PERFORCE change 127637 for review

[Robert Watson]

http://perforce.freebsd.org/chv.cgi?CH=127637

Change 127637 by rwatson at rwatson_fledge on 2007/10/17 22:02:42

	Remove compile-time audit class constants--audit classes are
	determined at run-time using the audit_class database.  In the one
	case where the constants were actually used, AU_NULL, simply use 0
	to indicate that no flags are set.  This change will need to be
	propagated into the kernel BSM code also.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/HISTORY#57 edit
.. //depot/projects/trustedbsd/openbsm/bsm/audit.h#23 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_event.c#13 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/HISTORY#57 (text+ko) ====

@@ -1,5 +1,9 @@
+OpenBSM 1.0
+
 - Fix bug in auditreduce(8) which resulted in a memory fault/crash when
   the user specified an event name with -m.
+- Remove AU_.* hard-coded audit class constants, as udit classes are now
+  entirely dynamically configured using /etc/security/audit_class.
 
 OpenBSM 1.0 alpha 15
 
@@ -298,4 +302,4 @@
   to support reloading of kernel event table.
 - Allow comments in /etc/security configuration files.
 
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#56 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#57 $

==== //depot/projects/trustedbsd/openbsm/bsm/audit.h#23 (text+ko) ====

@@ -26,7 +26,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#22 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#23 $
  */
 
 #ifndef _BSM_AUDIT_H
@@ -62,44 +62,6 @@
 #define	AU_DEFAUDITID	-1
 
 /*
- * Define the masks for the classes of audit events.
- */
-#define	AU_NULL		0x00000000
-#define	AU_FREAD	0x00000001
-#define	AU_FWRITE	0x00000002
-#define	AU_FACCESS	0x00000004
-#define	AU_FMODIFY	0x00000008
-#define	AU_FCREATE	0x00000010
-#define	AU_FDELETE	0x00000020
-#define	AU_CLOSE	0x00000040
-#define	AU_PROCESS	0x00000080
-#define	AU_NET		0x00000100
-#define	AU_IPC		0x00000200
-#define	AU_NONAT	0x00000400
-#define	AU_ADMIN	0x00000800
-#define	AU_LOGIN	0x00001000
-#define	AU_TFM		0x00002000
-#define	AU_APPL		0x00004000
-#define	AU_SETL		0x00008000
-#define	AU_IFLOAT	0x00010000
-#define	AU_PRIV		0x00020000
-#define	AU_MAC_RW	0x00040000
-#define	AU_XCONN	0x00080000
-#define	AU_XCREATE	0x00100000
-#define	AU_XDELETE	0x00200000
-#define	AU_XIFLOAT	0x00400000
-#define	AU_XPRIVS	0x00800000
-#define	AU_XPRIVF	0x01000000
-#define	AU_XMOVE	0x02000000
-#define	AU_XDACF	0x04000000
-#define	AU_XMACF	0x08000000
-#define	AU_XSECATTR	0x10000000
-#define	AU_IOCTL	0x20000000
-#define	AU_EXEC		0x40000000
-#define	AU_OTHER	0x80000000
-#define	AU_ALL		0xffffffff
-
-/*
  * IPC types.
  */
 #define	AT_IPC_MSG	((u_char)1)	/* Message IPC id. */

==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_event.c#13 (text+ko) ====

@@ -27,7 +27,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_event.c#12 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_event.c#13 $
  */
 
 #include <bsm/libbsm.h>
@@ -83,11 +83,11 @@
 	 */
 	if (evclass != NULL) {
 		if (getauditflagsbin(evclass, &evmask) != 0)
-			e->ae_class = AU_NULL;
+			e->ae_class = 0;
 		else
 			e->ae_class = evmask.am_success;
 	} else
-		e->ae_class = AU_NULL;
+		e->ae_class = 0;
 
 	return (e);
 }