From 6e8525ce844f3defa3ed698fb239d43ba940ebce Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Sun, 5 Feb 2006 21:06:09 +0000 Subject: [PATCH] When GC'ing a thread, assert that it has no active audit record. This should not happen, but with this assert, brueffer and I would not have spent 45 minutes trying to figure out why he wasn't seeing audit records with the audit version in CVS. Obtained from: TrustedBSD Project --- sys/kern/kern_thread.c | 4 +++- sys/security/audit/audit.c | 10 ++++++++++ sys/security/audit/audit.h | 1 + 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_thread.c b/sys/kern/kern_thread.c index 2777ca72469..d36ae2e5e06 100644 --- a/sys/kern/kern_thread.c +++ b/sys/kern/kern_thread.c @@ -172,7 +172,9 @@ thread_dtor(void *mem, int size, void *arg) /* NOTREACHED */ } #endif - +#ifdef AUDIT + audit_thread_free(td); +#endif free_unr(tid_unrhdr, td->td_tid); sched_newthread(td); } diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index 1d3c3e61abc..5d431b14d86 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -1025,6 +1025,16 @@ audit_thread_alloc(struct thread *td) td->td_ar = NULL; } +/* + * Thread destruction. + */ +void +audit_thread_free(struct thread *td) +{ + + KASSERT(td->td_ar == NULL, ("audit_thread_free: td_ar != NULL")); +} + /* * Initialize the audit information for the a process, presumably the first * process in the system. diff --git a/sys/security/audit/audit.h b/sys/security/audit/audit.h index 7421f0df3e0..d471c9c3580 100644 --- a/sys/security/audit/audit.h +++ b/sys/security/audit/audit.h @@ -180,6 +180,7 @@ void audit_proc_fork(struct proc *parent, struct proc *child); void audit_proc_free(struct proc *p); void audit_thread_alloc(struct thread *td); +void audit_thread_free(struct thread *td); /* * Define a macro to wrap the audit_arg_* calls by checking the global