Date: Sun, 5 Feb 2006 00:42:39 GMT From: Wayne Salamon <wsalamon@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 91134 for review Message-ID: <200602050042.k150gdWF073468@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=91134 Change 91134 by wsalamon@gretsch on 2006/02/05 00:42:13 Have the audit test library load the kernel event->class mapping table at init time. Affected files ... .. //depot/projects/trustedbsd/audit3/tools/regression/audit/test/include/audittest.h#5 edit .. //depot/projects/trustedbsd/audit3/tools/regression/audit/test/lib/audittest.c#5 edit Differences ... ==== //depot/projects/trustedbsd/audit3/tools/regression/audit/test/include/audittest.h#5 (text+ko) ==== @@ -52,7 +52,7 @@ /* * Function that will set up the process audit information. */ -void aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, +int aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, unsigned int flags); /* @@ -75,7 +75,11 @@ #define AUT_INIT() do { \ assert(argc == 2); \ - aut_init(__FILE__, AUDIT_CLASSES, AUDIT_CLASSES, strtol(argv[1], NULL, 16)); \ + if (aut_init(__FILE__, AUDIT_CLASSES, AUDIT_CLASSES, \ + strtol(argv[1], NULL, 16)) != 0) { \ + fprintf(stderr, "Unable to initialize.\n"); \ + exit (-1); \ + } \ } while(0) #define AUT_PRINTF(args...) do { \ ==== //depot/projects/trustedbsd/audit3/tools/regression/audit/test/lib/audittest.c#5 (text+ko) ==== @@ -40,6 +40,49 @@ int aut_verbose; char logfile[MAXPATHLEN + 1]; +/* + * Set the event to class mapping in the kernel. + */ +static int +set_kernel_classmap(void) +{ + au_event_ent_t ev, *evp; + au_evclass_map_t evc_map; + int ctr = 0; + + /* + * Process the audit event file, obtaining a class mapping for each + * event, and send that mapping into the kernel. + */ + ev.ae_name = (char *)malloc(AU_EVENT_NAME_MAX); + ev.ae_desc = (char *)malloc(AU_EVENT_DESC_MAX); + if ((ev.ae_name == NULL) || (ev.ae_desc == NULL)) { + fprintf(stderr, + "Memory allocation error when configuring audit controls.\n"); + return (-1); + } + evp = &ev; + setauevent(); + while ((evp = getauevent_r(evp)) != NULL) { + evc_map.ec_number = evp->ae_number; + evc_map.ec_class = evp->ae_class; + if (auditon(A_SETCLASS, &evc_map, sizeof(au_evclass_map_t)) + != 0) + fprintf(stderr, + "Failed to register class mapping for event %s.\n", + evp->ae_name); + else + ctr++; + } + endauevent(); + free(ev.ae_name); + free(ev.ae_desc); + if (ctr == 0) + fprintf(stderr, "No events to class mappings registered.\n"); + + return (0); +} + /* * Open the audit log file and tell the kernel. */ @@ -92,12 +135,19 @@ * Initialization routine to set the audit log file, process audit masks, * and verbosity levels. */ -void aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, +int +aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, unsigned int flags) { + if (set_kernel_classmap() != 0) { + fprintf(stderr, "Unable to set kernel event->class map.\n"); + return (-1); + } aut_verbose = flags; aut_logfile(prefix); aut_mask(succ_mask, fail_mask); + + return (0); } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602050042.k150gdWF073468>