Changeset View
Changeset View
Standalone View
Standalone View
head/sys/security/audit/audit_worker.c
| /*- | /*- | ||||
| * SPDX-License-Identifier: BSD-3-Clause | * SPDX-License-Identifier: BSD-3-Clause | ||||
| * | * | ||||
| * Copyright (c) 1999-2008 Apple Inc. | * Copyright (c) 1999-2008 Apple Inc. | ||||
| * Copyright (c) 2006-2008, 2016 Robert N. M. Watson | * Copyright (c) 2006-2008, 2016, 2018 Robert N. M. Watson | ||||
| * All rights reserved. | * All rights reserved. | ||||
| * | * | ||||
| * Portions of this software were developed by BAE Systems, the University of | * Portions of this software were developed by BAE Systems, the University of | ||||
| * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL | * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL | ||||
| * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent | * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent | ||||
| * Computing (TC) research program. | * Computing (TC) research program. | ||||
| * | * | ||||
| * Redistribution and use in source and binary forms, with or without | * Redistribution and use in source and binary forms, with or without | ||||
| ▲ Show 20 Lines • Show All 286 Lines • ▼ Show 20 Lines | fail_enospc: | ||||
| * this can reflect either our preemptive detection of insufficient | * this can reflect either our preemptive detection of insufficient | ||||
| * space, or ENOSPC returned by the vnode write call. | * space, or ENOSPC returned by the vnode write call. | ||||
| */ | */ | ||||
| if (audit_fail_stop) { | if (audit_fail_stop) { | ||||
| audit_worker_sync_vp(vp, mp, | audit_worker_sync_vp(vp, mp, | ||||
| "Audit log space exhausted and fail-stop set."); | "Audit log space exhausted and fail-stop set."); | ||||
| } | } | ||||
| (void)audit_send_trigger(AUDIT_TRIGGER_NO_SPACE); | (void)audit_send_trigger(AUDIT_TRIGGER_NO_SPACE); | ||||
| audit_suspended = 1; | audit_trail_suspended = 1; | ||||
| audit_syscalls_enabled_update(); | |||||
| /* FALLTHROUGH */ | /* FALLTHROUGH */ | ||||
| fail: | fail: | ||||
| /* | /* | ||||
| * We have failed to write to the file, so the current record is | * We have failed to write to the file, so the current record is | ||||
| * lost, which may require an immediate system halt. | * lost, which may require an immediate system halt. | ||||
| */ | */ | ||||
| if (audit_panic_on_write_fail) { | if (audit_panic_on_write_fail) { | ||||
| ▲ Show 20 Lines • Show All 196 Lines • ▼ Show 20 Lines | audit_rotate_vnode(struct ucred *cred, struct vnode *vp) | ||||
| */ | */ | ||||
| AUDIT_WORKER_LOCK(); | AUDIT_WORKER_LOCK(); | ||||
| old_audit_cred = audit_cred; | old_audit_cred = audit_cred; | ||||
| old_audit_vp = audit_vp; | old_audit_vp = audit_vp; | ||||
| audit_cred = cred; | audit_cred = cred; | ||||
| audit_vp = vp; | audit_vp = vp; | ||||
| audit_size = vattr.va_size; | audit_size = vattr.va_size; | ||||
| audit_file_rotate_wait = 0; | audit_file_rotate_wait = 0; | ||||
| audit_enabled = (audit_vp != NULL); | audit_trail_enabled = (audit_vp != NULL); | ||||
| audit_syscalls_enabled_update(); | |||||
| AUDIT_WORKER_UNLOCK(); | AUDIT_WORKER_UNLOCK(); | ||||
| /* | /* | ||||
| * If there was an old vnode/credential, close and free. | * If there was an old vnode/credential, close and free. | ||||
| */ | */ | ||||
| if (old_audit_vp != NULL) { | if (old_audit_vp != NULL) { | ||||
| vn_close(old_audit_vp, AUDIT_CLOSE_FLAGS, old_audit_cred, | vn_close(old_audit_vp, AUDIT_CLOSE_FLAGS, old_audit_cred, | ||||
| curthread); | curthread); | ||||
| Show All 15 Lines | |||||