mirror of
https://github.com/opnsense/src.git
synced 2026-02-03 20:49:35 -05:00
b04cafe569
syscallenter() has a slow path to handle syscall auditing and dtrace syscall tracing. It uses AUDIT_SYSCALL_ENTER() to check whether to take the slow path, but this macro also has side effects: it writes the audit log entry. When systrace (dtrace syscall tracing) is enabled, this would get short-circuited, and we end up not writing audit log entries. Introduce a pure macro to check whether auditing is enabled, use it in syscallenter() instead of AUDIT_SYSCALL_ENTER(). Approved by: so Security: FreeBSD-EN-25:02.audit Reviewed by: kib Reported by: Joe Duin <jd@firexfly.com> Fixes: |
||
|---|---|---|
| .. | ||
| audit | ||
| mac | ||
| mac_biba | ||
| mac_bsdextended | ||
| mac_ddb | ||
| mac_ifoff | ||
| mac_ipacl | ||
| mac_lomac | ||
| mac_mls | ||
| mac_none | ||
| mac_ntpd | ||
| mac_partition | ||
| mac_pimd | ||
| mac_portacl | ||
| mac_priority | ||
| mac_seeotheruids | ||
| mac_stub | ||
| mac_test | ||
| mac_veriexec | ||
| mac_veriexec_parser | ||