PERFORCE change 158608 for review
Stacey Son
sson at FreeBSD.org
Mon Mar 2 17:52:07 PST 2009
http://perforce.freebsd.org/chv.cgi?CH=158608
Change 158608 by sson at sson_amd64 on 2009/03/03 01:51:56
Add wrapper functions for auditon(2) that will revert back to using
old commands if new commands are not supported.
Fix au_poltostr() and au_strtopol() to int instead of long for the
'policy' argument.
Fix typo in auditpinfo and auditpinfo_addr struct.
Add prototypes for audit_session_self() and audit_session_join().
Affected files ...
.. //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 edit
.. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#45 edit
.. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 edit
.. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 edit
.. //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#43 edit
.. //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#9 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#30 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#30 edit
.. //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#7 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 (text+ko) ====
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#14 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@@ -54,7 +54,7 @@
#include <unistd.h>
-static int send_trigger(unsigned int);
+static int send_trigger(int);
#ifdef USE_MACH_IPC
#include <mach/mach.h>
@@ -79,7 +79,7 @@
#endif
static int
-send_trigger(unsigned int trigger)
+send_trigger(int trigger)
{
mach_port_t serverPort;
kern_return_t error;
@@ -107,11 +107,11 @@
#else /* ! USE_MACH_IPC */
static int
-send_trigger(unsigned int trigger)
+send_trigger(int trigger)
{
int error;
- error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger));
+ error = audit_send_trigger(&trigger);
if (error != 0) {
if (error == EPERM)
perror("audit requires root privileges");
==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#45 (text+ko) ====
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#44 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#45 $
*/
#include <sys/types.h>
@@ -357,7 +357,7 @@
/* Flush contents. */
cond = AUC_DISABLED;
- err_ret = auditon(A_SETCOND, &cond, sizeof(cond));
+ err_ret = audit_set_cond(&cond);
if (err_ret != 0) {
auditd_log_err("Disabling audit failed! : %s", strerror(errno));
err_ret = 1;
==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 (text+ko) ====
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#4 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 $
*/
#include <sys/types.h>
@@ -180,7 +180,7 @@
{
int au_cond;
- if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) {
+ if (audit_get_cond(&au_cond) < 0) {
if (errno != ENOSYS) {
auditd_log_err("Audit status check failed (%s)",
strerror(errno));
==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 (text+ko) ====
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#3 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 $
*/
#include <sys/types.h>
@@ -135,7 +135,7 @@
{
int au_cond;
- if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) {
+ if (audit_get_cond(&au_cond) < 0) {
if (errno != ENOSYS) {
auditd_log_err("Audit status check failed (%s)",
strerror(errno));
==== //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#43 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#42 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#43 $
*/
#ifndef _LIBBSM_H_
@@ -773,8 +773,8 @@
int verbose);
int au_preselect(au_event_t event, au_mask_t *mask_p,
int sorf, int flag);
-ssize_t au_poltostr(long policy, size_t maxsize, char *buf);
-int au_strtopol(const char *polstr, long *policy);
+ssize_t au_poltostr(int policy, size_t maxsize, char *buf);
+int au_strtopol(const char *polstr, int *policy);
/*
* Functions relating to querying audit event information.
@@ -1262,6 +1262,33 @@
au_tid_t *tidp);
#endif /* !__APPLE__ */
+/*
+ * Wrapper functions to auditon(2).
+ */
+int audit_get_car(char *path, size_t sz);
+int audit_get_class(au_evclass_map_t *evc_map, size_t sz);
+int audit_set_class(au_evclass_map_t *evc_map, size_t sz);
+int audit_get_cond(int *cond);
+int audit_set_cond(int *cond);
+int audit_get_cwd(char *path, size_t sz);
+int audit_get_fsize(au_fstat_t *fstat, size_t sz);
+int audit_set_fsize(au_fstat_t *fstat, size_t sz);
+int audit_get_kmask(au_mask_t *kmask, size_t sz);
+int audit_set_kmask(au_mask_t *kmask, size_t sz);
+int audit_get_kaudit(auditinfo_addr_t *aia, size_t sz);
+int audit_set_kaudit(auditinfo_addr_t *aia, size_t sz);
+int audit_set_pmask(auditpinfo_t *api, size_t sz);
+int audit_get_pinfo(auditpinfo_t *api, size_t sz);
+int audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz);
+int audit_get_policy(int *policy);
+int audit_set_policy(int *policy);
+int audit_get_qctrl(au_qctrl_t *qctrl, size_t sz);
+int audit_set_qctrl(au_qctrl_t *qctrl, size_t sz);
+int audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz);
+int audit_get_stat(au_stat_t *stats, size_t sz);
+int audit_set_stat(au_stat_t *stats, size_t sz);
+int audit_send_trigger(int *trigger);
+
__END_DECLS
#endif /* !_LIBBSM_H_ */
==== //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#9 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#8 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#9 $
*/
#include <sys/param.h>
@@ -247,7 +247,7 @@
*/
bzero(&aia, sizeof(aia));
aia.ai_termid.at_type = AU_IPv4;
- error = auditon(A_SETKAUDIT, &aia, sizeof(aia));
+ error = audit_set_kaudit(&aia, sizeof(aia));
if (error < 0 && errno != ENOSYS)
ret = ADE_AUDITON;
return (ret);
@@ -277,7 +277,7 @@
return (ADE_ADDRFAM);
}
- if (auditon(A_SETKAUDIT, &aia, sizeof(aia)) < 0)
+ if (audit_set_kaudit(&aia, sizeof(aia)) < 0)
ret = ADE_AUDITON;
return (ret);
@@ -298,12 +298,12 @@
if (getacmin(&auditd_minval) != 0)
return (ADE_PARSE);
- if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0)
+ if (audit_get_qctrl(&qctrl, sizeof(qctrl)) != 0)
return (ADE_AUDITON);
if (qctrl.aq_minfree != auditd_minval) {
qctrl.aq_minfree = auditd_minval;
- if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0)
+ if (audit_set_qctrl(&qctrl, sizeof(qctrl)) != 0)
return (ADE_AUDITON);
}
@@ -687,7 +687,7 @@
while ((evp = getauevent_r(evp)) != NULL) {
evc_map.ec_number = evp->ae_number;
evc_map.ec_class = evp->ae_class;
- if (auditon(A_SETCLASS, &evc_map, sizeof(evc_map)) == 0)
+ if (audit_set_class(&evc_map, sizeof(evc_map)) == 0)
ctr++;
}
endauevent();
@@ -713,7 +713,7 @@
(getauditflagsbin(naeventstr, &aumask) != 0))
return (ADE_PARSE);
- if (auditon(A_SETKMASK, &aumask, sizeof(aumask)))
+ if (audit_set_kmask(&aumask, sizeof(aumask)) != 0)
return (ADE_AUDITON);
return (ADE_NOERR);
@@ -737,12 +737,12 @@
if ((getacpol(polstr, POL_STR_SIZE) != 0) ||
(au_strtopol(polstr, &policy) != 0)) {
policy = AUDIT_CNT;
- if (auditon(A_SETPOLICY, &policy, sizeof(policy)))
+ if (audit_set_policy(&policy) != 0)
return (ADE_AUDITON);
return (ADE_PARSE);
}
- if (auditon(A_SETPOLICY, &policy, sizeof(policy)))
+ if (audit_set_policy(&policy) != 0)
return (ADE_AUDITON);
return (ADE_NOERR);
@@ -768,7 +768,7 @@
bzero(&au_fstat, sizeof(au_fstat));
au_fstat.af_filesz = filesz;
- if (auditon(A_SETFSIZE, &au_fstat, sizeof(au_fstat)) < 0)
+ if (audit_set_fsize(&au_fstat, sizeof(au_fstat)) != 0)
return (ADE_AUDITON);
return (ADE_NOERR);
@@ -1133,7 +1133,7 @@
/*
* Auditing already disabled?
*/
- if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0)
+ if (audit_get_cond(&cond) != 0)
return (-1);
if (cond == AUC_NOAUDIT)
return (0);
@@ -1147,7 +1147,7 @@
* Shutdown auditing in the kernel.
*/
cond = AUC_DISABLED;
- if (auditon(A_SETCOND, &cond, sizeof(cond)) != 0)
+ if (audit_set_cond(&cond) != 0)
return (-1);
#ifdef __BSM_INTERNAL_NOTIFY_KEY
notify_post(__BSM_INTERNAL_NOTIFY_KEY);
==== //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#10 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 $
.\"
.Dd April 19, 2005
.Dt AU_CONTROL 3
@@ -64,9 +64,9 @@
.Ft int
.Fn getacpol "char *auditstr" "size_t len"
.Ft ssize_t
-.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
+.Fn au_poltostr "int policy" "size_t maxsize" "char *buf"
.Ft int
-.Fn au_strtopol "const char *polstr" "long *policy"
+.Fn au_strtopol "const char *polstr" "int *policy"
.Sh DESCRIPTION
These interfaces may be used to look up information from the
.Xr audit_control 5
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 (text+ko) ====
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#35 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 $
*/
#include <sys/types.h>
@@ -237,7 +237,7 @@
*/
aia.ai_termid.at_type = AU_IPv4;
aia.ai_termid.at_addr[0] = INADDR_ANY;
- if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) {
+ if (audit_get_kaudit(&aia, sizeof(aia)) != 0) {
if (errno != ENOSYS && errno != EPERM)
return (-1);
#endif /* HAVE_AUDIT_SYSCALLS */
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#30 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2004, 2009 Apple Inc.
+ * Copyright (c) 2004,2009 Apple Inc.
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
@@ -27,7 +27,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#29 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#30 $
*/
#include <config/config.h>
@@ -220,7 +220,7 @@
* nul).
*/
ssize_t
-au_poltostr(long policy, size_t maxsize, char *buf)
+au_poltostr(int policy, size_t maxsize, char *buf)
{
int first = 1;
int i = 0;
@@ -248,7 +248,7 @@
* ENOMEM) or 0 on success.
*/
int
-au_strtopol(const char *polstr, long *policy)
+au_strtopol(const char *polstr, int *policy)
{
char *bufp, *string;
char *buffer;
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#16 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 $
*/
/*
@@ -77,7 +77,7 @@
return (status);
#endif
- if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) {
+ if (audit_get_cond(&au_cond) != 0) {
syslog(LOG_ERR, "Initial audit status check failed (%s)",
strerror(errno));
if (errno == ENOSYS) /* auditon() unimplemented. */
@@ -137,7 +137,7 @@
return (au_cond);
#endif
- if (auditon(A_GETCOND, &au_cond, sizeof(au_cond)) < 0) {
+ if (audit_get_cond(&au_cond) != 0) {
/* XXX Reset au_cond to AUC_UNSET? */
syslog(LOG_ERR, "Audit status check failed (%s)",
strerror(errno));
@@ -167,7 +167,7 @@
#else
int cond;
- if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0) {
+ if (audit_get_cond(&cond) != 0) {
if (errno != ENOSYS) {
syslog(LOG_ERR, "Audit status check failed (%s)",
strerror(errno));
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 (text+ko) ====
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 $
*/
#include <sys/types.h>
@@ -1503,7 +1503,7 @@
if (gettimeofday(&tm, NULL) == -1)
return (NULL);
- if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) {
+ if (audit_get_kaudit(&aia, sizeof(aia)) != 0) {
if (errno != ENOSYS)
return (NULL);
return (au_to_header32_tm(rec_size, e_type, e_mod, tm));
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#30 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#29 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#30 $
*/
#ifdef __APPLE__
@@ -71,7 +71,7 @@
struct auditinfo_addr aia;
au_tid_t atid;
- if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) {
+ if (audit_get_cond(&acond) != 0) {
/*
* If auditon(2) returns ENOSYS, then audit has not been
* compiled into the kernel, so just return.
@@ -488,3 +488,336 @@
}
}
#endif /* !__APPLE__ */
+
+int
+audit_get_cond(int *cond)
+{
+ int ret;
+
+ ret = auditon(A_GETCOND, cond, sizeof(*cond));
+#ifdef A_OLDGETCOND
+ if ((0 != ret) && EINVAL == errno) {
+ long lcond = *cond;
+
+ ret = auditon(A_OLDGETCOND, &lcond, sizeof(lcond));
+ *cond = (int)lcond;
+ }
+#endif
+ return (ret);
+}
+
+int
+audit_set_cond(int *cond)
+{
+ int ret;
+
+ ret = auditon(A_SETCOND, cond, sizeof(*cond));
+#ifdef A_OLDSETCOND
+ if ((0 != ret) && (EINVAL == errno)) {
+ long lcond = (long)*cond;
+
+ ret = auditon(A_OLDSETCOND, &lcond, sizeof(lcond));
+ *cond = (int)lcond;
+ }
+#endif
+ return (ret);
+}
+
+int
+audit_get_policy(int *policy)
+{
+ int ret;
+
+ ret = auditon(A_GETPOLICY, policy, sizeof(*policy));
+#ifdef A_OLDGETPOLICY
+ if ((0 != ret) && (EINVAL == errno)){
+ long lpolicy = (long)*policy;
+
+ ret = auditon(A_OLDGETPOLICY, &lpolicy, sizeof(lpolicy));
+ *policy = (int)lpolicy;
+ }
+#endif
+ return (ret);
+}
+
+int
+audit_set_policy(int *policy)
+{
+ int ret;
+
+ ret = auditon(A_SETPOLICY, policy, sizeof(*policy));
+#ifdef A_OLDSETPOLICY
+ if ((0 != ret) && (EINVAL == errno)){
+ long lpolicy = (long)*policy;
+
+ ret = auditon(A_OLDSETPOLICY, &lpolicy, sizeof(lpolicy));
+ *policy = (int)lpolicy;
+ }
+#endif
+ return (ret);
+}
+
+int
+audit_get_qctrl(au_qctrl_t *qctrl, size_t sz)
+{
+ int ret;
+
+ if (sizeof(*qctrl) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ ret = auditon(A_GETQCTRL, qctrl, sizeof(*qctrl));
+#ifdef A_OLDGETQCTRL
+ if ((0 != ret) && (EINVAL == errno)){
+ struct old_qctrl {
+ size_t oq_hiwater;
+ size_t oq_lowater;
+ size_t oq_bufsz;
+ clock_t oq_delay;
+ int oq_minfree;
+ } oq;
+
+ oq.oq_hiwater = (size_t)qctrl->aq_hiwater;
+ oq.oq_lowater = (size_t)qctrl->aq_lowater;
+ oq.oq_bufsz = (size_t)qctrl->aq_bufsz;
+ oq.oq_delay = (clock_t)qctrl->aq_delay;
+ oq.oq_minfree = qctrl->aq_minfree;
+
+ ret = auditon(A_OLDGETQCTRL, &oq, sizeof(oq));
+
+ qctrl->aq_hiwater = (int)oq.oq_hiwater;
+ qctrl->aq_lowater = (int)oq.oq_lowater;
+ qctrl->aq_bufsz = (int)oq.oq_bufsz;
+ qctrl->aq_delay = (int)oq.oq_delay;
+ qctrl->aq_minfree = oq.oq_minfree;
+ }
+#endif /* A_OLDGETQCTRL */
+ return (ret);
+}
+
+int
+audit_set_qctrl(au_qctrl_t *qctrl, size_t sz)
+{
+ int ret;
+
+ if (sizeof(*qctrl) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ ret = auditon(A_SETQCTRL, qctrl, sz);
+#ifdef A_OLDSETQCTRL
+ if ((0 != ret) && (EINVAL == errno)) {
+ struct old_qctrl {
+ size_t oq_hiwater;
+ size_t oq_lowater;
+ size_t oq_bufsz;
+ clock_t oq_delay;
+ int oq_minfree;
+ } oq;
+
+ oq.oq_hiwater = (size_t)qctrl->aq_hiwater;
+ oq.oq_lowater = (size_t)qctrl->aq_lowater;
+ oq.oq_bufsz = (size_t)qctrl->aq_bufsz;
+ oq.oq_delay = (clock_t)qctrl->aq_delay;
+ oq.oq_minfree = qctrl->aq_minfree;
+
+ ret = auditon(A_OLDSETQCTRL, &oq, sizeof(oq));
+
+ qctrl->aq_hiwater = (int)oq.oq_hiwater;
+ qctrl->aq_lowater = (int)oq.oq_lowater;
+ qctrl->aq_bufsz = (int)oq.oq_bufsz;
+ qctrl->aq_delay = (int)oq.oq_delay;
+ qctrl->aq_minfree = oq.oq_minfree;
+ }
+#endif /* A_OLDSETQCTRL */
+ return (ret);
+}
+
+int
+audit_send_trigger(int *trigger)
+{
+
+ return (auditon(A_SENDTRIGGER, trigger, sizeof(*trigger)));
+}
+
+int
+audit_get_kaudit(auditinfo_addr_t *aia, size_t sz)
+{
+
+ if (sizeof(*aia) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETKAUDIT, aia, sz));
+}
+
+int
+audit_set_kaudit(auditinfo_addr_t *aia, size_t sz)
+{
+
+ if (sizeof(*aia) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_SETKAUDIT, aia, sz));
+}
+
+int
+audit_get_class(au_evclass_map_t *evc_map, size_t sz)
+{
+
+ if (sizeof(*evc_map) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETCLASS, evc_map, sz));
+}
+
+int
+audit_set_class(au_evclass_map_t *evc_map, size_t sz)
+{
+
+ if (sizeof(*evc_map) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_SETCLASS, evc_map, sz));
+}
+
+int
+audit_get_kmask(au_mask_t *kmask, size_t sz)
+{
+ if (sizeof(*kmask) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETKMASK, kmask, sz));
+}
+
+int
+audit_set_kmask(au_mask_t *kmask, size_t sz)
+{
+ if (sizeof(*kmask) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_SETKMASK, kmask, sz));
+}
+
+int
+audit_get_fsize(au_fstat_t *fstat, size_t sz)
+{
+
+ if (sizeof(*fstat) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETFSIZE, fstat, sz));
+}
+
+int
+audit_set_fsize(au_fstat_t *fstat, size_t sz)
+{
+
+ if (sizeof(*fstat) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_SETFSIZE, fstat, sz));
+}
+
+int
+audit_set_pmask(auditpinfo_t *api, size_t sz)
+{
+
+ if (sizeof(*api) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_SETPMASK, api, sz));
+}
+
+int
+audit_get_pinfo(auditpinfo_t *api, size_t sz)
+{
+
+ if (sizeof(*api) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETPINFO, api, sz));
+}
+
+int
+audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz)
+{
+
+ if (sizeof(*apia) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETPINFO_ADDR, apia, sz));
+}
+
+int
+audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz)
+{
+
+ if (sizeof(*aia) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETSINFO_ADDR, aia, sz));
+}
+
+int
+audit_get_stat(au_stat_t *stats, size_t sz)
+{
+
+ if (sizeof(*stats) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETSTAT, stats, sz));
+}
+
+int
+audit_set_stat(au_stat_t *stats, size_t sz)
+{
+
+ if (sizeof(*stats) != sz) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ return (auditon(A_GETSTAT, stats, sz));
+}
+
+int
+audit_get_cwd(char *path, size_t sz)
+{
+
+ return (auditon(A_GETCWD, path, sz));
+}
+
+int
+audit_get_car(char *path, size_t sz)
+{
+
+ return (auditon(A_GETCAR, path, sz));
+}
==== //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#7 (text+ko) ====
@@ -26,12 +26,15 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#6 $
+ * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#7 $
*/
#ifndef _BSM_AUDIT_H
#define _BSM_AUDIT_H
+#include <sys/param.h>
+#include <sys/types.h>
+
#define AUDIT_RECORD_MAGIC 0x828a0f1b
#define MAX_AUDIT_RECORDS 20
#define MAXAUDITDATA (0x8000 - 1)
@@ -212,7 +215,6 @@
au_mask_t ap_mask; /* Audit masks. */
au_tid_t ap_termid; /* Terminal ID. */
au_asid_t ap_asid; /* Audit session ID. */
- u_int64_t ap_flags; /* Audit session flags. */
};
typedef struct auditpinfo auditpinfo_t;
@@ -222,6 +224,7 @@
au_mask_t ap_mask; /* Audit masks. */
au_tid_addr_t ap_termid; /* Terminal ID. */
au_asid_t ap_asid; /* Audit session ID. */
+ u_int64_t ap_flags; /* Audit session flags. */
};
typedef struct auditpinfo_addr auditpinfo_addr_t;
@@ -230,6 +233,7 @@
#define as_asid as_aia_p->ai_asid
#define as_auid as_aia_p->ai_auid
#define as_termid as_aia_p->ai_termid
+#define as_flags as_aia_p->ai_flags
au_mask_t as_mask; /* Process Audit Masks. */
};
@@ -313,6 +317,13 @@
int setaudit(const struct auditinfo *);
int getaudit_addr(struct auditinfo_addr *, int);
int setaudit_addr(const struct auditinfo_addr *, int);
+
+#ifdef __APPLE_API_PRIVATE
+#include <mach/port.h>
+mach_port_name_t audit_session_self(void);
+au_asid_t audit_sesison_join(mach_port_name_t port);
+#endif /* __APPLE_API_PRIVATE */
+
#endif /* defined(_KERNEL) || defined(KERNEL) */
__END_DECLS
More information about the p4-projects
mailing list