diff options
| author | Christian S.J. Peron <csjp@FreeBSD.org> | 2008-01-28 17:33:46 +0000 |
|---|---|---|
| committer | Christian S.J. Peron <csjp@FreeBSD.org> | 2008-01-28 17:33:46 +0000 |
| commit | c52a5088386eab220047e15f6f4e0fb93d55fd46 (patch) | |
| tree | 49378956877585251aa6e5d868acda47a9e5e2c8 /sys/security | |
| parent | 0aeee4bd8a0d2fe6b4c0e7598f342b984f8a3ee9 (diff) | |
| download | src-c52a5088386eab220047e15f6f4e0fb93d55fd46.tar.gz src-c52a5088386eab220047e15f6f4e0fb93d55fd46.zip | |
Make sure that the termid type is initialized to AU_IPv4 by default.
This makes sure that process tokens credentials with un-initialized
audit contexts are handled correctly. Currently, when invariants are
enabled, this change fixes a panic by ensuring that we have a valid
termid family. Also, this fixes token generation for process tokens
making sure that userspace is always getting a valid token.
This is consistent with what Solaris does when an audit context is
un-initialized.
Obtained from: TrustedBSD Project
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=175763
Diffstat (limited to 'sys/security')
| -rw-r--r-- | sys/security/audit/audit.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index 68747b8691a2..34de1d0b9f50 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -551,6 +551,7 @@ audit_cred_kproc0(struct ucred *cred) { cred->cr_audit.ai_auid = AU_DEFAUDITID; + cred->cr_audit.ai_termid.at_type = AU_IPv4; } void @@ -558,6 +559,7 @@ audit_cred_proc1(struct ucred *cred) { cred->cr_audit.ai_auid = AU_DEFAUDITID; + cred->cr_audit.ai_termid.at_type = AU_IPv4; } void |