diff options
Diffstat (limited to 'usr/src/uts/sparc/os/syscall.c')
| -rw-r--r-- | usr/src/uts/sparc/os/syscall.c | 66 |
1 files changed, 57 insertions, 9 deletions
diff --git a/usr/src/uts/sparc/os/syscall.c b/usr/src/uts/sparc/os/syscall.c index 4bb8851d9e..6157f6addd 100644 --- a/usr/src/uts/sparc/os/syscall.c +++ b/usr/src/uts/sparc/os/syscall.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2009 Sun Microsystems, Inc. All rights reserved. + * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -452,14 +452,20 @@ pre_syscall(int arg0) return (1); /* don't do system call, return EINTR */ } - if (audit_active) { /* begin auditing for this syscall */ - int error; - if (error = audit_start(T_SYSCALL, code, 0, lwp)) { - t->t_pre_sys = 1; /* repost anyway */ - lwp->lwp_error = 0; /* for old drivers */ - return (error); + /* begin auditing for this syscall */ + if (audit_active == C2AUDIT_LOADED) { + uint32_t auditing = au_zone_getstate(NULL); + + if (auditing & AU_AUDIT_MASK) { + int error; + if (error = audit_start(T_SYSCALL, code, auditing, \ + 0, lwp)) { + t->t_pre_sys = 1; /* repost anyway */ + lwp->lwp_error = 0; /* for old drivers */ + return (error); + } + repost = 1; } - repost = 1; } #ifndef NPROBE @@ -550,7 +556,8 @@ post_syscall(long rval1, long rval2) if (code == 0) goto sig_check; - if (audit_active) { /* put out audit record for this syscall */ + /* put out audit record for this syscall */ + if (AU_AUDITING()) { rval_t rval; /* fix audit_finish() someday */ /* XX64 -- truncation of 64-bit return values? */ @@ -1166,6 +1173,47 @@ set_all_proc_sys() } /* + * set_all_zone_usr_proc_sys - set pre- and post-syscall processing flags for + * all user processes running in the zone of the current process + * + * This is needed when auditing is turned on. + */ +void +set_all_zone_usr_proc_sys(zoneid_t zoneid) +{ + proc_t *p; + kthread_t *t; + + mutex_enter(&pidlock); + for (p = practive; p != NULL; p = p->p_next) { + /* skip kernel processes */ + if (p->p_exec == NULLVP || p->p_as == &kas || + p->p_stat == SIDL || p->p_stat == SZOMB || + (p->p_flag & (SSYS | SEXITING | SEXITLWPS))) + continue; + /* + * Only processes in the given zone (eventually in + * all zones) are taken into account + */ + if (zoneid == ALL_ZONES || p->p_zone->zone_id == zoneid) { + mutex_enter(&p->p_lock); + if ((t = p->p_tlist) == NULL) + continue; + /* + * Set pre- and post-syscall processing flags + * for all threads of the process + */ + do { + t->t_pre_sys = 1; + t->t_post_sys = 1; + } while (p->p_tlist != (t = t->t_forw)); + mutex_exit(&p->p_lock); + } + } + mutex_exit(&pidlock); +} + +/* * set_proc_ast - Set asynchronous service trap (AST) flag for all * threads in process. */ |