Date: Tue, 3 Mar 2009 01:52:05 GMT From: Stacey Son <sson@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 158608 for review Message-ID: <200903030152.n231q5IR035684@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=158608 Change 158608 by sson@sson_amd64 on 2009/03/03 01:51:56 Add wrapper functions for auditon(2) that will revert back to using old commands if new commands are not supported. Fix au_poltostr() and au_strtopol() to int instead of long for the 'policy' argument. Fix typo in auditpinfo and auditpinfo_addr struct. Add prototypes for audit_session_self() and audit_session_join(). Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#45 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 edit .. //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#43 edit .. //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#9 edit .. //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#30 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#30 edit .. //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#7 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#14 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 $ */ /* * Program to trigger the audit daemon with a message that is either: @@ -54,7 +54,7 @@ #include <unistd.h> -static int send_trigger(unsigned int); +static int send_trigger(int); #ifdef USE_MACH_IPC #include <mach/mach.h> @@ -79,7 +79,7 @@ #endif static int -send_trigger(unsigned int trigger) +send_trigger(int trigger) { mach_port_t serverPort; kern_return_t error; @@ -107,11 +107,11 @@ #else /* ! USE_MACH_IPC */ static int -send_trigger(unsigned int trigger) +send_trigger(int trigger) { int error; - error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)); + error = audit_send_trigger(&trigger); if (error != 0) { if (error == EPERM) perror("audit requires root privileges"); ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#45 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#44 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#45 $ */ #include <sys/types.h> @@ -357,7 +357,7 @@ /* Flush contents. */ cond = AUC_DISABLED; - err_ret = auditon(A_SETCOND, &cond, sizeof(cond)); + err_ret = audit_set_cond(&cond); if (err_ret != 0) { auditd_log_err("Disabling audit failed! : %s", strerror(errno)); err_ret = 1; ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#4 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 $ */ #include <sys/types.h> @@ -180,7 +180,7 @@ { int au_cond; - if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) { + if (audit_get_cond(&au_cond) < 0) { if (errno != ENOSYS) { auditd_log_err("Audit status check failed (%s)", strerror(errno)); ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#3 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 $ */ #include <sys/types.h> @@ -135,7 +135,7 @@ { int au_cond; - if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) { + if (audit_get_cond(&au_cond) < 0) { if (errno != ENOSYS) { auditd_log_err("Audit status check failed (%s)", strerror(errno)); ==== //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#43 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#42 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#43 $ */ #ifndef _LIBBSM_H_ @@ -773,8 +773,8 @@ int verbose); int au_preselect(au_event_t event, au_mask_t *mask_p, int sorf, int flag); -ssize_t au_poltostr(long policy, size_t maxsize, char *buf); -int au_strtopol(const char *polstr, long *policy); +ssize_t au_poltostr(int policy, size_t maxsize, char *buf); +int au_strtopol(const char *polstr, int *policy); /* * Functions relating to querying audit event information. @@ -1262,6 +1262,33 @@ au_tid_t *tidp); #endif /* !__APPLE__ */ +/* + * Wrapper functions to auditon(2). + */ +int audit_get_car(char *path, size_t sz); +int audit_get_class(au_evclass_map_t *evc_map, size_t sz); +int audit_set_class(au_evclass_map_t *evc_map, size_t sz); +int audit_get_cond(int *cond); +int audit_set_cond(int *cond); +int audit_get_cwd(char *path, size_t sz); +int audit_get_fsize(au_fstat_t *fstat, size_t sz); +int audit_set_fsize(au_fstat_t *fstat, size_t sz); +int audit_get_kmask(au_mask_t *kmask, size_t sz); +int audit_set_kmask(au_mask_t *kmask, size_t sz); +int audit_get_kaudit(auditinfo_addr_t *aia, size_t sz); +int audit_set_kaudit(auditinfo_addr_t *aia, size_t sz); +int audit_set_pmask(auditpinfo_t *api, size_t sz); +int audit_get_pinfo(auditpinfo_t *api, size_t sz); +int audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz); +int audit_get_policy(int *policy); +int audit_set_policy(int *policy); +int audit_get_qctrl(au_qctrl_t *qctrl, size_t sz); +int audit_set_qctrl(au_qctrl_t *qctrl, size_t sz); +int audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz); +int audit_get_stat(au_stat_t *stats, size_t sz); +int audit_set_stat(au_stat_t *stats, size_t sz); +int audit_send_trigger(int *trigger); + __END_DECLS #endif /* !_LIBBSM_H_ */ ==== //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#9 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#8 $ + * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#9 $ */ #include <sys/param.h> @@ -247,7 +247,7 @@ */ bzero(&aia, sizeof(aia)); aia.ai_termid.at_type = AU_IPv4; - error = auditon(A_SETKAUDIT, &aia, sizeof(aia)); + error = audit_set_kaudit(&aia, sizeof(aia)); if (error < 0 && errno != ENOSYS) ret = ADE_AUDITON; return (ret); @@ -277,7 +277,7 @@ return (ADE_ADDRFAM); } - if (auditon(A_SETKAUDIT, &aia, sizeof(aia)) < 0) + if (audit_set_kaudit(&aia, sizeof(aia)) < 0) ret = ADE_AUDITON; return (ret); @@ -298,12 +298,12 @@ if (getacmin(&auditd_minval) != 0) return (ADE_PARSE); - if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) + if (audit_get_qctrl(&qctrl, sizeof(qctrl)) != 0) return (ADE_AUDITON); if (qctrl.aq_minfree != auditd_minval) { qctrl.aq_minfree = auditd_minval; - if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) + if (audit_set_qctrl(&qctrl, sizeof(qctrl)) != 0) return (ADE_AUDITON); } @@ -687,7 +687,7 @@ while ((evp = getauevent_r(evp)) != NULL) { evc_map.ec_number = evp->ae_number; evc_map.ec_class = evp->ae_class; - if (auditon(A_SETCLASS, &evc_map, sizeof(evc_map)) == 0) + if (audit_set_class(&evc_map, sizeof(evc_map)) == 0) ctr++; } endauevent(); @@ -713,7 +713,7 @@ (getauditflagsbin(naeventstr, &aumask) != 0)) return (ADE_PARSE); - if (auditon(A_SETKMASK, &aumask, sizeof(aumask))) + if (audit_set_kmask(&aumask, sizeof(aumask)) != 0) return (ADE_AUDITON); return (ADE_NOERR); @@ -737,12 +737,12 @@ if ((getacpol(polstr, POL_STR_SIZE) != 0) || (au_strtopol(polstr, &policy) != 0)) { policy = AUDIT_CNT; - if (auditon(A_SETPOLICY, &policy, sizeof(policy))) + if (audit_set_policy(&policy) != 0) return (ADE_AUDITON); return (ADE_PARSE); } - if (auditon(A_SETPOLICY, &policy, sizeof(policy))) + if (audit_set_policy(&policy) != 0) return (ADE_AUDITON); return (ADE_NOERR); @@ -768,7 +768,7 @@ bzero(&au_fstat, sizeof(au_fstat)); au_fstat.af_filesz = filesz; - if (auditon(A_SETFSIZE, &au_fstat, sizeof(au_fstat)) < 0) + if (audit_set_fsize(&au_fstat, sizeof(au_fstat)) != 0) return (ADE_AUDITON); return (ADE_NOERR); @@ -1133,7 +1133,7 @@ /* * Auditing already disabled? */ - if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0) + if (audit_get_cond(&cond) != 0) return (-1); if (cond == AUC_NOAUDIT) return (0); @@ -1147,7 +1147,7 @@ * Shutdown auditing in the kernel. */ cond = AUC_DISABLED; - if (auditon(A_SETCOND, &cond, sizeof(cond)) != 0) + if (audit_set_cond(&cond) != 0) return (-1); #ifdef __BSM_INTERNAL_NOTIFY_KEY notify_post(__BSM_INTERNAL_NOTIFY_KEY); ==== //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#10 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 $ .\" .Dd April 19, 2005 .Dt AU_CONTROL 3 @@ -64,9 +64,9 @@ .Ft int .Fn getacpol "char *auditstr" "size_t len" .Ft ssize_t -.Fn au_poltostr "long policy" "size_t maxsize" "char *buf" +.Fn au_poltostr "int policy" "size_t maxsize" "char *buf" .Ft int -.Fn au_strtopol "const char *polstr" "long *policy" +.Fn au_strtopol "const char *polstr" "int *policy" .Sh DESCRIPTION These interfaces may be used to look up information from the .Xr audit_control 5 ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 (text+ko) ==== @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#35 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 $ */ #include <sys/types.h> @@ -237,7 +237,7 @@ */ aia.ai_termid.at_type = AU_IPv4; aia.ai_termid.at_addr[0] = INADDR_ANY; - if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) { + if (audit_get_kaudit(&aia, sizeof(aia)) != 0) { if (errno != ENOSYS && errno != EPERM) return (-1); #endif /* HAVE_AUDIT_SYSCALLS */ ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#30 (text+ko) ==== @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2004, 2009 Apple Inc. + * Copyright (c) 2004,2009 Apple Inc. * Copyright (c) 2006 Robert N. M. Watson * All rights reserved. * @@ -27,7 +27,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#29 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#30 $ */ #include <config/config.h> @@ -220,7 +220,7 @@ * nul). */ ssize_t -au_poltostr(long policy, size_t maxsize, char *buf) +au_poltostr(int policy, size_t maxsize, char *buf) { int first = 1; int i = 0; @@ -248,7 +248,7 @@ * ENOMEM) or 0 on success. */ int -au_strtopol(const char *polstr, long *policy) +au_strtopol(const char *polstr, int *policy) { char *bufp, *string; char *buffer; ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#16 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 $ */ /* @@ -77,7 +77,7 @@ return (status); #endif - if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) { + if (audit_get_cond(&au_cond) != 0) { syslog(LOG_ERR, "Initial audit status check failed (%s)", strerror(errno)); if (errno == ENOSYS) /* auditon() unimplemented. */ @@ -137,7 +137,7 @@ return (au_cond); #endif - if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) { + if (audit_get_cond(&au_cond) != 0) { /* XXX Reset au_cond to AUC_UNSET? */ syslog(LOG_ERR, "Audit status check failed (%s)", strerror(errno)); @@ -167,7 +167,7 @@ #else int cond; - if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0) { + if (audit_get_cond(&cond) != 0) { if (errno != ENOSYS) { syslog(LOG_ERR, "Audit status check failed (%s)", strerror(errno)); ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 (text+ko) ==== @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 $ */ #include <sys/types.h> @@ -1503,7 +1503,7 @@ if (gettimeofday(&tm, NULL) == -1) return (NULL); - if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) { + if (audit_get_kaudit(&aia, sizeof(aia)) != 0) { if (errno != ENOSYS) return (NULL); return (au_to_header32_tm(rec_size, e_type, e_mod, tm)); ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#30 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#29 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#30 $ */ #ifdef __APPLE__ @@ -71,7 +71,7 @@ struct auditinfo_addr aia; au_tid_t atid; - if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) { + if (audit_get_cond(&acond) != 0) { /* * If auditon(2) returns ENOSYS, then audit has not been * compiled into the kernel, so just return. @@ -488,3 +488,336 @@ } } #endif /* !__APPLE__ */ + +int +audit_get_cond(int *cond) +{ + int ret; + + ret = auditon(A_GETCOND, cond, sizeof(*cond)); +#ifdef A_OLDGETCOND + if ((0 != ret) && EINVAL == errno) { + long lcond = *cond; + + ret = auditon(A_OLDGETCOND, &lcond, sizeof(lcond)); + *cond = (int)lcond; + } +#endif + return (ret); +} + +int +audit_set_cond(int *cond) +{ + int ret; + + ret = auditon(A_SETCOND, cond, sizeof(*cond)); +#ifdef A_OLDSETCOND + if ((0 != ret) && (EINVAL == errno)) { + long lcond = (long)*cond; + + ret = auditon(A_OLDSETCOND, &lcond, sizeof(lcond)); + *cond = (int)lcond; + } +#endif + return (ret); +} + +int +audit_get_policy(int *policy) +{ + int ret; + + ret = auditon(A_GETPOLICY, policy, sizeof(*policy)); +#ifdef A_OLDGETPOLICY + if ((0 != ret) && (EINVAL == errno)){ + long lpolicy = (long)*policy; + + ret = auditon(A_OLDGETPOLICY, &lpolicy, sizeof(lpolicy)); + *policy = (int)lpolicy; + } +#endif + return (ret); +} + +int +audit_set_policy(int *policy) +{ + int ret; + + ret = auditon(A_SETPOLICY, policy, sizeof(*policy)); +#ifdef A_OLDSETPOLICY + if ((0 != ret) && (EINVAL == errno)){ + long lpolicy = (long)*policy; + + ret = auditon(A_OLDSETPOLICY, &lpolicy, sizeof(lpolicy)); + *policy = (int)lpolicy; + } +#endif + return (ret); +} + +int +audit_get_qctrl(au_qctrl_t *qctrl, size_t sz) +{ + int ret; + + if (sizeof(*qctrl) != sz) { + errno = EINVAL; + return (-1); + } + + ret = auditon(A_GETQCTRL, qctrl, sizeof(*qctrl)); +#ifdef A_OLDGETQCTRL + if ((0 != ret) && (EINVAL == errno)){ + struct old_qctrl { + size_t oq_hiwater; + size_t oq_lowater; + size_t oq_bufsz; + clock_t oq_delay; + int oq_minfree; + } oq; + + oq.oq_hiwater = (size_t)qctrl->aq_hiwater; + oq.oq_lowater = (size_t)qctrl->aq_lowater; + oq.oq_bufsz = (size_t)qctrl->aq_bufsz; + oq.oq_delay = (clock_t)qctrl->aq_delay; + oq.oq_minfree = qctrl->aq_minfree; + + ret = auditon(A_OLDGETQCTRL, &oq, sizeof(oq)); + + qctrl->aq_hiwater = (int)oq.oq_hiwater; + qctrl->aq_lowater = (int)oq.oq_lowater; + qctrl->aq_bufsz = (int)oq.oq_bufsz; + qctrl->aq_delay = (int)oq.oq_delay; + qctrl->aq_minfree = oq.oq_minfree; + } +#endif /* A_OLDGETQCTRL */ + return (ret); +} + +int +audit_set_qctrl(au_qctrl_t *qctrl, size_t sz) +{ + int ret; + + if (sizeof(*qctrl) != sz) { + errno = EINVAL; + return (-1); + } + + ret = auditon(A_SETQCTRL, qctrl, sz); +#ifdef A_OLDSETQCTRL + if ((0 != ret) && (EINVAL == errno)) { + struct old_qctrl { + size_t oq_hiwater; + size_t oq_lowater; + size_t oq_bufsz; + clock_t oq_delay; + int oq_minfree; + } oq; + + oq.oq_hiwater = (size_t)qctrl->aq_hiwater; + oq.oq_lowater = (size_t)qctrl->aq_lowater; + oq.oq_bufsz = (size_t)qctrl->aq_bufsz; + oq.oq_delay = (clock_t)qctrl->aq_delay; + oq.oq_minfree = qctrl->aq_minfree; + + ret = auditon(A_OLDSETQCTRL, &oq, sizeof(oq)); + + qctrl->aq_hiwater = (int)oq.oq_hiwater; + qctrl->aq_lowater = (int)oq.oq_lowater; + qctrl->aq_bufsz = (int)oq.oq_bufsz; + qctrl->aq_delay = (int)oq.oq_delay; + qctrl->aq_minfree = oq.oq_minfree; + } +#endif /* A_OLDSETQCTRL */ + return (ret); +} + +int +audit_send_trigger(int *trigger) +{ + + return (auditon(A_SENDTRIGGER, trigger, sizeof(*trigger))); +} + +int +audit_get_kaudit(auditinfo_addr_t *aia, size_t sz) +{ + + if (sizeof(*aia) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETKAUDIT, aia, sz)); +} + +int +audit_set_kaudit(auditinfo_addr_t *aia, size_t sz) +{ + + if (sizeof(*aia) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_SETKAUDIT, aia, sz)); +} + +int +audit_get_class(au_evclass_map_t *evc_map, size_t sz) +{ + + if (sizeof(*evc_map) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETCLASS, evc_map, sz)); +} + +int +audit_set_class(au_evclass_map_t *evc_map, size_t sz) +{ + + if (sizeof(*evc_map) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_SETCLASS, evc_map, sz)); +} + +int +audit_get_kmask(au_mask_t *kmask, size_t sz) +{ + if (sizeof(*kmask) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETKMASK, kmask, sz)); +} + +int +audit_set_kmask(au_mask_t *kmask, size_t sz) +{ + if (sizeof(*kmask) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_SETKMASK, kmask, sz)); +} + +int +audit_get_fsize(au_fstat_t *fstat, size_t sz) +{ + + if (sizeof(*fstat) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETFSIZE, fstat, sz)); +} + +int +audit_set_fsize(au_fstat_t *fstat, size_t sz) +{ + + if (sizeof(*fstat) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_SETFSIZE, fstat, sz)); +} + +int +audit_set_pmask(auditpinfo_t *api, size_t sz) +{ + + if (sizeof(*api) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_SETPMASK, api, sz)); +} + +int +audit_get_pinfo(auditpinfo_t *api, size_t sz) +{ + + if (sizeof(*api) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETPINFO, api, sz)); +} + +int +audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz) +{ + + if (sizeof(*apia) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETPINFO_ADDR, apia, sz)); +} + +int +audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz) +{ + + if (sizeof(*aia) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETSINFO_ADDR, aia, sz)); +} + +int +audit_get_stat(au_stat_t *stats, size_t sz) +{ + + if (sizeof(*stats) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETSTAT, stats, sz)); +} + +int +audit_set_stat(au_stat_t *stats, size_t sz) +{ + + if (sizeof(*stats) != sz) { + errno = EINVAL; + return (-1); + } + + return (auditon(A_GETSTAT, stats, sz)); +} + +int +audit_get_cwd(char *path, size_t sz) +{ + + return (auditon(A_GETCWD, path, sz)); +} + +int +audit_get_car(char *path, size_t sz) +{ + + return (auditon(A_GETCAR, path, sz)); +} ==== //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#7 (text+ko) ==== @@ -26,12 +26,15 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#6 $ + * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#7 $ */ #ifndef _BSM_AUDIT_H #define _BSM_AUDIT_H +#include <sys/param.h> +#include <sys/types.h> + #define AUDIT_RECORD_MAGIC 0x828a0f1b #define MAX_AUDIT_RECORDS 20 #define MAXAUDITDATA (0x8000 - 1) @@ -212,7 +215,6 @@ au_mask_t ap_mask; /* Audit masks. */ au_tid_t ap_termid; /* Terminal ID. */ au_asid_t ap_asid; /* Audit session ID. */ - u_int64_t ap_flags; /* Audit session flags. */ }; typedef struct auditpinfo auditpinfo_t; @@ -222,6 +224,7 @@ au_mask_t ap_mask; /* Audit masks. */ au_tid_addr_t ap_termid; /* Terminal ID. */ au_asid_t ap_asid; /* Audit session ID. */ + u_int64_t ap_flags; /* Audit session flags. */ }; typedef struct auditpinfo_addr auditpinfo_addr_t; @@ -230,6 +233,7 @@ #define as_asid as_aia_p->ai_asid #define as_auid as_aia_p->ai_auid #define as_termid as_aia_p->ai_termid +#define as_flags as_aia_p->ai_flags au_mask_t as_mask; /* Process Audit Masks. */ }; @@ -313,6 +317,13 @@ int setaudit(const struct auditinfo *); int getaudit_addr(struct auditinfo_addr *, int); int setaudit_addr(const struct auditinfo_addr *, int); + +#ifdef __APPLE_API_PRIVATE +#include <mach/port.h> +mach_port_name_t audit_session_self(void); +au_asid_t audit_sesison_join(mach_port_name_t port); +#endif /* __APPLE_API_PRIVATE */ + #endif /* defined(_KERNEL) || defined(KERNEL) */ __END_DECLS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903030152.n231q5IR035684>