diff options
| author | rwatson <rwatson@FreeBSD.org> | 2009-01-14 10:44:16 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2009-01-14 10:44:16 +0000 |
| commit | decd722669c40502553396eefd1098657c2eac59 (patch) | |
| tree | 475d9112fa7258dc14e742448d0a7ccbc27a17ab /contrib/openbsm/libbsm | |
| parent | f2dfb737c38eea614a85b0eefc92a363a91d9143 (diff) | |
| parent | 77fa2b3194a06888941bfb26e7aa568742d4150a (diff) | |
| download | FreeBSD-src-decd722669c40502553396eefd1098657c2eac59.zip FreeBSD-src-decd722669c40502553396eefd1098657c2eac59.tar.gz | |
Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm
build along with man pages, add audit_bsm_domain.c and
audit_bsm_socket_type.c to the kernel environment.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 alpha 5
- Stub libauditd(3) man page added.
- All BSM error number constants with BSM_ERRNO_.
- Interfaces to convert between local and BSM socket types and protocol
families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3),
au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions
of constants in audit_domain.h and audit_socket_type.h. This improves
interoperability by converting local constant spaces, which vary by OS, to
and from Solaris constants (where available) or OpenBSM constants for
protocol domains not present in Solaris (a fair number). These routines
should be used when generating and interpreting extended socket tokens.
- Fix build warnings with full gcc warnings enabled on most supported
platforms.
- Don't compile error strings into bsm_errno.c when building it in the kernel
environment.
- When started by launchd, use the label com.apple.auditd rather than
org.trustedbsd.auditd.
Diffstat (limited to 'contrib/openbsm/libbsm')
| -rw-r--r-- | contrib/openbsm/libbsm/Makefile.am | 6 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/Makefile.in | 22 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/au_domain.3 | 87 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/au_socket_type.3 | 93 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/au_token.3 | 5 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/bsm_audit.c | 13 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/bsm_domain.c | 499 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/bsm_errno.c | 507 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/bsm_io.c | 8 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/bsm_socket_type.c | 104 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/bsm_token.c | 5 | ||||
| -rw-r--r-- | contrib/openbsm/libbsm/libbsm.3 | 26 |
12 files changed, 1106 insertions, 269 deletions
diff --git a/contrib/openbsm/libbsm/Makefile.am b/contrib/openbsm/libbsm/Makefile.am index b2f1e5c..d7e0652 100644 --- a/contrib/openbsm/libbsm/Makefile.am +++ b/contrib/openbsm/libbsm/Makefile.am @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#7 $ +# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#8 $ # if USE_NATIVE_INCLUDES @@ -14,11 +14,13 @@ libbsm_la_SOURCES = \ bsm_audit.c \ bsm_class.c \ bsm_control.c \ + bsm_domain.c \ bsm_errno.c \ bsm_event.c \ bsm_flags.c \ bsm_io.c \ bsm_mask.c \ + bsm_socket_type.c \ bsm_token.c \ bsm_user.c @@ -31,12 +33,14 @@ endif man3_MANS = \ au_class.3 \ au_control.3 \ + au_domain.3 \ au_errno.3 \ au_event.3 \ au_free_token.3 \ au_io.3 \ au_mask.3 \ au_open.3 \ + au_socket_type.3 \ au_token.3 \ au_user.3 \ libbsm.3 diff --git a/contrib/openbsm/libbsm/Makefile.in b/contrib/openbsm/libbsm/Makefile.in index ffd354d..4d6c847 100644 --- a/contrib/openbsm/libbsm/Makefile.in +++ b/contrib/openbsm/libbsm/Makefile.in @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#12 $ +# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#13 $ # VPATH = @srcdir@ @@ -60,13 +60,15 @@ libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) libbsm_la_LIBADD = am__libbsm_la_SOURCES_DIST = bsm_audit.c bsm_class.c bsm_control.c \ - bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \ - bsm_token.c bsm_user.c bsm_notify.c bsm_wrappers.c + bsm_domain.c bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c \ + bsm_mask.c bsm_socket_type.c bsm_token.c bsm_user.c \ + bsm_notify.c bsm_wrappers.c @HAVE_AUDIT_SYSCALLS_TRUE@am__objects_1 = bsm_notify.lo \ @HAVE_AUDIT_SYSCALLS_TRUE@ bsm_wrappers.lo am_libbsm_la_OBJECTS = bsm_audit.lo bsm_class.lo bsm_control.lo \ - bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo bsm_mask.lo \ - bsm_token.lo bsm_user.lo $(am__objects_1) + bsm_domain.lo bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo \ + bsm_mask.lo bsm_socket_type.lo bsm_token.lo bsm_user.lo \ + $(am__objects_1) libbsm_la_OBJECTS = $(am_libbsm_la_OBJECTS) DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/config/depcomp @@ -199,18 +201,20 @@ top_srcdir = @top_srcdir@ @USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys @USE_NATIVE_INCLUDES_TRUE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) lib_LTLIBRARIES = libbsm.la -libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_errno.c \ - bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c bsm_token.c \ - bsm_user.c $(am__append_1) +libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_domain.c \ + bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \ + bsm_socket_type.c bsm_token.c bsm_user.c $(am__append_1) man3_MANS = \ au_class.3 \ au_control.3 \ + au_domain.3 \ au_errno.3 \ au_event.3 \ au_free_token.3 \ au_io.3 \ au_mask.3 \ au_open.3 \ + au_socket_type.3 \ au_token.3 \ au_user.3 \ libbsm.3 @@ -287,12 +291,14 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_audit.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_class.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_control.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_domain.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_errno.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_event.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_flags.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_io.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_mask.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_notify.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_socket_type.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_token.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_user.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_wrappers.Plo@am__quote@ diff --git a/contrib/openbsm/libbsm/au_domain.3 b/contrib/openbsm/libbsm/au_domain.3 new file mode 100644 index 0000000..14ac45a --- /dev/null +++ b/contrib/openbsm/libbsm/au_domain.3 @@ -0,0 +1,87 @@ +.\"- +.\" Copyright (c) 2008 Apple Inc. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of +.\" its contributors may be used to endorse or promote products derived +.\" from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR +.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING +.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +.\" POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_domain.3#1 $ +.\" +.Dd December 28, 2008 +.Dt AU_BSM_TO_DOMAIN 3 +.Os +.Sh NAME +.Nm au_bsm_to_domain , +.Nm au_domain_to_bsm +.Nd "convert between BSM and local protocol domains" +.Sh LIBRARY +.Lb libbsm +.Sh SYNOPSIS +.In bsm/libbsm.h +.Ft int +.Fn au_bsm_to_domain "u_short bsm_domain" "int *local_domainp" +.Ft u_short +.Fn au_domain_to_bsm "int local_domain" +.Sh DESCRIPTION +These interfaces may be used to convert between the local and BSM protocol +domains. +The +.Fn au_bsm_to_domain +function accepts a BSM domain, +.Fa bsm_domain , +and converts it to a local domain, such as those passed to +.Xr socket 2 , +that will be stored in the integer pointed to by +.Fa local_domainp +if successful. +This call will fail if the BSM domain cannot be mapped into a local domain, +which may occur if the socket token was generated on another operating +system. +.Pp +.Fn au_domain_to_bsm +function accepts a local domain, and returns the BSM domain for it. +This call cannot fail, and instead returns a BSM domain indicating to a later +decoder that the domain could not be encoded. +.Sh RETURN VALULES +On success, +.Fn au_bsm_to_domain +returns 0 and a converted domain; on failure, it returns -1 but does not set +.Xr errno 2 . +.Sh SEE ALSO +.Xr au_bsm_to_socket_type 3 , +.Xr au_socket_type_to_bsm 3 , +.Xr au_to_socket_ex 3 , +.Xr libbsm 3 +.Sh HISTORY +.Fn au_bsm_to_domain +and +.Fn au_domain_to_bsm +were introduced in OpenBSM 1.1. +.Sh AUTHORS +These functions were implemented by +.An Robert Watson +under contract to Apple Inc. +.Pp +The Basic Security Module (BSM) interface to audit records and audit event +stream format were defined by Sun Microsystems. diff --git a/contrib/openbsm/libbsm/au_socket_type.3 b/contrib/openbsm/libbsm/au_socket_type.3 new file mode 100644 index 0000000..174e5c7 --- /dev/null +++ b/contrib/openbsm/libbsm/au_socket_type.3 @@ -0,0 +1,93 @@ +.\"- +.\" Copyright (c) 2008 Apple Inc. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of +.\" its contributors may be used to endorse or promote products derived +.\" from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR +.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING +.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +.\" POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_socket_type.3#1 $ +.\" +.Dd December 28, 2008 +.Dt AU_BSM_TO_SOCKET_TYPE 3 +.Os +.Sh NAME +.Nm au_bsm_to_socket_type , +.Nm au_socket_type_to_bsm +.Nd "convert between BSM and local socket types" +.Sh LIBRARY +.Lb libbsm +.Sh SYNOPSIS +.In bsm/libbsm.h +.Ft int +.Fn au_bsm_to_socket_type "u_short bsm_socket_type" "int *local_socket_typep" +.Ft u_short +.Fn au_socket_type_to_bsm "int local_socket_type" +.Sh DESCRIPTION +These interfaces may be used to convert between the local and BSM socket +types. +The +.Fn au_bsm_to_socket_type +function accepts a BSM socket type, +.Fa bsm_socket_type , +and converts it to a local socket type, such as those passed to +.Xr socket 2 , +that will be stored in the integer pointed to by +.Fa local_socket_typep +if successful. +This call will fail if the BSM socket type cannot be mapped into a local +socket type, which may occur if the socket token was generated on another +operating system. +.Pp +.Fn au_socket_type_to_bsm +function accepts a local socket type, and returns the BSM socket type for it. +This call cannot fail, and instead returns a BSM socket type indicating to a +later decoder that the socket type could not be encoded. +.Sh RETURN VALULES +On success, +.Fn au_bsm_to_socket_type +returns 0 and a converted socket type; on failure, it returns -1 but does not +set +.Xr errno 2 . +.Pp +On success, +.Fn au_strerror +returns a pointer to an error string; on failure it will return +.Dv NULL . +.Sh SEE ALSO +.Xr au_bsm_to_domain 3 , +.Xr au_domain_to_bsm 3 , +.Xr au_to_socket_ex 3 , +.Xr libbsm 3 +.Sh HISTORY +.Fn au_bsm_to_socket_type +and +.Fn au_socket_type_to_bsm +were introduced in OpenBSM 1.1. +.Sh AUTHORS +These functions were implemented by +.An Robert Watson +under contract to Apple Inc. +.Pp +The Basic Security Module (BSM) interface to audit records and audit event +stream format were defined by Sun Microsystems. diff --git a/contrib/openbsm/libbsm/au_token.3 b/contrib/openbsm/libbsm/au_token.3 index 28d195e..2888729 100644 --- a/contrib/openbsm/libbsm/au_token.3 +++ b/contrib/openbsm/libbsm/au_token.3 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#16 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#17 $ .\" .Dd April 19, 2005 .Dt AU_TOKEN 3 @@ -60,6 +60,7 @@ .Nm au_to_sock_inet32 , .Nm au_to_sock_inet128 , .Nm au_to_sock_inet , +.Nm au_to_socket_ex , .Nm au_to_subject32 , .Nm au_to_subject64 , .Nm au_to_subject , @@ -156,6 +157,8 @@ .Ft "token_t *" .Fn au_to_sock_int "struct sockaddr_in *so" .Ft "token_t *" +.Fn au_to_socket_ex "u_short so_domain" "u_short so_type" "struct sockaddr *sa_local" "struct sockaddr *sa_remote" +.Ft "token_t *" .Fo au_to_subject32 .Fa "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" .Fa "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid" diff --git a/contrib/openbsm/libbsm/bsm_audit.c b/contrib/openbsm/libbsm/bsm_audit.c index 3510639..6537b37 100644 --- a/contrib/openbsm/libbsm/bsm_audit.c +++ b/contrib/openbsm/libbsm/bsm_audit.c @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#34 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#35 $ */ #include <sys/types.h> @@ -219,13 +219,16 @@ au_write(int d, token_t *tok) static int au_assemble(au_record_t *rec, short event) { - token_t *header, *tok, *trailer; - size_t tot_rec_size, hdrsize; - u_char *dptr; +#ifdef HAVE_AUDIT_SYSCALLS struct in6_addr *aptr; - int error; struct auditinfo_addr aia; struct timeval tm; + size_t hdrsize; +#endif /* HAVE_AUDIT_SYSCALLS */ + token_t *header, *tok, *trailer; + size_t tot_rec_size; + u_char *dptr; + int error; #ifdef HAVE_AUDIT_SYSCALLS /* diff --git a/contrib/openbsm/libbsm/bsm_domain.c b/contrib/openbsm/libbsm/bsm_domain.c new file mode 100644 index 0000000..496235f --- /dev/null +++ b/contrib/openbsm/libbsm/bsm_domain.c @@ -0,0 +1,499 @@ +/*- + * Copyright (c) 2008 Apple Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of Apple Inc. ("Apple") nor the names of + * its contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#2 $ + */ + +#include <sys/types.h> +#include <sys/socket.h> + +#include <config/config.h> + +#include <bsm/audit_domain.h> +#include <bsm/libbsm.h> + +struct bsm_domain { + u_short bd_bsm_domain; + int bd_local_domain; +}; + +#define PF_NO_LOCAL_MAPPING -600 + +static const struct bsm_domain bsm_domains[] = { + { BSM_PF_UNSPEC, PF_UNSPEC }, + { BSM_PF_LOCAL, PF_LOCAL }, + { BSM_PF_INET, PF_INET }, + { BSM_PF_IMPLINK, +#ifdef PF_IMPLINK + PF_IMPLINK +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_PUP, +#ifdef PF_PUP + PF_PUP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_CHAOS, +#ifdef PF_CHAOS + PF_CHAOS +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_NS, +#ifdef PF_NS + PF_NS +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_NBS, +#ifdef PF_NBS + PF_NBS +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ECMA, +#ifdef PF_ECMA + PF_ECMA +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_DATAKIT, +#ifdef PF_DATAKIT + PF_DATAKIT +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_CCITT, +#ifdef PF_CCITT + PF_CCITT +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_SNA, PF_SNA }, + { BSM_PF_DECnet, PF_DECnet }, + { BSM_PF_DLI, +#ifdef PF_DLI + PF_DLI +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_LAT, +#ifdef PF_LAT + PF_LAT +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_HYLINK, +#ifdef PF_HYLINK + PF_HYLINK +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_APPLETALK, PF_APPLETALK }, + { BSM_PF_NIT, +#ifdef PF_NIT + PF_NIT +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_802, +#ifdef PF_802 + PF_802 +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_OSI, +#ifdef PF_OSI + PF_OSI +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_X25, +#ifdef PF_X25 + PF_X25 +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_OSINET, +#ifdef PF_OSINET + PF_OSINET +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_GOSIP, +#ifdef PF_GOSIP + PF_GOSIP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_IPX, PF_IPX }, + { BSM_PF_ROUTE, PF_ROUTE }, + { BSM_PF_LINK, +#ifdef PF_LINK + PF_LINK +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_INET6, PF_INET6 }, + { BSM_PF_KEY, PF_KEY }, + { BSM_PF_NCA, +#ifdef PF_NCA + PF_NCA +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_POLICY, +#ifdef PF_POLICY + PF_POLICY +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_INET_OFFLOAD, +#ifdef PF_INET_OFFLOAD + PF_INET_OFFLOAD +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_NETBIOS, +#ifdef PF_NETBIOS + PF_NETBIOS +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ISO, +#ifdef PF_ISO + PF_ISO +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_XTP, +#ifdef PF_XTP + PF_XTP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_COIP, +#ifdef PF_COIP + PF_COIP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_CNT, +#ifdef PF_CNT + PF_CNT +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_RTIP, +#ifdef PF_RTIP + PF_RTIP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_SIP, +#ifdef PF_SIP + PF_SIP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_PIP, +#ifdef PF_PIP + PF_PIP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ISDN, +#ifdef PF_ISDN + PF_ISDN +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_E164, +#ifdef PF_E164 + PF_E164 +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_NATM, +#ifdef PF_NATM + PF_NATM +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ATM, +#ifdef PF_ATM + PF_ATM +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_NETGRAPH, +#ifdef PF_NETGRAPH + PF_NETGRAPH +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_SLOW, +#ifdef PF_SLOW + PF_SLOW +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_SCLUSTER, +#ifdef PF_SCLUSTER + PF_SCLUSTER +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ARP, +#ifdef PF_ARP + PF_ARP +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_BLUETOOTH, +#ifdef PF_BLUETOOTH + PF_BLUETOOTH +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_IEEE80211, +#ifdef PF_IEEE80211 + PF_IEEE80211 +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_AX25, +#ifdef PF_AX25 + PF_AX25 +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ROSE, +#ifdef PF_ROSE + PF_ROSE +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_NETBEUI, +#ifdef PF_NETBEUI + PF_NETBEUI +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_SECURITY, +#ifdef PF_SECURITY + PF_SECURITY +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_PACKET, +#ifdef PF_PACKET + PF_PACKET +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ASH, +#ifdef PF_ASH + PF_ASH +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ECONET, +#ifdef PF_ECONET + PF_ECONET +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_ATMSVC, +#ifdef PF_ATMSVC + PF_ATMSVC +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_IRDA, +#ifdef PF_IRDA + PF_IRDA +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_PPPOX, +#ifdef PF_PPPOX + PF_PPPOX +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_WANPIPE, +#ifdef PF_WANPIPE + PF_WANPIPE +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_LLC, +#ifdef PF_LLC + PF_LLC +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_CAN, +#ifdef PF_CAN + PF_CAN +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_TIPC, +#ifdef PF_TIPC + PF_TIPC +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_IUCV, +#ifdef PF_IUCV + PF_IUCV +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_RXRPC, +#ifdef PF_RXRPC + PF_RXRPC +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_PHONET, +#ifdef PF_PHONET + PF_PHONET +#else + PF_NO_LOCAL_MAPPING +#endif + }, +}; +static const int bsm_domains_count = sizeof(bsm_domains) / + sizeof(bsm_domains[0]); + +static const struct bsm_domain * +bsm_lookup_local_domain(int local_domain) +{ + int i; + + for (i = 0; i < bsm_domains_count; i++) { + if (bsm_domains[i].bd_local_domain == local_domain) + return (&bsm_domains[i]); + } + return (NULL); +} + +u_short +au_domain_to_bsm(int local_domain) +{ + const struct bsm_domain *bstp; + + bstp = bsm_lookup_local_domain(local_domain); + if (bstp == NULL) + return (BSM_PF_UNKNOWN); + return (bstp->bd_bsm_domain); +} + +static const struct bsm_domain * +bsm_lookup_bsm_domain(u_short bsm_domain) +{ + int i; + + for (i = 0; i < bsm_domains_count; i++) { + if (bsm_domains[i].bd_bsm_domain == bsm_domain) + return (&bsm_domains[i]); + } + return (NULL); +} + +int +au_bsm_to_domain(u_short bsm_domain, int *local_domainp) +{ + const struct bsm_domain *bstp; + + bstp = bsm_lookup_bsm_domain(bsm_domain); + if (bstp == NULL || bstp->bd_local_domain) + return (-1); + *local_domainp = bstp->bd_local_domain; + return (0); +} diff --git a/contrib/openbsm/libbsm/bsm_errno.c b/contrib/openbsm/libbsm/bsm_errno.c index e6f41d3..78aad97 100644 --- a/contrib/openbsm/libbsm/bsm_errno.c +++ b/contrib/openbsm/libbsm/bsm_errno.c @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#12 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#16 $ */ #include <sys/types.h> @@ -45,16 +45,25 @@ * operating system. These routines convert between BSM and local error * number spaces, subject to the above realities. BSM error numbers are * stored in a single 8-bit character, so don't have a byte order. + * + * Don't include string definitions when this code is compiled into a kernel. */ - -struct bsm_errors { - int be_bsm_error; - int be_os_error; +struct bsm_errno { + int be_bsm_errno; + int be_local_errno; +#if !defined(KERNEL) && !defined(_KERNEL) const char *be_strerror; +#endif }; #define ERRNO_NO_LOCAL_MAPPING -600 +#if !defined(KERNEL) && !defined(_KERNEL) +#define ES(x) x +#else +#define ES(x) +#endif + /* * Mapping table -- please maintain in numeric sorted order with respect to * the BSM constant. Today we do a linear lookup, but could switch to a @@ -70,523 +79,551 @@ struct bsm_errors { * support catalogues; these are only used if the OS doesn't have an error * string using strerror(3). */ -static const struct bsm_errors bsm_errors[] = { - { BSM_ESUCCESS, 0, "Success" }, - { BSM_EPERM, EPERM, "Operation not permitted" }, - { BSM_ENOENT, ENOENT, "No such file or directory" }, - { BSM_ESRCH, ESRCH, "No such process" }, - { BSM_EINTR, EINTR, "Interrupted system call" }, - { BSM_EIO, EIO, "Input/output error" }, - { BSM_ENXIO, ENXIO, "Device not configured" }, - { BSM_E2BIG, E2BIG, "Argument list too long" }, - { BSM_ENOEXEC, ENOEXEC, "Exec format error" }, - { BSM_EBADF, EBADF, "BAd file descriptor" }, - { BSM_ECHILD, ECHILD, "No child processes" }, - { BSM_EAGAIN, EAGAIN, "Resource temporarily unavailable" }, - { BSM_ENOMEM, ENOMEM, "Cannot allocate memory" }, - { BSM_EACCES, EACCES, "Permission denied" }, - { BSM_EFAULT, EFAULT, "Bad address" }, - { BSM_ENOTBLK, ENOTBLK, "Block device required" }, - { BSM_EBUSY, EBUSY, "Device busy" }, - { BSM_EEXIST, EEXIST, "File exists" }, - { BSM_EXDEV, EXDEV, "Cross-device link" }, - { BSM_ENODEV, ENODEV, "Operation not supported by device" }, - { BSM_ENOTDIR, ENOTDIR, "Not a directory" }, - { BSM_EISDIR, EISDIR, "Is a directory" }, - { BSM_EINVAL, EINVAL, "Invalid argument" }, - { BSM_ENFILE, ENFILE, "Too many open files in system" }, - { BSM_EMFILE, EMFILE, "Too many open files" }, - { BSM_ENOTTY, ENOTTY, "Inappropriate ioctl for device" }, - { BSM_ETXTBSY, ETXTBSY, "Text file busy" }, - { BSM_EFBIG, EFBIG, "File too large" }, - { BSM_ENOSPC, ENOSPC, "No space left on device" }, - { BSM_ESPIPE, ESPIPE, "Illegal seek" }, - { BSM_EROFS, EROFS, "Read-only file system" }, - { BSM_EMLINK, EMLINK, "Too many links" }, - { BSM_EPIPE, EPIPE, "Broken pipe" }, - { BSM_EDOM, EDOM, "Numerical argument out of domain" }, - { BSM_ERANGE, ERANGE, "Result too large" }, - { BSM_ENOMSG, ENOMSG, "No message of desired type" }, - { BSM_EIDRM, EIDRM, "Identifier removed" }, - { BSM_ECHRNG, +static const struct bsm_errno bsm_errnos[] = { + { BSM_ERRNO_ESUCCESS, 0, ES("Success") }, + { BSM_ERRNO_EPERM, EPERM, ES("Operation not permitted") }, + { BSM_ERRNO_ENOENT, ENOENT, ES("No such file or directory") }, + { BSM_ERRNO_ESRCH, ESRCH, ES("No such process") }, + { BSM_ERRNO_EINTR, EINTR, ES("Interrupted system call") }, + { BSM_ERRNO_EIO, EIO, ES("Input/output error") }, + { BSM_ERRNO_ENXIO, ENXIO, ES("Device not configured") }, + { BSM_ERRNO_E2BIG, E2BIG, ES("Argument list too long") }, + { BSM_ERRNO_ENOEXEC, ENOEXEC, ES("Exec format error") }, + { BSM_ERRNO_EBADF, EBADF, ES("Bad file descriptor") }, + { BSM_ERRNO_ECHILD, ECHILD, ES("No child processes") }, + { BSM_ERRNO_EAGAIN, EAGAIN, ES("Resource temporarily unavailable") }, + { BSM_ERRNO_ENOMEM, ENOMEM, ES("Cannot allocate memory") }, + { BSM_ERRNO_EACCES, EACCES, ES("Permission denied") }, + { BSM_ERRNO_EFAULT, EFAULT, ES("Bad address") }, + { BSM_ERRNO_ENOTBLK, ENOTBLK, ES("Block device required") }, + { BSM_ERRNO_EBUSY, EBUSY, ES("Device busy") }, + { BSM_ERRNO_EEXIST, EEXIST, ES("File exists") }, + { BSM_ERRNO_EXDEV, EXDEV, ES("Cross-device link") }, + { BSM_ERRNO_ENODEV, ENODEV, ES("Operation not supported by device") }, + { BSM_ERRNO_ENOTDIR, ENOTDIR, ES("Not a directory") }, + { BSM_ERRNO_EISDIR, EISDIR, ES("Is a directory") }, + { BSM_ERRNO_EINVAL, EINVAL, ES("Invalid argument") }, + { BSM_ERRNO_ENFILE, ENFILE, ES("Too many open files in system") }, + { BSM_ERRNO_EMFILE, EMFILE, ES("Too many open files") }, + { BSM_ERRNO_ENOTTY, ENOTTY, ES("Inappropriate ioctl for device") }, + { BSM_ERRNO_ETXTBSY, ETXTBSY, ES("Text file busy") }, + { BSM_ERRNO_EFBIG, EFBIG, ES("File too large") }, + { BSM_ERRNO_ENOSPC, ENOSPC, ES("No space left on device") }, + { BSM_ERRNO_ESPIPE, ESPIPE, ES("Illegal seek") }, + { BSM_ERRNO_EROFS, EROFS, ES("Read-only file system") }, + { BSM_ERRNO_EMLINK, EMLINK, ES("Too many links") }, + { BSM_ERRNO_EPIPE, EPIPE, ES("Broken pipe") }, + { BSM_ERRNO_EDOM, EDOM, ES("Numerical argument out of domain") }, + { BSM_ERRNO_ERANGE, ERANGE, ES("Result too large") }, + { BSM_ERRNO_ENOMSG, ENOMSG, ES("No message of desired type") }, + { BSM_ERRNO_EIDRM, EIDRM, ES("Identifier removed") }, + { BSM_ERRNO_ECHRNG, #ifdef ECHRNG ECHRNG, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Channel number out of range" }, - { BSM_EL2NSYNC, + ES("Channel number out of range") }, + { BSM_ERRNO_EL2NSYNC, #ifdef EL2NSYNC EL2NSYNC, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Level 2 not synchronized" }, - { BSM_EL3HLT, + ES("Level 2 not synchronized") }, + { BSM_ERRNO_EL3HLT, #ifdef EL3HLT EL3HLT, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Level 3 halted" }, - { BSM_EL3RST, + ES("Level 3 halted") }, + { BSM_ERRNO_EL3RST, #ifdef EL3RST EL3RST, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Level 3 reset" }, - { BSM_ELNRNG, + ES("Level 3 reset") }, + { BSM_ERRNO_ELNRNG, #ifdef ELNRNG ELNRNG, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Link number out of range" }, - { BSM_EUNATCH, + ES("Link number out of range") }, + { BSM_ERRNO_EUNATCH, #ifdef EUNATCH EUNATCH, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Protocol driver not attached" }, - { BSM_ENOCSI, + ES("Protocol driver not attached") }, + { BSM_ERRNO_ENOCSI, #ifdef ENOCSI ENOCSI, #else ERRNO_NO_LOCAL_MAPPING, #endif - "No CSI structure available" }, - { BSM_EL2HLT, + ES("No CSI structure available") }, + { BSM_ERRNO_EL2HLT, #ifdef EL2HLT EL2HLT, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Level 2 halted" }, - { BSM_EDEADLK, EDEADLK, "Resource deadlock avoided" }, - { BSM_ENOLCK, ENOLCK, "No locks available" }, - { BSM_ECANCELED, ECANCELED, "Operation canceled" }, - { BSM_ENOTSUP, ENOTSUP, "Operation not supported" }, - { BSM_EDQUOT, EDQUOT, "Disc quota exceeded" }, - { BSM_EBADE, + ES("Level 2 halted") }, + { BSM_ERRNO_EDEADLK, EDEADLK, ES("Resource deadlock avoided") }, + { BSM_ERRNO_ENOLCK, ENOLCK, ES("No locks available") }, + { BSM_ERRNO_ECANCELED, ECANCELED, ES("Operation canceled") }, + { BSM_ERRNO_ENOTSUP, ENOTSUP, ES("Operation not supported") }, + { BSM_ERRNO_EDQUOT, EDQUOT, ES("Disc quota exceeded") }, + { BSM_ERRNO_EBADE, #ifdef EBADE EBADE, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Invalid exchange" }, - { BSM_EBADR, + ES("Invalid exchange") }, + { BSM_ERRNO_EBADR, #ifdef EBADR EBADR, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Invalid request descriptor" }, - { BSM_EXFULL, + ES("Invalid request descriptor") }, + { BSM_ERRNO_EXFULL, #ifdef EXFULL EXFULL, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Exchange full" }, - { BSM_ENOANO, + ES("Exchange full") }, + { BSM_ERRNO_ENOANO, #ifdef ENOANO ENOANO, #else ERRNO_NO_LOCAL_MAPPING, #endif - "No anode" }, - { BSM_EBADRQC, + ES("No anode") }, + { BSM_ERRNO_EBADRQC, #ifdef EBADRQC EBADRQC, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Invalid request descriptor" }, - { BSM_EBADSLT, + ES("Invalid request descriptor") }, + { BSM_ERRNO_EBADSLT, #ifdef EBADSLT EBADSLT, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Invalid slot" }, - { BSM_EDEADLOCK, + ES("Invalid slot") }, + { BSM_ERRNO_EDEADLOCK, #ifdef EDEADLOCK EDEADLOCK, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Resource deadlock avoided" }, - { BSM_EBFONT, + ES("Resource deadlock avoided") }, + { BSM_ERRNO_EBFONT, #ifdef EBFONT EBFONT, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Bad font file format" }, - { BSM_EOWNERDEAD, + ES("Bad font file format") }, + { BSM_ERRNO_EOWNERDEAD, #ifdef EOWNERDEAD EOWNERDEAD, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Process died with the lock" }, - { BSM_ENOTRECOVERABLE, + ES("Process died with the lock") }, + { BSM_ERRNO_ENOTRECOVERABLE, #ifdef ENOTRECOVERABLE ENOTRECOVERABLE, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Lock is not recoverable" }, - { BSM_ENOSTR, + ES("Lock is not recoverable") }, + { BSM_ERRNO_ENOSTR, #ifdef ENOSTR ENOSTR, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Device not a stream" }, - { BSM_ENONET, + ES("Device not a stream") }, + { BSM_ERRNO_ENONET, #ifdef ENONET ENONET, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Machine is not on the network" }, - { BSM_ENOPKG, + ES("Machine is not on the network") }, + { BSM_ERRNO_ENOPKG, #ifdef ENOPKG ENOPKG, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Package not installed" }, - { BSM_EREMOTE, EREMOTE, "Too many levels of remote in path" }, - { BSM_ENOLINK, + ES("Package not installed") }, + { BSM_ERRNO_EREMOTE, EREMOTE, + ES("Too many levels of remote in path") }, + { BSM_ERRNO_ENOLINK, #ifdef ENOLINK ENOLINK, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Link has been severed" }, - { BSM_EADV, + ES("Link has been severed") }, + { BSM_ERRNO_EADV, #ifdef EADV EADV, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Advertise error" }, - { BSM_ESRMNT, + ES("Advertise error") }, + { BSM_ERRNO_ESRMNT, #ifdef ESRMNT ESRMNT, #else ERRNO_NO_LOCAL_MAPPING, #endif - "srmount error" }, - { BSM_ECOMM, + ES("srmount error") }, + { BSM_ERRNO_ECOMM, #ifdef ECOMM ECOMM, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Communication error on send" }, - { BSM_EPROTO, + ES("Communication error on send") }, + { BSM_ERRNO_EPROTO, #ifdef EPROTO EPROTO, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Protocol error" }, - { BSM_ELOCKUNMAPPED, + ES("Protocol error") }, + { BSM_ERRNO_ELOCKUNMAPPED, #ifdef ELOCKUNMAPPED ELOCKUNMAPPED, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Locked lock was unmapped" }, - { BSM_ENOTACTIVE, + ES("Locked lock was unmapped") }, + { BSM_ERRNO_ENOTACTIVE, #ifdef ENOTACTIVE ENOTACTIVE, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Facility is not active" }, - { BSM_EMULTIHOP, + ES("Facility is not active") }, + { BSM_ERRNO_EMULTIHOP, #ifdef EMULTIHOP EMULTIHOP, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Multihop attempted" }, - { BSM_EBADMSG, + ES("Multihop attempted") }, + { BSM_ERRNO_EBADMSG, #ifdef EBADMSG EBADMSG, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Bad message" }, - { BSM_ENAMETOOLONG, ENAMETOOLONG, "File name too long" }, - { BSM_EOVERFLOW, EOVERFLOW, "Value too large to be stored in data type" }, - { BSM_ENOTUNIQ, + ES("Bad message") }, + { BSM_ERRNO_ENAMETOOLONG, ENAMETOOLONG, ES("File name too long") }, + { BSM_ERRNO_EOVERFLOW, EOVERFLOW, + ES("Value too large to be stored in data type") }, + { BSM_ERRNO_ENOTUNIQ, #ifdef ENOTUNIQ ENOTUNIQ, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Given log name not unique" }, - { BSM_EBADFD, + ES("Given log name not unique") }, + { BSM_ERRNO_EBADFD, #ifdef EBADFD EBADFD, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Given f.d. invalid for this operation" }, - { BSM_EREMCHG, + ES("Given f.d. invalid for this operation") }, + { BSM_ERRNO_EREMCHG, #ifdef EREMCHG EREMCHG, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Remote address changed" }, - { BSM_ELIBACC, + ES("Remote address changed") }, + { BSM_ERRNO_ELIBACC, #ifdef ELIBACC ELIBACC, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Can't access a needed shared lib" }, - { BSM_ELIBBAD, + ES("Can't access a needed shared lib") }, + { BSM_ERRNO_ELIBBAD, #ifdef ELIBBAD ELIBBAD, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Accessing a corrupted shared lib" }, - { BSM_ELIBSCN, + ES("Accessing a corrupted shared lib") }, + { BSM_ERRNO_ELIBSCN, #ifdef ELIBSCN ELIBSCN, #else ERRNO_NO_LOCAL_MAPPING, #endif - ".lib section in a.out corrupted" }, - { BSM_ELIBMAX, + ES(".lib section in a.out corrupted") }, + { BSM_ERRNO_ELIBMAX, #ifdef ELIBMAX ELIBMAX, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Attempting to link in too many libs" }, - { BSM_ELIBEXEC, + ES("Attempting to link in too many libs") }, + { BSM_ERRNO_ELIBEXEC, #ifdef ELIBEXEC ELIBEXEC, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Attempting to exec a shared library" }, - { BSM_EILSEQ, EILSEQ, "Illegal byte sequence" }, - { BSM_ENOSYS, ENOSYS, "Function not implemented" }, - { BSM_ELOOP, ELOOP, "Too many levels of symbolic links" }, - { BSM_ERESTART, + ES("Attempting to exec a shared library") }, + { BSM_ERRNO_EILSEQ, EILSEQ, ES("Illegal byte sequence") }, + { BSM_ERRNO_ENOSYS, ENOSYS, ES("Function not implemented") }, + { BSM_ERRNO_ELOOP, ELOOP, ES("Too many levels of symbolic links") }, + { BSM_ERRNO_ERESTART, #ifdef ERESTART ERESTART, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Restart syscall" }, - { BSM_ESTRPIPE, + ES("Restart syscall") }, + { BSM_ERRNO_ESTRPIPE, #ifdef ESTRPIPE ESTRPIPE, #else ERRNO_NO_LOCAL_MAPPING, #endif - "If pipe/FIFO, don't sleep in stream head" }, - { BSM_ENOTEMPTY, ENOTEMPTY, "Directory not empty" }, - { BSM_EUSERS, EUSERS, "Too many users" }, - { BSM_ENOTSOCK, ENOTSOCK, "Socket operation on non-socket" }, - { BSM_EDESTADDRREQ, EDESTADDRREQ, "Destination address required" }, - { BSM_EMSGSIZE, EMSGSIZE, "Message too long" }, - { BSM_EPROTOTYPE, EPROTOTYPE, "Protocol wrong type for socket" }, - { BSM_ENOPROTOOPT, ENOPROTOOPT, "Protocol not available" }, - { BSM_EPROTONOSUPPORT, EPROTONOSUPPORT, "Protocol not supported" }, - { BSM_ESOCKTNOSUPPORT, ESOCKTNOSUPPORT, "Socket type not supported" }, - { BSM_EOPNOTSUPP, EOPNOTSUPP, "Operation not supported" }, - { BSM_EPFNOSUPPORT, EPFNOSUPPORT, "Protocol family not supported" }, - { BSM_EAFNOSUPPORT, EAFNOSUPPORT, "Address family not supported by protocol family" }, - { BSM_EADDRINUSE, EADDRINUSE, "Address already in use" }, - { BSM_EADDRNOTAVAIL, EADDRNOTAVAIL, "Can't assign requested address" }, - { BSM_ENETDOWN, ENETDOWN, "Network is down" }, - { BSM_ENETRESET, ENETRESET, "Network dropped connection on reset" }, - { BSM_ECONNABORTED, ECONNABORTED, "Software caused connection abort" }, - { BSM_ECONNRESET, ECONNRESET, "Connection reset by peer" }, - { BSM_ENOBUFS, ENOBUFS, "No buffer space available" }, - { BSM_EISCONN, EISCONN, "Socket is already connected" }, - { BSM_ENOTCONN, ENOTCONN, "Socket is not connected" }, - { BSM_ESHUTDOWN, ESHUTDOWN, "Can't send after socket shutdown" }, - { BSM_ETOOMANYREFS, ETOOMANYREFS, "Too many references: can't splice" }, - { BSM_ETIMEDOUT, ETIMEDOUT, "Operation timed out" }, - { BSM_ECONNREFUSED, ECONNREFUSED, "Connection refused" }, - { BSM_EHOSTDOWN, EHOSTDOWN, "Host is down" }, - { BSM_EHOSTUNREACH, EHOSTUNREACH, "No route to host" }, - { BSM_EALREADY, EALREADY, "Operation already in progress" }, - { BSM_EINPROGRESS, EINPROGRESS, "Operation now in progress" }, - { BSM_ESTALE, ESTALE, "Stale NFS file handle" }, - { BSM_EPWROFF, + ES("If pipe/FIFO, don't sleep in stream head") }, + { BSM_ERRNO_ENOTEMPTY, ENOTEMPTY, ES("Directory not empty") }, + { BSM_ERRNO_EUSERS, EUSERS, ES("Too many users") }, + { BSM_ERRNO_ENOTSOCK, ENOTSOCK, + ES("Socket operation on non-socket") }, + { BSM_ERRNO_EDESTADDRREQ, EDESTADDRREQ, + ES("Destination address required") }, + { BSM_ERRNO_EMSGSIZE, EMSGSIZE, ES("Message too long") }, + { BSM_ERRNO_EPROTOTYPE, EPROTOTYPE, + ES("Protocol wrong type for socket") }, + { BSM_ERRNO_ENOPROTOOPT, ENOPROTOOPT, ES("Protocol not available") }, + { BSM_ERRNO_EPROTONOSUPPORT, EPROTONOSUPPORT, + ES("Protocol not supported") }, + { BSM_ERRNO_ESOCKTNOSUPPORT, ESOCKTNOSUPPORT, + ES("Socket type not supported") }, + { BSM_ERRNO_EOPNOTSUPP, EOPNOTSUPP, ES("Operation not supported") }, + { BSM_ERRNO_EPFNOSUPPORT, EPFNOSUPPORT, + ES("Protocol family not supported") }, + { BSM_ERRNO_EAFNOSUPPORT, EAFNOSUPPORT, + ES("Address family not supported by protocol family") }, + { BSM_ERRNO_EADDRINUSE, EADDRINUSE, ES("Address already in use") }, + { BSM_ERRNO_EADDRNOTAVAIL, EADDRNOTAVAIL, + ES("Can't assign requested address") }, + { BSM_ERRNO_ENETDOWN, ENETDOWN, ES("Network is down") }, + { BSM_ERRNO_ENETRESET, ENETRESET, + ES("Network dropped connection on reset") }, + { BSM_ERRNO_ECONNABORTED, ECONNABORTED, + ES("Software caused connection abort") }, + { BSM_ERRNO_ECONNRESET, ECONNRESET, ES("Connection reset by peer") }, + { BSM_ERRNO_ENOBUFS, ENOBUFS, ES("No buffer space available") }, + { BSM_ERRNO_EISCONN, EISCONN, ES("Socket is already connected") }, + { BSM_ERRNO_ENOTCONN, ENOTCONN, ES("Socket is not connected") }, + { BSM_ERRNO_ESHUTDOWN, ESHUTDOWN, + ES("Can't send after socket shutdown") }, + { BSM_ERRNO_ETOOMANYREFS, ETOOMANYREFS, + ES("Too many references: can't splice") }, + { BSM_ERRNO_ETIMEDOUT, ETIMEDOUT, ES("Operation timed out") }, + { BSM_ERRNO_ECONNREFUSED, ECONNREFUSED, ES("Connection refused") }, + { BSM_ERRNO_EHOSTDOWN, EHOSTDOWN, ES("Host is down") }, + { BSM_ERRNO_EHOSTUNREACH, EHOSTUNREACH, ES("No route to host") }, + { BSM_ERRNO_EALREADY, EALREADY, ES("Operation already in progress") }, + { BSM_ERRNO_EINPROGRESS, EINPROGRESS, + ES("Operation now in progress") }, + { BSM_ERRNO_ESTALE, ESTALE, ES("Stale NFS file handle") }, + { BSM_ERRNO_EPWROFF, #ifdef EPWROFF EPWROFF, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Device power is off" }, - { BSM_EDEVERR, + ES("Device power is off") }, + { BSM_ERRNO_EDEVERR, #ifdef EDEVERR EDEVERR, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Device error" }, - { BSM_EBADEXEC, + ES("Device error") }, + { BSM_ERRNO_EBADEXEC, #ifdef EBADEXEC EBADEXEC, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Bad executable" }, - { BSM_EBADARCH, + ES("Bad executable") }, + { BSM_ERRNO_EBADARCH, #ifdef EBADARCH EBADARCH, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Bad CPU type in executable" }, - { BSM_ESHLIBVERS, + ES("Bad CPU type in executable") }, + { BSM_ERRNO_ESHLIBVERS, #ifdef ESHLIBVERS ESHLIBVERS, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Shared library version mismatch" }, - { BSM_EBADMACHO, + ES("Shared library version mismatch") }, + { BSM_ERRNO_EBADMACHO, #ifdef EBADMACHO EBADMACHO, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Malfored Macho file" }, - { BSM_EPOLICY, + ES("Malfored Macho file") }, + { BSM_ERRNO_EPOLICY, #ifdef EPOLICY EPOLICY, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Operation failed by policy" }, - { BSM_EDOTDOT, + ES("Operation failed by policy") }, + { BSM_ERRNO_EDOTDOT, #ifdef EDOTDOT EDOTDOT, #else ERRNO_NO_LOCAL_MAPPING, #endif - "RFS specific error" }, - { BSM_EUCLEAN, + ES("RFS specific error") }, + { BSM_ERRNO_EUCLEAN, #ifdef EUCLEAN EUCLEAN, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Structure needs cleaning" }, - { BSM_ENOTNAM, + ES("Structure needs cleaning") }, + { BSM_ERRNO_ENOTNAM, #ifdef ENOTNAM ENOTNAM, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Not a XENIX named type file" }, - { BSM_ENAVAIL, + ES("Not a XENIX named type file") }, + { BSM_ERRNO_ENAVAIL, #ifdef ENAVAIL ENAVAIL, #else ERRNO_NO_LOCAL_MAPPING, #endif - "No XENIX semaphores available" }, - { BSM_EISNAM, + ES("No XENIX semaphores available") }, + { BSM_ERRNO_EISNAM, #ifdef EISNAM EISNAM, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Is a named type file" }, - { BSM_EREMOTEIO, + ES("Is a named type file") }, + { BSM_ERRNO_EREMOTEIO, #ifdef EREMOTEIO EREMOTEIO, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Remote I/O error" }, - { BSM_ENOMEDIUM, + ES("Remote I/O error") }, + { BSM_ERRNO_ENOMEDIUM, #ifdef ENOMEDIUM ENOMEDIUM, #else ERRNO_NO_LOCAL_MAPPING, #endif - "No medium found" }, - { BSM_EMEDIUMTYPE, + ES("No medium found") }, + { BSM_ERRNO_EMEDIUMTYPE, #ifdef EMEDIUMTYPE EMEDIUMTYPE, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Wrong medium type" }, - { BSM_ENOKEY, + ES("Wrong medium type") }, + { BSM_ERRNO_ENOKEY, #ifdef ENOKEY ENOKEY, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Required key not available" }, - { BSM_EKEYEXPIRED, + ES("Required key not available") }, + { BSM_ERRNO_EKEYEXPIRED, #ifdef EKEEXPIRED EKEYEXPIRED, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Key has expired" }, - { BSM_EKEYREVOKED, + ES("Key has expired") }, + { BSM_ERRNO_EKEYREVOKED, #ifdef EKEYREVOKED EKEYREVOKED, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Key has been revoked" }, - { BSM_EKEYREJECTED, + ES("Key has been revoked") }, + { BSM_ERRNO_EKEYREJECTED, #ifdef EKEREJECTED EKEYREJECTED, #else ERRNO_NO_LOCAL_MAPPING, #endif - "Key was rejected by service" }, + ES("Key was rejected by service") }, }; -static const int bsm_errors_count = sizeof(bsm_errors) / sizeof(bsm_errors[0]); +static const int bsm_errnos_count = sizeof(bsm_errnos) / sizeof(bsm_errnos[0]); -static const struct bsm_errors * -au_bsm_error_lookup_errno(int error) +static const struct bsm_errno * +bsm_lookup_errno_local(int local_errno) { int i; - if (error == ERRNO_NO_LOCAL_MAPPING) - return (NULL); - for (i = 0; i < bsm_errors_count; i++) { - if (bsm_errors[i].be_os_error == error) - return (&bsm_errors[i]); + for (i = 0; i < bsm_errnos_count; i++) { + if (bsm_errnos[i].be_local_errno == local_errno) + return (&bsm_errnos[i]); } return (NULL); } -static const struct bsm_errors * -au_bsm_error_lookup_bsm(u_char bsm_error) +/* + * Conversion to the BSM errno space isn't allowed to fail; we simply map to + * BSM_ERRNO_UNKNOWN and let the remote endpoint deal with it. + */ +u_char +au_errno_to_bsm(int local_errno) +{ + const struct bsm_errno *bsme; + + bsme = bsm_lookup_errno_local(local_errno); + if (bsme == NULL) + return (BSM_ERRNO_UNKNOWN); + return (bsme->be_bsm_errno); +} + +static const struct bsm_errno * +bsm_lookup_errno_bsm(u_char bsm_errno) { int i; - for (i = 0; i < bsm_errors_count; i++) { - if (bsm_errors[i].be_bsm_error == bsm_error) - return (&bsm_errors[i]); + for (i = 0; i < bsm_errnos_count; i++) { + if (bsm_errnos[i].be_bsm_errno == bsm_errno) + return (&bsm_errnos[i]); } return (NULL); } @@ -594,49 +631,31 @@ au_bsm_error_lookup_bsm(u_char bsm_error) /* * Converstion from a BSM error to a local error number may fail if either * OpenBSM doesn't recognize the error on the wire, or because there is no - * appropriate local mapping. However, we don't allow conversion to BSM to - * fail, we just convert to BSM_UKNOWNERR. + * appropriate local mapping. */ int -au_bsm_to_errno(u_char bsm_error, int *errorp) +au_bsm_to_errno(u_char bsm_errno, int *errorp) { - const struct bsm_errors *bsme; + const struct bsm_errno *bsme; - bsme = au_bsm_error_lookup_bsm(bsm_error); - if (bsme == NULL || bsme->be_os_error == ERRNO_NO_LOCAL_MAPPING) + bsme = bsm_lookup_errno_bsm(bsm_errno); + if (bsme == NULL || bsme->be_local_errno == ERRNO_NO_LOCAL_MAPPING) return (-1); - *errorp = bsme->be_os_error; + *errorp = bsme->be_local_errno; return (0); } -u_char -au_errno_to_bsm(int error) -{ - const struct bsm_errors *bsme; - - /* - * We should never be passed this libbsm-internal constant, and - * because it is ambiguous we just return an error. - */ - if (error == ERRNO_NO_LOCAL_MAPPING) - return (BSM_UNKNOWNERR); - bsme = au_bsm_error_lookup_errno(error); - if (bsme == NULL) - return (BSM_UNKNOWNERR); - return (bsme->be_bsm_error); -} - #if !defined(KERNEL) && !defined(_KERNEL) const char * -au_strerror(u_char bsm_error) +au_strerror(u_char bsm_errno) { - const struct bsm_errors *bsme; + const struct bsm_errno *bsme; - bsme = au_bsm_error_lookup_bsm(bsm_error); + bsme = bsm_lookup_errno_bsm(bsm_errno); if (bsme == NULL) return ("Unrecognized BSM error"); - if (bsme->be_os_error != ERRNO_NO_LOCAL_MAPPING) - return (strerror(bsme->be_os_error)); + if (bsme->be_local_errno != ERRNO_NO_LOCAL_MAPPING) + return (strerror(bsme->be_local_errno)); return (bsme->be_strerror); } #endif diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c index e593745..eb56827 100644 --- a/contrib/openbsm/libbsm/bsm_io.c +++ b/contrib/openbsm/libbsm/bsm_io.c @@ -32,7 +32,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#59 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#60 $ */ #include <sys/types.h> @@ -3827,6 +3827,12 @@ print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, __unused char sfrm, int xml) { + /* + * This print routine prints BSM constant space domains and socket + * types rather than converting them. If we add string printers for + * these constants in the future, we may want to call conversion + * routines. + */ print_tok_type(fp, tok->id, "socket", raw, xml); if (xml) { open_attr(fp, "sock_dom"); diff --git a/contrib/openbsm/libbsm/bsm_socket_type.c b/contrib/openbsm/libbsm/bsm_socket_type.c new file mode 100644 index 0000000..a10b609 --- /dev/null +++ b/contrib/openbsm/libbsm/bsm_socket_type.c @@ -0,0 +1,104 @@ +/*- + * Copyright (c) 2008 Apple Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of Apple Inc. ("Apple") nor the names of + * its contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_socket_type.c#1 $ + */ + +#include <sys/types.h> +#include <sys/socket.h> + +#include <config/config.h> + +#include <bsm/audit_socket_type.h> +#include <bsm/libbsm.h> + +struct bsm_socket_type { + u_short bst_bsm_socket_type; + int bst_local_socket_type; +}; + +#define ST_NO_LOCAL_MAPPING -600 + +static const struct bsm_socket_type bsm_socket_types[] = { + { BSM_SOCK_DGRAM, SOCK_DGRAM }, + { BSM_SOCK_STREAM, SOCK_STREAM }, + { BSM_SOCK_RAW, SOCK_RAW }, + { BSM_SOCK_RDM, SOCK_RDM }, + { BSM_SOCK_SEQPACKET, SOCK_SEQPACKET }, +}; +static const int bsm_socket_types_count = sizeof(bsm_socket_types) / + sizeof(bsm_socket_types[0]); + +static const struct bsm_socket_type * +bsm_lookup_local_socket_type(int local_socket_type) +{ + int i; + + for (i = 0; i < bsm_socket_types_count; i++) { + if (bsm_socket_types[i].bst_local_socket_type == + local_socket_type) + return (&bsm_socket_types[i]); + } + return (NULL); +} + +u_short +au_socket_type_to_bsm(int local_socket_type) +{ + const struct bsm_socket_type *bstp; + + bstp = bsm_lookup_local_socket_type(local_socket_type); + if (bstp == NULL) + return (BSM_SOCK_UNKNOWN); + return (bstp->bst_bsm_socket_type); +} + +static const struct bsm_socket_type * +bsm_lookup_bsm_socket_type(u_short bsm_socket_type) +{ + int i; + + for (i = 0; i < bsm_socket_types_count; i++) { + if (bsm_socket_types[i].bst_bsm_socket_type == + bsm_socket_type) + return (&bsm_socket_types[i]); + } + return (NULL); +} + +int +au_bsm_to_socket_type(u_short bsm_socket_type, int *local_socket_typep) +{ + const struct bsm_socket_type *bstp; + + bstp = bsm_lookup_bsm_socket_type(bsm_socket_type); + if (bstp == NULL || bstp->bst_local_socket_type) + return (-1); + *local_socket_typep = bstp->bst_local_socket_type; + return (0); +} diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c index c9aa1a9..430e09b 100644 --- a/contrib/openbsm/libbsm/bsm_token.c +++ b/contrib/openbsm/libbsm/bsm_token.c @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#85 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#86 $ */ #include <sys/types.h> @@ -944,6 +944,9 @@ au_to_seq(long audit_count) * local address 4 bytes/16 bytes (IPv4/IPv6 address) * remote port 2 bytes * remote address 4 bytes/16 bytes (IPv4/IPv6 address) + * + * Domain and type arguments to this routine are assumed to already have been + * converted to the BSM constant space, so we don't do that here. */ token_t * au_to_socket_ex(u_short so_domain, u_short so_type, diff --git a/contrib/openbsm/libbsm/libbsm.3 b/contrib/openbsm/libbsm/libbsm.3 index 9a8ebda..f059e28 100644 --- a/contrib/openbsm/libbsm/libbsm.3 +++ b/contrib/openbsm/libbsm/libbsm.3 @@ -1,5 +1,6 @@ .\"- .\" Copyright (c) 2005-2007 Robert N. M. Watson +.\" Copyright (c) 2008 Apple Inc. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -23,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#14 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#16 $ .\" .Dd November 12, 2008 .Dt LIBBSM 3 @@ -170,6 +171,7 @@ representation: .Xr au_to_sock_inet 3 , .Xr au_to_sock_inet32 3 , .Xr au_to_sock_inet128 3 , +.Xr au_to_socket_ex 3 , .Xr au_to_subject 3 , .Xr au_to_subject32 3 , .Xr au_to_subject64 3 , @@ -191,22 +193,30 @@ database: .Xr getauusernam 3 , .Xr getauusernam_r 3 , .Xr getfauditflags 3 . +.Ss Audit Constant Conversion Interfaces +These functions convert between BSM and local constants, including the +.Xr errno 2 +number, socket type, and protocol famil spaces, and must be used to generate +and interpret BSM return and extended socket tokens: +.Xr au_bsm_to_domain 3 , +.Xr au_bsm_to_errno 3 , +.Xr au_bsm_to_socket_type 3 , +.Xr au_domain_to_bsm 3 , +.Xr au_errno_to_bsm 3 , +.Xr au_socket_type_to_bsm 3 . .Sh SEE ALSO .Xr au_class 3 , -.Xr audit_submit 3 , +.Xr au_domain 3 , +.Xr au_errno 3 , .Xr au_mask 3 , .Xr au_notify 3 , +.Xr au_socket_type 3 , .Xr au_stream 3 , .Xr au_token 3 , .Xr au_user 3 , +.Xr audit_submit 3 , .Xr audit_class 5 , .Xr audit_control 5 -.Ss Audit Error Interfaces -These functions convert between BSM and local -.Xr errno 2 -error numbers, and must be used to interpret and generate BSM return tokens: -.Xr au_bsm_to_errno 3 , -.Xr au_errno_to_bsm 3 . .Sh HISTORY The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. |
