 @@ -2953,7 +3030,39 @@
1917 }
1918
1919 /*
1920 - * errno 1 byte
1921 + * protocol 4 bytes
1922 + */
1923 +static int
1924 +fetch_protocol_tok(tokenstr_t *tok, u_char *buf, int len)
1925 +{
1926 + int err = 0;
1927 +
1928 + READ_TOKEN_U_INT32(buf, len, tok->tt.prot.protocol, tok->len, err);
1929 + if (err)
1930 + return (-1);
1931 +
1932 + return (0);
1933 +}
1934 +
1935 +static void
1936 +print_protocol_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1937 + __unused char sfrm, int xml)
1938 +{
1939 +
1940 + print_tok_type(fp, tok->id, "protocol", raw, xml);
1941 + if (xml) {
1942 + open_attr(fp, "protocol");
1943 + print_protocol(fp, tok->tt.prot.protocol, raw);
1944 + close_attr(fp);
1945 + close_tag(fp, tok->id);
1946 + } else {
1947 + print_delim(fp, del);
1948 + print_protocol(fp, tok->tt.prot.protocol, raw);
1949 + }
1950 +}
1951 +
1952 +/*
1953 + * errno 4 bytes
1954 * return value 4 bytes
1955 */
1956 static int
1957 @@ -2961,7 +3070,7 @@
1958 {
1959 int err = 0;
1960
1961 - READ_TOKEN_U_CHAR(buf, len, tok->tt.ret32.status, tok->len, err);
1962 + READ_TOKEN_U_INT32(buf, len, tok->tt.ret32.status, tok->len, err);
1963 if (err)
1964 return (-1);
1965
1966 @@ -2999,7 +3108,7 @@
1967 {
1968 int err = 0;
1969
1970 - READ_TOKEN_U_CHAR(buf, len, tok->tt.ret64.err, tok->len, err);
1971 + READ_TOKEN_U_INT32(buf, len, tok->tt.ret64.err, tok->len, err);
1972 if (err)
1973 return (-1);
1974
1975 @@ -3362,25 +3471,25 @@
1976
1977 static void
1978 print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
1979 - __unused char sfrm, int xml)
1980 + __unused char sfrm, int xml, char rawcred)
1981 {
1982
1983 print_tok_type(fp, tok->id, "subject", raw, xml);
1984 if (xml) {
1985 open_attr(fp, "audit-uid");
1986 - print_user(fp, tok->tt.subj32.auid, raw);
1987 + print_user(fp, tok->tt.subj32.auid, raw, rawcred);
1988 close_attr(fp);
1989 open_attr(fp, "uid");
1990 - print_user(fp, tok->tt.subj32.euid, raw);
1991 + print_user(fp, tok->tt.subj32.euid, raw, rawcred);
1992 close_attr(fp);
1993 open_attr(fp, "gid");
1994 - print_group(fp, tok->tt.subj32.egid, raw);
1995 + print_group(fp, tok->tt.subj32.egid, raw, rawcred);
1996 close_attr(fp);
1997 open_attr(fp, "ruid");
1998 - print_user(fp, tok->tt.subj32.ruid, raw);
1999 + print_user(fp, tok->tt.subj32.ruid, raw, rawcred);
2000 close_attr(fp);
2001 open_attr(fp, "rgid");
2002 - print_group(fp, tok->tt.subj32.rgid, raw);
2003 + print_group(fp, tok->tt.subj32.rgid, raw, rawcred);
2004 close_attr(fp);
2005 open_attr(fp,"pid");
2006 print_4_bytes(fp, tok->tt.subj32.pid, "%u");
2007 @@ -3395,15 +3504,15 @@
2008 close_tag(fp, tok->id);
2009 } else {
2010 print_delim(fp, del);
2011 - print_user(fp, tok->tt.subj32.auid, raw);
2012 + print_user(fp, tok->tt.subj32.auid, raw, rawcred);
2013 print_delim(fp, del);
2014 - print_user(fp, tok->tt.subj32.euid, raw);
2015 + print_user(fp, tok->tt.subj32.euid, raw, rawcred);
2016 print_delim(fp, del);
2017 - print_group(fp, tok->tt.subj32.egid, raw);
2018 + print_group(fp, tok->tt.subj32.egid, raw, rawcred);
2019 print_delim(fp, del);
2020 - print_user(fp, tok->tt.subj32.ruid, raw);
2021 + print_user(fp, tok->tt.subj32.ruid, raw, rawcred);
2022 print_delim(fp, del);
2023 - print_group(fp, tok->tt.subj32.rgid, raw);
2024 + print_group(fp, tok->tt.subj32.rgid, raw, rawcred);
2025 print_delim(fp, del);
2026 print_4_bytes(fp, tok->tt.subj32.pid, "%u");
2027 print_delim(fp, del);
2028 @@ -3474,25 +3583,25 @@
2029
2030 static void
2031 print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
2032 - __unused char sfrm, int xml)
2033 + __unused char sfrm, int xml, char rawcred)
2034 {
2035
2036 print_tok_type(fp, tok->id, "subject", raw, xml);
2037 if (xml) {
2038 open_attr(fp, "audit-uid");
2039 - print_user(fp, tok->tt.subj64.auid, raw);
2040 + print_user(fp, tok->tt.subj64.auid, raw, rawcred);
2041 close_attr(fp);
2042 open_attr(fp, "uid");
2043 - print_user(fp, tok->tt.subj64.euid, raw);
2044 + print_user(fp, tok->tt.subj64.euid, raw, rawcred);
2045 close_attr(fp);
2046 open_attr(fp, "gid");
2047 - print_group(fp, tok->tt.subj64.egid, raw);
2048 + print_group(fp, tok->tt.subj64.egid, raw, rawcred);
2049 close_attr(fp);
2050 open_attr(fp, "ruid");
2051 - print_user(fp, tok->tt.subj64.ruid, raw);
2052 + print_user(fp, tok->tt.subj64.ruid, raw, rawcred);
2053 close_attr(fp);
2054 open_attr(fp, "rgid");
2055 - print_group(fp, tok->tt.subj64.rgid, raw);
2056 + print_group(fp, tok->tt.subj64.rgid, raw, rawcred);
2057 close_attr(fp);
2058 open_attr(fp, "pid");
2059 print_4_bytes(fp, tok->tt.subj64.pid, "%u");
2060 @@ -3507,15 +3616,15 @@
2061 close_tag(fp, tok->id);
2062 } else {
2063 print_delim(fp, del);
2064 - print_user(fp, tok->tt.subj64.auid, raw);
2065 + print_user(fp, tok->tt.subj64.auid, raw, rawcred);
2066 print_delim(fp, del);
2067 - print_user(fp, tok->tt.subj64.euid, raw);
2068 + print_user(fp, tok->tt.subj64.euid, raw, rawcred);
2069 print_delim(fp, del);
2070 - print_group(fp, tok->tt.subj64.egid, raw);
2071 + print_group(fp, tok->tt.subj64.egid, raw, rawcred);
2072 print_delim(fp, del);
2073 - print_user(fp, tok->tt.subj64.ruid, raw);
2074 + print_user(fp, tok->tt.subj64.ruid, raw, rawcred);
2075 print_delim(fp, del);
2076 - print_group(fp, tok->tt.subj64.rgid, raw);
2077 + print_group(fp, tok->tt.subj64.rgid, raw, rawcred);
2078 print_delim(fp, del);
2079 print_4_bytes(fp, tok->tt.subj64.pid, "%u");
2080 print_delim(fp, del);
2081 @@ -3601,25 +3710,25 @@
2082
2083 static void
2084 print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
2085 - __unused char sfrm, int xml)
2086 + __unused char sfrm, int xml, char rawcred)
2087 {
2088
2089 print_tok_type(fp, tok->id, "subject_ex", raw, xml);
2090 if (xml) {
2091 open_attr(fp, "audit-uid");
2092 - print_user(fp, tok->tt.subj32_ex.auid, raw);
2093 + print_user(fp, tok->tt.subj32_ex.auid, raw, rawcred);
2094 close_attr(fp);
2095 open_attr(fp, "uid");
2096 - print_user(fp, tok->tt.subj32_ex.euid, raw);
2097 + print_user(fp, tok->tt.subj32_ex.euid, raw, rawcred);
2098 close_attr(fp);
2099 open_attr(fp, "gid");
2100 - print_group(fp, tok->tt.subj32_ex.egid, raw);
2101 + print_group(fp, tok->tt.subj32_ex.egid, raw, rawcred);
2102 close_attr(fp);
2103 open_attr(fp, "ruid");
2104 - print_user(fp, tok->tt.subj32_ex.ruid, raw);
2105 + print_user(fp, tok->tt.subj32_ex.ruid, raw, rawcred);
2106 close_attr(fp);
2107 open_attr(fp, "rgid");
2108 - print_group(fp, tok->tt.subj32_ex.rgid, raw);
2109 + print_group(fp, tok->tt.subj32_ex.rgid, raw, rawcred);
2110 close_attr(fp);
2111 open_attr(fp, "pid");
2112 print_4_bytes(fp, tok->tt.subj32_ex.pid, "%u");
2113 @@ -3635,15 +3744,15 @@
2114 close_tag(fp, tok->id);
2115 } else {
2116 print_delim(fp, del);
2117 - print_user(fp, tok->tt.subj32_ex.auid, raw);
2118 + print_user(fp, tok->tt.subj32_ex.auid, raw, rawcred);
2119 print_delim(fp, del);
2120 - print_user(fp, tok->tt.subj32_ex.euid, raw);
2121 + print_user(fp, tok->tt.subj32_ex.euid, raw, rawcred);
2122 print_delim(fp, del);
2123 - print_group(fp, tok->tt.subj32_ex.egid, raw);
2124 + print_group(fp, tok->tt.subj32_ex.egid, raw, rawcred);
2125 print_delim(fp, del);
2126 - print_user(fp, tok->tt.subj32_ex.ruid, raw);
2127 + print_user(fp, tok->tt.subj32_ex.ruid, raw, rawcred);
2128 print_delim(fp, del);
2129 - print_group(fp, tok->tt.subj32_ex.rgid, raw);
2130 + print_group(fp, tok->tt.subj32_ex.rgid, raw, rawcred);
2131 print_delim(fp, del);
2132 print_4_bytes(fp, tok->tt.subj32_ex.pid, "%u");
2133 print_delim(fp, del);
2134 @@ -3730,24 +3839,24 @@
2135
2136 static void
2137 print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
2138 - __unused char sfrm, int xml)
2139 + __unused char sfrm, int xml, char rawcred)
2140 {
2141 print_tok_type(fp, tok->id, "subject_ex", raw, xml);
2142 if (xml) {
2143 open_attr(fp, "audit-uid");
2144 - print_user(fp, tok->tt.subj64_ex.auid, raw);
2145 + print_user(fp, tok->tt.subj64_ex.auid, raw, rawcred);
2146 close_attr(fp);
2147 open_attr(fp, "uid");
2148 - print_user(fp, tok->tt.subj64_ex.euid, raw);
2149 + print_user(fp, tok->tt.subj64_ex.euid, raw, rawcred);
2150 close_attr(fp);
2151 open_attr(fp, "gid");
2152 - print_group(fp, tok->tt.subj64_ex.egid, raw);
2153 + print_group(fp, tok->tt.subj64_ex.egid, raw, rawcred);
2154 close_attr(fp);
2155 open_attr(fp, "ruid");
2156 - print_user(fp, tok->tt.subj64_ex.ruid, raw);
2157 + print_user(fp, tok->tt.subj64_ex.ruid, raw, rawcred);
2158 close_attr(fp);
2159 open_attr(fp, "rgid");
2160 - print_group(fp, tok->tt.subj64_ex.rgid, raw);
2161 + print_group(fp, tok->tt.subj64_ex.rgid, raw, rawcred);
2162 close_attr(fp);
2163 open_attr(fp, "pid");
2164 print_4_bytes(fp, tok->tt.subj64_ex.pid, "%u");
2165 @@ -3763,15 +3872,15 @@
2166 close_tag(fp, tok->id);
2167 } else {
2168 print_delim(fp, del);
2169 - print_user(fp, tok->tt.subj64_ex.auid, raw);
2170 + print_user(fp, tok->tt.subj64_ex.auid, raw, rawcred);
2171 print_delim(fp, del);
2172 - print_user(fp, tok->tt.subj64_ex.euid, raw);
2173 + print_user(fp, tok->tt.subj64_ex.euid, raw, rawcred);
2174 print_delim(fp, del);
2175 - print_group(fp, tok->tt.subj64_ex.egid, raw);
2176 + print_group(fp, tok->tt.subj64_ex.egid, raw, rawcred);
2177 print_delim(fp, del);
2178 - print_user(fp, tok->tt.subj64_ex.ruid, raw);
2179 + print_user(fp, tok->tt.subj64_ex.ruid, raw, rawcred);
2180 print_delim(fp, del);
2181 - print_group(fp, tok->tt.subj64_ex.rgid, raw);
2182 + print_group(fp, tok->tt.subj64_ex.rgid, raw, rawcred);
2183 print_delim(fp, del);
2184 print_4_bytes(fp, tok->tt.subj64_ex.pid, "%u");
2185 print_delim(fp, del);
2186 @@ -3821,6 +3930,39 @@
2187 }
2188
2189 /*
2190 + * vtype 4 bytes
2191 + */
2192 +static int
2193 +fetch_vtype_tok(tokenstr_t *tok, u_char *buf, int len)
2194 +{
2195 + int err = 0;
2196 +
2197 + READ_TOKEN_U_INT32(buf, len, tok->tt.vtype.vtype, tok->len, err);
2198 + if (err)
2199 + return (-1);
2200 +
2201 + return (0);
2202 +}
2203 +
2204 +
2205 +static void
2206 +print_vtype_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
2207 + __unused char sfrm, int xml)
2208 +{
2209 +
2210 + print_tok_type(fp, tok->id, "vnode type", raw, xml);
2211 + if (xml) {
2212 + open_attr(fp, "vtype");
2213 + print_vtype(fp, tok->tt.vtype.vtype, raw);
2214 + close_attr(fp);
2215 + close_tag(fp, tok->id);
2216 + } else {
2217 + print_delim(fp, del);
2218 + print_vtype(fp, tok->tt.vtype.vtype, raw);
2219 + }
2220 +}
2221 +
2222 +/*
2223 * socket domain 2 bytes
2224 * socket type 2 bytes
2225 * address type 2 bytes
2226 @@ -4107,6 +4249,9 @@
2227 case AUT_PROCESS64_EX:
2228 return (fetch_process64ex_tok(tok, buf, len));
2229
2230 + case AUT_PROTOCOL:
2231 + return (fetch_protocol_tok(tok, buf, len));
2232 +
2233 case AUT_RETURN32:
2234 return (fetch_return32_tok(tok, buf, len));
2235
2236 @@ -4143,6 +4288,9 @@
2237 case AUT_TEXT:
2238 return (fetch_text_tok(tok, buf, len));
2239
2240 + case AUT_VTYPE:
2241 + return (fetch_vtype_tok(tok, buf, len));
2242 +
2243 case AUT_SOCKET_EX:
2244 return (fetch_socketex32_tok(tok, buf, len));
2245
2246 @@ -4161,7 +4309,7 @@
2247 * 'prints' the token out to outfp.
2248 */
2249 void
2250 -au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm)
2251 +au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm, char rawcred)
2252 {
2253
2254 switch(tok->id) {
2255 @@ -4198,11 +4346,11 @@
2256 return;
2257
2258 case AUT_ATTR32:
2259 - print_attr32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2260 + print_attr32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2261 return;
2262
2263 case AUT_ATTR64:
2264 - print_attr64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2265 + print_attr64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2266 return;
2267
2268 case AUT_EXIT:
2269 @@ -4222,7 +4370,7 @@
2270 return;
2271
2272 case AUT_NEWGROUPS:
2273 - print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2274 + print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2275 return;
2276
2277 case AUT_IN_ADDR:
2278 @@ -4242,7 +4390,7 @@
2279 return;
2280
2281 case AUT_IPC_PERM:
2282 - print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2283 + print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2284 return;
2285
2286 case AUT_IPORT:
2287 @@ -4258,19 +4406,23 @@
2288 return;
2289
2290 case AUT_PROCESS32:
2291 - print_process32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2292 + print_process32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2293 return;
2294
2295 case AUT_PROCESS32_EX:
2296 - print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2297 + print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2298 return;
2299
2300 case AUT_PROCESS64:
2301 - print_process64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2302 + print_process64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2303 return;
2304
2305 case AUT_PROCESS64_EX:
2306 - print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2307 + print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2308 + return;
2309 +
2310 + case AUT_PROTOCOL:
2311 + print_protocol_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2312 return;
2313
2314 case AUT_RETURN32:
2315 @@ -4302,25 +4454,29 @@
2316 return;
2317
2318 case AUT_SUBJECT32:
2319 - print_subject32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2320 + print_subject32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2321 return;
2322
2323 case AUT_SUBJECT64:
2324 - print_subject64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2325 + print_subject64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2326 return;
2327
2328 case AUT_SUBJECT32_EX:
2329 - print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2330 + print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2331 return;
2332
2333 case AUT_SUBJECT64_EX:
2334 - print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2335 + print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN, rawcred);
2336 return;
2337
2338 case AUT_TEXT:
2339 print_text_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2340 return;
2341
2342 + case AUT_VTYPE:
2343 + print_vtype_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2344 + return;
2345 +
2346 case AUT_SOCKET_EX:
2347 print_socketex32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
2348 return;
2349 @@ -4339,7 +4495,7 @@
2350 */
2351 void
2352 au_print_tok_xml(FILE *outfp, tokenstr_t *tok, char *del, char raw,
2353 - char sfrm)
2354 + char sfrm, char rawcred)
2355 {
2356
2357 switch(tok->id) {
2358 @@ -4376,11 +4532,11 @@
2359 return;
2360
2361 case AUT_ATTR32:
2362 - print_attr32_tok(outfp, tok, del, raw, sfrm, AU_XML);
2363 + print_attr32_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2364 return;
2365
2366 case AUT_ATTR64:
2367 - print_attr64_tok(outfp, tok, del, raw, sfrm, AU_XML);
2368 + print_attr64_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2369 return;
2370
2371 case AUT_EXIT:
2372 @@ -4400,7 +4556,7 @@
2373 return;
2374
2375 case AUT_NEWGROUPS:
2376 - print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_XML);
2377 + print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2378 return;
2379
2380 case AUT_IN_ADDR:
2381 @@ -4420,7 +4576,7 @@
2382 return;
2383
2384 case AUT_IPC_PERM:
2385 - print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_XML);
2386 + print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2387 return;
2388
2389 case AUT_IPORT:
2390 @@ -4436,19 +4592,23 @@
2391 return;
2392
2393 case AUT_PROCESS32:
2394 - print_process32_tok(outfp, tok, del, raw, sfrm, AU_XML);
2395 + print_process32_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2396 return;
2397
2398 case AUT_PROCESS32_EX:
2399 - print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
2400 + print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2401 return;
2402
2403 case AUT_PROCESS64:
2404 - print_process64_tok(outfp, tok, del, raw, sfrm, AU_XML);
2405 + print_process64_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2406 return;
2407
2408 case AUT_PROCESS64_EX:
2409 - print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
2410 + print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2411 + return;
2412 +
2413 + case AUT_PROTOCOL:
2414 + print_protocol_tok(outfp, tok, del, raw, sfrm, AU_XML);
2415 return;
2416
2417 case AUT_RETURN32:
2418 @@ -4476,25 +4636,29 @@
2419 return;
2420
2421 case AUT_SUBJECT32:
2422 - print_subject32_tok(outfp, tok, del, raw, sfrm, AU_XML);
2423 + print_subject32_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2424 return;
2425
2426 case AUT_SUBJECT64:
2427 - print_subject64_tok(outfp, tok, del, raw, sfrm, AU_XML);
2428 + print_subject64_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2429 return;
2430
2431 case AUT_SUBJECT32_EX:
2432 - print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
2433 + print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2434 return;
2435
2436 case AUT_SUBJECT64_EX:
2437 - print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
2438 + print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_XML, rawcred);
2439 return;
2440
2441 case AUT_TEXT:
2442 print_text_tok(outfp, tok, del, raw, sfrm, AU_XML);
2443 return;
2444
2445 + case AUT_VTYPE:
2446 + print_vtype_tok(outfp, tok, del, raw, sfrm, AU_XML);
2447 + return;
2448 +
2449 case AUT_SOCKET_EX:
2450 print_socketex32_tok(outfp, tok, del, raw, sfrm, AU_XML);
2451 return;
2452 --- //depot/vendor/freebsd/src/contrib/openbsm/sys/bsm/audit_errno.h 2009-01-14 11:35:39.000000000 0000
2453 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/sys/bsm/audit_errno.h 2010-08-06 18:10:43.000000000 0000
2454 @@ -206,9 +206,62 @@
2455 #define BSM_ERRNO_EKEYREJECTED 222 /* Linux-specific. */
2456
2457 /*
2458 + * NFS specific error numbers
2459 + */
2460 +#define BSM_NFS_ERRNO_WFLUSH 300
2461 +#define BSM_NFS_ERRNO_BADHANDLE 301
2462 +#define BSM_NFS_ERRNO_NOT_SYNC 302
2463 +#define BSM_NFS_ERRNO_BAD_COOKIE 303
2464 +#define BSM_NFS_ERRNO_NOTSUPP 304
2465 +#define BSM_NFS_ERRNO_TOOSMALL 305
2466 +#define BSM_NFS_ERRNO_SERVERFAULT 306
2467 +#define BSM_NFS_ERRNO_BADTYPE 307
2468 +#define BSM_NFS_ERRNO_DELAY 308
2469 +#define BSM_NFS_ERRNO_SAME 309
2470 +#define BSM_NFS_ERRNO_DENIED 310
2471 +#define BSM_NFS_ERRNO_EXPIRED 311
2472 +#define BSM_NFS_ERRNO_LOCKED 312
2473 +#define BSM_NFS_ERRNO_GRACE 313
2474 +#define BSM_NFS_ERRNO_FHEXPIRED 314
2475 +#define BSM_NFS_ERRNO_SHAREDENIED 315
2476 +#define BSM_NFS_ERRNO_WRONGSEC 316
2477 +#define BSM_NFS_ERRNO_CLIDINUSE 317
2478 +#define BSM_NFS_ERRNO_RESOURCE 318
2479 +#define BSM_NFS_ERRNO_MOVED 319
2480 +#define BSM_NFS_ERRNO_NOFILEHANDLE 320
2481 +#define BSM_NFS_ERRNO_MINORVERMISMATCH 321
2482 +#define BSM_NFS_ERRNO_STALECLIENTID 322
2483 +#define BSM_NFS_ERRNO_STALESTATEID 323
2484 +#define BSM_NFS_ERRNO_OLDSTATEID 324
2485 +#define BSM_NFS_ERRNO_BADSTATEID 325
2486 +#define BSM_NFS_ERRNO_BADSEQID 326
2487 +#define BSM_NFS_ERRNO_NOTSAME 327
2488 +#define BSM_NFS_ERRNO_LOCKRANGE 328
2489 +#define BSM_NFS_ERRNO_SYMLINK 329
2490 +#define BSM_NFS_ERRNO_RESTOREFH 330
2491 +#define BSM_NFS_ERRNO_LEASEMOVED 331
2492 +#define BSM_NFS_ERRNO_ATTRNOTSUPP 332
2493 +#define BSM_NFS_ERRNO_NOGRACE 333
2494 +#define BSM_NFS_ERRNO_RECLAIMBAD 334
2495 +#define BSM_NFS_ERRNO_RECLAIMCONFLICT 335
2496 +#define BSM_NFS_ERRNO_BADXDR 336
2497 +#define BSM_NFS_ERRNO_LOCKSHELD 337
2498 +#define BSM_NFS_ERRNO_OPENMODE 338
2499 +#define BSM_NFS_ERRNO_BADOWNER 339
2500 +#define BSM_NFS_ERRNO_BADCHAR 340
2501 +#define BSM_NFS_ERRNO_BADNAME 341
2502 +#define BSM_NFS_ERRNO_BADRANGE 342
2503 +#define BSM_NFS_ERRNO_LOCKNOTSUPP 343
2504 +#define BSM_NFS_ERRNO_OPILLEGAL 344
2505 +#define BSM_NFS_ERRNO_DEADLOCK 345
2506 +#define BSM_NFS_ERRNO_FILEOPEN 346
2507 +#define BSM_NFS_ERRNO_ADMINREVOKED 347
2508 +#define BSM_NFS_ERRNO_CBPATHDOWN 348
2509 +
2510 +/*
2511 * In the event that OpenBSM doesn't have a file representation of a local
2512 * error number, use this.
2513 */
2514 -#define BSM_ERRNO_UNKNOWN 250 /* OpenBSM-specific. */
2515 +#define BSM_ERRNO_UNKNOWN 1000 /* OpenBSM-specific. */
2516
2517 #endif /* !_BSM_AUDIT_ERRNO_H_ */
2518 --- //depot/vendor/freebsd/src/contrib/openbsm/sys/bsm/audit_record.h 2009-04-19 16:37:15.000000000 0000
2519 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/contrib/openbsm/sys/bsm/audit_record.h 2010-08-07 16:49:25.000000000 0000
2520 @@ -125,6 +125,10 @@
2521 #define AUT_SOCKINET128 0x81 /* XXX */
2522 #define AUT_SOCKUNIX 0x82 /* XXX */
2523
2524 +/* Yet more token identifiers */
2525 +#define AUT_PROTOCOL 0x83
2526 +#define AUT_VTYPE 0x84
2527 +
2528 /* print values for the arbitrary token */
2529 #define AUP_BINARY 0
2530 #define AUP_OCTAL 1
2531 @@ -170,6 +174,11 @@
2532
2533 #define AUT_TRAILER_MAGIC 0xb105
2534
2535 +/* NFS specific stuff */
2536 +#define ND_NFSV2 0x00000004
2537 +#define ND_NFSV3 0x00000008
2538 +#define ND_NFSV4 0x00000010
2539 +
2540 /* BSM library calls */
2541
2542 __BEGIN_DECLS
2543 @@ -284,12 +293,12 @@
2544 * BSM library routines for converting between local and BSM constant spaces.
2545 */
2546 int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
2547 -int au_bsm_to_errno(u_char bsm_error, int *errorp);
2548 +int au_bsm_to_errno(int bsm_error, int *errorp);
2549 int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
2550 int au_bsm_to_socket_type(u_short bsm_socket_type,
2551 int *local_socket_typep);
2552 u_short au_domain_to_bsm(int local_domain);
2553 -u_char au_errno_to_bsm(int local_errno);
2554 +int au_errno_to_bsm(int local_errno);
2555 u_short au_fcntl_cmd_to_bsm(int local_fcntl_command);
2556 u_short au_socket_type_to_bsm(int local_socket_type);
2557
2558 --- //depot/vendor/freebsd/src/share/man/man9/VOP_VPTOFH.9 2010-04-14 19:35:30.000000000 0000
2559 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/share/man/man9/VOP_VPTOFH.9 2010-08-02 17:57:28.000000000 0000
2560 @@ -38,7 +38,7 @@
2561 .In sys/param.h
2562 .In sys/vnode.h
2563 .Ft int
2564 -.Fn VOP_VPTOFH "struct vnode *vp" "struct fid *fhp"
2565 +.Fn VOP_VPTOFH "struct vnode *vp" "struct fid *fhp" "struct vnode *dvp"
2566 .Sh DESCRIPTION
2567 This is used by the NFS server to create an opaque filehandle which
2568 uniquely identifies the file and which can be used by an NFS client
2569 @@ -50,10 +50,15 @@
2570 The vnode to make a filehandle for.
2571 .It Fa fhp
2572 Return parameter for the filehandle.
2573 +.It Fa dvp
2574 +The directory vnode that contains a dirent for vp, NULL otherwise.
2575 +This is used to store a hint that will facilitate the work of
2576 +.Xr vn_fullpath_nocache 9 .
2577 .El
2578 .Sh SEE ALSO
2579 .Xr VFS 9 ,
2580 .Xr VFS_FHTOVP 9 ,
2581 +.Xr vn_fullpath_nocache 9 ,
2582 .Xr vnode 9
2583 .Sh AUTHORS
2584 This manual page was written by
2585 --- //depot/vendor/freebsd/src/sys/bsm/audit_errno.h 2009-01-14 10:50:16.000000000 0000
2586 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/bsm/audit_errno.h 2010-08-06 18:10:43.000000000 0000
2587 @@ -207,9 +207,62 @@
2588 #define BSM_ERRNO_EKEYREJECTED 222 /* Linux-specific. */
2589
2590 /*
2591 + * NFS specific error numbers
2592 + */
2593 +#define BSM_NFS_ERRNO_WFLUSH 300
2594 +#define BSM_NFS_ERRNO_BADHANDLE 301
2595 +#define BSM_NFS_ERRNO_NOT_SYNC 302
2596 +#define BSM_NFS_ERRNO_BAD_COOKIE 303
2597 +#define BSM_NFS_ERRNO_NOTSUPP 304
2598 +#define BSM_NFS_ERRNO_TOOSMALL 305
2599 +#define BSM_NFS_ERRNO_SERVERFAULT 306
2600 +#define BSM_NFS_ERRNO_BADTYPE 307
2601 +#define BSM_NFS_ERRNO_DELAY 308
2602 +#define BSM_NFS_ERRNO_SAME 309
2603 +#define BSM_NFS_ERRNO_DENIED 310
2604 +#define BSM_NFS_ERRNO_EXPIRED 311
2605 +#define BSM_NFS_ERRNO_LOCKED 312
2606 +#define BSM_NFS_ERRNO_GRACE 313
2607 +#define BSM_NFS_ERRNO_FHEXPIRED 314
2608 +#define BSM_NFS_ERRNO_SHAREDENIED 315
2609 +#define BSM_NFS_ERRNO_WRONGSEC 316
2610 +#define BSM_NFS_ERRNO_CLIDINUSE 317
2611 +#define BSM_NFS_ERRNO_RESOURCE 318
2612 +#define BSM_NFS_ERRNO_MOVED 319
2613 +#define BSM_NFS_ERRNO_NOFILEHANDLE 320
2614 +#define BSM_NFS_ERRNO_MINORVERMISMATCH 321
2615 +#define BSM_NFS_ERRNO_STALECLIENTID 322
2616 +#define BSM_NFS_ERRNO_STALESTATEID 323
2617 +#define BSM_NFS_ERRNO_OLDSTATEID 324
2618 +#define BSM_NFS_ERRNO_BADSTATEID 325
2619 +#define BSM_NFS_ERRNO_BADSEQID 326
2620 +#define BSM_NFS_ERRNO_NOTSAME 327
2621 +#define BSM_NFS_ERRNO_LOCKRANGE 328
2622 +#define BSM_NFS_ERRNO_SYMLINK 329
2623 +#define BSM_NFS_ERRNO_RESTOREFH 330
2624 +#define BSM_NFS_ERRNO_LEASEMOVED 331
2625 +#define BSM_NFS_ERRNO_ATTRNOTSUPP 332
2626 +#define BSM_NFS_ERRNO_NOGRACE 333
2627 +#define BSM_NFS_ERRNO_RECLAIMBAD 334
2628 +#define BSM_NFS_ERRNO_RECLAIMCONFLICT 335
2629 +#define BSM_NFS_ERRNO_BADXDR 336
2630 +#define BSM_NFS_ERRNO_LOCKSHELD 337
2631 +#define BSM_NFS_ERRNO_OPENMODE 338
2632 +#define BSM_NFS_ERRNO_BADOWNER 339
2633 +#define BSM_NFS_ERRNO_BADCHAR 340
2634 +#define BSM_NFS_ERRNO_BADNAME 341
2635 +#define BSM_NFS_ERRNO_BADRANGE 342
2636 +#define BSM_NFS_ERRNO_LOCKNOTSUPP 343
2637 +#define BSM_NFS_ERRNO_OPILLEGAL 344
2638 +#define BSM_NFS_ERRNO_DEADLOCK 345
2639 +#define BSM_NFS_ERRNO_FILEOPEN 346
2640 +#define BSM_NFS_ERRNO_ADMINREVOKED 347
2641 +#define BSM_NFS_ERRNO_CBPATHDOWN 348
2642 +
2643 +/*
2644 * In the event that OpenBSM doesn't have a file representation of a local
2645 * error number, use this.
2646 */
2647 -#define BSM_ERRNO_UNKNOWN 250 /* OpenBSM-specific. */
2648 +#define BSM_ERRNO_UNKNOWN 1000 /* OpenBSM-specific. */
2649
2650 #endif /* !_BSM_AUDIT_ERRNO_H_ */
2651 --- //depot/vendor/freebsd/src/sys/bsm/audit_kevents.h 2009-09-29 21:30:13.000000000 0000
2652 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/bsm/audit_kevents.h 2010-07-08 19:00:38.000000000 0000
2653 @@ -385,6 +385,70 @@
2654 #define AUE_DARWIN_COPYFILE 361 /* Darwin-specific. */
2655
2656 /*
2657 + * NFS RPC events
2658 + */
2659 +#define AUE_NFS_NULL 2000
2660 +#define AUE_NFS_GETATTR 2001
2661 +#define AUE_NFS_SETATTR 2002
2662 +#define AUE_NFS_LOOKUP 2003
2663 +#define AUE_NFS_ACCESS 2004
2664 +#define AUE_NFS_READLINK 2005
2665 +#define AUE_NFS_READ 2006
2666 +#define AUE_NFS_WRITE 2007
2667 +#define AUE_NFS_CREATE 2008
2668 +#define AUE_NFS_MKDIR 2009
2669 +#define AUE_NFS_SYMLINK 2010
2670 +#define AUE_NFS_MKNOD 2011
2671 +#define AUE_NFS_REMOVE 2012
2672 +#define AUE_NFS_RMDIR 2013
2673 +#define AUE_NFS_RENAME 2014
2674 +#define AUE_NFS_LINK 2015
2675 +#define AUE_NFS_READDIR 2016
2676 +#define AUE_NFS_READDIR_PLUS 2017
2677 +#define AUE_NFS_STATFS 2018
2678 +#define AUE_NFS_FSINFO 2019
2679 +#define AUE_NFS_PATHCONF 2020
2680 +#define AUE_NFS_COMMIT 2021
2681 +#define AUE_NFS_NOOP 2022
2682 +/* NFSv4 specific RPC events */
2683 +#define AUE_NFS_CLOSE 2023
2684 +#define AUE_NFS_DELEGPURGE 2024
2685 +#define AUE_NFS_DELEGRETURN 2025
2686 +#define AUE_NFSv4_GETFH 2026
2687 +#define AUE_NFS_LOCK 2027
2688 +#define AUE_NFS_LOCKT 2028
2689 +#define AUE_NFS_LOCKU 2029
2690 +#define AUE_NFS_LOOKUPP 2030
2691 +#define AUE_NFS_NVERIFY 2031
2692 +#define AUE_NFS_OPEN 2032
2693 +#define AUE_NFS_OPENATTR 2033
2694 +#define AUE_NFS_OPENCONFIRM 2034
2695 +#define AUE_NFS_OPENDOWNGRADE 2035
2696 +#define AUE_NFS_PUTFH 2036
2697 +#define AUE_NFS_PUTPUBFH 2037
2698 +#define AUE_NFS_PUTROOTFH 2038
2699 +#define AUE_NFS_RENEW 2039
2700 +#define AUE_NFS_RESTOREFH 2040
2701 +#define AUE_NFS_SAVEFH 2041
2702 +#define AUE_NFS_SECINFO 2042
2703 +#define AUE_NFS_SETCLIENTID 2043
2704 +#define AUE_NFS_SETCLIENTIDCFRM 2044
2705 +#define AUE_NFS_VERIFY 2045
2706 +#define AUE_NFS_RELEASELCKOWN 2046
2707 +#define AUE_NFS_OPEN_R 2047
2708 +#define AUE_NFS_OPEN_RC 2048
2709 +#define AUE_NFS_OPEN_RTC 2049
2710 +#define AUE_NFS_OPEN_RT 2050
2711 +#define AUE_NFS_OPEN_RW 2051
2712 +#define AUE_NFS_OPEN_RWC 2052
2713 +#define AUE_NFS_OPEN_RWTC 2053
2714 +#define AUE_NFS_OPEN_RWT 2054
2715 +#define AUE_NFS_OPEN_W 2055
2716 +#define AUE_NFS_OPEN_WC 2056
2717 +#define AUE_NFS_OPEN_WTC 2057
2718 +#define AUE_NFS_OPEN_WT 2058
2719 +
2720 +/*
2721 * Audit event identifiers added as part of OpenBSM, generally corresponding
2722 * to events in FreeBSD, Darwin, and Linux that were not present in Solaris.
2723 * These often duplicate events added to the Solaris set by Darwin, but use
2724 --- //depot/vendor/freebsd/src/sys/bsm/audit_record.h 2009-04-19 14:55:18.000000000 0000
2725 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/bsm/audit_record.h 2010-08-16 13:30:34.000000000 0000
2726 @@ -126,6 +126,10 @@
2727 #define AUT_SOCKINET128 0x81 /* XXX */
2728 #define AUT_SOCKUNIX 0x82 /* XXX */
2729
2730 +/* Yet more token identifiers */
2731 +#define AUT_PROTOCOL 0x83
2732 +#define AUT_VTYPE 0x84
2733 +
2734 /* print values for the arbitrary token */
2735 #define AUP_BINARY 0
2736 #define AUP_OCTAL 1
2737 @@ -171,6 +175,11 @@
2738
2739 #define AUT_TRAILER_MAGIC 0xb105
2740
2741 +/* NFS specific stuff */
2742 +#define ND_NFSV2 0x00000004
2743 +#define ND_NFSV3 0x00000008
2744 +#define ND_NFSV4 0x00000010
2745 +
2746 /* BSM library calls */
2747
2748 __BEGIN_DECLS
2749 @@ -247,9 +256,10 @@
2750 au_tid_addr_t *tid);
2751 token_t *au_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
2752 gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid);
2753 -token_t *au_to_return(char status, uint32_t ret);
2754 -token_t *au_to_return32(char status, uint32_t ret);
2755 -token_t *au_to_return64(char status, uint64_t ret);
2756 +token_t *au_to_protocol(u_int32_t protocol);
2757 +token_t *au_to_return(u_int32_t status, uint32_t ret);
2758 +token_t *au_to_return32(u_int32_t status, uint32_t ret);
2759 +token_t *au_to_return64(u_int32_t status, uint64_t ret);
2760 token_t *au_to_seq(long audit_count);
2761 token_t *au_to_socket_ex(u_short so_domain, u_short so_type,
2762 struct sockaddr *sa_local, struct sockaddr *sa_remote);
2763 @@ -277,6 +287,7 @@
2764 token_t *au_to_exec_env(char **envp);
2765 #endif
2766 token_t *au_to_text(const char *text);
2767 +token_t *au_to_vtype(u_int32_t vtype);
2768 token_t *au_to_kevent(struct kevent *kev);
2769 token_t *au_to_trailer(int rec_size);
2770 token_t *au_to_zonename(const char *zonename);
2771 @@ -285,12 +296,12 @@
2772 * BSM library routines for converting between local and BSM constant spaces.
2773 */
2774 int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
2775 -int au_bsm_to_errno(u_char bsm_error, int *errorp);
2776 +int au_bsm_to_errno(int bsm_error, int *errorp);
2777 int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
2778 int au_bsm_to_socket_type(u_short bsm_socket_type,
2779 int *local_socket_typep);
2780 u_short au_domain_to_bsm(int local_domain);
2781 -u_char au_errno_to_bsm(int local_errno);
2782 +int au_errno_to_bsm(int local_errno);
2783 u_short au_fcntl_cmd_to_bsm(int local_fcntl_command);
2784 u_short au_socket_type_to_bsm(int local_socket_type);
2785
2786 --- //depot/vendor/freebsd/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c 2009-09-26 00:15:13.000000000 0000
2787 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c 2010-05-24 11:27:15.000000000 0000
2788 @@ -1176,7 +1176,7 @@
2789
2790 err = zfsctl_traverse_begin(&vp, LK_SHARED | LK_RETRY);
2791 if (err == 0)
2792 - err = VOP_VPTOFH(vp, (void *)ap->a_fid);
2793 + err = VOP_VPTOFH(vp, (void *)ap->a_fid, NULL);
2794 zfsctl_traverse_end(vp, err);
2795 return (err);
2796 }
2797 --- //depot/vendor/freebsd/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c 2010-04-15 16:45:14.000000000 0000
2798 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c 2010-05-27 14:41:11.000000000 0000
2799 @@ -112,6 +112,7 @@
2800 .vfs_sync = zfs_sync,
2801 .vfs_checkexp = zfs_checkexp,
2802 .vfs_fhtovp = zfs_fhtovp,
2803 + .vfs_fhhint = vfs_stdfhhint,
2804 };
2805
2806 VFS_SET(zfs_vfsops, zfs, VFCF_JAIL | VFCF_DELEGADMIN);
2807 --- //depot/vendor/freebsd/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c 2010-04-15 16:45:14.000000000 0000
2808 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c 2010-08-02 17:57:28.000000000 0000
2809 @@ -40,6 +40,7 @@
2810 #include <sys/uio.h>
2811 #include <sys/atomic.h>
2812 #include <sys/namei.h>
2813 +#include <sys/dirent.h>
2814 #include <sys/mman.h>
2815 #include <sys/cmn_err.h>
2816 #include <sys/errno.h>
2817 @@ -3771,7 +3772,7 @@
2818
2819 ZFS_ENTER(zfsvfs);
2820 ZFS_VERIFY_ZP(zp);
2821 - gen = (uint32_t)zp->z_gen;
2822 + gen = (uint32_t)zp->z_gen;
2823
2824 size = (zfsvfs->z_parent != zfsvfs) ? LONG_FID_LEN : SHORT_FID_LEN;
2825 fidp->fid_len = size;
2826 @@ -4454,6 +4455,7 @@
2827 struct vop_fid_args /* {
2828 struct vnode *a_vp;
2829 struct fid *a_fid;
2830 + struct vnode *a_dvp;
2831 } */ *ap;
2832 {
2833
2834 @@ -4963,6 +4965,169 @@
2835 return (EOPNOTSUPP);
2836 }
2837
2838 +/*
2839 + * XXXgpf: should relocate them someplace else
2840 + * I just dont know where:S
2841 + */
2842 +#define PARENTHINT 0x0001
2843 +#define EXHAUSTSEARCH 0x0002
2844 +#define WANTNAME 0x0004
2845 +
2846 +/*
2847 + * VOP_GETPARENT
2848 + *
2849 + * int VOP_GETPARENT(struct vnode *vp, struct vnode **dvp, uint64_t hint,
2850 + * int flags, char *buf, int *buflen);
2851 + *
2852 + * Find a parent directory -dvp- with vp as a child. The parent hint is used to
2853 + * facilitate the search.
2854 + *
2855 + * Flags should be set to:
2856 + * - PARENTHINT: if a hint ino_t of a directory is supplied to facilitate the search
2857 + * - EXHAUSTSEARCH: if we are willing to search the whole filesystem to find the directory
2858 + * - WANTNAME: if we want to copy the name used to reference the file inside the dir, to buf
2859 + *
2860 + * ZFS note: only WANTNAME & PARENTHINT are actually used in ZFS code
2861 + *
2862 + * Locks: vp should be locked on entry and will still be locked on exit.
2863 + * On success, dvp will be locked and have its reference count incremented.
2864 + *
2865 + */
2866 +int
2867 +zfs_freebsd_getparent(struct vop_getparent_args *ap)
2868 +/*
2869 +vop_getparent {
2870 + IN struct vnode *a_vp;
2871 + OUT struct vnode **a_vpp;
2872 + IN uint64_t a_hint;
2873 + IN int a_flags;
2874 + INOUT char *a_buf;
2875 + INOUT int *a_buflen;
2876 +};
2877 +*/
2878 +{
2879 + znode_t *zp;
2880 + struct mount *mp;
2881 + struct vnode *dvp;
2882 + char *dirbuf;
2883 + int error;
2884 + ino_t parent;
2885 +
2886 + KASSERT(ap->a_vp != NULL, ("VOP_GEPARENT: null vp"));
2887 + if (ap->a_flags & WANTPARENT)
2888 + KASSERT(ap->a_buf != NULL, ("VOP_GEPARENT: null buffer"));
2889 +
2890 + zp = VTOZ(ap->a_vp);
2891 + mp = ap->a_vp->v_mount;
2892 + dvp = NULL;
2893 + dirbuf = NULL;
2894 +
2895 + if (zp->z_phys == NULL) {
2896 + error = ENOENT;
2897 + goto out;
2898 + }
2899 + parent = zp->z_phys->zp_parent;
2900 +tryparent:
2901 + /* grab directory vnode that should contain this znode */
2902 + error = VFS_VGET(mp, parent, LK_SHARED, &dvp);
2903 + if (error) {
2904 + error = ENOENT;
2905 + goto out;
2906 + }
2907 + /* scan the directory for a matching dirent */
2908 + else {
2909 + struct uio io;
2910 + struct iovec iov;
2911 + struct dirent *dp, *edp;
2912 + struct thread *td;
2913 + u_int64_t dirbuflen;
2914 + int error, eofflag;
2915 + char foundit;
2916 +
2917 + foundit = 0;
2918 + dirbuflen = ((struct znode *)dvp->v_data)->z_blksz;
2919 + dirbuf = malloc(dirbuflen, M_TEMP, M_WAITOK);
2920 + td = curthread;
2921 +
2922 + /* prep the call to VOP_READDIR() */
2923 + iov.iov_base = dirbuf;
2924 + iov.iov_len = dirbuflen;
2925 + io.uio_iov = &iov;
2926 + io.uio_iovcnt = 1;
2927 + io.uio_offset = 0;
2928 + io.uio_resid = dirbuflen;
2929 + io.uio_segflg = UIO_SYSSPACE;
2930 + io.uio_rw = UIO_READ;
2931 + io.uio_td = td;
2932 + eofflag = 0;
2933 +
2934 + error = VOP_READDIR(dvp, &io, td->td_ucred, &eofflag, NULL, NULL);
2935 + if (error) {
2936 + error = EIO;
2937 + goto out;
2938 + }
2939 +
2940 + /* search for the correct znode number inside the directory */
2941 + edp = (struct dirent *)&dirbuf[dirbuflen - io.uio_resid];
2942 + for (dp = (struct dirent *)dirbuf; dp < edp; ) {
2943 + if (dp->d_reclen > 0) {
2944 + /* found it */
2945 + if (zp->z_id == ((struct dirent *)dp)->d_fileno) {
2946 + if (ap->a_flags & WANTNAME) {
2947 + char *pch;
2948 + int len;
2949 +
2950 + pch = ((struct dirent *)dp)->d_name;
2951 + len = strlen(pch);
2952 +
2953 + if (len >= *(ap->a_buflen)) {
2954 + error = ENOMEM;
2955 + goto out;
2956 + }
2957 +
2958 + strlcpy(ap->a_buf, ((struct dirent *)dp)->d_name, *(ap->a_buflen));
2959 + *(ap->a_buflen) -= len + 1;
2960 + }
2961 + foundit = 1;
2962 + break;
2963 + }
2964 + dp = (struct dirent *)((char *)dp + dp->d_reclen);
2965 + }
2966 + else {
2967 + error = EIO;
2968 + break;
2969 + }
2970 + }
2971 +
2972 + if (foundit == 0 && error == 0)
2973 + error = ENOENT;
2974 + }
2975 +
2976 +out:
2977 + if (dirbuf != NULL) {
2978 + free(dirbuf, M_TEMP);
2979 + dirbuf = NULL;
2980 + }
2981 +
2982 + if (error && dvp != NULL) {
2983 + vput(dvp);
2984 + dvp = NULL;
2985 + }
2986 +
2987 + /* if an error occured and we have been supplied with a parenthint, try it out */
2988 + if (error && (ap->a_flags & PARENTHINT) && parent != ap->a_hint) {
2989 + parent = ap->a_hint;
2990 + goto tryparent;
2991 + }
2992 +
2993 + if (error == 0 && dvp != NULL)
2994 + *(ap->a_vpp) = dvp;
2995 + else
2996 + *(ap->a_vpp) = NULL;
2997 +
2998 + return (error);
2999 +}
3000 +
3001 struct vop_vector zfs_vnodeops;
3002 struct vop_vector zfs_fifoops;
3003
3004 @@ -5005,6 +5170,7 @@
3005 .vop_getacl = zfs_freebsd_getacl,
3006 .vop_setacl = zfs_freebsd_setacl,
3007 .vop_aclcheck = zfs_freebsd_aclcheck,
3008 + .vop_getparent = zfs_freebsd_getparent,
3009 };
3010
3011 struct vop_vector zfs_fifoops = {
3012 --- //depot/vendor/freebsd/src/sys/fs/cd9660/cd9660_vfsops.c 2010-01-23 22:40:07.000000000 0000
3013 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/cd9660/cd9660_vfsops.c 2010-05-27 14:41:11.000000000 0000
3014 @@ -84,6 +84,7 @@
3015 .vfs_statfs = cd9660_statfs,
3016 .vfs_unmount = cd9660_unmount,
3017 .vfs_vget = cd9660_vget,
3018 + .vfs_fhhint = vfs_stdfhhint,
3019 };
3020 VFS_SET(cd9660_vfsops, cd9660, VFCF_READONLY);
3021 MODULE_VERSION(cd9660, 1);
3022 --- //depot/vendor/freebsd/src/sys/fs/ext2fs/ext2_vfsops.c 2010-01-14 14:35:14.000000000 0000
3023 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/ext2fs/ext2_vfsops.c 2010-05-27 14:41:11.000000000 0000
3024 @@ -86,6 +86,7 @@
3025 .vfs_sync = ext2_sync,
3026 .vfs_unmount = ext2_unmount,
3027 .vfs_vget = ext2_vget,
3028 + .vfs_fhhint = vfs_stdfhhint,
3029 };
3030
3031 VFS_SET(ext2fs_vfsops, ext2fs, 0);
3032 --- //depot/vendor/freebsd/src/sys/fs/hpfs/hpfs_vfsops.c 2009-05-11 15:35:16.000000000 0000
3033 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/hpfs/hpfs_vfsops.c 2010-05-27 14:41:11.000000000 0000
3034 @@ -538,5 +538,6 @@
3035 .vfs_statfs = hpfs_statfs,
3036 .vfs_unmount = hpfs_unmount,
3037 .vfs_vget = hpfs_vget,
3038 + .vfs_fhhint = vfs_stdfhhint,
3039 };
3040 VFS_SET(hpfs_vfsops, hpfs, 0);
3041 --- //depot/vendor/freebsd/src/sys/fs/msdosfs/msdosfs_vfsops.c 2010-04-02 15:25:18.000000000 0000
3042 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/msdosfs/msdosfs_vfsops.c 2010-05-27 14:41:11.000000000 0000
3043 @@ -986,6 +986,7 @@
3044 .vfs_statfs = msdosfs_statfs,
3045 .vfs_sync = msdosfs_sync,
3046 .vfs_unmount = msdosfs_unmount,
3047 + .vfs_fhhint = vfs_stdfhhint,
3048 };
3049
3050 VFS_SET(msdosfs_vfsops, msdosfs, 0);
3051 --- //depot/vendor/freebsd/src/sys/fs/nfs/nfs.h 2009-06-20 17:15:14.000000000 0000
3052 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfs/nfs.h 2010-07-08 19:00:38.000000000 0000
3053 @@ -273,6 +273,10 @@
3054
3055 #define LCL_GSS LCL_KERBV /* Or of all mechs */
3056
3057 +/* flags for auditing the open RPC */
3058 +#define NFS_CREATE 0x00000010
3059 +#define NFS_TRUNC 0x00000020
3060 +
3061 /*
3062 * Bits for flags in nfslock and nfsstate.
3063 * The access, deny, NFSLCK_READ and NFSLCK_WRITE bits must be defined as
3064 --- //depot/vendor/freebsd/src/sys/fs/nfs/nfs_var.h 2010-04-24 22:55:19.000000000 0000
3065 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfs/nfs_var.h 2010-06-25 00:45:44.000000000 0000
3066 @@ -308,6 +308,7 @@
3067 NFSPATHLEN_T *);
3068 void nfsd_init(void);
3069 int nfsd_checkrootexp(struct nfsrv_descript *);
3070 +void nfsrv_auditpath(vnode_t vp, vnode_t dvp, char *fname, fhandle_t *fhp, int n);
3071
3072 /* nfs_clvfsops.c */
3073
3074 @@ -512,7 +513,7 @@
3075 NFSPROC_T *);
3076 int nfsvno_setattr(vnode_t, struct nfsvattr *, struct ucred *,
3077 NFSPROC_T *, struct nfsexstuff *);
3078 -int nfsvno_getfh(vnode_t, fhandle_t *, NFSPROC_T *);
3079 +int nfsvno_getfh(vnode_t, fhandle_t *, NFSPROC_T *, vnode_t);
3080 int nfsvno_accchk(vnode_t, accmode_t, struct ucred *,
3081 struct nfsexstuff *, NFSPROC_T *, int, int, u_int32_t *);
3082 int nfsvno_namei(struct nfsrv_descript *, struct nameidata *,
3083 --- //depot/vendor/freebsd/src/sys/fs/nfsserver/nfs_nfsdkrpc.c 2009-06-17 23:00:24.000000000 0000
3084 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfsserver/nfs_nfsdkrpc.c 2010-07-06 21:25:27.000000000 0000
3085 @@ -42,6 +42,7 @@
3086 #include <rpc/rpc.h>
3087 #include <rpc/rpcsec_gss.h>
3088
3089 +#include <security/audit/audit.h>
3090 #include <security/mac/mac_framework.h>
3091
3092 NFSDLOCKMUTEX;
3093 @@ -108,6 +109,7 @@
3094 struct nfsrv_descript nd;
3095 struct nfsrvcache *rp = NULL;
3096 int cacherep, credflavor;
3097 + int nfsprot;
3098
3099 memset(&nd, 0, sizeof(nd));
3100 if (rqst->rq_vers == NFS_VER2) {
3101 @@ -233,6 +235,12 @@
3102 cacherep = nfs_proc(&nd, rqst->rq_xid, xprt->xp_socket,
3103 xprt->xp_sockref, &rp);
3104 } else {
3105 + nfsprot = nd.nd_flag & (ND_NFSV2 | ND_NFSV3 | ND_NFSV4);
3106 + AUDIT_NFS_ENTER(NFSPROC_NULL, nd.nd_cred, curthread, nfsprot);
3107 + AUDIT_ARG_PROTOCOL(nfsprot);
3108 + if (nd.nd_nam != NULL)
3109 + AUDIT_ARG_SOCKADDR_IN((struct sockaddr_in *)nd.nd_nam);
3110 + AUDIT_NFS_EXIT(0, curthread);
3111 NFSMGET(nd.nd_mreq);
3112 nd.nd_mreq->m_len = 0;
3113 cacherep = RC_REPLY;
3114 --- //depot/vendor/freebsd/src/sys/fs/nfsserver/nfs_nfsdport.c 2010-04-04 23:22:57.000000000 0000
3115 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfsserver/nfs_nfsdport.c 2010-07-08 13:04:03.000000000 0000
3116 @@ -44,6 +44,7 @@
3117 #include <sys/sysctl.h>
3118 #include <nlm/nlm_prot.h>
3119 #include <nlm/nlm.h>
3120 +#include <security/audit/audit.h>
3121
3122 extern u_int32_t newnfs_true, newnfs_false, newnfs_xdrneg1;
3123 extern int nfsv4root_set;
3124 @@ -118,13 +119,13 @@
3125 * Get a file handle for a vnode.
3126 */
3127 int
3128 -nfsvno_getfh(struct vnode *vp, fhandle_t *fhp, struct thread *p)
3129 +nfsvno_getfh(struct vnode *vp, fhandle_t *fhp, struct thread *p, struct vnode *dvp)
3130 {
3131 int error;
3132
3133 NFSBZERO((caddr_t)fhp, sizeof(fhandle_t));
3134 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
3135 - error = VOP_VPTOFH(vp, &fhp->fh_fid);
3136 + error = VOP_VPTOFH(vp, &fhp->fh_fid, dvp);
3137 return (error);
3138 }
3139
3140 @@ -636,6 +637,7 @@
3141 uiop->uio_resid = len;
3142 uiop->uio_rw = UIO_READ;
3143 uiop->uio_segflg = UIO_SYSSPACE;
3144 + AUDIT_ARG_FFLAGS(IO_NODELOCKED | ioflag);
3145 error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
3146 FREE((caddr_t)iv2, M_TEMP);
3147 if (error) {
3148 @@ -701,6 +703,7 @@
3149 uiop->uio_segflg = UIO_SYSSPACE;
3150 NFSUIOPROC(uiop, p);
3151 uiop->uio_offset = off;
3152 + AUDIT_ARG_FFLAGS(ioflags);
3153 error = VOP_WRITE(vp, uiop, ioflags, cred);
3154 FREE((caddr_t)iv, M_TEMP);
3155 return (error);
3156 @@ -721,6 +724,7 @@
3157 if (!error && ndp->ni_vp == NULL) {
3158 if (nvap->na_type == VREG || nvap->na_type == VSOCK) {
3159 vrele(ndp->ni_startdir);
3160 + AUDIT_ARG_MODE(nvap->na_vattr.va_mode);
3161 error = VOP_CREATE(ndp->ni_dvp,
3162 &ndp->ni_vp, &ndp->ni_cnd, &nvap->na_vattr);
3163 vput(ndp->ni_dvp);
3164 @@ -752,6 +756,7 @@
3165 return (error);
3166 }
3167 nvap->na_rdev = rdev;
3168 + AUDIT_ARG_MODE(nvap->na_vattr.va_mode);
3169 error = VOP_MKNOD(ndp->ni_dvp, &ndp->ni_vp,
3170 &ndp->ni_cnd, &nvap->na_vattr);
3171 vput(ndp->ni_dvp);
3172 @@ -767,6 +772,8 @@
3173 return (ENXIO);
3174 }
3175 *vpp = ndp->ni_vp;
3176 + if (!error)
3177 + AUDIT_ARG_VNODE1(ndp->ni_vp);
3178 } else {
3179 /*
3180 * Handle cases where error is already set and/or
3181 @@ -826,11 +833,13 @@
3182 vput(ndp->ni_dvp);
3183 return (NFSERR_BADTYPE);
3184 }
3185 + AUDIT_ARG_MODE(nvap->na_vattr.va_mode);
3186 if (vtyp == VSOCK) {
3187 - vrele(ndp->ni_startdir);
3188 + vrele(ndp->ni_startdir);
3189 error = VOP_CREATE(ndp->ni_dvp, &ndp->ni_vp,
3190 &ndp->ni_cnd, &nvap->na_vattr);
3191 vput(ndp->ni_dvp);
3192 + nfsrv_auditpath(NULL, ndp->ni_dvp, ndp->ni_cnd.cn_pnbuf, NULL, 1);
3193 nfsvno_relpathbuf(ndp);
3194 } else {
3195 if (nvap->na_type != VFIFO &&
3196 @@ -843,6 +852,7 @@
3197 error = VOP_MKNOD(ndp->ni_dvp, &ndp->ni_vp,
3198 &ndp->ni_cnd, &nvap->na_vattr);
3199 vput(ndp->ni_dvp);
3200 + nfsrv_auditpath(NULL, ndp->ni_dvp, ndp->ni_cnd.cn_pnbuf, NULL, 1);
3201 nfsvno_relpathbuf(ndp);
3202 if (error)
3203 vrele(ndp->ni_startdir);
3204 @@ -851,6 +861,9 @@
3205 * see any reason to do the lookup.
3206 */
3207 }
3208 + if (!error)
3209 + AUDIT_ARG_VNODE1(ndp->ni_vp);
3210 +
3211 return (error);
3212 }
3213
3214 @@ -872,10 +885,13 @@
3215 nfsvno_relpathbuf(ndp);
3216 return (EEXIST);
3217 }
3218 + AUDIT_ARG_MODE(nvap->na_vattr.va_mode);
3219 error = VOP_MKDIR(ndp->ni_dvp, &ndp->ni_vp, &ndp->ni_cnd,
3220 &nvap->na_vattr);
3221 vput(ndp->ni_dvp);
3222 nfsvno_relpathbuf(ndp);
3223 + if (!error)
3224 + AUDIT_ARG_VNODE1(ndp->ni_vp);
3225 return (error);
3226 }
3227
3228 @@ -888,7 +904,9 @@
3229 struct nfsexstuff *exp)
3230 {
3231 int error = 0;
3232 -
3233 +
3234 + AUDIT_ARG_UPATH2(curthread, pathcp);
3235 + AUDIT_ARG_MODE(nvap->na_vattr.va_mode);
3236 if (ndp->ni_vp) {
3237 vrele(ndp->ni_startdir);
3238 nfsvno_relpathbuf(ndp);
3239 @@ -899,19 +917,21 @@
3240 vrele(ndp->ni_vp);
3241 return (EEXIST);
3242 }
3243 -
3244 +
3245 error = VOP_SYMLINK(ndp->ni_dvp, &ndp->ni_vp, &ndp->ni_cnd,
3246 &nvap->na_vattr, pathcp);
3247 vput(ndp->ni_dvp);
3248 vrele(ndp->ni_startdir);
3249 nfsvno_relpathbuf(ndp);
3250 + if (!error)
3251 + AUDIT_ARG_VNODE1(ndp->ni_vp);
3252 /*
3253 * Although FreeBSD still had the lookup code in
3254 * it for 7/current, there doesn't seem to be any
3255 * point, since VOP_SYMLINK() returns the ni_vp.
3256 * Just vput it for v2.
3257 */
3258 - if (!not_v2 && !error)
3259 + if (!not_v2 && !error)
3260 vput(ndp->ni_vp);
3261 return (error);
3262 }
3263 @@ -1107,9 +1127,16 @@
3264 }
3265 out:
3266 if (!error) {
3267 + /* extra verfs to make the audit code less racy */
3268 + vref(fromndp->ni_dvp);
3269 + vref(tondp->ni_dvp);
3270 error = VOP_RENAME(fromndp->ni_dvp, fromndp->ni_vp,
3271 &fromndp->ni_cnd, tondp->ni_dvp, tondp->ni_vp,
3272 &tondp->ni_cnd);
3273 + nfsrv_auditpath(NULL, fromndp->ni_dvp, fromndp->ni_cnd.cn_pnbuf, NULL, 1);
3274 + nfsrv_auditpath(NULL, tondp->ni_dvp, tondp->ni_cnd.cn_pnbuf, NULL, 2);
3275 + vrele(fromndp->ni_dvp);
3276 + vrele(tondp->ni_dvp);
3277 } else {
3278 if (tdvp == tvp)
3279 vrele(tdvp);
3280 @@ -1154,8 +1181,9 @@
3281 if (ndp->ni_dvp == vp)
3282 vrele(ndp->ni_dvp);
3283 else
3284 - vput(ndp->ni_dvp);
3285 + vput(ndp->ni_dvp);
3286 NFSVOPUNLOCK(vp, 0, p);
3287 + nfsrv_auditpath(NULL, ndp->ni_dvp, ndp->ni_cnd.cn_pnbuf, NULL, 1);
3288 } else {
3289 if (ndp->ni_dvp == ndp->ni_vp)
3290 vrele(ndp->ni_dvp);
3291 @@ -1292,6 +1320,7 @@
3292 if (!nd->nd_repstat) {
3293 if (ndp->ni_vp == NULL) {
3294 vrele(ndp->ni_startdir);
3295 + AUDIT_ARG_MODE(nvap->na_vattr.va_mode);
3296 nd->nd_repstat = VOP_CREATE(ndp->ni_dvp,
3297 &ndp->ni_vp, &ndp->ni_cnd, &nvap->na_vattr);
3298 vput(ndp->ni_dvp);
3299 @@ -1432,6 +1461,9 @@
3300 struct uio io;
3301 struct iovec iv;
3302
3303 + if (vp != NULL)
3304 + AUDIT_ARG_VNODE1(vp);
3305 +
3306 if (nd->nd_repstat) {
3307 nfsrv_postopattr(nd, getret, &at);
3308 return (0);
3309 @@ -1678,6 +1710,9 @@
3310 struct iovec iv;
3311 struct componentname cn;
3312
3313 + if (vp != NULL)
3314 + AUDIT_ARG_VNODE1(vp);
3315 +
3316 if (nd->nd_repstat) {
3317 nfsrv_postopattr(nd, getret, &at);
3318 return (0);
3319 @@ -1940,7 +1975,7 @@
3320 if (refp == NULL &&
3321 ((nd->nd_flag & ND_NFSV3) ||
3322 NFSNONZERO_ATTRBIT(&attrbits))) {
3323 - r = nfsvno_getfh(nvp, &nfh, p);
3324 + r = nfsvno_getfh(nvp, &nfh, p, vp);
3325 if (!r)
3326 r = nfsvno_getattr(nvp, nvap,
3327 nd->nd_cred, p);
3328 @@ -2652,7 +2687,7 @@
3329 nfsexargp->fspec, p);
3330 if ((error = namei(&nd)) != 0)
3331 return (error);
3332 - error = nfsvno_getfh(nd.ni_vp, &fh, p);
3333 + error = nfsvno_getfh(nd.ni_vp, &fh, p, NULL);
3334 vrele(nd.ni_vp);
3335 if (!error) {
3336 nfs_rootfh.nfsrvfh_len = NFSX_MYFH;
3337 --- //depot/vendor/freebsd/src/sys/fs/nfsserver/nfs_nfsdserv.c 2010-04-06 01:15:13.000000000 0000
3338 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfsserver/nfs_nfsdserv.c 2010-07-11 23:22:14.000000000 0000
3339 @@ -53,6 +53,7 @@
3340 extern struct timeval nfsboottime;
3341 extern int nfs_rootfhset, nfsv4root_set;
3342 #endif /* !APPLEKEXT */
3343 +#include <security/audit/audit.h>
3344
3345 /*
3346 * This list defines the GSS mechanisms supported.
3347 @@ -90,12 +91,15 @@
3348 u_int32_t testmode, nfsmode, supported = 0;
3349 accmode_t deletebit;
3350
3351 + if (vp != NULL)
3352 + AUDIT_ARG_VNODE1(vp);
3353 if (nd->nd_repstat) {
3354 nfsrv_postopattr(nd, 1, &nva);
3355 return (0);
3356 }
3357 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
3358 nfsmode = fxdr_unsigned(u_int32_t, *tl);
3359 + AUDIT_ARG_FFLAGS(nfsmode);
3360 if ((nd->nd_flag & ND_NFSV4) &&
3361 (nfsmode & ~(NFSACCESS_READ | NFSACCESS_LOOKUP |
3362 NFSACCESS_MODIFY | NFSACCESS_EXTEND | NFSACCESS_DELETE |
3363 @@ -173,6 +177,8 @@
3364 struct nfsreferral *refp;
3365 nfsattrbit_t attrbits;
3366
3367 + if (vp != NULL)
3368 + AUDIT_ARG_VNODE1(vp);
3369 if (nd->nd_repstat)
3370 return (0);
3371 if (nd->nd_flag & ND_NFSV4) {
3372 @@ -203,7 +209,7 @@
3373 if (!nd->nd_repstat) {
3374 if (nd->nd_flag & ND_NFSV4) {
3375 if (NFSISSET_ATTRBIT(&attrbits, NFSATTRBIT_FILEHANDLE))
3376 - nd->nd_repstat = nfsvno_getfh(vp, &fh, p);
3377 + nd->nd_repstat = nfsvno_getfh(vp, &fh, p, NULL);
3378 if (!nd->nd_repstat)
3379 nd->nd_repstat = nfsrv_checkgetattr(nd, vp,
3380 &nva, &attrbits, nd->nd_cred, p);
3381 @@ -236,7 +242,10 @@
3382 nfsattrbit_t attrbits, retbits;
3383 nfsv4stateid_t stateid;
3384 NFSACL_T *aclp = NULL;
3385 -
3386 +
3387 + if (vp)
3388 + AUDIT_ARG_VNODE1(vp);
3389 +
3390 if (nd->nd_repstat) {
3391 nfsrv_wcc(nd, preat_ret, &nva2, postat_ret, &nva);
3392 return (0);
3393 @@ -379,6 +388,7 @@
3394 if (!nd->nd_repstat)
3395 nd->nd_repstat = postat_ret;
3396 }
3397 + AUDIT_ARG_VNODE2(vp);
3398 vput(vp);
3399 #ifdef NFS4_ACL_EXTATTR_NAME
3400 acl_free(aclp);
3401 @@ -391,6 +401,7 @@
3402 nfsrv_fillattr(nd, &nva);
3403 return (0);
3404 nfsmout:
3405 + AUDIT_ARG_VNODE1(vp);
3406 vput(vp);
3407 #ifdef NFS4_ACL_EXTATTR_NAME
3408 acl_free(aclp);
3409 @@ -438,7 +449,7 @@
3410 }
3411
3412 NFSNAMEICNDSET(&named.ni_cnd, nd->nd_cred, LOOKUP,
3413 - LOCKLEAF | SAVESTART);
3414 + LOCKLEAF | SAVESTART | WANTPARENT);
3415 nfsvno_setpathbuf(&named, &bufp, &hashp);
3416 error = nfsrv_parsename(nd, bufp, hashp, &named.ni_pathlen);
3417 if (error) {
3418 @@ -467,7 +478,11 @@
3419 vrele(named.ni_startdir);
3420 nfsvno_relpathbuf(&named);
3421 vp = named.ni_vp;
3422 - nd->nd_repstat = nfsvno_getfh(vp, fhp, p);
3423 + if (vp != NULL)
3424 + AUDIT_ARG_VNODE1(vp);
3425 + nd->nd_repstat = nfsvno_getfh(vp, fhp, p, named.ni_dvp);
3426 + if (named.ni_dvp)
3427 + vrele(named.ni_dvp);
3428 if (!(nd->nd_flag & ND_NFSV4) && !nd->nd_repstat)
3429 nd->nd_repstat = nfsvno_getattr(vp, &nva, nd->nd_cred, p);
3430 if (vpp) {
3431 @@ -510,6 +525,8 @@
3432 int getret = 1, len;
3433 struct nfsvattr nva;
3434
3435 + if (vp != NULL)
3436 + AUDIT_ARG_VNODE1(vp);
3437 if (nd->nd_repstat) {
3438 nfsrv_postopattr(nd, getret, &nva);
3439 return (0);
3440 @@ -555,6 +572,8 @@
3441 nfsv4stateid_t stateid;
3442 nfsquad_t clientid;
3443
3444 + if (vp != NULL)
3445 + AUDIT_ARG_VNODE1(vp);
3446 if (nd->nd_repstat) {
3447 nfsrv_postopattr(nd, getret, &nva);
3448 return (0);
3449 @@ -594,6 +613,7 @@
3450 nd->nd_flag |= ND_IMPLIEDCLID;
3451 nd->nd_clientid.qval = clientid.qval;
3452 }
3453 + AUDIT_ARG_CLIENTID(clientid.qval);
3454 stp->ls_stateid.other[2] = *tl++;
3455 off = fxdr_hyper(tl);
3456 lop->lo_first = off;
3457 @@ -710,6 +730,8 @@
3458 nfsv4stateid_t stateid;
3459 nfsquad_t clientid;
3460
3461 + if (vp != NULL)
3462 + AUDIT_ARG_VNODE1(vp);
3463 if (nd->nd_repstat) {
3464 nfsrv_wcc(nd, forat_ret, &forat, aftat_ret, &nva);
3465 return (0);
3466 @@ -742,6 +764,7 @@
3467 nd->nd_flag |= ND_IMPLIEDCLID;
3468 nd->nd_clientid.qval = clientid.qval;
3469 }
3470 + AUDIT_ARG_CLIENTID(clientid.qval);
3471 stp->ls_stateid.other[2] = *tl++;
3472 off = fxdr_hyper(tl);
3473 lop->lo_first = off;
3474 @@ -990,11 +1013,12 @@
3475 &exclusive_flag, cverf, rdev, p, exp);
3476
3477 if (!nd->nd_repstat) {
3478 - nd->nd_repstat = nfsvno_getfh(vp, &fh, p);
3479 + nd->nd_repstat = nfsvno_getfh(vp, &fh, p, named.ni_dvp);
3480 if (!nd->nd_repstat)
3481 nd->nd_repstat = nfsvno_getattr(vp, &nva, nd->nd_cred,
3482 p);
3483 vput(vp);
3484 + nfsrv_auditpath(vp, NULL, NULL, &fh, 1);
3485 if (!nd->nd_repstat) {
3486 tverf[0] = nva.na_atime.tv_sec;
3487 tverf[1] = nva.na_atime.tv_nsec;
3488 @@ -1062,6 +1086,7 @@
3489 if (nd->nd_flag & ND_NFSV4) {
3490 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
3491 vtyp = nfsv34tov_type(*tl);
3492 + AUDIT_ARG_VTYPE(vtyp);
3493 nfs4type = fxdr_unsigned(nfstype, *tl);
3494 switch (nfs4type) {
3495 case NFLNK:
3496 @@ -1114,6 +1139,7 @@
3497 if (nd->nd_flag & ND_NFSV3) {
3498 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
3499 vtyp = nfsv34tov_type(*tl);
3500 + AUDIT_ARG_VTYPE(vtyp);
3501 }
3502 error = nfsrv_sattr(nd, &nva, &attrbits, aclp, p);
3503 if (error) {
3504 @@ -1211,10 +1237,10 @@
3505 }
3506
3507 nd->nd_repstat = nfsvno_mknod(&named, &nva, nd->nd_cred, p);
3508 - if (!nd->nd_repstat) {
3509 + if (!nd->nd_repstat) {
3510 vp = named.ni_vp;
3511 nfsrv_fixattr(nd, vp, &nva, aclp, p, &attrbits, exp);
3512 - nd->nd_repstat = nfsvno_getfh(vp, fhp, p);
3513 + nd->nd_repstat = nfsvno_getfh(vp, fhp, p, named.ni_dvp);
3514 if ((nd->nd_flag & ND_NFSV3) && !nd->nd_repstat)
3515 nd->nd_repstat = nfsvno_getattr(vp, &nva, nd->nd_cred,
3516 p);
3517 @@ -1317,6 +1343,7 @@
3518 nd->nd_repstat = nfsvno_removesub(&named, 0,
3519 nd->nd_cred, p, exp);
3520 }
3521 + nfsrv_auditpath(NULL, named.ni_dvp, named.ni_cnd.cn_pnbuf, NULL, 1);
3522 }
3523 if (!(nd->nd_flag & ND_NFSV2)) {
3524 if (dirp) {
3525 @@ -1437,7 +1464,7 @@
3526
3527 /*
3528 * Done parsing, now down to business.
3529 - */
3530 + */
3531 nd->nd_repstat = nfsvno_namei(nd, &fromnd, dp, 1, exp, p, &fdirp);
3532 if (nd->nd_repstat) {
3533 if (nd->nd_flag & ND_NFSV3) {
3534 @@ -1457,6 +1484,8 @@
3535 nfsvno_relpathbuf(&tond);
3536 return (0);
3537 }
3538 + if (fromnd.ni_vp != NULL)
3539 + AUDIT_ARG_VNODE1(fromnd.ni_vp);
3540 if (vnode_vtype(fromnd.ni_vp) == VDIR)
3541 tond.ni_cnd.cn_flags |= WILLBEDIR;
3542 nd->nd_repstat = nfsvno_namei(nd, &tond, tdp, 0, &tnes, p, &tdirp);
3543 @@ -1510,6 +1539,8 @@
3544 char *bufp;
3545 u_long *hashp;
3546
3547 + if (vp != NULL)
3548 + AUDIT_ARG_VNODE1(vp);
3549 if (nd->nd_repstat) {
3550 nfsrv_postopattr(nd, getret, &at);
3551 nfsrv_wcc(nd, dirfor_ret, &dirfor, diraft_ret, &diraft);
3552 @@ -1698,11 +1729,13 @@
3553 if (!nd->nd_repstat && !(nd->nd_flag & ND_NFSV2)) {
3554 nfsrv_fixattr(nd, ndp->ni_vp, nvap, aclp, p, attrbitp, exp);
3555 if (nd->nd_flag & ND_NFSV3) {
3556 - nd->nd_repstat = nfsvno_getfh(ndp->ni_vp, fhp, p);
3557 + nd->nd_repstat = nfsvno_getfh(ndp->ni_vp, fhp, p, ndp->ni_dvp);
3558 if (!nd->nd_repstat)
3559 nd->nd_repstat = nfsvno_getattr(ndp->ni_vp,
3560 nvap, nd->nd_cred, p);
3561 }
3562 + else if (nd->nd_flag & ND_NFSV4)
3563 + nfsvno_getfh(ndp->ni_vp, fhp, p, ndp->ni_dvp);
3564 if (vpp) {
3565 NFSVOPUNLOCK(ndp->ni_vp, 0, p);
3566 *vpp = ndp->ni_vp;
3567 @@ -1796,7 +1829,6 @@
3568 */
3569 nfsrvd_mkdirsub(nd, &named, &nva, fhp, vpp, dirp, &dirfor, &diraft,
3570 &diraft_ret, NULL, NULL, p, exp);
3571 -
3572 if (nd->nd_flag & ND_NFSV3) {
3573 if (!nd->nd_repstat) {
3574 (void) nfsm_fhtom(nd, (u_int8_t *)fhp, 0, 1);
3575 @@ -1833,7 +1865,7 @@
3576 if (!nd->nd_repstat) {
3577 vp = ndp->ni_vp;
3578 nfsrv_fixattr(nd, vp, nvap, aclp, p, attrbitp, exp);
3579 - nd->nd_repstat = nfsvno_getfh(vp, fhp, p);
3580 + nd->nd_repstat = nfsvno_getfh(vp, fhp, p, ndp->ni_dvp);
3581 if (!(nd->nd_flag & ND_NFSV4) && !nd->nd_repstat)
3582 nd->nd_repstat = nfsvno_getattr(vp, nvap, nd->nd_cred,
3583 p);
3584 @@ -1870,6 +1902,8 @@
3585 int error = 0, for_ret = 1, aft_ret = 1, cnt;
3586 u_int64_t off;
3587
3588 + if (vp != NULL)
3589 + AUDIT_ARG_VNODE1(vp);
3590 if (nd->nd_repstat) {
3591 nfsrv_wcc(nd, for_ret, &bfor, aft_ret, &aft);
3592 return (0);
3593 @@ -1915,6 +1949,8 @@
3594 struct statfs sfs;
3595 u_quad_t tval;
3596
3597 + if (vp != NULL)
3598 + AUDIT_ARG_VNODE1(vp);
3599 if (nd->nd_repstat) {
3600 nfsrv_postopattr(nd, getret, &at);
3601 return (0);
3602 @@ -1968,6 +2004,8 @@
3603 int getret = 1;
3604 struct nfsvattr at;
3605
3606 + if (vp != NULL)
3607 + AUDIT_ARG_VNODE1(vp);
3608 if (nd->nd_repstat) {
3609 nfsrv_postopattr(nd, getret, &at);
3610 return (0);
3611 @@ -2004,6 +2042,8 @@
3612 register_t linkmax, namemax, chownres, notrunc;
3613 struct nfsvattr at;
3614
3615 + if (vp != NULL)
3616 + AUDIT_ARG_VNODE1(vp);
3617 if (nd->nd_repstat) {
3618 nfsrv_postopattr(nd, getret, &at);
3619 return (0);
3620 @@ -2058,8 +2098,11 @@
3621 nfsv4stateid_t stateid;
3622 nfsquad_t clientid;
3623
3624 + if (vp != NULL)
3625 + AUDIT_ARG_VNODE1(vp);
3626 NFSM_DISSECT(tl, u_int32_t *, 7 * NFSX_UNSIGNED);
3627 i = fxdr_unsigned(int, *tl++);
3628 + AUDIT_ARG_LOCKTYPE(i);
3629 switch (i) {
3630 case NFSV4LOCKT_READW:
3631 flags |= NFSLCK_BLOCKING;
3632 @@ -2109,9 +2152,12 @@
3633 nd->nd_flag |= ND_IMPLIEDCLID;
3634 nd->nd_clientid.qval = clientid.qval;
3635 }
3636 + AUDIT_ARG_CLIENTID(clientid.qval);
3637 error = nfsrv_mtostr(nd, stp->ls_owner, stp->ls_ownerlen);
3638 if (error)
3639 goto nfsmout;
3640 + else
3641 + AUDIT_ARG_LOCKOWNER(stp->ls_owner, stp->ls_ownerlen);
3642 } else {
3643 NFSM_DISSECT(tl, u_int32_t *, NFSX_STATEID + NFSX_UNSIGNED);
3644 MALLOC(stp, struct nfsstate *, sizeof (struct nfsstate),
3645 @@ -2132,6 +2178,7 @@
3646 nd->nd_flag |= ND_IMPLIEDCLID;
3647 nd->nd_clientid.qval = clientid.qval;
3648 }
3649 + AUDIT_ARG_CLIENTID(clientid.qval);
3650 }
3651 MALLOC(lop, struct nfslock *, sizeof (struct nfslock),
3652 M_NFSDLOCK, M_WAITOK);
3653 @@ -2231,6 +2278,8 @@
3654 nfsquad_t clientid;
3655 u_int64_t len;
3656
3657 + if (vp != NULL)
3658 + AUDIT_ARG_VNODE1(vp);
3659 NFSM_DISSECT(tl, u_int32_t *, 8 * NFSX_UNSIGNED);
3660 i = fxdr_unsigned(int, *(tl + 7));
3661 if (i <= 0 || i > NFSV4_OPAQUELIMIT) {
3662 @@ -2244,6 +2293,7 @@
3663 stp->ls_flags = NFSLCK_TEST;
3664 stp->ls_uid = nd->nd_cred->cr_uid;
3665 i = fxdr_unsigned(int, *tl++);
3666 + AUDIT_ARG_LOCKTYPE(i);
3667 switch (i) {
3668 case NFSV4LOCKT_READW:
3669 stp->ls_flags |= NFSLCK_BLOCKING;
3670 @@ -2279,9 +2329,12 @@
3671 nd->nd_flag |= ND_IMPLIEDCLID;
3672 nd->nd_clientid.qval = clientid.qval;
3673 }
3674 + AUDIT_ARG_CLIENTID(clientid.qval);
3675 error = nfsrv_mtostr(nd, stp->ls_owner, stp->ls_ownerlen);
3676 if (error)
3677 goto nfsmout;
3678 + else
3679 + AUDIT_ARG_LOCKOWNER(stp->ls_owner, stp->ls_ownerlen);
3680 if (!nd->nd_repstat && vnode_vtype(vp) != VREG) {
3681 if (vnode_vtype(vp) == VDIR)
3682 nd->nd_repstat = NFSERR_ISDIR;
3683 @@ -2338,6 +2391,8 @@
3684 nfsquad_t clientid;
3685 u_int64_t len;
3686
3687 + if (vp != NULL)
3688 + AUDIT_ARG_VNODE1(vp);
3689 NFSM_DISSECT(tl, u_int32_t *, 6 * NFSX_UNSIGNED + NFSX_STATEID);
3690 MALLOC(stp, struct nfsstate *, sizeof (struct nfsstate),
3691 M_NFSDSTATE, M_WAITOK);
3692 @@ -2347,6 +2402,7 @@
3693 lop->lo_flags = NFSLCK_UNLOCK;
3694 stp->ls_op = nd->nd_rp;
3695 i = fxdr_unsigned(int, *tl++);
3696 + AUDIT_ARG_LOCKTYPE(i);
3697 switch (i) {
3698 case NFSV4LOCKT_READW:
3699 stp->ls_flags |= NFSLCK_BLOCKING;
3700 @@ -2388,6 +2444,7 @@
3701 nd->nd_flag |= ND_IMPLIEDCLID;
3702 nd->nd_clientid.qval = clientid.qval;
3703 }
3704 + AUDIT_ARG_CLIENTID(clientid.qval);
3705 if (!nd->nd_repstat && vnode_vtype(vp) != VREG) {
3706 if (vnode_vtype(vp) == VDIR)
3707 nd->nd_repstat = NFSERR_ISDIR;
3708 @@ -2420,7 +2477,7 @@
3709 */
3710 APPLESTATIC int
3711 nfsrvd_open(struct nfsrv_descript *nd, __unused int isdgram,
3712 - vnode_t dp, vnode_t *vpp, __unused fhandle_t *fhp, NFSPROC_T *p,
3713 + vnode_t dp, vnode_t *vpp, fhandle_t *fhp, NFSPROC_T *p,
3714 struct nfsexstuff *exp)
3715 {
3716 u_int32_t *tl;
3717 @@ -2439,6 +2496,7 @@
3718 char *bufp = NULL;
3719 u_long *hashp;
3720 NFSACL_T *aclp = NULL;
3721 + int AUDIT_flags = 0;
3722
3723 #ifdef NFS4_ACL_EXTATTR_NAME
3724 aclp = acl_alloc(M_WAITOK);
3725 @@ -2494,6 +2552,8 @@
3726 default:
3727 nd->nd_repstat = NFSERR_INVAL;
3728 };
3729 + AUDIT_flags = stp->ls_flags & ( NFSLCK_READACCESS | NFSLCK_WRITEACCESS
3730 + | NFSLCK_READDENY | NFSLCK_WRITEDENY);
3731 clientid.lval[0] = *tl++;
3732 clientid.lval[1] = *tl;
3733 if (nd->nd_flag & ND_IMPLIEDCLID) {
3734 @@ -2503,6 +2563,7 @@
3735 nd->nd_flag |= ND_IMPLIEDCLID;
3736 nd->nd_clientid.qval = clientid.qval;
3737 }
3738 + AUDIT_ARG_CLIENTID(clientid.qval);
3739 error = nfsrv_mtostr(nd, stp->ls_owner, stp->ls_ownerlen);
3740 if (error) {
3741 vrele(dp);
3742 @@ -2515,6 +2576,8 @@
3743 NFSVNO_ATTRINIT(&nva);
3744 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED);
3745 create = fxdr_unsigned(int, *tl);
3746 + if (create)
3747 + AUDIT_flags |= NFS_CREATE;
3748 if (!nd->nd_repstat)
3749 nd->nd_repstat = nfsvno_getattr(dp, &dirfor, nd->nd_cred, p);
3750 if (create == NFSV4OPEN_CREATE) {
3751 @@ -2525,7 +2588,7 @@
3752 switch (how) {
3753 case NFSCREATE_UNCHECKED:
3754 case NFSCREATE_GUARDED:
3755 - error = nfsv4_sattr(nd, &nva, &attrbits, aclp, p);
3756 + error = nfsv4_sattr(nd, &nva, &attrbits, aclp, p);
3757 if (error) {
3758 vrele(dp);
3759 #ifdef NFS4_ACL_EXTATTR_NAME
3760 @@ -2648,6 +2711,9 @@
3761 nva.na_mode = 0;
3762 };
3763 }
3764 + /* XXXgpf: not sure this means that we are to truncate the file */
3765 + if (NFSVNO_ISSETSIZE(&nva) && nva.na_size == 0)
3766 + AUDIT_flags |= NFS_TRUNC;
3767 nfsvno_open(nd, &named, clientid, &stateid, stp,
3768 &exclusive_flag, &nva, cverf, create, aclp, &attrbits,
3769 nd->nd_cred, p, exp, &vp);
3770 @@ -2685,6 +2751,7 @@
3771 FREE((caddr_t)stp, M_NFSDSTATE);
3772 return (0);
3773 }
3774 + AUDIT_ARG_FFLAGS(AUDIT_flags);
3775
3776 /*
3777 * Do basic access checking.
3778 @@ -2731,8 +2798,10 @@
3779 * below, to avoid a deadlock with the lookup in nfsvno_namei() above.
3780 * (ie: Leave the NFSVOPUNLOCK() about here.)
3781 */
3782 - if (vp)
3783 + if (vp) {
3784 + AUDIT_ARG_VNODE1(vp);
3785 NFSVOPUNLOCK(vp, 0, p);
3786 + }
3787 if (stp)
3788 FREE((caddr_t)stp, M_NFSDSTATE);
3789 if (!nd->nd_repstat && dirp)
3790 @@ -2793,6 +2862,7 @@
3791 (void) nfsm_strtom(nd, "OWNER@", 6);
3792 }
3793 *vpp = vp;
3794 + nfsvno_getfh(vp, fhp, p, dp);
3795 } else if (vp) {
3796 vrele(vp);
3797 }
3798 @@ -2824,7 +2894,9 @@
3799 int error = 0;
3800 nfsv4stateid_t stateid;
3801 nfsquad_t clientid;
3802 -
3803 +
3804 + if (vp != NULL)
3805 + AUDIT_ARG_VNODE1(vp);
3806 NFSM_DISSECT(tl, u_int32_t *, NFSX_UNSIGNED + NFSX_STATEID);
3807 stp->ls_seq = fxdr_unsigned(u_int32_t, *tl++);
3808 stp->ls_ownerlen = 0;
3809 @@ -2843,6 +2915,7 @@
3810 nd->nd_flag |= ND_IMPLIEDCLID;
3811 nd->nd_clientid.qval = clientid.qval;
3812 }
3813 + AUDIT_ARG_CLIENTID(clientid.qval);
3814 nd->nd_repstat = nfsrv_openupdate(vp, stp, clientid, &stateid, nd, p);
3815 vput(vp);
3816 if (!nd->nd_repstat) {
3817 @@ -2882,6 +2955,7 @@
3818 nd->nd_flag |= ND_IMPLIEDCLID;
3819 nd->nd_clientid.qval = clientid.qval;
3820 }
3821 + AUDIT_ARG_CLIENTID(clientid.qval);
3822 nd->nd_repstat = nfsrv_delegupdate(clientid, NULL, NULL,
3823 NFSV4OP_DELEGPURGE, nd->nd_cred, p);
3824 nfsmout:
3825 @@ -2900,6 +2974,8 @@
3826 nfsv4stateid_t stateid;
3827 nfsquad_t clientid;
3828
3829 + if (vp != NULL)
3830 + AUDIT_ARG_VNODE1(vp);
3831 NFSM_DISSECT(tl, u_int32_t *, NFSX_STATEID);
3832 stateid.seqid = fxdr_unsigned(u_int32_t, *tl++);
3833 NFSBCOPY((caddr_t)tl, (caddr_t)stateid.other, NFSX_STATEIDOTHER);
3834 @@ -2912,6 +2988,7 @@
3835 nd->nd_flag |= ND_IMPLIEDCLID;
3836 nd->nd_clientid.qval = clientid.qval;
3837 }
3838 + AUDIT_ARG_CLIENTID(clientid.qval);
3839 nd->nd_repstat = nfsrv_delegupdate(clientid, &stateid, vp,
3840 NFSV4OP_DELEGRETURN, nd->nd_cred, p);
3841 nfsmout:
3842 @@ -2928,7 +3005,7 @@
3843 {
3844 fhandle_t fh;
3845
3846 - nd->nd_repstat = nfsvno_getfh(vp, &fh, p);
3847 + nd->nd_repstat = nfsvno_getfh(vp, &fh, p, NULL);
3848 vput(vp);
3849 if (!nd->nd_repstat)
3850 (void) nfsm_fhtom(nd, (u_int8_t *)&fh, 0, 0);
3851 @@ -2948,6 +3025,8 @@
3852 nfsv4stateid_t stateid;
3853 nfsquad_t clientid;
3854
3855 + if (vp != NULL)
3856 + AUDIT_ARG_VNODE1(vp);
3857 NFSM_DISSECT(tl, u_int32_t *, NFSX_STATEID + NFSX_UNSIGNED);
3858 stp->ls_ownerlen = 0;
3859 stp->ls_op = nd->nd_rp;
3860 @@ -2967,6 +3046,7 @@
3861 nd->nd_flag |= ND_IMPLIEDCLID;
3862 nd->nd_clientid.qval = clientid.qval;
3863 }
3864 + AUDIT_ARG_CLIENTID(clientid.qval);
3865 nd->nd_repstat = nfsrv_openupdate(vp, stp, clientid, &stateid, nd, p);
3866 if (!nd->nd_repstat) {
3867 NFSM_BUILD(tl, u_int32_t *, NFSX_STATEID);
3868 @@ -2992,6 +3072,8 @@
3869 nfsv4stateid_t stateid;
3870 nfsquad_t clientid;
3871
3872 + if (vp != NULL)
3873 + AUDIT_ARG_VNODE1(vp);
3874 NFSM_DISSECT(tl, u_int32_t *, NFSX_STATEID + 3 * NFSX_UNSIGNED);
3875 stp->ls_ownerlen = 0;
3876 stp->ls_op = nd->nd_rp;
3877 @@ -3042,6 +3124,7 @@
3878 nd->nd_flag |= ND_IMPLIEDCLID;
3879 nd->nd_clientid.qval = clientid.qval;
3880 }
3881 + AUDIT_ARG_CLIENTID(clientid.qval);
3882 if (!nd->nd_repstat)
3883 nd->nd_repstat = nfsrv_openupdate(vp, stp, clientid, &stateid,
3884 nd, p);
3885 @@ -3081,6 +3164,7 @@
3886 nd->nd_flag |= ND_IMPLIEDCLID;
3887 nd->nd_clientid.qval = clientid.qval;
3888 }
3889 + AUDIT_ARG_CLIENTID(clientid.qval);
3890 nd->nd_repstat = nfsrv_getclient(clientid, (CLOPS_RENEWOP|CLOPS_RENEW),
3891 NULL, (nfsquad_t)((u_quad_t)0), nd, p);
3892 nfsmout:
3893 @@ -3132,7 +3216,7 @@
3894 nfsvno_relpathbuf(&named);
3895 fh.nfsrvfh_len = NFSX_MYFH;
3896 vp = named.ni_vp;
3897 - nd->nd_repstat = nfsvno_getfh(vp, (fhandle_t *)fh.nfsrvfh_data, p);
3898 + nd->nd_repstat = nfsvno_getfh(vp, (fhandle_t *)fh.nfsrvfh_data, p, NULL);
3899 mp = vnode_mount(vp); /* so it won't try to re-lock filesys */
3900 retnes.nes_vfslocked = exp->nes_vfslocked;
3901 vput(vp);
3902 @@ -3247,6 +3331,7 @@
3903 clp->lc_namelen = nd->nd_princlen;
3904 clp->lc_name = &clp->lc_id[idlen];
3905 NFSBCOPY(nd->nd_principal, clp->lc_name, clp->lc_namelen);
3906 + AUDIT_ARG_CLIENTNAME(clp->lc_name, clp->lc_namelen);
3907 } else {
3908 clp->lc_uid = nd->nd_cred->cr_uid;
3909 clp->lc_gid = nd->nd_cred->cr_gid;
3910 @@ -3267,6 +3352,7 @@
3911 * so it should be free'd.
3912 */
3913 nd->nd_repstat = nfsrv_setclient(nd, &clp, &clientid, &confirm, p);
3914 + AUDIT_ARG_CLIENTID(clientid.qval);
3915 if (nd->nd_repstat == NFSERR_CLIDINUSE) {
3916 if (clp->lc_flags & LCL_TCPCALLBACK)
3917 (void) nfsm_strtom(nd, "tcp", 3);
3918 @@ -3324,7 +3410,7 @@
3919 clientid.lval[1] = *tl++;
3920 confirm.lval[0] = *tl++;
3921 confirm.lval[1] = *tl;
3922 -
3923 + AUDIT_ARG_CLIENTID(clientid.qval);
3924 /*
3925 * nfsrv_getclient() searches the client list for a match and
3926 * returns the appropriate NFSERR status.
3927 @@ -3348,11 +3434,13 @@
3928 struct nfsfsinfo fs;
3929 fhandle_t fh;
3930
3931 + if (vp != NULL)
3932 + AUDIT_ARG_VNODE1(vp);
3933 nd->nd_repstat = nfsvno_getattr(vp, &nva, nd->nd_cred, p);
3934 if (!nd->nd_repstat)
3935 nd->nd_repstat = nfsvno_statfs(vp, &sf);
3936 if (!nd->nd_repstat)
3937 - nd->nd_repstat = nfsvno_getfh(vp, &fh, p);
3938 + nd->nd_repstat = nfsvno_getfh(vp, &fh, p, NULL);
3939 if (!nd->nd_repstat) {
3940 nfsvno_getfs(&fs, isdgram);
3941 error = nfsv4_loadattr(nd, vp, &nva, NULL, &fh, fhsize, NULL,
3942 @@ -3428,9 +3516,12 @@
3943 nd->nd_flag |= ND_IMPLIEDCLID;
3944 nd->nd_clientid.qval = clientid.qval;
3945 }
3946 + AUDIT_ARG_CLIENTID(clientid.qval);
3947 error = nfsrv_mtostr(nd, stp->ls_owner, len);
3948 if (error)
3949 goto nfsmout;
3950 + else
3951 + AUDIT_ARG_LOCKOWNER(stp->ls_owner, len);
3952 nd->nd_repstat = nfsrv_releaselckown(stp, clientid, p);
3953 FREE((caddr_t)stp, M_NFSDSTATE);
3954 return (0);
3955 --- //depot/vendor/freebsd/src/sys/fs/nfsserver/nfs_nfsdsocket.c 2009-05-26 01:20:14.000000000 0000
3956 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfsserver/nfs_nfsdsocket.c 2010-07-11 16:53:25.000000000 0000
3957 @@ -268,6 +268,8 @@
3958 };
3959 #endif /* !APPLEKEXT */
3960
3961 +#include <security/audit/audit.h>
3962 +
3963 /*
3964 * Static array that defines which nfs rpc's are nonidempotent
3965 */
3966 @@ -356,9 +358,11 @@
3967 {
3968 int error = 0;
3969 vnode_t vp;
3970 + vnode_t AUDIT_vp;
3971 mount_t mp = NULL;
3972 struct nfsrvfh fh;
3973 struct nfsexstuff nes;
3974 + int nfsprot;
3975
3976 /*
3977 * Get a locked vnode for the first file handle
3978 @@ -427,21 +431,52 @@
3979 * The procedures are in three groups with different arguments.
3980 * The group is indicated by the value in nfs_retfh[].
3981 */
3982 - if (nd->nd_flag & ND_NFSV4) {
3983 + if (nd->nd_flag & ND_NFSV4)
3984 nfsrvd_compound(nd, isdgram, p);
3985 - } else {
3986 + else {
3987 + nfsprot = nd->nd_flag & (ND_NFSV2 | ND_NFSV3);
3988 + AUDIT_NFS_ENTER(nd->nd_procnum, nd->nd_cred, curthread, nfsprot);
3989 + if (nd->nd_nam != NULL)
3990 + AUDIT_ARG_SOCKADDR_IN((struct sockaddr_in *)nd->nd_nam);
3991 + AUDIT_ARG_PROTOCOL(nfsprot);
3992 if (nfs_retfh[nd->nd_procnum] == 1) {
3993 if (vp)
3994 NFSVOPUNLOCK(vp, 0, p);
3995 + AUDIT_vp = NULL;
3996 error = (*(nfsrv3_procs1[nd->nd_procnum]))(nd, isdgram,
3997 - vp, NULL, (fhandle_t *)fh.nfsrvfh_data, p, &nes);
3998 + vp, &AUDIT_vp, (fhandle_t *)fh.nfsrvfh_data, p, &nes);
3999 + if (AUDIT_vp != NULL) {
4000 + if (nd->nd_procnum != NFSPROC_MKNOD)
4001 + nfsrv_auditpath(AUDIT_vp, NULL, NULL,
4002 + (fhandle_t *)fh.nfsrvfh_data, 1);
4003 + vrele(AUDIT_vp);
4004 + }
4005 } else if (nfs_retfh[nd->nd_procnum] == 2) {
4006 + if (vp != NULL)
4007 + vref(vp);
4008 error = (*(nfsrv3_procs2[nd->nd_procnum]))(nd, isdgram,
4009 vp, NULL, p, &nes, NULL);
4010 + if (vp != NULL) {
4011 + if (nd->nd_procnum == NFSPROC_LINK)
4012 + nfsrv_auditpath(vp, NULL, NULL,
4013 + (fhandle_t *)fh.nfsrvfh_data, 2);
4014 + vrele(vp);
4015 + }
4016 } else {
4017 + if (vp != NULL)
4018 + vref(vp);
4019 error = (*(nfsrv3_procs0[nd->nd_procnum]))(nd, isdgram,
4020 vp, p, &nes);
4021 + if (vp != NULL) {
4022 + if (nd->nd_procnum != NFSPROC_CREATE &&
4023 + nd->nd_procnum != NFSPROC_RMDIR &&
4024 + nd->nd_procnum != NFSPROC_REMOVE)
4025 + nfsrv_auditpath(vp, NULL, NULL,
4026 + (fhandle_t *)fh.nfsrvfh_data, 1);
4027 + vrele(vp);
4028 + }
4029 }
4030 + AUDIT_NFS_EXIT(nd->nd_repstat, curthread);
4031 if (mp) {
4032 if (nfs_writerpc[nd->nd_procnum])
4033 NFS_ENDWRITE(mp);
4034 @@ -494,7 +529,7 @@
4035 u_int32_t minorvers, retops = 0, *retopsp = NULL, *repp;
4036 u_char tag[NFSV4_SMALLSTR + 1], *tagstr;
4037 vnode_t vp, nvp, savevp;
4038 - struct nfsrvfh fh;
4039 + struct nfsrvfh fh, savefh;
4040 mount_t mp, savemp;
4041 struct ucred *credanon;
4042 struct nfsexstuff nes, vpnes, savevpnes;
4043 @@ -697,12 +732,18 @@
4044 }
4045 if (nfsv4_opflag[op].savereply)
4046 nd->nd_flag |= ND_SAVEREPLY;
4047 - NFSINCRGLOBAL(newnfsstats.srvrpccnt[nd->nd_procnum]);
4048 + NFSINCRGLOBAL(newnfsstats.srvrpccnt[nd->nd_procnum]);
4049 + AUDIT_NFS_ENTER(op, nd->nd_cred, curthread, ND_NFSV4);
4050 + if (nd->nd_nam != NULL)
4051 + AUDIT_ARG_SOCKADDR_IN((struct sockaddr_in *)nd->nd_nam);
4052 + AUDIT_ARG_PROTOCOL(ND_NFSV4);
4053 switch (op) {
4054 case NFSV4OP_PUTFH:
4055 error = nfsrv_mtofh(nd, &fh);
4056 - if (error)
4057 + if (error) {
4058 + printf("error! %p\n", curthread);
4059 goto nfsmout;
4060 + }
4061 if (!nd->nd_repstat) {
4062 nes.nes_vfslocked = vpnes.nes_vfslocked;
4063 nfsd_fhtovp(nd, &fh, &nvp, &nes, &mp,
4064 @@ -713,7 +754,12 @@
4065 if (vp)
4066 vrele(vp);
4067 vp = nvp;
4068 + vref(vp);
4069 + AUDIT_ARG_VNODE1(vp);
4070 NFSVOPUNLOCK(vp, 0, p);
4071 + nfsrv_auditpath(vp, NULL, NULL,
4072 + (fhandle_t *)fh.nfsrvfh_data, 1);
4073 + vrele(vp);
4074 vpnes = nes;
4075 }
4076 break;
4077 @@ -729,8 +775,14 @@
4078 if (vp)
4079 vrele(vp);
4080 vp = nvp;
4081 + vref(vp);
4082 + AUDIT_ARG_VNODE1(vp);
4083 NFSVOPUNLOCK(vp, 0, p);
4084 + nfsrv_auditpath(vp, NULL, NULL,
4085 + (fhandle_t *)nfs_pubfh.nfsrvfh_data, 1);
4086 + vrele(vp);
4087 vpnes = nes;
4088 + NFSBCOPY(&nfs_pubfh, &fh, sizeof(fh));
4089 }
4090 break;
4091 case NFSV4OP_PUTROOTFH:
4092 @@ -742,8 +794,14 @@
4093 if (vp)
4094 vrele(vp);
4095 vp = nvp;
4096 + vref(vp);
4097 + AUDIT_ARG_VNODE1(vp);
4098 NFSVOPUNLOCK(vp, 0, p);
4099 + nfsrv_auditpath(vp, NULL, NULL,
4100 + (fhandle_t *)nfs_rootfh.nfsrvfh_data, 1);
4101 + vrele(vp);
4102 vpnes = nes;
4103 + NFSBCOPY(&nfs_rootfh, &fh, sizeof(fh));
4104 }
4105 } else if (nfsv4root_vp && nfsv4root_set) {
4106 if (vp) {
4107 @@ -756,6 +814,7 @@
4108 NFSVNO_SETEXRDONLY(&vpnes);
4109 vpnes.nes_vfslocked = 0;
4110 mp = vnode_mount(vp);
4111 + NFSBCOPY(&nfs_rootfh, &fh, sizeof(fh));
4112 } else {
4113 nd->nd_repstat = NFSERR_NOFILEHANDLE;
4114 }
4115 @@ -771,7 +830,15 @@
4116 savevp = vp;
4117 savevpnes = vpnes;
4118 savemp = mp;
4119 + NFSBCOPY(&fh, &savefh, sizeof(fh));
4120 }
4121 + if (savevp) {
4122 + nfsrv_auditpath(savevp, NULL, NULL,
4123 + (fhandle_t *)fh.nfsrvfh_data, 1);
4124 + vn_lock(savevp, LK_EXCLUSIVE);
4125 + AUDIT_ARG_VNODE1(savevp);
4126 + VOP_UNLOCK(savevp, 0);
4127 + }
4128 } else {
4129 nd->nd_repstat = NFSERR_NOFILEHANDLE;
4130 }
4131 @@ -779,6 +846,13 @@
4132 case NFSV4OP_RESTOREFH:
4133 if (savevp) {
4134 nd->nd_repstat = 0;
4135 + vref(savevp);
4136 + nfsrv_auditpath(savevp, NULL, NULL,
4137 + (fhandle_t *)savefh.nfsrvfh_data, 1);
4138 + vn_lock(savevp, LK_EXCLUSIVE);
4139 + AUDIT_ARG_VNODE1(savevp);
4140 + VOP_UNLOCK(savevp, 0);
4141 + vrele(savevp);
4142 /* If vp == savevp, a no-op */
4143 if (vp != savevp) {
4144 VREF(savevp);
4145 @@ -799,11 +873,28 @@
4146 vp = savevp;
4147 vpnes = savevpnes;
4148 mp = savemp;
4149 + NFSBCOPY(&savefh, &fh, sizeof(fh));
4150 }
4151 } else {
4152 nd->nd_repstat = NFSERR_RESTOREFH;
4153 }
4154 break;
4155 + /*
4156 + * XXXgpf:
4157 + * NFSV4OP_GETFH hack so that current filehandle, with the hint stored inside,
4158 + * is returned instead of recomputing the filehandle and losing the hint.
4159 + * All NFS v4 OPs that are supposed to replace the current filehandle, now do so:
4160 + * putroofh, putpubfh, open, mknod, lookup, lookupp, putfh
4161 + */
4162 + case NFSV4OP_GETFH:
4163 + if (vp == NULL)
4164 + error = nd->nd_repstat = NFSERR_NOFILEHANDLE;
4165 + else {
4166 + (void) nfsm_fhtom(nd, (u_int8_t *)fh.nfsrvfh_data, 0, 0);
4167 + error = nd->nd_repstat = 0;
4168 + nfsrv_auditpath(vp, NULL, NULL, (fhandle_t *)fh.nfsrvfh_data, 1);
4169 + }
4170 + break;
4171 default:
4172 /*
4173 * Allow a Lookup, Getattr, GetFH, Secinfo on an
4174 @@ -851,6 +942,8 @@
4175 NFS_STARTWRITE(NULL, &mp);
4176 error = (*(nfsrv4_ops1[op]))(nd, isdgram, vp,
4177 &nvp, (fhandle_t *)fh.nfsrvfh_data, p, &vpnes);
4178 + nfsrv_auditpath(nvp, NULL, NULL,
4179 + (fhandle_t *)fh.nfsrvfh_data, 1);
4180 if (!error && !nd->nd_repstat) {
4181 if (vfs_statfs(mp)->f_fsid.val[0] !=
4182 vfs_statfs(vnode_mount(nvp))->f_fsid.val[0] ||
4183 @@ -904,8 +997,16 @@
4184 if (nfsv4_opflag[op].modifyfs)
4185 NFS_STARTWRITE(NULL, &mp);
4186 NFSVOPLOCK(savevp, LK_EXCLUSIVE | LK_RETRY, p);
4187 + if (savevp)
4188 + vref(savevp);
4189 error = (*(nfsrv4_ops2[op]))(nd, isdgram, savevp,
4190 vp, p, &savevpnes, &vpnes);
4191 + if (savevp) {
4192 + if (nd->nd_procnum == NFSV4OP_LINK)
4193 + nfsrv_auditpath(savevp, NULL, NULL,
4194 + (fhandle_t *)savefh.nfsrvfh_data, 2);
4195 + vrele(savevp);
4196 + }
4197 if (nfsv4_opflag[op].modifyfs)
4198 NFS_ENDWRITE(mp);
4199 } else {
4200 @@ -930,8 +1031,16 @@
4201 }
4202 break;
4203 }
4204 + if (vp != NULL)
4205 + vref(vp);
4206 error = (*(nfsrv4_ops0[op]))(nd, isdgram, vp,
4207 - p, &vpnes);
4208 + p, &vpnes);
4209 + if (vp != NULL) {
4210 + if (nd->nd_procnum != NFSV4OP_REMOVE)
4211 + nfsrv_auditpath(vp, NULL, NULL,
4212 + (fhandle_t *)fh.nfsrvfh_data, 1);
4213 + vrele(vp);
4214 + }
4215 if (nfsv4_opflag[op].modifyfs)
4216 NFS_ENDWRITE(mp);
4217 } else {
4218 @@ -939,7 +1048,7 @@
4219 NULL, p, &vpnes);
4220 }
4221 }
4222 - };
4223 + };
4224 if (error) {
4225 if (error == EBADRPC || error == NFSERR_BADXDR) {
4226 nd->nd_repstat = NFSERR_BADXDR;
4227 @@ -949,6 +1058,7 @@
4228 }
4229 error = 0;
4230 }
4231 + AUDIT_NFS_EXIT(nd->nd_repstat, curthread);
4232 retops++;
4233 if (nd->nd_repstat) {
4234 *repp = nfsd_errmap(nd);
4235 @@ -958,6 +1068,8 @@
4236 }
4237 }
4238 nfsmout:
4239 + /* XXXgpf: when error occurs, we may jump here */
4240 + AUDIT_NFS_EXIT(nd->nd_repstat, curthread);
4241 if (error) {
4242 if (error == EBADRPC || error == NFSERR_BADXDR)
4243 nd->nd_repstat = NFSERR_BADXDR;
4244 --- //depot/vendor/freebsd/src/sys/fs/nfsserver/nfs_nfsdstate.c 2010-04-24 22:55:19.000000000 0000
4245 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfsserver/nfs_nfsdstate.c 2010-06-04 22:15:06.000000000 0000
4246 @@ -2974,7 +2974,7 @@
4247 * Do a sanity check against the file handle for DelegReturn.
4248 */
4249 if (vp) {
4250 - error = nfsvno_getfh(vp, &fh, p);
4251 + error = nfsvno_getfh(vp, &fh, p, NULL);
4252 if (error)
4253 return (error);
4254 }
4255 @@ -3112,7 +3112,7 @@
4256 } else {
4257 panic("nfsrv_getlockfh");
4258 }
4259 - error = nfsvno_getfh(vp, fhp, p);
4260 + error = nfsvno_getfh(vp, fhp, p, NULL);
4261 return (error);
4262 }
4263
4264 --- //depot/vendor/freebsd/src/sys/fs/nfsserver/nfs_nfsdsubs.c 2009-05-14 21:40:15.000000000 0000
4265 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nfsserver/nfs_nfsdsubs.c 2010-07-18 17:26:56.000000000 0000
4266 @@ -41,6 +41,7 @@
4267 * copy data between mbuf chains and uio lists.
4268 */
4269 #include <fs/nfs/nfsport.h>
4270 +#include <security/audit/audit.h>
4271
4272 extern u_int32_t newnfs_true, newnfs_false;
4273 extern int nfs_pubfhset;
4274 @@ -2041,3 +2042,116 @@
4275 return (1);
4276 }
4277
4278 +
4279 +/*
4280 + * XXXgpf: should relocate them someplace else
4281 + * I just dont know where:S
4282 + */
4283 +#define PARENTHINT 0x0001
4284 +#define EXHAUSTSEARCH 0x0002
4285 +#define WANTNAME 0x0004
4286 +
4287 +/*
4288 + * XXXgpf: dont know if this is the right location for the function
4289 + *
4290 + * Do our best to acquire 'a' working path for vp
4291 + *
4292 + * vp - vnode in question
4293 + * dvp - directory with vp as a child
4294 + * fname - name used to reference vp inside dvp
4295 + * fhp - file handle for vp
4296 + * n - AUDIT_ARG_UPATH1 or AUDIT_ARG_UPATH2
4297 + *
4298 + * Note: vp and dvp may be vref'd but not locks should be held on them as the
4299 + * two vn_fullpath_* KPIs may try to lock them themselves.
4300 + */
4301 +void
4302 +nfsrv_auditpath(vnode_t vp, vnode_t dvp, char *fname, fhandle_t *fhp, int n)
4303 +{
4304 + char path[PATH_MAX];
4305 + struct thread *td;
4306 + char *fullpath, *freepath;
4307 + int flag;
4308 + char success;
4309 +
4310 + if (!AUDITING_TD(curthread))
4311 + return;
4312 +
4313 + td = curthread;
4314 + freepath = NULL;
4315 + flag = WANTNAME;
4316 + success = 0;
4317 +
4318 + /* try to find the path through vp */
4319 + if (vp != NULL) {
4320 + /* try the cache */
4321 + vn_fullpath_global(td, vp, &fullpath, &freepath);
4322 + if (freepath != NULL) {
4323 + success = 1;
4324 + goto out;
4325 + }
4326 +
4327 + /* if our cache fails us */
4328 + if (vp->v_mount != NULL) {
4329 + uint64_t parent_hint;
4330 + /* get the hint stored inside the file handle */
4331 + if (fhp != NULL)
4332 + if (VFS_FHHINT(vp->v_mount, &fhp->fh_fid, &parent_hint) == 0)
4333 + flag = PARENTHINT | WANTNAME;
4334 + vn_fullpath_nocache(vp, &fullpath, &freepath,
4335 + parent_hint, flag);
4336 + if (freepath != NULL) {
4337 + success = 1;
4338 + goto out;
4339 + }
4340 + }
4341 + }
4342 +
4343 + /* try to find the path through dvp and the component name used to reference vp */
4344 + if (dvp != NULL && fname != NULL) {
4345 + /* try the cache */
4346 + vn_fullpath_global(td, dvp, &fullpath, &freepath);
4347 + if (freepath != NULL) {
4348 + snprintf(path, sizeof(path), "%s/%s", fullpath, fname);
4349 + fullpath = path;
4350 + success = 1;
4351 + goto out;
4352 + }
4353 +
4354 + /* if our cache fails us */
4355 + vn_fullpath_nocache(dvp, &fullpath, &freepath,
4356 + 0, WANTNAME);
4357 + if (freepath != NULL) {
4358 + snprintf(path, sizeof(path), "%s/%s", fullpath, fname);
4359 + fullpath = path;
4360 + success = 1;
4361 + goto out;
4362 + }
4363 + }
4364 +
4365 + /* last resort, just save the name used to reference the file in question */
4366 + if (fname != NULL) {
4367 + strlcpy(path, fname, sizeof(path));
4368 + fullpath = path;
4369 + success = 1;
4370 + }
4371 +
4372 +out:
4373 + if (success) {
4374 + switch (n) {
4375 + case 1:
4376 + AUDIT_ARG_UPATH1(td, fullpath);
4377 + break;
4378 + case 2:
4379 + AUDIT_ARG_UPATH2(td, fullpath);
4380 + break;
4381 + default:
4382 + AUDIT_ARG_UPATH1(td, fullpath);
4383 + break;
4384 + }
4385 + }
4386 +
4387 + if (freepath != NULL) {
4388 + free(freepath, M_TEMP);
4389 + }
4390 +}
4391 --- //depot/vendor/freebsd/src/sys/fs/ntfs/ntfs_vfsops.c 2009-12-07 15:20:16.000000000 0000
4392 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/ntfs/ntfs_vfsops.c 2010-05-27 14:41:11.000000000 0000
4393 @@ -787,6 +787,7 @@
4394 .vfs_uninit = ntfs_uninit,
4395 .vfs_unmount = ntfs_unmount,
4396 .vfs_vget = ntfs_vget,
4397 + .vfs_fhhint = vfs_stdfhhint,
4398 };
4399 VFS_SET(ntfs_vfsops, ntfs, 0);
4400 MODULE_VERSION(ntfs, 1);
4401 --- //depot/vendor/freebsd/src/sys/fs/nullfs/null_vfsops.c 2009-05-11 15:35:16.000000000 0000
4402 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nullfs/null_vfsops.c 2010-05-27 14:41:11.000000000 0000
4403 @@ -359,6 +359,7 @@
4404 .vfs_uninit = nullfs_uninit,
4405 .vfs_unmount = nullfs_unmount,
4406 .vfs_vget = nullfs_vget,
4407 + .vfs_fhhint = vfs_stdfhhint,
4408 };
4409
4410 VFS_SET(null_vfsops, nullfs, VFCF_LOOPBACK);
4411 --- //depot/vendor/freebsd/src/sys/fs/nullfs/null_vnops.c 2009-06-21 19:25:13.000000000 0000
4412 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/nullfs/null_vnops.c 2010-05-24 11:27:15.000000000 0000
4413 @@ -738,7 +738,7 @@
4414 struct vnode *lvp;
4415
4416 lvp = NULLVPTOLOWERVP(ap->a_vp);
4417 - return VOP_VPTOFH(lvp, ap->a_fhp);
4418 + return VOP_VPTOFH(lvp, ap->a_fhp, NULL);
4419 }
4420
4421 static int
4422 --- //depot/vendor/freebsd/src/sys/fs/tmpfs/tmpfs_vfsops.c 2010-01-29 12:15:19.000000000 0000
4423 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/tmpfs/tmpfs_vfsops.c 2010-05-27 14:41:11.000000000 0000
4424 @@ -414,5 +414,6 @@
4425 .vfs_root = tmpfs_root,
4426 .vfs_statfs = tmpfs_statfs,
4427 .vfs_fhtovp = tmpfs_fhtovp,
4428 + .vfs_fhhint = vfs_stdfhhint,
4429 };
4430 VFS_SET(tmpfs_vfsops, tmpfs, 0);
4431 --- //depot/vendor/freebsd/src/sys/fs/udf/udf_vfsops.c 2009-05-11 15:35:16.000000000 0000
4432 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/udf/udf_vfsops.c 2010-05-27 14:41:11.000000000 0000
4433 @@ -129,6 +129,7 @@
4434 .vfs_uninit = udf_uninit,
4435 .vfs_unmount = udf_unmount,
4436 .vfs_vget = udf_vget,
4437 + .vfs_fhhint = vfs_stdfhhint,
4438 };
4439 VFS_SET(udf_vfsops, udf, VFCF_READONLY);
4440
4441 --- //depot/vendor/freebsd/src/sys/fs/unionfs/union_vfsops.c 2009-05-11 15:35:16.000000000 0000
4442 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/fs/unionfs/union_vfsops.c 2010-05-27 14:41:11.000000000 0000
4443 @@ -519,6 +519,7 @@
4444 .vfs_uninit = unionfs_uninit,
4445 .vfs_unmount = unionfs_unmount,
4446 .vfs_vget = unionfs_vget,
4447 + .vfs_fhhint = vfs_stdfhhint,
4448 };
4449
4450 VFS_SET(unionfs_vfsops, unionfs, VFCF_LOOPBACK);
4451 --- //depot/vendor/freebsd/src/sys/gnu/fs/reiserfs/reiserfs_vfsops.c 2009-12-03 18:20:15.000000000 0000
4452 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/gnu/fs/reiserfs/reiserfs_vfsops.c 2010-05-27 14:41:11.000000000 0000
4453 @@ -1114,6 +1114,7 @@
4454 //.vfs_checkexp = reiserfs_checkexp,
4455 //.vfs_extattrctl = reiserfs_extattrctl,
4456 .vfs_fhtovp = reiserfs_fhtovp,
4457 + .vfs_fhhint = vfs_stdfhhint,
4458 //.vfs_quotactl = reiserfs_quotactl,
4459 .vfs_root = reiserfs_root,
4460 //.vfs_start = reiserfs_start,
4461 --- //depot/vendor/freebsd/src/sys/gnu/fs/xfs/FreeBSD/xfs_mountops.c 2009-05-11 15:35:16.000000000 0000
4462 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/gnu/fs/xfs/FreeBSD/xfs_mountops.c 2010-05-27 14:41:11.000000000 0000
4463 @@ -419,6 +419,7 @@
4464 .vfs_init = _xfs_init,
4465 .vfs_uninit = _xfs_uninit,
4466 .vfs_extattrctl = _xfs_extattrctl,
4467 + .vfs_fhhint = vfs_stdfhhint,
4468 };
4469
4470 VFS_SET(xfs_fsops, xfs, 0);
4471 --- //depot/vendor/freebsd/src/sys/kern/vfs_cache.c 2010-04-20 10:30:25.000000000 0000
4472 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/kern/vfs_cache.c 2010-07-18 17:26:56.000000000 0000
4473 @@ -1226,3 +1226,179 @@
4474 buf[l] = '\0';
4475 return (0);
4476 }
4477 +
4478 +/*
4479 + * XXXgpf: should relocate them someplace else
4480 + * I just dont know where:S
4481 + */
4482 +#define PARENTHINT 0x0001
4483 +#define EXHAUSTSEARCH 0x0002
4484 +#define WANTNAME 0x0004
4485 +
4486 +/*
4487 + * vn_fullpath_nocache(9)
4488 + *
4489 + * Retrieve the full filesystem path that corresponds to a vnode without use of the
4490 + * name cache.
4491 + * - A directory hint (UFS file_id of the directory that contains the vnode) may be
4492 + * supplied to facilitate the search if our target is not a directory itself.
4493 + * - flags should be set to PARENT_HINT, if the directory hint is supplied
4494 + * and to EXHAUSTIVE_SEARCH, if we are willing to search the entire filesystem to acquire a path.
4495 + *
4496 + * Locks: no locks required.
4497 + *
4498 + * Authors Note: freepath should be set to NULL before calling this KPI. Upon returning from the KPI,
4499 + * the caller should check if freepath is non-NULL, and if so, invoke free(9) with a pool type of M_TEMP.
4500 + */
4501 +int
4502 +vn_fullpath_nocache(struct vnode *vp, char **fullpath, char **freepath, uint64_t directory_hint, char flags)
4503 +{
4504 + char fname[MNAMELEN];
4505 + struct vnode *dvp, *upper_dvp;
4506 + struct mount *mp;
4507 + struct thread * td;
4508 + char *buf, *pch;
4509 + int error, buflen, vfslocked, fnamelen;
4510 +
4511 + KASSERT(vp != NULL, ("vn_fullpath_nocache: null vp"));
4512 +
4513 + dvp = NULL;
4514 + buf = NULL;
4515 + *freepath = NULL;
4516 + VREF(vp);
4517 + /* doesn't really make sense to continue without this flag set */
4518 + flags |= WANTNAME;
4519 +
4520 + /* XXXgpf: do we really need this? */
4521 + if (vp->v_type == VBAD) {
4522 + error = ENOENT;
4523 + goto out;
4524 + }
4525 + error = 0;
4526 + td = curthread;
4527 + mp = vp->v_mount;
4528 + fnamelen = sizeof(fname);
4529 + buf = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
4530 + buflen = MAXPATHLEN - 1;
4531 + buf[MAXPATHLEN-1] = '\0';
4532 +
4533 + /*
4534 + * - If our target is a directory, move on to the part where we traverse the '..' entries.
4535 + * - If not, try to find its' parent through VOP_GETPARENT
4536 + */
4537 + if (vp->v_type != VDIR) {
4538 + /*
4539 + * XXXgpf: perhaps locking vp is redundant.
4540 + * On the other hand, if we really want to lock vp shouldn't we at least
4541 + * have a flag, e.g. 'ALREADYLOCKED', so that if the caller already has a
4542 + * lock on vp, we won't try to re-lock it and perhaps risk a
4543 + * "panic panic: EXCLUSIVE->SHARED locked" situation ?
4544 + */
4545 + vn_lock(vp, LK_SHARED);
4546 + error = VOP_GETPARENT(vp, &dvp, directory_hint, flags, fname, &fnamelen);
4547 + VOP_UNLOCK(vp, 0);
4548 + if (error) {
4549 + dvp = NULL;
4550 + goto out;
4551 + }
4552 +
4553 + /*
4554 + * we have found a parent directory and a name for our vnode,
4555 + * save the name at the end of buf
4556 + */
4557 + pch = buf + buflen - strlen(fname);
4558 + if (pch < buf) {
4559 + error = EOVERFLOW;
4560 + if (dvp != NULL) {
4561 + vfslocked = VFS_LOCK_GIANT(dvp->v_mount);
4562 + vput(dvp);
4563 + VFS_UNLOCK_GIANT(vfslocked);
4564 + }
4565 + goto out;
4566 + }
4567 + strcpy(pch, fname);
4568 + buflen -= strlen(fname);
4569 + buf[--buflen] = '/';
4570 + }
4571 + /* if our target is a dir, do the initial preparation */
4572 + else {
4573 + dvp = vp;
4574 + VREF(dvp);
4575 + vn_lock(dvp, LK_SHARED);
4576 + }
4577 +
4578 + /*
4579 + * We have found 'a' directory that contains our target or our target is a directory.
4580 + * In any case, just traverse the '..' nodes and construct a path via VOP_VPTOCNP(9)
4581 + */
4582 + while (dvp != rootvnode) {
4583 + /*
4584 + * If we've found a vnode that is the root of a filesystem
4585 + * Use the path that the filesystem was mounted on to complete our fullpath
4586 + */
4587 + if ((dvp->v_vflag & VV_ROOT) != 0) {
4588 + char *pch, *fs_path;
4589 + int fs_path_len;
4590 +
4591 + MNT_REF(dvp->v_mount);
4592 + *fullpath = buf + buflen;
4593 + fs_path = dvp->v_mount->mnt_stat.f_mntonname;
4594 + fs_path_len = strlen(fs_path);
4595 +
4596 + if (buflen - fs_path_len - 1 < 0) {
4597 + vfslocked = VFS_LOCK_GIANT(dvp->v_mount);
4598 + vput(dvp);
4599 + VFS_UNLOCK_GIANT(vfslocked);
4600 + error = EOVERFLOW;
4601 + MNT_REL(dvp->v_mount);
4602 + goto out;
4603 + }
4604 +
4605 + pch = buf + buflen - fs_path_len;
4606 + memcpy(pch, fs_path, fs_path_len);
4607 + buflen -= fs_path_len;
4608 +
4609 + MNT_REL(dvp->v_mount);
4610 + break;
4611 + }
4612 +
4613 + vfslocked = VFS_LOCK_GIANT(dvp->v_mount);
4614 + error = VOP_VPTOCNP(dvp, &upper_dvp, td->td_ucred, buf, &buflen);
4615 + VFS_UNLOCK_GIANT(vfslocked);
4616 + if (error)
4617 + break;
4618 + if (buflen <= 0) {
4619 + error = EOVERFLOW;
4620 + break;
4621 + }
4622 +
4623 + buf[--buflen] = '/';
4624 + if (dvp != NULL) {
4625 + vfslocked = VFS_LOCK_GIANT(dvp->v_mount);
4626 + vput(dvp);
4627 + VFS_UNLOCK_GIANT(vfslocked);
4628 + }
4629 + vdrop(upper_dvp);
4630 + dvp = upper_dvp;
4631 + vn_lock(dvp, LK_SHARED);
4632 + VREF(dvp);
4633 + } /* while */
4634 +
4635 + vfslocked = VFS_LOCK_GIANT(dvp->v_mount);
4636 + vput(dvp);
4637 + VFS_UNLOCK_GIANT(vfslocked);
4638 + *fullpath = buf + buflen;
4639 + *freepath = buf;
4640 +
4641 +out:
4642 + if (error != 0) {
4643 + *freepath = NULL;
4644 + if (buf != NULL)
4645 + free(buf, M_TEMP);
4646 + }
4647 + vfslocked = VFS_LOCK_GIANT(vp->v_mount);
4648 + vrele(vp);
4649 + VFS_UNLOCK_GIANT(vfslocked);
4650 +
4651 + return (error);
4652 +}
4653 --- //depot/vendor/freebsd/src/sys/kern/vfs_default.c 2010-04-02 14:05:14.000000000 0000
4654 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/kern/vfs_default.c 2010-05-27 14:41:11.000000000 0000
4655 @@ -120,6 +120,7 @@
4656 .vop_unlock = vop_stdunlock,
4657 .vop_vptocnp = vop_stdvptocnp,
4658 .vop_vptofh = vop_stdvptofh,
4659 + .vop_getparent = vop_stdgetparent,
4660 };
4661
4662 /*
4663 @@ -841,6 +842,12 @@
4664 return (error);
4665 }
4666
4667 +int
4668 +vop_stdgetparent(struct vop_getparent_args *ap)
4669 +{
4670 + return (EOPNOTSUPP);
4671 +}
4672 +
4673 /*
4674 * vfs default ops
4675 * used to fill the vfs function table to get reasonable default return values.
4676 @@ -948,6 +955,12 @@
4677 }
4678
4679 int
4680 +vfs_stdfhhint (struct mount *mp, struct fid *fhp, uint64_t *hint)
4681 +{
4682 + return (EOPNOTSUPP);
4683 +}
4684 +
4685 +int
4686 vfs_stdinit (vfsp)
4687 struct vfsconf *vfsp;
4688 {
4689 --- //depot/vendor/freebsd/src/sys/kern/vfs_export.c 2009-09-28 18:10:14.000000000 0000
4690 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/kern/vfs_export.c 2010-05-24 11:27:15.000000000 0000
4691 @@ -377,7 +377,7 @@
4692 if ((error = VFS_ROOT(mp, LK_EXCLUSIVE, &rvp)))
4693 return (error);
4694
4695 - if ((error = VOP_VPTOFH(rvp, &nfs_pub.np_handle.fh_fid)))
4696 + if ((error = VOP_VPTOFH(rvp, &nfs_pub.np_handle.fh_fid, NULL)))
4697 return (error);
4698
4699 vput(rvp);
4700 --- //depot/vendor/freebsd/src/sys/kern/vfs_syscalls.c 2010-04-13 08:55:14.000000000 0000
4701 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/kern/vfs_syscalls.c 2010-05-24 11:27:15.000000000 0000
4702 @@ -4298,7 +4298,7 @@
4703 vp = nd.ni_vp;
4704 bzero(&fh, sizeof(fh));
4705 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4706 - error = VOP_VPTOFH(vp, &fh.fh_fid);
4707 + error = VOP_VPTOFH(vp, &fh.fh_fid, NULL);
4708 vput(vp);
4709 VFS_UNLOCK_GIANT(vfslocked);
4710 if (error)
4711 @@ -4337,7 +4337,7 @@
4712 vp = nd.ni_vp;
4713 bzero(&fh, sizeof(fh));
4714 fh.fh_fsid = vp->v_mount->mnt_stat.f_fsid;
4715 - error = VOP_VPTOFH(vp, &fh.fh_fid);
4716 + error = VOP_VPTOFH(vp, &fh.fh_fid, NULL);
4717 vput(vp);
4718 VFS_UNLOCK_GIANT(vfslocked);
4719 if (error)
4720 --- //depot/vendor/freebsd/src/sys/kern/vnode_if.src 2009-06-21 19:25:13.000000000 0000
4721 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/kern/vnode_if.src 2010-05-26 21:05:34.000000000 0000
4722 @@ -599,6 +599,7 @@
4723 vop_vptofh {
4724 IN struct vnode *vp;
4725 IN struct fid *fhp;
4726 + IN struct vnode *dvp;
4727 };
4728
4729 %% vptocnp vp L L L
4730 @@ -611,3 +612,15 @@
4731 INOUT char *buf;
4732 INOUT int *buflen;
4733 };
4734 +
4735 +%% getparent vp L L L
4736 +%% getparent vpp - L -
4737 +
4738 +vop_getparent {
4739 + IN struct vnode *vp;
4740 + OUT struct vnode **vpp;
4741 + IN uint64_t hint;
4742 + IN int flags;
4743 + INOUT char *buf;
4744 + INOUT int *buflen;
4745 +};
4746 --- //depot/vendor/freebsd/src/sys/nfs/nfs_nfssvc.c 2009-06-27 14:00:18.000000000 0000
4747 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfs/nfs_nfssvc.c 2010-06-29 21:25:59.000000000 0000
4748 @@ -79,7 +79,18 @@
4749
4750 KASSERT(!mtx_owned(&Giant), ("nfssvc(): called with Giant"));
4751
4752 - AUDIT_ARG_CMD(uap->flag);
4753 + AUDIT_ARG_CMD(uap->flag);
4754 + /*
4755 + * XXX:gpf quick fix until I figure out something better.
4756 + * Even if Audit supports multiple simultaneous td_ars per
4757 + * kernel thread, we still want to end the audit record for
4758 + * nfs_svc so that Audit records for NFS RPCs that are serviced
4759 + * by this thread are recorded without any trouble such as waiting
4760 + * for nfssvc() to return before commiting them to the audit daemon.
4761 + * Problem is that we are now *not* recording the return value from
4762 + * the nfs server.
4763 + */
4764 + AUDIT_SYSCALL_EXIT(0, td);
4765
4766 error = priv_check(td, PRIV_NFS_DAEMON);
4767 if (error)
4768 --- //depot/vendor/freebsd/src/sys/nfsserver/nfs.h 2010-02-09 23:50:14.000000000 0000
4769 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs.h 2010-07-06 21:25:27.000000000 0000
4770 @@ -195,6 +195,7 @@
4771 };
4772
4773 /* Bits for "nd_flag" */
4774 +#define ND_NFSV2 0x04
4775 #define ND_NFSV3 0x08
4776
4777 /*
4778 --- //depot/vendor/freebsd/src/sys/nfsserver/nfs_serv.c 2009-12-03 21:00:14.000000000 0000
4779 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_serv.c 2010-07-18 17:26:56.000000000 0000
4780 @@ -88,6 +88,8 @@
4781 #include <sys/bio.h>
4782 #include <sys/buf.h>
4783
4784 +#include <security/audit/audit.h>
4785 +
4786 #include <vm/vm.h>
4787 #include <vm/vm_extern.h>
4788 #include <vm/vm_object.h>
4789 @@ -97,6 +99,14 @@
4790 #include <nfs/xdr_subs.h>
4791 #include <nfsserver/nfsm_subs.h>
4792
4793 +/*
4794 + * XXXgpf: should relocate them someplace else
4795 + * I just dont know where:S
4796 + */
4797 +#define PARENTHINT 0x0001
4798 +#define EXHAUSTSEARCH 0x0002
4799 +#define WANTNAME 0x0004
4800 +
4801 #ifdef NFSRV_DEBUG
4802 #define nfsdbprintf(info) printf info
4803 #else
4804 @@ -184,6 +194,106 @@
4805 }
4806
4807 /*
4808 + * Do our best to acquire 'a' working path for vp
4809 + *
4810 + * vp - vnode in question
4811 + * dvp - directory with vp as a child
4812 + * fname - name used to reference vp inside dvp
4813 + * fhp - file handle for vp
4814 + * n - AUDIT_ARG_UPATH1 or AUDIT_ARG_UPATH2
4815 + *
4816 + * Note: vp and dvp may be vref'd but not locks should be held on them as the
4817 + * two vn_fullpath_* KPIs may try to lock them themselves.
4818 + */
4819 +static void
4820 +nfsrv_auditpath(struct vnode *vp, struct vnode *dvp, char *fname, fhandle_t *fhp, int n)
4821 +{
4822 + char path[PATH_MAX];
4823 + struct thread *td;
4824 + char *fullpath, *freepath;
4825 + int flag;
4826 + char success;
4827 +
4828 + td = curthread;
4829 + freepath = NULL;
4830 + flag = WANTNAME;
4831 + success = 0;
4832 +
4833 + /* try to find the path through vp */
4834 + if (vp != NULL) {
4835 + /* try the cache */
4836 + vn_fullpath_global(td, vp, &fullpath, &freepath);
4837 + if (freepath != NULL) {
4838 + success = 1;
4839 + goto out;
4840 + }
4841 +
4842 + /* if our cache fails us */
4843 + if (vp->v_mount != NULL) {
4844 + uint64_t parent_hint;
4845 + /* get the hint stored inside the file handle */
4846 + if (fhp != NULL)
4847 + if (VFS_FHHINT(vp->v_mount, &fhp->fh_fid, &parent_hint) == 0)
4848 + flag = PARENTHINT | WANTNAME;
4849 + vn_fullpath_nocache(vp, &fullpath, &freepath,
4850 + parent_hint, flag);
4851 + if (freepath != NULL) {
4852 + success = 1;
4853 + goto out;
4854 + }
4855 + }
4856 + }
4857 +
4858 + /* try to find the path through dvp and the component name used to reference vp */
4859 + if (dvp != NULL && fname != NULL) {
4860 + /* try the cache */
4861 + vn_fullpath_global(td, dvp, &fullpath, &freepath);
4862 + if (freepath != NULL) {
4863 + snprintf(path, sizeof(path), "%s/%s", fullpath, fname);
4864 + fullpath = path;
4865 + success = 1;
4866 + goto out;
4867 + }
4868 +
4869 + /* if our cache fails us */
4870 + vn_fullpath_nocache(dvp, &fullpath, &freepath,
4871 + 0, WANTNAME);
4872 + if (freepath != NULL) {
4873 + snprintf(path, sizeof(path), "%s/%s", fullpath, fname);
4874 + fullpath = path;
4875 + success = 1;
4876 + goto out;
4877 + }
4878 + }
4879 +
4880 + /* last resort, just save the name used to reference the file in question */
4881 + if (fname != NULL) {
4882 + strlcpy(path, fname, sizeof(path));
4883 + fullpath = path;
4884 + success = 1;
4885 + }
4886 +
4887 +out:
4888 + if (success) {
4889 + switch (n) {
4890 + case 1:
4891 + AUDIT_ARG_UPATH1(td, fullpath);
4892 + break;
4893 + case 2:
4894 + AUDIT_ARG_UPATH2(td, fullpath);
4895 + break;
4896 + default:
4897 + AUDIT_ARG_UPATH1(td, fullpath);
4898 + break;
4899 + }
4900 + }
4901 +
4902 + if (freepath != NULL) {
4903 + free(freepath, M_TEMP);
4904 + }
4905 +}
4906 +
4907 +/*
4908 * nfs v3 access service
4909 */
4910 int
4911 @@ -195,6 +305,7 @@
4912 caddr_t dpos = nfsd->nd_dpos;
4913 struct ucred *cred = nfsd->nd_cr;
4914 struct vnode *vp = NULL;
4915 + struct vnode *AUDIT_vp = NULL;
4916 nfsfh_t nfh;
4917 fhandle_t *fhp;
4918 u_int32_t *tl;
4919 @@ -214,14 +325,21 @@
4920 nfsm_srvmtofh(fhp);
4921 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
4922 error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
4923 - nam, &rdonly, TRUE);
4924 + nam, &rdonly, TRUE);
4925 if (error) {
4926 nfsm_reply(NFSX_UNSIGNED);
4927 nfsm_srvpostop_attr(1, NULL);
4928 error = 0;
4929 goto nfsmout;
4930 }
4931 +
4932 + AUDIT_vp = vp;
4933 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
4934 + vref(AUDIT_vp);
4935 + AUDIT_ARG_VNODE1(AUDIT_vp);
4936 + }
4937 nfsmode = fxdr_unsigned(u_int32_t, *tl);
4938 + AUDIT_ARG_FFLAGS(nfsmode);
4939 if ((nfsmode & NFSV3ACCESS_READ) &&
4940 nfsrv_access(vp, VREAD, cred, rdonly, 0))
4941 nfsmode &= ~NFSV3ACCESS_READ;
4942 @@ -250,6 +368,11 @@
4943 nfsmout:
4944 if (vp)
4945 vput(vp);
4946 + /* XXX AUDIT */
4947 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
4948 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
4949 + vrele(AUDIT_vp);
4950 + }
4951 VFS_UNLOCK_GIANT(vfslocked);
4952 return(error);
4953 }
4954 @@ -269,6 +392,7 @@
4955 struct vattr va;
4956 struct vattr *vap = &va;
4957 struct vnode *vp = NULL;
4958 + struct vnode *AUDIT_vp = NULL;
4959 nfsfh_t nfh;
4960 fhandle_t *fhp;
4961 caddr_t bpos;
4962 @@ -287,6 +411,12 @@
4963 error = 0;
4964 goto nfsmout;
4965 }
4966 + AUDIT_vp = vp;
4967 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
4968 + vref(AUDIT_vp);
4969 + AUDIT_ARG_VNODE1(AUDIT_vp);
4970 + }
4971 +
4972 error = VOP_GETATTR(vp, vap, cred);
4973 vput(vp);
4974 vp = NULL;
4975 @@ -303,7 +433,13 @@
4976 nfsmout:
4977 if (vp)
4978 vput(vp);
4979 + /* XXX AUDIT */
4980 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
4981 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
4982 + vrele(AUDIT_vp);
4983 + }
4984 VFS_UNLOCK_GIANT(vfslocked);
4985 +
4986 return(error);
4987 }
4988
4989 @@ -323,6 +459,7 @@
4990 struct nfsv2_sattr *sp;
4991 struct nfs_fattr *fp;
4992 struct vnode *vp = NULL;
4993 + struct vnode *AUDIT_vp = NULL;
4994 nfsfh_t nfh;
4995 fhandle_t *fhp;
4996 u_int32_t *tl;
4997 @@ -400,6 +537,12 @@
4998 goto nfsmout;
4999 }
5000
5001 + AUDIT_vp = vp;
5002 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5003 + vref(AUDIT_vp);
5004 + AUDIT_ARG_VNODE1(AUDIT_vp);
5005 + }
5006 +
5007 /*
5008 * vp now an active resource, pay careful attention to cleanup
5009 */
5010 @@ -438,6 +581,8 @@
5011 goto out;
5012 }
5013 error = VOP_SETATTR(vp, vap, cred);
5014 + if (AUDIT_vp != NULL)
5015 + AUDIT_ARG_VNODE2(AUDIT_vp);
5016 postat_ret = VOP_GETATTR(vp, vap, cred);
5017 if (!error)
5018 error = postat_ret;
5019 @@ -461,7 +606,13 @@
5020 if (vp)
5021 vput(vp);
5022 vn_finished_write(mp);
5023 + /* XXX AUDIT */
5024 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5025 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5026 + vrele(AUDIT_vp);
5027 + }
5028 VFS_UNLOCK_GIANT(vfslocked);
5029 +
5030 return(error);
5031 }
5032
5033 @@ -479,6 +630,7 @@
5034 struct nfs_fattr *fp;
5035 struct nameidata nd, ind, *ndp = &nd;
5036 struct vnode *vp, *dirp = NULL;
5037 + struct vnode *AUDIT_vp = NULL;
5038 nfsfh_t nfh;
5039 fhandle_t *fhp;
5040 caddr_t bpos;
5041 @@ -498,10 +650,9 @@
5042 nfsm_srvnamesiz(len);
5043
5044 pubflag = nfs_ispublicfh(fhp);
5045 -
5046 nd.ni_cnd.cn_cred = cred;
5047 nd.ni_cnd.cn_nameiop = LOOKUP;
5048 - nd.ni_cnd.cn_flags = LOCKLEAF | SAVESTART | MPSAFE;
5049 + nd.ni_cnd.cn_flags = LOCKLEAF | SAVESTART | MPSAFE | WANTPARENT;
5050 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
5051 &dirp, v3, &dirattr, &dirattr_ret, pubflag);
5052 vfslocked = NDHASGIANT(&nd);
5053 @@ -510,7 +661,6 @@
5054 * namei failure, only dirp to cleanup. Clear out garbarge from
5055 * structure in case macros jump to nfsmout.
5056 */
5057 -
5058 if (error) {
5059 if (dirp) {
5060 vrele(dirp);
5061 @@ -523,6 +673,12 @@
5062 goto nfsmout;
5063 }
5064
5065 + AUDIT_vp = nd.ni_vp;
5066 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5067 + vref(AUDIT_vp);
5068 + AUDIT_ARG_VNODE1(AUDIT_vp);
5069 + }
5070 +
5071 /*
5072 * Locate index file for public filehandle
5073 *
5074 @@ -606,13 +762,12 @@
5075 * Get underlying attribute, then release remaining resources ( for
5076 * the same potential blocking reason ) and reply.
5077 */
5078 - vp = ndp->ni_vp;
5079 + vp = ndp->ni_vp;
5080 bzero((caddr_t)fhp, sizeof(nfh));
5081 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
5082 - error = VOP_VPTOFH(vp, &fhp->fh_fid);
5083 + error = VOP_VPTOFH(vp, &fhp->fh_fid, ndp->ni_dvp);
5084 if (!error)
5085 error = VOP_GETATTR(vp, vap, cred);
5086 -
5087 vput(vp);
5088 vrele(ndp->ni_startdir);
5089 vrele(dirp);
5090 @@ -644,8 +799,16 @@
5091 if (ndp->ni_startdir)
5092 vrele(ndp->ni_startdir);
5093 }
5094 + if (ndp->ni_dvp)
5095 + vrele(ndp->ni_dvp);
5096 NDFREE(&nd, NDF_ONLY_PNBUF);
5097 - VFS_UNLOCK_GIANT(vfslocked);
5098 + /* XXX AUDIT */
5099 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5100 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5101 + vrele(AUDIT_vp);
5102 + }
5103 + VFS_UNLOCK_GIANT(vfslocked);
5104 +
5105 return (error);
5106 }
5107
5108 @@ -669,6 +832,7 @@
5109 int v3 = (nfsd->nd_flag & ND_NFSV3);
5110 struct mbuf *mb, *mp3, *nmp, *mreq;
5111 struct vnode *vp = NULL;
5112 + struct vnode *AUDIT_vp = NULL;
5113 struct vattr attr;
5114 nfsfh_t nfh;
5115 fhandle_t *fhp;
5116 @@ -713,7 +877,7 @@
5117 uiop->uio_segflg = UIO_SYSSPACE;
5118 uiop->uio_td = NULL;
5119 error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
5120 - nam, &rdonly, TRUE);
5121 + nam, &rdonly, TRUE);
5122 if (error) {
5123 nfsm_reply(2 * NFSX_UNSIGNED);
5124 if (v3)
5125 @@ -721,6 +885,12 @@
5126 error = 0;
5127 goto nfsmout;
5128 }
5129 +
5130 + AUDIT_vp = vp;
5131 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5132 + vref(AUDIT_vp);
5133 + AUDIT_ARG_VNODE1(AUDIT_vp);
5134 + }
5135 if (vp->v_type != VLNK) {
5136 if (v3)
5137 error = EINVAL;
5138 @@ -752,7 +922,13 @@
5139 m_freem(mp3);
5140 if (vp)
5141 vput(vp);
5142 + /* XXX AUDIT */
5143 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5144 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5145 + vrele(AUDIT_vp);
5146 + }
5147 VFS_UNLOCK_GIANT(vfslocked);
5148 +
5149 return(error);
5150 }
5151
5152 @@ -779,6 +955,7 @@
5153 struct mbuf *mb, *mreq;
5154 struct mbuf *m2;
5155 struct vnode *vp = NULL;
5156 + struct vnode *AUDIT_vp = NULL;
5157 nfsfh_t nfh;
5158 fhandle_t *fhp;
5159 struct uio io, *uiop = &io;
5160 @@ -809,7 +986,7 @@
5161 */
5162
5163 error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
5164 - nam, &rdonly, TRUE);
5165 + nam, &rdonly, TRUE);
5166 if (error) {
5167 vp = NULL;
5168 nfsm_reply(2 * NFSX_UNSIGNED);
5169 @@ -819,6 +996,12 @@
5170 goto nfsmout;
5171 }
5172
5173 + AUDIT_vp = vp;
5174 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5175 + vref(AUDIT_vp);
5176 + AUDIT_ARG_VNODE1(AUDIT_vp);
5177 + }
5178 +
5179 if (vp->v_type != VREG) {
5180 if (v3)
5181 error = EINVAL;
5182 @@ -965,6 +1148,7 @@
5183 uiop->uio_resid = len;
5184 uiop->uio_rw = UIO_READ;
5185 uiop->uio_segflg = UIO_SYSSPACE;
5186 + AUDIT_ARG_FFLAGS(IO_NODELOCKED | ioflag);
5187 error = VOP_READ(vp, uiop, IO_NODELOCKED | ioflag, cred);
5188 off = uiop->uio_offset;
5189 nh->nh_nextr = off;
5190 @@ -1002,7 +1186,13 @@
5191 nfsmout:
5192 if (vp)
5193 vput(vp);
5194 - VFS_UNLOCK_GIANT(vfslocked);
5195 + /* XXX AUDIT */
5196 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5197 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5198 + vrele(AUDIT_vp);
5199 + }
5200 + VFS_UNLOCK_GIANT(vfslocked);
5201 +
5202 return(error);
5203 }
5204
5205 @@ -1032,6 +1222,7 @@
5206 int v3 = (nfsd->nd_flag & ND_NFSV3);
5207 struct mbuf *mb, *mreq;
5208 struct vnode *vp = NULL;
5209 + struct vnode *AUDIT_vp = NULL;
5210 nfsfh_t nfh;
5211 fhandle_t *fhp;
5212 struct uio io, *uiop = &io;
5213 @@ -1120,6 +1311,13 @@
5214 error = 0;
5215 goto nfsmout;
5216 }
5217 +
5218 + AUDIT_vp = vp;
5219 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5220 + vref(AUDIT_vp);
5221 + AUDIT_ARG_VNODE1(AUDIT_vp);
5222 + }
5223 +
5224 if (v3)
5225 forat_ret = VOP_GETATTR(vp, &forat, cred);
5226 if (vp->v_type != VREG) {
5227 @@ -1173,6 +1371,7 @@
5228 uiop->uio_segflg = UIO_SYSSPACE;
5229 uiop->uio_td = NULL;
5230 uiop->uio_offset = off;
5231 + AUDIT_ARG_FFLAGS(ioflags);
5232 error = VOP_WRITE(vp, uiop, ioflags, cred);
5233 /* Unlocked write. */
5234 nfsrvstats.srvvop_writes++;
5235 @@ -1220,7 +1419,13 @@
5236 if (vp)
5237 vput(vp);
5238 vn_finished_write(mntp);
5239 + /* XXX AUDIT */
5240 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5241 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5242 + vrele(AUDIT_vp);
5243 + }
5244 VFS_UNLOCK_GIANT(vfslocked);
5245 +
5246 return(error);
5247 }
5248
5249 @@ -1247,6 +1452,7 @@
5250 int v3 = (nfsd->nd_flag & ND_NFSV3), how, exclusive_flag = 0;
5251 struct mbuf *mb, *mreq;
5252 struct vnode *dirp = NULL;
5253 + struct vnode *AUDIT_vp = NULL, *AUDIT_dvp = NULL;
5254 nfsfh_t nfh;
5255 fhandle_t *fhp;
5256 u_quad_t tempsize;
5257 @@ -1301,6 +1507,10 @@
5258 goto nfsmout;
5259 }
5260
5261 + AUDIT_dvp = nd.ni_dvp;
5262 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5263 + vref(AUDIT_dvp);
5264 +
5265 /*
5266 * No error. Continue. State:
5267 *
5268 @@ -1371,6 +1581,7 @@
5269 if (nd.ni_vp == NULL) {
5270 if (vap->va_mode == (mode_t)VNOVAL)
5271 vap->va_mode = 0;
5272 + AUDIT_ARG_MODE(vap->va_mode);
5273 if (vap->va_type == VREG || vap->va_type == VSOCK) {
5274 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
5275 if (error)
5276 @@ -1442,6 +1653,7 @@
5277 error = ENXIO;
5278 }
5279 } else {
5280 + AUDIT_ARG_MODE(vap->va_mode);
5281 if (vap->va_size != -1) {
5282 error = nfsrv_access(nd.ni_vp, VWRITE,
5283 cred, (nd.ni_cnd.cn_flags & RDONLY), 0);
5284 @@ -1453,11 +1665,16 @@
5285 }
5286 }
5287 }
5288 + AUDIT_vp = nd.ni_vp;
5289 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5290 + vref(AUDIT_vp);
5291 + AUDIT_ARG_VNODE1(AUDIT_vp);
5292 + }
5293
5294 if (!error) {
5295 bzero((caddr_t)fhp, sizeof(nfh));
5296 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
5297 - error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
5298 + error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid, nd.ni_dvp);
5299 if (!error)
5300 error = VOP_GETATTR(nd.ni_vp, vap, cred);
5301 }
5302 @@ -1518,7 +1735,20 @@
5303 vrele(dirp);
5304 NDFREE(&nd, NDF_ONLY_PNBUF);
5305 vn_finished_write(mp);
5306 + /*
5307 + * XXXgpf:
5308 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5309 + * if an error occured; do we mind?
5310 + */
5311 + if (AUDITING_TD(curthread)) {
5312 + nfsrv_auditpath(AUDIT_vp, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, fhp, 1);
5313 + if (AUDIT_dvp != NULL)
5314 + vrele(AUDIT_dvp);
5315 + if (AUDIT_vp != NULL)
5316 + vrele(AUDIT_vp);
5317 + }
5318 VFS_UNLOCK_GIANT(vfslocked);
5319 +
5320 return (error);
5321 }
5322
5323 @@ -1544,6 +1774,7 @@
5324 enum vtype vtyp;
5325 struct mbuf *mb, *mreq;
5326 struct vnode *vp, *dirp = NULL;
5327 + struct vnode *AUDIT_vp = NULL, *AUDIT_dvp = NULL;
5328 nfsfh_t nfh;
5329 fhandle_t *fhp;
5330 struct mount *mp = NULL;
5331 @@ -1587,8 +1818,14 @@
5332 error = 0;
5333 goto nfsmout;
5334 }
5335 +
5336 + AUDIT_dvp = nd.ni_dvp;
5337 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5338 + vref(AUDIT_dvp);
5339 +
5340 tl = nfsm_dissect_nonblock(u_int32_t *, NFSX_UNSIGNED);
5341 vtyp = nfsv3tov_type(*tl);
5342 + AUDIT_ARG_VTYPE(vtyp);
5343 if (vtyp != VCHR && vtyp != VBLK && vtyp != VSOCK && vtyp != VFIFO) {
5344 error = NFSERR_BADTYPE;
5345 goto out;
5346 @@ -1600,8 +1837,8 @@
5347 major = fxdr_unsigned(u_int32_t, *tl++);
5348 minor = fxdr_unsigned(u_int32_t, *tl);
5349 vap->va_rdev = makedev(major, minor);
5350 - }
5351 -
5352 + }
5353 +
5354 /*
5355 * Iff doesn't exist, create it.
5356 */
5357 @@ -1612,21 +1849,37 @@
5358 vap->va_type = vtyp;
5359 if (vap->va_mode == (mode_t)VNOVAL)
5360 vap->va_mode = 0;
5361 + AUDIT_ARG_MODE(vap->va_mode);
5362 if (vtyp == VSOCK) {
5363 vrele(nd.ni_startdir);
5364 - nd.ni_startdir = NULL;
5365 + nd.ni_startdir = NULL;
5366 error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
5367 +
5368 if (error)
5369 NDFREE(&nd, NDF_ONLY_PNBUF);
5370 + else {
5371 + AUDIT_vp = nd.ni_vp;
5372 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5373 + vref(AUDIT_vp);
5374 + AUDIT_ARG_VNODE1(AUDIT_vp);
5375 + }
5376 + }
5377 } else {
5378 if (vtyp != VFIFO && (error = priv_check_cred(cred,
5379 PRIV_VFS_MKNOD_DEV, 0)))
5380 goto out;
5381 error = VOP_MKNOD(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
5382 +
5383 if (error) {
5384 NDFREE(&nd, NDF_ONLY_PNBUF);
5385 goto out;
5386 }
5387 + AUDIT_vp = nd.ni_vp;
5388 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5389 + vref(AUDIT_vp);
5390 + AUDIT_ARG_VNODE1(AUDIT_vp);
5391 + }
5392 +
5393 vput(nd.ni_vp);
5394 nd.ni_vp = NULL;
5395
5396 @@ -1658,11 +1911,12 @@
5397 * send response, cleanup, return.
5398 */
5399 out:
5400 - vp = nd.ni_vp;
5401 + vp = nd.ni_vp;
5402 +
5403 if (!error) {
5404 bzero((caddr_t)fhp, sizeof(nfh));
5405 fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsid;
5406 - error = VOP_VPTOFH(vp, &fhp->fh_fid);
5407 + error = VOP_VPTOFH(vp, &fhp->fh_fid, AUDIT_dvp);
5408 if (!error)
5409 error = VOP_GETATTR(vp, vap, cred);
5410 }
5411 @@ -1698,7 +1952,20 @@
5412 nfsm_srvwcc_data(dirfor_ret, &dirfor, diraft_ret, &diraft);
5413 }
5414 vn_finished_write(mp);
5415 + /*
5416 + * XXXgpf:
5417 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5418 + * if an error occured; do we mind?
5419 + */
5420 + if (AUDITING_TD(curthread)) {
5421 + nfsrv_auditpath(AUDIT_vp, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, fhp, 1);
5422 + if (AUDIT_dvp != NULL)
5423 + vrele(AUDIT_dvp);
5424 + if (AUDIT_vp != NULL)
5425 + vrele(AUDIT_vp);
5426 + }
5427 VFS_UNLOCK_GIANT(vfslocked);
5428 +
5429 return (0);
5430 nfsmout:
5431 if (nd.ni_dvp) {
5432 @@ -1715,7 +1982,20 @@
5433 vrele(nd.ni_startdir);
5434 NDFREE(&nd, NDF_ONLY_PNBUF);
5435 vn_finished_write(mp);
5436 + /*
5437 + * XXXgpf:
5438 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5439 + * if an error occured; do we mind?
5440 + */
5441 + if (AUDITING_TD(curthread)) {
5442 + nfsrv_auditpath(AUDIT_vp, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, fhp, 1);
5443 + if (AUDIT_dvp != NULL)
5444 + vrele(AUDIT_dvp);
5445 + if (AUDIT_vp != NULL)
5446 + vrele(AUDIT_vp);
5447 + }
5448 VFS_UNLOCK_GIANT(vfslocked);
5449 +
5450 return (error);
5451 }
5452
5453 @@ -1736,6 +2016,7 @@
5454 int v3 = (nfsd->nd_flag & ND_NFSV3);
5455 struct mbuf *mb, *mreq;
5456 struct vnode *dirp;
5457 + struct vnode *AUDIT_dvp = NULL;
5458 struct vattr dirfor, diraft;
5459 nfsfh_t nfh;
5460 fhandle_t *fhp;
5461 @@ -1768,6 +2049,12 @@
5462 dirp = NULL;
5463 }
5464 if (error == 0) {
5465 + AUDIT_dvp = nd.ni_dvp;
5466 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5467 + vref(AUDIT_dvp);
5468 + if (nd.ni_vp != NULL)
5469 + AUDIT_ARG_VNODE1(nd.ni_vp);
5470 +
5471 if (nd.ni_vp->v_type == VDIR) {
5472 error = EPERM; /* POSIX */
5473 goto out;
5474 @@ -1824,7 +2111,17 @@
5475 if (nd.ni_vp)
5476 vput(nd.ni_vp);
5477 vn_finished_write(mp);
5478 + /*
5479 + * XXXgpf:
5480 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5481 + * if an error occured; do we mind?
5482 + */
5483 + if (AUDITING_TD(curthread) && AUDIT_dvp != NULL) {
5484 + nfsrv_auditpath(NULL, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, NULL, 1);
5485 + vrele(AUDIT_dvp);
5486 + }
5487 VFS_UNLOCK_GIANT(vfslocked);
5488 +
5489 return(error);
5490 }
5491
5492 @@ -1846,6 +2143,7 @@
5493 struct mbuf *mb, *mreq;
5494 struct nameidata fromnd, tond;
5495 struct vnode *fvp, *tvp, *tdvp, *fdirp = NULL;
5496 + struct vnode *AUDIT_fromdvp = NULL, *AUDIT_todvp = NULL, *AUDIT_vp = NULL;
5497 struct vnode *tdirp = NULL;
5498 struct vattr fdirfor, fdiraft, tdirfor, tdiraft;
5499 nfsfh_t fnfh, tnfh;
5500 @@ -1902,6 +2200,17 @@
5501 error = 0;
5502 goto nfsmout;
5503 }
5504 +
5505 + AUDIT_vp = fromnd.ni_vp;
5506 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5507 + vn_lock(AUDIT_vp, LK_SHARED);
5508 + AUDIT_ARG_VNODE1(AUDIT_vp);
5509 + VOP_UNLOCK(AUDIT_vp, 0);
5510 + }
5511 + AUDIT_fromdvp = fromnd.ni_dvp;
5512 + if (AUDIT_fromdvp != NULL && AUDITING_TD(curthread))
5513 + vref(AUDIT_fromdvp);
5514 +
5515 fvp = fromnd.ni_vp;
5516 nfsm_srvmtofh(tfhp);
5517 nfsm_srvnamesiz(len2);
5518 @@ -1911,7 +2220,7 @@
5519 tond.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | NOCACHE | SAVESTART | MPSAFE;
5520 error = nfs_namei(&tond, nfsd, tfhp, len2, slp, nam, &md,
5521 &dpos, &tdirp, v3, &tdirfor, &tdirfor_ret, FALSE);
5522 - vfslocked = nfsrv_lockedpair_nd(vfslocked, &tond);
5523 + vfslocked = nfsrv_lockedpair_nd(vfslocked, &tond);
5524 if (tdirp && !v3) {
5525 vrele(tdirp);
5526 tdirp = NULL;
5527 @@ -1919,6 +2228,10 @@
5528 if (error)
5529 goto out1;
5530
5531 + AUDIT_todvp = tond.ni_dvp;
5532 + if (AUDIT_todvp != NULL && AUDITING_TD(curthread))
5533 + vref(AUDIT_todvp);
5534 +
5535 tdvp = tond.ni_dvp;
5536 tvp = tond.ni_vp;
5537 if (tvp != NULL) {
5538 @@ -2057,7 +2370,21 @@
5539 vrele(fromnd.ni_vp);
5540
5541 vn_finished_write(mp);
5542 + /*
5543 + * XXXgpf:
5544 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5545 + * if an error occured; do we mind?
5546 + */
5547 + if (AUDITING_TD(curthread)) {
5548 + nfsrv_auditpath(NULL, AUDIT_fromdvp, fromnd.ni_cnd.cn_pnbuf, NULL, 1);
5549 + nfsrv_auditpath(NULL, AUDIT_todvp, tond.ni_cnd.cn_pnbuf, NULL, 2);
5550 + if (AUDIT_fromdvp != NULL)
5551 + vrele(AUDIT_fromdvp);
5552 + if (AUDIT_todvp != NULL)
5553 + vrele(AUDIT_todvp);
5554 + }
5555 VFS_UNLOCK_GIANT(vfslocked);
5556 +
5557 return (error);
5558 }
5559
5560 @@ -2078,6 +2405,7 @@
5561 int getret = 1, v3 = (nfsd->nd_flag & ND_NFSV3);
5562 struct mbuf *mb, *mreq;
5563 struct vnode *vp = NULL, *xp, *dirp = NULL;
5564 + struct vnode *AUDIT_vp = NULL, *AUDIT_dvp = NULL;
5565 struct vattr dirfor, diraft, at;
5566 nfsfh_t nfh, dnfh;
5567 fhandle_t *fhp, *dfhp;
5568 @@ -2115,6 +2443,12 @@
5569 error = 0;
5570 goto nfsmout;
5571 }
5572 +
5573 + AUDIT_vp = vp;
5574 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5575 + vref(AUDIT_vp);
5576 + AUDIT_ARG_VNODE1(AUDIT_vp);
5577 + }
5578 if (v3)
5579 getret = VOP_GETATTR(vp, &at, cred);
5580 if (vp->v_type == VDIR) {
5581 @@ -2137,6 +2471,11 @@
5582 vp = NULL;
5583 goto out2;
5584 }
5585 +
5586 + AUDIT_dvp = nd.ni_dvp;
5587 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5588 + vref(AUDIT_dvp);
5589 +
5590 xp = nd.ni_vp;
5591 if (xp != NULL) {
5592 error = EEXIST;
5593 @@ -2152,7 +2491,7 @@
5594 goto out2;
5595 }
5596 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
5597 - error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
5598 + error = VOP_LINK(nd.ni_dvp, vp, &nd.ni_cnd);
5599 NDFREE(&nd, NDF_ONLY_PNBUF);
5600 /* fall through */
5601
5602 @@ -2205,7 +2544,21 @@
5603 if (nd.ni_vp)
5604 vrele(nd.ni_vp);
5605 vn_finished_write(mp);
5606 + /*
5607 + * XXXgpf:
5608 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5609 + * if an error occured; do we mind?
5610 + */
5611 + if (AUDITING_TD(curthread)) {
5612 + nfsrv_auditpath(NULL, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, NULL, 1);
5613 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 2);
5614 + if (AUDIT_dvp != NULL)
5615 + vrele(AUDIT_dvp);
5616 + if (AUDIT_vp != NULL)
5617 + vrele(AUDIT_vp);
5618 + }
5619 VFS_UNLOCK_GIANT(vfslocked);
5620 +
5621 return(error);
5622 }
5623
5624 @@ -2231,6 +2584,7 @@
5625 int v3 = (nfsd->nd_flag & ND_NFSV3);
5626 struct mbuf *mb, *mreq;
5627 struct vnode *dirp = NULL;
5628 + struct vnode *AUDIT_vp = NULL, *AUDIT_dvp = NULL;
5629 nfsfh_t nfh;
5630 fhandle_t *fhp;
5631 struct mount *mp = NULL;
5632 @@ -2263,6 +2617,11 @@
5633 nfsm_srvsattr(vap);
5634 nfsm_srvpathsiz(len2);
5635 }
5636 +
5637 + AUDIT_dvp = nd.ni_dvp;
5638 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5639 + vref(AUDIT_dvp);
5640 +
5641 if (dirp && !v3) {
5642 vrele(dirp);
5643 dirp = NULL;
5644 @@ -2289,18 +2648,28 @@
5645 error = EEXIST;
5646 goto out;
5647 }
5648 -
5649 +
5650 + if (pathcp != NULL)
5651 + AUDIT_ARG_UPATH2(curthread, pathcp);
5652 /*
5653 * issue symlink op. SAVESTART is set so the underlying path component
5654 * is only freed by the VOP if an error occurs.
5655 */
5656 if (vap->va_mode == (mode_t)VNOVAL)
5657 vap->va_mode = 0;
5658 + AUDIT_ARG_MODE(vap->va_mode);
5659 error = VOP_SYMLINK(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap, pathcp);
5660 if (error)
5661 NDFREE(&nd, NDF_ONLY_PNBUF);
5662 - else
5663 - vput(nd.ni_vp);
5664 + else {
5665 + AUDIT_vp = nd.ni_vp;
5666 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5667 + vref(AUDIT_vp);
5668 + AUDIT_ARG_VNODE1(AUDIT_vp);
5669 + }
5670 + vput(nd.ni_vp);
5671 + }
5672 +
5673 nd.ni_vp = NULL;
5674 /*
5675 * releases directory prior to potential lookup op.
5676 @@ -2333,7 +2702,7 @@
5677 if (error == 0) {
5678 bzero((caddr_t)fhp, sizeof(nfh));
5679 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
5680 - error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
5681 + error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid, AUDIT_dvp);
5682 if (!error)
5683 error = VOP_GETATTR(nd.ni_vp, vap, cred);
5684 vput(nd.ni_vp);
5685 @@ -2388,7 +2757,20 @@
5686 free(pathcp, M_TEMP);
5687
5688 vn_finished_write(mp);
5689 + /*
5690 + * XXXgpf:
5691 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5692 + * if an error occured; do we mind?
5693 + */
5694 + if (AUDITING_TD(curthread)) {
5695 + nfsrv_auditpath(AUDIT_vp, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, fhp, 1);
5696 + if (AUDIT_dvp != NULL)
5697 + vrele(AUDIT_dvp);
5698 + if (AUDIT_vp != NULL)
5699 + vrele(AUDIT_vp);
5700 + }
5701 VFS_UNLOCK_GIANT(vfslocked);
5702 +
5703 return (error);
5704 }
5705
5706 @@ -2413,6 +2795,7 @@
5707 int v3 = (nfsd->nd_flag & ND_NFSV3);
5708 struct mbuf *mb, *mreq;
5709 struct vnode *dirp = NULL;
5710 + struct vnode *AUDIT_vp = NULL, *AUDIT_dvp = NULL;
5711 int vpexcl = 0;
5712 nfsfh_t nfh;
5713 fhandle_t *fhp;
5714 @@ -2451,6 +2834,10 @@
5715 error = 0;
5716 goto nfsmout;
5717 }
5718 + AUDIT_dvp = nd.ni_dvp;
5719 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5720 + vref(AUDIT_dvp);
5721 +
5722 VATTR_NULL(vap);
5723 if (v3) {
5724 nfsm_srvsattr(vap);
5725 @@ -2469,7 +2856,7 @@
5726 NDFREE(&nd, NDF_ONLY_PNBUF);
5727 error = EEXIST;
5728 goto out;
5729 - }
5730 + }
5731
5732 /*
5733 * Issue mkdir op. Since SAVESTART is not set, the pathname
5734 @@ -2478,7 +2865,8 @@
5735 */
5736 if (vap->va_mode == (mode_t)VNOVAL)
5737 vap->va_mode = 0;
5738 - error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
5739 + AUDIT_ARG_MODE(vap->va_mode);
5740 + error = VOP_MKDIR(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, vap);
5741 NDFREE(&nd, NDF_ONLY_PNBUF);
5742 vpexcl = 1;
5743
5744 @@ -2486,9 +2874,15 @@
5745 nd.ni_dvp = NULL;
5746
5747 if (!error) {
5748 + AUDIT_vp = nd.ni_vp;
5749 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5750 + vref(AUDIT_vp);
5751 + AUDIT_ARG_VNODE1(AUDIT_vp);
5752 + }
5753 +
5754 bzero((caddr_t)fhp, sizeof(nfh));
5755 fhp->fh_fsid = nd.ni_vp->v_mount->mnt_stat.f_fsid;
5756 - error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid);
5757 + error = VOP_VPTOFH(nd.ni_vp, &fhp->fh_fid, AUDIT_dvp);
5758 if (!error)
5759 error = VOP_GETATTR(nd.ni_vp, vap, cred);
5760 }
5761 @@ -2533,7 +2927,6 @@
5762 }
5763 error = 0;
5764 /* fall through */
5765 -
5766 nfsmout:
5767 if (nd.ni_dvp) {
5768 NDFREE(&nd, NDF_ONLY_PNBUF);
5769 @@ -2551,7 +2944,20 @@
5770 if (dirp)
5771 vrele(dirp);
5772 vn_finished_write(mp);
5773 + /*
5774 + * XXXgpf:
5775 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5776 + * if an error occured; do we mind?
5777 + */
5778 + if (AUDITING_TD(curthread)) {
5779 + nfsrv_auditpath(AUDIT_vp, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, fhp, 1);
5780 + if (AUDIT_dvp != NULL)
5781 + vrele(AUDIT_dvp);
5782 + if (AUDIT_vp != NULL)
5783 + vrele(AUDIT_vp);
5784 + }
5785 VFS_UNLOCK_GIANT(vfslocked);
5786 +
5787 return (error);
5788 }
5789
5790 @@ -2571,6 +2977,7 @@
5791 int v3 = (nfsd->nd_flag & ND_NFSV3);
5792 struct mbuf *mb, *mreq;
5793 struct vnode *vp, *dirp = NULL;
5794 + struct vnode *AUDIT_dvp = NULL;
5795 struct vattr dirfor, diraft;
5796 nfsfh_t nfh;
5797 fhandle_t *fhp;
5798 @@ -2597,6 +3004,7 @@
5799 nd.ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF | MPSAFE;
5800 error = nfs_namei(&nd, nfsd, fhp, len, slp, nam, &md, &dpos,
5801 &dirp, v3, &dirfor, &dirfor_ret, FALSE);
5802 +
5803 vfslocked = nfsrv_lockedpair_nd(vfslocked, &nd);
5804 if (dirp && !v3) {
5805 vrele(dirp);
5806 @@ -2609,6 +3017,12 @@
5807 error = 0;
5808 goto nfsmout;
5809 }
5810 + AUDIT_dvp = nd.ni_dvp;
5811 + if (AUDIT_dvp != NULL && AUDITING_TD(curthread))
5812 + vref(AUDIT_dvp);
5813 + if (nd.ni_vp != NULL)
5814 + AUDIT_ARG_VNODE1(nd.ni_vp);
5815 +
5816 vp = nd.ni_vp;
5817 if (vp->v_type != VDIR) {
5818 error = ENOTDIR;
5819 @@ -2675,7 +3089,17 @@
5820 vrele(dirp);
5821
5822 vn_finished_write(mp);
5823 + /*
5824 + * XXXgpf:
5825 + * There's a chance that nd.ni_cnd.cn_pnbuf contains junk,
5826 + * if an error occured; do we mind?
5827 + */
5828 + if (AUDITING_TD(curthread) && AUDIT_dvp != NULL) {
5829 + nfsrv_auditpath(NULL, AUDIT_dvp, nd.ni_cnd.cn_pnbuf, NULL, 1);
5830 + vrele(AUDIT_dvp);
5831 + }
5832 VFS_UNLOCK_GIANT(vfslocked);
5833 +
5834 return(error);
5835 }
5836
5837 @@ -2734,6 +3158,7 @@
5838 struct mbuf *mb, *mreq;
5839 char *cpos, *cend, *rbuf;
5840 struct vnode *vp = NULL;
5841 + struct vnode *AUDIT_vp = NULL;
5842 struct vattr at;
5843 nfsfh_t nfh;
5844 fhandle_t *fhp;
5845 @@ -2772,11 +3197,18 @@
5846 fullsiz = siz;
5847 error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
5848 nam, &rdonly, TRUE);
5849 + if (!error) {
5850 + AUDIT_vp = vp;
5851 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5852 + vref(AUDIT_vp);
5853 + AUDIT_ARG_VNODE1(AUDIT_vp);
5854 + }
5855 + }
5856 if (!error && vp->v_type != VDIR) {
5857 error = ENOTDIR;
5858 vput(vp);
5859 vp = NULL;
5860 - }
5861 + }
5862 if (error) {
5863 nfsm_reply(NFSX_UNSIGNED);
5864 if (v3)
5865 @@ -2784,7 +3216,6 @@
5866 error = 0;
5867 goto nfsmout;
5868 }
5869 -
5870 /*
5871 * Obtain lock on vnode for this section of the code
5872 */
5873 @@ -3008,7 +3439,13 @@
5874 nfsmout:
5875 if (vp)
5876 vrele(vp);
5877 + /* XXX AUDIT */
5878 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5879 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5880 + vrele(AUDIT_vp);
5881 + }
5882 VFS_UNLOCK_GIANT(vfslocked);
5883 +
5884 return(error);
5885 }
5886
5887 @@ -3029,6 +3466,7 @@
5888 struct mbuf *mb, *mreq;
5889 char *cpos, *cend, *rbuf;
5890 struct vnode *vp = NULL, *nvp;
5891 + struct vnode *AUDIT_vp = NULL;
5892 struct flrep fl;
5893 nfsfh_t nfh;
5894 fhandle_t *fhp, *nfhp = (fhandle_t *)fl.fl_nfh;
5895 @@ -3066,6 +3504,13 @@
5896 fullsiz = siz;
5897 error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
5898 nam, &rdonly, TRUE);
5899 + if (!error) {
5900 + AUDIT_vp = vp;
5901 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5902 + vref(AUDIT_vp);
5903 + AUDIT_ARG_VNODE1(AUDIT_vp);
5904 + }
5905 + }
5906 if (!error && vp->v_type != VDIR) {
5907 error = ENOTDIR;
5908 vput(vp);
5909 @@ -3241,11 +3686,11 @@
5910 */
5911 KASSERT(nvp->v_mount == vp->v_mount,
5912 ("nfsrv_readdirplus: nvp mount != vp mount"));
5913 - if (VOP_VPTOFH(nvp, &nfhp->fh_fid)) {
5914 + if (VOP_VPTOFH(nvp, &nfhp->fh_fid, vp)) {
5915 vput(nvp);
5916 nvp = NULL;
5917 goto invalid;
5918 - }
5919 + }
5920 if (VOP_GETATTR(nvp, vap, cred)) {
5921 vput(nvp);
5922 nvp = NULL;
5923 @@ -3357,7 +3802,13 @@
5924 nfsmout:
5925 if (vp)
5926 vrele(vp);
5927 + /* XXX AUDIT */
5928 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5929 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5930 + vrele(AUDIT_vp);
5931 + }
5932 VFS_UNLOCK_GIANT(vfslocked);
5933 +
5934 return(error);
5935 }
5936
5937 @@ -3374,6 +3825,7 @@
5938 struct ucred *cred = nfsd->nd_cr;
5939 struct vattr bfor, aft;
5940 struct vnode *vp = NULL;
5941 + struct vnode *AUDIT_vp = NULL;
5942 nfsfh_t nfh;
5943 fhandle_t *fhp;
5944 u_int32_t *tl;
5945 @@ -3417,6 +3869,11 @@
5946 error = 0;
5947 goto nfsmout;
5948 }
5949 + AUDIT_vp = vp;
5950 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5951 + vref(AUDIT_vp);
5952 + AUDIT_ARG_VNODE1(AUDIT_vp);
5953 + }
5954 for_ret = VOP_GETATTR(vp, &bfor, cred);
5955
5956 if (cnt > MAX_COMMIT_COUNT) {
5957 @@ -3520,7 +3977,13 @@
5958 if (vp)
5959 vput(vp);
5960 vn_finished_write(mp);
5961 + /* XXX AUDIT */
5962 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
5963 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
5964 + vrele(AUDIT_vp);
5965 + }
5966 VFS_UNLOCK_GIANT(vfslocked);
5967 +
5968 return(error);
5969 }
5970
5971 @@ -3542,6 +4005,7 @@
5972 int v3 = (nfsd->nd_flag & ND_NFSV3);
5973 struct mbuf *mb, *mreq;
5974 struct vnode *vp = NULL;
5975 + struct vnode *AUDIT_vp = NULL;
5976 struct vattr at;
5977 nfsfh_t nfh;
5978 fhandle_t *fhp;
5979 @@ -3554,7 +4018,7 @@
5980 fhp = &nfh.fh_generic;
5981 nfsm_srvmtofh(fhp);
5982 error = nfsrv_fhtovp(fhp, 1, &vp, &vfslocked, nfsd, slp,
5983 - nam, &rdonly, TRUE);
5984 + nam, &rdonly, TRUE);
5985 if (error) {
5986 nfsm_reply(NFSX_UNSIGNED);
5987 if (v3)
5988 @@ -3562,6 +4026,11 @@
5989 error = 0;
5990 goto nfsmout;
5991 }
5992 + AUDIT_vp = vp;
5993 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
5994 + vref(AUDIT_vp);
5995 + AUDIT_ARG_VNODE1(AUDIT_vp);
5996 + }
5997 sf = &statfs;
5998 error = VFS_STATFS(vp->v_mount, sf);
5999 getret = VOP_GETATTR(vp, &at, cred);
6000 @@ -3614,7 +4083,13 @@
6001 nfsmout:
6002 if (vp)
6003 vput(vp);
6004 + /* XXX AUDIT */
6005 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
6006 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
6007 + vrele(AUDIT_vp);
6008 + }
6009 VFS_UNLOCK_GIANT(vfslocked);
6010 +
6011 return(error);
6012 }
6013
6014 @@ -3634,6 +4109,7 @@
6015 int error = 0, rdonly, getret = 1, pref;
6016 struct mbuf *mb, *mreq;
6017 struct vnode *vp = NULL;
6018 + struct vnode *AUDIT_vp = NULL;
6019 struct vattr at;
6020 nfsfh_t nfh;
6021 fhandle_t *fhp;
6022 @@ -3656,6 +4132,11 @@
6023 error = 0;
6024 goto nfsmout;
6025 }
6026 + AUDIT_vp = vp;
6027 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
6028 + vref(AUDIT_vp);
6029 + AUDIT_ARG_VNODE1(AUDIT_vp);
6030 + }
6031
6032 /* XXX Try to make a guess on the max file size. */
6033 VFS_STATFS(vp->v_mount, &sb);
6034 @@ -3690,7 +4171,13 @@
6035 nfsmout:
6036 if (vp)
6037 vput(vp);
6038 + /* XXX AUDIT */
6039 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
6040 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
6041 + vrele(AUDIT_vp);
6042 + }
6043 VFS_UNLOCK_GIANT(vfslocked);
6044 +
6045 return(error);
6046 }
6047
6048 @@ -3711,6 +4198,7 @@
6049 register_t linkmax, namemax, chownres, notrunc;
6050 struct mbuf *mb, *mreq;
6051 struct vnode *vp = NULL;
6052 + struct vnode *AUDIT_vp = NULL;
6053 struct vattr at;
6054 nfsfh_t nfh;
6055 fhandle_t *fhp;
6056 @@ -3731,6 +4219,11 @@
6057 error = 0;
6058 goto nfsmout;
6059 }
6060 + AUDIT_vp = vp;
6061 + if (AUDIT_vp != NULL && AUDITING_TD(curthread)) {
6062 + vref(AUDIT_vp);
6063 + AUDIT_ARG_VNODE1(AUDIT_vp);
6064 + }
6065 error = VOP_PATHCONF(vp, _PC_LINK_MAX, &linkmax);
6066 if (!error)
6067 error = VOP_PATHCONF(vp, _PC_NAME_MAX, &namemax);
6068 @@ -3764,7 +4257,13 @@
6069 nfsmout:
6070 if (vp)
6071 vput(vp);
6072 + /* XXX AUDIT */
6073 + if (AUDITING_TD(curthread) && AUDIT_vp != NULL) {
6074 + nfsrv_auditpath(AUDIT_vp, NULL, NULL, fhp, 1);
6075 + vrele(AUDIT_vp);
6076 + }
6077 VFS_UNLOCK_GIANT(vfslocked);
6078 +
6079 return(error);
6080 }
6081
6082 --- //depot/vendor/freebsd/src/sys/nfsserver/nfs_srvkrpc.c 2010-02-09 23:50:14.000000000 0000
6083 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/nfsserver/nfs_srvkrpc.c 2010-07-08 13:04:03.000000000 0000
6084 @@ -63,6 +63,8 @@
6085 #include <sys/lockf.h>
6086 #include <sys/eventhandler.h>
6087
6088 +#include <security/audit/audit.h>
6089 +
6090 #include <netinet/in.h>
6091 #include <netinet/tcp.h>
6092 #ifdef INET6
6093 @@ -254,6 +256,8 @@
6094 struct nfsrv_descript nd;
6095 struct mbuf *mreq, *mrep;
6096 int error;
6097 + int protocol;
6098 + struct thread *td = curthread;
6099
6100 if (rqst->rq_vers == NFS_VER2) {
6101 if (rqst->rq_proc > NFSV2PROC_STATFS) {
6102 @@ -291,7 +295,7 @@
6103 nd.nd_nam2 = rqst->rq_addr;
6104 nd.nd_procnum = procnum;
6105 nd.nd_cr = NULL;
6106 - nd.nd_flag = flag;
6107 + nd.nd_flag = flag;
6108
6109 if (nfs_privport) {
6110 /* Check if source port is privileged */
6111 @@ -349,7 +353,15 @@
6112 }
6113 nfsrvstats.srvrpccnt[nd.nd_procnum]++;
6114
6115 + if (flag)
6116 + protocol = ND_NFSV3;
6117 + else
6118 + protocol = ND_NFSV2;
6119 + AUDIT_NFS_ENTER(procnum, nd.nd_cr, td, protocol);
6120 + AUDIT_ARG_SOCKADDR_IN((struct sockaddr_in *)nd.nd_nam);
6121 + AUDIT_ARG_PROTOCOL(protocol);
6122 error = proc(&nd, NULL, &mrep);
6123 + AUDIT_NFS_EXIT(nd.nd_repstat, td);
6124
6125 if (nd.nd_cr)
6126 crfree(nd.nd_cr);
6127 --- //depot/vendor/freebsd/src/sys/security/audit/audit.c 2009-07-28 21:45:14.000000000 0000
6128 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit.c 2010-08-16 13:30:34.000000000 0000
6129 @@ -63,6 +63,7 @@
6130 #include <bsm/audit.h>
6131 #include <bsm/audit_internal.h>
6132 #include <bsm/audit_kevents.h>
6133 +#include <bsm/audit_record.h>
6134
6135 #include <netinet/in.h>
6136 #include <netinet/in_pcb.h>
6137 @@ -78,6 +79,9 @@
6138 MALLOC_DEFINE(M_AUDITPATH, "audit_path", "Audit path storage");
6139 MALLOC_DEFINE(M_AUDITTEXT, "audit_text", "Audit text storage");
6140 MALLOC_DEFINE(M_AUDITGIDSET, "audit_gidset", "Audit GID set storage");
6141 +MALLOC_DEFINE(M_AUDITLOCKOWNER, "audit_lockowner", "Audit lockowner storage");
6142 +MALLOC_DEFINE(M_AUDITCLIENTNAME, "audit_clientname", "Audit client name storage");
6143 +MALLOC_DEFINE(M_AUDITRECORD, "audit_record", "Audit Record storage");
6144
6145 SYSCTL_NODE(_security, OID_AUTO, audit, CTLFLAG_RW, 0,
6146 "TrustedBSD audit controls");
6147 @@ -215,22 +219,28 @@
6148 td = arg;
6149 ar = mem;
6150 bzero(ar, sizeof(*ar));
6151 - ar->k_ar.ar_magic = AUDIT_RECORD_MAGIC;
6152 - nanotime(&ar->k_ar.ar_starttime);
6153 + /* We should allocate a k_ar iff we are auditing this event */
6154 + if (td->td_pflags & TDP_AUDITREC) {
6155 + ar->k_ar = malloc(sizeof(struct audit_record), M_AUDITRECORD, M_WAITOK);
6156 + bzero(ar->k_ar, sizeof(struct audit_record));
6157 + ar->k_ar->ar_magic = AUDIT_RECORD_MAGIC;
6158 + nanotime(&ar->k_ar->ar_starttime);
6159 +
6160 + /*
6161 + * Export the subject credential.
6162 + */
6163 + cred = td->td_ucred;
6164 + cru2x(cred, &ar->k_ar->ar_subj_cred);
6165 + ar->k_ar->ar_subj_ruid = cred->cr_ruid;
6166 + ar->k_ar->ar_subj_rgid = cred->cr_rgid;
6167 + ar->k_ar->ar_subj_egid = cred->cr_groups[0];
6168 + ar->k_ar->ar_subj_auid = cred->cr_audit.ai_auid;
6169 + ar->k_ar->ar_subj_asid = cred->cr_audit.ai_asid;
6170 + ar->k_ar->ar_subj_pid = td->td_proc->p_pid;
6171 + ar->k_ar->ar_subj_amask = cred->cr_audit.ai_mask;
6172 + ar->k_ar->ar_subj_term_addr = cred->cr_audit.ai_termid;
6173 + }
6174
6175 - /*
6176 - * Export the subject credential.
6177 - */
6178 - cred = td->td_ucred;
6179 - cru2x(cred, &ar->k_ar.ar_subj_cred);
6180 - ar->k_ar.ar_subj_ruid = cred->cr_ruid;
6181 - ar->k_ar.ar_subj_rgid = cred->cr_rgid;
6182 - ar->k_ar.ar_subj_egid = cred->cr_groups[0];
6183 - ar->k_ar.ar_subj_auid = cred->cr_audit.ai_auid;
6184 - ar->k_ar.ar_subj_asid = cred->cr_audit.ai_asid;
6185 - ar->k_ar.ar_subj_pid = td->td_proc->p_pid;
6186 - ar->k_ar.ar_subj_amask = cred->cr_audit.ai_mask;
6187 - ar->k_ar.ar_subj_term_addr = cred->cr_audit.ai_termid;
6188 return (0);
6189 }
6190
6191 @@ -242,20 +252,27 @@
6192 KASSERT(sizeof(*ar) == size, ("audit_record_dtor: wrong size"));
6193
6194 ar = mem;
6195 - if (ar->k_ar.ar_arg_upath1 != NULL)
6196 - free(ar->k_ar.ar_arg_upath1, M_AUDITPATH);
6197 - if (ar->k_ar.ar_arg_upath2 != NULL)
6198 - free(ar->k_ar.ar_arg_upath2, M_AUDITPATH);
6199 - if (ar->k_ar.ar_arg_text != NULL)
6200 - free(ar->k_ar.ar_arg_text, M_AUDITTEXT);
6201 - if (ar->k_udata != NULL)
6202 - free(ar->k_udata, M_AUDITDATA);
6203 - if (ar->k_ar.ar_arg_argv != NULL)
6204 - free(ar->k_ar.ar_arg_argv, M_AUDITTEXT);
6205 - if (ar->k_ar.ar_arg_envv != NULL)
6206 - free(ar->k_ar.ar_arg_envv, M_AUDITTEXT);
6207 - if (ar->k_ar.ar_arg_groups.gidset != NULL)
6208 - free(ar->k_ar.ar_arg_groups.gidset, M_AUDITGIDSET);
6209 + if (ar->k_ar != NULL) {
6210 + if (ar->k_ar->ar_arg_upath1 != NULL)
6211 + free(ar->k_ar->ar_arg_upath1, M_AUDITPATH);
6212 + if (ar->k_ar->ar_arg_upath2 != NULL)
6213 + free(ar->k_ar->ar_arg_upath2, M_AUDITPATH);
6214 + if (ar->k_ar->ar_arg_text != NULL)
6215 + free(ar->k_ar->ar_arg_text, M_AUDITTEXT);
6216 + if (ar->k_udata != NULL)
6217 + free(ar->k_udata, M_AUDITDATA);
6218 + if (ar->k_ar->ar_arg_argv != NULL)
6219 + free(ar->k_ar->ar_arg_argv, M_AUDITTEXT);
6220 + if (ar->k_ar->ar_arg_envv != NULL)
6221 + free(ar->k_ar->ar_arg_envv, M_AUDITTEXT);
6222 + if (ar->k_ar->ar_arg_groups.gidset != NULL)
6223 + free(ar->k_ar->ar_arg_groups.gidset, M_AUDITGIDSET);
6224 + if (ar->k_ar->ar_arg_lockowner != NULL)
6225 + free(ar->k_ar->ar_arg_lockowner, M_AUDITLOCKOWNER);
6226 + if (ar->k_ar->ar_arg_clientname != NULL)
6227 + free(ar->k_ar->ar_arg_clientname, M_AUDITCLIENTNAME);
6228 + free(ar->k_ar, M_AUDITRECORD);
6229 + }
6230 }
6231
6232 /*
6233 @@ -367,7 +384,8 @@
6234 * in the kernel.
6235 */
6236 ar = uma_zalloc_arg(audit_record_zone, td, M_WAITOK);
6237 - ar->k_ar.ar_event = event;
6238 + if (ar->k_ar != NULL)
6239 + ar->k_ar->ar_event = event;
6240
6241 mtx_lock(&audit_mtx);
6242 audit_pre_q_len++;
6243 @@ -383,105 +401,168 @@
6244 uma_zfree(audit_record_zone, ar);
6245 }
6246
6247 +/*
6248 + * Insert the new audit record in the per thread tree structure &
6249 + * make td_ar point to it
6250 + */
6251 void
6252 -audit_commit(struct kaudit_record *ar, int error, int retval)
6253 +audit_tree_insert(struct thread *td, struct kaudit_record *ar)
6254 +{
6255 + if (ar == NULL)
6256 + return;
6257 +
6258 + ar->k_parent = td->td_ar;
6259 + STAILQ_INIT(&ar->kaudit_children_q);
6260 + if (td->td_ar != NULL)
6261 + STAILQ_INSERT_TAIL(&td->td_ar->kaudit_children_q, ar, k_record_q);
6262 + td->td_ar = ar;
6263 +}
6264 +
6265 +
6266 +/*
6267 + * Go up on level on the tree hierarchy, restore the audit flag
6268 + * to its previous value and make td_ar point to the parent event
6269 + */
6270 +void
6271 +audit_tree_go_up(struct thread *td)
6272 {
6273 + td->td_ar = td->td_ar->k_parent;
6274 + if (td->td_ar->k_ar == NULL)
6275 + td->td_pflags &= ~TDP_AUDITREC;
6276 + else
6277 + td->td_pflags |= TDP_AUDITREC;
6278 +}
6279 +
6280 +/*
6281 + * commit the audit events of the tree in preorder & destroy the
6282 + * ones we don't commit
6283 + *
6284 + * XXXgpf: The caller needs to hold a lock on audit_mtx. If we don't
6285 + * like hogging on the mutex, we can split this function in two.
6286 + * One will decide which records should be commited and the other,
6287 + * which will require the lock, will just commit or destroy each record.
6288 + */
6289 +void
6290 +audit_tree_commit(struct kaudit_record *ar, int *signal_worker)
6291 +{
6292 au_event_t event;
6293 au_class_t class;
6294 au_id_t auid;
6295 - int sorf;
6296 + int commit, error, retval, sorf;
6297 struct au_mask *aumask;
6298 + struct kaudit_record *child, *tchild;
6299 +
6300 + commit = 0;
6301 +
6302 + if (ar->k_ar != NULL) {
6303 + error = ar->k_ar->ar_errno;
6304 + retval = ar->k_ar->ar_retval;
6305 +
6306 + /*
6307 + * Decide whether to commit the audit record by checking the error
6308 + * value from the system call and using the appropriate audit mask.
6309 + */
6310 + if (ar->k_ar->ar_subj_auid == AU_DEFAUDITID)
6311 + aumask = &audit_nae_mask;
6312 + else
6313 + aumask = &ar->k_ar->ar_subj_amask;
6314 +
6315 + if (error)
6316 + sorf = AU_PRS_FAILURE;
6317 + else
6318 + sorf = AU_PRS_SUCCESS;
6319
6320 - if (ar == NULL)
6321 - return;
6322 + /*
6323 + * syscalls.master sometimes contains a prototype event number, which
6324 + * we will transform into a more specific event number now that we
6325 + * have more complete information gathered during the system call.
6326 + */
6327 + switch(ar->k_ar->ar_event) {
6328 + case AUE_OPEN_RWTC:
6329 + ar->k_ar->ar_event = audit_flags_and_error_to_openevent(
6330 + ar->k_ar->ar_arg_fflags, error);
6331 + break;
6332
6333 - /*
6334 - * Decide whether to commit the audit record by checking the error
6335 - * value from the system call and using the appropriate audit mask.
6336 - */
6337 - if (ar->k_ar.ar_subj_auid == AU_DEFAUDITID)
6338 - aumask = &audit_nae_mask;
6339 - else
6340 - aumask = &ar->k_ar.ar_subj_amask;
6341 + case AUE_OPENAT_RWTC:
6342 + ar->k_ar->ar_event = audit_flags_and_error_to_openatevent(
6343 + ar->k_ar->ar_arg_fflags, error);
6344 + break;
6345
6346 - if (error)
6347 - sorf = AU_PRS_FAILURE;
6348 - else
6349 - sorf = AU_PRS_SUCCESS;
6350 + case AUE_SYSCTL:
6351 + ar->k_ar->ar_event = audit_ctlname_to_sysctlevent(
6352 + ar->k_ar->ar_arg_ctlname, ar->k_ar->ar_valid_arg);
6353 + break;
6354
6355 - /*
6356 - * syscalls.master sometimes contains a prototype event number, which
6357 - * we will transform into a more specific event number now that we
6358 - * have more complete information gathered during the system call.
6359 - */
6360 - switch(ar->k_ar.ar_event) {
6361 - case AUE_OPEN_RWTC:
6362 - ar->k_ar.ar_event = audit_flags_and_error_to_openevent(
6363 - ar->k_ar.ar_arg_fflags, error);
6364 - break;
6365 + case AUE_AUDITON:
6366 + /* Convert the auditon() command to an event. */
6367 + ar->k_ar->ar_event = auditon_command_event(ar->k_ar->ar_arg_cmd);
6368 + break;
6369 +
6370 + case AUE_NFS_OPEN:
6371 + ar->k_ar->ar_event = audit_flags_to_nfs_openevent(ar->k_ar->ar_arg_fflags);
6372 + break;
6373 + }
6374
6375 - case AUE_OPENAT_RWTC:
6376 - ar->k_ar.ar_event = audit_flags_and_error_to_openatevent(
6377 - ar->k_ar.ar_arg_fflags, error);
6378 - break;
6379 + auid = ar->k_ar->ar_subj_auid;
6380 + event = ar->k_ar->ar_event;
6381 + class = au_event_class(event);
6382
6383 - case AUE_SYSCTL:
6384 - ar->k_ar.ar_event = audit_ctlname_to_sysctlevent(
6385 - ar->k_ar.ar_arg_ctlname, ar->k_ar.ar_valid_arg);
6386 - break;
6387 + ar->k_ar_commit |= AR_COMMIT_KERNEL;
6388 + if (au_preselect(event, class, aumask, sorf) != 0)
6389 + ar->k_ar_commit |= AR_PRESELECT_TRAIL;
6390 + if (audit_pipe_preselect(auid, event, class, sorf,
6391 + ar->k_ar_commit & AR_PRESELECT_TRAIL) != 0)
6392 + ar->k_ar_commit |= AR_PRESELECT_PIPE;
6393 + if ((ar->k_ar_commit & (AR_PRESELECT_TRAIL | AR_PRESELECT_PIPE |
6394 + AR_PRESELECT_USER_TRAIL | AR_PRESELECT_USER_PIPE)) == 0)
6395 + goto out;
6396
6397 - case AUE_AUDITON:
6398 - /* Convert the auditon() command to an event. */
6399 - ar->k_ar.ar_event = auditon_command_event(ar->k_ar.ar_arg_cmd);
6400 - break;
6401 - }
6402 + /*
6403 + * Note: it could be that some records initiated while audit was
6404 + * enabled should still be committed?
6405 + */
6406 + if (audit_suspended || !audit_enabled)
6407 + goto out;
6408
6409 - auid = ar->k_ar.ar_subj_auid;
6410 - event = ar->k_ar.ar_event;
6411 - class = au_event_class(event);
6412 + commit = 1;
6413 + *signal_worker = 1;
6414 + /*
6415 + * Constrain the number of committed audit records based on the
6416 + * configurable parameter.
6417 + */
6418 + while (audit_q_len >= audit_qctrl.aq_hiwater)
6419 + cv_wait(&audit_watermark_cv, &audit_mtx);
6420
6421 - ar->k_ar_commit |= AR_COMMIT_KERNEL;
6422 - if (au_preselect(event, class, aumask, sorf) != 0)
6423 - ar->k_ar_commit |= AR_PRESELECT_TRAIL;
6424 - if (audit_pipe_preselect(auid, event, class, sorf,
6425 - ar->k_ar_commit & AR_PRESELECT_TRAIL) != 0)
6426 - ar->k_ar_commit |= AR_PRESELECT_PIPE;
6427 - if ((ar->k_ar_commit & (AR_PRESELECT_TRAIL | AR_PRESELECT_PIPE |
6428 - AR_PRESELECT_USER_TRAIL | AR_PRESELECT_USER_PIPE)) == 0) {
6429 - mtx_lock(&audit_mtx);
6430 + TAILQ_INSERT_TAIL(&audit_q, ar, k_q);
6431 + audit_q_len++;
6432 audit_pre_q_len--;
6433 - mtx_unlock(&audit_mtx);
6434 - audit_free(ar);
6435 - return;
6436 }
6437
6438 - ar->k_ar.ar_errno = error;
6439 - ar->k_ar.ar_retval = retval;
6440 - nanotime(&ar->k_ar.ar_endtime);
6441 -
6442 - /*
6443 - * Note: it could be that some records initiated while audit was
6444 - * enabled should still be committed?
6445 - */
6446 - mtx_lock(&audit_mtx);
6447 - if (audit_suspended || !audit_enabled) {
6448 +out:
6449 + STAILQ_FOREACH_SAFE(child, &ar->kaudit_children_q, k_record_q, tchild) {
6450 + audit_tree_commit(child, signal_worker);
6451 + }
6452 +
6453 + /* if we are not commiting this ar, free it */
6454 + if (commit == 0) {
6455 audit_pre_q_len--;
6456 - mtx_unlock(&audit_mtx);
6457 audit_free(ar);
6458 - return;
6459 }
6460 +}
6461
6462 - /*
6463 - * Constrain the number of committed audit records based on the
6464 - * configurable parameter.
6465 - */
6466 - while (audit_q_len >= audit_qctrl.aq_hiwater)
6467 - cv_wait(&audit_watermark_cv, &audit_mtx);
6468 +void
6469 +audit_commit(struct kaudit_record *ar)
6470 +{
6471 + int signal_worker;
6472 +
6473 + if (ar == NULL)
6474 + return;
6475
6476 - TAILQ_INSERT_TAIL(&audit_q, ar, k_q);
6477 - audit_q_len++;
6478 - audit_pre_q_len--;
6479 - cv_signal(&audit_worker_cv);
6480 + signal_worker = 0;
6481 + mtx_lock(&audit_mtx);
6482 + audit_tree_commit(ar, &signal_worker);
6483 + if (signal_worker != 0)
6484 + cv_signal(&audit_worker_cv);
6485 mtx_unlock(&audit_mtx);
6486 }
6487
6488 @@ -498,10 +579,7 @@
6489 au_class_t class;
6490 au_event_t event;
6491 au_id_t auid;
6492 -
6493 - KASSERT(td->td_ar == NULL, ("audit_syscall_enter: td->td_ar != NULL"));
6494 - KASSERT((td->td_pflags & TDP_AUDITREC) == 0,
6495 - ("audit_syscall_enter: TDP_AUDITREC set"));
6496 + struct kaudit_record *ar;
6497
6498 /*
6499 * In FreeBSD, each ABI has its own system call table, and hence
6500 @@ -510,6 +588,9 @@
6501 * reference. In Darwin, there's only one, so we use the global
6502 * symbol for the system call table. No audit record is generated
6503 * for bad system calls, as no operation has been performed.
6504 + *
6505 + * gpf: This doesn't seem ok now that we are keeping state for
6506 + * every event, whether we are auditing it or not.
6507 */
6508 if (code >= td->td_proc->p_sysent->sv_size)
6509 return;
6510 @@ -551,42 +632,316 @@
6511 cv_wait(&audit_fail_cv, &audit_mtx);
6512 panic("audit_failing_stop: thread continued");
6513 }
6514 - td->td_ar = audit_new(event, td);
6515 - if (td->td_ar != NULL)
6516 - td->td_pflags |= TDP_AUDITREC;
6517 - } else if (audit_pipe_preselect(auid, event, class, AU_PRS_BOTH, 0)) {
6518 - td->td_ar = audit_new(event, td);
6519 - if (td->td_ar != NULL)
6520 - td->td_pflags |= TDP_AUDITREC;
6521 - } else
6522 + td->td_pflags |= TDP_AUDITREC;
6523 + }
6524 + else if (audit_pipe_preselect(auid, event, class, AU_PRS_BOTH, 0))
6525 + td->td_pflags |= TDP_AUDITREC;
6526 + else
6527 + td->td_pflags &= ~TDP_AUDITREC;
6528 +
6529 + /*
6530 + * We need to keep state, even if we are not auditing this event.
6531 + * The reason is that that we may encounter another security event,
6532 + * before this one is over. When we exit from the second event, we
6533 + * need a way to remember if we were auditing the first event or not.
6534 + */
6535 + ar = audit_new(event, td);
6536 + if (ar != NULL)
6537 + audit_tree_insert(td, ar);
6538 + else {
6539 + audit_commit(td->td_ar);
6540 + td->td_pflags &= ~TDP_AUDITREC;
6541 td->td_ar = NULL;
6542 + }
6543 }
6544
6545 /*
6546 * audit_syscall_exit() is called from the return of every system call, or in
6547 - * the event of exit1(), during the execution of exit1(). It is responsible
6548 - * for committing the audit record, if any, along with return condition.
6549 + * the event of exit1(), during the execution of exit1(). If the current
6550 + * event is the root of the audit record tree structure, this function
6551 + * is responsible for commiting the whole audit record tree. Otherwise,
6552 + * it stores the return status & endtime; also it restores the auditing flag
6553 + * and td_ar to reflect the parent audit record.
6554 + *
6555 + * In the event of nfssvc(), we are forced to call audit_syscall_exit()
6556 + * before the syscall actually exits because in some cases, it may hang around
6557 + * in the kernel as a NFS daemon thread; this can cause problems with the
6558 + * auditing of NFS RPCs.
6559 */
6560 void
6561 audit_syscall_exit(int error, struct thread *td)
6562 {
6563 int retval;
6564
6565 + if (td->td_ar == NULL)
6566 + return;
6567 +
6568 /*
6569 - * Commit the audit record as desired; once we pass the record into
6570 - * audit_commit(), the memory is owned by the audit subsystem. The
6571 - * return value from the system call is stored on the user thread.
6572 + * The return value from the system call is stored on the user thread.
6573 * If there was an error, the return value is set to -1, imitating
6574 * the behavior of the cerror routine.
6575 + */
6576 + if (error)
6577 + retval = -1;
6578 + else
6579 + retval = td->td_retval[0];
6580 +
6581 + AUDIT_ENDTIME();
6582 + AUDIT_ERROR(error);
6583 + AUDIT_RETVAL(retval);
6584 +
6585 + /*
6586 + * Commit the audit record tree; once we pass the records into
6587 + * audit_commit(), the memory is owned by the audit subsystem.
6588 */
6589 + if (td->td_ar->k_parent == NULL) {
6590 + audit_commit(td->td_ar);
6591 + td->td_ar = NULL;
6592 + td->td_pflags &= ~TDP_AUDITREC;
6593 + }
6594 + else
6595 + audit_tree_go_up(td);
6596 +}
6597 +
6598 +/*
6599 + * Convert an NFS RPC procedure number to an audit event
6600 + */
6601 +int
6602 +audit_nfs_proc_to_event(unsigned int proc, au_event_t *event, int nfsprot)
6603 +{
6604 + au_event_t nfsv3toevent[] = {
6605 + AUE_NFS_NULL,
6606 + AUE_NFS_GETATTR,
6607 + AUE_NFS_SETATTR,
6608 + AUE_NFS_LOOKUP,
6609 + AUE_NFS_ACCESS,
6610 + AUE_NFS_READLINK,
6611 + AUE_NFS_READ,
6612 + AUE_NFS_WRITE,
6613 + AUE_NFS_CREATE,
6614 + AUE_NFS_MKDIR,
6615 + AUE_NFS_SYMLINK,
6616 + AUE_NFS_MKNOD,
6617 + AUE_NFS_REMOVE,
6618 + AUE_NFS_RMDIR,
6619 + AUE_NFS_RENAME,
6620 + AUE_NFS_LINK,
6621 + AUE_NFS_READDIR,
6622 + AUE_NFS_READDIR_PLUS,
6623 + AUE_NFS_STATFS,
6624 + AUE_NFS_FSINFO,
6625 + AUE_NFS_PATHCONF,
6626 + AUE_NFS_COMMIT,
6627 + AUE_NFS_NOOP,
6628 + };
6629 + au_event_t nfsv4toevent[] = {
6630 + AUE_NFS_NULL,
6631 + AUE_NFS_NOOP,
6632 + AUE_NFS_NOOP,
6633 + AUE_NFS_ACCESS,
6634 + AUE_NFS_CLOSE,
6635 + AUE_NFS_COMMIT,
6636 + AUE_NFS_CREATE,
6637 + AUE_NFS_DELEGPURGE,
6638 + AUE_NFS_DELEGRETURN,
6639 + AUE_NFS_GETATTR,
6640 + AUE_NFSv4_GETFH,
6641 + AUE_NFS_LINK,
6642 + AUE_NFS_LOCK,
6643 + AUE_NFS_LOCKT,
6644 + AUE_NFS_LOCKU,
6645 + AUE_NFS_LOOKUP,
6646 + AUE_NFS_LOOKUPP,
6647 + AUE_NFS_NVERIFY,
6648 + AUE_NFS_OPEN,
6649 + AUE_NFS_OPENATTR,
6650 + AUE_NFS_OPENCONFIRM,
6651 + AUE_NFS_OPENDOWNGRADE,
6652 + AUE_NFS_PUTFH,
6653 + AUE_NFS_PUTPUBFH,
6654 + AUE_NFS_PUTROOTFH,
6655 + AUE_NFS_READ,
6656 + AUE_NFS_READDIR,
6657 + AUE_NFS_READLINK,
6658 + AUE_NFS_REMOVE,
6659 + AUE_NFS_RENAME,
6660 + AUE_NFS_RENEW,
6661 + AUE_NFS_RESTOREFH,
6662 + AUE_NFS_SAVEFH,
6663 + AUE_NFS_SECINFO,
6664 + AUE_NFS_SETATTR,
6665 + AUE_NFS_SETCLIENTID,
6666 + AUE_NFS_SETCLIENTIDCFRM,
6667 + AUE_NFS_VERIFY,
6668 + AUE_NFS_WRITE,
6669 + AUE_NFS_RELEASELCKOWN,
6670 + };
6671 + static int nfs_v3nprocs = sizeof(nfsv3toevent) / sizeof(au_event_t);
6672 + static int nfs_v4nprocs = sizeof(nfsv4toevent) / sizeof(au_event_t);
6673 + int error = 0;
6674 +
6675 + switch (nfsprot) {
6676 + case ND_NFSV4:
6677 + if (proc < nfs_v4nprocs)
6678 + *event = nfsv4toevent[proc];
6679 + else
6680 + error = EINVAL;
6681 + break;
6682 + /* FALLTHROUGH */
6683 + default:
6684 + case ND_NFSV2:
6685 + case ND_NFSV3:
6686 + if (proc < nfs_v3nprocs)
6687 + *event = nfsv3toevent[proc];
6688 + else
6689 + error = EINVAL;
6690 + break;
6691 + }
6692 +
6693 + return (error);
6694 +}
6695 +
6696 +/*
6697 + * audit_nfs_enter() is called on entry to each rpc request that *will*
6698 + * be serviced by the nfs server. It is responsible for deciding
6699 + * whether or not to audit the remote procedure call (preselection),
6700 + * and if so, allocating a per-thread audit record.
6701 + * audit_new() will fill in basic thread/credential properties.
6702 + */
6703 +void
6704 +audit_nfs_enter(unsigned int proc, struct ucred *user_cr, struct thread *td, int nfsprot)
6705 +{
6706 + struct au_mask *aumask;
6707 + au_class_t class;
6708 + au_event_t event;
6709 + au_id_t auid;
6710 + int error;
6711 + struct kaudit_record *ar;
6712 +
6713 + error = audit_nfs_proc_to_event(proc, &event, nfsprot);
6714 + if (error)
6715 + return;
6716 +
6717 + /*
6718 + * Check which audit mask to use; either the kernel non-attributable
6719 + * event mask or the process audit mask.
6720 + */
6721 + auid = td->td_ucred->cr_audit.ai_auid;
6722 + if (auid == AU_DEFAUDITID)
6723 + aumask = &audit_nae_mask;
6724 + else
6725 + aumask = &td->td_ucred->cr_audit.ai_mask;
6726 +
6727 + /*
6728 + * Allocate an audit record, if preselection allows it, and store in
6729 + * the thread for later use.
6730 + */
6731 + class = au_event_class(event);
6732 + if (au_preselect(event, class, aumask, AU_PRS_BOTH)) {
6733 + /*
6734 + * If we're out of space and need to suspend unprivileged
6735 + * processes, do that here rather than trying to allocate
6736 + * another audit record.
6737 + *
6738 + * Note: we might wish to be able to continue here in the
6739 + * future, if the system recovers. That should be possible
6740 + * by means of checking the condition in a loop around
6741 + * cv_wait(). It might be desirable to reevaluate whether an
6742 + * audit record is still required for this event by
6743 + * re-calling au_preselect().
6744 + */
6745 + if (audit_in_failure &&
6746 + priv_check(td, PRIV_AUDIT_FAILSTOP) != 0) {
6747 + cv_wait(&audit_fail_cv, &audit_mtx);
6748 + panic("audit_failing_stop: thread continued");
6749 + }
6750 + td->td_pflags |= TDP_AUDITREC;
6751 + }
6752 + else if (audit_pipe_preselect(auid, event, class, AU_PRS_BOTH, 0))
6753 + td->td_pflags |= TDP_AUDITREC;
6754 + else
6755 + td->td_pflags &= ~TDP_AUDITREC;
6756 +
6757 + /*
6758 + * We need to keep state, even if we are not auditing this event.
6759 + * The reason is that that we may encounter another security event,
6760 + * before this one is over. When we exit from the second event, we
6761 + * need a way to remember if we were auditing the first event or not.
6762 + */
6763 + ar = audit_new(event, td);
6764 + if (ar != NULL)
6765 + audit_tree_insert(td, ar);
6766 + else {
6767 + audit_commit(td->td_ar);
6768 + td->td_pflags &= ~TDP_AUDITREC;
6769 + td->td_ar = NULL;
6770 + return;
6771 + }
6772 +
6773 + /*
6774 + * Write over the credentials that audit_record_ctor() exported.
6775 + * These are the credentials of the user that initiated the NFS RPC.
6776 + */
6777 + /* XXXgpf: seems better than having to use another uma_zone_t with a
6778 + * different contructor.
6779 + *
6780 + * I also tried temporarily replacing td's ucred with
6781 + * user_cr just before the call to audit_new() like this, but it
6782 + * results in bogus behaviour (no nfs events in my log):
6783 + * orig_cr = td->td_ucred;
6784 + * td->td_ucred = user_cr;
6785 + * td->ar = audit_new(...);
6786 + * td->td_ucred = orig_cr;
6787 + */
6788 + if (AUDITING_TD(td) && user_cr != NULL) {
6789 + cru2x(user_cr, &td->td_ar->k_ar->ar_subj_cred);
6790 + td->td_ar->k_ar->ar_subj_ruid = user_cr->cr_ruid;
6791 + td->td_ar->k_ar->ar_subj_rgid = user_cr->cr_rgid;
6792 + td->td_ar->k_ar->ar_subj_egid = user_cr->cr_groups[0];
6793 + }
6794 +}
6795 +
6796 +
6797 +/*
6798 + * audit_nfs_exit() is called from the return of every NFS pseudo-sys/call
6799 + * that services an RPC by performing the various vnode operations. If the
6800 + * current event is the root of the audit record tree structure, this function
6801 + * is responsible for commiting the whole audit record tree. Otherwise,
6802 + * it stores the return status & endtime; also it restores the auditing flag
6803 + * and td_ar to reflect the parent audit record.
6804 + */
6805 +void
6806 +audit_nfs_exit(int error, struct thread *td)
6807 +{
6808 + int retval;
6809 +
6810 + if (td->td_ar == NULL)
6811 + return;
6812 +
6813 + /*
6814 + * XXXgpf: In the case of NFS RPCs, I don't think we need to worry
6815 + * about retval.
6816 + */
6817 if (error)
6818 retval = -1;
6819 else
6820 retval = td->td_retval[0];
6821
6822 - audit_commit(td->td_ar, error, retval);
6823 - td->td_ar = NULL;
6824 - td->td_pflags &= ~TDP_AUDITREC;
6825 + AUDIT_ENDTIME();
6826 + AUDIT_ERROR(error);
6827 + AUDIT_RETVAL(retval);
6828 +
6829 + /*
6830 + * Commit the audit record tree; once we pass the records into
6831 + * audit_commit(), the memory is owned by the audit subsystem.
6832 + */
6833 + if (td->td_ar->k_parent == NULL) {
6834 + audit_commit(td->td_ar);
6835 + td->td_ar = NULL;
6836 + td->td_pflags &= ~TDP_AUDITREC;
6837 + }
6838 + else
6839 + audit_tree_go_up(td);
6840 }
6841
6842 void
6843 @@ -685,16 +1040,21 @@
6844 * Where possible coredump records should contain a pathname and arg32
6845 * (signal) tokens.
6846 */
6847 + td->td_pflags |= TDP_AUDITREC;
6848 ar = audit_new(AUE_CORE, td);
6849 if (path != NULL) {
6850 - pathp = &ar->k_ar.ar_arg_upath1;
6851 + pathp = &ar->k_ar->ar_arg_upath1;
6852 *pathp = malloc(MAXPATHLEN, M_AUDITPATH, M_WAITOK);
6853 audit_canon_path(td, path, *pathp);
6854 ARG_SET_VALID(ar, ARG_UPATH1);
6855 }
6856 - ar->k_ar.ar_arg_signum = td->td_proc->p_sig;
6857 + ar->k_ar->ar_arg_signum = td->td_proc->p_sig;
6858 ARG_SET_VALID(ar, ARG_SIGNUM);
6859 if (errcode != 0)
6860 ret = 1;
6861 - audit_commit(ar, errcode, ret);
6862 + AUDIT_ERROR(errcode);
6863 + AUDIT_RETVAL(ret);
6864 + AUDIT_ENDTIME();
6865 + audit_commit(ar);
6866 + td->td_pflags &= ~TDP_AUDITREC;
6867 }
6868 --- //depot/vendor/freebsd/src/sys/security/audit/audit.h 2009-08-12 10:50:14.000000000 0000
6869 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit.h 2010-07-21 18:35:00.000000000 0000
6870 @@ -59,6 +59,9 @@
6871 void audit_syscall_enter(unsigned short code, struct thread *td);
6872 void audit_syscall_exit(int error, struct thread *td);
6873
6874 +void audit_nfs_enter(unsigned int proc, struct ucred *user_cr, struct thread *td, int nfsprot);
6875 +void audit_nfs_exit(int error, struct thread *td);
6876 +
6877 /*
6878 * The remaining kernel functions are conditionally compiled in as they are
6879 * wrapped by a macro, and the macro should be the only place in the source
6880 @@ -67,6 +70,7 @@
6881 #ifdef AUDIT
6882 struct ipc_perm;
6883 struct sockaddr;
6884 +struct sockaddr_in;
6885 union auditon_udata;
6886 void audit_arg_addr(void * addr);
6887 void audit_arg_exit(int status, int retval);
6888 @@ -96,6 +100,7 @@
6889 void audit_arg_signum(u_int signum);
6890 void audit_arg_socket(int sodomain, int sotype, int soprotocol);
6891 void audit_arg_sockaddr(struct thread *td, struct sockaddr *sa);
6892 +void audit_arg_sockaddr_in(struct sockaddr_in *sin);
6893 void audit_arg_auid(uid_t auid);
6894 void audit_arg_auditinfo(struct auditinfo *au_info);
6895 void audit_arg_auditinfo_addr(struct auditinfo_addr *au_info);
6896 @@ -123,6 +128,15 @@
6897 void audit_proc_coredump(struct thread *td, char *path, int errcode);
6898 void audit_thread_alloc(struct thread *td);
6899 void audit_thread_free(struct thread *td);
6900 +void audit_arg_protocol(int protocol);
6901 +void audit_arg_vtype(int vtype);
6902 +void audit_arg_clientid(uint64_t clientid);
6903 +void audit_arg_lockowner(char *lockowner, u_short len);
6904 +void audit_arg_locktype(int locktype);
6905 +void audit_arg_clientname(char *clientname, u_short len);
6906 +void audit_error(int error);
6907 +void audit_retval(int retval);
6908 +void audit_endtime(void);
6909
6910 /*
6911 * Define macros to wrap the audit_arg_* calls by checking the global
6912 @@ -155,6 +169,16 @@
6913 audit_arg_auditon((udata)); \
6914 } while (0)
6915
6916 +#define AUDIT_ARG_CLIENTID(clientid) do { \
6917 + if (AUDITING_TD(curthread)) \
6918 + audit_arg_clientid((clientid)); \
6919 +} while (0)
6920 +
6921 +#define AUDIT_ARG_CLIENTNAME(clientname, size) do { \
6922 + if (AUDITING_TD(curthread)) \
6923 + audit_arg_clientname((clientname), (size)); \
6924 +} while (0)
6925 +
6926 #define AUDIT_ARG_CMD(cmd) do { \
6927 if (AUDITING_TD(curthread)) \
6928 audit_arg_cmd((cmd)); \
6929 @@ -210,6 +234,16 @@
6930 audit_arg_groupset((gidset), (gidset_size)); \
6931 } while (0)
6932
6933 +#define AUDIT_ARG_LOCKOWNER(lockowner, size) do { \
6934 + if (AUDITING_TD(curthread)) \
6935 + audit_arg_lockowner((lockowner), (size)); \
6936 +} while (0)
6937 +
6938 +#define AUDIT_ARG_LOCKTYPE(locktype) do { \
6939 + if (AUDITING_TD(curthread)) \
6940 + audit_arg_locktype((locktype)); \
6941 +} while (0)
6942 +
6943 #define AUDIT_ARG_MODE(mode) do { \
6944 if (AUDITING_TD(curthread)) \
6945 audit_arg_mode((mode)); \
6946 @@ -230,6 +264,11 @@
6947 audit_arg_process((p)); \
6948 } while (0)
6949
6950 +#define AUDIT_ARG_PROTOCOL(prot) do { \
6951 + if (AUDITING_TD(curthread)) \
6952 + audit_arg_protocol((prot)); \
6953 +} while (0)
6954 +
6955 #define AUDIT_ARG_RGID(rgid) do { \
6956 if (AUDITING_TD(curthread)) \
6957 audit_arg_rgid((rgid)); \
6958 @@ -255,6 +294,11 @@
6959 audit_arg_socket((sodomain), (sotype), (soprotocol)); \
6960 } while (0)
6961
6962 +#define AUDIT_ARG_SOCKADDR_IN(sin) do { \
6963 + if (AUDITING_TD(curthread)) \
6964 + audit_arg_sockaddr_in((sin)); \
6965 +} while (0)
6966 +
6967 #define AUDIT_ARG_SUID(suid) do { \
6968 if (AUDITING_TD(curthread)) \
6969 audit_arg_suid((suid)); \
6970 @@ -295,23 +339,61 @@
6971 audit_arg_vnode2((vp)); \
6972 } while (0)
6973
6974 +#define AUDIT_ARG_VTYPE(vtype) do { \
6975 + if (AUDITING_TD(curthread)) \
6976 + audit_arg_vtype((vtype)); \
6977 +} while (0)
6978 +
6979 #define AUDIT_SYSCALL_ENTER(code, td) do { \
6980 if (audit_enabled) { \
6981 audit_syscall_enter(code, td); \
6982 } \
6983 } while (0)
6984
6985 +#define AUDIT_ENDTIME() do { \
6986 + if (AUDITING_TD(curthread)) \
6987 + audit_endtime(); \
6988 +} while (0) \
6989 +
6990 +#define AUDIT_ERROR(error) do { \
6991 + if (AUDITING_TD(curthread)) \
6992 + audit_error((error)); \
6993 +} while (0) \
6994 +
6995 +#define AUDIT_RETVAL(retval) do { \
6996 + if (AUDITING_TD(curthread)) \
6997 + audit_retval((retval)); \
6998 +} while (0) \
6999 +
7000 /*
7001 - * Wrap the audit_syscall_exit() function so that it is called only when
7002 - * we have a audit record on the thread. Audit records can persist after
7003 + * audit_syscall_exit() needs to be called even if we are not auditing
7004 + * this particular event because we may have to commit a whole tree
7005 + * of audit records, make td_ar point someplace else or change the value
7006 + * of the thread's auditing flag. Audit records can persist after
7007 * auditing is disabled, so we don't just check audit_enabled here.
7008 */
7009 #define AUDIT_SYSCALL_EXIT(error, td) do { \
7010 - if (td->td_pflags & TDP_AUDITREC) \
7011 audit_syscall_exit(error, td); \
7012 } while (0)
7013
7014 +#define AUDIT_NFS_ENTER(proc, user_cr, td, nfsprot) do { \
7015 + if (audit_enabled) { \
7016 + audit_nfs_enter(proc, user_cr, td, nfsprot); \
7017 + } \
7018 +} while (0)
7019 +
7020 /*
7021 + * audit_syscall_exit() needs to be called even if we are not auditing
7022 + * this particular event because we may have to commit a whole tree
7023 + * of audit records, make td_ar point someplace else or change the value
7024 + * of the thread's auditing flag. Audit records can persist after
7025 + * auditing is disabled, so we don't just check audit_enabled here.
7026 + */
7027 +#define AUDIT_NFS_EXIT(error, td) do { \
7028 + audit_nfs_exit(error, td); \
7029 +} while (0)
7030 +
7031 +/*
7032 * A Macro to wrap the audit_sysclose() function.
7033 */
7034 #define AUDIT_SYSCLOSE(td, fd) do { \
7035 @@ -326,6 +408,8 @@
7036 #define AUDIT_ARG_ATFD1(atfd)
7037 #define AUDIT_ARG_ATFD2(atfd)
7038 #define AUDIT_ARG_AUDITON(udata)
7039 +#define AUDIT_ARG_CLIENTID(clientid)
7040 +#define AUDIT_ARG_CLIENTNAME(clientname, size)
7041 #define AUDIT_ARG_CMD(cmd)
7042 #define AUDIT_ARG_DEV(dev)
7043 #define AUDIT_ARG_EGID(egid)
7044 @@ -337,14 +421,18 @@
7045 #define AUDIT_ARG_FFLAGS(fflags)
7046 #define AUDIT_ARG_GID(gid)
7047 #define AUDIT_ARG_GROUPSET(gidset, gidset_size)
7048 +#define AUDIT_ARG_LOCKOWNER(lockowner, size)
7049 +#define AUDIT_ARG_LOCKTYPE(locktype)
7050 #define AUDIT_ARG_MODE(mode)
7051 #define AUDIT_ARG_OWNER(uid, gid)
7052 #define AUDIT_ARG_PID(pid)
7053 #define AUDIT_ARG_PROCESS(p)
7054 +#define AUDIT_ARG_PROTOCOL(prot)
7055 #define AUDIT_ARG_RGID(rgid)
7056 #define AUDIT_ARG_RUID(ruid)
7057 #define AUDIT_ARG_SIGNUM(signum)
7058 #define AUDIT_ARG_SGID(sgid)
7059 +#define AUDIT_ARG_SOCKADDR_IN(sin)
7060 #define AUDIT_ARG_SOCKET(sodomain, sotype, soprotocol)
7061 #define AUDIT_ARG_SUID(suid)
7062 #define AUDIT_ARG_TEXT(text)
7063 @@ -354,12 +442,20 @@
7064 #define AUDIT_ARG_VALUE(value)
7065 #define AUDIT_ARG_VNODE1(vp)
7066 #define AUDIT_ARG_VNODE2(vp)
7067 +#define AUDIT_ARG_VTYPE(vtype)
7068 +
7069 +#define AUDIT_ENDTIME()
7070 +#define AUDIT_ERROR(error)
7071 +#define AUDIT_RETVAL(retval)
7072
7073 #define AUDIT_SYSCALL_ENTER(code, td)
7074 #define AUDIT_SYSCALL_EXIT(error, td)
7075
7076 #define AUDIT_SYSCLOSE(p, fd)
7077
7078 +#define AUDIT_NFS_ENTER(proc, user_cr, td, prot)
7079 +#define AUDIT_NFS_EXIT(error, td)
7080 +
7081 #endif /* AUDIT */
7082
7083 #endif /* !_SECURITY_AUDIT_KERNEL_H_ */
7084 --- //depot/vendor/freebsd/src/sys/security/audit/audit_arg.c 2010-01-12 07:55:13.000000000 0000
7085 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_arg.c 2010-07-21 18:35:00.000000000 0000
7086 @@ -69,7 +69,7 @@
7087 if (ar == NULL)
7088 return;
7089
7090 - ar->k_ar.ar_arg_addr = addr;
7091 + ar->k_ar->ar_arg_addr = addr;
7092 ARG_SET_VALID(ar, ARG_ADDR);
7093 }
7094
7095 @@ -82,8 +82,8 @@
7096 if (ar == NULL)
7097 return;
7098
7099 - ar->k_ar.ar_arg_exitstatus = status;
7100 - ar->k_ar.ar_arg_exitretval = retval;
7101 + ar->k_ar->ar_arg_exitstatus = status;
7102 + ar->k_ar->ar_arg_exitretval = retval;
7103 ARG_SET_VALID(ar, ARG_EXIT);
7104 }
7105
7106 @@ -96,7 +96,7 @@
7107 if (ar == NULL)
7108 return;
7109
7110 - ar->k_ar.ar_arg_len = len;
7111 + ar->k_ar->ar_arg_len = len;
7112 ARG_SET_VALID(ar, ARG_LEN);
7113 }
7114
7115 @@ -109,7 +109,7 @@
7116 if (ar == NULL)
7117 return;
7118
7119 - ar->k_ar.ar_arg_atfd1 = atfd;
7120 + ar->k_ar->ar_arg_atfd1 = atfd;
7121 ARG_SET_VALID(ar, ARG_ATFD1);
7122 }
7123
7124 @@ -122,7 +122,7 @@
7125 if (ar == NULL)
7126 return;
7127
7128 - ar->k_ar.ar_arg_atfd2 = atfd;
7129 + ar->k_ar->ar_arg_atfd2 = atfd;
7130 ARG_SET_VALID(ar, ARG_ATFD2);
7131 }
7132
7133 @@ -135,7 +135,7 @@
7134 if (ar == NULL)
7135 return;
7136
7137 - ar->k_ar.ar_arg_fd = fd;
7138 + ar->k_ar->ar_arg_fd = fd;
7139 ARG_SET_VALID(ar, ARG_FD);
7140 }
7141
7142 @@ -148,7 +148,7 @@
7143 if (ar == NULL)
7144 return;
7145
7146 - ar->k_ar.ar_arg_fflags = fflags;
7147 + ar->k_ar->ar_arg_fflags = fflags;
7148 ARG_SET_VALID(ar, ARG_FFLAGS);
7149 }
7150
7151 @@ -161,7 +161,7 @@
7152 if (ar == NULL)
7153 return;
7154
7155 - ar->k_ar.ar_arg_gid = gid;
7156 + ar->k_ar->ar_arg_gid = gid;
7157 ARG_SET_VALID(ar, ARG_GID);
7158 }
7159
7160 @@ -174,7 +174,7 @@
7161 if (ar == NULL)
7162 return;
7163
7164 - ar->k_ar.ar_arg_uid = uid;
7165 + ar->k_ar->ar_arg_uid = uid;
7166 ARG_SET_VALID(ar, ARG_UID);
7167 }
7168
7169 @@ -187,7 +187,7 @@
7170 if (ar == NULL)
7171 return;
7172
7173 - ar->k_ar.ar_arg_egid = egid;
7174 + ar->k_ar->ar_arg_egid = egid;
7175 ARG_SET_VALID(ar, ARG_EGID);
7176 }
7177
7178 @@ -200,7 +200,7 @@
7179 if (ar == NULL)
7180 return;
7181
7182 - ar->k_ar.ar_arg_euid = euid;
7183 + ar->k_ar->ar_arg_euid = euid;
7184 ARG_SET_VALID(ar, ARG_EUID);
7185 }
7186
7187 @@ -213,7 +213,7 @@
7188 if (ar == NULL)
7189 return;
7190
7191 - ar->k_ar.ar_arg_rgid = rgid;
7192 + ar->k_ar->ar_arg_rgid = rgid;
7193 ARG_SET_VALID(ar, ARG_RGID);
7194 }
7195
7196 @@ -226,7 +226,7 @@
7197 if (ar == NULL)
7198 return;
7199
7200 - ar->k_ar.ar_arg_ruid = ruid;
7201 + ar->k_ar->ar_arg_ruid = ruid;
7202 ARG_SET_VALID(ar, ARG_RUID);
7203 }
7204
7205 @@ -239,7 +239,7 @@
7206 if (ar == NULL)
7207 return;
7208
7209 - ar->k_ar.ar_arg_sgid = sgid;
7210 + ar->k_ar->ar_arg_sgid = sgid;
7211 ARG_SET_VALID(ar, ARG_SGID);
7212 }
7213
7214 @@ -252,7 +252,7 @@
7215 if (ar == NULL)
7216 return;
7217
7218 - ar->k_ar.ar_arg_suid = suid;
7219 + ar->k_ar->ar_arg_suid = suid;
7220 ARG_SET_VALID(ar, ARG_SUID);
7221 }
7222
7223 @@ -269,13 +269,13 @@
7224 if (ar == NULL)
7225 return;
7226
7227 - if (ar->k_ar.ar_arg_groups.gidset == NULL)
7228 - ar->k_ar.ar_arg_groups.gidset = malloc(
7229 + if (ar->k_ar->ar_arg_groups.gidset == NULL)
7230 + ar->k_ar->ar_arg_groups.gidset = malloc(
7231 sizeof(gid_t) * gidset_size, M_AUDITGIDSET, M_WAITOK);
7232
7233 for (i = 0; i < gidset_size; i++)
7234 - ar->k_ar.ar_arg_groups.gidset[i] = gidset[i];
7235 - ar->k_ar.ar_arg_groups.gidset_size = gidset_size;
7236 + ar->k_ar->ar_arg_groups.gidset[i] = gidset[i];
7237 + ar->k_ar->ar_arg_groups.gidset_size = gidset_size;
7238 ARG_SET_VALID(ar, ARG_GROUPSET);
7239 }
7240
7241 @@ -288,7 +288,7 @@
7242 if (ar == NULL)
7243 return;
7244
7245 - strlcpy(ar->k_ar.ar_arg_login, login, MAXLOGNAME);
7246 + strlcpy(ar->k_ar->ar_arg_login, login, MAXLOGNAME);
7247 ARG_SET_VALID(ar, ARG_LOGIN);
7248 }
7249
7250 @@ -301,8 +301,8 @@
7251 if (ar == NULL)
7252 return;
7253
7254 - bcopy(name, &ar->k_ar.ar_arg_ctlname, namelen * sizeof(int));
7255 - ar->k_ar.ar_arg_len = namelen;
7256 + bcopy(name, &ar->k_ar->ar_arg_ctlname, namelen * sizeof(int));
7257 + ar->k_ar->ar_arg_len = namelen;
7258 ARG_SET_VALID(ar, ARG_CTLNAME | ARG_LEN);
7259 }
7260
7261 @@ -315,7 +315,7 @@
7262 if (ar == NULL)
7263 return;
7264
7265 - ar->k_ar.ar_arg_mask = mask;
7266 + ar->k_ar->ar_arg_mask = mask;
7267 ARG_SET_VALID(ar, ARG_MASK);
7268 }
7269
7270 @@ -328,7 +328,7 @@
7271 if (ar == NULL)
7272 return;
7273
7274 - ar->k_ar.ar_arg_mode = mode;
7275 + ar->k_ar->ar_arg_mode = mode;
7276 ARG_SET_VALID(ar, ARG_MODE);
7277 }
7278
7279 @@ -341,7 +341,7 @@
7280 if (ar == NULL)
7281 return;
7282
7283 - ar->k_ar.ar_arg_dev = dev;
7284 + ar->k_ar->ar_arg_dev = dev;
7285 ARG_SET_VALID(ar, ARG_DEV);
7286 }
7287
7288 @@ -354,7 +354,7 @@
7289 if (ar == NULL)
7290 return;
7291
7292 - ar->k_ar.ar_arg_value = value;
7293 + ar->k_ar->ar_arg_value = value;
7294 ARG_SET_VALID(ar, ARG_VALUE);
7295 }
7296
7297 @@ -367,8 +367,8 @@
7298 if (ar == NULL)
7299 return;
7300
7301 - ar->k_ar.ar_arg_uid = uid;
7302 - ar->k_ar.ar_arg_gid = gid;
7303 + ar->k_ar->ar_arg_uid = uid;
7304 + ar->k_ar->ar_arg_gid = gid;
7305 ARG_SET_VALID(ar, ARG_UID | ARG_GID);
7306 }
7307
7308 @@ -381,7 +381,7 @@
7309 if (ar == NULL)
7310 return;
7311
7312 - ar->k_ar.ar_arg_pid = pid;
7313 + ar->k_ar->ar_arg_pid = pid;
7314 ARG_SET_VALID(ar, ARG_PID);
7315 }
7316
7317 @@ -400,14 +400,14 @@
7318 return;
7319
7320 cred = p->p_ucred;
7321 - ar->k_ar.ar_arg_auid = cred->cr_audit.ai_auid;
7322 - ar->k_ar.ar_arg_euid = cred->cr_uid;
7323 - ar->k_ar.ar_arg_egid = cred->cr_groups[0];
7324 - ar->k_ar.ar_arg_ruid = cred->cr_ruid;
7325 - ar->k_ar.ar_arg_rgid = cred->cr_rgid;
7326 - ar->k_ar.ar_arg_asid = cred->cr_audit.ai_asid;
7327 - ar->k_ar.ar_arg_termid_addr = cred->cr_audit.ai_termid;
7328 - ar->k_ar.ar_arg_pid = p->p_pid;
7329 + ar->k_ar->ar_arg_auid = cred->cr_audit.ai_auid;
7330 + ar->k_ar->ar_arg_euid = cred->cr_uid;
7331 + ar->k_ar->ar_arg_egid = cred->cr_groups[0];
7332 + ar->k_ar->ar_arg_ruid = cred->cr_ruid;
7333 + ar->k_ar->ar_arg_rgid = cred->cr_rgid;
7334 + ar->k_ar->ar_arg_asid = cred->cr_audit.ai_asid;
7335 + ar->k_ar->ar_arg_termid_addr = cred->cr_audit.ai_termid;
7336 + ar->k_ar->ar_arg_pid = p->p_pid;
7337 ARG_SET_VALID(ar, ARG_AUID | ARG_EUID | ARG_EGID | ARG_RUID |
7338 ARG_RGID | ARG_ASID | ARG_TERMID_ADDR | ARG_PID | ARG_PROCESS);
7339 }
7340 @@ -421,7 +421,7 @@
7341 if (ar == NULL)
7342 return;
7343
7344 - ar->k_ar.ar_arg_signum = signum;
7345 + ar->k_ar->ar_arg_signum = signum;
7346 ARG_SET_VALID(ar, ARG_SIGNUM);
7347 }
7348
7349 @@ -434,9 +434,9 @@
7350 if (ar == NULL)
7351 return;
7352
7353 - ar->k_ar.ar_arg_sockinfo.so_domain = sodomain;
7354 - ar->k_ar.ar_arg_sockinfo.so_type = sotype;
7355 - ar->k_ar.ar_arg_sockinfo.so_protocol = soprotocol;
7356 + ar->k_ar->ar_arg_sockinfo.so_domain = sodomain;
7357 + ar->k_ar->ar_arg_sockinfo.so_type = sotype;
7358 + ar->k_ar->ar_arg_sockinfo.so_protocol = soprotocol;
7359 ARG_SET_VALID(ar, ARG_SOCKINFO);
7360 }
7361
7362 @@ -452,7 +452,7 @@
7363 if (ar == NULL)
7364 return;
7365
7366 - bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sa->sa_len);
7367 + bcopy(sa, &ar->k_ar->ar_arg_sockaddr, sa->sa_len);
7368 switch (sa->sa_family) {
7369 case AF_INET:
7370 ARG_SET_VALID(ar, ARG_SADDRINET);
7371 @@ -471,6 +471,24 @@
7372 }
7373
7374 void
7375 +audit_arg_sockaddr_in(struct sockaddr_in *sin)
7376 +{
7377 + char text[MAXPATHLEN];
7378 + struct kaudit_record *ar;
7379 + u_short port;
7380 +
7381 + KASSERT(sin != NULL, ("audit_arg_sockaddr_in: sin == NULL"));
7382 +
7383 + ar = currecord();
7384 + if (ar == NULL)
7385 + return;
7386 +
7387 + port = ntohs(sin->sin_port);
7388 + snprintf(text, sizeof(text), "%s:%d", inet_ntoa(sin->sin_addr), port);
7389 + AUDIT_ARG_TEXT(text);
7390 +}
7391 +
7392 +void
7393 audit_arg_auid(uid_t auid)
7394 {
7395 struct kaudit_record *ar;
7396 @@ -479,7 +497,7 @@
7397 if (ar == NULL)
7398 return;
7399
7400 - ar->k_ar.ar_arg_auid = auid;
7401 + ar->k_ar->ar_arg_auid = auid;
7402 ARG_SET_VALID(ar, ARG_AUID);
7403 }
7404
7405 @@ -492,12 +510,12 @@
7406 if (ar == NULL)
7407 return;
7408
7409 - ar->k_ar.ar_arg_auid = au_info->ai_auid;
7410 - ar->k_ar.ar_arg_asid = au_info->ai_asid;
7411 - ar->k_ar.ar_arg_amask.am_success = au_info->ai_mask.am_success;
7412 - ar->k_ar.ar_arg_amask.am_failure = au_info->ai_mask.am_failure;
7413 - ar->k_ar.ar_arg_termid.port = au_info->ai_termid.port;
7414 - ar->k_ar.ar_arg_termid.machine = au_info->ai_termid.machine;
7415 + ar->k_ar->ar_arg_auid = au_info->ai_auid;
7416 + ar->k_ar->ar_arg_asid = au_info->ai_asid;
7417 + ar->k_ar->ar_arg_amask.am_success = au_info->ai_mask.am_success;
7418 + ar->k_ar->ar_arg_amask.am_failure = au_info->ai_mask.am_failure;
7419 + ar->k_ar->ar_arg_termid.port = au_info->ai_termid.port;
7420 + ar->k_ar->ar_arg_termid.machine = au_info->ai_termid.machine;
7421 ARG_SET_VALID(ar, ARG_AUID | ARG_ASID | ARG_AMASK | ARG_TERMID);
7422 }
7423
7424 @@ -510,16 +528,16 @@
7425 if (ar == NULL)
7426 return;
7427
7428 - ar->k_ar.ar_arg_auid = au_info->ai_auid;
7429 - ar->k_ar.ar_arg_asid = au_info->ai_asid;
7430 - ar->k_ar.ar_arg_amask.am_success = au_info->ai_mask.am_success;
7431 - ar->k_ar.ar_arg_amask.am_failure = au_info->ai_mask.am_failure;
7432 - ar->k_ar.ar_arg_termid_addr.at_type = au_info->ai_termid.at_type;
7433 - ar->k_ar.ar_arg_termid_addr.at_port = au_info->ai_termid.at_port;
7434 - ar->k_ar.ar_arg_termid_addr.at_addr[0] = au_info->ai_termid.at_addr[0];
7435 - ar->k_ar.ar_arg_termid_addr.at_addr[1] = au_info->ai_termid.at_addr[1];
7436 - ar->k_ar.ar_arg_termid_addr.at_addr[2] = au_info->ai_termid.at_addr[2];
7437 - ar->k_ar.ar_arg_termid_addr.at_addr[3] = au_info->ai_termid.at_addr[3];
7438 + ar->k_ar->ar_arg_auid = au_info->ai_auid;
7439 + ar->k_ar->ar_arg_asid = au_info->ai_asid;
7440 + ar->k_ar->ar_arg_amask.am_success = au_info->ai_mask.am_success;
7441 + ar->k_ar->ar_arg_amask.am_failure = au_info->ai_mask.am_failure;
7442 + ar->k_ar->ar_arg_termid_addr.at_type = au_info->ai_termid.at_type;
7443 + ar->k_ar->ar_arg_termid_addr.at_port = au_info->ai_termid.at_port;
7444 + ar->k_ar->ar_arg_termid_addr.at_addr[0] = au_info->ai_termid.at_addr[0];
7445 + ar->k_ar->ar_arg_termid_addr.at_addr[1] = au_info->ai_termid.at_addr[1];
7446 + ar->k_ar->ar_arg_termid_addr.at_addr[2] = au_info->ai_termid.at_addr[2];
7447 + ar->k_ar->ar_arg_termid_addr.at_addr[3] = au_info->ai_termid.at_addr[3];
7448 ARG_SET_VALID(ar, ARG_AUID | ARG_ASID | ARG_AMASK | ARG_TERMID_ADDR);
7449 }
7450
7451 @@ -535,13 +553,13 @@
7452 return;
7453
7454 /* Invalidate the text string */
7455 - ar->k_ar.ar_valid_arg &= (ARG_ALL ^ ARG_TEXT);
7456 + ar->k_ar->ar_valid_arg &= (ARG_ALL ^ ARG_TEXT);
7457
7458 - if (ar->k_ar.ar_arg_text == NULL)
7459 - ar->k_ar.ar_arg_text = malloc(MAXPATHLEN, M_AUDITTEXT,
7460 + if (ar->k_ar->ar_arg_text == NULL)
7461 + ar->k_ar->ar_arg_text = malloc(MAXPATHLEN, M_AUDITTEXT,
7462 M_WAITOK);
7463
7464 - strncpy(ar->k_ar.ar_arg_text, text, MAXPATHLEN);
7465 + strncpy(ar->k_ar->ar_arg_text, text, MAXPATHLEN);
7466 ARG_SET_VALID(ar, ARG_TEXT);
7467 }
7468
7469 @@ -554,7 +572,7 @@
7470 if (ar == NULL)
7471 return;
7472
7473 - ar->k_ar.ar_arg_cmd = cmd;
7474 + ar->k_ar->ar_arg_cmd = cmd;
7475 ARG_SET_VALID(ar, ARG_CMD);
7476 }
7477
7478 @@ -567,7 +585,7 @@
7479 if (ar == NULL)
7480 return;
7481
7482 - ar->k_ar.ar_arg_svipc_cmd = cmd;
7483 + ar->k_ar->ar_arg_svipc_cmd = cmd;
7484 ARG_SET_VALID(ar, ARG_SVIPC_CMD);
7485 }
7486
7487 @@ -580,8 +598,8 @@
7488 if (ar == NULL)
7489 return;
7490
7491 - bcopy(perm, &ar->k_ar.ar_arg_svipc_perm,
7492 - sizeof(ar->k_ar.ar_arg_svipc_perm));
7493 + bcopy(perm, &ar->k_ar->ar_arg_svipc_perm,
7494 + sizeof(ar->k_ar->ar_arg_svipc_perm));
7495 ARG_SET_VALID(ar, ARG_SVIPC_PERM);
7496 }
7497
7498 @@ -594,7 +612,7 @@
7499 if (ar == NULL)
7500 return;
7501
7502 - ar->k_ar.ar_arg_svipc_id = id;
7503 + ar->k_ar->ar_arg_svipc_id = id;
7504 ARG_SET_VALID(ar, ARG_SVIPC_ID);
7505 }
7506
7507 @@ -607,7 +625,7 @@
7508 if (ar == NULL)
7509 return;
7510
7511 - ar->k_ar.ar_arg_svipc_addr = addr;
7512 + ar->k_ar->ar_arg_svipc_addr = addr;
7513 ARG_SET_VALID(ar, ARG_SVIPC_ADDR);
7514 }
7515
7516 @@ -620,9 +638,9 @@
7517 if (ar == NULL)
7518 return;
7519
7520 - ar->k_ar.ar_arg_pipc_perm.pipc_uid = uid;
7521 - ar->k_ar.ar_arg_pipc_perm.pipc_gid = gid;
7522 - ar->k_ar.ar_arg_pipc_perm.pipc_mode = mode;
7523 + ar->k_ar->ar_arg_pipc_perm.pipc_uid = uid;
7524 + ar->k_ar->ar_arg_pipc_perm.pipc_gid = gid;
7525 + ar->k_ar->ar_arg_pipc_perm.pipc_mode = mode;
7526 ARG_SET_VALID(ar, ARG_POSIX_IPC_PERM);
7527 }
7528
7529 @@ -635,8 +653,8 @@
7530 if (ar == NULL)
7531 return;
7532
7533 - bcopy((void *)udata, &ar->k_ar.ar_arg_auditon,
7534 - sizeof(ar->k_ar.ar_arg_auditon));
7535 + bcopy((void *)udata, &ar->k_ar->ar_arg_auditon,
7536 + sizeof(ar->k_ar->ar_arg_auditon));
7537 ARG_SET_VALID(ar, ARG_AUDITON);
7538 }
7539
7540 @@ -675,22 +693,22 @@
7541 so = (struct socket *)fp->f_data;
7542 if (INP_CHECK_SOCKAF(so, PF_INET)) {
7543 SOCK_LOCK(so);
7544 - ar->k_ar.ar_arg_sockinfo.so_type =
7545 + ar->k_ar->ar_arg_sockinfo.so_type =
7546 so->so_type;
7547 - ar->k_ar.ar_arg_sockinfo.so_domain =
7548 + ar->k_ar->ar_arg_sockinfo.so_domain =
7549 INP_SOCKAF(so);
7550 - ar->k_ar.ar_arg_sockinfo.so_protocol =
7551 + ar->k_ar->ar_arg_sockinfo.so_protocol =
7552 so->so_proto->pr_protocol;
7553 SOCK_UNLOCK(so);
7554 pcb = (struct inpcb *)so->so_pcb;
7555 INP_RLOCK(pcb);
7556 - ar->k_ar.ar_arg_sockinfo.so_raddr =
7557 + ar->k_ar->ar_arg_sockinfo.so_raddr =
7558 pcb->inp_faddr.s_addr;
7559 - ar->k_ar.ar_arg_sockinfo.so_laddr =
7560 + ar->k_ar->ar_arg_sockinfo.so_laddr =
7561 pcb->inp_laddr.s_addr;
7562 - ar->k_ar.ar_arg_sockinfo.so_rport =
7563 + ar->k_ar->ar_arg_sockinfo.so_rport =
7564 pcb->inp_fport;
7565 - ar->k_ar.ar_arg_sockinfo.so_lport =
7566 + ar->k_ar->ar_arg_sockinfo.so_lport =
7567 pcb->inp_lport;
7568 INP_RUNLOCK(pcb);
7569 ARG_SET_VALID(ar, ARG_SOCKINFO);
7570 @@ -727,7 +745,7 @@
7571 if (ar == NULL)
7572 return;
7573
7574 - audit_arg_upath(td, upath, &ar->k_ar.ar_arg_upath1);
7575 + audit_arg_upath(td, upath, &ar->k_ar->ar_arg_upath1);
7576 ARG_SET_VALID(ar, ARG_UPATH1);
7577 }
7578
7579 @@ -740,7 +758,7 @@
7580 if (ar == NULL)
7581 return;
7582
7583 - audit_arg_upath(td, upath, &ar->k_ar.ar_arg_upath2);
7584 + audit_arg_upath(td, upath, &ar->k_ar->ar_arg_upath2);
7585 ARG_SET_VALID(ar, ARG_UPATH2);
7586 }
7587
7588 @@ -802,7 +820,7 @@
7589 return;
7590
7591 ARG_CLEAR_VALID(ar, ARG_VNODE1);
7592 - error = audit_arg_vnode(vp, &ar->k_ar.ar_arg_vnode1);
7593 + error = audit_arg_vnode(vp, &ar->k_ar->ar_arg_vnode1);
7594 if (error == 0)
7595 ARG_SET_VALID(ar, ARG_VNODE1);
7596 }
7597 @@ -818,7 +836,7 @@
7598 return;
7599
7600 ARG_CLEAR_VALID(ar, ARG_VNODE2);
7601 - error = audit_arg_vnode(vp, &ar->k_ar.ar_arg_vnode2);
7602 + error = audit_arg_vnode(vp, &ar->k_ar->ar_arg_vnode2);
7603 if (error == 0)
7604 ARG_SET_VALID(ar, ARG_VNODE2);
7605 }
7606 @@ -838,9 +856,9 @@
7607 if (ar == NULL)
7608 return;
7609
7610 - ar->k_ar.ar_arg_argv = malloc(length, M_AUDITTEXT, M_WAITOK);
7611 - bcopy(argv, ar->k_ar.ar_arg_argv, length);
7612 - ar->k_ar.ar_arg_argc = argc;
7613 + ar->k_ar->ar_arg_argv = malloc(length, M_AUDITTEXT, M_WAITOK);
7614 + bcopy(argv, ar->k_ar->ar_arg_argv, length);
7615 + ar->k_ar->ar_arg_argc = argc;
7616 ARG_SET_VALID(ar, ARG_ARGV);
7617 }
7618
7619 @@ -859,9 +877,9 @@
7620 if (ar == NULL)
7621 return;
7622
7623 - ar->k_ar.ar_arg_envv = malloc(length, M_AUDITTEXT, M_WAITOK);
7624 - bcopy(envv, ar->k_ar.ar_arg_envv, length);
7625 - ar->k_ar.ar_arg_envc = envc;
7626 + ar->k_ar->ar_arg_envv = malloc(length, M_AUDITTEXT, M_WAITOK);
7627 + bcopy(envv, ar->k_ar->ar_arg_envv, length);
7628 + ar->k_ar->ar_arg_envc = envc;
7629 ARG_SET_VALID(ar, ARG_ENVV);
7630 }
7631
7632 @@ -897,3 +915,159 @@
7633 VFS_UNLOCK_GIANT(vfslocked);
7634 fdrop(fp, td);
7635 }
7636 +
7637 +/*
7638 + * Audit the NFS protocol used in NFS RPCs
7639 + */
7640 +void
7641 +audit_arg_protocol(int protocol)
7642 +{
7643 + struct kaudit_record *ar;
7644 +
7645 + ar = currecord();
7646 + if (ar == NULL)
7647 + return;
7648 +
7649 + ar->k_ar->ar_arg_protocol = protocol;
7650 + ARG_SET_VALID(ar, ARG_PROTOCOL);
7651 +}
7652 +
7653 +/*
7654 + * Audit the vnode type of the file created by some NFS RPC
7655 + */
7656 +void
7657 +audit_arg_vtype(int vtype)
7658 +{
7659 + struct kaudit_record *ar;
7660 +
7661 + ar = currecord();
7662 + if (ar == NULL)
7663 + return;
7664 +
7665 + ar->k_ar->ar_arg_vtype = vtype;
7666 + ARG_SET_VALID(ar, ARG_VTYPE);
7667 +}
7668 +
7669 +/*
7670 + * Audit the clientid used by some NFSv4 RPCs
7671 + */
7672 +void
7673 +audit_arg_clientid(uint64_t clientid)
7674 +{
7675 + struct kaudit_record *ar;
7676 +
7677 + ar = currecord();
7678 + if (ar == NULL)
7679 + return;
7680 +
7681 + ar->k_ar->ar_arg_clientid = clientid;
7682 + ARG_SET_VALID(ar, ARG_CLIENTID);
7683 +}
7684 +
7685 +/*
7686 + * Audit the lockowner; used by NFSv4 RPCs lock,lockt & releaselckown
7687 + */
7688 +void
7689 +audit_arg_lockowner(char *lockowner, u_short len)
7690 +{
7691 + struct kaudit_record *ar;
7692 +
7693 + len++;
7694 +
7695 + KASSERT(lockowner != NULL, ("audit_arg_lockowner: lockowner == NULL"));
7696 + KASSERT(len != 0, ("audit_arg_lockowner: len == 0"));
7697 +
7698 + ar = currecord();
7699 + if (ar == NULL)
7700 + return;
7701 +
7702 + /* Invalidate the lockowner string */
7703 + ar->k_ar->ar_valid_arg &= (ARG_ALL ^ ARG_LOCKOWNER);
7704 +
7705 + if (ar->k_ar->ar_arg_lockowner == NULL)
7706 + ar->k_ar->ar_arg_lockowner = malloc(len, M_AUDITLOCKOWNER,
7707 + M_WAITOK);
7708 +
7709 + strlcpy(ar->k_ar->ar_arg_lockowner, lockowner, len);
7710 + ARG_SET_VALID(ar, ARG_LOCKOWNER);
7711 +}
7712 +
7713 +/*
7714 + * Audit the client name used by NFSv4 RPC setclientid when RPCSEC_GSS is used
7715 + */
7716 +void
7717 +audit_arg_clientname(char *clientname, u_short len)
7718 +{
7719 + struct kaudit_record *ar;
7720 +
7721 + len++;
7722 +
7723 + KASSERT(clientname != NULL, ("audit_arg_clientname: clientname == NULL"));
7724 + KASSERT(len != 0, ("audit_arg_clientname: len == 0"));
7725 +
7726 + ar = currecord();
7727 + if (ar == NULL)
7728 + return;
7729 +
7730 + /* Invalidate the clientname string */
7731 + ar->k_ar->ar_valid_arg &= (ARG_ALL ^ ARG_CLIENTNAME);
7732 +
7733 + if (ar->k_ar->ar_arg_clientname == NULL)
7734 + ar->k_ar->ar_arg_clientname = malloc(len, M_AUDITCLIENTNAME,
7735 + M_WAITOK);
7736 +
7737 + strlcpy(ar->k_ar->ar_arg_clientname, clientname, len);
7738 + ARG_SET_VALID(ar, ARG_CLIENTNAME);
7739 +}
7740 +
7741 +/*
7742 + * Audit the locktype used by the NFSv4 RPCs lock,lockt & locku
7743 + */
7744 +void
7745 +audit_arg_locktype(int locktype)
7746 +{
7747 + struct kaudit_record *ar;
7748 +
7749 + ar = currecord();
7750 + if (ar == NULL)
7751 + return;
7752 +
7753 + ar->k_ar->ar_arg_locktype = locktype;
7754 + ARG_SET_VALID(ar, ARG_LOCKTYPE);
7755 +}
7756 +
7757 +void
7758 +audit_error(int error)
7759 +{
7760 + struct kaudit_record *ar;
7761 +
7762 + ar = currecord();
7763 + if (ar == NULL)
7764 + return;
7765 +
7766 + ar->k_ar->ar_errno = error;
7767 +}
7768 +
7769 +void
7770 +audit_retval(int retval)
7771 +{
7772 + struct kaudit_record *ar;
7773 +
7774 + ar = currecord();
7775 + if (ar == NULL)
7776 + return;
7777 +
7778 + ar->k_ar->ar_retval = retval;
7779 +}
7780 +
7781 +void
7782 +audit_endtime(void)
7783 +{
7784 + struct kaudit_record *ar;
7785 +
7786 + ar = currecord();
7787 + if (ar == NULL)
7788 + return;
7789 +
7790 + nanotime(&ar->k_ar->ar_endtime);
7791 +}
7792 --- //depot/vendor/freebsd/src/sys/security/audit/audit_bsm.c 2010-05-04 15:30:16.000000000 0000
7793 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm.c 2010-08-07 16:49:25.000000000 0000
7794 @@ -471,7 +471,7 @@
7795 KASSERT(kar != NULL, ("kaudit_to_bsm: kar == NULL"));
7796
7797 *pau = NULL;
7798 - ar = &kar->k_ar;
7799 + ar = kar->k_ar;
7800 rec = kau_open();
7801
7802 /*
7803 @@ -1581,6 +1581,256 @@
7804 kau_write(rec, tok);
7805 break;
7806
7807 + case AUE_NFS_CREATE:
7808 + case AUE_NFS_MKNOD:
7809 + if (ARG_IS_VALID(kar, ARG_VTYPE)) {
7810 + tok = au_to_vtype(ar->ar_arg_vtype);
7811 + kau_write(rec, tok);
7812 + }
7813 +
7814 + /* FALLTHROUGH */
7815 + case AUE_NFS_MKDIR:
7816 + if (ARG_IS_VALID(kar, ARG_MODE)) {
7817 + tok = au_to_arg32(3, "mode", ar->ar_arg_mode);
7818 + kau_write(rec, tok);
7819 + }
7820 + /* FALLTHROUGH */
7821 +
7822 + case AUE_NFS_READDIR:
7823 + case AUE_NFS_READDIR_PLUS:
7824 + case AUE_NFS_READLINK:
7825 + case AUE_NFS_REMOVE:
7826 + case AUE_NFS_RMDIR:
7827 + case AUE_NFS_GETATTR:
7828 + case AUE_NFS_LOOKUP:
7829 + case AUE_NFS_LOOKUPP:
7830 + case AUE_NFS_COMMIT:
7831 + case AUE_NFS_PATHCONF:
7832 + case AUE_NFS_STATFS:
7833 + case AUE_NFS_FSINFO:
7834 + UPATH1_VNODE1_TOKENS;
7835 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7836 + tok = au_to_text(ar->ar_arg_text);
7837 + kau_write(rec, tok);
7838 + }
7839 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7840 + tok = au_to_protocol(ar->ar_arg_protocol);
7841 + kau_write(rec, tok);
7842 + }
7843 +
7844 + break;
7845 +
7846 + case AUE_NFS_READ:
7847 + case AUE_NFS_WRITE:
7848 + if (ARG_IS_VALID(kar, ARG_CLIENTID)) {
7849 + tok = au_to_arg64(2, "client id", ar->ar_arg_clientid);
7850 + kau_write(rec, tok);
7851 + }
7852 + case AUE_NFS_ACCESS:
7853 + if (ARG_IS_VALID(kar, ARG_FFLAGS)) {
7854 + tok = au_to_arg32(2, "flags", ar->ar_arg_fflags);
7855 + kau_write(rec, tok);
7856 + }
7857 + UPATH1_VNODE1_TOKENS;
7858 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7859 + tok = au_to_text(ar->ar_arg_text);
7860 + kau_write(rec, tok);
7861 + }
7862 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7863 + tok = au_to_protocol(ar->ar_arg_protocol);
7864 + kau_write(rec, tok);
7865 + }
7866 + break;
7867 +
7868 + case AUE_NFS_NOOP:
7869 + case AUE_NFS_NULL:
7870 + case AUE_NFS_OPENATTR:
7871 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7872 + tok = au_to_text(ar->ar_arg_text);
7873 + kau_write(rec, tok);
7874 + }
7875 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7876 + tok = au_to_protocol(ar->ar_arg_protocol);
7877 + kau_write(rec, tok);
7878 + }
7879 + break;
7880 +
7881 + case AUE_NFS_SYMLINK:
7882 + if (ARG_IS_VALID(kar, ARG_MODE)) {
7883 + tok = au_to_arg32(3, "mode", ar->ar_arg_mode);
7884 + kau_write(rec, tok);
7885 + }
7886 + UPATH1_VNODE1_TOKENS;
7887 + UPATH2_TOKENS;
7888 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7889 + tok = au_to_text(ar->ar_arg_text);
7890 + kau_write(rec, tok);
7891 + }
7892 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7893 + tok = au_to_protocol(ar->ar_arg_protocol);
7894 + kau_write(rec, tok);
7895 + }
7896 + break;
7897 +
7898 + case AUE_NFS_SETATTR:
7899 + UPATH1_VNODE1_TOKENS;
7900 + VNODE2_TOKENS;
7901 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7902 + tok = au_to_text(ar->ar_arg_text);
7903 + kau_write(rec, tok);
7904 + }
7905 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7906 + tok = au_to_protocol(ar->ar_arg_protocol);
7907 + kau_write(rec, tok);
7908 + }
7909 + break;
7910 +
7911 + case AUE_NFS_LINK:
7912 + case AUE_NFS_RENAME:
7913 + UPATH1_VNODE1_TOKENS;
7914 + UPATH2_TOKENS;
7915 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7916 + tok = au_to_text(ar->ar_arg_text);
7917 + kau_write(rec, tok);
7918 + }
7919 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7920 + tok = au_to_protocol(ar->ar_arg_protocol);
7921 + kau_write(rec, tok);
7922 + }
7923 + break;
7924 +
7925 + case AUE_NFS_LOCK:
7926 + case AUE_NFS_LOCKT:
7927 + if (ARG_IS_VALID(kar, ARG_LOCKOWNER)) {
7928 + tok = au_to_text(ar->ar_arg_lockowner);
7929 + kau_write(rec, tok);
7930 + }
7931 +
7932 + /* FALLTHROUGH */
7933 + case AUE_NFS_LOCKU:
7934 + if (ARG_IS_VALID(kar, ARG_LOCKTYPE)) {
7935 + tok = au_to_arg32(1, "lock type", ar->ar_arg_locktype);
7936 + kau_write(rec, tok);
7937 + }
7938 + if (ARG_IS_VALID(kar, ARG_CLIENTID)) {
7939 + tok = au_to_arg64(2, "client id", ar->ar_arg_clientid);
7940 + kau_write(rec, tok);
7941 + }
7942 + UPATH1_VNODE1_TOKENS;
7943 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7944 + tok = au_to_text(ar->ar_arg_text);
7945 + kau_write(rec, tok);
7946 + }
7947 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7948 + tok = au_to_protocol(ar->ar_arg_protocol);
7949 + kau_write(rec, tok);
7950 + }
7951 + break;
7952 +
7953 + case AUE_NFS_RELEASELCKOWN:
7954 + if (ARG_IS_VALID(kar, ARG_LOCKOWNER)) {
7955 + tok = au_to_text(ar->ar_arg_lockowner);
7956 + kau_write(rec, tok);
7957 + }
7958 + if (ARG_IS_VALID(kar, ARG_CLIENTID)) {
7959 + tok = au_to_arg64(2, "client id", ar->ar_arg_clientid);
7960 + kau_write(rec, tok);
7961 + }
7962 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
7963 + tok = au_to_text(ar->ar_arg_text);
7964 + kau_write(rec, tok);
7965 + }
7966 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
7967 + tok = au_to_protocol(ar->ar_arg_protocol);
7968 + kau_write(rec, tok);
7969 + }
7970 + break;
7971 +
7972 + case AUE_NFS_OPEN_RC:
7973 + case AUE_NFS_OPEN_RTC:
7974 + case AUE_NFS_OPEN_RWC:
7975 + case AUE_NFS_OPEN_RWTC:
7976 + case AUE_NFS_OPEN_WC:
7977 + case AUE_NFS_OPEN_WTC:
7978 + if (ARG_IS_VALID(kar, ARG_MODE)) {
7979 + tok = au_to_arg32(3, "mode", ar->ar_arg_mode);
7980 + kau_write(rec, tok);
7981 + }
7982 +
7983 + /* FALLTHROUGH */
7984 + case AUE_NFS_CLOSE:
7985 + case AUE_NFS_DELEGRETURN:
7986 + case AUE_NFS_OPEN:
7987 + case AUE_NFS_OPEN_R:
7988 + case AUE_NFS_OPEN_RT:
7989 + case AUE_NFS_OPEN_RW:
7990 + case AUE_NFS_OPEN_RWT:
7991 + case AUE_NFS_OPEN_W:
7992 + case AUE_NFS_OPEN_WT:
7993 + case AUE_NFS_OPENCONFIRM:
7994 + case AUE_NFS_OPENDOWNGRADE:
7995 + if (ARG_IS_VALID(kar, ARG_CLIENTID)) {
7996 + tok = au_to_arg64(2, "client id", ar->ar_arg_clientid);
7997 + kau_write(rec, tok);
7998 + }
7999 +
8000 + /* FALLTHROUGH */
8001 + case AUE_NFS_PUTFH:
8002 + case AUE_NFS_PUTPUBFH:
8003 + case AUE_NFS_PUTROOTFH:
8004 + case AUE_NFS_RESTOREFH:
8005 + case AUE_NFS_SAVEFH:
8006 + case AUE_NFSv4_GETFH:
8007 + case AUE_NFS_NVERIFY:
8008 + case AUE_NFS_VERIFY:
8009 + case AUE_NFS_SECINFO:
8010 + UPATH1_VNODE1_TOKENS;
8011 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
8012 + tok = au_to_text(ar->ar_arg_text);
8013 + kau_write(rec, tok);
8014 + }
8015 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
8016 + tok = au_to_protocol(ar->ar_arg_protocol);
8017 + kau_write(rec, tok);
8018 + }
8019 + break;
8020 +
8021 + case AUE_NFS_DELEGPURGE:
8022 + case AUE_NFS_RENEW:
8023 + case AUE_NFS_SETCLIENTIDCFRM:
8024 + if (ARG_IS_VALID(kar, ARG_CLIENTID)) {
8025 + tok = au_to_arg64(2, "client id", ar->ar_arg_clientid);
8026 + kau_write(rec, tok);
8027 + }
8028 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
8029 + tok = au_to_text(ar->ar_arg_text);
8030 + kau_write(rec, tok);
8031 + }
8032 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
8033 + tok = au_to_protocol(ar->ar_arg_protocol);
8034 + kau_write(rec, tok);
8035 + }
8036 + break;
8037 +
8038 + case AUE_NFS_SETCLIENTID:
8039 + if (ARG_IS_VALID(kar, ARG_CLIENTNAME)) {
8040 + tok = au_to_text(ar->ar_arg_clientname);
8041 + kau_write(rec, tok);
8042 + }
8043 + if (ARG_IS_VALID(kar, ARG_CLIENTID)) {
8044 + tok = au_to_arg64(2, "client id", ar->ar_arg_clientid);
8045 + kau_write(rec, tok);
8046 + }
8047 + if (ARG_IS_VALID(kar, ARG_TEXT)) {
8048 + tok = au_to_text(ar->ar_arg_text);
8049 + kau_write(rec, tok);
8050 + }
8051 + if (ARG_IS_VALID(kar, ARG_PROTOCOL)) {
8052 + tok = au_to_protocol(ar->ar_arg_protocol);
8053 + kau_write(rec, tok);
8054 + }
8055 + break;
8056 +
8057 case AUE_WAIT4:
8058 PROCESS_PID_TOKENS(1);
8059 if (ARG_IS_VALID(kar, ARG_VALUE)) {
8060 --- //depot/vendor/freebsd/src/sys/security/audit/audit_bsm_errno.c 2009-07-17 14:10:13.000000000 0000
8061 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm_errno.c 2010-08-16 13:30:34.000000000 0000
8062 @@ -41,21 +41,23 @@
8063
8064 #include <sys/errno.h>
8065
8066 +#include <fs/nfs/nfsproto.h>
8067 +
8068 /*
8069 * Different operating systems use different numeric constants for different
8070 * error numbers, and sometimes error numbers don't exist in more than one
8071 * operating system. These routines convert between BSM and local error
8072 - * number spaces, subject to the above realities. BSM error numbers are
8073 - * stored in a single 8-bit character, so don't have a byte order.
8074 + * number spaces, subject to the above realities.
8075 *
8076 * Don't include string definitions when this code is compiled into a kernel.
8077 */
8078 struct bsm_errno {
8079 int be_bsm_errno;
8080 int be_local_errno;
8081 + char be_use_strerror;
8082 #if !defined(KERNEL) && !defined(_KERNEL)
8083 const char *be_strerror;
8084 -#endif
8085 +#endif
8086 };
8087
8088 #define ERRNO_NO_LOCAL_MAPPING -600
8089 @@ -82,610 +84,953 @@
8090 * string using strerror(3).
8091 */
8092 static const struct bsm_errno bsm_errnos[] = {
8093 - { BSM_ERRNO_ESUCCESS, 0, ES("Success") },
8094 - { BSM_ERRNO_EPERM, EPERM, ES("Operation not permitted") },
8095 - { BSM_ERRNO_ENOENT, ENOENT, ES("No such file or directory") },
8096 - { BSM_ERRNO_ESRCH, ESRCH, ES("No such process") },
8097 - { BSM_ERRNO_EINTR, EINTR, ES("Interrupted system call") },
8098 - { BSM_ERRNO_EIO, EIO, ES("Input/output error") },
8099 - { BSM_ERRNO_ENXIO, ENXIO, ES("Device not configured") },
8100 - { BSM_ERRNO_E2BIG, E2BIG, ES("Argument list too long") },
8101 - { BSM_ERRNO_ENOEXEC, ENOEXEC, ES("Exec format error") },
8102 - { BSM_ERRNO_EBADF, EBADF, ES("Bad file descriptor") },
8103 - { BSM_ERRNO_ECHILD, ECHILD, ES("No child processes") },
8104 - { BSM_ERRNO_EAGAIN, EAGAIN, ES("Resource temporarily unavailable") },
8105 - { BSM_ERRNO_ENOMEM, ENOMEM, ES("Cannot allocate memory") },
8106 - { BSM_ERRNO_EACCES, EACCES, ES("Permission denied") },
8107 - { BSM_ERRNO_EFAULT, EFAULT, ES("Bad address") },
8108 - { BSM_ERRNO_ENOTBLK, ENOTBLK, ES("Block device required") },
8109 - { BSM_ERRNO_EBUSY, EBUSY, ES("Device busy") },
8110 - { BSM_ERRNO_EEXIST, EEXIST, ES("File exists") },
8111 - { BSM_ERRNO_EXDEV, EXDEV, ES("Cross-device link") },
8112 - { BSM_ERRNO_ENODEV, ENODEV, ES("Operation not supported by device") },
8113 - { BSM_ERRNO_ENOTDIR, ENOTDIR, ES("Not a directory") },
8114 - { BSM_ERRNO_EISDIR, EISDIR, ES("Is a directory") },
8115 - { BSM_ERRNO_EINVAL, EINVAL, ES("Invalid argument") },
8116 - { BSM_ERRNO_ENFILE, ENFILE, ES("Too many open files in system") },
8117 - { BSM_ERRNO_EMFILE, EMFILE, ES("Too many open files") },
8118 - { BSM_ERRNO_ENOTTY, ENOTTY, ES("Inappropriate ioctl for device") },
8119 - { BSM_ERRNO_ETXTBSY, ETXTBSY, ES("Text file busy") },
8120 - { BSM_ERRNO_EFBIG, EFBIG, ES("File too large") },
8121 - { BSM_ERRNO_ENOSPC, ENOSPC, ES("No space left on device") },
8122 - { BSM_ERRNO_ESPIPE, ESPIPE, ES("Illegal seek") },
8123 - { BSM_ERRNO_EROFS, EROFS, ES("Read-only file system") },
8124 - { BSM_ERRNO_EMLINK, EMLINK, ES("Too many links") },
8125 - { BSM_ERRNO_EPIPE, EPIPE, ES("Broken pipe") },
8126 - { BSM_ERRNO_EDOM, EDOM, ES("Numerical argument out of domain") },
8127 - { BSM_ERRNO_ERANGE, ERANGE, ES("Result too large") },
8128 - { BSM_ERRNO_ENOMSG, ENOMSG, ES("No message of desired type") },
8129 - { BSM_ERRNO_EIDRM, EIDRM, ES("Identifier removed") },
8130 + { BSM_ERRNO_ESUCCESS, 0, 1, ES("Success") },
8131 + { BSM_ERRNO_EPERM, EPERM, 1, ES("Operation not permitted") },
8132 + { BSM_ERRNO_ENOENT, ENOENT, 1, ES("No such file or directory") },
8133 + { BSM_ERRNO_ESRCH, ESRCH, 1, ES("No such process") },
8134 + { BSM_ERRNO_EINTR, EINTR, 1, ES("Interrupted system call") },
8135 + { BSM_ERRNO_EIO, EIO, 1, ES("Input/output error") },
8136 + { BSM_ERRNO_ENXIO, ENXIO, 1, ES("Device not configured") },
8137 + { BSM_ERRNO_E2BIG, E2BIG, 1, ES("Argument list too long") },
8138 + { BSM_ERRNO_ENOEXEC, ENOEXEC, 1, ES("Exec format error") },
8139 + { BSM_ERRNO_EBADF, EBADF, 1, ES("Bad file descriptor") },
8140 + { BSM_ERRNO_ECHILD, ECHILD, 1, ES("No child processes") },
8141 + { BSM_ERRNO_EAGAIN, EAGAIN, 1, ES("Resource temporarily unavailable") },
8142 + { BSM_ERRNO_ENOMEM, ENOMEM, 1, ES("Cannot allocate memory") },
8143 + { BSM_ERRNO_EACCES, EACCES, 1, ES("Permission denied") },
8144 + { BSM_ERRNO_EFAULT, EFAULT, 1, ES("Bad address") },
8145 + { BSM_ERRNO_ENOTBLK, ENOTBLK, 1, ES("Block device required") },
8146 + { BSM_ERRNO_EBUSY, EBUSY, 1, ES("Device busy") },
8147 + { BSM_ERRNO_EEXIST, EEXIST, 1, ES("File exists") },
8148 + { BSM_ERRNO_EXDEV, EXDEV, 1, ES("Cross-device link") },
8149 + { BSM_ERRNO_ENODEV, ENODEV, 1, ES("Operation not supported by device") },
8150 + { BSM_ERRNO_ENOTDIR, ENOTDIR, 1, ES("Not a directory") },
8151 + { BSM_ERRNO_EISDIR, EISDIR, 1, ES("Is a directory") },
8152 + { BSM_ERRNO_EINVAL, EINVAL, 1, ES("Invalid argument") },
8153 + { BSM_ERRNO_ENFILE, ENFILE, 1, ES("Too many open files in system") },
8154 + { BSM_ERRNO_EMFILE, EMFILE, 1, ES("Too many open files") },
8155 + { BSM_ERRNO_ENOTTY, ENOTTY, 1, ES("Inappropriate ioctl for device") },
8156 + { BSM_ERRNO_ETXTBSY, ETXTBSY, 1, ES("Text file busy") },
8157 + { BSM_ERRNO_EFBIG, EFBIG, 1, ES("File too large") },
8158 + { BSM_ERRNO_ENOSPC, ENOSPC, 1, ES("No space left on device") },
8159 + { BSM_ERRNO_ESPIPE, ESPIPE, 1, ES("Illegal seek") },
8160 + { BSM_ERRNO_EROFS, EROFS, 1, ES("Read-only file system") },
8161 + { BSM_ERRNO_EMLINK, EMLINK, 1, ES("Too many links") },
8162 + { BSM_ERRNO_EPIPE, EPIPE, 1, ES("Broken pipe") },
8163 + { BSM_ERRNO_EDOM, EDOM, 1, ES("Numerical argument out of domain") },
8164 + { BSM_ERRNO_ERANGE, ERANGE, 1, ES("Result too large") },
8165 + { BSM_ERRNO_ENOMSG, ENOMSG, 1, ES("No message of desired type") },
8166 + { BSM_ERRNO_EIDRM, EIDRM, 1, ES("Identifier removed") },
8167 { BSM_ERRNO_ECHRNG,
8168 #ifdef ECHRNG
8169 ECHRNG,
8170 #else
8171 ERRNO_NO_LOCAL_MAPPING,
8172 #endif
8173 - ES("Channel number out of range") },
8174 + 1, ES("Channel number out of range") },
8175 { BSM_ERRNO_EL2NSYNC,
8176 #ifdef EL2NSYNC
8177 EL2NSYNC,
8178 #else
8179 ERRNO_NO_LOCAL_MAPPING,
8180 #endif
8181 - ES("Level 2 not synchronized") },
8182 + 1, ES("Level 2 not synchronized") },
8183 { BSM_ERRNO_EL3HLT,
8184 #ifdef EL3HLT
8185 EL3HLT,
8186 #else
8187 ERRNO_NO_LOCAL_MAPPING,
8188 #endif
8189 - ES("Level 3 halted") },
8190 + 1, ES("Level 3 halted") },
8191 { BSM_ERRNO_EL3RST,
8192 #ifdef EL3RST
8193 EL3RST,
8194 #else
8195 ERRNO_NO_LOCAL_MAPPING,
8196 #endif
8197 - ES("Level 3 reset") },
8198 + 1, ES("Level 3 reset") },
8199 { BSM_ERRNO_ELNRNG,
8200 #ifdef ELNRNG
8201 ELNRNG,
8202 #else
8203 ERRNO_NO_LOCAL_MAPPING,
8204 #endif
8205 - ES("Link number out of range") },
8206 + 1, ES("Link number out of range") },
8207 { BSM_ERRNO_EUNATCH,
8208 #ifdef EUNATCH
8209 EUNATCH,
8210 #else
8211 ERRNO_NO_LOCAL_MAPPING,
8212 #endif
8213 - ES("Protocol driver not attached") },
8214 + 1, ES("Protocol driver not attached") },
8215 { BSM_ERRNO_ENOCSI,
8216 #ifdef ENOCSI
8217 ENOCSI,
8218 #else
8219 ERRNO_NO_LOCAL_MAPPING,
8220 #endif
8221 - ES("No CSI structure available") },
8222 + 1, ES("No CSI structure available") },
8223 { BSM_ERRNO_EL2HLT,
8224 #ifdef EL2HLT
8225 EL2HLT,
8226 #else
8227 ERRNO_NO_LOCAL_MAPPING,
8228 #endif
8229 - ES("Level 2 halted") },
8230 - { BSM_ERRNO_EDEADLK, EDEADLK, ES("Resource deadlock avoided") },
8231 - { BSM_ERRNO_ENOLCK, ENOLCK, ES("No locks available") },
8232 - { BSM_ERRNO_ECANCELED, ECANCELED, ES("Operation canceled") },
8233 - { BSM_ERRNO_ENOTSUP, ENOTSUP, ES("Operation not supported") },
8234 - { BSM_ERRNO_EDQUOT, EDQUOT, ES("Disc quota exceeded") },
8235 + 1, ES("Level 2 halted") },
8236 + { BSM_ERRNO_EDEADLK, EDEADLK, 1, ES("Resource deadlock avoided") },
8237 + { BSM_ERRNO_ENOLCK, ENOLCK, 1, ES("No locks available") },
8238 + { BSM_ERRNO_ECANCELED, ECANCELED, 1, ES("Operation canceled") },
8239 + { BSM_ERRNO_ENOTSUP, ENOTSUP, 1, ES("Operation not supported") },
8240 + { BSM_ERRNO_EDQUOT, EDQUOT, 1, ES("Disc quota exceeded") },
8241 { BSM_ERRNO_EBADE,
8242 #ifdef EBADE
8243 EBADE,
8244 #else
8245 ERRNO_NO_LOCAL_MAPPING,
8246 #endif
8247 - ES("Invalid exchange") },
8248 + 1, ES("Invalid exchange") },
8249 { BSM_ERRNO_EBADR,
8250 #ifdef EBADR
8251 EBADR,
8252 #else
8253 ERRNO_NO_LOCAL_MAPPING,
8254 #endif
8255 - ES("Invalid request descriptor") },
8256 + 1, ES("Invalid request descriptor") },
8257 { BSM_ERRNO_EXFULL,
8258 #ifdef EXFULL
8259 EXFULL,
8260 #else
8261 ERRNO_NO_LOCAL_MAPPING,
8262 #endif
8263 - ES("Exchange full") },
8264 + 1, ES("Exchange full") },
8265 { BSM_ERRNO_ENOANO,
8266 #ifdef ENOANO
8267 ENOANO,
8268 #else
8269 ERRNO_NO_LOCAL_MAPPING,
8270 #endif
8271 - ES("No anode") },
8272 + 1, ES("No anode") },
8273 { BSM_ERRNO_EBADRQC,
8274 #ifdef EBADRQC
8275 EBADRQC,
8276 #else
8277 ERRNO_NO_LOCAL_MAPPING,
8278 #endif
8279 - ES("Invalid request descriptor") },
8280 + 1, ES("Invalid request descriptor") },
8281 { BSM_ERRNO_EBADSLT,
8282 #ifdef EBADSLT
8283 EBADSLT,
8284 #else
8285 ERRNO_NO_LOCAL_MAPPING,
8286 #endif
8287 - ES("Invalid slot") },
8288 + 1, ES("Invalid slot") },
8289 { BSM_ERRNO_EDEADLOCK,
8290 #ifdef EDEADLOCK
8291 EDEADLOCK,
8292 #else
8293 ERRNO_NO_LOCAL_MAPPING,
8294 #endif
8295 - ES("Resource deadlock avoided") },
8296 + 1, ES("Resource deadlock avoided") },
8297 { BSM_ERRNO_EBFONT,
8298 #ifdef EBFONT
8299 EBFONT,
8300 #else
8301 ERRNO_NO_LOCAL_MAPPING,
8302 #endif
8303 - ES("Bad font file format") },
8304 + 1, ES("Bad font file format") },
8305 { BSM_ERRNO_EOWNERDEAD,
8306 #ifdef EOWNERDEAD
8307 EOWNERDEAD,
8308 #else
8309 ERRNO_NO_LOCAL_MAPPING,
8310 #endif
8311 - ES("Process died with the lock") },
8312 + 1, ES("Process died with the lock") },
8313 { BSM_ERRNO_ENOTRECOVERABLE,
8314 #ifdef ENOTRECOVERABLE
8315 ENOTRECOVERABLE,
8316 #else
8317 ERRNO_NO_LOCAL_MAPPING,
8318 #endif
8319 - ES("Lock is not recoverable") },
8320 + 1, ES("Lock is not recoverable") },
8321 { BSM_ERRNO_ENOSTR,
8322 #ifdef ENOSTR
8323 ENOSTR,
8324 #else
8325 ERRNO_NO_LOCAL_MAPPING,
8326 #endif
8327 - ES("Device not a stream") },
8328 + 1, ES("Device not a stream") },
8329 { BSM_ERRNO_ENONET,
8330 #ifdef ENONET
8331 ENONET,
8332 #else
8333 ERRNO_NO_LOCAL_MAPPING,
8334 #endif
8335 - ES("Machine is not on the network") },
8336 + 1, ES("Machine is not on the network") },
8337 { BSM_ERRNO_ENOPKG,
8338 #ifdef ENOPKG
8339 ENOPKG,
8340 #else
8341 ERRNO_NO_LOCAL_MAPPING,
8342 #endif
8343 - ES("Package not installed") },
8344 + 1, ES("Package not installed") },
8345 { BSM_ERRNO_EREMOTE, EREMOTE,
8346 - ES("Too many levels of remote in path") },
8347 + 1, ES("Too many levels of remote in path") },
8348 { BSM_ERRNO_ENOLINK,
8349 #ifdef ENOLINK
8350 ENOLINK,
8351 #else
8352 ERRNO_NO_LOCAL_MAPPING,
8353 #endif
8354 - ES("Link has been severed") },
8355 + 1, ES("Link has been severed") },
8356 { BSM_ERRNO_EADV,
8357 #ifdef EADV
8358 EADV,
8359 #else
8360 ERRNO_NO_LOCAL_MAPPING,
8361 #endif
8362 - ES("Advertise error") },
8363 + 1, ES("Advertise error") },
8364 { BSM_ERRNO_ESRMNT,
8365 #ifdef ESRMNT
8366 ESRMNT,
8367 #else
8368 ERRNO_NO_LOCAL_MAPPING,
8369 #endif
8370 - ES("srmount error") },
8371 + 1, ES("srmount error") },
8372 { BSM_ERRNO_ECOMM,
8373 #ifdef ECOMM
8374 ECOMM,
8375 #else
8376 ERRNO_NO_LOCAL_MAPPING,
8377 #endif
8378 - ES("Communication error on send") },
8379 + 1, ES("Communication error on send") },
8380 { BSM_ERRNO_EPROTO,
8381 #ifdef EPROTO
8382 EPROTO,
8383 #else
8384 ERRNO_NO_LOCAL_MAPPING,
8385 #endif
8386 - ES("Protocol error") },
8387 + 1, ES("Protocol error") },
8388 { BSM_ERRNO_ELOCKUNMAPPED,
8389 #ifdef ELOCKUNMAPPED
8390 ELOCKUNMAPPED,
8391 #else
8392 ERRNO_NO_LOCAL_MAPPING,
8393 #endif
8394 - ES("Locked lock was unmapped") },
8395 + 1, ES("Locked lock was unmapped") },
8396 { BSM_ERRNO_ENOTACTIVE,
8397 #ifdef ENOTACTIVE
8398 ENOTACTIVE,
8399 #else
8400 ERRNO_NO_LOCAL_MAPPING,
8401 #endif
8402 - ES("Facility is not active") },
8403 + 1, ES("Facility is not active") },
8404 { BSM_ERRNO_EMULTIHOP,
8405 #ifdef EMULTIHOP
8406 EMULTIHOP,
8407 #else
8408 ERRNO_NO_LOCAL_MAPPING,
8409 #endif
8410 - ES("Multihop attempted") },
8411 + 1, ES("Multihop attempted") },
8412 { BSM_ERRNO_EBADMSG,
8413 #ifdef EBADMSG
8414 EBADMSG,
8415 #else
8416 ERRNO_NO_LOCAL_MAPPING,
8417 #endif
8418 - ES("Bad message") },
8419 - { BSM_ERRNO_ENAMETOOLONG, ENAMETOOLONG, ES("File name too long") },
8420 + 1, ES("Bad message") },
8421 + { BSM_ERRNO_ENAMETOOLONG, ENAMETOOLONG, 1, ES("File name too long") },
8422 { BSM_ERRNO_EOVERFLOW, EOVERFLOW,
8423 - ES("Value too large to be stored in data type") },
8424 + 1, ES("Value too large to be stored in data type") },
8425 { BSM_ERRNO_ENOTUNIQ,
8426 #ifdef ENOTUNIQ
8427 ENOTUNIQ,
8428 #else
8429 ERRNO_NO_LOCAL_MAPPING,
8430 #endif
8431 - ES("Given log name not unique") },
8432 + 1, ES("Given log name not unique") },
8433 { BSM_ERRNO_EBADFD,
8434 #ifdef EBADFD
8435 EBADFD,
8436 #else
8437 ERRNO_NO_LOCAL_MAPPING,
8438 #endif
8439 - ES("Given f.d. invalid for this operation") },
8440 + 1, ES("Given f.d. invalid for this operation") },
8441 { BSM_ERRNO_EREMCHG,
8442 #ifdef EREMCHG
8443 EREMCHG,
8444 #else
8445 ERRNO_NO_LOCAL_MAPPING,
8446 #endif
8447 - ES("Remote address changed") },
8448 + 1, ES("Remote address changed") },
8449 { BSM_ERRNO_ELIBACC,
8450 #ifdef ELIBACC
8451 ELIBACC,
8452 #else
8453 ERRNO_NO_LOCAL_MAPPING,
8454 #endif
8455 - ES("Can't access a needed shared lib") },
8456 + 1, ES("Can't access a needed shared lib") },
8457 { BSM_ERRNO_ELIBBAD,
8458 #ifdef ELIBBAD
8459 ELIBBAD,
8460 #else
8461 ERRNO_NO_LOCAL_MAPPING,
8462 #endif
8463 - ES("Accessing a corrupted shared lib") },
8464 + 1, ES("Accessing a corrupted shared lib") },
8465 { BSM_ERRNO_ELIBSCN,
8466 #ifdef ELIBSCN
8467 ELIBSCN,
8468 #else
8469 ERRNO_NO_LOCAL_MAPPING,
8470 #endif
8471 - ES(".lib section in a.out corrupted") },
8472 + 1, ES(".lib section in a.out corrupted") },
8473 { BSM_ERRNO_ELIBMAX,
8474 #ifdef ELIBMAX
8475 ELIBMAX,
8476 #else
8477 ERRNO_NO_LOCAL_MAPPING,
8478 #endif
8479 - ES("Attempting to link in too many libs") },
8480 + 1, ES("Attempting to link in too many libs") },
8481 { BSM_ERRNO_ELIBEXEC,
8482 #ifdef ELIBEXEC
8483 ELIBEXEC,
8484 #else
8485 ERRNO_NO_LOCAL_MAPPING,
8486 #endif
8487 - ES("Attempting to exec a shared library") },
8488 - { BSM_ERRNO_EILSEQ, EILSEQ, ES("Illegal byte sequence") },
8489 - { BSM_ERRNO_ENOSYS, ENOSYS, ES("Function not implemented") },
8490 - { BSM_ERRNO_ELOOP, ELOOP, ES("Too many levels of symbolic links") },
8491 + 1, ES("Attempting to exec a shared library") },
8492 + { BSM_ERRNO_EILSEQ, EILSEQ, 1, ES("Illegal byte sequence") },
8493 + { BSM_ERRNO_ENOSYS, ENOSYS, 1, ES("Function not implemented") },
8494 + { BSM_ERRNO_ELOOP, ELOOP, 1, ES("Too many levels of symbolic links") },
8495 { BSM_ERRNO_ERESTART,
8496 #ifdef ERESTART
8497 ERESTART,
8498 #else
8499 ERRNO_NO_LOCAL_MAPPING,
8500 #endif
8501 - ES("Restart syscall") },
8502 + 1, ES("Restart syscall") },
8503 { BSM_ERRNO_ESTRPIPE,
8504 #ifdef ESTRPIPE
8505 ESTRPIPE,
8506 #else
8507 ERRNO_NO_LOCAL_MAPPING,
8508 #endif
8509 - ES("If pipe/FIFO, don't sleep in stream head") },
8510 - { BSM_ERRNO_ENOTEMPTY, ENOTEMPTY, ES("Directory not empty") },
8511 - { BSM_ERRNO_EUSERS, EUSERS, ES("Too many users") },
8512 + 1, ES("If pipe/FIFO, don't sleep in stream head") },
8513 + { BSM_ERRNO_ENOTEMPTY, ENOTEMPTY, 1, ES("Directory not empty") },
8514 + { BSM_ERRNO_EUSERS, EUSERS, 1, ES("Too many users") },
8515 { BSM_ERRNO_ENOTSOCK, ENOTSOCK,
8516 - ES("Socket operation on non-socket") },
8517 + 1, ES("Socket operation on non-socket") },
8518 { BSM_ERRNO_EDESTADDRREQ, EDESTADDRREQ,
8519 - ES("Destination address required") },
8520 - { BSM_ERRNO_EMSGSIZE, EMSGSIZE, ES("Message too long") },
8521 + 1, ES("Destination address required") },
8522 + { BSM_ERRNO_EMSGSIZE, EMSGSIZE, 1, ES("Message too long") },
8523 { BSM_ERRNO_EPROTOTYPE, EPROTOTYPE,
8524 - ES("Protocol wrong type for socket") },
8525 - { BSM_ERRNO_ENOPROTOOPT, ENOPROTOOPT, ES("Protocol not available") },
8526 + 1, ES("Protocol wrong type for socket") },
8527 + { BSM_ERRNO_ENOPROTOOPT, ENOPROTOOPT, 1, ES("Protocol not available") },
8528 { BSM_ERRNO_EPROTONOSUPPORT, EPROTONOSUPPORT,
8529 - ES("Protocol not supported") },
8530 + 1, ES("Protocol not supported") },
8531 { BSM_ERRNO_ESOCKTNOSUPPORT, ESOCKTNOSUPPORT,
8532 - ES("Socket type not supported") },
8533 - { BSM_ERRNO_EOPNOTSUPP, EOPNOTSUPP, ES("Operation not supported") },
8534 + 1, ES("Socket type not supported") },
8535 + { BSM_ERRNO_EOPNOTSUPP, EOPNOTSUPP, 1, ES("Operation not supported") },
8536 { BSM_ERRNO_EPFNOSUPPORT, EPFNOSUPPORT,
8537 - ES("Protocol family not supported") },
8538 + 1, ES("Protocol family not supported") },
8539 { BSM_ERRNO_EAFNOSUPPORT, EAFNOSUPPORT,
8540 - ES("Address family not supported by protocol family") },
8541 - { BSM_ERRNO_EADDRINUSE, EADDRINUSE, ES("Address already in use") },
8542 + 1, ES("Address family not supported by protocol family") },
8543 + { BSM_ERRNO_EADDRINUSE, EADDRINUSE, 1, ES("Address already in use") },
8544 { BSM_ERRNO_EADDRNOTAVAIL, EADDRNOTAVAIL,
8545 - ES("Can't assign requested address") },
8546 - { BSM_ERRNO_ENETDOWN, ENETDOWN, ES("Network is down") },
8547 + 1, ES("Can't assign requested address") },
8548 + { BSM_ERRNO_ENETDOWN, ENETDOWN, 1, ES("Network is down") },
8549 { BSM_ERRNO_ENETRESET, ENETRESET,
8550 - ES("Network dropped connection on reset") },
8551 + 1, ES("Network dropped connection on reset") },
8552 { BSM_ERRNO_ECONNABORTED, ECONNABORTED,
8553 - ES("Software caused connection abort") },
8554 - { BSM_ERRNO_ECONNRESET, ECONNRESET, ES("Connection reset by peer") },
8555 - { BSM_ERRNO_ENOBUFS, ENOBUFS, ES("No buffer space available") },
8556 - { BSM_ERRNO_EISCONN, EISCONN, ES("Socket is already connected") },
8557 - { BSM_ERRNO_ENOTCONN, ENOTCONN, ES("Socket is not connected") },
8558 + 1, ES("Software caused connection abort") },
8559 + { BSM_ERRNO_ECONNRESET, ECONNRESET, 1, ES("Connection reset by peer") },
8560 + { BSM_ERRNO_ENOBUFS, ENOBUFS, 1, ES("No buffer space available") },
8561 + { BSM_ERRNO_EISCONN, EISCONN, 1, ES("Socket is already connected") },
8562 + { BSM_ERRNO_ENOTCONN, ENOTCONN, 1, ES("Socket is not connected") },
8563 { BSM_ERRNO_ESHUTDOWN, ESHUTDOWN,
8564 - ES("Can't send after socket shutdown") },
8565 + 1, ES("Can't send after socket shutdown") },
8566 { BSM_ERRNO_ETOOMANYREFS, ETOOMANYREFS,
8567 - ES("Too many references: can't splice") },
8568 - { BSM_ERRNO_ETIMEDOUT, ETIMEDOUT, ES("Operation timed out") },
8569 - { BSM_ERRNO_ECONNREFUSED, ECONNREFUSED, ES("Connection refused") },
8570 - { BSM_ERRNO_EHOSTDOWN, EHOSTDOWN, ES("Host is down") },
8571 - { BSM_ERRNO_EHOSTUNREACH, EHOSTUNREACH, ES("No route to host") },
8572 - { BSM_ERRNO_EALREADY, EALREADY, ES("Operation already in progress") },
8573 + 1, ES("Too many references: can't splice") },
8574 + { BSM_ERRNO_ETIMEDOUT, ETIMEDOUT, 1, ES("Operation timed out") },
8575 + { BSM_ERRNO_ECONNREFUSED, ECONNREFUSED, 1, ES("Connection refused") },
8576 + { BSM_ERRNO_EHOSTDOWN, EHOSTDOWN, 1, ES("Host is down") },
8577 + { BSM_ERRNO_EHOSTUNREACH, EHOSTUNREACH, 1, ES("No route to host") },
8578 + { BSM_ERRNO_EALREADY, EALREADY, 1, ES("Operation already in progress") },
8579 { BSM_ERRNO_EINPROGRESS, EINPROGRESS,
8580 - ES("Operation now in progress") },
8581 - { BSM_ERRNO_ESTALE, ESTALE, ES("Stale NFS file handle") },
8582 + 1, ES("Operation now in progress") },
8583 + { BSM_ERRNO_ESTALE, ESTALE, 1, ES("Stale NFS file handle") },
8584 { BSM_ERRNO_EPROCLIM,
8585 #ifdef EPROCLIM
8586 EPROCLIM,
8587 #else
8588 ERRNO_NO_LOCAL_MAPPING,
8589 #endif
8590 - ES("Too many processes") },
8591 + 1, ES("Too many processes") },
8592 { BSM_ERRNO_EBADRPC,
8593 #ifdef EBADRPC
8594 EBADRPC,
8595 #else
8596 ERRNO_NO_LOCAL_MAPPING,
8597 #endif
8598 - ES("RPC struct is bad") },
8599 + 1, ES("RPC struct is bad") },
8600 { BSM_ERRNO_ERPCMISMATCH,
8601 #ifdef ERPCMISMATCH
8602 ERPCMISMATCH,
8603 #else
8604 ERRNO_NO_LOCAL_MAPPING,
8605 #endif
8606 - ES("RPC version wrong") },
8607 + 1, ES("RPC version wrong") },
8608 { BSM_ERRNO_EPROGUNAVAIL,
8609 #ifdef EPROGUNAVAIL
8610 EPROGUNAVAIL,
8611 #else
8612 ERRNO_NO_LOCAL_MAPPING,
8613 #endif
8614 - ES("RPC prog. not avail") },
8615 + 1, ES("RPC prog. not avail") },
8616 { BSM_ERRNO_EPROGMISMATCH,
8617 #ifdef EPROGMISMATCH
8618 EPROGMISMATCH,
8619 #else
8620 ERRNO_NO_LOCAL_MAPPING,
8621 #endif
8622 - ES("RPC version wrong") },
8623 + 1, ES("RPC version wrong") },
8624 { BSM_ERRNO_EPROCUNAVAIL,
8625 #ifdef EPROCUNAVAIL
8626 EPROCUNAVAIL,
8627 #else
8628 - ERRNO_NO_LOCAL_MAPPING
8629 + ERRNO_NO_LOCAL_MAPPING,
8630 #endif
8631 - ES("Bad procedure for program") },
8632 + 1, ES("Bad procedure for program") },
8633 { BSM_ERRNO_EFTYPE,
8634 #ifdef EFTYPE
8635 EFTYPE,
8636 #else
8637 ERRNO_NO_LOCAL_MAPPING,
8638 #endif
8639 - ES("Inappropriate file type or format") },
8640 + 1, ES("Inappropriate file type or format") },
8641 { BSM_ERRNO_EAUTH,
8642 #ifdef EAUTH
8643 EAUTH,
8644 #else
8645 ERRNO_NO_LOCAL_MAPPING,
8646 #endif
8647 - ES("Authenticateion error") },
8648 + 1, ES("Authenticateion error") },
8649 { BSM_ERRNO_ENEEDAUTH,
8650 #ifdef ENEEDAUTH
8651 ENEEDAUTH,
8652 #else
8653 ERRNO_NO_LOCAL_MAPPING,
8654 #endif
8655 - ES("Need authenticator") },
8656 + 1, ES("Need authenticator") },
8657 { BSM_ERRNO_ENOATTR,
8658 #ifdef ENOATTR
8659 ENOATTR,
8660 #else
8661 ERRNO_NO_LOCAL_MAPPING,
8662 #endif
8663 - ES("Attribute not found") },
8664 + 1, ES("Attribute not found") },
8665 { BSM_ERRNO_EDOOFUS,
8666 #ifdef EDOOFUS
8667 EDOOFUS,
8668 #else
8669 ERRNO_NO_LOCAL_MAPPING,
8670 #endif
8671 - ES("Programming error") },
8672 + 1, ES("Programming error") },
8673 { BSM_ERRNO_EJUSTRETURN,
8674 #ifdef EJUSTRETURN
8675 EJUSTRETURN,
8676 #else
8677 ERRNO_NO_LOCAL_MAPPING,
8678 #endif
8679 - ES("Just return") },
8680 + 1, ES("Just return") },
8681 { BSM_ERRNO_ENOIOCTL,
8682 #ifdef ENOIOCTL
8683 ENOIOCTL,
8684 #else
8685 ERRNO_NO_LOCAL_MAPPING,
8686 #endif
8687 - ES("ioctl not handled by this layer") },
8688 + 1, ES("ioctl not handled by this layer") },
8689 { BSM_ERRNO_EDIRIOCTL,
8690 #ifdef EDIRIOCTL
8691 EDIRIOCTL,
8692 #else
8693 ERRNO_NO_LOCAL_MAPPING,
8694 #endif
8695 - ES("do direct ioctl in GEOM") },
8696 + 1, ES("do direct ioctl in GEOM") },
8697 { BSM_ERRNO_EPWROFF,
8698 #ifdef EPWROFF
8699 EPWROFF,
8700 #else
8701 ERRNO_NO_LOCAL_MAPPING,
8702 #endif
8703 - ES("Device power is off") },
8704 + 1, ES("Device power is off") },
8705 { BSM_ERRNO_EDEVERR,
8706 #ifdef EDEVERR
8707 EDEVERR,
8708 #else
8709 ERRNO_NO_LOCAL_MAPPING,
8710 #endif
8711 - ES("Device error") },
8712 + 1, ES("Device error") },
8713 { BSM_ERRNO_EBADEXEC,
8714 #ifdef EBADEXEC
8715 EBADEXEC,
8716 #else
8717 ERRNO_NO_LOCAL_MAPPING,
8718 #endif
8719 - ES("Bad executable") },
8720 + 1, ES("Bad executable") },
8721 { BSM_ERRNO_EBADARCH,
8722 #ifdef EBADARCH
8723 EBADARCH,
8724 #else
8725 ERRNO_NO_LOCAL_MAPPING,
8726 #endif
8727 - ES("Bad CPU type in executable") },
8728 + 1, ES("Bad CPU type in executable") },
8729 { BSM_ERRNO_ESHLIBVERS,
8730 #ifdef ESHLIBVERS
8731 ESHLIBVERS,
8732 #else
8733 ERRNO_NO_LOCAL_MAPPING,
8734 #endif
8735 - ES("Shared library version mismatch") },
8736 + 1, ES("Shared library version mismatch") },
8737 { BSM_ERRNO_EBADMACHO,
8738 #ifdef EBADMACHO
8739 EBADMACHO,
8740 #else
8741 ERRNO_NO_LOCAL_MAPPING,
8742 #endif
8743 - ES("Malformed Macho file") },
8744 + 1, ES("Malformed Macho file") },
8745 { BSM_ERRNO_EPOLICY,
8746 #ifdef EPOLICY
8747 EPOLICY,
8748 #else
8749 ERRNO_NO_LOCAL_MAPPING,
8750 #endif
8751 - ES("Operation failed by policy") },
8752 + 1, ES("Operation failed by policy") },
8753 { BSM_ERRNO_EDOTDOT,
8754 #ifdef EDOTDOT
8755 EDOTDOT,
8756 #else
8757 ERRNO_NO_LOCAL_MAPPING,
8758 #endif
8759 - ES("RFS specific error") },
8760 + 1, ES("RFS specific error") },
8761 { BSM_ERRNO_EUCLEAN,
8762 #ifdef EUCLEAN
8763 EUCLEAN,
8764 #else
8765 ERRNO_NO_LOCAL_MAPPING,
8766 #endif
8767 - ES("Structure needs cleaning") },
8768 + 1, ES("Structure needs cleaning") },
8769 { BSM_ERRNO_ENOTNAM,
8770 #ifdef ENOTNAM
8771 ENOTNAM,
8772 #else
8773 ERRNO_NO_LOCAL_MAPPING,
8774 #endif
8775 - ES("Not a XENIX named type file") },
8776 + 1, ES("Not a XENIX named type file") },
8777 { BSM_ERRNO_ENAVAIL,
8778 #ifdef ENAVAIL
8779 ENAVAIL,
8780 #else
8781 ERRNO_NO_LOCAL_MAPPING,
8782 #endif
8783 - ES("No XENIX semaphores available") },
8784 + 1, ES("No XENIX semaphores available") },
8785 { BSM_ERRNO_EISNAM,
8786 #ifdef EISNAM
8787 EISNAM,
8788 #else
8789 ERRNO_NO_LOCAL_MAPPING,
8790 #endif
8791 - ES("Is a named type file") },
8792 + 1, ES("Is a named type file") },
8793 { BSM_ERRNO_EREMOTEIO,
8794 #ifdef EREMOTEIO
8795 EREMOTEIO,
8796 #else
8797 ERRNO_NO_LOCAL_MAPPING,
8798 #endif
8799 - ES("Remote I/O error") },
8800 + 1, ES("Remote I/O error") },
8801 { BSM_ERRNO_ENOMEDIUM,
8802 #ifdef ENOMEDIUM
8803 ENOMEDIUM,
8804 #else
8805 ERRNO_NO_LOCAL_MAPPING,
8806 #endif
8807 - ES("No medium found") },
8808 + 1, ES("No medium found") },
8809 { BSM_ERRNO_EMEDIUMTYPE,
8810 #ifdef EMEDIUMTYPE
8811 EMEDIUMTYPE,
8812 #else
8813 ERRNO_NO_LOCAL_MAPPING,
8814 #endif
8815 - ES("Wrong medium type") },
8816 + 1, ES("Wrong medium type") },
8817 { BSM_ERRNO_ENOKEY,
8818 #ifdef ENOKEY
8819 ENOKEY,
8820 #else
8821 ERRNO_NO_LOCAL_MAPPING,
8822 #endif
8823 - ES("Required key not available") },
8824 + 1, ES("Required key not available") },
8825 { BSM_ERRNO_EKEYEXPIRED,
8826 #ifdef EKEEXPIRED
8827 EKEYEXPIRED,
8828 #else
8829 ERRNO_NO_LOCAL_MAPPING,
8830 #endif
8831 - ES("Key has expired") },
8832 + 1, ES("Key has expired") },
8833 { BSM_ERRNO_EKEYREVOKED,
8834 #ifdef EKEYREVOKED
8835 EKEYREVOKED,
8836 #else
8837 ERRNO_NO_LOCAL_MAPPING,
8838 #endif
8839 - ES("Key has been revoked") },
8840 + 1, ES("Key has been revoked") },
8841 { BSM_ERRNO_EKEYREJECTED,
8842 -#ifdef EKEREJECTED
8843 +#ifdef EKEYREJECTED
8844 EKEYREJECTED,
8845 #else
8846 ERRNO_NO_LOCAL_MAPPING,
8847 #endif
8848 - ES("Key was rejected by service") },
8849 + 1, ES("Key was rejected by service") },
8850 + { BSM_NFS_ERRNO_WFLUSH,
8851 +#ifdef NFSERR_WFLUSH
8852 + NFSERR_WFLUSH,
8853 +#else
8854 + ERRNO_NO_LOCAL_MAPPING,
8855 +#endif
8856 + 0, ES("The server's write cache used in the WRITECACHE call got flushed to disk") },
8857 + { BSM_NFS_ERRNO_BADHANDLE,
8858 +#ifdef NFSERR_BADHANDLE
8859 + NFSERR_BADHANDLE,
8860 +#else
8861 + ERRNO_NO_LOCAL_MAPPING,
8862 +#endif
8863 + 0, ES("Illegal NFS filehandle") },
8864 + { BSM_NFS_ERRNO_NOT_SYNC,
8865 +#ifdef NFSERR_NOT_SYNC
8866 + NFSERR_NOT_SYNC,
8867 +#else
8868 + ERRNO_NO_LOCAL_MAPPING,
8869 +#endif
8870 + 0, ES("Update synchronization mismatch detected during a SETATTR operation") },
8871 + { BSM_NFS_ERRNO_BAD_COOKIE,
8872 +#ifdef NFSERR_BAD_COOKIE
8873 + NFSERR_BAD_COOKIE,
8874 +#else
8875 + ERRNO_NO_LOCAL_MAPPING,
8876 +#endif
8877 + 0, ES("READDIR cookie is stale") },
8878 + { BSM_NFS_ERRNO_NOTSUPP,
8879 +#ifdef NFSERR_NOTSUPP
8880 + NFSERR_NOTSUPP,
8881 +#else
8882 + ERRNO_NO_LOCAL_MAPPING,
8883 +#endif
8884 + 0, ES("operation not supported") },
8885 + { BSM_NFS_ERRNO_TOOSMALL,
8886 +#ifdef NFSERR_TOOSMALL
8887 + NFSERR_TOOSMALL,
8888 +#else
8889 + ERRNO_NO_LOCAL_MAPPING,
8890 +#endif
8891 + 0, ES("response limit exceeded") },
8892 + { BSM_NFS_ERRNO_SERVERFAULT,
8893 +#ifdef NFSERR_SERVERFAULT
8894 + NFSERR_SERVERFAULT,
8895 +#else
8896 + ERRNO_NO_LOCAL_MAPPING,
8897 +#endif
8898 + 0, ES("undefined server error") },
8899 + { BSM_NFS_ERRNO_BADTYPE,
8900 +#ifdef NFSERR_BADTYPE
8901 + NFSERR_BADTYPE,
8902 +#else
8903 + ERRNO_NO_LOCAL_MAPPING,
8904 +#endif
8905 + 0, ES("type invalid for CREATE") },
8906 + { BSM_NFS_ERRNO_DELAY,
8907 +#ifdef NFSERR_DELAY
8908 + NFSERR_DELAY,
8909 +#else
8910 + ERRNO_NO_LOCAL_MAPPING,
8911 +#endif
8912 + 0, ES("file \"busy\" - retry") },
8913 + { BSM_NFS_ERRNO_SAME,
8914 +#ifdef NFSERR_SAME
8915 + NFSERR_SAME,
8916 +#else
8917 + ERRNO_NO_LOCAL_MAPPING,
8918 +#endif
8919 + 0, ES("nverify says attrs same") },
8920 + { BSM_NFS_ERRNO_DENIED,
8921 +#ifdef NFSERR_DENIED
8922 + NFSERR_DENIED,
8923 +#else
8924 + ERRNO_NO_LOCAL_MAPPING,
8925 +#endif
8926 + 0, ES("lock unavailable") },
8927 + { BSM_NFS_ERRNO_EXPIRED,
8928 +#ifdef NFSERR_EXPIRED
8929 + NFSERR_EXPIRED,
8930 +#else
8931 + ERRNO_NO_LOCAL_MAPPING,
8932 +#endif
8933 + 0, ES("lock lease expired") },
8934 + { BSM_NFS_ERRNO_LOCKED,
8935 +#ifdef NFSERR_LOCKED
8936 + NFSERR_LOCKED,
8937 +#else
8938 + ERRNO_NO_LOCAL_MAPPING,
8939 +#endif
8940 + 0, ES("I/O failed due to lock") },
8941 + { BSM_NFS_ERRNO_GRACE,
8942 +#ifdef NFSERR_GRACE
8943 + NFSERR_GRACE,
8944 +#else
8945 + ERRNO_NO_LOCAL_MAPPING,
8946 +#endif
8947 + 0, ES("in grace period") },
8948 + { BSM_NFS_ERRNO_FHEXPIRED,
8949 +#ifdef NFSERR_FHEXPIRED
8950 + NFSERR_FHEXPIRED,
8951 +#else
8952 + ERRNO_NO_LOCAL_MAPPING,
8953 +#endif
8954 + 0, ES("filehandle expired") },
8955 + { BSM_NFS_ERRNO_SHAREDENIED,
8956 +#ifdef NFSERR_SHAREDENIED
8957 + NFSERR_SHAREDENIED,
8958 +#else
8959 + ERRNO_NO_LOCAL_MAPPING,
8960 +#endif
8961 + 0, ES("share reserve denied") },
8962 + { BSM_NFS_ERRNO_WRONGSEC,
8963 +#ifdef NFSERR_WRONGSEC
8964 + NFSERR_WRONGSEC,
8965 +#else
8966 + ERRNO_NO_LOCAL_MAPPING,
8967 +#endif
8968 + 0, ES("wrong security flavor") },
8969 + { BSM_NFS_ERRNO_CLIDINUSE,
8970 +#ifdef NFSERR_CLIDINUSE
8971 + NFSERR_CLIDINUSE,
8972 +#else
8973 + ERRNO_NO_LOCAL_MAPPING,
8974 +#endif
8975 + 0, ES("clientid in use") },
8976 + { BSM_NFS_ERRNO_RESOURCE,
8977 +#ifdef NFSERR_RESOURCE
8978 + NFSERR_RESOURCE,
8979 +#else
8980 + ERRNO_NO_LOCAL_MAPPING,
8981 +#endif
8982 + 0, ES("resource exhaustion") },
8983 + { BSM_NFS_ERRNO_MOVED,
8984 +#ifdef NFSERR_MOVED
8985 + NFSERR_MOVED,
8986 +#else
8987 + ERRNO_NO_LOCAL_MAPPING,
8988 +#endif
8989 + 0, ES("filesystem relocated") },
8990 + { BSM_NFS_ERRNO_NOFILEHANDLE,
8991 +#ifdef NFSERR_NOFILEHANDLE
8992 + NFSERR_NOFILEHANDLE,
8993 +#else
8994 + ERRNO_NO_LOCAL_MAPPING,
8995 +#endif
8996 + 0, ES("current FH is not set") },
8997 + { BSM_NFS_ERRNO_MINORVERMISMATCH,
8998 +#ifdef NFSERR_MINORVERMISMATCH
8999 + NFSERR_MINORVERMISMATCH,
9000 +#else
9001 + ERRNO_NO_LOCAL_MAPPING,
9002 +#endif
9003 + 0, ES("minor vers not supp") },
9004 + { BSM_NFS_ERRNO_STALECLIENTID,
9005 +#ifdef NFSERR_STALECLIENTID
9006 + NFSERR_STALECLIENTID,
9007 +#else
9008 + ERRNO_NO_LOCAL_MAPPING,
9009 +#endif
9010 + 0, ES("server has rebooted") },
9011 + { BSM_NFS_ERRNO_STALESTATEID,
9012 +#ifdef NFSERR_STALESTATEID
9013 + NFSERR_STALESTATEID,
9014 +#else
9015 + ERRNO_NO_LOCAL_MAPPING,
9016 +#endif
9017 + 0, ES("server has rebooted") },
9018 + { BSM_NFS_ERRNO_OLDSTATEID,
9019 +#ifdef NFSERR_OLDSTATEID
9020 + NFSERR_OLDSTATEID,
9021 +#else
9022 + ERRNO_NO_LOCAL_MAPPING,
9023 +#endif
9024 + 0, ES("state is out of sync") },
9025 + { BSM_NFS_ERRNO_BADSTATEID,
9026 +#ifdef NFSERR_BADSTATEID
9027 + NFSERR_BADSTATEID,
9028 +#else
9029 + ERRNO_NO_LOCAL_MAPPING,
9030 +#endif
9031 + 0, ES("incorrect stateid") },
9032 + { BSM_NFS_ERRNO_BADSEQID,
9033 +#ifdef NFSERR_BADSEQID
9034 + NFSERR_BADSEQID,
9035 +#else
9036 + ERRNO_NO_LOCAL_MAPPING,
9037 +#endif
9038 + 0, ES("request is out of seq") },
9039 + { BSM_NFS_ERRNO_NOTSAME,
9040 +#ifdef NFSERR_NOTSAME
9041 + NFSERR_NOTSAME,
9042 +#else
9043 + ERRNO_NO_LOCAL_MAPPING,
9044 +#endif
9045 + 0, ES("verify - attrs not same") },
9046 + { BSM_NFS_ERRNO_LOCKRANGE,
9047 +#ifdef NFSERR_LOCKRANGE
9048 + NFSERR_LOCKRANGE,
9049 +#else
9050 + ERRNO_NO_LOCAL_MAPPING,
9051 +#endif
9052 + 0, ES("lock range not supported") },
9053 + { BSM_NFS_ERRNO_SYMLINK,
9054 +#ifdef NFSERR_SYMLINK
9055 + NFSERR_SYMLINK,
9056 +#else
9057 + ERRNO_NO_LOCAL_MAPPING,
9058 +#endif
9059 + 0, ES("should be file/directory") },
9060 + { BSM_NFS_ERRNO_RESTOREFH,
9061 +#ifdef NFSERR_RESTOREFH
9062 + NFSERR_RESTOREFH,
9063 +#else
9064 + ERRNO_NO_LOCAL_MAPPING,
9065 +#endif
9066 + 0, ES("no saved filehandle") },
9067 + { BSM_NFS_ERRNO_LEASEMOVED,
9068 +#ifdef NFSERR_LEASEMOVED
9069 + NFSERR_LEASEMOVED,
9070 +#else
9071 + ERRNO_NO_LOCAL_MAPPING,
9072 +#endif
9073 + 0, ES("some filesystem moved") },
9074 + { BSM_NFS_ERRNO_ATTRNOTSUPP,
9075 +#ifdef NFSERR_ATTRNOTSUPP
9076 + NFSERR_ATTRNOTSUPP,
9077 +#else
9078 + ERRNO_NO_LOCAL_MAPPING,
9079 +#endif
9080 + 0, ES("recommended attr not sup") },
9081 + { BSM_NFS_ERRNO_NOGRACE,
9082 +#ifdef NFSERR_NOGRACE
9083 + NFSERR_NOGRACE,
9084 +#else
9085 + ERRNO_NO_LOCAL_MAPPING,
9086 +#endif
9087 + 0, ES("reclaim outside of grace") },
9088 + { BSM_NFS_ERRNO_RECLAIMBAD,
9089 +#ifdef NFSERR_RECLAIMBAD
9090 + NFSERR_RECLAIMBAD,
9091 +#else
9092 + ERRNO_NO_LOCAL_MAPPING,
9093 +#endif
9094 + 0, ES("reclaim error at server") },
9095 + { BSM_NFS_ERRNO_RECLAIMCONFLICT,
9096 +#ifdef NFSERR_RECLAIMCONFLICT
9097 + NFSERR_RECLAIMCONFLICT,
9098 +#else
9099 + ERRNO_NO_LOCAL_MAPPING,
9100 +#endif
9101 + 0, ES("conflict on reclaim") },
9102 + { BSM_NFS_ERRNO_BADXDR,
9103 +#ifdef NFSERR_BADXDR
9104 + NFSERR_BADXDR,
9105 +#else
9106 + ERRNO_NO_LOCAL_MAPPING,
9107 +#endif
9108 + 0, ES("XDR decode failed") },
9109 + { BSM_NFS_ERRNO_LOCKSHELD,
9110 +#ifdef NFSERR_LOCKSHELD
9111 + NFSERR_LOCKSHELD,
9112 +#else
9113 + ERRNO_NO_LOCAL_MAPPING,
9114 +#endif
9115 + 0, ES("file locks held at CLOSE") },
9116 + { BSM_NFS_ERRNO_OPENMODE,
9117 +#ifdef NFSERR_OPENMODE
9118 + NFSERR_OPENMODE,
9119 +#else
9120 + ERRNO_NO_LOCAL_MAPPING,
9121 +#endif
9122 + 0, ES("conflict in OPEN and I/O") },
9123 + { BSM_NFS_ERRNO_BADOWNER,
9124 +#ifdef NFSERR_BADOWNER
9125 + NFSERR_BADOWNER,
9126 +#else
9127 + ERRNO_NO_LOCAL_MAPPING,
9128 +#endif
9129 + 0, ES("owner translation bad") },
9130 + { BSM_NFS_ERRNO_BADCHAR,
9131 +#ifdef NFSERR_BADCHAR
9132 + NFSERR_BADCHAR,
9133 +#else
9134 + ERRNO_NO_LOCAL_MAPPING,
9135 +#endif
9136 + 0, ES("utf-8 char not supported") },
9137 + { BSM_NFS_ERRNO_BADNAME,
9138 +#ifdef NFSERR_BADNAME
9139 + NFSERR_BADNAME,
9140 +#else
9141 + ERRNO_NO_LOCAL_MAPPING,
9142 +#endif
9143 + 0, ES("name not supported") },
9144 + { BSM_NFS_ERRNO_BADRANGE,
9145 +#ifdef NFSERR_BADRANGE
9146 + NFSERR_BADRANGE,
9147 +#else
9148 + ERRNO_NO_LOCAL_MAPPING,
9149 +#endif
9150 + 0, ES("lock range not supported") },
9151 + { BSM_NFS_ERRNO_LOCKNOTSUPP,
9152 +#ifdef NFSERR_LOCKNOTSUPP
9153 + NFSERR_LOCKNOTSUPP,
9154 +#else
9155 + ERRNO_NO_LOCAL_MAPPING,
9156 +#endif
9157 + 0, ES("no atomic up/downgrade") },
9158 + { BSM_NFS_ERRNO_OPILLEGAL,
9159 +#ifdef NFSERR_OPILLEGAL
9160 + NFSERR_OPILLEGAL,
9161 +#else
9162 + ERRNO_NO_LOCAL_MAPPING,
9163 +#endif
9164 + 0, ES("undefined operation") },
9165 + { BSM_NFS_ERRNO_DEADLOCK,
9166 +#ifdef NFSERR_DEADLOCK
9167 + NFSERR_DEADLOCK,
9168 +#else
9169 + ERRNO_NO_LOCAL_MAPPING,
9170 +#endif
9171 + 0, ES("file locking deadlock") },
9172 + { BSM_NFS_ERRNO_FILEOPEN,
9173 +#ifdef NFSERR_FILEOPEN
9174 + NFSERR_FILEOPEN,
9175 +#else
9176 + ERRNO_NO_LOCAL_MAPPING,
9177 +#endif
9178 + 0, ES("open file blocks op") },
9179 + { BSM_NFS_ERRNO_ADMINREVOKED,
9180 +#ifdef NFSERR_ADMINREVOKED
9181 + NFSERR_ADMINREVOKED,
9182 +#else
9183 + ERRNO_NO_LOCAL_MAPPING,
9184 +#endif
9185 + 0, ES("lockowner state revoked") },
9186 + { BSM_NFS_ERRNO_CBPATHDOWN,
9187 +#ifdef NFSERR_CBPATHDOWN
9188 + NFSERR_CBPATHDOWN,
9189 +#else
9190 + ERRNO_NO_LOCAL_MAPPING,
9191 +#endif
9192 + 0, ES("callback path down") },
9193 };
9194 static const int bsm_errnos_count = sizeof(bsm_errnos) / sizeof(bsm_errnos[0]);
9195
9196 @@ -705,7 +1050,7 @@
9197 * Conversion to the BSM errno space isn't allowed to fail; we simply map to
9198 * BSM_ERRNO_UNKNOWN and let the remote endpoint deal with it.
9199 */
9200 -u_char
9201 +int
9202 au_errno_to_bsm(int local_errno)
9203 {
9204 const struct bsm_errno *bsme;
9205 @@ -717,7 +1062,7 @@
9206 }
9207
9208 static const struct bsm_errno *
9209 -bsm_lookup_errno_bsm(u_char bsm_errno)
9210 +bsm_lookup_errno_bsm(int bsm_errno)
9211 {
9212 int i;
9213
9214 @@ -734,7 +1079,7 @@
9215 * appropriate local mapping.
9216 */
9217 int
9218 -au_bsm_to_errno(u_char bsm_errno, int *errorp)
9219 +au_bsm_to_errno(int bsm_errno, int *errorp)
9220 {
9221 const struct bsm_errno *bsme;
9222
9223 @@ -747,14 +1092,14 @@
9224
9225 #if !defined(KERNEL) && !defined(_KERNEL)
9226 const char *
9227 -au_strerror(u_char bsm_errno)
9228 +au_strerror(int bsm_errno)
9229 {
9230 const struct bsm_errno *bsme;
9231
9232 bsme = bsm_lookup_errno_bsm(bsm_errno);
9233 if (bsme == NULL)
9234 return ("Unrecognized BSM error");
9235 - if (bsme->be_local_errno != ERRNO_NO_LOCAL_MAPPING)
9236 + if (bsme->be_local_errno != ERRNO_NO_LOCAL_MAPPING && bsme->be_use_strerror != 0)
9237 return (strerror(bsme->be_local_errno));
9238 return (bsme->be_strerror);
9239 }
9240 --- //depot/vendor/freebsd/src/sys/security/audit/audit_bsm_klib.c 2009-07-28 21:45:14.000000000 0000
9241 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm_klib.c 2010-08-16 13:30:34.000000000 0000
9242 @@ -112,6 +112,22 @@
9243 };
9244 static const int aue_openat_count = sizeof(aue_openat) / sizeof(aue_openat[0]);
9245
9246 +static const struct aue_open_event aue_nfs_open[] = {
9247 + { NFS_READACCESS, AUE_NFS_OPEN_R },
9248 + { (NFS_READACCESS | NFS_CREATE), AUE_NFS_OPEN_RC },
9249 + { (NFS_READACCESS | NFS_CREATE | NFS_TRUNC), AUE_NFS_OPEN_RTC },
9250 + { (NFS_READACCESS | NFS_TRUNC), AUE_NFS_OPEN_RT },
9251 + { NFS_RWACCESS, AUE_NFS_OPEN_RW },
9252 + { (NFS_RWACCESS | NFS_CREATE), AUE_NFS_OPEN_RWC },
9253 + { (NFS_RWACCESS | NFS_CREATE | NFS_TRUNC), AUE_NFS_OPEN_RWTC },
9254 + { (NFS_RWACCESS | NFS_TRUNC), AUE_NFS_OPEN_RWT },
9255 + { NFS_WRITEACCESS, AUE_NFS_OPEN_W },
9256 + { (NFS_WRITEACCESS | NFS_CREATE), AUE_NFS_OPEN_WC },
9257 + { (NFS_WRITEACCESS | NFS_CREATE | NFS_TRUNC), AUE_NFS_OPEN_WTC },
9258 + { (NFS_WRITEACCESS | NFS_TRUNC), AUE_NFS_OPEN_WT },
9259 +};
9260 +static const int aue_nfs_open_count = sizeof(aue_nfs_open) / sizeof(aue_nfs_open[0]);
9261 +
9262 /*
9263 * Look up the class for an audit event in the class mapping table.
9264 */
9265 @@ -319,6 +335,26 @@
9266 return (AUE_OPENAT);
9267 }
9268
9269 +au_event_t
9270 +audit_flags_to_nfs_openevent(int oflags)
9271 +{
9272 + int i;
9273 +
9274 + /*
9275 + * Need to check only those flags we care about.
9276 + * XXXgpf: As it turns out, POSIX clients (including FreeBSD's
9277 + * client) will always provide DENY_NONE; ignore deny bits
9278 + * when determining a specific event type
9279 + */
9280 + oflags = oflags & (NFS_READACCESS | NFS_WRITEACCESS | NFS_READDENY
9281 + | NFS_WRITEDENY | NFS_CREATE | NFS_TRUNC);
9282 + for (i = 0; i < aue_nfs_open_count; i++) {
9283 + if (aue_nfs_open[i].aoe_flags == oflags)
9284 + return (aue_nfs_open[i].aoe_event);
9285 + }
9286 + return (AUE_NFS_OPEN);
9287 +}
9288 +
9289 /*
9290 * Convert a MSGCTL command to a specific event.
9291 */
9292 --- //depot/vendor/freebsd/src/sys/security/audit/audit_bsm_token.c 2009-09-08 13:25:13.000000000 0000
9293 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_bsm_token.c 2010-08-07 16:49:25.000000000 0000
9294 @@ -581,6 +581,24 @@
9295
9296 /*
9297 * token ID 1 byte
9298 + * vtype 4 bytes
9299 + */
9300 +token_t *
9301 +au_to_vtype(u_int32_t vtype)
9302 +{
9303 + token_t *t;
9304 + u_char *dptr = NULL;
9305 +
9306 + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t));
9307 +
9308 + ADD_U_CHAR(dptr, AUT_VTYPE);
9309 + ADD_U_INT32(dptr, vtype);
9310 +
9311 + return (t);
9312 +}
9313 +
9314 +/*
9315 + * token ID 1 byte
9316 * path length 2 bytes
9317 * path N bytes + 1 terminating NULL byte
9318 */
9319 @@ -786,41 +804,59 @@
9320
9321 /*
9322 * token ID 1 byte
9323 - * error status 1 byte
9324 + * protocol 4 bytes
9325 + */
9326 +token_t *
9327 +au_to_protocol(u_int32_t protocol)
9328 +{
9329 + token_t *t;
9330 + u_char *dptr = NULL;
9331 +
9332 + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t));
9333 +
9334 + ADD_U_CHAR(dptr, AUT_PROTOCOL);
9335 + ADD_U_INT32(dptr, protocol);
9336 +
9337 + return (t);
9338 +}
9339 +
9340 +/*
9341 + * token ID 1 byte
9342 + * error status 4 bytes
9343 * return value 4 bytes/8 bytes (32-bit/64-bit value)
9344 */
9345 token_t *
9346 -au_to_return32(char status, u_int32_t ret)
9347 +au_to_return32(u_int32_t status, u_int32_t ret)
9348 {
9349 token_t *t;
9350 u_char *dptr = NULL;
9351
9352 - GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t));
9353 + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + sizeof(u_int32_t));
9354
9355 ADD_U_CHAR(dptr, AUT_RETURN32);
9356 - ADD_U_CHAR(dptr, status);
9357 + ADD_U_INT32(dptr, status);
9358 ADD_U_INT32(dptr, ret);
9359
9360 return (t);
9361 }
9362
9363 token_t *
9364 -au_to_return64(char status, u_int64_t ret)
9365 +au_to_return64(u_int32_t status, u_int64_t ret)
9366 {
9367 token_t *t;
9368 u_char *dptr = NULL;
9369
9370 - GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t));
9371 + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + sizeof(u_int64_t));
9372
9373 ADD_U_CHAR(dptr, AUT_RETURN64);
9374 - ADD_U_CHAR(dptr, status);
9375 + ADD_U_INT32(dptr, status);
9376 ADD_U_INT64(dptr, ret);
9377
9378 return (t);
9379 }
9380
9381 token_t *
9382 -au_to_return(char status, u_int32_t ret)
9383 +au_to_return(u_int32_t status, u_int32_t ret)
9384 {
9385
9386 return (au_to_return32(status, ret));
9387 --- //depot/vendor/freebsd/src/sys/security/audit/audit_private.h 2009-07-29 07:50:15.000000000 0000
9388 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_private.h 2010-08-07 16:49:25.000000000 0000
9389 @@ -51,6 +51,9 @@
9390 MALLOC_DECLARE(M_AUDITPATH);
9391 MALLOC_DECLARE(M_AUDITTEXT);
9392 MALLOC_DECLARE(M_AUDITGIDSET);
9393 +MALLOC_DECLARE(M_AUDITLOCKOWNER);
9394 +MALLOC_DECLARE(M_AUDITCLIENTNAME);
9395 +MALLOC_DECLARE(M_AUDITRECORD);
9396 #endif
9397
9398 /*
9399 @@ -229,6 +232,12 @@
9400 int ar_arg_exitstatus;
9401 int ar_arg_exitretval;
9402 struct sockaddr_storage ar_arg_sockaddr;
9403 + int ar_arg_protocol;
9404 + int ar_arg_vtype;
9405 + uint64_t ar_arg_clientid;
9406 + char *ar_arg_lockowner;
9407 + int ar_arg_locktype;
9408 + char *ar_arg_clientname;
9409 };
9410
9411 /*
9412 @@ -259,7 +268,7 @@
9413 #define ARG_SADDRINET 0x0000000000100000ULL
9414 #define ARG_SADDRINET6 0x0000000000200000ULL
9415 #define ARG_SADDRUNIX 0x0000000000400000ULL
9416 -#define ARG_TERMID_ADDR 0x0000000000400000ULL
9417 +#define ARG_TERMID_ADDR 0x0000000000800000ULL
9418 #define ARG_UNUSED2 0x0000000001000000ULL
9419 #define ARG_UPATH1 0x0000000002000000ULL
9420 #define ARG_UPATH2 0x0000000004000000ULL
9421 @@ -288,29 +297,40 @@
9422 #define ARG_ENVV 0x0002000000000000ULL
9423 #define ARG_ATFD1 0x0004000000000000ULL
9424 #define ARG_ATFD2 0x0008000000000000ULL
9425 +#define ARG_VTYPE 0x0010000000000000ULL
9426 +#define ARG_PROTOCOL 0x0020000000000000ULL
9427 +#define ARG_CLIENTID 0x0040000000000000ULL
9428 +#define ARG_LOCKOWNER 0x0080000000000000ULL
9429 +#define ARG_LOCKTYPE 0x0100000000000000ULL
9430 +#define ARG_CLIENTNAME 0x0200000000000000ULL
9431 #define ARG_NONE 0x0000000000000000ULL
9432 #define ARG_ALL 0xFFFFFFFFFFFFFFFFULL
9433
9434 -#define ARG_IS_VALID(kar, arg) ((kar)->k_ar.ar_valid_arg & (arg))
9435 +#define ARG_IS_VALID(kar, arg) ((kar)->k_ar->ar_valid_arg & (arg))
9436 #define ARG_SET_VALID(kar, arg) do { \
9437 - (kar)->k_ar.ar_valid_arg |= (arg); \
9438 + (kar)->k_ar->ar_valid_arg |= (arg); \
9439 } while (0)
9440 #define ARG_CLEAR_VALID(kar, arg) do { \
9441 - (kar)->k_ar.ar_valid_arg &= ~(arg); \
9442 + (kar)->k_ar->ar_valid_arg &= ~(arg); \
9443 } while (0)
9444
9445 /*
9446 - * In-kernel version of audit record; the basic record plus queue meta-data.
9447 + * In-kernel version of audit record; the basic record plus queue meta-data,
9448 + * plus the necessary elements to maintain a tree like structure of multiple
9449 + * audit records per kernel thread.
9450 * This record can also have a pointer set to some opaque data that will be
9451 * passed through to the audit writing mechanism.
9452 */
9453 struct kaudit_record {
9454 - struct audit_record k_ar;
9455 + struct audit_record *k_ar;
9456 u_int32_t k_ar_commit;
9457 void *k_udata; /* User data. */
9458 u_int k_ulen; /* User data length. */
9459 struct uthread *k_uthread; /* Audited thread. */
9460 TAILQ_ENTRY(kaudit_record) k_q;
9461 + struct kaudit_record *k_parent; /* parent record */
9462 + STAILQ_ENTRY(kaudit_record) k_record_q;
9463 + STAILQ_HEAD(kaudit_children_q, kaudit_record) kaudit_children_q; /* queue for children records */
9464 };
9465 TAILQ_HEAD(kaudit_queue, kaudit_record);
9466
9467 @@ -319,11 +339,32 @@
9468 * records.
9469 */
9470 void audit_abort(struct kaudit_record *ar);
9471 -void audit_commit(struct kaudit_record *ar, int error,
9472 - int retval);
9473 +void audit_commit(struct kaudit_record *ar);
9474 struct kaudit_record *audit_new(int event, struct thread *td);
9475
9476 /*
9477 + * Functions to manage the per thread audit record tree structure
9478 + */
9479 +
9480 +void audit_tree_commit(struct kaudit_record *ar, int *signal_worker);
9481 +void audit_tree_go_up(struct thread *td);
9482 +void audit_tree_insert(struct thread *td, struct kaudit_record *ar);
9483 +
9484 +/*
9485 + * NFS specific stuff
9486 + */
9487 +int audit_nfs_proc_to_event(unsigned int proc, au_event_t *event, int nfsprot);
9488 +
9489 +#define NFS_READACCESS 0x00000001
9490 +#define NFS_WRITEACCESS 0x00000002
9491 +#define NFS_RWACCESS NFS_READACCESS | NFS_WRITEACCESS
9492 +#define NFS_READDENY 0x00000004
9493 +#define NFS_WRITEDENY 0x00000008
9494 +#define NFS_RWDENY NFS_READDENY | NFS_WRITEDENY
9495 +#define NFS_CREATE 0x00000010
9496 +#define NFS_TRUNC 0x00000020
9497 +
9498 +/*
9499 * Functions relating to the conversion of internal kernel audit records to
9500 * the BSM file format.
9501 */
9502 @@ -384,6 +425,7 @@
9503 au_event_t audit_ctlname_to_sysctlevent(int name[], uint64_t valid_arg);
9504 au_event_t audit_flags_and_error_to_openevent(int oflags, int error);
9505 au_event_t audit_flags_and_error_to_openatevent(int oflags, int error);
9506 +au_event_t audit_flags_to_nfs_openevent(int oflags);
9507 au_event_t audit_msgctl_to_event(int cmd);
9508 au_event_t audit_semctl_to_event(int cmr);
9509 void audit_canon_path(struct thread *td, char *path, char *cpath);
9510 --- //depot/vendor/freebsd/src/sys/security/audit/audit_worker.c 2009-05-11 15:35:16.000000000 0000
9511 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/security/audit/audit_worker.c 2010-07-19 14:34:02.000000000 0000
9512 @@ -342,10 +342,10 @@
9513 (ar->k_ar_commit & AR_PRESELECT_TRAIL) == 0))
9514 goto out;
9515
9516 - auid = ar->k_ar.ar_subj_auid;
9517 - event = ar->k_ar.ar_event;
9518 + auid = ar->k_ar->ar_subj_auid;
9519 + event = ar->k_ar->ar_event;
9520 class = au_event_class(event);
9521 - if (ar->k_ar.ar_errno == 0)
9522 + if (ar->k_ar->ar_errno == 0)
9523 sorf = AU_PRS_SUCCESS;
9524 else
9525 sorf = AU_PRS_FAILURE;
9526 --- //depot/vendor/freebsd/src/sys/sys/mount.h 2010-04-24 07:10:17.000000000 0000
9527 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/sys/mount.h 2010-05-27 14:41:11.000000000 0000
9528 @@ -567,6 +567,7 @@
9529 typedef int vfs_vget_t(struct mount *mp, ino_t ino, int flags,
9530 struct vnode **vpp);
9531 typedef int vfs_fhtovp_t(struct mount *mp, struct fid *fhp, struct vnode **vpp);
9532 +typedef int vfs_fhhint_t(struct mount *mp, struct fid *fhp, uint64_t *hint);
9533 typedef int vfs_checkexp_t(struct mount *mp, struct sockaddr *nam,
9534 int *extflagsp, struct ucred **credanonp,
9535 int *numsecflavors, int **secflavors);
9536 @@ -590,6 +591,7 @@
9537 vfs_sync_t *vfs_sync;
9538 vfs_vget_t *vfs_vget;
9539 vfs_fhtovp_t *vfs_fhtovp;
9540 + vfs_fhhint_t *vfs_fhhint;
9541 vfs_checkexp_t *vfs_checkexp;
9542 vfs_init_t *vfs_init;
9543 vfs_uninit_t *vfs_uninit;
9544 @@ -612,6 +614,8 @@
9545 (*(MP)->mnt_op->vfs_vget)(MP, INO, FLAGS, VPP)
9546 #define VFS_FHTOVP(MP, FIDP, VPP) \
9547 (*(MP)->mnt_op->vfs_fhtovp)(MP, FIDP, VPP)
9548 +#define VFS_FHHINT(MP, FIDP, HINT) \
9549 + (*(MP)->mnt_op->vfs_fhhint)(MP, FIDP, HINT)
9550 #define VFS_CHECKEXP(MP, NAM, EXFLG, CRED, NUMSEC, SEC) \
9551 (*(MP)->mnt_op->vfs_checkexp)(MP, NAM, EXFLG, CRED, NUMSEC, SEC)
9552 #define VFS_EXTATTRCTL(MP, C, FN, NS, N) \
9553 @@ -763,6 +767,7 @@
9554 vfs_sync_t vfs_stdnosync;
9555 vfs_vget_t vfs_stdvget;
9556 vfs_fhtovp_t vfs_stdfhtovp;
9557 +vfs_fhhint_t vfs_stdfhhint;
9558 vfs_checkexp_t vfs_stdcheckexp;
9559 vfs_init_t vfs_stdinit;
9560 vfs_uninit_t vfs_stduninit;
9561 --- //depot/vendor/freebsd/src/sys/sys/vnode.h 2010-04-02 14:05:14.000000000 0000
9562 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/sys/vnode.h 2010-05-27 14:41:11.000000000 0000
9563 @@ -609,6 +609,8 @@
9564 char **retbuf, char **freebuf);
9565 int vn_fullpath_global(struct thread *td, struct vnode *vn,
9566 char **retbuf, char **freebuf);
9567 +int vn_fullpath_nocache(struct vnode *vp, char **fullpath,
9568 + char **freepath, uint64_t directory_hint, char flags);
9569 int vn_commname(struct vnode *vn, char *buf, u_int buflen);
9570 int vaccess(enum vtype type, mode_t file_mode, uid_t file_uid,
9571 gid_t file_gid, accmode_t accmode, struct ucred *cred,
9572 @@ -693,6 +695,7 @@
9573 int vop_stdpoll(struct vop_poll_args *);
9574 int vop_stdvptocnp(struct vop_vptocnp_args *ap);
9575 int vop_stdvptofh(struct vop_vptofh_args *ap);
9576 +int vop_stdgetparent(struct vop_getparent_args *ap);
9577 int vop_eopnotsupp(struct vop_generic_args *ap);
9578 int vop_ebadf(struct vop_generic_args *ap);
9579 int vop_einval(struct vop_generic_args *ap);
9580 --- //depot/vendor/freebsd/src/sys/ufs/ffs/ffs_vfsops.c 2010-04-29 10:05:14.000000000 0000
9581 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/ufs/ffs/ffs_vfsops.c 2010-05-27 14:41:11.000000000 0000
9582 @@ -88,11 +88,13 @@
9583 static vfs_mount_t ffs_mount;
9584 static vfs_statfs_t ffs_statfs;
9585 static vfs_fhtovp_t ffs_fhtovp;
9586 +static vfs_fhhint_t ffs_fhhint;
9587 static vfs_sync_t ffs_sync;
9588
9589 static struct vfsops ufs_vfsops = {
9590 .vfs_extattrctl = ffs_extattrctl,
9591 .vfs_fhtovp = ffs_fhtovp,
9592 + .vfs_fhhint = ffs_fhhint,
9593 .vfs_init = ffs_init,
9594 .vfs_mount = ffs_mount,
9595 .vfs_cmount = ffs_cmount,
9596 @@ -1631,6 +1633,19 @@
9597 }
9598
9599 /*
9600 + * Get Parent Directory Hint from the File Handle
9601 + */
9602 +static int
9603 +ffs_fhhint(struct mount *mp, struct fid *fhp, uint64_t *hint)
9604 +{
9605 + struct ufid *ufhp;
9606 +
9607 + ufhp = (struct ufid *)fhp;
9608 + *hint = ufhp->ufid_dino;
9609 + return (0);
9610 +}
9611 +
9612 +/*
9613 * Initialize the filesystem.
9614 */
9615 static int
9616 --- //depot/vendor/freebsd/src/sys/ufs/ffs/ffs_vnops.c 2010-04-24 07:10:17.000000000 0000
9617 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/ufs/ffs/ffs_vnops.c 2010-08-02 18:01:42.000000000 0000
9618 @@ -69,6 +69,7 @@
9619 #include <sys/systm.h>
9620 #include <sys/buf.h>
9621 #include <sys/conf.h>
9622 +#include <sys/dirent.h>
9623 #include <sys/extattr.h>
9624 #include <sys/kernel.h>
9625 #include <sys/limits.h>
9626 @@ -119,7 +120,7 @@
9627 static vop_openextattr_t ffs_openextattr;
9628 static vop_setextattr_t ffs_setextattr;
9629 static vop_vptofh_t ffs_vptofh;
9630 -
9631 +static vop_getparent_t ffs_getparent;
9632
9633 /* Global vfs data structures for ufs. */
9634 struct vop_vector ffs_vnodeops1 = {
9635 @@ -131,6 +132,7 @@
9636 .vop_reallocblks = ffs_reallocblks,
9637 .vop_write = ffs_write,
9638 .vop_vptofh = ffs_vptofh,
9639 + .vop_getparent = ffs_getparent,
9640 };
9641
9642 struct vop_vector ffs_fifoops1 = {
9643 @@ -156,6 +158,7 @@
9644 .vop_openextattr = ffs_openextattr,
9645 .vop_setextattr = ffs_setextattr,
9646 .vop_vptofh = ffs_vptofh,
9647 + .vop_getparent = ffs_getparent,
9648 };
9649
9650 struct vop_vector ffs_fifoops2 = {
9651 @@ -1771,16 +1774,274 @@
9652 vop_vptofh {
9653 IN struct vnode *a_vp;
9654 IN struct fid *a_fhp;
9655 + IN struct vnode *a_dvp;
9656 };
9657 */
9658 {
9659 - struct inode *ip;
9660 + struct inode *ip, *dip;
9661 struct ufid *ufhp;
9662
9663 ip = VTOI(ap->a_vp);
9664 ufhp = (struct ufid *)ap->a_fhp;
9665 ufhp->ufid_len = sizeof(struct ufid);
9666 ufhp->ufid_ino = ip->i_number;
9667 - ufhp->ufid_gen = ip->i_gen;
9668 + ufhp->ufid_gen = ip->i_gen;
9669 + if (ap->a_dvp != NULL) {
9670 + dip = VTOI(ap->a_dvp);
9671 + ufhp->ufid_dino = dip->i_number;
9672 + }
9673 return (0);
9674 }
9675 +
9676 +/*
9677 + * XXXgpf: should relocate them someplace else
9678 + * I just dont know where:S
9679 + */
9680 +#define PARENTHINT 0x0001
9681 +#define EXHAUSTSEARCH 0x0002
9682 +#define WANTNAME 0x0004
9683 +
9684 +/*
9685 + * XXXgpf: this function is used by VOP_GETPARENT
9686 + *
9687 + * find 'a' name that is used to reference vp inside some parent directory.
9688 + * flags should be set to WANTNAME if the filename should be copied to
9689 + * the supplied buffer, in which case the supplied buffer should be != NULL.
9690 + *
9691 + * flags should be set to EXHAUSTSEARCH if want to perform a depth first search
9692 + * on the filesystem that contains vp. In this case, tmpdvp should be the root vnode
9693 + * of the filesystem. If a parent directory is found, dvp will point to it, unless the
9694 + * third parameter is NULL which is a bad idea because that vnode will be locked/referenced on success
9695 + * and needs to be vput()d by the caller.
9696 + *
9697 + * If flags is not set to EXHAUSTSEARCH, only tmpdvp will be searched for the vnode in question - vp.
9698 + * In this case, it is acceptable to provide NULL as the third parameter.
9699 + *
9700 + * locks: tmpdvp must be locked on entry and will still be locked on exit.
9701 + * If we are performing an exhaustive search, dvp will be locked and have its reference count incremented
9702 + * on success.
9703 + *
9704 + * returns:
9705 + * - ENOENT a file that corresponds to vp was not found inside dvp,
9706 + * or dvp is not a directory vnode
9707 + * - EIO error occured while reading the directory
9708 + * - EOVERFLOW result does not fit in buffer "name"
9709 + */
9710 +static int
9711 +dir_ilookup(struct vnode *vp, struct vnode *tmpdvp, struct vnode **dvp, char *name, int *namelen, int flags)
9712 +{
9713 + struct uio io;
9714 + struct iovec iov;
9715 + struct dirent *dp, *edp;
9716 + struct thread *td;
9717 + struct mount *mp;
9718 + struct vnode *childvp;
9719 + char *dirbuf;
9720 + u_int64_t dirbuflen;
9721 + int error, eofflag;
9722 + char foundit;
9723 +
9724 + if (tmpdvp->v_type != VDIR) {
9725 + return ENOENT;
9726 + }
9727 +
9728 + foundit = 0;
9729 + mp = vp->v_mount;
9730 + dirbuflen = ((struct inode *)tmpdvp->v_data)->i_size;
9731 + dirbuf = malloc(dirbuflen, M_TEMP, M_WAITOK);
9732 + td = curthread;
9733 +
9734 + /* prep the call to VOP_READDIR() */
9735 + iov.iov_base = dirbuf;
9736 + iov.iov_len = dirbuflen;
9737 + io.uio_iov = &iov;
9738 + io.uio_iovcnt = 1;
9739 + io.uio_offset = 0;
9740 + io.uio_resid = dirbuflen;
9741 + io.uio_segflg = UIO_SYSSPACE;
9742 + io.uio_rw = UIO_READ;
9743 + io.uio_td = td;
9744 + eofflag = 0;
9745 +
9746 + error = VOP_READDIR(tmpdvp, &io, td->td_ucred, &eofflag, NULL, NULL);
9747 + if (error) {
9748 + error = EIO;
9749 + goto out;
9750 + }
9751 +
9752 + /* search for the correct inode number inside the directory */
9753 + edp = (struct dirent *)&dirbuf[dirbuflen - io.uio_resid];
9754 + for (dp = (struct dirent *)dirbuf; dp < edp; ) {
9755 + if (!strcmp(((struct dirent *)dp)->d_name, ".") ||
9756 + !strcmp(((struct dirent *)dp)->d_name, "..")) {
9757 + dp = (struct dirent *)((char *)dp + dp->d_reclen);
9758 + continue;
9759 + }
9760 +
9761 + if (dp->d_reclen > 0) {
9762 + /* found it */
9763 + if ( ((struct inode *)vp->v_data)->i_number == ((struct dirent *)dp)->d_fileno) {
9764 + char *pch;
9765 + int len;
9766 +
9767 + if (dvp != NULL)
9768 + *dvp = tmpdvp;
9769 +
9770 + if (flags & WANTNAME) {
9771 + pch = ((struct dirent *)dp)->d_name;
9772 + len = strlen(pch);
9773 +
9774 + if (len >= *namelen) {
9775 + error = ENOMEM;
9776 + goto out;
9777 + }
9778 +
9779 + strlcpy(name, ((struct dirent *)dp)->d_name, *namelen);
9780 + *namelen -= len + 1;
9781 + }
9782 +
9783 + foundit = 1;
9784 + error = 0;
9785 + break;
9786 + }
9787 + /* recusivly traverse the fs if we have the EXHAUSTSEARCH flag set */
9788 + else if ((flags & EXHAUSTSEARCH) && ((struct dirent *)dp)->d_type == DT_DIR) {
9789 + error = VFS_VGET(mp, ((struct dirent *)dp)->d_fileno, LK_SHARED, &childvp);
9790 + /* no reason to traverse other filesystems */
9791 + if (!error && !(childvp->v_vflag & VV_ROOT)) {
9792 + error = dir_ilookup(vp, childvp, dvp, name, namelen, flags);
9793 + if (error) {
9794 + vput(childvp);
9795 + }
9796 + /* don't vput the directory vnode that contains vp */
9797 + else if (childvp != *dvp) {
9798 + vput(childvp);
9799 + }
9800 +
9801 + if (!error) {
9802 + foundit = 1;
9803 + break;
9804 + }
9805 + }
9806 + }
9807 + dp = (struct dirent *)((char *)dp + dp->d_reclen);
9808 + }
9809 + else {
9810 + error = EIO;
9811 + break;
9812 + }
9813 + }
9814 +
9815 +out:
9816 + if (dirbuf != NULL) {
9817 + free(dirbuf, M_TEMP);
9818 + }
9819 +
9820 + if (foundit == 0 && error == 0) {
9821 + error = ENOENT;
9822 + }
9823 +
9824 + return (error);
9825 +}
9826 +
9827 +/*
9828 + * VOP_GETPARENT
9829 + *
9830 + * int VOP_GETPARENT(struct vnode *vp, struct vnode **dvp, uint64_t hint,
9831 + * int flags, char *buf, int *buflen);
9832 + *
9833 + * Find a parent directory -dvp- with vp as a child. The parent hint is used to
9834 + * facilitate the search. On success, the name used to reference the child -vp-
9835 + * will be copied to buf. buflen should contain the lenght of buf on entry. On
9836 + * success, it will contain the remaining length of the buffer.
9837 + *
9838 + * Flags should be set to:
9839 + * - PARENTHIT: if a hint ino_t of a directory is supplied to facilitate the search
9840 + * - EXHAUSTSEARCH: if we are willing to search the whole filesystem to find the directory
9841 + * - WANTNAME: if we want to copy the name used to reference the file inside the dir, to buf
9842 + *
9843 + * Locks: vp should be locked on entry and will still be locked on exit.
9844 + * On success, dvp will be locked and have its reference count incremented.
9845 + *
9846 + */
9847 +static int
9848 +ffs_getparent(struct vop_getparent_args *ap)
9849 +/*
9850 +vop_getparent {
9851 + IN struct vnode *a_vp;
9852 + OUT struct vnode **a_vpp;
9853 + IN uint64_t a_hint;
9854 + IN int a_flags;
9855 + INOUT char *a_buf;
9856 + INOUT int *a_buflen;
9857 +};
9858 +*/
9859 +{
9860 + struct mount *mp;
9861 + struct vnode *vp, *dvp, *startdvp;
9862 + int error, flags, tmpflags;
9863 +
9864 + error = 0;
9865 + vp = ap->a_vp;
9866 + mp = vp->v_mount;
9867 + dvp = NULL;
9868 + flags = ap->a_flags;
9869 +
9870 + KASSERT(vp != NULL, ("VOP_GEPARENT: null vp"));
9871 + if (flags & WANTNAME)
9872 + KASSERT(ap->a_buf != NULL, ("VOP_GEPARENT: null buffer"));
9873 +
9874 + /* XXXgpf:is this check necessary? */
9875 + if (vp->v_type == VBAD) {
9876 + error = ENOENT;
9877 + dvp = NULL;
9878 + goto out;
9879 + }
9880 +
9881 + /* grab the parent directory using the directory_hint */
9882 + if (flags & PARENTHINT) {
9883 + error = VFS_VGET(mp, ap->a_hint, LK_SHARED, &dvp);
9884 + /* in case of failure, proceed to exhaustive search */
9885 + if (error) {
9886 + dvp = NULL;
9887 + }
9888 + /* make sure this directory contains vp */
9889 + else {
9890 + /* avoid exhaustive search for now */
9891 + tmpflags = flags & (PARENTHINT | WANTNAME);
9892 + error = dir_ilookup(vp, dvp, NULL, ap->a_buf, ap->a_buflen, tmpflags);
9893 + if (error) {
9894 + vput(dvp);
9895 + dvp = NULL;
9896 + }
9897 + }
9898 + }
9899 +
9900 + /*
9901 + * if we haven't found 'a' parent directory, do an exhaustive search on
9902 + * the filesystem
9903 + */
9904 + if ((flags & EXHAUSTSEARCH) && dvp == NULL) {
9905 + error = VFS_VGET(mp, ROOTINO, LK_SHARED, &startdvp);
9906 + if (error == 0) {
9907 + error = dir_ilookup(vp, startdvp, &dvp, ap->a_buf, ap->a_buflen, flags);
9908 + /* dont vput if the parent vnode is the root vnode */
9909 + if (error || startdvp != dvp) {
9910 + vput(startdvp);
9911 + }
9912 + }
9913 + else
9914 + error = ENOENT;
9915 + }
9916 + /* we failed to find a directory that contains the vnode, exit */
9917 + else if (dvp == NULL)
9918 + error = ENOENT;
9919 +
9920 +out:
9921 + if (error == 0 && dvp != NULL)
9922 + *(ap->a_vpp) = dvp;
9923 + else
9924 + *(ap->a_vpp) = NULL;
9925 +
9926 + return (error);
9927 +}
9928 --- //depot/vendor/freebsd/src/sys/ufs/ufs/inode.h 2010-04-24 07:10:17.000000000 0000
9929 +++ //depot/projects/soc2010/gpf_audit/freebsd/src/sys/ufs/ufs/inode.h 2010-05-24 11:27:15.000000000 0000
9930 @@ -183,6 +183,8 @@
9931 u_int16_t ufid_pad; /* Force 32-bit alignment. */
9932 ino_t ufid_ino; /* File number (ino). */
9933 int32_t ufid_gen; /* Generation number. */
9934 + ino_t ufid_dino; /* ino of a directory that probably contains the inode */
9935 +
9936 };
9937 #endif /* _KERNEL */
9938
Attached Files
To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.You are not allowed to attach a file to this page.