How to bring au_to_attr(3) back to the userland?

[Mateusz Piotrowski]

Hello,

I participate in Google Summer of Code at FreeBSD this year. My project is about
converting Linux Audit logs to the BSM format (see my wiki[0]).

Recently, I've come across a problem with the libbsm(3) API. I'd like to be able
to generate an attribute token. Unfortunatelly, au_to_attr which generates those
tokens is not available in the userland (I email FreeBSD-hackers at FreeBSD
about this issue[1]).

Together with my mentor we came up with a few possible solutions to this problem
but we are not sure which one is the best. This is why I'd like to dicuss the
pros and cons.

Solutions:

1. The first idea is to add a userland version of the au_to_attr function. The
 implementation would be similar to the one of the au_to_exec_* functions.

 (See sys/security/audit/bsm_token.c[2].)

2. The second idea is to bring back the vattr structure. At the moment
 au_to_attr has one paramter of type `struct vnode_au_info`. Historically,
 au_to_attr used `struct vattr`. A possible solution is to bring vattr to the
 userland and change the parameter of au_to_attr back to `struct vattr`.

 At the moment `struct vattr` is included in sys/vnode.h but it lacks the
 interace.

 (I summed up everything I know on this wiki page[3].)

3. The last idea is to make `struct vnode_au_info` and `au_to_attr` accessible
 from the userland (by simply unwrapping the prototypes from the KERNEL/_KERNEL
 conditional compilation macros).

Cheers,

-Mateusz

[0]: https://wiki.freebsd.org/SummerOfCode2016/NonBSMtoBSMConversionTools
[1]: https://lists.freebsd.org/pipermail/freebsd-hackers/2016-August/049835.html
[2]: https://github.com/freebsd/freebsd/blob/af3e10e5a78d3af8cef6088748978c6c612757f0/sys/security/audit/bsm_token.c#L1281-L1405
[3]: https://github.com/0mp/freebsd/wiki/vattr(99://github.com/0mp/freebsd/wiki/vattr(99)