Bug 182521 - [openbsm] [patch] BSM subsystem modifications
Summary: [openbsm] [patch] BSM subsystem modifications
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 9.0-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-09-30 20:50 UTC by Chariton Karamitas
Modified: 2017-12-31 22:23 UTC (History)
0 users

See Also:


Attachments
file.diff (30.66 KB, patch)
2013-09-30 20:50 UTC, Chariton Karamitas
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Chariton Karamitas 2013-09-30 20:50:00 UTC
As part of my diploma thesis at the engineering department, I modified
the audit subsystem to return the lwpid of the audited thread in the
subject token of an audit record. Normally, the kernel produces records
which only contain the sid and pid; this makes the process of separating
record streams coming from different threads of a multithreaded application
a hard (or even impossible) task. Hopefully, the attached patch can be
used to bypass this limitation, however it comes at a price; modifications
are required in kernel land as well as in userland. I understand that
deciding to merge these changes in the FreeBSD code base is a hard choice
for many reasons (quality standards, number of affected components and so
on), nevertheless, the patch may be helpful for people building tools on
top of the audit mechanism :)

The patch also adds missing AUDIT_ARG_*() macros in certain network related
system calls like bind().

If you have any questions/suggestions, I can be reached at the mail
address specified in this message. Alternatively, you can talk to my
supervisor who is also a member at the FreeBSD forums: George Mamalakis
<mamalos@eng.auth.gr>

Fix: Patch attached with submission follows:
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:00:48 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped