Author: rwatson
Date: Thu Apr 16 20:17:32 2009
New Revision: 191147
URL: http://svn.freebsd.org/changeset/base/191147
Log:
Merge new kernel files from OpenBSM 1.1: audit_fcntl.h and
audit_bsm_fcntl.c contain utility routines to map local fcntl
commands into BSM constants. Adaptation to the FreeBSD kernel
environment will follow in a future commit.
Sponsored by: Apple, Inc.
Obtained from: TrustedBSD Project
MFC after: 2 weeks
Added:
head/sys/bsm/audit_fcntl.h (contents, props changed)
head/sys/security/audit/audit_bsm_fcntl.c (contents, props changed)
Added: head/sys/bsm/audit_fcntl.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/sys/bsm/audit_fcntl.h Thu Apr 16 20:17:32 2009 (r191147)
@@ -0,0 +1,141 @@
+/*-
+ * Copyright (c) 2009 Apple Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_fcntl.h#2
+ * $FreeBSD$
+ */
+
+#ifndef _BSM_AUDIT_FCNTL_H_
+#define _BSM_AUDIT_FCNTL_H_
+
+/*
+ * Shared and Solaris-specific: (0-99).
+ */
+#define BSM_F_DUPFD 0
+#define BSM_F_GETFD 1
+#define BSM_F_SETFD 2
+#define BSM_F_GETFL 3
+#define BSM_F_SETFL 4
+#define BSM_F_O_GETLK 5 /* Solaris-specific. */
+#define BSM_F_SETLK 6
+#define BSM_F_SETLKW 7
+#define BSM_F_CHKFL 8 /* Solaris-specific. */
+#define BSM_F_DUP2FD 9 /* FreeBSD/Solaris-specific. */
+#define BSM_F_ALLOCSP 10 /* Solaris-specific. */
+#define BSM_F_FREESP 11 /* Solaris-specific. */
+
+#define BSM_F_ISSTREAM 13 /* Solaris-specific. */
+#define BSM_F_GETLK 14
+#define BSM_F_PRIV 15 /* Solaris-specific. */
+#define BSM_F_NPRIV 16 /* Solaris-specific. */
+#define BSM_F_QUOTACTL 17 /* Solaris-specific. */
+#define BSM_F_BLOCKS 18 /* Solaris-specific. */
+#define BSM_F_BLKSIZE 19 /* Solaris-specific. */
+
+#define BSM_F_GETOWN 23
+#define BSM_F_SETOWN 24
+#define BSM_F_REVOKE 25 /* Solaris-specific. */
+#define BSM_F_HASREMOTELOCKS 26 /* Solaris-specific. */
+#define BSM_F_FREESP64 27 /* Solaris-specific. */
+#define BSM_F_ALLOCSP64 28 /* Solaris-specific. */
+
+#define BSM_F_GETLK64 33 /* Solaris-specific. */
+#define BSM_F_SETLK64 34 /* Solaris-specific. */
+#define BSM_F_SETLKW64 35 /* Solaris-specific. */
+
+#define BSM_F_SHARE 40 /* Solaris-specific. */
+#define BSM_F_UNSHARE 41 /* Solaris-specific. */
+#define BSM_F_SETLK_NBMAND 42 /* Solaris-specific. */
+#define BSM_F_SHARE_NBMAND 43 /* Solaris-specific. */
+#define BSM_F_SETLK64_NBMAND 44 /* Solaris-specific. */
+#define BSM_F_GETXFL 45 /* Solaris-specific. */
+#define BSM_F_BADFD 46 /* Solaris-specific. */
+
+/*
+ * FreeBSD-specific (100-199).
+ */
+#define BSM_F_OGETLK 107 /* FreeBSD-specific. */
+#define BSM_F_OSETLK 108 /* FreeBSD-specific. */
+#define BSM_F_OSETLKW 109 /* FreeBSD-specific. */
+
+#define BSM_F_SETLK_REMOTE 114 /* FreeBSD-specific. */
+
+/*
+ * Linux-specific (200-299).
+ */
+#define BSM_F_SETSIG 210 /* Linux-specific. */
+#define BSM_F_GETSIG 211 /* Linux-specific. */
+
+/*
+ * Darwin-specific (300-399).
+ */
+#define BSM_F_CHKCLEAN 341 /* Darwin-specific. */
+#define BSM_F_PREALLOCATE 342 /* Darwin-specific. */
+#define BSM_F_SETSIZE 343 /* Darwin-specific. */
+#define BSM_F_RDADVISE 344 /* Darwin-specific. */
+#define BSM_F_RDAHEAD 345 /* Darwin-specific. */
+#define BSM_F_READBOOTSTRAP 346 /* Darwin-specific. */
+#define BSM_F_WRITEBOOTSTRAP 347 /* Darwin-specific. */
+#define BSM_F_NOCACHE 348 /* Darwin-specific. */
+#define BSM_F_LOG2PHYS 349 /* Darwin-specific. */
+#define BSM_F_GETPATH 350 /* Darwin-specific. */
+#define BSM_F_FULLFSYNC 351 /* Darwin-specific. */
+#define BSM_F_PATHPKG_CHECK 352 /* Darwin-specific. */
+#define BSM_F_FREEZE_FS 353 /* Darwin-specific. */
+#define BSM_F_THAW_FS 354 /* Darwin-specific. */
+#define BSM_F_GLOBAL_NOCACHE 355 /* Darwin-specific. */
+#define BSM_F_OPENFROM 356 /* Darwin-specific. */
+#define BSM_F_UNLINKFROM 357 /* Darwin-specific. */
+#define BSM_F_CHECK_OPENEVT 358 /* Darwin-specific. */
+#define BSM_F_ADDSIGS 359 /* Darwin-specific. */
+#define BSM_F_MARKDEPENDENCY 360 /* Darwin-specific. */
+
+/*
+ * Darwin file system specific (400-499).
+ */
+#define BSM_F_FS_SPECIFIC_0 400 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_1 401 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_2 402 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_3 403 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_4 404 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_5 405 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_6 406 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_7 407 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_8 408 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_9 409 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_10 410 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_11 411 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_12 412 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_13 413 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_14 414 /* Darwin-fs-specific. */
+#define BSM_F_FS_SPECIFIC_15 415 /* Darwin-fs-specific. */
+
+
+#define BSM_F_UNKNOWN 0xFFFF
+
+#endif /* !_BSM_AUDIT_FCNTL_H_ */
Added: head/sys/security/audit/audit_bsm_fcntl.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/sys/security/audit/audit_bsm_fcntl.c Thu Apr 16 20:17:32 2009
(r191147)
@@ -0,0 +1,290 @@
+/*-
+ * Copyright (c) 2008-2009 Apple Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_fcntl.c#2
+ * $FreeBSD$
+ */
+
+#include <sys/param.h>
+#include <sys/fcntl.h>
+
+#include <config/config.h>
+
+#include <bsm/audit_fcntl.h>
+#include <bsm/libbsm.h>
+
+struct bsm_fcntl_cmd {
+ u_short bfc_bsm_fcntl_cmd;
+ int bfc_local_fcntl_cmd;
+};
+typedef struct bsm_fcntl_cmd bsm_fcntl_cmd_t;
+
+static const bsm_fcntl_cmd_t bsm_fcntl_cmdtab[] = {
+ { BSM_F_DUPFD, F_DUPFD },
+ { BSM_F_GETFD, F_GETFD },
+ { BSM_F_SETFD, F_SETFD },
+ { BSM_F_GETFL, F_GETFL },
+ { BSM_F_SETFL, F_SETFL },
+#ifdef F_O_GETLK
+ { BSM_F_O_GETLK, F_O_GETLK },
+#endif
+ { BSM_F_SETLK, F_SETLK },
+ { BSM_F_SETLKW, F_SETLK },
+#ifdef F_CHFL
+ { BSM_F_CHKFL, F_CHKFL },
+#endif
+#ifdef F_DUP2FD
+ { BSM_F_DUP2FD, F_DUP2FD },
+#endif
+#ifdef F_ALLOCSP
+ { BSM_F_ALLOCSP, F_ALLOCSP },
+#endif
+#ifdef F_FREESP
+ { BSM_F_FREESP, F_FREESP },
+#endif
+#ifdef F_ISSTREAM
+ { BSM_F_ISSTREAM, F_ISSTREAM},
+#endif
+ { BSM_F_GETLK, F_GETLK },
+#ifdef F_PRIV
+ { BSM_F_PRIV, F_PRIV },
+#endif
+#ifdef F_NPRIV
+ { BSM_F_NPRIV, F_NPRIV },
+#endif
+#ifdef F_QUOTACTL
+ { BSM_F_QUOTACTL, F_QUOTACTL },
+#endif
+#ifdef F_BLOCKS
+ { BSM_F_BLOCKS, F_BLOCKS },
+#endif
+#ifdef F_BLKSIZE
+ { BSM_F_BLKSIZE, F_BLKSIZE },
+#endif
+ { BSM_F_GETOWN, F_GETOWN },
+ { BSM_F_SETOWN, F_SETOWN },
+#ifdef F_REVOKE
+ { BSM_F_REVOKE, F_REVOKE },
+#endif
+#ifdef F_HASREMOTEBLOCKS
+ { BSM_F_HASREMOTEBLOCKS,
+ F_HASREMOTEBLOCKS },
+#endif
+#ifdef F_FREESP
+ { BSM_F_FREESP, F_FREESP },
+#endif
+#ifdef F_ALLOCSP
+ { BSM_F_ALLOCSP, F_ALLOCSP },
+#endif
+#ifdef F_FREESP64
+ { BSM_F_FREESP64, F_FREESP64 },
+#endif
+#ifdef F_ALLOCSP64
+ { BSM_F_ALLOCSP64, F_ALLOCSP64 },
+#endif
+#ifdef F_GETLK64
+ { BSM_F_GETLK64, F_GETLK64 },
+#endif
+#ifdef F_SETLK64
+ { BSM_F_SETLK64, F_SETLK64 },
+#endif
+#ifdef F_SETLKW64
+ { BSM_F_SETLKW64, F_SETLKW64 },
+#endif
+#ifdef F_SHARE
+ { BSM_F_SHARE, F_SHARE },
+#endif
+#ifdef F_UNSHARE
+ { BSM_F_UNSHARE, F_UNSHARE },
+#endif
+#ifdef F_SETLK_NBMAND
+ { BSM_F_SETLK_NBMAND, F_SETLK_NBMAND },
+#endif
+#ifdef F_SHARE_NBMAND
+ { BSM_F_SHARE_NBMAND, F_SHARE_NBMAND },
+#endif
+#ifdef F_SETLK64_NBMAND
+ { BSM_F_SETLK64_NBMAND, F_SETLK64_NBMAND },
+#endif
+#ifdef F_GETXFL
+ { BSM_F_GETXFL, F_GETXFL },
+#endif
+#ifdef F_BADFD
+ { BSM_F_BADFD, F_BADFD },
+#endif
+#ifdef F_OGETLK
+ { BSM_F_OGETLK, F_OGETLK },
+#endif
+#ifdef F_OSETLK
+ { BSM_F_OSETLK, F_OSETLK },
+#endif
+#ifdef F_OSETLKW
+ { BSM_F_OSETLKW, F_OSETLKW },
+#endif
+#ifdef F_SETLK_REMOTE
+ { BSM_F_SETLK_REMOTE, F_SETLK_REMOTE },
+#endif
+
+#ifdef F_SETSIG
+ { BSM_F_SETSIG, F_SETSIG },
+#endif
+#ifdef F_GETSIG
+ { BSM_F_GETSIG, F_GETSIG },
+#endif
+
+#ifdef F_CHKCLEAN
+ { BSM_F_CHKCLEAN, F_CHKCLEAN },
+#endif
+#ifdef F_PREALLOCATE
+ { BSM_F_PREALLOCATE, F_PREALLOCATE },
+#endif
+#ifdef F_SETSIZE
+ { BSM_F_SETSIZE, F_SETSIZE },
+#endif
+#ifdef F_RDADVISE
+ { BSM_F_RDADVISE, F_RDADVISE },
+#endif
+#ifdef F_RDAHEAD
+ { BSM_F_RDAHEAD, F_RDAHEAD },
+#endif
+#ifdef F_READBOOTSTRAP
+ { BSM_F_READBOOTSTRAP, F_READBOOTSTRAP },
+#endif
+#ifdef F_WRITEBOOTSTRAP
+ { BSM_F_WRITEBOOTSTRAP, F_WRITEBOOTSTRAP },
+#endif
+#ifdef F_NOCACHE
+ { BSM_F_NOCACHE, F_NOCACHE },
+#endif
+#ifdef F_LOG2PHYS
+ { BSM_F_LOG2PHYS, F_LOG2PHYS },
+#endif
+#ifdef F_GETPATH
+ { BSM_F_GETPATH, F_GETPATH },
+#endif
+#ifdef F_FULLFSYNC
+ { BSM_F_FULLFSYNC, F_FULLFSYNC },
+#endif
+#ifdef F_PATHPKG_CHECK
+ { BSM_F_PATHPKG_CHECK, F_PATHPKG_CHECK },
+#endif
+#ifdef F_FREEZE_FS
+ { BSM_F_FREEZE_FS, F_FREEZE_FS },
+#endif
+#ifdef F_THAW_FS
+ { BSM_F_THAW_FS, F_THAW_FS },
+#endif
+#ifdef F_GLOBAL_NOCACHE
+ { BSM_F_GLOBAL_NOCACHE, F_GLOBAL_NOCACHE },
+#endif
+#ifdef F_OPENFROM
+ { BSM_F_OPENFROM, F_OPENFROM },
+#endif
+#ifdef F_UNLINKFROM
+ { BSM_F_UNLINKFROM, F_UNLINKFROM },
+#endif
+#ifdef F_CHECK_OPENEVT
+ { BSM_F_CHECK_OPENEVT, F_CHECK_OPENEVT },
+#endif
+#ifdef F_ADDSIGS
+ { BSM_F_ADDSIGS, F_ADDSIGS },
+#endif
+#ifdef F_MARKDEPENDENCY
+ { BSM_F_MARKDEPENDENCY, F_MARKDEPENDENCY },
+#endif
+
+#ifdef FCNTL_FS_SPECIFIC_BASE
+ { BSM_F_FS_SPECIFIC_0, FCNTL_FS_SPECIFIC_BASE},
+ { BSM_F_FS_SPECIFIC_1, FCNTL_FS_SPECIFIC_BASE + 1},
+ { BSM_F_FS_SPECIFIC_2, FCNTL_FS_SPECIFIC_BASE + 2},
+ { BSM_F_FS_SPECIFIC_3, FCNTL_FS_SPECIFIC_BASE + 3},
+ { BSM_F_FS_SPECIFIC_4, FCNTL_FS_SPECIFIC_BASE + 4},
+ { BSM_F_FS_SPECIFIC_5, FCNTL_FS_SPECIFIC_BASE + 5},
+ { BSM_F_FS_SPECIFIC_6, FCNTL_FS_SPECIFIC_BASE + 6},
+ { BSM_F_FS_SPECIFIC_7, FCNTL_FS_SPECIFIC_BASE + 7},
+ { BSM_F_FS_SPECIFIC_8, FCNTL_FS_SPECIFIC_BASE + 8},
+ { BSM_F_FS_SPECIFIC_9, FCNTL_FS_SPECIFIC_BASE + 9},
+ { BSM_F_FS_SPECIFIC_10, FCNTL_FS_SPECIFIC_BASE + 10},
+ { BSM_F_FS_SPECIFIC_11, FCNTL_FS_SPECIFIC_BASE + 11},
+ { BSM_F_FS_SPECIFIC_12, FCNTL_FS_SPECIFIC_BASE + 12},
+ { BSM_F_FS_SPECIFIC_13, FCNTL_FS_SPECIFIC_BASE + 13},
+ { BSM_F_FS_SPECIFIC_14, FCNTL_FS_SPECIFIC_BASE + 14},
+ { BSM_F_FS_SPECIFIC_15, FCNTL_FS_SPECIFIC_BASE + 15},
+#endif /* FCNTL_FS_SPECIFIC_BASE */
+};
+static const int bsm_fcntl_cmd_count = sizeof(bsm_fcntl_cmdtab) /
+ sizeof(bsm_fcntl_cmdtab[0]);
+
+static const bsm_fcntl_cmd_t *
+bsm_lookup_local_fcntl_cmd(int local_fcntl_cmd)
+{
+ int i;
+
+ for (i = 0; i < bsm_fcntl_cmd_count; i++) {
+ if (bsm_fcntl_cmdtab[i].bfc_local_fcntl_cmd ==
+ local_fcntl_cmd)
+ return (&bsm_fcntl_cmdtab[i]);
+ }
+ return (NULL);
+}
+
+u_short
+au_fcntl_cmd_to_bsm(int local_fcntl_cmd)
+{
+ const bsm_fcntl_cmd_t *bfcp;
+
+ bfcp = bsm_lookup_local_fcntl_cmd(local_fcntl_cmd);
+ if (bfcp == NULL)
+ return (BSM_F_UNKNOWN);
+ return (bfcp->bfc_bsm_fcntl_cmd);
+}
+
+static const bsm_fcntl_cmd_t *
+bsm_lookup_bsm_fcntl_cmd(u_short bsm_fcntl_cmd)
+{
+ int i;
+
+ for (i = 0; i < bsm_fcntl_cmd_count; i++) {
+ if (bsm_fcntl_cmdtab[i].bfc_bsm_fcntl_cmd ==
+ bsm_fcntl_cmd)
+ return (&bsm_fcntl_cmdtab[i]);
+ }
+ return (NULL);
+}
+
+int
+au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp)
+{
+ const bsm_fcntl_cmd_t *bfcp;
+
+ bfcp = bsm_lookup_bsm_fcntl_cmd(bsm_fcntl_cmd);
+ if (bfcp == NULL || bfcp->bfc_local_fcntl_cmd)
+ return (-1);
+ *local_fcntl_cmdp = bfcp->bfc_local_fcntl_cmd;
+ return (0);
+}
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
