From owner-p4-projects@FreeBSD.ORG  Thu Jun  1 22:13:50 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id D6C5116C5BC; Thu,  1 Jun 2006 22:13:43 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8AC1316C522
	for <perforce@freebsd.org>; Thu,  1 Jun 2006 22:13:41 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AAC9E43D58
	for <perforce@freebsd.org>; Thu,  1 Jun 2006 22:13:38 +0000 (GMT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k51MCA8X093262
	for <perforce@freebsd.org>; Thu, 1 Jun 2006 22:12:10 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k51MCA1x093259
	for perforce@freebsd.org; Thu, 1 Jun 2006 22:12:10 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Thu, 1 Jun 2006 22:12:10 GMT
Message-Id: <200606012212.k51MCA1x093259@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 98281 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jun 2006 22:14:03 -0000

http://perforce.freebsd.org/chv.cgi?CH=98281

Change 98281 by rwatson@rwatson_zoo on 2006/06/01 22:11:59

	Modify auditfilterd to separately handle pipe files vs. audit trail
	files, as their buffering semantics are quite different.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#6 edit
.. //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#3 edit
.. //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#2 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#6 (text+ko) ====

@@ -25,10 +25,11 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#6 $
  */
 
 #include <sys/types.h>
+#include <sys/stat.h>
 #include <sys/time.h>
 
 #include <config/config.h>
@@ -66,12 +67,14 @@
 usage(void)
 {
 
-	fprintf(stderr, "auditfilterd [-c conffile] [-d] [-t trailfile]\n");
+	fprintf(stderr, "auditfilterd [-c conffile] [-d] [-p pipefile]"
+	    " [-t trailfile]\n");
 	fprintf(stderr, "  -c    Specify configuration file (default: %s)\n",
 	    AUDITFILTERD_CONFFILE);
 	fprintf(stderr, "  -d    Debugging mode, don't daemonize\n");
-	fprintf(stderr, "  -t    Specify audit trail file (default: %s)",
-	    AUDITFILTERD_TRAILFILE);
+	fprintf(stderr, "  -p    Specify pipe file (default: %s)\n",
+	    AUDITFILTERD_PIPEFILE);
+	fprintf(stderr, "  -t    Specify audit trail file (default: none)\n");
 	exit(-1);
 }
 
@@ -147,7 +150,7 @@
  * them to modules for processing.
  */
 static void
-mainloop(const char *conffile, const char *trailfile, FILE *trail_fp)
+mainloop_file(const char *conffile, const char *trailfile, FILE *trail_fp)
 {
 	struct timespec ts;
 	FILE *conf_fp;
@@ -184,10 +187,8 @@
 		 * more at the right blocking and signal behavior here.
 		 */
 		reclen = au_read_rec(trail_fp, &buf);
-		if (reclen == -1) {
-			sleep(1);
+		if (reclen == -1)
 			continue;
-		}
 		if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
 			err(-1, "clock_gettime");
 		present_bsmrecord(&ts, buf, reclen);
@@ -196,16 +197,68 @@
 	}
 }
 
+/*
+ * The main loop spins pulling records out of the record source and passing
+ * them to modules for processing.  This version of the function accepts
+ * discrete record input from a file descriptor, as opposed to buffered input
+ * from a file stream.
+ */
+static void
+mainloop_pipe(const char *conffile, const char *pipefile, int pipe_fd)
+{
+	u_char record[MAX_AUDIT_RECORD_SIZE];
+	struct timespec ts;
+	FILE *conf_fp;
+	int reclen;
+
+	while (1) {
+		/*
+		 * On SIGHUP, we reread the configuration file.  Unlike with
+		 * a trail file, we don't reopen the pipe, as we don't want
+		 * to miss records which will be flushed if we do.
+		 */
+		if (reread_config) {
+			reread_config = 0;
+			warnx("rereading configuration");
+			conf_fp = fopen(conffile, "r");
+			if (conf_fp == NULL)
+				err(-1, "%s", conffile);
+			auditfilterd_conf(conffile, conf_fp);
+			fclose(conf_fp);
+		}
+		if (quit) {
+			warnx("quitting");
+			break;
+		}
+
+		/*
+		 * For now, be relatively unrobust about incomplete records,
+		 * but in the future will want to do better.  Need to look
+		 * more at the right blocking and signal behavior here.
+		 */
+		reclen = read(pipe_fd, record, MAX_AUDIT_RECORD_SIZE);
+		if (reclen < 0)
+			continue;
+		if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
+			err(-1, "clock_gettime");
+		present_bsmrecord(&ts, record, reclen);
+		present_tokens(&ts, record, reclen);
+	}
+}
+
 int
 main(int argc, char *argv[])
 {
-	const char *trailfile, *conffile;
+	const char *pipefile, *trailfile, *conffile;
 	FILE *trail_fp, *conf_fp;
+	struct stat sb;
+	int pipe_fd;
 	int ch;
 
 	conffile = AUDITFILTERD_CONFFILE;
-	trailfile = AUDITFILTERD_TRAILFILE;
-	while ((ch = getopt(argc, argv, "c:dt:")) != -1) {
+	trailfile = NULL;
+	pipefile = NULL;
+	while ((ch = getopt(argc, argv, "c:dp:t:")) != -1) {
 		switch (ch) {
 		case 'c':
 			conffile = optarg;
@@ -216,9 +269,17 @@
 			break;
 
 		case 't':
+			if (trailfile != NULL || pipefile != NULL)
+				usage();
 			trailfile = optarg;
 			break;
 
+		case 'p':
+			if (pipefile != NULL || trailfile != NULL)
+				usage();
+			pipefile = optarg;
+			break;
+
 		default:
 			usage();
 		}
@@ -230,9 +291,26 @@
 	if (argc != 0)
 		usage();
 
-	trail_fp = fopen(trailfile, "r");
-	if (trail_fp == NULL)
-		err(-1, "%s", trailfile);
+	/*
+	 * We allow only one of a pipe or a trail to be used.  If none is
+	 * specified, we provide a default pipe path.
+	 */
+	if (pipefile == NULL && trailfile == NULL)
+		pipefile = AUDITFILTERD_PIPEFILE;
+
+	if (pipefile != NULL) {
+		pipe_fd = open(pipefile, O_RDONLY);
+		if (pipe_fd < 0)
+			err(-1, "open:%s", pipefile);
+		if (fstat(pipe_fd, &sb) < 0)
+			err(-1, "stat: %s", pipefile);
+		if (!S_ISCHR(sb.st_mode))
+			errx(-1, "fstat: %s not device", pipefile);
+	} else {
+		trail_fp = fopen(trailfile, "r");
+		if (trail_fp == NULL)
+			err(-1, "%s", trailfile);
+	}
 
 	conf_fp = fopen(conffile, "r");
 	if (conf_fp == NULL)
@@ -253,7 +331,10 @@
 	signal(SIGQUIT, signal_handler);
 	signal(SIGTERM, signal_handler);
 
-	mainloop(conffile, trailfile, trail_fp);
+	if (pipefile != NULL)
+		mainloop_pipe(conffile, pipefile, pipe_fd);
+	else
+		mainloop_file(conffile, trailfile, trail_fp);
 
 	auditfilterd_conf_shutdown();
 	return (0);

==== //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#3 (text+ko) ====

@@ -25,11 +25,11 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#2 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#3 $
  */
 
 #define	AUDITFILTERD_CONFFILE	"/etc/security/audit_filter"
-#define	AUDITFILTERD_TRAILFILE	"/dev/auditpipe"
+#define	AUDITFILTERD_PIPEFILE	"/dev/auditpipe"
 
 /*
  * Limit on the number of arguments that can appear in an audit_filterd

==== //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#2 (text+ko) ====

@@ -25,7 +25,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#1 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#2 $
  */
 
 #ifndef _BSM_AUDIT_FILTER_H_
@@ -48,7 +48,7 @@
 typedef int (*audit_filter_attach_t)(void **instance, int argc, char *argv[]);
 typedef int (*audit_filter_reinit_t)(void *instance, int argc, char *argv[]);
 typedef void (*audit_filter_record_t)(void *instance, struct timespec *ts,
-	    int token_count, const tokenstr_t *tok[]);
+	    int token_count, const tokenstr_t tok[]);
 typedef void (*audit_filter_bsmrecord_t)(void *instance, struct timespec *ts,
 	    void *data, u_int len);
 typedef void (*audit_filter_detach_t)(void *instance);