Page MenuHomeFreeBSD

D34128.id102237.diff
No OneTemporary

D34128.id102237.diff

Index: share/man/man4/filemon.4
===================================================================
--- share/man/man4/filemon.4
+++ share/man/man4/filemon.4
@@ -31,7 +31,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd June 15, 2019
+.Dd February 1, 2022
.Dt FILEMON 4
.Os
.Sh NAME
@@ -51,10 +51,10 @@
.Pp
.Nm
is not intended to be a security auditing tool.
-Many system calls are not tracked and binaries of foreign ABI will not be fully
-audited.
-It is intended for auditing of processes for the purpose of determining its
-dependencies in an efficient and easily parsable format.
+Many system calls are not tracked and binaries using a non-native ABI may not
+be fully audited.
+It is intended for auditing of processes for the purpose of determining their
+dependencies using an efficient and easily parsable format.
An example of this is
.Xr make 1
which uses this module with
@@ -145,6 +145,11 @@
The
.Nm
handle is already associated with a file descriptor.
+.It Bq Er EINVAL
+The file descriptor has an invalid type and cannot be used for
+tracing.
+.It Bq Er EBADF
+The file descriptor is invalid or not opened for writing.
.El
.Pp
The
Index: sys/dev/filemon/filemon.c
===================================================================
--- sys/dev/filemon/filemon.c
+++ sys/dev/filemon/filemon.c
@@ -359,9 +359,10 @@
filemon_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag __unused,
struct thread *td)
{
- int error = 0;
struct filemon *filemon;
+ struct file *fp;
struct proc *p;
+ int error;
if ((error = devfs_get_cdevpriv((void **) &filemon)) != 0)
return (error);
@@ -376,12 +377,21 @@
break;
}
- error = fget_write(td, *(int *)data,
- &cap_pwrite_rights,
- &filemon->fp);
- if (error == 0)
+ error = fget_write(td, *(int *)data, &cap_pwrite_rights, &fp);
+ if (error == 0) {
+ /*
+ * The filemon handle may be passed to another process,
+ * so the underlying file handle must support this.
+ */
+ if ((fp->f_ops->fo_flags & DFLAG_PASSABLE) == 0) {
+ fdrop(fp, curthread);
+ error = EINVAL;
+ break;
+ }
+ filemon->fp = fp;
/* Write the file header. */
filemon_write_header(filemon);
+ }
break;
/* Set the monitored process ID. */

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 24, 11:58 AM (4 h, 18 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
14821447
Default Alt Text
D34128.id102237.diff (2 KB)

Event Timeline