xnu-4903.241.1.tar.gz

[apple/xnu.git] / bsd / vfs / vfs_syscalls.c

diff --git a/bsd/vfs/vfs_syscalls.c b/bsd/vfs/vfs_syscalls.c
index 767d352c6993af8969b2a1f37520912eee24e5a7..4e24c8489976e4450c21a541fb8ace87ba2bb3a0 100644 (file)
--- a/bsd/vfs/vfs_syscalls.c
+++ b/bsd/vfs/vfs_syscalls.c
@@ -4375,7 +4375,7 @@ linkat_internal(vfs_context_t ctx, int fd1, user_addr_t path, int fd2,
 #if CONFIG_FSE
        fse_info finfo;
 #endif
-       int need_event, has_listeners;
+       int need_event, has_listeners, need_kpath2;
        char *target_path = NULL;
        int truncated=0;
 
@@ -4471,7 +4471,14 @@ linkat_internal(vfs_context_t ctx, int fd1, user_addr_t path, int fd2,
 #endif
        has_listeners = kauth_authorize_fileop_has_listeners();
 
-       if (need_event || has_listeners) {
+       need_kpath2 = 0;
+#if CONFIG_AUDIT
+       if (AUDIT_RECORD_EXISTS()) {
+               need_kpath2 = 1;
+       }
+#endif
+
+       if (need_event || has_listeners || need_kpath2) {
                char *link_to_path = NULL;
                int len, link_name_len;
 
@@ -4484,6 +4491,8 @@ linkat_internal(vfs_context_t ctx, int fd1, user_addr_t path, int fd2,
 
                len = safe_getpath(dvp, nd.ni_cnd.cn_nameptr, target_path, MAXPATHLEN, &truncated);
 
+               AUDIT_ARG(kpath, target_path, ARG_KPATH2);
+
                if (has_listeners) {
                        /* build the path to file we are linking to */
                        GET_PATH(link_to_path);
@@ -7317,6 +7326,8 @@ renameat_internal(vfs_context_t ctx, int fromfd, user_addr_t from,
        int retry_count;
        int mntrename;
        int need_event;
+       int need_kpath2;
+       int has_listeners;
        const char *oname = NULL;
        char *from_name = NULL, *to_name = NULL;
        int from_len=0, to_len=0;
@@ -7439,7 +7450,16 @@ continue_lookup:
        need_event = 0;
 #endif /* CONFIG_FSE */
 
-       if (need_event || kauth_authorize_fileop_has_listeners()) {
+       has_listeners = kauth_authorize_fileop_has_listeners();
+
+       need_kpath2 = 0;
+#if CONFIG_AUDIT
+       if (AUDIT_RECORD_EXISTS()) {
+               need_kpath2 = 1;
+       }
+#endif
+
+       if (need_event || has_listeners) {
                if (from_name == NULL) {
                        GET_PATH(from_name);
                        if (from_name == NULL) {
@@ -7449,7 +7469,9 @@ continue_lookup:
                }
 
                from_len = safe_getpath(fdvp, fromnd->ni_cnd.cn_nameptr, from_name, MAXPATHLEN, &from_truncated);
+       }
 
+       if (need_event || need_kpath2 || has_listeners) {
                if (to_name == NULL) {
                        GET_PATH(to_name);
                        if (to_name == NULL) {
@@ -7459,6 +7481,9 @@ continue_lookup:
                }
 
                to_len = safe_getpath(tdvp, tond->ni_cnd.cn_nameptr, to_name, MAXPATHLEN, &to_truncated);
+               if (to_name && need_kpath2) {
+                       AUDIT_ARG(kpath, to_name, ARG_KPATH2);
+               }
        }
        if (!fvp) {
                /*