X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/9bccf70c0258c7cac2dcb80011b2a964d884c552..e5568f75972dfc723778653c11cb6b4dc825716a:/bsd/kern/kern_ktrace.c

diff --git a/bsd/kern/kern_ktrace.c b/bsd/kern/kern_ktrace.c
index a4ccca92a..4234c2fbc 100644
--- a/bsd/kern/kern_ktrace.c
+++ b/bsd/kern/kern_ktrace.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2001 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
  *
  * @APPLE_LICENSE_HEADER_START@
  * 
@@ -69,6 +69,9 @@
 #endif
 #include <sys/malloc.h>
 #include <sys/syslog.h>
+#include <sys/ubc.h>
+
+#include <bsm/audit_kernel.h>
 
 #if KTRACE
 static struct ktr_header *ktrgetheader __P((int type));
@@ -298,6 +301,9 @@ ktrace(curp, uap, retval)
 	int error = 0;
 	struct nameidata nd;
 
+	AUDIT_ARG(cmd, uap->ops);
+	AUDIT_ARG(pid, uap->pid);
+	AUDIT_ARG(value, uap->facs);
 	curp->p_traceflag |= KTRFAC_ACTIVE;
 	if (ops != KTROP_CLEAR) {
 		/*
@@ -329,6 +335,9 @@ ktrace(curp, uap, retval)
 					p->p_traceflag = 0;
 					if (tvp != NULL) {
 						p->p_tracep = NULL;
+
+						VOP_CLOSE(vp, FREAD|FWRITE, curp->p_ucred, curp);
+						ubc_rele(tvp);
 						vrele(tvp);
 					}
 				} else
@@ -372,6 +381,7 @@ ktrace(curp, uap, retval)
 			error = ESRCH;
 			goto done;
 		}
+		AUDIT_ARG(process, p);
 		if (descend)
 			ret |= ktrsetchildren(curp, p, ops, facs, vp);
 		else
@@ -416,7 +426,7 @@ utrace(curp, uap, retval)
 	p->p_traceflag |= KTRFAC_ACTIVE;
 	kth = ktrgetheader(KTR_USER);
 	MALLOC(cp, caddr_t, uap->len, M_KTRACE, M_WAITOK);
-	if (!copyin(uap->addr, cp, uap->len)) {
+	if (!copyin((caddr_t)uap->addr, cp, uap->len)) {
 		kth->ktr_buf = cp;
 		kth->ktr_len = uap->len;
 		ktrwrite(p->p_tracep, kth, NULL, KERNEL_FUNNEL);
@@ -448,10 +458,17 @@ ktrops(curp, p, ops, facs, vp)
 			 * if trace file already in use, relinquish
 			 */
 			tvp = p->p_tracep;
+			
+			if (UBCINFOEXISTS(vp))
+			        ubc_hold(vp);
 			VREF(vp);
+
 			p->p_tracep = vp;
-			if (tvp != NULL)
+			if (tvp != NULL) {
+				VOP_CLOSE(tvp, FREAD|FWRITE, p->p_ucred, p);
+			        ubc_rele(tvp);
 				vrele(tvp);
+			}
 		}
 		p->p_traceflag |= facs;
 		if (curp->p_ucred->cr_uid == 0)
@@ -464,6 +481,9 @@ ktrops(curp, p, ops, facs, vp)
 			p->p_traceflag = 0;
 			if (tvp != NULL) {
 				p->p_tracep = NULL;
+
+				VOP_CLOSE(tvp, FREAD|FWRITE, p->p_ucred, p);
+				ubc_rele(tvp);
 				vrele(tvp);
 			}
 		}
@@ -596,6 +616,9 @@ bad:
 		if (p->p_tracep == vp) {
 			p->p_tracep = NULL;
 			p->p_traceflag = 0;
+
+			VOP_CLOSE(vp, FREAD|FWRITE, p->p_ucred, p);
+			ubc_rele(vp);
 			vrele(vp);
 		}
 	}
@@ -638,7 +661,8 @@ ktrcanset(callp, targetp)
 	     target->p_ruid == target->p_svuid &&
 	     caller->p_rgid == target->p_rgid &&	/* XXX */
 	     target->p_rgid == target->p_svgid &&
-	     (targetp->p_traceflag & KTRFAC_ROOT) == 0) ||
+	     (targetp->p_traceflag & KTRFAC_ROOT) == 0 &&
+	     (targetp->p_flag & P_SUGID) == 0) ||
 	     caller->pc_ucred->cr_uid == 0)
 		return (1);