summaryrefslogtreecommitdiff
path: root/usr/src/uts/common/c2/audit_event.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/uts/common/c2/audit_event.c')
-rw-r--r--usr/src/uts/common/c2/audit_event.c111
1 files changed, 58 insertions, 53 deletions
diff --git a/usr/src/uts/common/c2/audit_event.c b/usr/src/uts/common/c2/audit_event.c
index e1ffc61c81..25340134c9 100644
--- a/usr/src/uts/common/c2/audit_event.c
+++ b/usr/src/uts/common/c2/audit_event.c
@@ -5031,10 +5031,15 @@ aui_acl(au_event_t e)
switch (uap->cmd) {
case SETACL:
- /* ok, acl(SETACL, ...) and facl(SETACL, ...) are expected. */
+ case ACE_SETACL:
+ /*
+ * acl(SETACL/ACE_SETACL, ...) and facl(SETACL/ACE_SETACL, ...)
+ * are expected.
+ */
break;
case GETACL:
case GETACLCNT:
+ case ACE_GETACLCNT:
/* do nothing for these two values. */
e = AUE_NULL;
break;
@@ -5046,44 +5051,52 @@ aui_acl(au_event_t e)
return (e);
}
-
-/*ARGSUSED*/
static void
-aus_acl(struct t_audit_data *tad)
+au_acl(int cmd, int nentries, caddr_t bufp)
{
- struct a {
- long fname;
- long cmd;
- long nentries;
- long aclbufp;
- } *uap = (struct a *)ttolwp(curthread)->lwp_ap;
- struct acl *aclbufp;
-
- au_uwrite(au_to_arg32(2, "cmd", (uint32_t)uap->cmd));
- au_uwrite(au_to_arg32(3, "nentries", (uint32_t)uap->nentries));
+ size_t a_size;
+ aclent_t *aclbufp;
+ ace_t *acebufp;
+ int i;
- switch (uap->cmd) {
+ switch (cmd) {
case GETACL:
case GETACLCNT:
break;
case SETACL:
- if (uap->nentries < 3)
+ if (nentries < 3)
break;
- else {
- size_t a_size = uap->nentries * sizeof (struct acl);
- int i;
- aclbufp = kmem_alloc(a_size, KM_SLEEP);
- if (copyin((caddr_t)(uap->aclbufp), aclbufp, a_size)) {
- kmem_free(aclbufp, a_size);
- break;
- }
- for (i = 0; i < uap->nentries; i++) {
- au_uwrite(au_to_acl(aclbufp + i));
- }
+ a_size = nentries * sizeof (aclent_t);
+
+ if ((aclbufp = kmem_alloc(a_size, KM_SLEEP)) == NULL)
+ break;
+ if (copyin(bufp, aclbufp, a_size)) {
kmem_free(aclbufp, a_size);
break;
}
+ for (i = 0; i < nentries; i++) {
+ au_uwrite(au_to_acl(aclbufp + i));
+ }
+ kmem_free(aclbufp, a_size);
+ break;
+
+ case ACE_SETACL:
+ if (nentries < 1 || nentries > MAX_ACL_ENTRIES)
+ break;
+
+ a_size = nentries * sizeof (ace_t);
+ if ((acebufp = kmem_alloc(a_size, KM_SLEEP)) == NULL)
+ break;
+ if (copyin(bufp, acebufp, a_size)) {
+ kmem_free(acebufp, a_size);
+ break;
+ }
+ for (i = 0; i < nentries; i++) {
+ au_uwrite(au_to_ace(acebufp + i));
+ }
+ kmem_free(acebufp, a_size);
+ break;
default:
break;
}
@@ -5091,6 +5104,23 @@ aus_acl(struct t_audit_data *tad)
/*ARGSUSED*/
static void
+aus_acl(struct t_audit_data *tad)
+{
+ struct a {
+ long fname;
+ long cmd;
+ long nentries;
+ long aclbufp;
+ } *uap = (struct a *)ttolwp(curthread)->lwp_ap;
+
+ au_uwrite(au_to_arg32(2, "cmd", (uint32_t)uap->cmd));
+ au_uwrite(au_to_arg32(3, "nentries", (uint32_t)uap->nentries));
+
+ au_acl(uap->cmd, uap->nentries, (caddr_t)uap->aclbufp);
+}
+
+/*ARGSUSED*/
+static void
aus_facl(struct t_audit_data *tad)
{
struct a {
@@ -5102,7 +5132,6 @@ aus_facl(struct t_audit_data *tad)
struct file *fp;
struct vnode *vp;
struct f_audit_data *fad;
- struct acl *aclbufp;
int fd;
au_uwrite(au_to_arg32(2, "cmd", (uint32_t)uap->cmd));
@@ -5127,31 +5156,7 @@ aus_facl(struct t_audit_data *tad)
/* decrement file descriptor reference count */
releasef(fd);
- switch (uap->cmd) {
- case GETACL:
- case GETACLCNT:
- break;
- case SETACL:
- if (uap->nentries < 3)
- break;
- else {
- size_t a_size = uap->nentries * sizeof (struct acl);
- int i;
-
- aclbufp = kmem_alloc(a_size, KM_SLEEP);
- if (copyin((caddr_t)(uap->aclbufp), aclbufp, a_size)) {
- kmem_free(aclbufp, a_size);
- break;
- }
- for (i = 0; i < uap->nentries; i++) {
- au_uwrite(au_to_acl(aclbufp + i));
- }
- kmem_free(aclbufp, a_size);
- break;
- }
- default:
- break;
- }
+ au_acl(uap->cmd, uap->nentries, (caddr_t)uap->aclbufp);
}
/*ARGSUSED*/
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-12 17:37:29 +0000