Bug 229696 - Misplaced negation symbol in auditon(2)'s A_SETPOLICY cmd option
Summary: Misplaced negation symbol in auditon(2)'s A_SETPOLICY cmd option
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs (Nobody)
Depends on:
Reported: 2018-07-11 11:56 UTC by Aniket Pandey
Modified: 2018-07-11 16:41 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Aniket Pandey 2018-07-11 11:56:19 UTC
The system code for auditon(2)'s A_{GET/SET}POLICY command confirms whether user submitted only the allowed values for A_{SET/GET}POLICY by the following method:

	return (EINVAL);

That is: If a bit other than the 4 mentioned above is submitted, we'll get EINVAL.

However, The negation bit is misplaced for "udata.au_policy64" case:

	return (EINVAL);

This returns EINVAL almost everytime. The only occasion when I got a success was passing 0 as the flags, which is not recommended if the system already has some of the flags set.

Try this piece of code. If your system has any of the flags set, you'll probably get EINVAL too.

#include <bsm/audit.h>
#include <stdio.h>

void main(){
        int auditpolicy;
        auditon(A_GETPOLICY, &auditpolicy, sizeof(&auditpolicy));
        printf("retrieved policy = %d\n", auditpolicy);
        int retval = auditon(A_SETPOLICY, &auditpolicy, sizeof(&auditpolicy));
        if (retval < 0)

Fix: review D16222