From 5fa69ff0151ee425246714f9a7805caf0690af3a Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Sun, 10 Jul 2016 14:17:36 +0000 Subject: [PATCH] In process-descriptor close(2) and fstat(2), audit target process information. pgkill(2) already audits target process ID. MFC after: 3 days Sponsored by: DARPA, AFRL --- sys/kern/sys_procdesc.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/sys/kern/sys_procdesc.c b/sys/kern/sys_procdesc.c index 37139c1243a..f9f8adf531a 100644 --- a/sys/kern/sys_procdesc.c +++ b/sys/kern/sys_procdesc.c @@ -1,10 +1,15 @@ /*- - * Copyright (c) 2009 Robert N. M. Watson + * Copyright (c) 2009, 2016 Robert N. M. Watson * All rights reserved. * * This software was developed at the University of Cambridge Computer * Laboratory with support from a grant from Google, Inc. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -383,6 +388,7 @@ procdesc_close(struct file *fp, struct thread *td) sx_xunlock(&proctree_lock); } else { PROC_LOCK(p); + AUDIT_ARG_PROCESS(p); if (p->p_state == PRS_ZOMBIE) { /* * If the process is already dead and just awaiting @@ -529,6 +535,7 @@ procdesc_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, sx_slock(&proctree_lock); if (pd->pd_proc != NULL) { PROC_LOCK(pd->pd_proc); + AUDIT_ARG_PROCESS(pd->pd_proc); /* Set birth and [acm] times to process start time. */ pstart = pd->pd_proc->p_stats->p_start;