Page MenuHomeFreeBSD
Differential D15702

Correct the bit-value of ARG_TERMID_ADDR in sys/security/audit/audit-private.h
ClosedPublic
Actions

Authored by aniketp on Jun 8 2018, 3:50 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 12, 10:40 AM
Unknown Object (File)
Tue, Nov 12, 5:25 AM
Unknown Object (File)
Sun, Nov 3, 3:17 AM
Unknown Object (File)
Sun, Oct 27, 4:31 AM
Unknown Object (File)
Oct 2 2024, 7:27 AM
Unknown Object (File)
Oct 1 2024, 3:38 AM
Unknown Object (File)
Sep 24 2024, 8:50 AM
Unknown Object (File)
Sep 24 2024, 6:02 AM
View All Files
Subscribers
imp

Details

Reviewers
asomers
rwatson
Commits
rS349087: MFC r335060
rS335060: audit(4): fix the definition of ARG_TERMID_ADDR
Summary

The definition of "ARG_TERMID_ADDR" macro assigns it a value of 0x0000000000400000ULL
which is already assigned to "ARG_SADDRUNIX" a line above.

Current state:

#define	ARG_SADDRUNIX		0x0000000000400000ULL
#define	ARG_TERMID_ADDR		0x0000000000400000ULL

Here, ARG_TERMID_ADDR should be 0x0000000000800000ULL

This change was accidentally introduced in rS168688.

Bug Report: 228820

Test Plan

Not needed

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

aniketp created this revision.Jun 8 2018, 3:50 AM
Harbormaster completed remote builds in B17089: Diff 43443.Jun 8 2018, 3:50 AM
aniketp updated this revision to Diff 43444.Jun 8 2018, 3:56 AM

Typo correction in audit.c: covert -> convert

Harbormaster completed remote builds in B17090: Diff 43444.Jun 8 2018, 3:56 AM
aniketp mentioned this in D15681: Initialize "ar_errno" and "ar_retval" fields of struct audit_record to 0.Jun 8 2018, 4:04 AM
asomers added a comment.Jun 8 2018, 2:48 PM

The two comment typo fixes should not be part of this review, because they're unrelated. For minor things like comment typos it's fine to include them in another change to the same file, but I wouldn't throw them into a change in another file. Also, I disagree with the assertion that no testing is needed. I think this change deserves a regression test for all related audit events. That would be kill, pdkill, thr_kill, thr_kill2, ptrace, linux_tkill, and auditinfo_addr. But you haven't written tests for any of those yet. Let's hold off merging this DR until you've tested a few of those other syscalls.

aniketp updated this revision to Diff 43468.Jun 8 2018, 6:34 PM

Remove the typo corrections from this review.

Also, about testing the events mentioned above, I have already tested ptrace here:
ptrace_success
I'll work on creating tests for kill and killpg. And none of the other events mentioned are auditable.
e.g pdkill, linux_tkill auditaddr_info, thr_kill, thr_kill2 could not be audited as expected since they
are not mentioned in the ar->ar_event in sys/security/audit/audit_bsm.c

Harbormaster completed remote builds in B17105: Diff 43468.Jun 8 2018, 6:34 PM
aniketp added a comment.Jun 13 2018, 3:47 AM

@asomers can this be landed? I've confirmed the successful regression test for ptrace(2) after changing the bit value and rebuilding the kernel. (Rest of the syscalls you mentioned are not auditable in FreeBSD)

asomers accepted this revision.Jun 13 2018, 2:53 PM
This revision is now accepted and ready to land.Jun 13 2018, 2:53 PM
Closed by commit rS335060: audit(4): fix the definition of ARG_TERMID_ADDR (authored by asomers). · Explain WhyJun 13 2018, 2:55 PM
This revision was automatically updated to reflect the committed changes.
Herald added a subscriber: imp. · View Herald TranscriptJun 13 2018, 2:55 PM
asomers added a commit: rS349087: MFC r335060.Jun 15 2019, 11:00 PM

Revision Contents
Changeset List

PathSize
head/
sys/
security/
audit/
2 lines

Diff 43709

View Options

head/sys/security/audit/audit_private.h

Loading...