1#!/usr/sbin/dtrace -qs 2# 3# 4# 5self unsigned char *cdhash; 6 7syspolicy*:::assess-* 8{ 9 self->cdhash = 0; 10} 11 12self string type; 13syspolicy*:::assess-outcome-* { self->type = "???"; } 14syspolicy*:::assess-outcome-* / arg1 == 1 / { self->type = "execute"; } 15syspolicy*:::assess-outcome-* / arg1 == 2 / { self->type = "install"; } 16syspolicy*:::assess-outcome-* / arg1 == 3 / { self->type = "open"; } 17 18syspolicy*:::assess-outcome-accept 19{ 20 printf("accept %s %s;%s", self->type, copyinstr(arg0), copyinstr(arg2)); 21 self->cdhash = copyin(arg3, 20); 22} 23 24syspolicy*:::assess-outcome-deny 25{ 26 printf("deny %s %s;%s", self->type, copyinstr(arg0), copyinstr(arg2)); 27 self->cdhash = copyin(arg3, 20); 28} 29 30syspolicy*:::assess-outcome-default 31{ 32 printf("default %s %s;%s", self->type, copyinstr(arg0), copyinstr(arg2)); 33 self->cdhash = copyin(arg3, 20); 34} 35 36syspolicy*:::assess-outcome-unsigned 37{ 38 printf("unsigned %s %s;", self->type, copyinstr(arg0)); 39} 40 41syspolicy*:::assess-* 42/ self->cdhash / 43{ 44 printf(";%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x%02.2x", 45 self->cdhash[0], self->cdhash[1], self->cdhash[2], self->cdhash[3], self->cdhash[4], 46 self->cdhash[5], self->cdhash[6], self->cdhash[7], self->cdhash[8], self->cdhash[9], 47 self->cdhash[10], self->cdhash[11], self->cdhash[12], self->cdhash[13], self->cdhash[14], 48 self->cdhash[15], self->cdhash[16], self->cdhash[17], self->cdhash[18], self->cdhash[19]); 49} 50 51syspolicy*:::assess-* 52{ 53 printf("\n"); 54} 55