diff options
Diffstat (limited to 'sys/bsm')
-rw-r--r-- | sys/bsm/audit.h | 27 | ||||
-rw-r--r-- | sys/bsm/audit_errno.h | 215 | ||||
-rw-r--r-- | sys/bsm/audit_internal.h | 2 | ||||
-rw-r--r-- | sys/bsm/audit_kevents.h | 83 | ||||
-rw-r--r-- | sys/bsm/audit_record.h | 28 |
5 files changed, 333 insertions, 22 deletions
diff --git a/sys/bsm/audit.h b/sys/bsm/audit.h index 029919f..284b0bd 100644 --- a/sys/bsm/audit.h +++ b/sys/bsm/audit.h @@ -33,9 +33,14 @@ #ifndef _BSM_AUDIT_H #define _BSM_AUDIT_H +#ifdef __APPLE__ +/* Temporary until rdar://problem/6133383 is resolved. */ +#include <sys/types.h> #include <sys/param.h> +#include <sys/socket.h> #include <sys/cdefs.h> #include <sys/queue.h> +#endif /* __APPLE__ */ #define AUDIT_RECORD_MAGIC 0x828a0f1b #define MAX_AUDIT_RECORDS 20 @@ -60,8 +65,9 @@ #define AUDIT_TRIGGER_READ_FILE 3 /* Re-read config file. */ #define AUDIT_TRIGGER_CLOSE_AND_DIE 4 /* Terminate audit. */ #define AUDIT_TRIGGER_NO_SPACE 5 /* Below min free space. */ -#define AUDIT_TRIGGER_ROTATE_USER 6 /* User requests roate. */ -#define AUDIT_TRIGGER_MAX 6 +#define AUDIT_TRIGGER_ROTATE_USER 6 /* User requests rotate. */ +#define AUDIT_TRIGGER_INITIALIZE 7 /* Initialize audit. */ +#define AUDIT_TRIGGER_MAX 7 /* * The special device filename (FreeBSD). @@ -72,7 +78,9 @@ /* * Pre-defined audit IDs */ -#define AU_DEFAUDITID -1 +#define AU_DEFAUDITID (uid_t)(-1) +#define AU_DEFAUDITSID 0 +#define AU_ASSIGN_ASID -1 /* * IPC types. @@ -116,6 +124,7 @@ #define A_GETKAUDIT 29 #define A_SETKAUDIT 30 #define A_SENDTRIGGER 31 +#define A_GETSINFO_ADDR 32 /* * Audit policy controls. @@ -196,6 +205,7 @@ struct auditinfo_addr { au_mask_t ai_mask; /* Audit masks. */ au_tid_addr_t ai_termid; /* Terminal ID. */ au_asid_t ai_asid; /* Audit session ID. */ + u_int64_t ai_flags; /* Audit session flags. */ }; typedef struct auditinfo_addr auditinfo_addr_t; @@ -205,6 +215,7 @@ struct auditpinfo { au_mask_t ap_mask; /* Audit masks. */ au_tid_t ap_termid; /* Terminal ID. */ au_asid_t ap_asid; /* Audit session ID. */ + u_int64_t ap_flags; /* Audit session flags. */ }; typedef struct auditpinfo auditpinfo_t; @@ -217,6 +228,16 @@ struct auditpinfo_addr { }; typedef struct auditpinfo_addr auditpinfo_addr_t; +struct au_session { + auditinfo_addr_t *as_aia_p; /* Ptr to full audit info. */ +#define as_asid as_aia_p->ai_asid +#define as_auid as_aia_p->ai_auid +#define as_termid as_aia_p->ai_termid + + au_mask_t as_mask; /* Process Audit Masks. */ +}; +typedef struct au_session au_session_t; + /* * Contents of token_t are opaque outside of libbsm. */ diff --git a/sys/bsm/audit_errno.h b/sys/bsm/audit_errno.h new file mode 100644 index 0000000..5fe2d3e --- /dev/null +++ b/sys/bsm/audit_errno.h @@ -0,0 +1,215 @@ +/*- + * Copyright (c) 2008 Apple Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of Apple Inc. ("Apple") nor the names of + * its contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_errno.h#4 + * $FreeBSD$ + */ + +#ifndef _BSM_AUDIT_ERRNO_H_ +#define _BSM_AUDIT_ERRNO_H_ + +/* + * For the purposes of portable encoding, we convert between local error + * numbers and Solaris error numbers (as well as some extensions for error + * numbers that don't exist in Solaris). Although the first 35 or so + * constants are the same across all OS's, we don't handle that in any + * special way. + * + * When adding constants here, also add them to bsm_errno.c. + */ +#define BSM_ESUCCESS 0 +#define BSM_EPERM 1 +#define BSM_ENOENT 2 +#define BSM_ESRCH 3 +#define BSM_EINTR 4 +#define BSM_EIO 5 +#define BSM_ENXIO 6 +#define BSM_E2BIG 7 +#define BSM_ENOEXEC 8 +#define BSM_EBADF 9 +#define BSM_ECHILD 10 +#define BSM_EAGAIN 11 +#define BSM_ENOMEM 12 +#define BSM_EACCES 13 +#define BSM_EFAULT 14 +#define BSM_ENOTBLK 15 +#define BSM_EBUSY 16 +#define BSM_EEXIST 17 +#define BSM_EXDEV 18 +#define BSM_ENODEV 19 +#define BSM_ENOTDIR 20 +#define BSM_EISDIR 21 +#define BSM_EINVAL 22 +#define BSM_ENFILE 23 +#define BSM_EMFILE 24 +#define BSM_ENOTTY 25 +#define BSM_ETXTBSY 26 +#define BSM_EFBIG 27 +#define BSM_ENOSPC 28 +#define BSM_ESPIPE 29 +#define BSM_EROFS 30 +#define BSM_EMLINK 31 +#define BSM_EPIPE 32 +#define BSM_EDOM 33 +#define BSM_ERANGE 34 +#define BSM_ENOMSG 35 +#define BSM_EIDRM 36 +#define BSM_ECHRNG 37 /* Solaris/Linux-specific. */ +#define BSM_EL2NSYNC 38 /* Solaris/Linux-specific. */ +#define BSM_EL3HLT 39 /* Solaris/Linux-specific. */ +#define BSM_EL3RST 40 /* Solaris/Linux-specific. */ +#define BSM_ELNRNG 41 /* Solaris/Linux-specific. */ +#define BSM_EUNATCH 42 /* Solaris/Linux-specific. */ +#define BSM_ENOCSI 43 /* Solaris/Linux-specific. */ +#define BSM_EL2HLT 44 /* Solaris/Linux-specific. */ +#define BSM_EDEADLK 45 +#define BSM_ENOLCK 46 +#define BSM_ECANCELED 47 +#define BSM_ENOTSUP 48 +#define BSM_EDQUOT 49 +#define BSM_EBADE 50 /* Solaris/Linux-specific. */ +#define BSM_EBADR 51 /* Solaris/Linux-specific. */ +#define BSM_EXFULL 52 /* Solaris/Linux-specific. */ +#define BSM_ENOANO 53 /* Solaris/Linux-specific. */ +#define BSM_EBADRQC 54 /* Solaris/Linux-specific. */ +#define BSM_EBADSLT 55 /* Solaris/Linux-specific. */ +#define BSM_EDEADLOCK 56 /* Solaris-specific. */ +#define BSM_EBFONT 57 /* Solaris/Linux-specific. */ +#define BSM_EOWNERDEAD 58 /* Solaris/Linux-specific. */ +#define BSM_ENOTRECOVERABLE 59 /* Solaris/Linux-specific. */ +#define BSM_ENOSTR 60 /* Solaris/Darwin/Linux-specific. */ +#define BSM_ENODATA 61 /* Solaris/Darwin/Linux-specific. */ +#define BSM_ETIME 62 /* Solaris/Darwin/Linux-specific. */ +#define BSM_ENOSR 63 /* Solaris/Darwin/Linux-specific. */ +#define BSM_ENONET 64 /* Solaris/Linux-specific. */ +#define BSM_ENOPKG 65 /* Solaris/Linux-specific. */ +#define BSM_EREMOTE 66 +#define BSM_ENOLINK 67 +#define BSM_EADV 68 /* Solaris/Linux-specific. */ +#define BSM_ESRMNT 69 /* Solaris/Linux-specific. */ +#define BSM_ECOMM 70 /* Solaris/Linux-specific. */ +#define BSM_EPROTO 71 +#define BSM_ELOCKUNMAPPED 72 /* Solaris-specific. */ +#define BSM_ENOTACTIVE 73 /* Solaris-specific. */ +#define BSM_EMULTIHOP 74 +#define BSM_EBADMSG 77 +#define BSM_ENAMETOOLONG 78 +#define BSM_EOVERFLOW 79 +#define BSM_ENOTUNIQ 80 /* Solaris/Linux-specific. */ +#define BSM_EBADFD 81 /* Solaris/Linux-specific. */ +#define BSM_EREMCHG 82 /* Solaris/Linux-specific. */ +#define BSM_ELIBACC 83 /* Solaris/Linux-specific. */ +#define BSM_ELIBBAD 84 /* Solaris/Linux-specific. */ +#define BSM_ELIBSCN 85 /* Solaris/Linux-specific. */ +#define BSM_ELIBMAX 86 /* Solaris/Linux-specific. */ +#define BSM_ELIBEXEC 87 /* Solaris/Linux-specific. */ +#define BSM_EILSEQ 88 +#define BSM_ENOSYS 89 +#define BSM_ELOOP 90 +#define BSM_ERESTART 91 +#define BSM_ESTRPIPE 92 /* Solaris/Linux-specific. */ +#define BSM_ENOTEMPTY 93 +#define BSM_EUSERS 94 +#define BSM_ENOTSOCK 95 +#define BSM_EDESTADDRREQ 96 +#define BSM_EMSGSIZE 97 +#define BSM_EPROTOTYPE 98 +#define BSM_ENOPROTOOPT 99 +#define BSM_EPROTONOSUPPORT 120 +#define BSM_ESOCKTNOSUPPORT 121 +#define BSM_EOPNOTSUPP 122 +#define BSM_EPFNOSUPPORT 123 +#define BSM_EAFNOSUPPORT 124 +#define BSM_EADDRINUSE 125 +#define BSM_EADDRNOTAVAIL 126 +#define BSM_ENETDOWN 127 +#define BSM_ENETUNREACH 128 +#define BSM_ENETRESET 129 +#define BSM_ECONNABORTED 130 +#define BSM_ECONNRESET 131 +#define BSM_ENOBUFS 132 +#define BSM_EISCONN 133 +#define BSM_ENOTCONN 134 +#define BSM_ESHUTDOWN 143 +#define BSM_ETOOMANYREFS 144 +#define BSM_ETIMEDOUT 145 +#define BSM_ECONNREFUSED 146 +#define BSM_EHOSTDOWN 147 +#define BSM_EHOSTUNREACH 148 +#define BSM_EALREADY 149 +#define BSM_EINPROGRESS 150 +#define BSM_ESTALE 151 + +/* + * OpenBSM constants for error numbers not defined in Solaris. In the event + * that these errors are added to Solaris, we will deprecate the OpenBSM + * numbers in the same way we do for audit event constants. + * + * ELAST doesn't get a constant in the BSM space. + */ +#define BSM_EPROCLIM 190 /* FreeBSD/Darwin-specific. */ +#define BSM_EBADRPC 191 /* FreeBSD/Darwin-specific. */ +#define BSM_ERPCMISMATCH 192 /* FreeBSD/Darwin-specific. */ +#define BSM_EPROGUNAVAIL 193 /* FreeBSD/Darwin-specific. */ +#define BSM_EPROGMISMATCH 194 /* FreeBSD/Darwin-specific. */ +#define BSM_EPROCUNAVAIL 195 /* FreeBSD/Darwin-specific. */ +#define BSM_EFTYPE 196 /* FreeBSD/Darwin-specific. */ +#define BSM_EAUTH 197 /* FreeBSD/Darwin-specific. */ +#define BSM_ENEEDAUTH 198 /* FreeBSD/Darwin-specific. */ +#define BSM_ENOATTR 199 /* FreeBSD/Darwin-specific. */ +#define BSM_EDOOFUS 200 /* FreeBSD-specific. */ +#define BSM_EJUSTRETURN 201 /* FreeBSD-specific. */ +#define BSM_ENOIOCTL 202 /* FreeBSD-specific. */ +#define BSM_EDIRIOCTL 203 /* FreeBSD-specific. */ +#define BSM_EPWROFF 204 /* Darwin-specific. */ +#define BSM_EDEVERR 205 /* Darwin-specific. */ +#define BSM_EBADEXEC 206 /* Darwin-specific. */ +#define BSM_EBADARCH 207 /* Darwin-specific. */ +#define BSM_ESHLIBVERS 208 /* Darwin-specific. */ +#define BSM_EBADMACHO 209 /* Darwin-specific. */ +#define BSM_EPOLICY 210 /* Darwin-specific. */ +#define BSM_EDOTDOT 211 /* Linux-specific. */ +#define BSM_EUCLEAN 212 /* Linux-specific. */ +#define BSM_ENOTNAM 213 /* Linux(Xenix?)-specific. */ +#define BSM_ENAVAIL 214 /* Linux(Xenix?)-specific. */ +#define BSM_EISNAM 215 /* Linux(Xenix?)-specific. */ +#define BSM_EREMOTEIO 216 /* Linux-specific. */ +#define BSM_ENOMEDIUM 217 /* Linux-specific. */ +#define BSM_EMEDIUMTYPE 218 /* Linux-specific. */ +#define BSM_ENOKEY 219 /* Linux-specific. */ +#define BSM_EKEYEXPIRED 220 /* Linux-specific. */ +#define BSM_EKEYREVOKED 221 /* Linux-specific. */ +#define BSM_EKEYREJECTED 222 /* Linux-specific. */ + +/* + * In the event that OpenBSM doesn't have a file representation of a local + * error number, use this. + */ +#define BSM_UNKNOWNERR 250 /* OpenBSM-specific. */ + +#endif /* !_BSM_AUDIT_ERRNO_H_ */ diff --git a/sys/bsm/audit_internal.h b/sys/bsm/audit_internal.h index dc583ab..e4ad353 100644 --- a/sys/bsm/audit_internal.h +++ b/sys/bsm/audit_internal.h @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2005 Apple Inc. + * Copyright (c) 2005-2008 Apple Inc. * Copyright (c) 2005 SPARTA, Inc. * All rights reserved. * diff --git a/sys/bsm/audit_kevents.h b/sys/bsm/audit_kevents.h index a881d78..950462a 100644 --- a/sys/bsm/audit_kevents.h +++ b/sys/bsm/audit_kevents.h @@ -59,7 +59,6 @@ #define AUE_UMOUNT 12 #define AUE_JUNK 13 /* Solaris-specific. */ #define AUE_ACCESS 14 -#define AUE_CHECKUSERACCESS AUE_ACCESS /* Darwin-specific. */ #define AUE_KILL 15 #define AUE_STAT 16 #define AUE_LSTAT 17 @@ -561,7 +560,7 @@ #define AUE_ACCESS_EXTENDED 43162 /* Darwin. */ #define AUE_CHMOD_EXTENDED 43163 /* Darwin. */ #define AUE_FCHMOD_EXTENDED 43164 /* Darwin. */ -#define AUE_FSTAT_EXTENDED 43165 /* Dariwn. */ +#define AUE_FSTAT_EXTENDED 43165 /* Darwin. */ #define AUE_LSTAT_EXTENDED 43166 /* Darwin. */ #define AUE_MKDIR_EXTENDED 43167 /* Darwin. */ #define AUE_MKFIFO_EXTENDED 43168 /* Darwin. */ @@ -586,6 +585,8 @@ #define AUE_CAP_GETRIGHTS 43187 /* TrustedBSD. */ #define AUE_CAP_ENTER 43188 /* TrustedBSD. */ #define AUE_CAP_GETMODE 43189 /* TrustedBSD. */ +#define AUE_POSIX_SPAWN 43190 /* Darwin. */ +#define AUE_FSGETPATH 43191 /* Darwin. */ /* * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the @@ -657,13 +658,42 @@ /* * Possible desired future values based on review of BSD/Darwin system calls. */ +#define AUE_ACCESSEXTENDED AUE_NULL +#define AUE_ATGETMSG AUE_NULL +#define AUE_ATPUTMSG AUE_NULL +#define AUE_ATSOCKET AUE_NULL +#define AUE_ATPGETREQ AUE_NULL +#define AUE_ATPGETRSP AUE_NULL +#define AUE_ATPSNDREQ AUE_NULL +#define AUE_ATPSNDRSP AUE_NULL +#define AUE_BSDTHREADCREATE AUE_NULL +#define AUE_BSDTHREADTERMINATE AUE_NULL +#define AUE_BSDTHREADREGISTER AUE_NULL +#define AUE_CHMODEXTENDED AUE_NULL +#define AUE_CHUD AUE_NULL +#define AUE_CSOPS AUE_NULL #define AUE_DUP AUE_NULL +#define AUE_FCHMODEXTENDED AUE_NULL +#define AUE_FDATASYNC AUE_NULL +#define AUE_FFSCTL AUE_NULL +#define AUE_FGETATTRLIST AUE_NULL +#define AUE_FGETXATTR AUE_NULL +#define AUE_FLISTXATTR AUE_NULL +#define AUE_FREMOVEXATTR AUE_NULL #define AUE_FSCTL AUE_NULL +#define AUE_FSETATTRLIST AUE_NULL +#define AUE_FSETXATTR AUE_NULL +#define AUE_FSTATEXTENDED AUE_NULL +#define AUE_FSTATFS64 AUE_NULL #define AUE_FSTATV AUE_NULL +#define AUE_FSTAT64 AUE_NULL +#define AUE_FSTAT64EXTENDED AUE_NULL #define AUE_GCCONTROL AUE_NULL +#define AUE_GETDIRENTRIES64 AUE_NULL #define AUE_GETDTABLESIZE AUE_NULL #define AUE_GETEGID AUE_NULL #define AUE_GETEUID AUE_NULL +#define AUE_GETFSSTAT64 AUE_NULL #define AUE_GETGID AUE_NULL #define AUE_GETGROUPS AUE_NULL #define AUE_GETITIMER AUE_NULL @@ -676,24 +706,53 @@ #define AUE_GETPRIORITY AUE_NULL #define AUE_GETRLIMIT AUE_NULL #define AUE_GETRUSAGE AUE_NULL +#define AUE_GETSGROUPS AUE_NULL #define AUE_GETSID AUE_NULL #define AUE_GETSOCKNAME AUE_NULL #define AUE_GETTIMEOFDAY AUE_NULL +#define AUE_GETTID AUE_NULL #define AUE_GETUID AUE_NULL #define AUE_GETSOCKOPT AUE_NULL -#define AUE_GTSOCKOPT AUE_GETSOCKOPT /* XXX: Typo in Darwin. */ +#define AUE_GETWGROUPS AUE_NULL +#define AUE_GETXATTR AUE_NULL +#define AUE_IDENTITYSVC AUE_NULL +#define AUE_INITGROUPS AUE_NULL +#define AUE_IOPOLICYSYS AUE_NULL #define AUE_ISSETUGID AUE_NULL +#define AUE_LIOLISTIO AUE_NULL +#define AUE_LISTXATTR AUE_NULL +#define AUE_LSTATEXTENDED AUE_NULL #define AUE_LSTATV AUE_NULL +#define AUE_LSTAT64 AUE_NULL +#define AUE_LSTAT64EXTENDED AUE_NULL #define AUE_MADVISE AUE_NULL #define AUE_MINCORE AUE_NULL #define AUE_MKCOMPLEX AUE_NULL +#define AUE_MKDIREXTENDED AUE_NULL +#define AUE_MKFIFOEXTENDED AUE_NULL #define AUE_MODWATCH AUE_NULL #define AUE_MSGCL AUE_NULL #define AUE_MSYNC AUE_NULL +#define AUE_OPENEXTENDED AUE_NULL #define AUE_PREAD AUE_NULL #define AUE_PWRITE AUE_NULL #define AUE_PREADV AUE_NULL +#define AUE_PROCINFO AUE_NULL +#define AUE_PTHREADCANCELED AUE_NULL +#define AUE_PTHREADCHDIR AUE_NULL +#define AUE_PTHREADCONDBROADCAST AUE_NULL +#define AUE_PTHREADCONDDESTORY AUE_NULL +#define AUE_PTHREADCONDINIT AUE_NULL +#define AUE_PTHREADCONDSIGNAL AUE_NULL +#define AUE_PTHREADCONDWAIT AUE_NULL +#define AUE_PTHREADFCHDIR AUE_NULL +#define AUE_PTHREADMARK AUE_NULL +#define AUE_PTHREADMUTEXDESTROY AUE_NULL +#define AUE_PTHREADMUTEXINIT AUE_NULL +#define AUE_PTHREADMUTEXTRYLOCK AUE_NULL +#define AUE_PTHREADMUTEXUNLOCK AUE_NULL #define AUE_PWRITEV AUE_NULL +#define AUE_REMOVEXATTR AUE_NULL #define AUE_SBRK AUE_NULL #define AUE_SELECT AUE_NULL #define AUE_SEMDESTROY AUE_NULL @@ -702,7 +761,15 @@ #define AUE_SEMPOST AUE_NULL #define AUE_SEMTRYWAIT AUE_NULL #define AUE_SEMWAIT AUE_NULL +#define AUE_SEMWAITSIGNAL AUE_NULL #define AUE_SETITIMER AUE_NULL +#define AUE_SETSGROUPS AUE_NULL +#define AUE_SETTID AUE_NULL +#define AUE_SETTIDWITHPID AUE_NULL +#define AUE_SETWGROUPS AUE_NULL +#define AUE_SETXATTR AUE_NULL +#define AUE_SHAREDREGIONCHECK AUE_NULL +#define AUE_SHAREDREGIONMAP AUE_NULL #define AUE_SIGACTION AUE_NULL #define AUE_SIGALTSTACK AUE_NULL #define AUE_SIGPENDING AUE_NULL @@ -711,11 +778,21 @@ #define AUE_SIGSUSPEND AUE_NULL #define AUE_SIGWAIT AUE_NULL #define AUE_SSTK AUE_NULL +#define AUE_STACKSNAPSHOT AUE_NULL +#define AUE_STATEXTENDED AUE_NULL +#define AUE_STATFS64 AUE_NULL #define AUE_STATV AUE_NULL +#define AUE_STAT64 AUE_NULL +#define AUE_STAT64EXTENDED AUE_NULL #define AUE_SYNC AUE_NULL #define AUE_SYSCALL AUE_NULL #define AUE_TABLE AUE_NULL +#define AUE_UMASKEXTENDED AUE_NULL +#define AUE_VMPRESSUREMONITOR AUE_NULL #define AUE_WAITEVENT AUE_NULL +#define AUE_WAITID AUE_NULL #define AUE_WATCHEVENT AUE_NULL +#define AUE_WORKQOPEN AUE_NULL +#define AUE_WORKQOPS AUE_NULL #endif /* !_BSM_AUDIT_KEVENTS_H_ */ diff --git a/sys/bsm/audit_record.h b/sys/bsm/audit_record.h index 186b4f5..2bb78bc 100644 --- a/sys/bsm/audit_record.h +++ b/sys/bsm/audit_record.h @@ -165,14 +165,11 @@ #define AUDIT_HEADER_VERSION_SOLARIS 2 #define AUDIT_HEADER_VERSION_TSOL25 3 #define AUDIT_HEADER_VERSION_TSOL 4 -#define AUDIT_HEADER_VERSION_OPENBSM 10 +#define AUDIT_HEADER_VERSION_OPENBSM10 10 +#define AUDIT_HEADER_VERSION_OPENBSM11 11 +#define AUDIT_HEADER_VERSION_OPENBSM AUDIT_HEADER_VERSION_OPENBSM11 -/* - * BSM define is AUT_TRAILER_MAGIC; Apple BSM define is TRAILER_PAD_MAGIC; we - * split the difference, will remove the Apple define for the next release. - */ #define AUT_TRAILER_MAGIC 0xb105 -#define TRAILER_PAD_MAGIC AUT_TRAILER_MAGIC /* BSM library calls */ @@ -183,6 +180,7 @@ struct in6_addr; struct ip; struct ipc_perm; struct kevent; +struct sockaddr; struct sockaddr_in; struct sockaddr_in6; struct sockaddr_un; @@ -209,6 +207,7 @@ token_t *au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod); token_t *au_to_header_ex(int rec_size, au_event_t e_type, au_emod_t e_mod); token_t *au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod); token_t *au_to_header64(int rec_size, au_event_t e_type, au_emod_t e_mod); +token_t *au_to_header32_ex(int rec_size, au_event_t e_type, au_emod_t e_mod); #endif token_t *au_to_me(void); @@ -252,15 +251,8 @@ token_t *au_to_return(char status, uint32_t ret); token_t *au_to_return32(char status, uint32_t ret); token_t *au_to_return64(char status, uint64_t ret); token_t *au_to_seq(long audit_count); - -#if defined(_KERNEL) || defined(KERNEL) -token_t *au_to_socket(struct socket *so); -token_t *au_to_socket_ex_32(uint16_t lp, uint16_t rp, struct sockaddr *la, - struct sockaddr *ta); -token_t *au_to_socket_ex_128(uint16_t lp, uint16_t rp, struct sockaddr *la, - struct sockaddr *ta); -#endif - +token_t *au_to_socket_ex(u_short so_domain, u_short so_type, + struct sockaddr *sa_local, struct sockaddr *sa_remote); token_t *au_to_sock_inet(struct sockaddr_in *so); token_t *au_to_sock_inet32(struct sockaddr_in *so); token_t *au_to_sock_inet128(struct sockaddr_in6 *so); @@ -289,6 +281,12 @@ token_t *au_to_kevent(struct kevent *kev); token_t *au_to_trailer(int rec_size); token_t *au_to_zonename(const char *zonename); +/* + * BSM library routines for manipulating errno values. + */ +int au_bsm_to_errno(u_char bsm_error, int *errorp); +u_char au_errno_to_bsm(int error); + __END_DECLS #endif /* ! _BSM_AUDIT_RECORD_H_ */ |