/*-
- * Copyright (c) 1999-2009 Apple Inc.
+ * Copyright (c) 1999-2016 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#include <kern/host.h>
#include <kern/kalloc.h>
#include <kern/zalloc.h>
-#include <kern/lock.h>
-#include <kern/wait_queue.h>
#include <kern/sched_prim.h>
#if CONFIG_MACF
ARG_SET_VALID(ar, ARG_LEN);
}
+void
+audit_arg_fd2(struct kaudit_record *ar, int fd)
+{
+
+ ar->k_ar.ar_arg_fd2 = fd;
+ ARG_SET_VALID(ar, ARG_FD2);
+}
+
void
audit_arg_fd(struct kaudit_record *ar, int fd)
{
ar->k_ar.ar_arg_asid = my_cred->cr_audit.as_aia_p->ai_asid;
bcopy(&my_cred->cr_audit.as_aia_p->ai_termid,
&ar->k_ar.ar_arg_termid_addr, sizeof(au_tid_addr_t));
- ar->k_ar.ar_arg_euid = my_cred->cr_uid;
- ar->k_ar.ar_arg_egid = my_cred->cr_groups[0];
- ar->k_ar.ar_arg_ruid = my_cred->cr_ruid;
- ar->k_ar.ar_arg_rgid = my_cred->cr_rgid;
+ ar->k_ar.ar_arg_euid = kauth_cred_getuid(my_cred);
+ ar->k_ar.ar_arg_egid = kauth_cred_getgid(my_cred);
+ ar->k_ar.ar_arg_ruid = kauth_cred_getruid(my_cred);
+ ar->k_ar.ar_arg_rgid = kauth_cred_getrgid(my_cred);
kauth_cred_unref(&my_cred);
ar->k_ar.ar_arg_pid = p->p_pid;
ARG_SET_VALID(ar, ARG_AUID | ARG_EUID | ARG_EGID | ARG_RUID |
audit_arg_sockaddr(struct kaudit_record *ar, struct vnode *cwd_vp,
struct sockaddr *sa)
{
- int slen;
struct sockaddr_un *sun;
char path[SOCK_MAXADDRLEN - offsetof(struct sockaddr_un, sun_path) + 1];
if (cwd_vp == NULL || sa == NULL)
return;
- bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sa->sa_len);
+ if (sa->sa_len > sizeof(ar->k_ar.ar_arg_sockaddr))
+ bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sizeof(ar->k_ar.ar_arg_sockaddr));
+ else
+ bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sa->sa_len);
+
switch (sa->sa_family) {
case AF_INET:
ARG_SET_VALID(ar, ARG_SADDRINET);
case AF_UNIX:
sun = (struct sockaddr_un *)sa;
- slen = sun->sun_len - offsetof(struct sockaddr_un, sun_path);
-
- if (slen >= 0) {
+ if (sun->sun_len > offsetof(struct sockaddr_un, sun_path)) {
/*
* Make sure the path is NULL-terminated
*/
- if (sun->sun_path[slen] != 0) {
- bcopy(sun->sun_path, path, slen);
- path[slen] = 0;
- audit_arg_upath(ar, cwd_vp, path, ARG_UPATH1);
- } else {
- audit_arg_upath(ar, cwd_vp, sun->sun_path,
- ARG_UPATH1);
- }
+ strlcpy(path, sun->sun_path, sizeof(path));
+ audit_arg_upath(ar, cwd_vp, path, ARG_UPATH1);
}
ARG_SET_VALID(ar, ARG_SADDRUNIX);
break;
struct sockaddr_in *sin;
struct sockaddr_in6 *sin6;
- switch (fp->f_fglob->fg_type) {
+ switch (FILEGLOB_DTYPE(fp->f_fglob)) {
case DTYPE_VNODE:
/* case DTYPE_FIFO: */
audit_arg_vnpath_withref(ar,
case DTYPE_SOCKET:
so = (struct socket *)fp->f_fglob->fg_data;
- if (INP_CHECK_SOCKAF(so, PF_INET)) {
+ if (SOCK_CHECK_DOM(so, PF_INET)) {
if (so->so_pcb == NULL)
break;
ar->k_ar.ar_arg_sockinfo.sai_type =
so->so_type;
- ar->k_ar.ar_arg_sockinfo.sai_domain =
- INP_SOCKAF(so);
- ar->k_ar.ar_arg_sockinfo.sai_protocol =
- so->so_proto->pr_protocol;
+ ar->k_ar.ar_arg_sockinfo.sai_domain = SOCK_DOM(so);
+ ar->k_ar.ar_arg_sockinfo.sai_protocol = SOCK_PROTO(so);
pcb = (struct inpcb *)so->so_pcb;
sin = (struct sockaddr_in *)
&ar->k_ar.ar_arg_sockinfo.sai_faddr;
sin->sin_port = pcb->inp_lport;
ARG_SET_VALID(ar, ARG_SOCKINFO);
}
- if (INP_CHECK_SOCKAF(so, PF_INET6)) {
+ if (SOCK_CHECK_DOM(so, PF_INET6)) {
if (so->so_pcb == NULL)
break;
ar->k_ar.ar_arg_sockinfo.sai_type =
so->so_type;
- ar->k_ar.ar_arg_sockinfo.sai_domain =
- INP_SOCKAF(so);
- ar->k_ar.ar_arg_sockinfo.sai_protocol =
- so->so_proto->pr_protocol;
+ ar->k_ar.ar_arg_sockinfo.sai_domain = SOCK_DOM(so);
+ ar->k_ar.ar_arg_sockinfo.sai_protocol = SOCK_PROTO(so);
pcb = (struct inpcb *)so->so_pcb;
sin6 = (struct sockaddr_in6 *)
&ar->k_ar.ar_arg_sockinfo.sai_faddr;
projects / apple / xnu.git / blobdiff