Changeset View
Changeset View
Standalone View
Standalone View
head/sys/security/audit/audit_worker.c
/*- | /*- | ||||
* SPDX-License-Identifier: BSD-3-Clause | * SPDX-License-Identifier: BSD-3-Clause | ||||
* | * | ||||
* Copyright (c) 1999-2008 Apple Inc. | * Copyright (c) 1999-2008 Apple Inc. | ||||
* Copyright (c) 2006-2008, 2016 Robert N. M. Watson | * Copyright (c) 2006-2008, 2016, 2018 Robert N. M. Watson | ||||
* All rights reserved. | * All rights reserved. | ||||
* | * | ||||
* Portions of this software were developed by BAE Systems, the University of | * Portions of this software were developed by BAE Systems, the University of | ||||
* Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL | * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL | ||||
* contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent | * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent | ||||
* Computing (TC) research program. | * Computing (TC) research program. | ||||
* | * | ||||
* Redistribution and use in source and binary forms, with or without | * Redistribution and use in source and binary forms, with or without | ||||
▲ Show 20 Lines • Show All 286 Lines • ▼ Show 20 Lines | fail_enospc: | ||||
* this can reflect either our preemptive detection of insufficient | * this can reflect either our preemptive detection of insufficient | ||||
* space, or ENOSPC returned by the vnode write call. | * space, or ENOSPC returned by the vnode write call. | ||||
*/ | */ | ||||
if (audit_fail_stop) { | if (audit_fail_stop) { | ||||
audit_worker_sync_vp(vp, mp, | audit_worker_sync_vp(vp, mp, | ||||
"Audit log space exhausted and fail-stop set."); | "Audit log space exhausted and fail-stop set."); | ||||
} | } | ||||
(void)audit_send_trigger(AUDIT_TRIGGER_NO_SPACE); | (void)audit_send_trigger(AUDIT_TRIGGER_NO_SPACE); | ||||
audit_suspended = 1; | audit_trail_suspended = 1; | ||||
audit_syscalls_enabled_update(); | |||||
/* FALLTHROUGH */ | /* FALLTHROUGH */ | ||||
fail: | fail: | ||||
/* | /* | ||||
* We have failed to write to the file, so the current record is | * We have failed to write to the file, so the current record is | ||||
* lost, which may require an immediate system halt. | * lost, which may require an immediate system halt. | ||||
*/ | */ | ||||
if (audit_panic_on_write_fail) { | if (audit_panic_on_write_fail) { | ||||
▲ Show 20 Lines • Show All 196 Lines • ▼ Show 20 Lines | audit_rotate_vnode(struct ucred *cred, struct vnode *vp) | ||||
*/ | */ | ||||
AUDIT_WORKER_LOCK(); | AUDIT_WORKER_LOCK(); | ||||
old_audit_cred = audit_cred; | old_audit_cred = audit_cred; | ||||
old_audit_vp = audit_vp; | old_audit_vp = audit_vp; | ||||
audit_cred = cred; | audit_cred = cred; | ||||
audit_vp = vp; | audit_vp = vp; | ||||
audit_size = vattr.va_size; | audit_size = vattr.va_size; | ||||
audit_file_rotate_wait = 0; | audit_file_rotate_wait = 0; | ||||
audit_enabled = (audit_vp != NULL); | audit_trail_enabled = (audit_vp != NULL); | ||||
audit_syscalls_enabled_update(); | |||||
AUDIT_WORKER_UNLOCK(); | AUDIT_WORKER_UNLOCK(); | ||||
/* | /* | ||||
* If there was an old vnode/credential, close and free. | * If there was an old vnode/credential, close and free. | ||||
*/ | */ | ||||
if (old_audit_vp != NULL) { | if (old_audit_vp != NULL) { | ||||
vn_close(old_audit_vp, AUDIT_CLOSE_FLAGS, old_audit_cred, | vn_close(old_audit_vp, AUDIT_CLOSE_FLAGS, old_audit_cred, | ||||
curthread); | curthread); | ||||
Show All 15 Lines |