aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPawel Jakub Dawidek <pjd@FreeBSD.org>2013-02-07 00:36:00 +0000
committerPawel Jakub Dawidek <pjd@FreeBSD.org>2013-02-07 00:36:00 +0000
commitfbda3d5daeeb730a49d025b614b35a32f0319718 (patch)
treecf3e7517ddf4f41639a8da8e8aa920c9973ce335
parent82b316b3775c965f91a098a6478af8d143bc361a (diff)
downloadsrc-fbda3d5daeeb730a49d025b614b35a32f0319718.tar.gz
src-fbda3d5daeeb730a49d025b614b35a32f0319718.zip
Audit sockaddr argument for bind(2), connect(2), accept(2), sendto(2) and
recvfrom(2) syscalls. Sponsored by: The FreeBSD Foundation
Notes
Notes: svn path=/head/; revision=246448
-rw-r--r--sys/kern/uipc_syscalls.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index 7d9586bd7c3c..665eb6df0f47 100644
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@@ -238,6 +238,7 @@ kern_bind(td, fd, sa)
int error;
AUDIT_ARG_FD(fd);
+ AUDIT_ARG_SOCKADDR(td, sa);
error = getsock_cap(td->td_proc->p_fd, fd, CAP_BIND, &fp, NULL);
if (error)
return (error);
@@ -452,6 +453,7 @@ kern_accept(struct thread *td, int s, struct sockaddr **name,
*namelen = 0;
goto done;
}
+ AUDIT_ARG_SOCKADDR(td, sa);
if (name) {
/* check sa_len before it is destroyed */
if (*namelen > sa->sa_len)
@@ -547,6 +549,7 @@ kern_connect(td, fd, sa)
int interrupted = 0;
AUDIT_ARG_FD(fd);
+ AUDIT_ARG_SOCKADDR(td, sa);
error = getsock_cap(td->td_proc->p_fd, fd, CAP_CONNECT, &fp, NULL);
if (error)
return (error);
@@ -763,8 +766,10 @@ kern_sendit(td, s, mp, flags, control, segflg)
AUDIT_ARG_FD(s);
rights = CAP_WRITE;
- if (mp->msg_name != NULL)
+ if (mp->msg_name != NULL) {
+ AUDIT_ARG_SOCKADDR(td, mp->msg_name);
rights |= CAP_CONNECT;
+ }
error = getsock_cap(td->td_proc->p_fd, s, rights, &fp, NULL);
if (error)
return (error);
@@ -1009,6 +1014,8 @@ kern_recvit(td, s, mp, fromseg, controlp)
error == EINTR || error == EWOULDBLOCK))
error = 0;
}
+ if (fromsa != NULL)
+ AUDIT_ARG_SOCKADDR(td, fromsa);
#ifdef KTRACE
if (ktruio != NULL) {
ktruio->uio_resid = len - auio.uio_resid;