Page MenuHomeFreeBSD
Files F133064649

D441.id794.diff
No OneTemporary
Actions

D441.id794.diff
View Options

Index: sys/security/audit/audit_pipe.c
===================================================================
--- sys/security/audit/audit_pipe.c
+++ sys/security/audit/audit_pipe.c
@@ -205,6 +205,7 @@
#define AUDIT_PIPE_LIST_LOCK_INIT() rw_init(&audit_pipe_lock, \
"audit_pipe_list_lock")
+#define AUDIT_PIPE_LIST_LOCK_DESTROY() rw_destroy(&audit_pipe_lock)
#define AUDIT_PIPE_LIST_RLOCK() rw_rlock(&audit_pipe_lock)
#define AUDIT_PIPE_LIST_RUNLOCK() rw_runlock(&audit_pipe_lock)
#define AUDIT_PIPE_LIST_WLOCK() rw_wlock(&audit_pipe_lock)
@@ -213,11 +214,11 @@
#define AUDIT_PIPE_LIST_WUNLOCK() rw_wunlock(&audit_pipe_lock)
/*
- * Cloning related variables and constants.
+ * Audit pipe device.
*/
-#define AUDIT_PIPE_NAME "auditpipe"
-static eventhandler_tag audit_pipe_eh_tag;
-static struct clonedevs *audit_pipe_clones;
+static struct cdev *audit_pipe_dev;
+
+#define AUDIT_PIPE_NAME "auditpipe"
/*
* Special device methods and definition.
@@ -231,7 +232,6 @@
static struct cdevsw audit_pipe_cdevsw = {
.d_version = D_VERSION,
- .d_flags = D_NEEDMINOR,
.d_open = audit_pipe_open,
.d_close = audit_pipe_close,
.d_read = audit_pipe_read,
@@ -572,8 +572,6 @@
{
struct audit_pipe *ap;
- AUDIT_PIPE_LIST_WLOCK_ASSERT();
-
ap = malloc(sizeof(*ap), M_AUDIT_PIPE, M_NOWAIT | M_ZERO);
if (ap == NULL)
return (NULL);
@@ -599,9 +597,11 @@
/*
* Add to global list and update global statistics.
*/
+ AUDIT_PIPE_LIST_WLOCK();
TAILQ_INSERT_HEAD(&audit_pipe_list, ap, ap_list);
audit_pipe_count++;
audit_pipe_ever++;
+ AUDIT_PIPE_LIST_WUNLOCK();
return (ap);
}
@@ -653,28 +653,17 @@
audit_pipe_count--;
}
-/*
- * Audit pipe clone routine -- provide specific requested audit pipe, or a
- * fresh one if a specific one is not requested.
- */
static void
-audit_pipe_clone(void *arg, struct ucred *cred, char *name, int namelen,
- struct cdev **dev)
+audit_pipe_dtor(void *arg)
{
- int i, u;
-
- if (*dev != NULL)
- return;
-
- if (strcmp(name, AUDIT_PIPE_NAME) == 0)
- u = -1;
- else if (dev_stdclone(name, NULL, AUDIT_PIPE_NAME, &u) != 1)
- return;
+ struct audit_pipe *ap;
- i = clone_create(&audit_pipe_clones, &audit_pipe_cdevsw, &u, dev, 0);
- if (i)
- *dev = make_dev_credf(MAKEDEV_REF, &audit_pipe_cdevsw, u, cred,
- UID_ROOT, GID_WHEEL, 0600, "%s%d", AUDIT_PIPE_NAME, u);
+ ap = arg;
+ AUDIT_PIPE_LIST_WLOCK();
+ AUDIT_PIPE_LOCK(ap);
+ ap->ap_open = 0;
+ audit_pipe_free(ap);
+ AUDIT_PIPE_LIST_WUNLOCK();
}
/*
@@ -686,24 +675,21 @@
audit_pipe_open(struct cdev *dev, int oflags, int devtype, struct thread *td)
{
struct audit_pipe *ap;
+ int error;
- AUDIT_PIPE_LIST_WLOCK();
- ap = dev->si_drv1;
+ ap = audit_pipe_alloc();
if (ap == NULL) {
- ap = audit_pipe_alloc();
- if (ap == NULL) {
- AUDIT_PIPE_LIST_WUNLOCK();
- return (ENOMEM);
- }
- dev->si_drv1 = ap;
- } else {
- KASSERT(ap->ap_open, ("audit_pipe_open: ap && !ap_open"));
- AUDIT_PIPE_LIST_WUNLOCK();
- return (EBUSY);
+ return (ENOMEM);
}
+ dev->si_drv1 = ap;
ap->ap_open = 1; /* No lock required yet. */
- AUDIT_PIPE_LIST_WUNLOCK();
fsetown(td->td_proc->p_pid, &ap->ap_sigio);
+ error = devfs_set_cdevpriv(ap, audit_pipe_dtor);
+ if (error != 0) {
+ AUDIT_PIPE_LIST_WLOCK();
+ audit_pipe_free(ap);
+ AUDIT_PIPE_LIST_WUNLOCK();
+ }
return (0);
}
@@ -714,18 +700,16 @@
audit_pipe_close(struct cdev *dev, int fflag, int devtype, struct thread *td)
{
struct audit_pipe *ap;
+ int error;
- ap = dev->si_drv1;
+ error = devfs_get_cdevpriv((void **)&ap);
+ if (error != 0)
+ return (error);
KASSERT(ap != NULL, ("audit_pipe_close: ap == NULL"));
KASSERT(ap->ap_open, ("audit_pipe_close: !ap_open"));
funsetown(&ap->ap_sigio);
- AUDIT_PIPE_LIST_WLOCK();
- AUDIT_PIPE_LOCK(ap);
- ap->ap_open = 0;
- audit_pipe_free(ap);
dev->si_drv1 = NULL;
- AUDIT_PIPE_LIST_WUNLOCK();
return (0);
}
@@ -743,7 +727,9 @@
int error, mode;
au_id_t auid;
- ap = dev->si_drv1;
+ error = devfs_get_cdevpriv((void **)&ap);
+ if (error != 0)
+ return (error);
KASSERT(ap != NULL, ("audit_pipe_ioctl: ap == NULL"));
/*
@@ -948,7 +934,9 @@
u_int toread;
int error;
- ap = dev->si_drv1;
+ error = devfs_get_cdevpriv((void **)&ap);
+ if (error != 0)
+ return (error);
KASSERT(ap != NULL, ("audit_pipe_read: ap == NULL"));
/*
@@ -1026,10 +1014,12 @@
audit_pipe_poll(struct cdev *dev, int events, struct thread *td)
{
struct audit_pipe *ap;
- int revents;
+ int error, revents;
revents = 0;
- ap = dev->si_drv1;
+ error = devfs_get_cdevpriv((void **)&ap);
+ if (error != 0)
+ return (error);
KASSERT(ap != NULL, ("audit_pipe_poll: ap == NULL"));
if (events & (POLLIN | POLLRDNORM)) {
@@ -1050,8 +1040,11 @@
audit_pipe_kqfilter(struct cdev *dev, struct knote *kn)
{
struct audit_pipe *ap;
+ int error;
- ap = dev->si_drv1;
+ error = devfs_get_cdevpriv((void **)&ap);
+ if (error != 0)
+ return (error);
KASSERT(ap != NULL, ("audit_pipe_kqfilter: ap == NULL"));
if (kn->kn_filter != EVFILT_READ)
@@ -1112,12 +1105,13 @@
TAILQ_INIT(&audit_pipe_list);
AUDIT_PIPE_LIST_LOCK_INIT();
-
- clone_setup(&audit_pipe_clones);
- audit_pipe_eh_tag = EVENTHANDLER_REGISTER(dev_clone,
- audit_pipe_clone, 0, 1000);
- if (audit_pipe_eh_tag == NULL)
- panic("audit_pipe_init: EVENTHANDLER_REGISTER");
+ /* XXXDAVIDE: credentials */
+ audit_pipe_dev = make_dev(&audit_pipe_cdevsw, 0, UID_ROOT,
+ GID_WHEEL, 0600, "%s", AUDIT_PIPE_NAME);
+ if (audit_pipe_dev == NULL) {
+ AUDIT_PIPE_LIST_LOCK_DESTROY();
+ panic("Can't initialize audit pipe subsystem");
+ }
}
SYSINIT(audit_pipe_init, SI_SUB_DRIVERS, SI_ORDER_MIDDLE, audit_pipe_init,

File Metadata

Mime Type
text/plain
Expires
Thu, Oct 23, 3:23 PM (11 h, 44 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
24094115
Default Alt Text
D441.id794.diff (5 KB)

Event Timeline