AUDIT_PRINTF(("audit_worker starting\n"));
TAILQ_INIT(&ar_worklist);
- audit_cred = NULL;
+ audit_cred = NOCRED;
audit_p = current_proc();
audit_vp = NULL;
old_vp = audit_vp;
audit_cred = audit_replacement_cred;
audit_vp = audit_replacement_vp;
- audit_replacement_cred = NULL;
+ audit_replacement_cred = NOCRED;
audit_replacement_vp = NULL;
audit_replacement_flag = 0;
AUDIT_PRINTF(("Closing old audit file\n"));
vn_close(old_vp, audit_close_flags, old_cred,
audit_p);
- kauth_cred_rele(old_cred);
- old_cred = NOCRED;
+ kauth_cred_unref(&old_cred);
old_vp = NULL;
AUDIT_PRINTF(("Audit file closed\n"));
}
my_cred = kauth_cred_proc_ref(tp);
/*
- * set the credential with new info. If there is no change we get back
- * the same credential we passed in.
+ * Set the credential with new info. If there is no
+ * change, we get back the same credential we passed
+ * in; if there is a change, we drop the reference on
+ * the credential we passed in. The subsequent
+ * compare is safe, because it is a pointer compare
+ * rather than a contents compare.
*/
temp_auditinfo = my_cred->cr_au;
temp_auditinfo.ai_mask.am_success =
*/
if (tp->p_ucred != my_cred) {
proc_unlock(tp);
- kauth_cred_rele(my_cred);
- kauth_cred_rele(my_new_cred);
+ kauth_cred_unref(&my_new_cred);
/* try again */
continue;
}
tp->p_ucred = my_new_cred;
proc_unlock(tp);
}
- /* drop our extra reference */
- kauth_cred_rele(my_cred);
+ /* drop old proc reference or our extra reference */
+ kauth_cred_unref(&my_cred);
break;
}
break;
my_cred = kauth_cred_proc_ref(p);
/*
- * set the credential with new info. If there is no change we get back
- * the same credential we passed in.
+ * Set the credential with new info. If there is no change,
+ * we get back the same credential we passed in; if there is
+ * a change, we drop the reference on the credential we
+ * passed in. The subsequent compare is safe, because it is
+ * a pointer compare rather than a contents compare.
*/
temp_auditinfo = my_cred->cr_au;
temp_auditinfo.ai_auid = temp_au_id;
*/
if (p->p_ucred != my_cred) {
proc_unlock(p);
- kauth_cred_rele(my_cred);
- kauth_cred_rele(my_new_cred);
+ kauth_cred_unref(&my_new_cred);
/* try again */
continue;
}
p->p_ucred = my_new_cred;
proc_unlock(p);
}
- /* drop our extra reference */
- kauth_cred_rele(my_cred);
+ /* drop old proc reference or our extra reference */
+ kauth_cred_unref(&my_cred);
break;
}
{
int error;
struct auditinfo temp_auditinfo;
+ kauth_cred_t safecred;
error = suser(kauth_cred_get(), &p->p_acflag);
if (error)
my_cred = kauth_cred_proc_ref(p);
/*
- * set the credential with new info. If there is no change we get back
- * the same credential we passed in.
+ * Set the credential with new info. If there is no change,
+ * we get back the same credential we passed in; if there is
+ * a change, we drop the reference on the credential we
+ * passed in. The subsequent compare is safe, because it is
+ * a pointer compare rather than a contents compare.
*/
my_new_cred = kauth_cred_setauditinfo(my_cred, &temp_auditinfo);
*/
if (p->p_ucred != my_cred) {
proc_unlock(p);
- kauth_cred_rele(my_cred);
- kauth_cred_rele(my_new_cred);
+ kauth_cred_unref(&my_new_cred);
/* try again */
continue;
}
p->p_ucred = my_new_cred;
proc_unlock(p);
}
- /* drop our extra reference */
- kauth_cred_rele(my_cred);
+ /* drop old proc reference or our extra reference */
+ kauth_cred_unref(&my_cred);
break;
}
/* propagate the change from the process to Mach task */
set_security_token(p);
- audit_arg_auditinfo(&p->p_ucred->cr_au);
+ safecred = kauth_cred_proc_ref(p);
+ audit_arg_auditinfo(&safecred->cr_au);
+ kauth_cred_unref(&safecred);
return (0);
}
{
struct kaudit_record *ar;
int no_record;
+ kauth_cred_t safecred;
/*
* Eventually, there may be certain classes of events that
ar->k_ar.ar_event = event;
nanotime(&ar->k_ar.ar_starttime);
+ safecred = kauth_cred_proc_ref(p);
/* Export the subject credential. */
- cru2x(p->p_ucred, &ar->k_ar.ar_subj_cred);
- ar->k_ar.ar_subj_ruid = p->p_ucred->cr_ruid;
- ar->k_ar.ar_subj_rgid = p->p_ucred->cr_rgid;
- ar->k_ar.ar_subj_egid = p->p_ucred->cr_groups[0];
- ar->k_ar.ar_subj_auid = p->p_ucred->cr_au.ai_auid;
- ar->k_ar.ar_subj_asid = p->p_ucred->cr_au.ai_asid;
+ cru2x(safecred, &ar->k_ar.ar_subj_cred);
+
+ ar->k_ar.ar_subj_ruid = safecred->cr_ruid;
+ ar->k_ar.ar_subj_rgid = safecred->cr_rgid;
+ ar->k_ar.ar_subj_egid = safecred->cr_groups[0];
+ ar->k_ar.ar_subj_auid = safecred->cr_au.ai_auid;
+ ar->k_ar.ar_subj_asid = safecred->cr_au.ai_asid;
+ ar->k_ar.ar_subj_amask = safecred->cr_au.ai_mask;
+ ar->k_ar.ar_subj_term = safecred->cr_au.ai_termid;
+ kauth_cred_unref(&safecred);
+
ar->k_ar.ar_subj_pid = p->p_pid;
- ar->k_ar.ar_subj_amask = p->p_ucred->cr_au.ai_mask;
- ar->k_ar.ar_subj_term = p->p_ucred->cr_au.ai_termid;
bcopy(p->p_comm, ar->k_ar.ar_subj_comm, MAXCOMLEN);
return (ar);
projects / apple / xnu.git / blobdiff