Linda Walsh wrote:
>
> This patch implements the following:
> 2 system calls
> int setaudit_id(uid_t);
> if (!capable(CAP_AUDIT_CONTROL) (a posix capability))
> errno=EPERM, returns -1;
> if == -1, generate a new sess_id (64 bit value) and set process's
> sess_id
> else set 'luid' for the process
> returns 0 on success;
> long long getaudit_id(id);
> id == 1 - return process's luid
> id == 2 - return process's sess_id
> else return -1 and errno=EINVAL;
>
> Preferred Calling method via the defines (in include/linux/audit.h):
> int setluid(uid_t)
> int newsess_id()
> uid_t getluid()
> long long getsess_id()
>
> The linux/audit.h includes an implementation dependant asm/audit.h. I created
> these as empty files on the non-i386 platforms so no one would get build errors.
>
> The initial internal kernel value of sessid is 0x1 0000 0000.
> A call to get_sessid before a newsess_id on a process will return 0 (unitialized).
> The first newsess_id on the system will set the process's sess_id to 0x100000001.
> Subsequent newsess_id's will increment values from there.
Do we really need another syscall interface for this? If we really do,
then the syscall tables should be seperate. Otherwise, calling a 32-bit
syscall with syscall64 leaves %edx with random data.
However, I think that this syscall should be implemented by passing a
pointer and using put_user() to return it to user space, at least on
32-bit architectures. Other 32-bit arches may not have multiple ways to
enter the kernel like the x86 does.
--Brian Gerst
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun May 07 2000 - 21:00:09 EST