Date: Sat, 30 Apr 2005 13:28:48 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 76272 for review Message-ID: <200504301328.j3UDSmjf061837@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=76272 Change 76272 by rwatson@rwatson_paprika on 2005/04/30 13:28:09 Merge additional changes from Darwin 8.0's bsm-8 distribution: - Resort comments relating to Apple internal APIs; where we don't consider an API internal yet, add a comment if Apple considers them internal - Semantic change to cannot_audit(): don't audit if we're not auditing, rather than do not audit if in the no-audit state. Affected files ... .. //depot/projects/trustedbsd/openbsm/libbsm/libbsm.h#8 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/libbsm/libbsm.h#8 (text+ko) ==== @@ -773,27 +773,6 @@ typedef struct tokenstr tokenstr_t; -/* - * XXX This prototype should be in audit_record.h - * - * au_free_token() - * - * @summary - au_free_token() deallocates a token_t created by any of - * the au_to_*() BSM API functions. - * - * The BSM API generally manages deallocation of token_t objects. However, - * if au_write() is passed a bad audit descriptor, the token_t * parameter - * will be left untouched. In that case, the caller can deallocate the - * token_t using au_free_token() if desired. This is, in fact, what - * audit_write() does, in keeping with the existing memory management model - * of the BSM API. - * - * @param tok - A token_t * generated by one of the au_to_*() BSM API - * calls. For convenience, tok may be NULL, in which case - * au_free_token() returns immediately. - */ -void au_free_token(token_t *tok); - void setauevent(); void endauevent(); struct au_event_ent *getauevent(); @@ -911,6 +890,29 @@ __BEGIN_DECLS /* + * XXX This prototype should be in audit_record.h + * + * au_free_token() + * + * @summary - au_free_token() deallocates a token_t created by any of + * the au_to_*() BSM API functions. + * + * The BSM API generally manages deallocation of token_t objects. However, + * if au_write() is passed a bad audit descriptor, the token_t * parameter + * will be left untouched. In that case, the caller can deallocate the + * token_t using au_free_token() if desired. This is, in fact, what + * audit_write() does, in keeping with the existing memory management model + * of the BSM API. + * + * @param tok - A token_t * generated by one of the au_to_*() BSM API + * calls. For convenience, tok may be NULL, in which case + * au_free_token() returns immediately. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. + */ +void au_free_token(token_t *tok); + +/* * Lightweight check to determine if auditing is enabled. If a client * wants to use this to govern whether an entire series of audit calls * should be made--as in the common case of a caller building a set of @@ -921,32 +923,17 @@ * Otherwise the function can return any of the errno values defined for * setaudit(2), or AU_UNIMPL if audit does not appear to be supported by * the system. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int au_get_state(void); __END_DECLS /* OpenSSH compatibility */ -#define cannot_audit(x) (au_get_state() == AUC_NOAUDIT) +#define cannot_audit(x) (!(au_get_state() == AUC_AUDITING)) __BEGIN_DECLS /* - * The following calls all wrap the existing BSM API. They use the - * provided subject information, if any, to construct the subject token - * required for every log message. They use the provided return/error - * value(s), if any, to construct the success/failure indication required - * for every log message. They only permit one "miscellaneous" token, - * which should contain the event-specific logging information mandated by - * CAPP. - * - * All these calls assume the caller has previously determined that - * auditing is enabled by calling au_get_state(). - * - * NB: these calls are NOT part of the BSM API. They are NOT guaranteed to - * remain unchanged or even available in future. Use them at your own - * risk. - */ - -/* * audit_set_terminal_id() * * @summary - audit_set_terminal_id() fills in an au_tid_t struct, which is @@ -957,10 +944,27 @@ * @return - kAUNoErr on success; kAUBadParamErr if tid is NULL, kAUStatErr * or kAUSysctlErr if one of the underlying system calls fails (a message * is sent to the system log in those cases). + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_set_terminal_id(au_tid_t *tid); /* + * BEGIN au_write() WRAPPERS + * + * The following calls all wrap the existing BSM API. They use the + * provided subject information, if any, to construct the subject token + * required for every log message. They use the provided return/error + * value(s), if any, to construct the success/failure indication required + * for every log message. They only permit one "miscellaneous" token, + * which should contain the event-specific logging information mandated by + * CAPP. + * + * All these calls assume the caller has previously determined that + * auditing is enabled by calling au_get_state(). + */ + +/* * audit_write() * * @summary - audit_write() is the basis for the other audit_write_*() @@ -995,6 +999,8 @@ * * @return - The status of the call: 0 (zero) on success, else one of the * kAU*Err values defined above. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_write(short event_code, token_t *subject, token_t *misctok, char retval, int errcode); @@ -1037,6 +1043,8 @@ * * @return - The status of the call: 0 (zero) on success, else one of the * kAU*Err values defined above. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_write_success(short event_code, token_t *misctok, au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, @@ -1058,6 +1066,8 @@ * * @return - The status of the call: 0 (zero) on success, else one of the * kAU*Err values defined above. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_write_success_self(short event_code, token_t *misctok); @@ -1102,6 +1112,8 @@ * * @return - The status of the call: 0 (zero) on success, else one of the * kAU*Err values defined above. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_write_failure(short event_code, char *errmsg, int errret, au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, @@ -1127,6 +1139,8 @@ * * @return - The status of the call: 0 (zero) on success, else one of the * kAU*Err values defined above. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_write_failure_self(short event_code, char *errmsg, int errret); @@ -1157,6 +1171,8 @@ * * @return - The status of the call: 0 (zero) on success, else one of the * kAU*Err values defined above. + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ int audit_write_failure_na(short event_code, char *errmsg, int errret, uid_t euid, gid_t egid, pid_t pid, au_tid_t *tid); @@ -1200,6 +1216,8 @@ * * @param tidp - Pointer to an au_tid_t; on return will be set to the task * or sender's terminal ID + * + * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE. */ void audit_token_to_au32( audit_token_t atoken,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504301328.j3UDSmjf061837>