| #
272461 |
|
02-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of
the 10.1-RELEASE process.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| #
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| #
180709 |
|
22-Jul-2008 |
rwatson |
Generally avoid <space><tab> as a white space anomoly.
Obtained from: Apple Inc.
MFC after: 3 days
|
| #
178186 |
|
13-Apr-2008 |
rwatson |
Use __FBSDID() for $FreeBSD$ IDs in the audit code.
MFC after: 3 days
|
| #
176749 |
|
02-Mar-2008 |
rwatson |
Rather than copying out the full audit trigger record, which includes
a queue entry field, just copy out the unsigned int that is the trigger
message. In practice, auditd always requested sizeof(unsigned int), so
the extra bytes were ignored, but copying them out was not the intent.
MFC after: 1 month
|
| #
176686 |
|
01-Mar-2008 |
rwatson |
Rename globally exposed symbol send_trigger() to audit_send_trigger().
MFC after: 1 month
|
| #
170687 |
|
13-Jun-2007 |
rwatson |
Close a very narrow race that might cause a trigger allocation to be
leaked if a trigger is delivered as the trigger device is closed.
Obtained from: TrustedBSD Project
|
| #
165604 |
|
28-Dec-2006 |
rwatson |
Update a number of comments:
- Replace XXX with Note: in several cases where observations are made about
future functionality rather than problems or bugs.
- Remove an XXX comment about byte order and au_to_ip() -- IP headers must
be submitted in network byte order. Add a comment to this effect.
- Mention that we don't implement select/poll for /dev/audit.
Obtained from: TrustedBSD Project
|
| #
159414 |
|
08-Jun-2006 |
rwatson |
Prefer C to C++ comments per style(9).
Perforce CID: 98826
Obtained from: TrustedBSD Project
|
| #
156845 |
|
18-Mar-2006 |
rwatson |
Merge perforce change 93199:
Change send_trigger() prototype to return an int, so that user
space callers can tell if the message was successfully placed
in the trigger queue. This isn't quite the same as it being
successfully received, but is close enough that we can generate
a more useful warning message in audit(8).
Obtained from: TrustedBSD Project
|
| #
155192 |
|
01-Feb-2006 |
rwatson |
Import kernel audit framework:
- Management of audit state on processes.
- Audit system calls to configure process and system audit state.
- Reliable audit record queue implementation, audit_worker kernel
thread to asynchronously store records on disk.
- Audit event argument.
- Internal audit data structure -> BSM audit trail conversion library.
- Audit event pre-selection.
- Audit pseudo-device permitting kernel->user upcalls to notify auditd
of kernel audit events.
Much work by: wsalamon
Obtained from: TrustedBSD Project, Apple Computer, Inc.
|