PERFORCE change 118242 for review

Mon Apr 16 12:59:44 UTC 2007

http://perforce.freebsd.org/chv.cgi?CH=118242

Change 118242 by rwatson at rwatson_cinnamon on 2007/04/16 12:59:02

	Integrate more OpenBSM updates into audit3 branch.

Affected files ...

.. //depot/projects/trustedbsd/audit3/contrib/openbsm/README#18 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#22 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/header32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_record#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_token#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv4#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv6#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/trailer_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/zonename_record#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/zonename_token#1 branch
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#32 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/README#18 (text+ko) ====

@@ -3,11 +3,13 @@
   Introduction
 
 OpenBSM provides an open source implementation of Sun's BSM Audit API. 
-Originally created under contract to Apple Computer by McAfee Research, 
-this implementation is now maintained by volunteers and the generous 
-contribution of several organizations.  Coupled with a kernel audit 
-implementation, OpenBSM can be used to maintain system audit streams, and 
-is a foundation for an Audit-enabled system.
+Originally created under contract to Apple Computer by McAfee Research, this
+implementation is now maintained by volunteers and the generous contribution
+of several organizations.  Coupled with a kernel audit implementation,
+OpenBSM can be used to maintain system audit streams, and is a foundation for
+an Audit-enabled system.  Portions of OpenBSM, including include files and
+token-building routines, are reusable in a kernel audit implementation, and
+may be found in the FreeBSD and Mac OS X kernels.
 
   Contents
 
@@ -15,13 +17,22 @@
 
     bin/           Audit-related command line tools
     bsm/           System include files for BSM
+    compat/        Compatibility code to build on various OS's
     etc/           Sample /etc/security configuration files
     libbsm/        Implementation of BSM library interfaces and man pages
     man/           System call and configuration file man pages
+    modules/       Directory for auditfilterd module source
+    test/          Test token sets and geneneration program
+    tools/         Tool directory, including audump to dump databases
+
+The following programs are included with OpenBSM:
 
-OpenBSM currently builds on FreeBSD and Darwin.  With Makefile adjustment
-and minor tweaks, it should build without problems on a broad range of
-POSIX-like systems.
+    audit          Command line audit control tool
+    auditd         Audit management daemon
+    auditfilterd   Experimental event monitoring framework
+    auditreduce    Audit trail reduction tool
+    audump         Debugging tool to parse and print audit databases
+    praudit        Tool to print audit trails
 
   Building
 
@@ -29,7 +40,7 @@
 for building on a range of operating systems, including FreeBSD, Mac OS X,
 and Linux.  Depending on the availability of audit facilities in the
 underlying operating system, some components that depend on kernel audit
-support are built conditionally.  Typically, build will be performed using
+support are built conditionally.  Typically, build will be performed using:
 
     ./configure
     make
@@ -51,13 +62,12 @@
 
 You will need to manually propagate openbsm/etc/* into /etc on your system;
 this is not done automatically so as to avoid disrupting the current
-configuration.  Currently, the locations of these files is not
-configurable.
+configuration.  Currently, the locations of these files is not configurable.
 
   Credits
 
-The following organizations and individuals have contributed substantially 
-to the development of OpenBSM:
+The following organizations and individuals have contributed substantially to
+the development of OpenBSM:
 
     Apple Computer, Inc.
     McAfee Research, McAfee, Inc.
@@ -100,4 +110,4 @@
 
     http://www.TrustedBSD.org/
 
-$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/README#17 $
+$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/README#18 $

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#22 (text+ko) ====

@@ -32,7 +32,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#21 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#22 $
  */
 
 #include <sys/types.h>
@@ -3871,7 +3871,6 @@
  * size                         2 bytes;
  * zonename                     size bytes;
  */
-
 static int
 fetch_zonename_tok(tokenstr_t *tok, char *buf, int len)
 {

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#8 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2006 Robert N. M. Watson
+ * Copyright (c) 2006-2007 Robert N. M. Watson
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#8 $
  */
 
 /*
@@ -889,6 +889,30 @@
 
 }
 
+static char	*zonename_sample = "testzone";
+
+static void
+generate_zonename_token(const char *directory, const char *token_filename)
+{
+	token_t *zonename_token;
+
+	zonename_token = au_to_zonename(zonename_sample);
+	if (zonename_token == NULL)
+		err(EX_UNAVAILABLE, "au_to_zonename");
+	write_token(directory, token_filename, zonename_token);
+}
+
+static void
+generate_zonename_record(const char *directory, const char *record_filename)
+{
+	token_t *zonename_token;
+
+	zonename_token = au_to_zonename(zonename_sample);
+	if (zonename_token == NULL)
+		err(EX_UNAVAILABLE, "au_to_zonename");
+	write_record(directory, record_filename, zonename_token, AUE_NULL);
+}
+
 int
 main(int argc, char *argv[])
 {
@@ -955,6 +979,7 @@
 		generate_ipc_perm_token(directory, "ipc_perm_token");
 		generate_groups_token(directory, "groups_token");
 		generate_attr32_token(directory, "attr32_token");
+		generate_zonename_token(directory, "zonename_token");
 	}
 
 	if (do_records) {
@@ -989,6 +1014,7 @@
 		generate_ipc_perm_record(directory, "ipc_perm_record");
 		generate_groups_record(directory, "groups_record");
 		generate_attr32_record(directory, "attr32_record");
+		generate_zonename_record(directory, "zonename_record");
 	}
 
 	return (0);

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/header32_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv4#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv6#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv4#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv6#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_record#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_token#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv4#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv6#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv4#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv6#2 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv4#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv6#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_record#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/trailer_token#3 (binary) ====


==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#32 (text+ko) ====

