From owner-p4-projects@FreeBSD.ORG Sun Feb 5 00:42:42 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 934F016A422; Sun, 5 Feb 2006 00:42:41 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D6F416A423 for ; Sun, 5 Feb 2006 00:42:41 +0000 (GMT) (envelope-from wsalamon@computer.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 04EEC43D46 for ; Sun, 5 Feb 2006 00:42:40 +0000 (GMT) (envelope-from wsalamon@computer.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k150gdNe073471 for ; Sun, 5 Feb 2006 00:42:39 GMT (envelope-from wsalamon@computer.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k150gdWF073468 for perforce@freebsd.org; Sun, 5 Feb 2006 00:42:39 GMT (envelope-from wsalamon@computer.org) Date: Sun, 5 Feb 2006 00:42:39 GMT Message-Id: <200602050042.k150gdWF073468@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to wsalamon@computer.org using -f From: Wayne Salamon To: Perforce Change Reviews Cc: Subject: PERFORCE change 91134 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Feb 2006 00:42:42 -0000 http://perforce.freebsd.org/chv.cgi?CH=91134 Change 91134 by wsalamon@gretsch on 2006/02/05 00:42:13 Have the audit test library load the kernel event->class mapping table at init time. Affected files ... .. //depot/projects/trustedbsd/audit3/tools/regression/audit/test/include/audittest.h#5 edit .. //depot/projects/trustedbsd/audit3/tools/regression/audit/test/lib/audittest.c#5 edit Differences ... ==== //depot/projects/trustedbsd/audit3/tools/regression/audit/test/include/audittest.h#5 (text+ko) ==== @@ -52,7 +52,7 @@ /* * Function that will set up the process audit information. */ -void aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, +int aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, unsigned int flags); /* @@ -75,7 +75,11 @@ #define AUT_INIT() do { \ assert(argc == 2); \ - aut_init(__FILE__, AUDIT_CLASSES, AUDIT_CLASSES, strtol(argv[1], NULL, 16)); \ + if (aut_init(__FILE__, AUDIT_CLASSES, AUDIT_CLASSES, \ + strtol(argv[1], NULL, 16)) != 0) { \ + fprintf(stderr, "Unable to initialize.\n"); \ + exit (-1); \ + } \ } while(0) #define AUT_PRINTF(args...) do { \ ==== //depot/projects/trustedbsd/audit3/tools/regression/audit/test/lib/audittest.c#5 (text+ko) ==== @@ -40,6 +40,49 @@ int aut_verbose; char logfile[MAXPATHLEN + 1]; +/* + * Set the event to class mapping in the kernel. + */ +static int +set_kernel_classmap(void) +{ + au_event_ent_t ev, *evp; + au_evclass_map_t evc_map; + int ctr = 0; + + /* + * Process the audit event file, obtaining a class mapping for each + * event, and send that mapping into the kernel. + */ + ev.ae_name = (char *)malloc(AU_EVENT_NAME_MAX); + ev.ae_desc = (char *)malloc(AU_EVENT_DESC_MAX); + if ((ev.ae_name == NULL) || (ev.ae_desc == NULL)) { + fprintf(stderr, + "Memory allocation error when configuring audit controls.\n"); + return (-1); + } + evp = &ev; + setauevent(); + while ((evp = getauevent_r(evp)) != NULL) { + evc_map.ec_number = evp->ae_number; + evc_map.ec_class = evp->ae_class; + if (auditon(A_SETCLASS, &evc_map, sizeof(au_evclass_map_t)) + != 0) + fprintf(stderr, + "Failed to register class mapping for event %s.\n", + evp->ae_name); + else + ctr++; + } + endauevent(); + free(ev.ae_name); + free(ev.ae_desc); + if (ctr == 0) + fprintf(stderr, "No events to class mappings registered.\n"); + + return (0); +} + /* * Open the audit log file and tell the kernel. */ @@ -92,12 +135,19 @@ * Initialization routine to set the audit log file, process audit masks, * and verbosity levels. */ -void aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, +int +aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, unsigned int flags) { + if (set_kernel_classmap() != 0) { + fprintf(stderr, "Unable to set kernel event->class map.\n"); + return (-1); + } aut_verbose = flags; aut_logfile(prefix); aut_mask(succ_mask, fail_mask); + + return (0); } /*