bsm_token.c revision 155131
1155131Srwatson/* 2155131Srwatson * Copyright (c) 2004 Apple Computer, Inc. 3155131Srwatson * Copyright (c) 2005 SPARTA, Inc. 4155131Srwatson * All rights reserved. 5155131Srwatson * 6155131Srwatson * This code was developed in part by Robert N. M. Watson, Senior Principal 7155131Srwatson * Scientist, SPARTA, Inc. 8155131Srwatson * 9155131Srwatson * Redistribution and use in source and binary forms, with or without 10155131Srwatson * modification, are permitted provided that the following conditions 11155131Srwatson * are met: 12155131Srwatson * 1. Redistributions of source code must retain the above copyright 13155131Srwatson * notice, this list of conditions and the following disclaimer. 14155131Srwatson * 2. Redistributions in binary form must reproduce the above copyright 15155131Srwatson * notice, this list of conditions and the following disclaimer in the 16155131Srwatson * documentation and/or other materials provided with the distribution. 17155131Srwatson * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of 18155131Srwatson * its contributors may be used to endorse or promote products derived 19155131Srwatson * from this software without specific prior written permission. 20155131Srwatson * 21155131Srwatson * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 22155131Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23155131Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24155131Srwatson * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 25155131Srwatson * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26155131Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27155131Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28155131Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 29155131Srwatson * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 30155131Srwatson * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31155131Srwatson * POSSIBILITY OF SUCH DAMAGE. 32155131Srwatson * 33155131Srwatson * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#34 $ 34155131Srwatson */ 35155131Srwatson 36155131Srwatson#include <sys/types.h> 37155131Srwatson#ifdef __APPLE__ 38155131Srwatson#include <compat/endian.h> 39155131Srwatson#else /* !__APPLE__ */ 40155131Srwatson#include <sys/endian.h> 41155131Srwatson#endif /* __APPLE__*/ 42155131Srwatson#include <sys/socket.h> 43155131Srwatson#include <sys/time.h> 44155131Srwatson#include <sys/un.h> 45155131Srwatson 46155131Srwatson#include <sys/ipc.h> 47155131Srwatson 48155131Srwatson#include <netinet/in.h> 49155131Srwatson#include <netinet/in_systm.h> 50155131Srwatson#include <netinet/ip.h> 51155131Srwatson 52155131Srwatson#include <assert.h> 53155131Srwatson#include <errno.h> 54155131Srwatson#include <string.h> 55155131Srwatson#include <stdlib.h> 56155131Srwatson#include <unistd.h> 57155131Srwatson#include <sys/socketvar.h> 58155131Srwatson 59155131Srwatson#include <bsm/audit_internal.h> 60155131Srwatson#include <bsm/libbsm.h> 61155131Srwatson 62155131Srwatson#define GET_TOKEN_AREA(t, dptr, length) do { \ 63155131Srwatson (t) = malloc(sizeof(token_t)); \ 64155131Srwatson if ((t) != NULL) { \ 65155131Srwatson (t)->len = (length); \ 66155131Srwatson (dptr) = (t->t_data) = malloc((length) * sizeof(u_char)); \ 67155131Srwatson if ((dptr) == NULL) { \ 68155131Srwatson free(t); \ 69155131Srwatson (t) = NULL; \ 70155131Srwatson } else \ 71155131Srwatson memset((dptr), 0, (length)); \ 72155131Srwatson } else \ 73155131Srwatson (dptr) = NULL; \ 74155131Srwatson assert(t == NULL || dptr != NULL); \ 75155131Srwatson} while (0) 76155131Srwatson 77155131Srwatson/* 78155131Srwatson * token ID 1 byte 79155131Srwatson * argument # 1 byte 80155131Srwatson * argument value 4 bytes/8 bytes (32-bit/64-bit value) 81155131Srwatson * text length 2 bytes 82155131Srwatson * text N bytes + 1 terminating NULL byte 83155131Srwatson */ 84155131Srwatsontoken_t * 85155131Srwatsonau_to_arg32(char n, char *text, u_int32_t v) 86155131Srwatson{ 87155131Srwatson token_t *t; 88155131Srwatson u_char *dptr = NULL; 89155131Srwatson u_int16_t textlen; 90155131Srwatson 91155131Srwatson textlen = strlen(text); 92155131Srwatson textlen += 1; 93155131Srwatson 94155131Srwatson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t) + 95155131Srwatson sizeof(u_int16_t) + textlen); 96155131Srwatson if (t == NULL) 97155131Srwatson return (NULL); 98155131Srwatson 99155131Srwatson ADD_U_CHAR(dptr, AUT_ARG32); 100155131Srwatson ADD_U_CHAR(dptr, n); 101155131Srwatson ADD_U_INT32(dptr, v); 102155131Srwatson ADD_U_INT16(dptr, textlen); 103155131Srwatson ADD_STRING(dptr, text, textlen); 104155131Srwatson 105155131Srwatson return (t); 106155131Srwatson 107155131Srwatson} 108155131Srwatson 109155131Srwatsontoken_t * 110155131Srwatsonau_to_arg64(char n, char *text, u_int64_t v) 111155131Srwatson{ 112155131Srwatson token_t *t; 113155131Srwatson u_char *dptr = NULL; 114155131Srwatson u_int16_t textlen; 115155131Srwatson 116155131Srwatson textlen = strlen(text); 117155131Srwatson textlen += 1; 118155131Srwatson 119155131Srwatson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t) + 120155131Srwatson sizeof(u_int16_t) + textlen); 121155131Srwatson if (t == NULL) 122155131Srwatson return (NULL); 123155131Srwatson 124155131Srwatson ADD_U_CHAR(dptr, AUT_ARG64); 125155131Srwatson ADD_U_CHAR(dptr, n); 126155131Srwatson ADD_U_INT64(dptr, v); 127155131Srwatson ADD_U_INT16(dptr, textlen); 128155131Srwatson ADD_STRING(dptr, text, textlen); 129155131Srwatson 130155131Srwatson return (t); 131155131Srwatson 132155131Srwatson} 133155131Srwatson 134155131Srwatsontoken_t * 135155131Srwatsonau_to_arg(char n, char *text, u_int32_t v) 136155131Srwatson{ 137155131Srwatson 138155131Srwatson return (au_to_arg32(n, text, v)); 139155131Srwatson} 140155131Srwatson 141155131Srwatson#if defined(_KERNEL) || defined(KERNEL) 142155131Srwatson/* 143155131Srwatson * token ID 1 byte 144155131Srwatson * file access mode 4 bytes 145155131Srwatson * owner user ID 4 bytes 146155131Srwatson * owner group ID 4 bytes 147155131Srwatson * file system ID 4 bytes 148155131Srwatson * node ID 8 bytes 149155131Srwatson * device 4 bytes/8 bytes (32-bit/64-bit) 150155131Srwatson */ 151155131Srwatsontoken_t * 152155131Srwatsonau_to_attr32(struct vnode_au_info *vni) 153155131Srwatson{ 154155131Srwatson token_t *t; 155155131Srwatson u_char *dptr = NULL; 156155131Srwatson u_int16_t pad0_16 = 0; 157155131Srwatson u_int16_t pad0_32 = 0; 158155131Srwatson 159155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 160155131Srwatson 3 * sizeof(u_int32_t) + sizeof(u_int64_t) + sizeof(u_int32_t)); 161155131Srwatson if (t == NULL) 162155131Srwatson return (NULL); 163155131Srwatson 164155131Srwatson ADD_U_CHAR(dptr, AUT_ATTR32); 165155131Srwatson 166155131Srwatson /* 167155131Srwatson * Darwin defines the size for the file mode 168155131Srwatson * as 2 bytes; BSM defines 4 so pad with 0 169155131Srwatson */ 170155131Srwatson ADD_U_INT16(dptr, pad0_16); 171155131Srwatson ADD_U_INT16(dptr, vni->vn_mode); 172155131Srwatson 173155131Srwatson ADD_U_INT32(dptr, vni->vn_uid); 174155131Srwatson ADD_U_INT32(dptr, vni->vn_gid); 175155131Srwatson ADD_U_INT32(dptr, vni->vn_fsid); 176155131Srwatson 177155131Srwatson /* 178155131Srwatson * Some systems use 32-bit file ID's, other's use 64-bit file IDs. 179155131Srwatson * Attempt to handle both, and let the compiler sort it out. If we 180155131Srwatson * could pick this out at compile-time, it would be better, so as to 181155131Srwatson * avoid the else case below. 182155131Srwatson */ 183155131Srwatson if (sizeof(vni->vn_fileid) == sizeof(uint32_t)) { 184155131Srwatson ADD_U_INT32(dptr, pad0_32); 185155131Srwatson ADD_U_INT32(dptr, vni->vn_fileid); 186155131Srwatson } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) 187155131Srwatson ADD_U_INT64(dptr, vni->vn_fileid); 188155131Srwatson else 189155131Srwatson ADD_U_INT64(dptr, 0LL); 190155131Srwatson 191155131Srwatson ADD_U_INT32(dptr, vni->vn_dev); 192155131Srwatson 193155131Srwatson return (t); 194155131Srwatson} 195155131Srwatson 196155131Srwatsontoken_t * 197155131Srwatsonau_to_attr64(struct vnode_au_info *vni) 198155131Srwatson{ 199155131Srwatson 200155131Srwatson errno = ENOTSUP; 201155131Srwatson return (NULL); 202155131Srwatson} 203155131Srwatson 204155131Srwatsontoken_t * 205155131Srwatsonau_to_attr(struct vnode_au_info *vni) 206155131Srwatson{ 207155131Srwatson 208155131Srwatson return (au_to_attr32(vni)); 209155131Srwatson} 210155131Srwatson#endif /* !(defined(_KERNEL) || defined(KERNEL) */ 211155131Srwatson 212155131Srwatson/* 213155131Srwatson * token ID 1 byte 214155131Srwatson * how to print 1 byte 215155131Srwatson * basic unit 1 byte 216155131Srwatson * unit count 1 byte 217155131Srwatson * data items (depends on basic unit) 218155131Srwatson */ 219155131Srwatsontoken_t * 220155131Srwatsonau_to_data(char unit_print, char unit_type, char unit_count, char *p) 221155131Srwatson{ 222155131Srwatson token_t *t; 223155131Srwatson u_char *dptr = NULL; 224155131Srwatson size_t datasize, totdata; 225155131Srwatson 226155131Srwatson /* Determine the size of the basic unit. */ 227155131Srwatson switch (unit_type) { 228155131Srwatson case AUR_BYTE: 229155131Srwatson datasize = AUR_BYTE_SIZE; 230155131Srwatson break; 231155131Srwatson 232155131Srwatson case AUR_SHORT: 233155131Srwatson datasize = AUR_SHORT_SIZE; 234155131Srwatson break; 235155131Srwatson 236155131Srwatson case AUR_LONG: 237155131Srwatson datasize = AUR_LONG_SIZE; 238155131Srwatson break; 239155131Srwatson 240155131Srwatson default: 241155131Srwatson errno = EINVAL; 242155131Srwatson return (NULL); 243155131Srwatson } 244155131Srwatson 245155131Srwatson totdata = datasize * unit_count; 246155131Srwatson 247155131Srwatson GET_TOKEN_AREA(t, dptr, totdata + 4 * sizeof(u_char)); 248155131Srwatson if (t == NULL) 249155131Srwatson return (NULL); 250155131Srwatson 251155131Srwatson ADD_U_CHAR(dptr, AUT_DATA); 252155131Srwatson ADD_U_CHAR(dptr, unit_print); 253155131Srwatson ADD_U_CHAR(dptr, unit_type); 254155131Srwatson ADD_U_CHAR(dptr, unit_count); 255155131Srwatson ADD_MEM(dptr, p, totdata); 256155131Srwatson 257155131Srwatson return (t); 258155131Srwatson} 259155131Srwatson 260155131Srwatson 261155131Srwatson/* 262155131Srwatson * token ID 1 byte 263155131Srwatson * status 4 bytes 264155131Srwatson * return value 4 bytes 265155131Srwatson */ 266155131Srwatsontoken_t * 267155131Srwatsonau_to_exit(int retval, int err) 268155131Srwatson{ 269155131Srwatson token_t *t; 270155131Srwatson u_char *dptr = NULL; 271155131Srwatson 272155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t)); 273155131Srwatson if (t == NULL) 274155131Srwatson return (NULL); 275155131Srwatson 276155131Srwatson ADD_U_CHAR(dptr, AUT_EXIT); 277155131Srwatson ADD_U_INT32(dptr, err); 278155131Srwatson ADD_U_INT32(dptr, retval); 279155131Srwatson 280155131Srwatson return (t); 281155131Srwatson} 282155131Srwatson 283155131Srwatson/* 284155131Srwatson */ 285155131Srwatsontoken_t * 286155131Srwatsonau_to_groups(int *groups) 287155131Srwatson{ 288155131Srwatson 289155131Srwatson return (au_to_newgroups(BSM_MAX_GROUPS, groups)); 290155131Srwatson} 291155131Srwatson 292155131Srwatson/* 293155131Srwatson * token ID 1 byte 294155131Srwatson * number groups 2 bytes 295155131Srwatson * group list count * 4 bytes 296155131Srwatson */ 297155131Srwatsontoken_t * 298155131Srwatsonau_to_newgroups(u_int16_t n, gid_t *groups) 299155131Srwatson{ 300155131Srwatson token_t *t; 301155131Srwatson u_char *dptr = NULL; 302155131Srwatson int i; 303155131Srwatson 304155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + 305155131Srwatson n * sizeof(u_int32_t)); 306155131Srwatson if (t == NULL) 307155131Srwatson return (NULL); 308155131Srwatson 309155131Srwatson ADD_U_CHAR(dptr, AUT_NEWGROUPS); 310155131Srwatson ADD_U_INT16(dptr, n); 311155131Srwatson for (i = 0; i < n; i++) 312155131Srwatson ADD_U_INT32(dptr, groups[i]); 313155131Srwatson 314155131Srwatson return (t); 315155131Srwatson} 316155131Srwatson 317155131Srwatson/* 318155131Srwatson * token ID 1 byte 319155131Srwatson * internet address 4 bytes 320155131Srwatson */ 321155131Srwatsontoken_t * 322155131Srwatsonau_to_in_addr(struct in_addr *internet_addr) 323155131Srwatson{ 324155131Srwatson token_t *t; 325155131Srwatson u_char *dptr = NULL; 326155131Srwatson 327155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t)); 328155131Srwatson if (t == NULL) 329155131Srwatson return (NULL); 330155131Srwatson 331155131Srwatson ADD_U_CHAR(dptr, AUT_IN_ADDR); 332155131Srwatson ADD_U_INT32(dptr, internet_addr->s_addr); 333155131Srwatson 334155131Srwatson return (t); 335155131Srwatson} 336155131Srwatson 337155131Srwatson/* 338155131Srwatson * token ID 1 byte 339155131Srwatson * address type/length 4 bytes 340155131Srwatson * Address 16 bytes 341155131Srwatson */ 342155131Srwatsontoken_t * 343155131Srwatsonau_to_in_addr_ex(struct in6_addr *internet_addr) 344155131Srwatson{ 345155131Srwatson token_t *t; 346155131Srwatson u_char *dptr = NULL; 347155131Srwatson u_int32_t type = AF_INET6; 348155131Srwatson 349155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int32_t)); 350155131Srwatson if (t == NULL) 351155131Srwatson return (NULL); 352155131Srwatson 353155131Srwatson ADD_U_CHAR(dptr, AUT_IN_ADDR_EX); 354155131Srwatson ADD_U_INT32(dptr, type); 355155131Srwatson ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[0]); 356155131Srwatson ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[1]); 357155131Srwatson ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[2]); 358155131Srwatson ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[3]); 359155131Srwatson 360155131Srwatson return (t); 361155131Srwatson} 362155131Srwatson 363155131Srwatson/* 364155131Srwatson * token ID 1 byte 365155131Srwatson * ip header 20 bytes 366155131Srwatson */ 367155131Srwatsontoken_t * 368155131Srwatsonau_to_ip(struct ip *ip) 369155131Srwatson{ 370155131Srwatson token_t *t; 371155131Srwatson u_char *dptr = NULL; 372155131Srwatson 373155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(struct ip)); 374155131Srwatson if (t == NULL) 375155131Srwatson return (NULL); 376155131Srwatson 377155131Srwatson ADD_U_CHAR(dptr, AUT_IP); 378155131Srwatson /* 379155131Srwatson * XXXRW: Any byte order work needed on the IP header before writing? 380155131Srwatson */ 381155131Srwatson ADD_MEM(dptr, ip, sizeof(struct ip)); 382155131Srwatson 383155131Srwatson return (t); 384155131Srwatson} 385155131Srwatson 386155131Srwatson/* 387155131Srwatson * token ID 1 byte 388155131Srwatson * object ID type 1 byte 389155131Srwatson * object ID 4 bytes 390155131Srwatson */ 391155131Srwatsontoken_t * 392155131Srwatsonau_to_ipc(char type, int id) 393155131Srwatson{ 394155131Srwatson token_t *t; 395155131Srwatson u_char *dptr = NULL; 396155131Srwatson 397155131Srwatson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t)); 398155131Srwatson if (t == NULL) 399155131Srwatson return (NULL); 400155131Srwatson 401155131Srwatson ADD_U_CHAR(dptr, AUT_IPC); 402155131Srwatson ADD_U_CHAR(dptr, type); 403155131Srwatson ADD_U_INT32(dptr, id); 404155131Srwatson 405155131Srwatson return (t); 406155131Srwatson} 407155131Srwatson 408155131Srwatson/* 409155131Srwatson * token ID 1 byte 410155131Srwatson * owner user ID 4 bytes 411155131Srwatson * owner group ID 4 bytes 412155131Srwatson * creator user ID 4 bytes 413155131Srwatson * creator group ID 4 bytes 414155131Srwatson * access mode 4 bytes 415155131Srwatson * slot sequence # 4 bytes 416155131Srwatson * key 4 bytes 417155131Srwatson */ 418155131Srwatsontoken_t * 419155131Srwatsonau_to_ipc_perm(struct ipc_perm *perm) 420155131Srwatson{ 421155131Srwatson token_t *t; 422155131Srwatson u_char *dptr = NULL; 423155131Srwatson u_int16_t pad0 = 0; 424155131Srwatson 425155131Srwatson GET_TOKEN_AREA(t, dptr, 12 * sizeof(u_int16_t) + sizeof(u_int32_t)); 426155131Srwatson if (t == NULL) 427155131Srwatson return (NULL); 428155131Srwatson 429155131Srwatson ADD_U_CHAR(dptr, AUT_IPC_PERM); 430155131Srwatson 431155131Srwatson /* 432155131Srwatson * Darwin defines the sizes for ipc_perm members 433155131Srwatson * as 2 bytes; BSM defines 4 so pad with 0 434155131Srwatson */ 435155131Srwatson ADD_U_INT16(dptr, pad0); 436155131Srwatson ADD_U_INT16(dptr, perm->uid); 437155131Srwatson 438155131Srwatson ADD_U_INT16(dptr, pad0); 439155131Srwatson ADD_U_INT16(dptr, perm->gid); 440155131Srwatson 441155131Srwatson ADD_U_INT16(dptr, pad0); 442155131Srwatson ADD_U_INT16(dptr, perm->cuid); 443155131Srwatson 444155131Srwatson ADD_U_INT16(dptr, pad0); 445155131Srwatson ADD_U_INT16(dptr, perm->cgid); 446155131Srwatson 447155131Srwatson ADD_U_INT16(dptr, pad0); 448155131Srwatson ADD_U_INT16(dptr, perm->mode); 449155131Srwatson 450155131Srwatson ADD_U_INT16(dptr, pad0); 451155131Srwatson ADD_U_INT16(dptr, perm->seq); 452155131Srwatson 453155131Srwatson ADD_U_INT32(dptr, perm->key); 454155131Srwatson 455155131Srwatson return (t); 456155131Srwatson} 457155131Srwatson 458155131Srwatson/* 459155131Srwatson * token ID 1 byte 460155131Srwatson * port IP address 2 bytes 461155131Srwatson */ 462155131Srwatsontoken_t * 463155131Srwatsonau_to_iport(u_int16_t iport) 464155131Srwatson{ 465155131Srwatson token_t *t; 466155131Srwatson u_char *dptr = NULL; 467155131Srwatson 468155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t)); 469155131Srwatson if (t == NULL) 470155131Srwatson return (NULL); 471155131Srwatson 472155131Srwatson ADD_U_CHAR(dptr, AUT_IPORT); 473155131Srwatson ADD_U_INT16(dptr, iport); 474155131Srwatson 475155131Srwatson return (t); 476155131Srwatson} 477155131Srwatson 478155131Srwatson/* 479155131Srwatson * token ID 1 byte 480155131Srwatson * size 2 bytes 481155131Srwatson * data size bytes 482155131Srwatson */ 483155131Srwatsontoken_t * 484155131Srwatsonau_to_opaque(char *data, u_int16_t bytes) 485155131Srwatson{ 486155131Srwatson token_t *t; 487155131Srwatson u_char *dptr = NULL; 488155131Srwatson 489155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + bytes); 490155131Srwatson if (t == NULL) 491155131Srwatson return (NULL); 492155131Srwatson 493155131Srwatson ADD_U_CHAR(dptr, AUT_OPAQUE); 494155131Srwatson ADD_U_INT16(dptr, bytes); 495155131Srwatson ADD_MEM(dptr, data, bytes); 496155131Srwatson 497155131Srwatson return (t); 498155131Srwatson} 499155131Srwatson 500155131Srwatson/* 501155131Srwatson * token ID 1 byte 502155131Srwatson * seconds of time 4 bytes 503155131Srwatson * milliseconds of time 4 bytes 504155131Srwatson * file name len 2 bytes 505155131Srwatson * file pathname N bytes + 1 terminating NULL byte 506155131Srwatson */ 507155131Srwatsontoken_t * 508155131Srwatson#if defined(KERNEL) || defined(_KERNEL) 509155131Srwatsonau_to_file(char *file, struct timeval tm) 510155131Srwatson#else 511155131Srwatsonau_to_file(char *file) 512155131Srwatson#endif 513155131Srwatson{ 514155131Srwatson token_t *t; 515155131Srwatson u_char *dptr = NULL; 516155131Srwatson u_int16_t filelen; 517155131Srwatson u_int32_t timems; 518155131Srwatson#if !defined(KERNEL) && !defined(_KERNEL) 519155131Srwatson struct timeval tm; 520155131Srwatson struct timezone tzp; 521155131Srwatson 522155131Srwatson if (gettimeofday(&tm, &tzp) == -1) 523155131Srwatson return (NULL); 524155131Srwatson#endif 525155131Srwatson 526155131Srwatson filelen = strlen(file); 527155131Srwatson filelen += 1; 528155131Srwatson 529155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t) + 530155131Srwatson sizeof(u_int16_t) + filelen); 531155131Srwatson if (t == NULL) 532155131Srwatson return (NULL); 533155131Srwatson 534155131Srwatson timems = tm.tv_usec/1000; 535155131Srwatson 536155131Srwatson ADD_U_CHAR(dptr, AUT_OTHER_FILE32); 537155131Srwatson ADD_U_INT32(dptr, tm.tv_sec); 538155131Srwatson ADD_U_INT32(dptr, timems); /* We need time in ms. */ 539155131Srwatson ADD_U_INT16(dptr, filelen); 540155131Srwatson ADD_STRING(dptr, file, filelen); 541155131Srwatson 542155131Srwatson return (t); 543155131Srwatson} 544155131Srwatson 545155131Srwatson/* 546155131Srwatson * token ID 1 byte 547155131Srwatson * text length 2 bytes 548155131Srwatson * text N bytes + 1 terminating NULL byte 549155131Srwatson */ 550155131Srwatsontoken_t * 551155131Srwatsonau_to_text(char *text) 552155131Srwatson{ 553155131Srwatson token_t *t; 554155131Srwatson u_char *dptr = NULL; 555155131Srwatson u_int16_t textlen; 556155131Srwatson 557155131Srwatson textlen = strlen(text); 558155131Srwatson textlen += 1; 559155131Srwatson 560155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + textlen); 561155131Srwatson if (t == NULL) 562155131Srwatson return (NULL); 563155131Srwatson 564155131Srwatson ADD_U_CHAR(dptr, AUT_TEXT); 565155131Srwatson ADD_U_INT16(dptr, textlen); 566155131Srwatson ADD_STRING(dptr, text, textlen); 567155131Srwatson 568155131Srwatson return (t); 569155131Srwatson} 570155131Srwatson 571155131Srwatson/* 572155131Srwatson * token ID 1 byte 573155131Srwatson * path length 2 bytes 574155131Srwatson * path N bytes + 1 terminating NULL byte 575155131Srwatson */ 576155131Srwatsontoken_t * 577155131Srwatsonau_to_path(char *text) 578155131Srwatson{ 579155131Srwatson token_t *t; 580155131Srwatson u_char *dptr = NULL; 581155131Srwatson u_int16_t textlen; 582155131Srwatson 583155131Srwatson textlen = strlen(text); 584155131Srwatson textlen += 1; 585155131Srwatson 586155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + textlen); 587155131Srwatson if (t == NULL) 588155131Srwatson return (NULL); 589155131Srwatson 590155131Srwatson ADD_U_CHAR(dptr, AUT_PATH); 591155131Srwatson ADD_U_INT16(dptr, textlen); 592155131Srwatson ADD_STRING(dptr, text, textlen); 593155131Srwatson 594155131Srwatson return (t); 595155131Srwatson} 596155131Srwatson 597155131Srwatson/* 598155131Srwatson * token ID 1 byte 599155131Srwatson * audit ID 4 bytes 600155131Srwatson * effective user ID 4 bytes 601155131Srwatson * effective group ID 4 bytes 602155131Srwatson * real user ID 4 bytes 603155131Srwatson * real group ID 4 bytes 604155131Srwatson * process ID 4 bytes 605155131Srwatson * session ID 4 bytes 606155131Srwatson * terminal ID 607155131Srwatson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 608155131Srwatson * machine address 4 bytes 609155131Srwatson */ 610155131Srwatsontoken_t * 611155131Srwatsonau_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 612155131Srwatson pid_t pid, au_asid_t sid, au_tid_t *tid) 613155131Srwatson{ 614155131Srwatson token_t *t; 615155131Srwatson u_char *dptr = NULL; 616155131Srwatson 617155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 9 * sizeof(u_int32_t)); 618155131Srwatson if (t == NULL) 619155131Srwatson return (NULL); 620155131Srwatson 621155131Srwatson ADD_U_CHAR(dptr, AUT_PROCESS32); 622155131Srwatson ADD_U_INT32(dptr, auid); 623155131Srwatson ADD_U_INT32(dptr, euid); 624155131Srwatson ADD_U_INT32(dptr, egid); 625155131Srwatson ADD_U_INT32(dptr, ruid); 626155131Srwatson ADD_U_INT32(dptr, rgid); 627155131Srwatson ADD_U_INT32(dptr, pid); 628155131Srwatson ADD_U_INT32(dptr, sid); 629155131Srwatson ADD_U_INT32(dptr, tid->port); 630155131Srwatson ADD_U_INT32(dptr, tid->machine); 631155131Srwatson 632155131Srwatson return (t); 633155131Srwatson} 634155131Srwatson 635155131Srwatsontoken_t * 636155131Srwatsonau_to_process64(__unused au_id_t auid, __unused uid_t euid, 637155131Srwatson __unused gid_t egid, __unused uid_t ruid, __unused gid_t rgid, 638155131Srwatson __unused pid_t pid, __unused au_asid_t sid, __unused au_tid_t *tid) 639155131Srwatson{ 640155131Srwatson 641155131Srwatson errno = ENOTSUP; 642155131Srwatson return (NULL); 643155131Srwatson} 644155131Srwatson 645155131Srwatsontoken_t * 646155131Srwatsonau_to_process(__unused au_id_t auid, __unused uid_t euid, 647155131Srwatson __unused gid_t egid, __unused uid_t ruid, __unused gid_t rgid, 648155131Srwatson __unused pid_t pid, __unused au_asid_t sid, __unused au_tid_t *tid) 649155131Srwatson{ 650155131Srwatson 651155131Srwatson return (au_to_process32(auid, euid, egid, ruid, rgid, pid, sid, 652155131Srwatson tid)); 653155131Srwatson} 654155131Srwatson 655155131Srwatson/* 656155131Srwatson * token ID 1 byte 657155131Srwatson * audit ID 4 bytes 658155131Srwatson * effective user ID 4 bytes 659155131Srwatson * effective group ID 4 bytes 660155131Srwatson * real user ID 4 bytes 661155131Srwatson * real group ID 4 bytes 662155131Srwatson * process ID 4 bytes 663155131Srwatson * session ID 4 bytes 664155131Srwatson * terminal ID 665155131Srwatson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 666155131Srwatson * address type-len 4 bytes 667155131Srwatson * machine address 16 bytes 668155131Srwatson */ 669155131Srwatsontoken_t * 670155131Srwatsonau_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 671155131Srwatson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 672155131Srwatson{ 673155131Srwatson token_t *t; 674155131Srwatson u_char *dptr = NULL; 675155131Srwatson 676155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); 677155131Srwatson if (t == NULL) 678155131Srwatson return (NULL); 679155131Srwatson 680155131Srwatson ADD_U_CHAR(dptr, AUT_PROCESS32_EX); 681155131Srwatson ADD_U_INT32(dptr, auid); 682155131Srwatson ADD_U_INT32(dptr, euid); 683155131Srwatson ADD_U_INT32(dptr, egid); 684155131Srwatson ADD_U_INT32(dptr, ruid); 685155131Srwatson ADD_U_INT32(dptr, rgid); 686155131Srwatson ADD_U_INT32(dptr, pid); 687155131Srwatson ADD_U_INT32(dptr, sid); 688155131Srwatson ADD_U_INT32(dptr, tid->at_port); 689155131Srwatson ADD_U_INT32(dptr, tid->at_type); 690155131Srwatson ADD_U_INT32(dptr, tid->at_addr[0]); 691155131Srwatson ADD_U_INT32(dptr, tid->at_addr[1]); 692155131Srwatson ADD_U_INT32(dptr, tid->at_addr[2]); 693155131Srwatson ADD_U_INT32(dptr, tid->at_addr[3]); 694155131Srwatson 695155131Srwatson return (t); 696155131Srwatson} 697155131Srwatson 698155131Srwatsontoken_t * 699155131Srwatsonau_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 700155131Srwatson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 701155131Srwatson{ 702155131Srwatson 703155131Srwatson errno = ENOTSUP; 704155131Srwatson return (NULL); 705155131Srwatson} 706155131Srwatson 707155131Srwatsontoken_t * 708155131Srwatsonau_to_process_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 709155131Srwatson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 710155131Srwatson{ 711155131Srwatson 712155131Srwatson return (au_to_process32_ex(auid, euid, egid, ruid, rgid, pid, sid, 713155131Srwatson tid)); 714155131Srwatson} 715155131Srwatson 716155131Srwatson/* 717155131Srwatson * token ID 1 byte 718155131Srwatson * error status 1 byte 719155131Srwatson * return value 4 bytes/8 bytes (32-bit/64-bit value) 720155131Srwatson */ 721155131Srwatsontoken_t * 722155131Srwatsonau_to_return32(char status, u_int32_t ret) 723155131Srwatson{ 724155131Srwatson token_t *t; 725155131Srwatson u_char *dptr = NULL; 726155131Srwatson 727155131Srwatson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t)); 728155131Srwatson if (t == NULL) 729155131Srwatson return (NULL); 730155131Srwatson 731155131Srwatson ADD_U_CHAR(dptr, AUT_RETURN32); 732155131Srwatson ADD_U_CHAR(dptr, status); 733155131Srwatson ADD_U_INT32(dptr, ret); 734155131Srwatson 735155131Srwatson return (t); 736155131Srwatson} 737155131Srwatson 738155131Srwatsontoken_t * 739155131Srwatsonau_to_return64(char status, u_int64_t ret) 740155131Srwatson{ 741155131Srwatson token_t *t; 742155131Srwatson u_char *dptr = NULL; 743155131Srwatson 744155131Srwatson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t)); 745155131Srwatson if (t == NULL) 746155131Srwatson return (NULL); 747155131Srwatson 748155131Srwatson ADD_U_CHAR(dptr, AUT_RETURN64); 749155131Srwatson ADD_U_CHAR(dptr, status); 750155131Srwatson ADD_U_INT64(dptr, ret); 751155131Srwatson 752155131Srwatson return (t); 753155131Srwatson} 754155131Srwatson 755155131Srwatsontoken_t * 756155131Srwatsonau_to_return(char status, u_int32_t ret) 757155131Srwatson{ 758155131Srwatson 759155131Srwatson return (au_to_return32(status, ret)); 760155131Srwatson} 761155131Srwatson 762155131Srwatson/* 763155131Srwatson * token ID 1 byte 764155131Srwatson * sequence number 4 bytes 765155131Srwatson */ 766155131Srwatsontoken_t * 767155131Srwatsonau_to_seq(long audit_count) 768155131Srwatson{ 769155131Srwatson token_t *t; 770155131Srwatson u_char *dptr = NULL; 771155131Srwatson 772155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t)); 773155131Srwatson if (t == NULL) 774155131Srwatson return (NULL); 775155131Srwatson 776155131Srwatson ADD_U_CHAR(dptr, AUT_SEQ); 777155131Srwatson ADD_U_INT32(dptr, audit_count); 778155131Srwatson 779155131Srwatson return (t); 780155131Srwatson} 781155131Srwatson 782155131Srwatson/* 783155131Srwatson * token ID 1 byte 784155131Srwatson * socket type 2 bytes 785155131Srwatson * local port 2 bytes 786155131Srwatson * local Internet address 4 bytes 787155131Srwatson * remote port 2 bytes 788155131Srwatson * remote Internet address 4 bytes 789155131Srwatson */ 790155131Srwatsontoken_t * 791155131Srwatsonau_to_socket(struct socket *so) 792155131Srwatson{ 793155131Srwatson 794155131Srwatson errno = ENOTSUP; 795155131Srwatson return (NULL); 796155131Srwatson} 797155131Srwatson 798155131Srwatson/* 799155131Srwatson * token ID 1 byte 800155131Srwatson * socket type 2 bytes 801155131Srwatson * local port 2 bytes 802155131Srwatson * address type/length 4 bytes 803155131Srwatson * local Internet address 4 bytes/16 bytes (IPv4/IPv6 address) 804155131Srwatson * remote port 4 bytes 805155131Srwatson * address type/length 4 bytes 806155131Srwatson * remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address) 807155131Srwatson */ 808155131Srwatsontoken_t * 809155131Srwatsonau_to_socket_ex_32(u_int16_t lp, u_int16_t rp, struct sockaddr *la, 810155131Srwatson struct sockaddr *ra) 811155131Srwatson{ 812155131Srwatson 813155131Srwatson errno = ENOTSUP; 814155131Srwatson return (NULL); 815155131Srwatson} 816155131Srwatson 817155131Srwatsontoken_t * 818155131Srwatsonau_to_socket_ex_128(u_int16_t lp, u_int16_t rp, struct sockaddr *la, 819155131Srwatson struct sockaddr *ra) 820155131Srwatson{ 821155131Srwatson 822155131Srwatson errno = ENOTSUP; 823155131Srwatson return (NULL); 824155131Srwatson} 825155131Srwatson 826155131Srwatson/* 827155131Srwatson * token ID 1 byte 828155131Srwatson * socket family 2 bytes 829155131Srwatson * path 104 bytes 830155131Srwatson */ 831155131Srwatsontoken_t * 832155131Srwatsonau_to_sock_unix(struct sockaddr_un *so) 833155131Srwatson{ 834155131Srwatson token_t *t; 835155131Srwatson u_char *dptr; 836155131Srwatson 837155131Srwatson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + strlen(so->sun_path) + 1); 838155131Srwatson if (t == NULL) 839155131Srwatson return (NULL); 840155131Srwatson 841155131Srwatson ADD_U_CHAR(dptr, AU_SOCK_UNIX_TOKEN); 842155131Srwatson /* BSM token has two bytes for family */ 843155131Srwatson ADD_U_CHAR(dptr, 0); 844155131Srwatson ADD_U_CHAR(dptr, so->sun_family); 845155131Srwatson ADD_STRING(dptr, so->sun_path, strlen(so->sun_path) + 1); 846155131Srwatson 847155131Srwatson return (t); 848155131Srwatson} 849155131Srwatson 850155131Srwatson/* 851155131Srwatson * token ID 1 byte 852155131Srwatson * socket family 2 bytes 853155131Srwatson * local port 2 bytes 854155131Srwatson * socket address 4 bytes 855155131Srwatson */ 856155131Srwatsontoken_t * 857155131Srwatsonau_to_sock_inet32(struct sockaddr_in *so) 858155131Srwatson{ 859155131Srwatson token_t *t; 860155131Srwatson u_char *dptr = NULL; 861155131Srwatson 862155131Srwatson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) + 863155131Srwatson sizeof(u_int32_t)); 864155131Srwatson if (t == NULL) 865155131Srwatson return (NULL); 866155131Srwatson 867155131Srwatson ADD_U_CHAR(dptr, AUT_SOCKINET32); 868155131Srwatson /* 869155131Srwatson * In Darwin, sin_family is one octet, but BSM defines the token 870155131Srwatson * to store two. So we copy in a 0 first. 871155131Srwatson */ 872155131Srwatson ADD_U_CHAR(dptr, 0); 873155131Srwatson ADD_U_CHAR(dptr, so->sin_family); 874155131Srwatson ADD_U_INT16(dptr, so->sin_port); 875155131Srwatson ADD_U_INT32(dptr, so->sin_addr.s_addr); 876155131Srwatson 877155131Srwatson return (t); 878155131Srwatson 879155131Srwatson} 880155131Srwatson 881155131Srwatsontoken_t * 882155131Srwatsonau_to_sock_inet128(struct sockaddr_in6 *so) 883155131Srwatson{ 884155131Srwatson token_t *t; 885155131Srwatson u_char *dptr = NULL; 886155131Srwatson 887155131Srwatson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) + 888155131Srwatson 4 * sizeof(u_int32_t)); 889155131Srwatson if (t == NULL) 890155131Srwatson return (NULL); 891155131Srwatson 892155131Srwatson ADD_U_CHAR(dptr, AUT_SOCKINET128); 893155131Srwatson /* 894155131Srwatson * In Darwin, sin6_family is one octet, but BSM defines the token 895155131Srwatson * to store two. So we copy in a 0 first. 896155131Srwatson */ 897155131Srwatson ADD_U_CHAR(dptr, 0); 898155131Srwatson ADD_U_CHAR(dptr, so->sin6_family); 899155131Srwatson 900155131Srwatson ADD_U_INT16(dptr, so->sin6_port); 901155131Srwatson ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[0]); 902155131Srwatson ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[1]); 903155131Srwatson ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[2]); 904155131Srwatson ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[3]); 905155131Srwatson 906155131Srwatson return (t); 907155131Srwatson 908155131Srwatson} 909155131Srwatson 910155131Srwatsontoken_t * 911155131Srwatsonau_to_sock_inet(struct sockaddr_in *so) 912155131Srwatson{ 913155131Srwatson 914155131Srwatson return (au_to_sock_inet32(so)); 915155131Srwatson} 916155131Srwatson 917155131Srwatson/* 918155131Srwatson * token ID 1 byte 919155131Srwatson * audit ID 4 bytes 920155131Srwatson * effective user ID 4 bytes 921155131Srwatson * effective group ID 4 bytes 922155131Srwatson * real user ID 4 bytes 923155131Srwatson * real group ID 4 bytes 924155131Srwatson * process ID 4 bytes 925155131Srwatson * session ID 4 bytes 926155131Srwatson * terminal ID 927155131Srwatson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 928155131Srwatson * machine address 4 bytes 929155131Srwatson */ 930155131Srwatsontoken_t * 931155131Srwatsonau_to_subject32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 932155131Srwatson pid_t pid, au_asid_t sid, au_tid_t *tid) 933155131Srwatson{ 934155131Srwatson token_t *t; 935155131Srwatson u_char *dptr = NULL; 936155131Srwatson 937155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 9 * sizeof(u_int32_t)); 938155131Srwatson if (t == NULL) 939155131Srwatson return (NULL); 940155131Srwatson 941155131Srwatson ADD_U_CHAR(dptr, AUT_SUBJECT32); 942155131Srwatson ADD_U_INT32(dptr, auid); 943155131Srwatson ADD_U_INT32(dptr, euid); 944155131Srwatson ADD_U_INT32(dptr, egid); 945155131Srwatson ADD_U_INT32(dptr, ruid); 946155131Srwatson ADD_U_INT32(dptr, rgid); 947155131Srwatson ADD_U_INT32(dptr, pid); 948155131Srwatson ADD_U_INT32(dptr, sid); 949155131Srwatson ADD_U_INT32(dptr, tid->port); 950155131Srwatson ADD_U_INT32(dptr, tid->machine); 951155131Srwatson 952155131Srwatson return (t); 953155131Srwatson} 954155131Srwatson 955155131Srwatsontoken_t * 956155131Srwatsonau_to_subject64(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 957155131Srwatson pid_t pid, au_asid_t sid, au_tid_t *tid) 958155131Srwatson{ 959155131Srwatson 960155131Srwatson errno = ENOTSUP; 961155131Srwatson return (NULL); 962155131Srwatson} 963155131Srwatson 964155131Srwatsontoken_t * 965155131Srwatsonau_to_subject(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 966155131Srwatson pid_t pid, au_asid_t sid, au_tid_t *tid) 967155131Srwatson{ 968155131Srwatson 969155131Srwatson return (au_to_subject32(auid, euid, egid, ruid, rgid, pid, sid, 970155131Srwatson tid)); 971155131Srwatson} 972155131Srwatson 973155131Srwatson/* 974155131Srwatson * token ID 1 byte 975155131Srwatson * audit ID 4 bytes 976155131Srwatson * effective user ID 4 bytes 977155131Srwatson * effective group ID 4 bytes 978155131Srwatson * real user ID 4 bytes 979155131Srwatson * real group ID 4 bytes 980155131Srwatson * process ID 4 bytes 981155131Srwatson * session ID 4 bytes 982155131Srwatson * terminal ID 983155131Srwatson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 984155131Srwatson * address type/length 4 bytes 985155131Srwatson * machine address 16 bytes 986155131Srwatson */ 987155131Srwatsontoken_t * 988155131Srwatsonau_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 989155131Srwatson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 990155131Srwatson{ 991155131Srwatson token_t *t; 992155131Srwatson u_char *dptr = NULL; 993155131Srwatson 994155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); 995155131Srwatson if (t == NULL) 996155131Srwatson return (NULL); 997155131Srwatson 998155131Srwatson ADD_U_CHAR(dptr, AUT_SUBJECT32_EX); 999155131Srwatson ADD_U_INT32(dptr, auid); 1000155131Srwatson ADD_U_INT32(dptr, euid); 1001155131Srwatson ADD_U_INT32(dptr, egid); 1002155131Srwatson ADD_U_INT32(dptr, ruid); 1003155131Srwatson ADD_U_INT32(dptr, rgid); 1004155131Srwatson ADD_U_INT32(dptr, pid); 1005155131Srwatson ADD_U_INT32(dptr, sid); 1006155131Srwatson ADD_U_INT32(dptr, tid->at_port); 1007155131Srwatson ADD_U_INT32(dptr, tid->at_type); 1008155131Srwatson ADD_U_INT32(dptr, tid->at_addr[0]); 1009155131Srwatson ADD_U_INT32(dptr, tid->at_addr[1]); 1010155131Srwatson ADD_U_INT32(dptr, tid->at_addr[2]); 1011155131Srwatson ADD_U_INT32(dptr, tid->at_addr[3]); 1012155131Srwatson 1013155131Srwatson return (t); 1014155131Srwatson} 1015155131Srwatson 1016155131Srwatsontoken_t * 1017155131Srwatsonau_to_subject64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 1018155131Srwatson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 1019155131Srwatson{ 1020155131Srwatson 1021155131Srwatson errno = ENOTSUP; 1022155131Srwatson return (NULL); 1023155131Srwatson} 1024155131Srwatson 1025155131Srwatsontoken_t * 1026155131Srwatsonau_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 1027155131Srwatson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 1028155131Srwatson{ 1029155131Srwatson 1030155131Srwatson return (au_to_subject32_ex(auid, euid, egid, ruid, rgid, pid, sid, 1031155131Srwatson tid)); 1032155131Srwatson} 1033155131Srwatson 1034155131Srwatson#if !defined(_KERNEL) && !defined(KERNEL) 1035155131Srwatson/* 1036155131Srwatson * Collects audit information for the current process 1037155131Srwatson * and creates a subject token from it 1038155131Srwatson */ 1039155131Srwatsontoken_t * 1040155131Srwatsonau_to_me(void) 1041155131Srwatson{ 1042155131Srwatson auditinfo_t auinfo; 1043155131Srwatson 1044155131Srwatson if (getaudit(&auinfo) != 0) 1045155131Srwatson return (NULL); 1046155131Srwatson 1047155131Srwatson return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(), 1048155131Srwatson getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid)); 1049155131Srwatson} 1050155131Srwatson#endif 1051155131Srwatson 1052155131Srwatson/* 1053155131Srwatson * token ID 1 byte 1054155131Srwatson * count 4 bytes 1055155131Srwatson * text count null-terminated strings 1056155131Srwatson */ 1057155131Srwatsontoken_t * 1058155131Srwatsonau_to_exec_args(const char **args) 1059155131Srwatson{ 1060155131Srwatson token_t *t; 1061155131Srwatson u_char *dptr = NULL; 1062155131Srwatson const char *nextarg; 1063155131Srwatson int i, count = 0; 1064155131Srwatson size_t totlen = 0; 1065155131Srwatson 1066155131Srwatson nextarg = *args; 1067155131Srwatson 1068155131Srwatson while (nextarg != NULL) { 1069155131Srwatson int nextlen; 1070155131Srwatson 1071155131Srwatson nextlen = strlen(nextarg); 1072155131Srwatson totlen += nextlen + 1; 1073155131Srwatson count++; 1074155131Srwatson nextarg = *(args + count); 1075155131Srwatson } 1076155131Srwatson 1077155131Srwatson totlen += count * sizeof(char); /* nul terminations. */ 1078155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); 1079155131Srwatson if (t == NULL) 1080155131Srwatson return (NULL); 1081155131Srwatson 1082155131Srwatson ADD_U_CHAR(dptr, AUT_EXEC_ARGS); 1083155131Srwatson ADD_U_INT32(dptr, count); 1084155131Srwatson 1085155131Srwatson for (i = 0; i < count; i++) { 1086155131Srwatson nextarg = *(args + i); 1087155131Srwatson ADD_MEM(dptr, nextarg, strlen(nextarg) + 1); 1088155131Srwatson } 1089155131Srwatson 1090155131Srwatson return (t); 1091155131Srwatson} 1092155131Srwatson 1093155131Srwatson/* 1094155131Srwatson * token ID 1 byte 1095155131Srwatson * count 4 bytes 1096155131Srwatson * text count null-terminated strings 1097155131Srwatson */ 1098155131Srwatsontoken_t * 1099155131Srwatsonau_to_exec_env(const char **env) 1100155131Srwatson{ 1101155131Srwatson token_t *t; 1102155131Srwatson u_char *dptr = NULL; 1103155131Srwatson int i, count = 0; 1104155131Srwatson size_t totlen = 0; 1105155131Srwatson const char *nextenv; 1106155131Srwatson 1107155131Srwatson nextenv = *env; 1108155131Srwatson 1109155131Srwatson while (nextenv != NULL) { 1110155131Srwatson int nextlen; 1111155131Srwatson 1112155131Srwatson nextlen = strlen(nextenv); 1113155131Srwatson totlen += nextlen + 1; 1114155131Srwatson count++; 1115155131Srwatson nextenv = *(env + count); 1116155131Srwatson } 1117155131Srwatson 1118155131Srwatson totlen += sizeof(char) * count; 1119155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); 1120155131Srwatson if (t == NULL) 1121155131Srwatson return (NULL); 1122155131Srwatson 1123155131Srwatson ADD_U_CHAR(dptr, AUT_EXEC_ENV); 1124155131Srwatson ADD_U_INT32(dptr, count); 1125155131Srwatson 1126155131Srwatson for (i = 0; i < count; i++) { 1127155131Srwatson nextenv = *(env + i); 1128155131Srwatson ADD_MEM(dptr, nextenv, strlen(nextenv) + 1); 1129155131Srwatson } 1130155131Srwatson 1131155131Srwatson return (t); 1132155131Srwatson} 1133155131Srwatson 1134155131Srwatson/* 1135155131Srwatson * token ID 1 byte 1136155131Srwatson * record byte count 4 bytes 1137155131Srwatson * version # 1 byte [2] 1138155131Srwatson * event type 2 bytes 1139155131Srwatson * event modifier 2 bytes 1140155131Srwatson * seconds of time 4 bytes/8 bytes (32-bit/64-bit value) 1141155131Srwatson * milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value) 1142155131Srwatson */ 1143155131Srwatsontoken_t * 1144155131Srwatson#if defined(KERNEL) || defined(_KERNEL) 1145155131Srwatsonau_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod, 1146155131Srwatson struct timeval tm) 1147155131Srwatson#else 1148155131Srwatsonau_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod) 1149155131Srwatson#endif 1150155131Srwatson{ 1151155131Srwatson token_t *t; 1152155131Srwatson u_char *dptr = NULL; 1153155131Srwatson u_int32_t timems; 1154155131Srwatson#if !defined(KERNEL) && !defined(_KERNEL) 1155155131Srwatson struct timeval tm; 1156155131Srwatson struct timezone tzp; 1157155131Srwatson 1158155131Srwatson if (gettimeofday(&tm, &tzp) == -1) 1159155131Srwatson return (NULL); 1160155131Srwatson#endif 1161155131Srwatson 1162155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + 1163155131Srwatson sizeof(u_char) + 2 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t)); 1164155131Srwatson if (t == NULL) 1165155131Srwatson return (NULL); 1166155131Srwatson 1167155131Srwatson ADD_U_CHAR(dptr, AUT_HEADER32); 1168155131Srwatson ADD_U_INT32(dptr, rec_size); 1169155131Srwatson ADD_U_CHAR(dptr, HEADER_VERSION); 1170155131Srwatson ADD_U_INT16(dptr, e_type); 1171155131Srwatson ADD_U_INT16(dptr, e_mod); 1172155131Srwatson 1173155131Srwatson timems = tm.tv_usec/1000; 1174155131Srwatson /* Add the timestamp */ 1175155131Srwatson ADD_U_INT32(dptr, tm.tv_sec); 1176155131Srwatson ADD_U_INT32(dptr, timems); /* We need time in ms. */ 1177155131Srwatson 1178155131Srwatson return (t); 1179155131Srwatson} 1180155131Srwatson 1181155131Srwatsontoken_t * 1182155131Srwatsonau_to_header64(__unused int rec_size, __unused au_event_t e_type, 1183155131Srwatson __unused au_emod_t e_mod) 1184155131Srwatson{ 1185155131Srwatson 1186155131Srwatson errno = ENOTSUP; 1187155131Srwatson return (NULL); 1188155131Srwatson} 1189155131Srwatson 1190155131Srwatsontoken_t * 1191155131Srwatsonau_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod) 1192155131Srwatson{ 1193155131Srwatson 1194155131Srwatson return (au_to_header32(rec_size, e_type, e_mod)); 1195155131Srwatson} 1196155131Srwatson 1197155131Srwatson/* 1198155131Srwatson * token ID 1 byte 1199155131Srwatson * trailer magic number 2 bytes 1200155131Srwatson * record byte count 4 bytes 1201155131Srwatson */ 1202155131Srwatsontoken_t * 1203155131Srwatsonau_to_trailer(int rec_size) 1204155131Srwatson{ 1205155131Srwatson token_t *t; 1206155131Srwatson u_char *dptr = NULL; 1207155131Srwatson u_int16_t magic = TRAILER_PAD_MAGIC; 1208155131Srwatson 1209155131Srwatson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + 1210155131Srwatson sizeof(u_int32_t)); 1211155131Srwatson if (t == NULL) 1212155131Srwatson return (NULL); 1213155131Srwatson 1214155131Srwatson ADD_U_CHAR(dptr, AUT_TRAILER); 1215155131Srwatson ADD_U_INT16(dptr, magic); 1216155131Srwatson ADD_U_INT32(dptr, rec_size); 1217155131Srwatson 1218155131Srwatson return (t); 1219155131Srwatson} 1220