diff options
author | rwatson <rwatson@FreeBSD.org> | 2009-03-02 13:29:18 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2009-03-02 13:29:18 +0000 |
commit | ee5318d5431890ccd7baeb15560b4bebe982525b (patch) | |
tree | e1a5bcd2b0eca50f696afbc416858fa574e50e8d /contrib/openbsm/libbsm | |
parent | 5cacf7357664a8a200d2ba7bd7b8e820b681cd06 (diff) | |
download | FreeBSD-src-ee5318d5431890ccd7baeb15560b4bebe982525b.zip FreeBSD-src-ee5318d5431890ccd7baeb15560b4bebe982525b.tar.gz |
Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge).
OpenBSM history for imported revision below for reference.
MFC after: 1 month
Sponsored by: Apple, Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 beta 1
- The filesz parameter in audit_control(5) now accepts suffixes: 'B' for
Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes.
For legacy support no suffix defaults to bytes.
- Audit trail log expiration support added. It is configured in
audit_control(5) with the expire-after parameter. If there is no
expire-after parameter in audit_control(5), the default, then the audit
trail files are not expired and removed. See audit_control(5) for
more information.
- Change defaults in audit_control: warn at 5% rather than 20% free for audit
partitions, rotate automatically at 2mb, and set the default policy to
cnt,argv rather than cnt so that execve(2) arguments are captured if
AUE_EXECVE events are audited. These may provide more usable defaults for
many users.
- Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert
au_to_socket_ex(3) arguments to BSM format.
- Fix error encoding AUT_IPC_PERM tokens.
Diffstat (limited to 'contrib/openbsm/libbsm')
-rw-r--r-- | contrib/openbsm/libbsm/au_control.3 | 24 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/au_domain.3 | 3 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/au_errno.3 | 5 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/bsm_control.c | 420 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/bsm_errno.c | 4 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/bsm_io.c | 4 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/bsm_token.c | 17 |
7 files changed, 299 insertions, 178 deletions
diff --git a/contrib/openbsm/libbsm/au_control.3 b/contrib/openbsm/libbsm/au_control.3 index e17ae16..8cad121 100644 --- a/contrib/openbsm/libbsm/au_control.3 +++ b/contrib/openbsm/libbsm/au_control.3 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#9 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#10 $ .\" .Dd April 19, 2005 .Dt AU_CONTROL 3 @@ -33,6 +33,7 @@ .Nm endac , .Nm getacdir , .Nm getacmin , +.Nm getacexpire , .Nm getacfilesz , .Nm getacflg , .Nm getacna , @@ -53,6 +54,8 @@ .Ft int .Fn getacmin "int *min_val" .Ft int +.Fn getacexpire "int *andflg, time_t *age, size_t *size" +.Ft int .Fn getacfilesz "size_t *size_val" .Ft int .Fn getacflg "char *auditstr" "int len" @@ -101,6 +104,24 @@ the passed variable. .Pp The +.Fn getacexpire +function +returns the audit trail file expiration parameters in the passed +.Vt int +buffer +.Fa andflg , +.Vt time_t +buffer +.Fa age +and +.Vt size_t +buffer +.Fa size . +If the parameter is not specified in the +.Xr audit_control 5 +file it is set to zero. +.Pp +The .Fn getacfilesz function returns the audit trail rotation size in the passed @@ -153,6 +174,7 @@ to a numeric audit policy mask returned via The .Fn getacdir , .Fn getacmin , +.Fn getacexpire , .Fn getacflg , .Fn getacna , .Fn getacpol , diff --git a/contrib/openbsm/libbsm/au_domain.3 b/contrib/openbsm/libbsm/au_domain.3 index 14ac45a..6d57d2b 100644 --- a/contrib/openbsm/libbsm/au_domain.3 +++ b/contrib/openbsm/libbsm/au_domain.3 @@ -26,7 +26,7 @@ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_domain.3#1 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_domain.3#2 $ .\" .Dd December 28, 2008 .Dt AU_BSM_TO_DOMAIN 3 @@ -59,6 +59,7 @@ This call will fail if the BSM domain cannot be mapped into a local domain, which may occur if the socket token was generated on another operating system. .Pp +The .Fn au_domain_to_bsm function accepts a local domain, and returns the BSM domain for it. This call cannot fail, and instead returns a BSM domain indicating to a later diff --git a/contrib/openbsm/libbsm/au_errno.3 b/contrib/openbsm/libbsm/au_errno.3 index f7ff8a0..3680a4e 100644 --- a/contrib/openbsm/libbsm/au_errno.3 +++ b/contrib/openbsm/libbsm/au_errno.3 @@ -26,7 +26,7 @@ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_errno.3#3 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_errno.3#4 $ .\" .Dd December 8, 2008 .Dt AU_BSM_TO_ERRNO 3 @@ -64,6 +64,7 @@ This call will fail if the BSM error cannot be mapped into a local error number, which may occur if the return token was generated on another operating system. .Pp +The .Fn au_errno_to_bsm function accepts a local .Xr errno 2 @@ -73,7 +74,7 @@ a later decoder that the error could not be encoded. .Pp The .Fn au_strerror -converts a BSM error value to a string, generally by converting first to a +function converts a BSM error value to a string, generally by converting first to a local error number and using the local .Xr strerror 3 function, but will also work for errors that are not locally defined. diff --git a/contrib/openbsm/libbsm/bsm_control.c b/contrib/openbsm/libbsm/bsm_control.c index 4fed3ff..4b8a1d1 100644 --- a/contrib/openbsm/libbsm/bsm_control.c +++ b/contrib/openbsm/libbsm/bsm_control.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2004 Apple Inc. + * Copyright (c) 2004,2009 Apple Inc. * Copyright (c) 2006 Robert N. M. Watson * All rights reserved. * @@ -27,13 +27,14 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#24 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#28 $ */ #include <config/config.h> #include <bsm/libbsm.h> +#include <ctype.h> #include <errno.h> #include <string.h> #ifdef HAVE_PTHREAD_MUTEX_LOCK @@ -65,6 +66,32 @@ static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; #endif /* + * Audit policy string token table for au_poltostr() and au_strtopol(). + */ +struct audit_polstr { + long ap_policy; + const char *ap_str; +}; + +static struct audit_polstr au_polstr[] = { + { AUDIT_CNT, "cnt" }, + { AUDIT_AHLT, "ahlt" }, + { AUDIT_ARGV, "argv" }, + { AUDIT_ARGE, "arge" }, + { AUDIT_SEQ, "seq" }, + { AUDIT_WINDATA, "windata" }, + { AUDIT_USER, "user" }, + { AUDIT_GROUP, "group" }, + { AUDIT_TRAIL, "trail" }, + { AUDIT_PATH, "path" }, + { AUDIT_SCNT, "scnt" }, + { AUDIT_PUBLIC, "public" }, + { AUDIT_ZONENAME, "zonename" }, + { AUDIT_PERZONE, "perzone" }, + { -1, NULL } +}; + +/* * Returns the string value corresponding to the given label from the * configuration file. * @@ -112,6 +139,82 @@ getstrfromtype_locked(char *name, char **str) } /* + * Convert a given time value with a multiplier (seconds, hours, days, years) to + * seconds. Return 0 on success. + */ +static int +au_timetosec(time_t *seconds, u_long value, char mult) +{ + if (NULL == seconds) + return (-1); + + switch(mult) { + case 's': + /* seconds */ + *seconds = (time_t)value; + break; + + case 'h': + /* hours */ + *seconds = (time_t)value * 60 * 60; + break; + + case 'd': + /* days */ + *seconds = (time_t)value * 60 * 60 * 24; + break; + + case 'y': + /* years. Add a day for each 4th (leap) year. */ + *seconds = (time_t)value * 60 * 60 * 24 * 364 + + ((time_t)value / 4) * 60 * 60 * 24; + break; + + default: + return (-1); + } + return (0); +} + +/* + * Convert a given disk space value with a multiplier (bytes, kilobytes, + * megabytes, gigabytes) to bytes. Return 0 on success. + */ +static int +au_spacetobytes(size_t *bytes, u_long value, char mult) +{ + if (NULL == bytes) + return (-1); + + switch(mult) { + case 'B': + case ' ': + /* Bytes */ + *bytes = (size_t)value; + break; + + case 'K': + /* Kilobytes */ + *bytes = (size_t)value * 1024; + break; + + case 'M': + /* Megabytes */ + *bytes = (size_t)value * 1024 * 1024; + break; + + case 'G': + /* Gigabytes */ + *bytes = (size_t)value * 1024 * 1024 * 1024; + break; + + default: + return (-1); + } + return (0); +} + +/* * Convert a policy to a string. Return -1 on failure, or >= 0 representing * the actual size of the string placed in the buffer (excluding terminating * nul). @@ -119,135 +222,24 @@ getstrfromtype_locked(char *name, char **str) ssize_t au_poltostr(long policy, size_t maxsize, char *buf) { - int first; + int first = 1; + int i = 0; if (maxsize < 1) return (-1); - first = 1; buf[0] = '\0'; - if (policy & AUDIT_CNT) { - if (strlcat(buf, "cnt", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_AHLT) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) + do { + if (policy & au_polstr[i].ap_policy) { + if (!first && strlcat(buf, ",", maxsize) >= maxsize) return (-1); - } - if (strlcat(buf, "ahlt", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_ARGV) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "argv", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_ARGE) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "arge", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_SEQ) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) + if (strlcat(buf, au_polstr[i].ap_str, maxsize) >= + maxsize) return (-1); + first = 0; } - if (strlcat(buf, "seq", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_WINDATA) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "windata", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_USER) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "user", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_GROUP) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "group", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_TRAIL) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "trail", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_PATH) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "path", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_SCNT) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "scnt", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_PUBLIC) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "public", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_ZONENAME) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "zonename", maxsize) >= maxsize) - return (-1); - first = 0; - } - if (policy & AUDIT_PERZONE) { - if (!first) { - if (strlcat(buf, ",", maxsize) >= maxsize) - return (-1); - } - if (strlcat(buf, "perzone", maxsize) >= maxsize) - return (-1); - first = 0; - } + } while (NULL != au_polstr[++i].ap_str); + return (strlen(buf)); } @@ -260,6 +252,7 @@ au_strtopol(const char *polstr, long *policy) { char *bufp, *string; char *buffer; + int i, matched; *policy = 0; buffer = strdup(polstr); @@ -268,35 +261,17 @@ au_strtopol(const char *polstr, long *policy) bufp = buffer; while ((string = strsep(&bufp, ",")) != NULL) { - if (strcmp(string, "cnt") == 0) - *policy |= AUDIT_CNT; - else if (strcmp(string, "ahlt") == 0) - *policy |= AUDIT_AHLT; - else if (strcmp(string, "argv") == 0) - *policy |= AUDIT_ARGV; - else if (strcmp(string, "arge") == 0) - *policy |= AUDIT_ARGE; - else if (strcmp(string, "seq") == 0) - *policy |= AUDIT_SEQ; - else if (strcmp(string, "winau_fstat") == 0) - *policy |= AUDIT_WINDATA; - else if (strcmp(string, "user") == 0) - *policy |= AUDIT_USER; - else if (strcmp(string, "group") == 0) - *policy |= AUDIT_GROUP; - else if (strcmp(string, "trail") == 0) - *policy |= AUDIT_TRAIL; - else if (strcmp(string, "path") == 0) - *policy |= AUDIT_PATH; - else if (strcmp(string, "scnt") == 0) - *policy |= AUDIT_SCNT; - else if (strcmp(string, "public") == 0) - *policy |= AUDIT_PUBLIC; - else if (strcmp(string, "zonename") == 0) - *policy |= AUDIT_ZONENAME; - else if (strcmp(string, "perzone") == 0) - *policy |= AUDIT_PERZONE; - else { + matched = i = 0; + + do { + if (strcmp(string, au_polstr[i].ap_str) == 0) { + *policy |= au_polstr[i].ap_policy; + matched = 1; + break; + } + } while (NULL != au_polstr[++i].ap_str); + + if (!matched) { free(buffer); errno = EINVAL; return (-1); @@ -435,46 +410,65 @@ getacmin(int *min_val) int getacfilesz(size_t *filesz_val) { - char *filesz, *dummy; - long long ll; + char *str; + size_t val; + char mult; + int nparsed; #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_lock(&mutex); #endif setac_locked(); - if (getstrfromtype_locked(FILESZ_CONTROL_ENTRY, &filesz) < 0) { + if (getstrfromtype_locked(FILESZ_CONTROL_ENTRY, &str) < 0) { #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif return (-2); } - if (filesz == NULL) { + if (str == NULL) { #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif errno = EINVAL; return (1); } - ll = strtoll(filesz, &dummy, 10); - if (*dummy != '\0') { + + /* Trim off any leading white space. */ + while (*str == ' ' || *str == '\t') + str++; + + nparsed = sscanf(str, "%ju%c", (uintmax_t *)&val, &mult); + + switch (nparsed) { + case 1: + /* If no multiplier then assume 'B' (bytes). */ + mult = 'B'; + /* fall through */ + case 2: + if (au_spacetobytes(filesz_val, val, mult) == 0) + break; + /* fall through */ + default: + errno = EINVAL; #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif - errno = EINVAL; return (-1); } + /* * The file size must either be 0 or >= MIN_AUDIT_FILE_SIZE. 0 * indicates no rotation size. */ - if (ll < 0 || (ll > 0 && ll < MIN_AUDIT_FILE_SIZE)) { + if (*filesz_val < 0 || (*filesz_val > 0 && + *filesz_val < MIN_AUDIT_FILE_SIZE)) { #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif + filesz_val = 0L; errno = EINVAL; return (-1); } - *filesz_val = ll; #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif @@ -619,7 +613,109 @@ getachost(char *auditstr, size_t len) #endif return (-3); } - strcpy(auditstr, str); + strlcpy(auditstr, str, len); +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (0); +} + +/* + * Set expiration conditions. + */ +static int +setexpirecond(time_t *age, size_t *size, u_long value, char mult) +{ + + if (isupper(mult) || ' ' == mult) + return (au_spacetobytes(size, value, mult)); + else + return (au_timetosec(age, value, mult)); +} + +/* + * Return the expire-after field from the audit control file. + */ +int +getacexpire(int *andflg, time_t *age, size_t *size) +{ + char *str; + int nparsed; + u_long val1, val2; + char mult1, mult2; + char andor[AU_LINE_MAX]; + + *age = 0L; + *size = 0LL; + *andflg = 0; + +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_lock(&mutex); +#endif + setac_locked(); + if (getstrfromtype_locked(EXPIRE_AFTER_CONTROL_ENTRY, &str) < 0) { +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (-2); + } + if (str == NULL) { +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (1); + } + + /* First, trim off any leading white space. */ + while (*str == ' ' || *str == '\t') + str++; + + nparsed = sscanf(str, "%lu%c%[ \tadnorADNOR]%lu%c", &val1, &mult1, + andor, &val2, &mult2); + + switch (nparsed) { + case 1: + /* If no multiplier then assume 'B' (Bytes). */ + mult1 = 'B'; + /* fall through */ + case 2: + /* One expiration condition. */ + if (setexpirecond(age, size, val1, mult1) != 0) { +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (-1); + } + break; + + case 5: + /* Two expiration conditions. */ + if (setexpirecond(age, size, val1, mult1) != 0 || + setexpirecond(age, size, val2, mult2) != 0) { +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (-1); + } + if (strcasestr(andor, "and") != NULL) + *andflg = 1; + else if (strcasestr(andor, "or") != NULL) + *andflg = 0; + else { +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (-1); + } + break; + + default: +#ifdef HAVE_PTHREAD_MUTEX_LOCK + pthread_mutex_unlock(&mutex); +#endif + return (-1); + } + #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif diff --git a/contrib/openbsm/libbsm/bsm_errno.c b/contrib/openbsm/libbsm/bsm_errno.c index 78aad97..b750341 100644 --- a/contrib/openbsm/libbsm/bsm_errno.c +++ b/contrib/openbsm/libbsm/bsm_errno.c @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#16 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#17 $ */ #include <sys/types.h> @@ -494,7 +494,7 @@ static const struct bsm_errno bsm_errnos[] = { #else ERRNO_NO_LOCAL_MAPPING, #endif - ES("Malfored Macho file") }, + ES("Malformed Macho file") }, { BSM_ERRNO_EPOLICY, #ifdef EPOLICY EPOLICY, diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c index eb56827..ce07a66 100644 --- a/contrib/openbsm/libbsm/bsm_io.c +++ b/contrib/openbsm/libbsm/bsm_io.c @@ -32,7 +32,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#60 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#61 $ */ #include <sys/types.h> @@ -193,7 +193,7 @@ print_mem(FILE *fp, u_char *data, size_t len) if (len > 0) { fprintf(fp, "0x"); for (i = 0; i < len; i++) - fprintf(fp, "%x", data[i]); + fprintf(fp, "%02x", data[i]); } } diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c index 430e09b..b33d8d7 100644 --- a/contrib/openbsm/libbsm/bsm_token.c +++ b/contrib/openbsm/libbsm/bsm_token.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2004-2008 Apple Inc. + * Copyright (c) 2004-2009 Apple Inc. * Copyright (c) 2005 SPARTA, Inc. * All rights reserved. * @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#86 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90 $ */ #include <sys/types.h> @@ -168,7 +168,7 @@ au_to_attr32(struct vnode_au_info *vni) token_t *t; u_char *dptr = NULL; u_int16_t pad0_16 = 0; - u_int16_t pad0_32 = 0; + u_int32_t pad0_32 = 0; GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 3 * sizeof(u_int32_t) + sizeof(u_int64_t) + sizeof(u_int32_t)); @@ -217,7 +217,7 @@ au_to_attr64(struct vnode_au_info *vni) token_t *t; u_char *dptr = NULL; u_int16_t pad0_16 = 0; - u_int16_t pad0_32 = 0; + u_int32_t pad0_32 = 0; GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 3 * sizeof(u_int32_t) + sizeof(u_int64_t) * 2); @@ -487,7 +487,8 @@ au_to_ipc_perm(struct ipc_perm *perm) u_char *dptr = NULL; u_int16_t pad0 = 0; - GET_TOKEN_AREA(t, dptr, 12 * sizeof(u_int16_t) + sizeof(u_int32_t)); + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 12 * sizeof(u_int16_t) + + sizeof(u_int32_t)); if (t == NULL) return (NULL); @@ -962,15 +963,15 @@ au_to_socket_ex(u_short so_domain, u_short so_type, 5 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t)); else if (so_domain == AF_INET6) GET_TOKEN_AREA(t, dptr, sizeof(u_char) + - 5 * sizeof(u_int16_t) + 16 * sizeof(u_int32_t)); + 5 * sizeof(u_int16_t) + 8 * sizeof(u_int32_t)); else { errno = EINVAL; return (NULL); } ADD_U_CHAR(dptr, AUT_SOCKET_EX); - ADD_U_INT16(dptr, so_domain); /* XXXRW: explicitly convert? */ - ADD_U_INT16(dptr, so_type); /* XXXRW: explicitly convert? */ + ADD_U_INT16(dptr, au_domain_to_bsm(so_domain)); + ADD_U_INT16(dptr, au_socket_type_to_bsm(so_type)); if (so_domain == AF_INET) { ADD_U_INT16(dptr, AU_IPv4); sin = (struct sockaddr_in *)sa_local; |