The BSM API generally manages deallocation of
Vt token_t
objects.
However, if
au_write3
is passed a bad audit descriptor, the
Vt token_t *
parameter will be left untouched.
In that case, the caller can deallocate the
Vt token_t
using
au_free_token ();
if desired.
The
Fa tok
argument is a
Vt token_t *
generated by one of the
au_to_ (*);
BSM API calls.
For convenience,
Fa tok
may be
NULL
in which case
au_free_token ();
returns immediately.
IMPLEMENTATION NOTES
This is, in fact, what
audit_write3
does, in keeping with the existing memory management model of the BSM API.
The OpenBSM implementation was created by McAfee Research, the security
division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
AUTHORS
An -nosplit
This software was created by
An Robert Watson ,
An Wayne Salamon ,
and
An Suresh Krishnaswamy
for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.
