upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-08 08:12:27 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

In process-descriptor close(2) and fstat(2), audit target process

Browse source 
information.  pgkill(2) already audits target process ID.

MFC after:	3 days
Sponsored by:	DARPA, AFRL
This commit is contained in:
Robert Watson 2016-07-10 14:17:36 +00:00
parent e5ec733909
commit 5fa69ff015
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
sys/kern/sys_procdesc.c
View file

@ -1,10 +1,15 @@
/*-
* Copyright (c) 2009 Robert N. M. Watson
* Copyright (c) 2009, 2016 Robert N. M. Watson
* All rights reserved.
*
* This software was developed at the University of Cambridge Computer
* Laboratory with support from a grant from Google, Inc.
*
* Portions of this software were developed by BAE Systems, the University of
* Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
* contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
* Computing (TC) research program.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@ -383,6 +388,7 @@ procdesc_close(struct file *fp, struct thread *td)
sx_xunlock(&proctree_lock);
} else {
PROC_LOCK(p);
AUDIT_ARG_PROCESS(p);
if (p->p_state == PRS_ZOMBIE) {
/*
* If the process is already dead and just awaiting
@ -529,6 +535,7 @@ procdesc_stat(struct file *fp, struct stat *sb, struct ucred *active_cred,
sx_slock(&proctree_lock);
if (pd->pd_proc != NULL) {
PROC_LOCK(pd->pd_proc);
AUDIT_ARG_PROCESS(pd->pd_proc);
/* Set birth and [acm] times to process start time. */
pstart = pd->pd_proc->p_stats->p_start;