bsm_domain.c revision 302408 
1/*-
2 * Copyright (c) 2008 Apple Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1.  Redistributions of source code must retain the above copyright
9 *     notice, this list of conditions and the following disclaimer.
10 * 2.  Redistributions in binary form must reproduce the above copyright
11 *     notice, this list of conditions and the following disclaimer in the
12 *     documentation and/or other materials provided with the distribution.
13 * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
14 *     its contributors may be used to endorse or promote products derived
15 *     from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 * POSSIBILITY OF SUCH DAMAGE.
28 */
29
30#include <sys/cdefs.h>
31__FBSDID("$FreeBSD: stable/11/sys/security/audit/bsm_domain.c 292522 2015-12-20 23:22:04Z brueffer $");
32
33#include <sys/param.h>
34#include <sys/socket.h>
35
36#include <security/audit/audit.h>
37
38#include <bsm/audit_domain.h>
39#include <bsm/audit_record.h>
40
41struct bsm_domain {
42	u_short	bd_bsm_domain;
43	int	bd_local_domain;
44};
45
46#define	PF_NO_LOCAL_MAPPING	-600
47
48static const struct bsm_domain bsm_domains[] = {
49	{ BSM_PF_UNSPEC, PF_UNSPEC },
50	{ BSM_PF_LOCAL, PF_LOCAL },
51	{ BSM_PF_INET, PF_INET },
52	{ BSM_PF_IMPLINK,
53#ifdef PF_IMPLINK
54	PF_IMPLINK
55#else
56	PF_NO_LOCAL_MAPPING
57#endif
58	},
59	{ BSM_PF_PUP,
60#ifdef PF_PUP
61	PF_PUP
62#else
63	PF_NO_LOCAL_MAPPING
64#endif
65	},
66	{ BSM_PF_CHAOS,
67#ifdef PF_CHAOS
68	PF_CHAOS
69#else
70	PF_NO_LOCAL_MAPPING
71#endif
72	},
73	{ BSM_PF_NS,
74#ifdef PF_NS
75	PF_NS
76#else
77	PF_NO_LOCAL_MAPPING
78#endif
79	},
80	{ BSM_PF_NBS,
81#ifdef PF_NBS
82	PF_NBS
83#else
84	PF_NO_LOCAL_MAPPING
85#endif
86	},
87	{ BSM_PF_ECMA,
88#ifdef PF_ECMA
89	PF_ECMA
90#else
91	PF_NO_LOCAL_MAPPING
92#endif
93	},
94	{ BSM_PF_DATAKIT,
95#ifdef PF_DATAKIT
96	PF_DATAKIT
97#else
98	PF_NO_LOCAL_MAPPING
99#endif
100	},
101	{ BSM_PF_CCITT,
102#ifdef PF_CCITT
103	PF_CCITT
104#else
105	PF_NO_LOCAL_MAPPING
106#endif
107	},
108	{ BSM_PF_SNA, PF_SNA },
109	{ BSM_PF_DECnet, PF_DECnet },
110	{ BSM_PF_DLI,
111#ifdef PF_DLI
112	PF_DLI
113#else
114	PF_NO_LOCAL_MAPPING
115#endif
116	},
117	{ BSM_PF_LAT,
118#ifdef PF_LAT
119	PF_LAT
120#else
121	PF_NO_LOCAL_MAPPING
122#endif
123	},
124	{ BSM_PF_HYLINK,
125#ifdef PF_HYLINK
126	PF_HYLINK
127#else
128	PF_NO_LOCAL_MAPPING
129#endif
130	},
131	{ BSM_PF_APPLETALK, PF_APPLETALK },
132	{ BSM_PF_NIT,
133#ifdef PF_NIT
134	PF_NIT
135#else
136	PF_NO_LOCAL_MAPPING
137#endif
138	},
139	{ BSM_PF_802,
140#ifdef PF_802
141	PF_802
142#else
143	PF_NO_LOCAL_MAPPING
144#endif
145	},
146	{ BSM_PF_OSI,
147#ifdef PF_OSI
148	PF_OSI
149#else
150	PF_NO_LOCAL_MAPPING
151#endif
152	},
153	{ BSM_PF_X25,
154#ifdef PF_X25
155	PF_X25
156#else
157	PF_NO_LOCAL_MAPPING
158#endif
159	},
160	{ BSM_PF_OSINET,
161#ifdef PF_OSINET
162	PF_OSINET
163#else
164	PF_NO_LOCAL_MAPPING
165#endif
166	},
167	{ BSM_PF_GOSIP,
168#ifdef PF_GOSIP
169	PF_GOSIP
170#else
171	PF_NO_LOCAL_MAPPING
172#endif
173	},
174	{ BSM_PF_IPX, PF_IPX },
175	{ BSM_PF_ROUTE, PF_ROUTE },
176	{ BSM_PF_LINK,
177#ifdef PF_LINK
178	PF_LINK
179#else
180	PF_NO_LOCAL_MAPPING
181#endif
182	},
183	{ BSM_PF_INET6, PF_INET6 },
184	{ BSM_PF_KEY, PF_KEY },
185	{ BSM_PF_NCA,
186#ifdef PF_NCA
187	PF_NCA
188#else
189	PF_NO_LOCAL_MAPPING
190#endif
191	},
192	{ BSM_PF_POLICY,
193#ifdef PF_POLICY
194	PF_POLICY
195#else
196	PF_NO_LOCAL_MAPPING
197#endif
198	},
199	{ BSM_PF_INET_OFFLOAD,
200#ifdef PF_INET_OFFLOAD
201	PF_INET_OFFLOAD
202#else
203	PF_NO_LOCAL_MAPPING
204#endif
205	},
206	{ BSM_PF_NETBIOS,
207#ifdef PF_NETBIOS
208	PF_NETBIOS
209#else
210	PF_NO_LOCAL_MAPPING
211#endif
212	},
213	{ BSM_PF_ISO,
214#ifdef PF_ISO
215	PF_ISO
216#else
217	PF_NO_LOCAL_MAPPING
218#endif
219	},
220	{ BSM_PF_XTP,
221#ifdef PF_XTP
222	PF_XTP
223#else
224	PF_NO_LOCAL_MAPPING
225#endif
226	},
227	{ BSM_PF_COIP,
228#ifdef PF_COIP
229	PF_COIP
230#else
231	PF_NO_LOCAL_MAPPING
232#endif
233	},
234	{ BSM_PF_CNT,
235#ifdef PF_CNT
236	PF_CNT
237#else
238	PF_NO_LOCAL_MAPPING
239#endif
240	},
241	{ BSM_PF_RTIP,
242#ifdef PF_RTIP
243	PF_RTIP
244#else
245	PF_NO_LOCAL_MAPPING
246#endif
247	},
248	{ BSM_PF_SIP,
249#ifdef PF_SIP
250	PF_SIP
251#else
252	PF_NO_LOCAL_MAPPING
253#endif
254	},
255	{ BSM_PF_PIP,
256#ifdef PF_PIP
257	PF_PIP
258#else
259	PF_NO_LOCAL_MAPPING
260#endif
261	},
262	{ BSM_PF_ISDN,
263#ifdef PF_ISDN
264	PF_ISDN
265#else
266	PF_NO_LOCAL_MAPPING
267#endif
268	},
269	{ BSM_PF_E164,
270#ifdef PF_E164
271	PF_E164
272#else
273	PF_NO_LOCAL_MAPPING
274#endif
275	},
276	{ BSM_PF_NATM,
277#ifdef PF_NATM
278	PF_NATM
279#else
280	PF_NO_LOCAL_MAPPING
281#endif
282	},
283	{ BSM_PF_ATM,
284#ifdef PF_ATM
285	PF_ATM
286#else
287	PF_NO_LOCAL_MAPPING
288#endif
289	},
290	{ BSM_PF_NETGRAPH,
291#ifdef PF_NETGRAPH
292	PF_NETGRAPH
293#else
294	PF_NO_LOCAL_MAPPING
295#endif
296	},
297	{ BSM_PF_SLOW,
298#ifdef PF_SLOW
299	PF_SLOW
300#else
301	PF_NO_LOCAL_MAPPING
302#endif
303	},
304	{ BSM_PF_SCLUSTER,
305#ifdef PF_SCLUSTER
306	PF_SCLUSTER
307#else
308	PF_NO_LOCAL_MAPPING
309#endif
310	},
311	{ BSM_PF_ARP,
312#ifdef PF_ARP
313	PF_ARP
314#else
315	PF_NO_LOCAL_MAPPING
316#endif
317	},
318	{ BSM_PF_BLUETOOTH,
319#ifdef PF_BLUETOOTH
320	PF_BLUETOOTH
321#else
322	PF_NO_LOCAL_MAPPING
323#endif
324	},
325	{ BSM_PF_AX25,
326#ifdef PF_AX25
327	PF_AX25
328#else
329	PF_NO_LOCAL_MAPPING
330#endif
331	},
332	{ BSM_PF_ROSE,
333#ifdef PF_ROSE
334	PF_ROSE
335#else
336	PF_NO_LOCAL_MAPPING
337#endif
338	},
339	{ BSM_PF_NETBEUI,
340#ifdef PF_NETBEUI
341	PF_NETBEUI
342#else
343	PF_NO_LOCAL_MAPPING
344#endif
345	},
346	{ BSM_PF_SECURITY,
347#ifdef PF_SECURITY
348	PF_SECURITY
349#else
350	PF_NO_LOCAL_MAPPING
351#endif
352	},
353	{ BSM_PF_PACKET,
354#ifdef PF_PACKET
355	PF_PACKET
356#else
357	PF_NO_LOCAL_MAPPING
358#endif
359	},
360	{ BSM_PF_ASH,
361#ifdef PF_ASH
362	PF_ASH
363#else
364	PF_NO_LOCAL_MAPPING
365#endif
366	},
367	{ BSM_PF_ECONET,
368#ifdef PF_ECONET
369	PF_ECONET
370#else
371	PF_NO_LOCAL_MAPPING
372#endif
373	},
374	{ BSM_PF_ATMSVC,
375#ifdef PF_ATMSVC
376	PF_ATMSVC
377#else
378	PF_NO_LOCAL_MAPPING
379#endif
380	},
381	{ BSM_PF_IRDA,
382#ifdef PF_IRDA
383	PF_IRDA
384#else
385	PF_NO_LOCAL_MAPPING
386#endif
387	},
388	{ BSM_PF_PPPOX,
389#ifdef PF_PPPOX
390	PF_PPPOX
391#else
392	PF_NO_LOCAL_MAPPING
393#endif
394	},
395	{ BSM_PF_WANPIPE,
396#ifdef PF_WANPIPE
397	PF_WANPIPE
398#else
399	PF_NO_LOCAL_MAPPING
400#endif
401	},
402	{ BSM_PF_LLC,
403#ifdef PF_LLC
404	PF_LLC
405#else
406	PF_NO_LOCAL_MAPPING
407#endif
408	},
409	{ BSM_PF_CAN,
410#ifdef PF_CAN
411	PF_CAN
412#else
413	PF_NO_LOCAL_MAPPING
414#endif
415	},
416	{ BSM_PF_TIPC,
417#ifdef PF_TIPC
418	PF_TIPC
419#else
420	PF_NO_LOCAL_MAPPING
421#endif
422	},
423	{ BSM_PF_IUCV,
424#ifdef PF_IUCV
425	PF_IUCV
426#else
427	PF_NO_LOCAL_MAPPING
428#endif
429	},
430	{ BSM_PF_RXRPC,
431#ifdef PF_RXRPC
432	PF_RXRPC
433#else
434	PF_NO_LOCAL_MAPPING
435#endif
436	},
437	{ BSM_PF_PHONET,
438#ifdef PF_PHONET
439	PF_PHONET
440#else
441	PF_NO_LOCAL_MAPPING
442#endif
443	},
444};
445static const int bsm_domains_count = sizeof(bsm_domains) /
446	    sizeof(bsm_domains[0]);
447
448static const struct bsm_domain *
449bsm_lookup_local_domain(int local_domain)
450{
451	int i;
452
453	for (i = 0; i < bsm_domains_count; i++) {
454		if (bsm_domains[i].bd_local_domain == local_domain)
455			return (&bsm_domains[i]);
456	}
457	return (NULL);
458}
459
460u_short
461au_domain_to_bsm(int local_domain)
462{
463	const struct bsm_domain *bstp;
464
465	bstp = bsm_lookup_local_domain(local_domain);
466	if (bstp == NULL)
467		return (BSM_PF_UNKNOWN);
468	return (bstp->bd_bsm_domain);
469}
470
471static const struct bsm_domain *
472bsm_lookup_bsm_domain(u_short bsm_domain)
473{
474	int i;
475
476	for (i = 0; i < bsm_domains_count; i++) {
477		if (bsm_domains[i].bd_bsm_domain == bsm_domain)
478			return (&bsm_domains[i]);
479	}
480	return (NULL);
481}
482
483int
484au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
485{
486	const struct bsm_domain *bstp;
487
488	bstp = bsm_lookup_bsm_domain(bsm_domain);
489	if (bstp == NULL || bstp->bd_local_domain)
490		return (-1);
491	*local_domainp = bstp->bd_local_domain;
492	return (0);
493}
494