PERFORCE change 92749 for review
Robert Watson
rwatson at FreeBSD.org
Sat Mar 4 14:54:30 PST 2006
http://perforce.freebsd.org/chv.cgi?CH=92749
Change 92749 by rwatson at rwatson_zoo on 2006/03/04 22:54:15
Integrate TrustedBSD base branch from FreeBSD CVS:
- OpenBSM 1.0 alpha 5 loop back.
- dwmalone's structural improvements to mac_bsdextended.
Affected files ...
.. //depot/projects/trustedbsd/base/contrib/openbsm/CHANGELOG#3 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/FREEBSD-upgrade#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/HISTORY#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/README#3 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/TODO#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/aclocal.m4#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/autogen.sh#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/audit/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/audit/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/audit/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/audit/audit.c#3 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/audit_warn.c#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/auditd.c#3 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditreduce/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditreduce/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditreduce/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/praudit/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/praudit/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bin/praudit/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bsm/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/bsm/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bsm/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/bsm/audit.h#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/bsm/audit_internal.h#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/bsm/libbsm.h#3 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/compat/endian.h#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/compat/queue.h#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/config.guess#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/config.h#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/config.h.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/config.sub#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/depcomp#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/install-sh#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/ltmain.sh#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/config/missing#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/configure#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/configure.ac#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_audit.c#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_io.c#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_mask.c#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_notify.c#3 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_token.c#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_user.c#2 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_wrappers.c#3 integrate
.. //depot/projects/trustedbsd/base/contrib/openbsm/man/Makefile#3 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/man/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/man/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/tools/Makefile#2 delete
.. //depot/projects/trustedbsd/base/contrib/openbsm/tools/Makefile.am#1 branch
.. //depot/projects/trustedbsd/base/contrib/openbsm/tools/Makefile.in#1 branch
.. //depot/projects/trustedbsd/base/lib/libutil/pidfile.3#4 integrate
.. //depot/projects/trustedbsd/base/sys/bsm/audit.h#3 integrate
.. //depot/projects/trustedbsd/base/sys/bsm/audit_internal.h#2 integrate
.. //depot/projects/trustedbsd/base/sys/dev/mpt/mpt.c#13 integrate
.. //depot/projects/trustedbsd/base/sys/geom/label/g_label_ufs.c#7 integrate
.. //depot/projects/trustedbsd/base/sys/opencrypto/crypto.c#13 integrate
.. //depot/projects/trustedbsd/base/sys/security/audit/audit.c#4 integrate
.. //depot/projects/trustedbsd/base/sys/security/audit/audit_bsm_token.c#2 integrate
.. //depot/projects/trustedbsd/base/sys/security/audit/audit_pipe.c#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/audit/audit_private.h#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_bsdextended/mac_bsdextended.c#21 integrate
.. //depot/projects/trustedbsd/base/usr.bin/finger/sprint.c#8 integrate
Differences ...
==== //depot/projects/trustedbsd/base/contrib/openbsm/FREEBSD-upgrade#2 (text) ====
@@ -1,7 +1,33 @@
Upgrade Instructions for OpenBSM
--------------------------------
-Currently this is very straight forward:
+OpenBSM integrates into the FreeBSD source tree in several places:
+
+src/contrib/openbsm The OpenBSM distribution itself
+src/sys/bsm Modified versions of some bsm/ include files
+src/sys/security/audit Kernel audit framework, some OpenBSM-based files
+src/usr.sbin/*audit* Makefiles for various OpenBSM tools
+src/etc/Makefile Installation of /etc OpenBSM files
+src/lib/libbsm/* Build for OpenBSM library
+
+OpenBSM is normally built using an integrated autoconf/automake build
+system. For the purposes of tight integration with FreeBSD, we use an
+adapted BSD make (bmake) build system loosely based on the autmake
+setup. We also rely on a static config.h generated when OpenBSM is
+imported, rather than re-configuring every build. This leads to a
+more reproduceable build environment, and avoids dependence on things
+not in the base tree (i.e., autoconf, automake, GNU make, etc). An
+upgrade of OpenBSM generally involves the following steps:
+
+- Vendor import of OpenBSM into src/contrib.
+- Run configure, commit src/contrib/openbsm/config/config.h.
+- Replication of src/contrib/openbsm/bsm changes into src/sys/bsm.
+- Possible updates to src/sys/security/audit, especially relating to
+ bsm_token.c.
+- Update any library, tool, or etc BSD Makefiles to add new files,
+ defines, or other generally useful or necessary things.
+
+Normally, the CVS vendor import goes along the following lines:
cd ~/p4/projects/trustedbsd/openbsm
cvs -d rwatson at repoman.FreeBSD.org:/home/ncvs -q import src/contrib/openbsm \
@@ -10,10 +36,9 @@
Replacing the version string as required. Use the "-n" argument to CVS to
do a test run.
-Right now, no local FreeBSD modification or configuration is required. In
-future OpenBSM versions, this is likely to change.
+Propagation of changes to src/sys/{bsm,security/audit} is something that
+requires careful coordination and attention to detail. These files are
+not on CVS vendor branches, but do have the same local vs. vendor merge
+issues.
-After importing OpenBSM, make sure to propagate any changes to files that
-appear in both contrib/openbsm/bsm and sys/bsm.
-
-$FreeBSD: src/contrib/openbsm/FREEBSD-upgrade,v 1.2 2006/02/06 00:03:39 rwatson Exp $
+$FreeBSD: src/contrib/openbsm/FREEBSD-upgrade,v 1.3 2006/03/04 16:50:04 rwatson Exp $
==== //depot/projects/trustedbsd/base/contrib/openbsm/README#3 (text) ====
@@ -25,26 +25,34 @@
Building
-OpenBSM is currently built using a series of BSD make files which should
-work on both FreeBSD and Darwin. One known issue is that versions of
-Darwin prior to 10.3.8 have a nested include of "sys/audit.h" from
-"sys/proc.h", which can result in type definition conflicts. If running
-with include files from an earlier version of Darwin, the nested include
-must be manually removed in order that libbsm can be built, due to
-potentially conflicting types resulting from an include of "sys/sysctl.h"
-by that file. On Darwin, the use of BSD make must be specified explicitly
-by using "bsdmake" rather than "make", which on Darwin refers to GNU make.
-Typical invocations from the OpenBSM tree root:
+OpenBSM is currently built using autoconf and automake, which should allow
+for building on a range of operating systems, including FreeBSD, Mac OS X,
+and Linux. Depending on the availability of audit facailities in the
+underlying operating system, some components that depend on kernel audit
+support are built conditionally. Typically, build will be performed using
+
+ ./configure
+ make
+
+To install, use:
-FreeBSD
+ make install
- % make
- # make install
+You may wish to specify that the OpenBSM components not be installed in the
+base system, rather in a specific directory. This may be done using the
+--prefix argument to configure. If installing to a specific directory,
+remember to update your library path so that running tools from that
+directory the correct libbsm is used:
-Darwin
+ ./configure --prefix=/home/rwatson/openbsm
+ make
+ make install
+ LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
- % bsdmake
- # bsdmake install
+You will need to manually propagate openbsm/etc/* into /etc on your system;
+this is not done automatically so as to avoid disrupting the current
+configuration. Currently, the locations of these files is not
+configurable.
Credits
@@ -65,6 +73,7 @@
Christian Brueffer
Olivier Houchard
Christian Peron
+ Martin Fong
In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
Software's FlexeLint tool were used to identify a number of bugs in the
@@ -86,4 +95,4 @@
http://www.TrustedBSD.org/
-$P4: //depot/projects/trustedbsd/openbsm/README#14 $
+$P4: //depot/projects/trustedbsd/openbsm/README#16 $
==== //depot/projects/trustedbsd/base/contrib/openbsm/TODO#2 (text) ====
@@ -8,5 +8,10 @@
- Document contents of libbsm "public" data structures in libbsm man pages.
- The audit.log.5 man page is incomplete, as it does not describe all
token types.
+- With the move to autoconf/automake, man page symlinks are no longer
+ installed. This needs to be fixed.
+- It might be desirable to be able to provide EOPNOTSUPP system call stubs
+ on systems that don't have the necessary audit system calls; that would
+ allow the full libbsm and tool set to build, just not run.
-$P4: //depot/projects/trustedbsd/openbsm/TODO#4 $
+$P4: //depot/projects/trustedbsd/openbsm/TODO#5 $
==== //depot/projects/trustedbsd/base/contrib/openbsm/bin/audit/audit.c#3 (text) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#6 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@@ -44,7 +44,7 @@
#include <sys/queue.h>
#include <sys/uio.h>
-#include <bsm/audit.h>
+#include <bsm/libbsm.h>
#include <fcntl.h>
#include <stdio.h>
==== //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/audit_warn.c#2 (text) ====
@@ -30,12 +30,14 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#6 $
*/
#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
#include <unistd.h>
-#include <stdio.h>
#include "auditd.h"
==== //depot/projects/trustedbsd/base/contrib/openbsm/bin/auditd/auditd.c#3 (text) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#12 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#13 $
*/
#include <sys/types.h>
@@ -795,7 +795,11 @@
}
}
+#ifdef LOG_SECURITY
openlog("auditd", LOG_CONS | LOG_PID, LOG_SECURITY);
+#else
+ openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH);
+#endif
syslog(LOG_INFO, "starting...\n");
if (debug == 0 && daemon(0, 0) == -1) {
==== //depot/projects/trustedbsd/base/contrib/openbsm/bsm/audit.h#2 (text) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#14 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#15 $
*/
#ifndef _BSM_AUDIT_H
@@ -240,25 +240,11 @@
};
typedef struct auditpinfo_addr auditpinfo_addr_t;
-/* Token and record structures. */
-
-struct au_token {
- u_char *t_data;
- size_t len;
- TAILQ_ENTRY(au_token) tokens;
-};
+/*
+ * Contents of token_t are opaque outside of libbsm.
+ */
typedef struct au_token token_t;
-struct au_record {
- char used; /* Record currently in use? */
- int desc; /* Descriptor for record. */
- TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */
- u_char *data;
- size_t len;
- LIST_ENTRY(au_record) au_rec_q;
-};
-typedef struct au_record au_record_t;
-
/*
* Kernel audit queue control parameters.
*/
@@ -310,6 +296,9 @@
};
typedef struct au_evclass_map au_evclass_map_t;
+/*
+ * Audit system calls.
+ */
#if !defined(_KERNEL) && !defined(KERNEL)
int audit(const void *, int);
int auditon(int, void *, int);
==== //depot/projects/trustedbsd/base/contrib/openbsm/bsm/audit_internal.h#2 (text) ====
@@ -34,11 +34,15 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_internal.h#7 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_internal.h#13 $
*/
-#ifndef _LIBBSM_INTERNAL_H
-#define _LIBBSM_INTERNAL_H
+#ifndef _AUDIT_INTERNAL_H
+#define _AUDIT_INTERNAL_H
+
+#if defined(__linux__) && !defined(__unused)
+#define __unused
+#endif
/*
* audit_internal.h contains private interfaces that are shared by user space
@@ -47,7 +51,23 @@
* broken with future releases of OpenBSM, which may delete, modify, or
* otherwise break these interfaces or the assumptions they rely on.
*/
+struct au_token {
+ u_char *t_data;
+ size_t len;
+ TAILQ_ENTRY(au_token) tokens;
+};
+
+struct au_record {
+ char used; /* Record currently in use? */
+ int desc; /* Descriptor for record. */
+ TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */
+ u_char *data;
+ size_t len;
+ LIST_ENTRY(au_record) au_rec_q;
+};
+typedef struct au_record au_record_t;
+
/* We could determined the header and trailer sizes by
* defining appropriate structures. We hold off that approach
* till we have a consistant way of using structures for all tokens.
@@ -96,4 +116,4 @@
#define ADD_STRING(loc, data, size) ADD_MEM(loc, data, size)
-#endif /* !_LIBBSM_INTERNAL_H_ */
+#endif /* !_AUDIT_INTERNAL_H_ */
==== //depot/projects/trustedbsd/base/contrib/openbsm/bsm/libbsm.h#3 (text) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#16 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#18 $
*/
#ifndef _LIBBSM_H_
@@ -42,9 +42,9 @@
#include <sys/types.h>
#include <sys/cdefs.h>
-#include <sys/queue.h>
#include <stdint.h> /* Required for audit.h. */
+#include <time.h> /* Required for clock_t on Linux. */
#include <bsm/audit.h>
#include <bsm/audit_record.h>
==== //depot/projects/trustedbsd/base/contrib/openbsm/compat/endian.h#2 (text) ====
@@ -25,18 +25,13 @@
* SUCH DAMAGE.
*
* Derived from FreeBSD src/sys/sys/endian.h:1.6.
- * $P4: //depot/projects/trustedbsd/openbsm/compat/endian.h#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/compat/endian.h#7 $
*/
#ifndef _COMPAT_ENDIAN_H_
#define _COMPAT_ENDIAN_H_
/*
- * Pick up value of BYTE_ORDER/_BYTE_ORDER if not yet included.
- */
-#include <machine/endian.h>
-
-/*
* Some systems will have the uint/int types defined here already, others
* will need stdint.h.
*/
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_audit.c#2 (text) ====
@@ -30,11 +30,17 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#18 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#22 $
*/
#include <sys/types.h>
+
+#include <config/config.h>
+#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
+#else
+#include <compat/queue.h>
+#endif
#include <bsm/audit_internal.h>
#include <bsm/libbsm.h>
@@ -256,11 +262,13 @@
pthread_mutex_unlock(&mutex);
}
+#ifdef HAVE_AUDIT_SYSCALLS
/*
* Add the header token, identify any missing tokens. Write out the tokens to
* the record memory and finally, call audit.
*/
-int au_close(int d, int keep, short event)
+int
+au_close(int d, int keep, short event)
{
au_record_t *rec;
size_t tot_rec_size;
@@ -308,6 +316,7 @@
au_teardown(rec);
return (retval);
}
+#endif /* HAVE_AUDIT_SYSCALLS */
/*
* au_close(), except onto an in-memory buffer. Buffer size as an argument,
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_io.c#2 (text) ====
@@ -31,15 +31,32 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#29 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#34 $
*/
#include <sys/types.h>
-#ifdef __APPLE__
+
+#include <config/config.h>
+#ifdef HAVE_SYS_ENDIAN_H
+#include <sys/endian.h>
+#else /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_MACHINE_ENDIAN_H
+#include <machine/endian.h>
+#else /* !HAVE_MACHINE_ENDIAN_H */
+#ifdef HAVE_ENDIAN_H
+#include <endian.h>
+#else /* !HAVE_ENDIAN_H */
+#error "No supported endian.h"
+#endif /* !HAVE_ENDIAN_H */
+#endif /* !HAVE_MACHINE_ENDIAN_H */
#include <compat/endian.h>
-#else /* !__APPLE__ */
-#include <sys/endian.h>
-#endif /* __APPLE__*/
+#endif /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_FULL_QUEUE_H
+#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+
#include <sys/stat.h>
#include <sys/socket.h>
@@ -381,10 +398,7 @@
break;
case AU_IPv6:
- ipv6.__u6_addr.__u6_addr32[0] = ipaddr[0];
- ipv6.__u6_addr.__u6_addr32[1] = ipaddr[1];
- ipv6.__u6_addr.__u6_addr32[2] = ipaddr[2];
- ipv6.__u6_addr.__u6_addr32[3] = ipaddr[3];
+ bcopy(ipaddr, &ipv6, sizeof(ipv6));
fprintf(fp, "%s", inet_ntop(AF_INET6, &ipv6, dst,
INET6_ADDRSTRLEN));
break;
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_mask.c#2 (text) ====
@@ -27,11 +27,17 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_mask.c#11 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_mask.c#13 $
*/
#include <sys/types.h>
+
+#include <config/config.h>
+#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
#include <bsm/libbsm.h>
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_notify.c#3 (text) ====
@@ -26,18 +26,30 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#9 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#11 $
*/
/*
* Based on sample code from Marc Majka.
*/
-#include <string.h> /* strerror() */
-#include <sys/errno.h> /* errno */
+#include <sys/types.h>
+
+#include <config/config.h>
+#ifdef HAVE_FULL_QUEUE_H
+#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+
+#include <bsm/audit_internal.h>
#include <bsm/libbsm.h>
-#include <stdint.h> /* uint32_t */
-#include <syslog.h> /* syslog() */
-#include <stdarg.h> /* syslog() */
+
+#include <errno.h>
+#include <stdint.h>
+#include <stdarg.h>
+#include <string.h>
+#include <syslog.h>
+
#ifdef __APPLE__
#include <notify.h>
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_token.c#2 (text) ====
@@ -30,15 +30,32 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#34 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#43 $
*/
#include <sys/types.h>
-#ifdef __APPLE__
+
+#include <config/config.h>
+#ifdef HAVE_SYS_ENDIAN_H
+#include <sys/endian.h>
+#else /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_MACHINE_ENDIAN_H
+#include <machine/endian.h>
+#else /* !HAVE_MACHINE_ENDIAN_H */
+#ifdef HAVE_ENDIAN_H
+#include <endian.h>
+#else /* !HAVE_ENDIAN_H */
+#error "No supported endian.h"
+#endif /* !HAVE_ENDIAN_H */
+#endif /* !HAVE_MACHINE_ENDIAN_H */
#include <compat/endian.h>
-#else /* !__APPLE__ */
-#include <sys/endian.h>
-#endif /* __APPLE__*/
+#endif /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_FULL_QUEUE_H
+#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/un.h>
@@ -352,10 +369,7 @@
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
ADD_U_INT32(dptr, type);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[0]);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[1]);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[2]);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[3]);
+ ADD_MEM(dptr, internet_addr, sizeof(*internet_addr));
return (t);
}
@@ -448,9 +462,18 @@
ADD_U_INT16(dptr, perm->mode);
ADD_U_INT16(dptr, pad0);
+
+#ifdef HAVE_IPC_PERM___SEQ
+ ADD_U_INT16(dptr, perm->__seq);
+#else
ADD_U_INT16(dptr, perm->seq);
+#endif
+#ifdef HAVE_IPC_PERM___KEY
+ ADD_U_INT32(dptr, perm->__key);
+#else
ADD_U_INT32(dptr, perm->key);
+#endif
return (t);
}
@@ -781,50 +804,6 @@
/*
* token ID 1 byte
- * socket type 2 bytes
- * local port 2 bytes
- * local Internet address 4 bytes
- * remote port 2 bytes
- * remote Internet address 4 bytes
- */
-token_t *
-au_to_socket(struct socket *so)
-{
-
- errno = ENOTSUP;
- return (NULL);
-}
-
-/*
- * token ID 1 byte
- * socket type 2 bytes
- * local port 2 bytes
- * address type/length 4 bytes
- * local Internet address 4 bytes/16 bytes (IPv4/IPv6 address)
- * remote port 4 bytes
- * address type/length 4 bytes
- * remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address)
- */
-token_t *
-au_to_socket_ex_32(u_int16_t lp, u_int16_t rp, struct sockaddr *la,
- struct sockaddr *ra)
-{
-
- errno = ENOTSUP;
- return (NULL);
-}
-
-token_t *
-au_to_socket_ex_128(u_int16_t lp, u_int16_t rp, struct sockaddr *la,
- struct sockaddr *ra)
-{
-
- errno = ENOTSUP;
- return (NULL);
-}
-
-/*
- * token ID 1 byte
* socket family 2 bytes
* path 104 bytes
*/
@@ -898,10 +877,7 @@
ADD_U_CHAR(dptr, so->sin6_family);
ADD_U_INT16(dptr, so->sin6_port);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[0]);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[1]);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[2]);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[3]);
+ ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr));
return (t);
@@ -1031,7 +1007,7 @@
tid));
}
-#if !defined(_KERNEL) && !defined(KERNEL)
+#if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS)
/*
* Collects audit information for the current process
* and creates a subject token from it
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_user.c#2 (text) ====
@@ -27,7 +27,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_user.c#14 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_user.c#15 $
*/
#include <bsm/libbsm.h>
==== //depot/projects/trustedbsd/base/contrib/openbsm/libbsm/bsm_wrappers.c#3 (text) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#16 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#18 $
*/
#ifdef __APPLE__
@@ -35,6 +35,11 @@
#include <sys/param.h>
#include <sys/stat.h>
+
+#ifdef __APPLE__
+#include <sys/queue.h> /* Our bsm/audit.h doesn't include queue.h. */
+#endif
+
#include <sys/sysctl.h>
#include <bsm/libbsm.h>
@@ -56,7 +61,11 @@
if (p == NULL)
return (kAUBadParamErr);
+#ifdef NODEV
*p = NODEV;
+#else
+ *p = -1;
+#endif
/* for /usr/bin/login, try fstat() first */
if (fstat(STDIN_FILENO, &st) != 0) {
@@ -78,6 +87,8 @@
int
audit_set_terminal_host(uint32_t *m)
{
+
+#ifdef KERN_HOSTID
int name[2] = { CTL_KERN, KERN_HOSTID };
size_t len;
@@ -90,6 +101,10 @@
return (kAUSysctlErr);
}
return (kAUNoErr);
+#else
+ *m = -1;
+ return (kAUNoErr);
+#endif
}
int
==== //depot/projects/trustedbsd/base/lib/libutil/pidfile.3#4 (text+ko) ====
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libutil/pidfile.3,v 1.4 2006/01/28 14:13:15 pjd Exp $
+.\" $FreeBSD: src/lib/libutil/pidfile.3,v 1.5 2006/03/04 15:20:28 keramida Exp $
.\"
.Dd August 22, 2005
.Dt PIDFILE 3
@@ -120,8 +120,8 @@
pfh = pidfile_open("/var/run/daemon.pid", 0600, &otherpid);
if (pfh == NULL) {
if (errno == EEXIST) {
- errx(EXIT_FAILURE, "Daemon already running, pid: %d.",
- (int)otherpid);
+ errx(EXIT_FAILURE, "Daemon already running, pid: %jd.",
+ (intmax_t)otherpid);
}
/* If we cannot create pidfile from other reasons, only warn. */
warn("Cannot open or create pidfile");
@@ -147,7 +147,7 @@
/* Do child work. */
break;
default:
- syslog(LOG_INFO, "Child %d started.", (int)childpid);
+ syslog(LOG_INFO, "Child %jd started.", (intmax_t)childpid);
break;
}
}
==== //depot/projects/trustedbsd/base/sys/bsm/audit.h#3 (text+ko) ====
@@ -30,8 +30,8 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/base/sys/bsm/audit.h#2 $
- * $FreeBSD: src/sys/bsm/audit.h,v 1.2 2006/02/01 19:54:22 rwatson Exp $
+ * $P4: //depot/projects/trustedbsd/base/sys/bsm/audit.h#3 $
+ * $FreeBSD: src/sys/bsm/audit.h,v 1.3 2006/03/04 16:54:21 rwatson Exp $
*/
#ifndef _BSM_AUDIT_H
@@ -258,25 +258,11 @@
};
typedef struct auditpinfo_addr auditpinfo_addr_t;
-/* Token and record structures. */
-
-struct au_token {
- u_char *t_data;
- size_t len;
- TAILQ_ENTRY(au_token) tokens;
-};
+/*
+ * Contents of token_t are opaque outside of libbsm.
+ */
typedef struct au_token token_t;
-struct au_record {
- char used; /* Record currently in use? */
- int desc; /* Descriptor for record. */
- TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */
- u_char *data;
- size_t len;
- LIST_ENTRY(au_record) au_rec_q;
-};
-typedef struct au_record au_record_t;
-
/*
* Kernel audit queue control parameters.
*/
@@ -328,6 +314,9 @@
};
typedef struct au_evclass_map au_evclass_map_t;
+/*
+ * Audit system calls.
+ */
#if !defined(_KERNEL) && !defined(KERNEL)
int audit(const void *, int);
int auditon(int, void *, int);
==== //depot/projects/trustedbsd/base/sys/bsm/audit_internal.h#2 (text) ====
@@ -34,12 +34,16 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#5 $
- * $FreeBSD: src/sys/bsm/audit_internal.h,v 1.1 2006/02/01 19:54:22 rwatson Exp $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#7 $
+ * $FreeBSD: src/sys/bsm/audit_internal.h,v 1.2 2006/03/04 16:54:21 rwatson Exp $
*/
-#ifndef _LIBBSM_INTERNAL_H
-#define _LIBBSM_INTERNAL_H
+#ifndef _AUDIT_INTERNAL_H
+#define _AUDIT_INTERNAL_H
+
+#if defined(__linux__) && !defined(__unused)
+#define __unused
+#endif
/*
* audit_internal.h contains private interfaces that are shared by user space
@@ -48,7 +52,23 @@
* broken with future releases of OpenBSM, which may delete, modify, or
* otherwise break these interfaces or the assumptions they rely on.
*/
+struct au_token {
+ u_char *t_data;
+ size_t len;
+ TAILQ_ENTRY(au_token) tokens;
+};
+struct au_record {
+ char used; /* Record currently in use? */
+ int desc; /* Descriptor for record. */
+ TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */
+ u_char *data;
+ size_t len;
+ LIST_ENTRY(au_record) au_rec_q;
+};
+typedef struct au_record au_record_t;
+
+
/* We could determined the header and trailer sizes by
* defining appropriate structures. We hold off that approach
* till we have a consistant way of using structures for all tokens.
@@ -97,4 +117,4 @@
#define ADD_STRING(loc, data, size) ADD_MEM(loc, data, size)
-#endif /* !_LIBBSM_INTERNAL_H_ */
+#endif /* !_AUDIT_INTERNAL_H_ */
==== //depot/projects/trustedbsd/base/sys/dev/mpt/mpt.c#13 (text+ko) ====
@@ -92,7 +92,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/mpt/mpt.c,v 1.18 2006/02/28 07:44:50 mjacob Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/mpt/mpt.c,v 1.19 2006/03/04 21:46:34 mjacob Exp $");
#include <dev/mpt/mpt.h>
#include <dev/mpt/mpt_cam.h> /* XXX For static handler registration */
@@ -502,12 +502,12 @@
handled += pers->event(mpt, req, msg);
if (handled == 0 && mpt->mpt_pers_mask == 0) {
- mpt_lprt(mpt, MPT_PRT_WARN,
+ mpt_lprt(mpt, MPT_PRT_INFO,
"No Handlers For Any Event Notify Frames. "
"Event %#x (ACK %sequired).\n",
msg->Event, msg->AckRequired? "r" : "not r");
} else if (handled == 0) {
- mpt_prt(mpt,
+ mpt_lprt(mpt, MPT_PRT_WARN,
"Unhandled Event Notify Frame. Event %#x "
"(ACK %sequired).\n",
msg->Event, msg->AckRequired? "r" : "not r");
==== //depot/projects/trustedbsd/base/sys/geom/label/g_label_ufs.c#7 (text+ko) ====
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/geom/label/g_label_ufs.c,v 1.9 2006/02/18 10:59:47 pjd Exp $");
+__FBSDID("$FreeBSD: src/sys/geom/label/g_label_ufs.c,v 1.10 2006/03/04 19:41:54 pjd Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -78,8 +78,13 @@
if (fs == NULL)
continue;
/* Check for magic and make sure things are the right size */
- if (fs->fs_magic != FS_UFS1_MAGIC &&
- fs->fs_magic != FS_UFS2_MAGIC) {
+ if (fs->fs_magic == FS_UFS1_MAGIC &&
+ fs->fs_old_size * fs->fs_fsize == (int32_t)pp->mediasize) {
+ /* Valid UFS1. */
+ } else if (fs->fs_magic == FS_UFS2_MAGIC && fs->fs_fsize > 0 &&
+ pp->mediasize / fs->fs_fsize == fs->fs_size) {
+ /* Valid UFS2. */
+ } else {
g_free(fs);
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the trustedbsd-cvs
mailing list