svn commit: r357912 - in head/sys: kern security/audit sys

Fri, 14 Feb 2020 05:09:48 -0800 

Author: mjg
Date: Fri Feb 14 13:09:41 2020
New Revision: 357912
URL: https://svnweb.freebsd.org/changeset/base/357912

Log:
  Merge audit and systrace checks
  
  This further shortens the syscall routine by not having to re-check after
  the system call.

Modified:
  head/sys/kern/subr_syscall.c
  head/sys/security/audit/audit.h
  head/sys/sys/sysent.h

Modified: head/sys/kern/subr_syscall.c
==============================================================================
--- head/sys/kern/subr_syscall.c        Fri Feb 14 13:08:46 2020        
(r357911)
+++ head/sys/kern/subr_syscall.c        Fri Feb 14 13:09:41 2020        
(r357912)
@@ -131,15 +131,6 @@ syscallenter(struct thread *td)
                goto retval;
        }
 
-#ifdef KDTRACE_HOOKS
-       /* Give the syscall:::entry DTrace probe a chance to fire. */
-       if (__predict_false(systrace_enabled && sa->callp->sy_entry != 0))
-               (*systrace_probe_func)(sa, SYSTRACE_ENTRY, 0);
-#endif
-
-       /* Let system calls set td_errno directly. */
-       td->td_pflags &= ~TDP_NERRNO;
-
        /*
         * Fetch fast sigblock value at the time of syscall
         * entry because sleepqueue primitives might call
@@ -147,20 +138,32 @@ syscallenter(struct thread *td)
         */
        fetch_sigfastblock(td);
 
-       AUDIT_SYSCALL_ENTER(sa->code, td);
-       error = (sa->callp->sy_call)(td, sa->args);
-       AUDIT_SYSCALL_EXIT(error, td);
+       /* Let system calls set td_errno directly. */
+       td->td_pflags &= ~TDP_NERRNO;
 
-       /* Save the latest error return value. */
-       if (__predict_false((td->td_pflags & TDP_NERRNO) == 0))
-               td->td_errno = error;
-
+       if (__predict_false(systrace_enabled || AUDIT_SYSCALL_ENTER(sa->code, 
td))) {
 #ifdef KDTRACE_HOOKS
-       /* Give the syscall:::return DTrace probe a chance to fire. */
-       if (__predict_false(systrace_enabled && sa->callp->sy_return != 0))
-               (*systrace_probe_func)(sa, SYSTRACE_RETURN,
-                   error ? -1 : td->td_retval[0]);
+               /* Give the syscall:::entry DTrace probe a chance to fire. */
+               if (__predict_false(sa->callp->sy_entry != 0))
+                       (*systrace_probe_func)(sa, SYSTRACE_ENTRY, 0);
 #endif
+               error = (sa->callp->sy_call)(td, sa->args);
+               /* Save the latest error return value. */
+               if (__predict_false((td->td_pflags & TDP_NERRNO) == 0))
+                       td->td_errno = error;
+               AUDIT_SYSCALL_EXIT(error, td);
+#ifdef KDTRACE_HOOKS
+               /* Give the syscall:::return DTrace probe a chance to fire. */
+               if (__predict_false(sa->callp->sy_return != 0))
+                       (*systrace_probe_func)(sa, SYSTRACE_RETURN,
+                           error ? -1 : td->td_retval[0]);
+#endif
+       } else {
+               error = (sa->callp->sy_call)(td, sa->args);
+               /* Save the latest error return value. */
+               if (__predict_false((td->td_pflags & TDP_NERRNO) == 0))
+                       td->td_errno = error;
+       }
        syscall_thread_exit(td, sa->callp);
 
  retval:

Modified: head/sys/security/audit/audit.h
==============================================================================
--- head/sys/security/audit/audit.h     Fri Feb 14 13:08:46 2020        
(r357911)
+++ head/sys/security/audit/audit.h     Fri Feb 14 13:09:41 2020        
(r357912)
@@ -377,11 +377,14 @@ void       audit_thread_free(struct thread *td);
                audit_arg_vnode2((vp));                                 \
 } while (0)
 
-#define        AUDIT_SYSCALL_ENTER(code, td)   do {                            
\
+#define        AUDIT_SYSCALL_ENTER(code, td)   ({                              
\
+       bool _audit_entered = false;                                    \
        if (__predict_false(audit_syscalls_enabled)) {                  \
                audit_syscall_enter(code, td);                          \
+               _audit_entered = true;                                  \
        }                                                               \
-} while (0)
+       _audit_entered;                                                 \
+})
 
 /*
  * Wrap the audit_syscall_exit() function so that it is called only when
@@ -449,7 +452,7 @@ void         audit_thread_free(struct thread *td);
 #define        AUDIT_ARG_VNODE1(vp)
 #define        AUDIT_ARG_VNODE2(vp)
 
-#define        AUDIT_SYSCALL_ENTER(code, td)
+#define        AUDIT_SYSCALL_ENTER(code, td)   0
 #define        AUDIT_SYSCALL_EXIT(error, td)
 
 #define        AUDIT_SYSCLOSE(p, fd)

Modified: head/sys/sys/sysent.h
==============================================================================
--- head/sys/sys/sysent.h       Fri Feb 14 13:08:46 2020        (r357911)
+++ head/sys/sys/sysent.h       Fri Feb 14 13:09:41 2020        (r357912)
@@ -54,7 +54,11 @@ typedef      void    (*systrace_probe_func_t)(struct 
syscall_a
 typedef        void    (*systrace_args_func_t)(int, void *, uint64_t *, int *);
 
 #ifdef _KERNEL
+#ifdef KDTRACE_HOOKS
 extern bool                    systrace_enabled;
+#else
+#define systrace_enabled       0
+#endif
 #endif
 extern systrace_probe_func_t   systrace_probe_func;
 
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to