1 0 stevel /* 2 0 stevel * CDDL HEADER START 3 0 stevel * 4 0 stevel * The contents of this file are subject to the terms of the 5 1676 jpk * Common Development and Distribution License (the "License"). 6 1676 jpk * You may not use this file except in compliance with the License. 7 0 stevel * 8 0 stevel * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 0 stevel * or http://www.opensolaris.org/os/licensing. 10 0 stevel * See the License for the specific language governing permissions 11 0 stevel * and limitations under the License. 12 0 stevel * 13 0 stevel * When distributing Covered Code, include this CDDL HEADER in each 14 0 stevel * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 0 stevel * If applicable, add the following below this CDDL HEADER, with the 16 0 stevel * fields enclosed by brackets "[]" replaced with your own identifying 17 0 stevel * information: Portions Copyright [yyyy] [name of copyright owner] 18 0 stevel * 19 0 stevel * CDDL HEADER END 20 0 stevel */ 21 0 stevel /* 22 6688 rica * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 0 stevel * Use is subject to license terms. 24 0 stevel */ 25 0 stevel 26 0 stevel /* 27 0 stevel * Support routines for building audit records. 28 0 stevel */ 29 0 stevel 30 0 stevel #include <sys/param.h> 31 0 stevel #include <sys/systm.h> /* for rval */ 32 0 stevel #include <sys/time.h> 33 0 stevel #include <sys/types.h> 34 0 stevel #include <sys/vnode.h> 35 0 stevel #include <sys/mode.h> 36 0 stevel #include <sys/user.h> 37 0 stevel #include <sys/session.h> 38 0 stevel #include <sys/acl.h> 39 0 stevel #include <sys/ipc_impl.h> 40 0 stevel #include <netinet/in_systm.h> 41 0 stevel #include <netinet/in.h> 42 0 stevel #include <netinet/ip.h> 43 0 stevel #include <sys/socket.h> 44 0 stevel #include <net/route.h> 45 0 stevel #include <netinet/in_pcb.h> 46 0 stevel #include <c2/audit.h> 47 0 stevel #include <c2/audit_kernel.h> 48 0 stevel #include <c2/audit_record.h> 49 0 stevel #include <sys/model.h> /* for model_t */ 50 0 stevel #include <sys/vmparam.h> /* for USRSTACK/USRSTACK32 */ 51 0 stevel #include <sys/vfs.h> /* for sonode */ 52 0 stevel #include <sys/socketvar.h> /* for sonode */ 53 0 stevel #include <sys/zone.h> 54 1676 jpk #include <sys/tsol/label.h> 55 0 stevel 56 0 stevel /* 57 0 stevel * These are the control tokens 58 0 stevel */ 59 0 stevel 60 0 stevel /* 61 0 stevel * au_to_header 62 0 stevel * returns: 63 0 stevel * pointer to au_membuf chain containing a header token. 64 0 stevel */ 65 0 stevel token_t * 66 7753 Ton au_to_header(int byte_count, au_event_t e_type, au_emod_t e_mod) 67 0 stevel { 68 0 stevel adr_t adr; /* adr memory stream header */ 69 0 stevel token_t *m; /* au_membuf pointer */ 70 0 stevel #ifdef _LP64 71 0 stevel char data_header = AUT_HEADER64; /* header for this token */ 72 0 stevel static int64_t zerotime[2]; 73 0 stevel #else 74 0 stevel char data_header = AUT_HEADER32; 75 0 stevel static int32_t zerotime[2]; 76 0 stevel #endif 77 0 stevel char version = TOKEN_VERSION; /* version of token family */ 78 0 stevel 79 0 stevel m = au_getclr(); 80 0 stevel 81 0 stevel adr_start(&adr, memtod(m, char *)); 82 0 stevel adr_char(&adr, &data_header, 1); /* token ID */ 83 0 stevel adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */ 84 0 stevel /* audit record */ 85 0 stevel adr_char(&adr, &version, 1); /* version of audit tokens */ 86 7753 Ton adr_ushort(&adr, &e_type, 1); /* event ID */ 87 7753 Ton adr_ushort(&adr, &e_mod, 1); /* event ID modifier */ 88 0 stevel #ifdef _LP64 89 0 stevel adr_int64(&adr, zerotime, 2); /* time & date space */ 90 0 stevel #else 91 0 stevel adr_int32(&adr, zerotime, 2); 92 0 stevel #endif 93 0 stevel m->len = adr_count(&adr); 94 0 stevel 95 0 stevel return (m); 96 0 stevel } 97 0 stevel 98 0 stevel token_t * 99 0 stevel au_to_header_ex(int byte_count, au_event_t e_type, au_emod_t e_mod) 100 0 stevel { 101 0 stevel adr_t adr; /* adr memory stream header */ 102 0 stevel token_t *m; /* au_membuf pointer */ 103 4197 paulson au_kcontext_t *kctx = GET_KCTX_PZ; 104 0 stevel 105 0 stevel #ifdef _LP64 106 0 stevel char data_header = AUT_HEADER64_EX; /* header for this token */ 107 0 stevel static int64_t zerotime[2]; 108 0 stevel #else 109 0 stevel char data_header = AUT_HEADER32_EX; 110 0 stevel static int32_t zerotime[2]; 111 0 stevel #endif 112 0 stevel char version = TOKEN_VERSION; /* version of token family */ 113 0 stevel 114 0 stevel m = au_getclr(); 115 0 stevel 116 0 stevel adr_start(&adr, memtod(m, char *)); 117 0 stevel adr_char(&adr, &data_header, 1); /* token ID */ 118 0 stevel adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */ 119 0 stevel /* audit record */ 120 0 stevel adr_char(&adr, &version, 1); /* version of audit tokens */ 121 7753 Ton adr_ushort(&adr, &e_type, 1); /* event ID */ 122 7753 Ton adr_ushort(&adr, &e_mod, 1); /* event ID modifier */ 123 0 stevel adr_uint32(&adr, &kctx->auk_info.ai_termid.at_type, 1); 124 0 stevel adr_char(&adr, (char *)&kctx->auk_info.ai_termid.at_addr[0], 125 0 stevel (int)kctx->auk_info.ai_termid.at_type); 126 0 stevel #ifdef _LP64 127 0 stevel adr_int64(&adr, zerotime, 2); /* time & date */ 128 0 stevel #else 129 0 stevel adr_int32(&adr, zerotime, 2); 130 0 stevel #endif 131 0 stevel m->len = adr_count(&adr); 132 0 stevel 133 0 stevel return (m); 134 0 stevel } 135 0 stevel 136 0 stevel /* 137 0 stevel * au_to_trailer 138 0 stevel * returns: 139 0 stevel * pointer to au_membuf chain containing a trailer token. 140 0 stevel */ 141 0 stevel token_t * 142 0 stevel au_to_trailer(int byte_count) 143 0 stevel { 144 0 stevel adr_t adr; /* adr memory stream header */ 145 0 stevel token_t *m; /* au_membuf pointer */ 146 0 stevel char data_header = AUT_TRAILER; /* header for this token */ 147 0 stevel short magic = (short)AUT_TRAILER_MAGIC; /* trailer magic number */ 148 0 stevel 149 0 stevel m = au_getclr(); 150 0 stevel 151 0 stevel adr_start(&adr, memtod(m, char *)); 152 0 stevel adr_char(&adr, &data_header, 1); /* token ID */ 153 0 stevel adr_short(&adr, &magic, 1); /* magic number */ 154 0 stevel adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */ 155 0 stevel /* audit record */ 156 0 stevel 157 0 stevel m->len = adr_count(&adr); 158 0 stevel 159 0 stevel return (m); 160 0 stevel } 161 0 stevel /* 162 0 stevel * These are the data tokens 163 0 stevel */ 164 0 stevel 165 0 stevel /* 166 0 stevel * au_to_data 167 0 stevel * returns: 168 0 stevel * pointer to au_membuf chain containing a data token. 169 0 stevel */ 170 0 stevel token_t * 171 0 stevel au_to_data(char unit_print, char unit_type, char unit_count, char *p) 172 0 stevel { 173 0 stevel adr_t adr; /* adr memory stream header */ 174 0 stevel token_t *m; /* au_membuf pointer */ 175 0 stevel char data_header = AUT_DATA; /* header for this token */ 176 0 stevel 177 0 stevel ASSERT(p != NULL); 178 0 stevel ASSERT(unit_count != 0); 179 0 stevel 180 0 stevel switch (unit_type) { 181 0 stevel case AUR_SHORT: 182 0 stevel if (sizeof (short) * unit_count >= AU_BUFSIZE) 183 0 stevel return (au_to_text("au_to_data: unit count too big")); 184 0 stevel break; 185 0 stevel case AUR_INT32: 186 0 stevel if (sizeof (int32_t) * unit_count >= AU_BUFSIZE) 187 0 stevel return (au_to_text("au_to_data: unit count too big")); 188 0 stevel break; 189 0 stevel case AUR_INT64: 190 0 stevel if (sizeof (int64_t) * unit_count >= AU_BUFSIZE) 191 0 stevel return (au_to_text("au_to_data: unit count too big")); 192 0 stevel break; 193 0 stevel case AUR_BYTE: 194 0 stevel default: 195 0 stevel #ifdef _CHAR_IS_UNSIGNED 196 0 stevel if (sizeof (char) * unit_count >= AU_BUFSIZE) 197 0 stevel return (au_to_text("au_to_data: unit count too big")); 198 0 stevel #endif 199 0 stevel /* 200 0 stevel * we used to check for this: 201 0 stevel * sizeof (char) * (int)unit_count >= AU_BUFSIZE). 202 0 stevel * but the compiler is smart enough to see that 203 0 stevel * will never be >= AU_BUFSIZE, since that's 128 204 0 stevel * and unit_count maxes out at 127 (signed char), 205 0 stevel * and complain. 206 0 stevel */ 207 0 stevel break; 208 0 stevel } 209 0 stevel 210 0 stevel m = au_getclr(); 211 0 stevel 212 0 stevel adr_start(&adr, memtod(m, char *)); 213 0 stevel adr_char(&adr, &data_header, 1); 214 0 stevel adr_char(&adr, &unit_print, 1); 215 0 stevel adr_char(&adr, &unit_type, 1); 216 0 stevel adr_char(&adr, &unit_count, 1); 217 0 stevel 218 0 stevel switch (unit_type) { 219 0 stevel case AUR_SHORT: 220 0 stevel adr_short(&adr, (short *)p, unit_count); 221 0 stevel break; 222 0 stevel case AUR_INT32: 223 0 stevel adr_int32(&adr, (int32_t *)p, unit_count); 224 0 stevel break; 225 0 stevel case AUR_INT64: 226 0 stevel adr_int64(&adr, (int64_t *)p, unit_count); 227 0 stevel break; 228 0 stevel case AUR_BYTE: 229 0 stevel default: 230 0 stevel adr_char(&adr, p, unit_count); 231 0 stevel break; 232 0 stevel } 233 0 stevel 234 0 stevel m->len = adr_count(&adr); 235 0 stevel 236 0 stevel return (m); 237 0 stevel } 238 0 stevel 239 0 stevel /* 240 0 stevel * au_to_process 241 0 stevel * au_to_subject 242 0 stevel * returns: 243 0 stevel * pointer to au_membuf chain containing a process token. 244 0 stevel */ 245 0 stevel static token_t *au_to_any_process(char, uid_t, gid_t, uid_t, gid_t, 246 0 stevel pid_t, au_id_t, au_asid_t, const au_tid_addr_t *atid); 247 0 stevel 248 0 stevel token_t * 249 0 stevel au_to_process(uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid, 250 0 stevel au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid) 251 0 stevel { 252 0 stevel char data_header; 253 0 stevel 254 0 stevel #ifdef _LP64 255 0 stevel if (atid->at_type == AU_IPv6) 256 0 stevel data_header = AUT_PROCESS64_EX; 257 0 stevel else 258 0 stevel data_header = AUT_PROCESS64; 259 0 stevel #else 260 0 stevel if (atid->at_type == AU_IPv6) 261 0 stevel data_header = AUT_PROCESS32_EX; 262 0 stevel else 263 0 stevel data_header = AUT_PROCESS32; 264 0 stevel #endif 265 0 stevel 266 0 stevel return (au_to_any_process(data_header, uid, gid, ruid, 267 0 stevel rgid, pid, auid, asid, atid)); 268 0 stevel } 269 0 stevel 270 0 stevel token_t * 271 0 stevel au_to_subject(uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid, 272 0 stevel au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid) 273 0 stevel { 274 0 stevel char data_header; 275 0 stevel 276 0 stevel #ifdef _LP64 277 0 stevel if (atid->at_type == AU_IPv6) 278 0 stevel data_header = AUT_SUBJECT64_EX; 279 0 stevel else 280 0 stevel data_header = AUT_SUBJECT64; 281 0 stevel #else 282 0 stevel if (atid->at_type == AU_IPv6) 283 0 stevel data_header = AUT_SUBJECT32_EX; 284 0 stevel else 285 0 stevel data_header = AUT_SUBJECT32; 286 0 stevel #endif 287 0 stevel return (au_to_any_process(data_header, uid, gid, ruid, 288 0 stevel rgid, pid, auid, asid, atid)); 289 0 stevel } 290 0 stevel 291 0 stevel 292 0 stevel static token_t * 293 0 stevel au_to_any_process(char data_header, 294 0 stevel uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid, 295 0 stevel au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid) 296 0 stevel { 297 0 stevel token_t *m; /* local au_membuf */ 298 0 stevel adr_t adr; /* adr memory stream header */ 299 0 stevel int32_t value; 300 0 stevel 301 0 stevel m = au_getclr(); 302 0 stevel 303 0 stevel adr_start(&adr, memtod(m, char *)); 304 0 stevel adr_char(&adr, &data_header, 1); 305 0 stevel value = (int32_t)auid; 306 0 stevel adr_int32(&adr, &value, 1); 307 0 stevel value = (int32_t)uid; 308 0 stevel adr_int32(&adr, &value, 1); 309 0 stevel value = (int32_t)gid; 310 0 stevel adr_int32(&adr, &value, 1); 311 0 stevel value = (int32_t)ruid; 312 0 stevel adr_int32(&adr, &value, 1); 313 0 stevel value = (int32_t)rgid; 314 0 stevel adr_int32(&adr, &value, 1); 315 0 stevel value = (int32_t)pid; 316 0 stevel adr_int32(&adr, &value, 1); 317 0 stevel value = (int32_t)asid; 318 0 stevel adr_int32(&adr, &value, 1); 319 0 stevel #ifdef _LP64 320 0 stevel adr_int64(&adr, (int64_t *)&(atid->at_port), 1); 321 0 stevel #else 322 0 stevel adr_int32(&adr, (int32_t *)&(atid->at_port), 1); 323 0 stevel #endif 324 0 stevel if (atid->at_type == AU_IPv6) { 325 0 stevel adr_uint32(&adr, (uint_t *)&atid->at_type, 1); 326 0 stevel adr_char(&adr, (char *)&atid->at_addr[0], 16); 327 0 stevel } else { 328 0 stevel adr_char(&adr, (char *)&(atid->at_addr[0]), 4); 329 0 stevel } 330 0 stevel 331 0 stevel m->len = adr_count(&adr); 332 0 stevel 333 0 stevel return (m); 334 0 stevel } 335 0 stevel 336 0 stevel /* 337 0 stevel * au_to_text 338 0 stevel * returns: 339 0 stevel * pointer to au_membuf chain containing a text token. 340 0 stevel */ 341 0 stevel token_t * 342 0 stevel au_to_text(const char *text) 343 0 stevel { 344 0 stevel token_t *token; /* local au_membuf */ 345 0 stevel adr_t adr; /* adr memory stream header */ 346 0 stevel char data_header = AUT_TEXT; /* header for this token */ 347 0 stevel short bytes; /* length of string */ 348 0 stevel 349 0 stevel token = au_getclr(); 350 0 stevel 351 0 stevel bytes = (short)strlen(text) + 1; 352 0 stevel adr_start(&adr, memtod(token, char *)); 353 0 stevel adr_char(&adr, &data_header, 1); 354 0 stevel adr_short(&adr, &bytes, 1); 355 0 stevel 356 0 stevel token->len = (char)adr_count(&adr); 357 0 stevel /* 358 0 stevel * Now attach the text 359 0 stevel */ 360 0 stevel (void) au_append_buf(text, bytes, token); 361 0 stevel 362 0 stevel return (token); 363 0 stevel } 364 0 stevel 365 0 stevel /* 366 0 stevel * au_zonename_length 367 0 stevel * returns: 368 0 stevel * - length of zonename token to be generated 369 0 stevel * - zone name up to ZONENAME_MAX + 1 in length 370 0 stevel */ 371 0 stevel #define ZONE_TOKEN_OVERHEAD 3 372 0 stevel /* 373 0 stevel * the zone token is 374 0 stevel * token id (1 byte) 375 0 stevel * string length (2 bytes) 376 0 stevel * the string (strlen(zonename) + 1) 377 0 stevel */ 378 0 stevel size_t 379 4165 tz204579 au_zonename_length(zone_t *zone) 380 0 stevel { 381 4165 tz204579 if (zone == NULL) 382 4165 tz204579 zone = curproc->p_zone; 383 4165 tz204579 return (strlen(zone->zone_name) + 1 + 384 0 stevel ZONE_TOKEN_OVERHEAD); 385 0 stevel } 386 0 stevel 387 0 stevel /* 388 0 stevel * au_to_zonename 389 0 stevel * 390 0 stevel * A length of zero input to au_to_zonename means the length is not 391 0 stevel * pre-calculated. 392 0 stevel * 393 0 stevel * The caller is responsible for checking the AUDIT_ZONENAME policy 394 0 stevel * before calling au_zonename_length() and au_to_zonename(). If 395 0 stevel * the policy changes between the calls, no harm is done, so the 396 0 stevel * policy only needs to be checked once. 397 0 stevel * 398 0 stevel * returns: 399 0 stevel * pointer to au_membuf chain containing a zonename token; NULL if 400 0 stevel * policy is off. 401 0 stevel * 402 0 stevel * if the zonename token is generated at token generation close time, 403 0 stevel * the length of the token is already known and it is ASSERTed that 404 0 stevel * it has not changed. If not precalculated, zone_length must be 405 0 stevel * zero. 406 0 stevel */ 407 0 stevel token_t * 408 4165 tz204579 au_to_zonename(size_t zone_length, zone_t *zone) 409 0 stevel { 410 0 stevel token_t *token; /* local au_membuf */ 411 0 stevel adr_t adr; /* adr memory stream header */ 412 0 stevel char data_header = AUT_ZONENAME; /* header for this token */ 413 0 stevel short bytes; /* length of string */ 414 0 stevel 415 0 stevel token = au_getclr(); 416 0 stevel 417 4165 tz204579 if (zone == NULL) 418 4165 tz204579 zone = curproc->p_zone; 419 4165 tz204579 bytes = (short)strlen(zone->zone_name) + 1; 420 0 stevel /* 421 0 stevel * If zone_length != 0, it was precalculated and is 422 0 stevel * the token length, not the string length. 423 0 stevel */ 424 0 stevel ASSERT((zone_length == 0) || 425 0 stevel (zone_length == (bytes + ZONE_TOKEN_OVERHEAD))); 426 0 stevel 427 0 stevel adr_start(&adr, memtod(token, char *)); 428 0 stevel adr_char(&adr, &data_header, 1); 429 0 stevel adr_short(&adr, &bytes, 1); 430 0 stevel 431 0 stevel token->len = (char)adr_count(&adr); 432 4165 tz204579 (void) au_append_buf(zone->zone_name, bytes, token); 433 0 stevel 434 0 stevel return (token); 435 0 stevel } 436 0 stevel 437 0 stevel /* 438 0 stevel * au_to_strings 439 0 stevel * returns: 440 0 stevel * pointer to au_membuf chain containing a strings array token. 441 0 stevel */ 442 0 stevel token_t * 443 0 stevel au_to_strings( 444 0 stevel char header, /* token type */ 445 0 stevel const char *kstrp, /* kernel string pointer */ 446 0 stevel ssize_t count) /* count of arguments */ 447 0 stevel { 448 0 stevel token_t *token; /* local au_membuf */ 449 0 stevel token_t *m; /* local au_membuf */ 450 0 stevel adr_t adr; /* adr memory stream header */ 451 0 stevel size_t len; 452 0 stevel int32_t tlen; 453 0 stevel 454 0 stevel token = au_getclr(); 455 0 stevel 456 0 stevel adr_start(&adr, memtod(token, char *)); 457 0 stevel adr_char(&adr, &header, 1); 458 0 stevel tlen = (int32_t)count; 459 0 stevel adr_int32(&adr, &tlen, 1); 460 0 stevel 461 0 stevel token->len = (char)adr_count(&adr); 462 0 stevel 463 0 stevel while (count-- > 0) { 464 0 stevel m = au_getclr(); 465 0 stevel len = strlen(kstrp) + 1; 466 0 stevel (void) au_append_buf(kstrp, len, m); 467 0 stevel (void) au_append_rec((token_t *)token, (token_t *)m, AU_PACK); 468 0 stevel kstrp += len; 469 0 stevel } 470 0 stevel 471 0 stevel return (token); 472 0 stevel } 473 0 stevel 474 0 stevel /* 475 0 stevel * au_to_exec_args 476 0 stevel * returns: 477 0 stevel * pointer to au_membuf chain containing a argv token. 478 0 stevel */ 479 0 stevel token_t * 480 0 stevel au_to_exec_args(const char *kstrp, ssize_t argc) 481 0 stevel { 482 0 stevel return (au_to_strings(AUT_EXEC_ARGS, kstrp, argc)); 483 0 stevel } 484 0 stevel 485 0 stevel /* 486 0 stevel * au_to_exec_env 487 0 stevel * returns: 488 0 stevel * pointer to au_membuf chain containing a arge token. 489 0 stevel */ 490 0 stevel token_t * 491 0 stevel au_to_exec_env(const char *kstrp, ssize_t envc) 492 0 stevel { 493 0 stevel return (au_to_strings(AUT_EXEC_ENV, kstrp, envc)); 494 0 stevel } 495 0 stevel 496 0 stevel /* 497 0 stevel * au_to_arg32 498 0 stevel * char n; argument # being used 499 0 stevel * char *text; text describing argument 500 0 stevel * uint32_t v; argument value 501 0 stevel * returns: 502 0 stevel * pointer to au_membuf chain containing an argument token. 503 0 stevel */ 504 0 stevel token_t * 505 0 stevel au_to_arg32(char n, char *text, uint32_t v) 506 0 stevel { 507 0 stevel token_t *token; /* local au_membuf */ 508 0 stevel adr_t adr; /* adr memory stream header */ 509 0 stevel char data_header = AUT_ARG32; /* header for this token */ 510 0 stevel short bytes; /* length of string */ 511 0 stevel 512 0 stevel token = au_getclr(); 513 0 stevel 514 0 stevel bytes = strlen(text) + 1; 515 0 stevel adr_start(&adr, memtod(token, char *)); 516 0 stevel adr_char(&adr, &data_header, 1); /* token type */ 517 0 stevel adr_char(&adr, &n, 1); /* argument id */ 518 0 stevel adr_uint32(&adr, &v, 1); /* argument value */ 519 0 stevel adr_short(&adr, &bytes, 1); 520 0 stevel 521 0 stevel token->len = adr_count(&adr); 522 0 stevel /* 523 0 stevel * Now add the description 524 0 stevel */ 525 0 stevel (void) au_append_buf(text, bytes, token); 526 0 stevel 527 0 stevel return (token); 528 0 stevel } 529 0 stevel 530 0 stevel 531 0 stevel /* 532 0 stevel * au_to_arg64 533 0 stevel * char n; argument # being used 534 0 stevel * char *text; text describing argument 535 0 stevel * uint64_t v; argument value 536 0 stevel * returns: 537 0 stevel * pointer to au_membuf chain containing an argument token. 538 0 stevel */ 539 0 stevel token_t * 540 0 stevel au_to_arg64(char n, char *text, uint64_t v) 541 0 stevel { 542 0 stevel token_t *token; /* local au_membuf */ 543 0 stevel adr_t adr; /* adr memory stream header */ 544 0 stevel char data_header = AUT_ARG64; /* header for this token */ 545 0 stevel short bytes; /* length of string */ 546 0 stevel 547 0 stevel token = au_getclr(); 548 0 stevel 549 0 stevel bytes = strlen(text) + 1; 550 0 stevel adr_start(&adr, memtod(token, char *)); 551 0 stevel adr_char(&adr, &data_header, 1); /* token type */ 552 0 stevel adr_char(&adr, &n, 1); /* argument id */ 553 0 stevel adr_uint64(&adr, &v, 1); /* argument value */ 554 0 stevel adr_short(&adr, &bytes, 1); 555 0 stevel 556 0 stevel token->len = adr_count(&adr); 557 0 stevel /* 558 0 stevel * Now the description 559 0 stevel */ 560 0 stevel (void) au_append_buf(text, bytes, token); 561 0 stevel 562 0 stevel return (token); 563 0 stevel } 564 0 stevel 565 0 stevel 566 0 stevel /* 567 0 stevel * au_to_path 568 0 stevel * returns: 569 0 stevel * pointer to au_membuf chain containing a path token. 570 0 stevel */ 571 0 stevel token_t * 572 0 stevel au_to_path(struct audit_path *app) 573 0 stevel { 574 0 stevel token_t *token; /* local au_membuf */ 575 0 stevel token_t *m; /* local au_membuf */ 576 0 stevel adr_t adr; /* adr memory stream header */ 577 0 stevel char data_header = AUT_PATH; /* header for this token */ 578 0 stevel short bytes; /* length of string */ 579 0 stevel char *path = app->audp_sect[0]; 580 0 stevel 581 0 stevel bytes = (short)(app->audp_sect[1] - app->audp_sect[0]); 582 0 stevel 583 0 stevel /* 584 0 stevel * generate path token header 585 0 stevel */ 586 0 stevel m = au_getclr(); 587 0 stevel adr_start(&adr, memtod(m, char *)); 588 0 stevel adr_char(&adr, &data_header, 1); 589 0 stevel adr_short(&adr, &bytes, 1); 590 0 stevel m->len = adr_count(&adr); 591 0 stevel 592 0 stevel /* append path string */ 593 0 stevel token = m; 594 0 stevel (void) au_append_buf(path, bytes, token); 595 0 stevel 596 0 stevel if (app->audp_cnt > 1) { 597 0 stevel /* generate attribute path strings token */ 598 0 stevel m = au_to_strings(AUT_XATPATH, app->audp_sect[1], 599 0 stevel app->audp_cnt - 1); 600 0 stevel 601 0 stevel token = au_append_token(token, m); 602 0 stevel } 603 0 stevel 604 0 stevel return (token); 605 0 stevel } 606 0 stevel 607 0 stevel /* 608 0 stevel * au_to_ipc 609 0 stevel * returns: 610 0 stevel * pointer to au_membuf chain containing a System V IPC token. 611 0 stevel */ 612 0 stevel token_t * 613 0 stevel au_to_ipc(char type, int id) 614 0 stevel { 615 0 stevel token_t *m; /* local au_membuf */ 616 0 stevel adr_t adr; /* adr memory stream header */ 617 0 stevel char data_header = AUT_IPC; /* header for this token */ 618 0 stevel 619 0 stevel m = au_getclr(); 620 0 stevel 621 0 stevel adr_start(&adr, memtod(m, char *)); 622 0 stevel adr_char(&adr, &data_header, 1); 623 0 stevel adr_char(&adr, &type, 1); /* type of IPC object */ 624 0 stevel adr_int32(&adr, (int32_t *)&id, 1); 625 0 stevel 626 0 stevel m->len = adr_count(&adr); 627 0 stevel 628 0 stevel return (m); 629 0 stevel } 630 0 stevel 631 0 stevel /* 632 0 stevel * au_to_return32 633 0 stevel * returns: 634 0 stevel * pointer to au_membuf chain containing a return value token. 635 0 stevel */ 636 0 stevel token_t * 637 0 stevel au_to_return32(int error, int32_t rv) 638 0 stevel { 639 0 stevel token_t *m; /* local au_membuf */ 640 0 stevel adr_t adr; /* adr memory stream header */ 641 0 stevel char data_header = AUT_RETURN32; /* header for this token */ 642 0 stevel int32_t val; 643 0 stevel char ed = error; 644 0 stevel 645 0 stevel m = au_getclr(); 646 0 stevel 647 0 stevel adr_start(&adr, memtod(m, char *)); 648 0 stevel adr_char(&adr, &data_header, 1); 649 0 stevel adr_char(&adr, &ed, 1); 650 0 stevel 651 0 stevel if (error) { 652 0 stevel val = -1; 653 0 stevel adr_int32(&adr, &val, 1); 654 0 stevel } else { 655 0 stevel adr_int32(&adr, &rv, 1); 656 0 stevel } 657 0 stevel m->len = adr_count(&adr); 658 0 stevel 659 0 stevel return (m); 660 0 stevel } 661 0 stevel 662 0 stevel /* 663 0 stevel * au_to_return64 664 0 stevel * returns: 665 0 stevel * pointer to au_membuf chain containing a return value token. 666 0 stevel */ 667 0 stevel token_t * 668 0 stevel au_to_return64(int error, int64_t rv) 669 0 stevel { 670 0 stevel token_t *m; /* local au_membuf */ 671 0 stevel adr_t adr; /* adr memory stream header */ 672 0 stevel char data_header = AUT_RETURN64; /* header for this token */ 673 0 stevel int64_t val; 674 0 stevel char ed = error; 675 0 stevel 676 0 stevel m = au_getclr(); 677 0 stevel 678 0 stevel adr_start(&adr, memtod(m, char *)); 679 0 stevel adr_char(&adr, &data_header, 1); 680 0 stevel adr_char(&adr, &ed, 1); 681 0 stevel 682 0 stevel if (error) { 683 0 stevel val = -1; 684 0 stevel adr_int64(&adr, &val, 1); 685 0 stevel } else { 686 0 stevel adr_int64(&adr, &rv, 1); 687 0 stevel } 688 0 stevel m->len = adr_count(&adr); 689 0 stevel 690 0 stevel return (m); 691 0 stevel } 692 0 stevel 693 0 stevel #ifdef AU_MAY_USE_SOMEDAY 694 0 stevel /* 695 0 stevel * au_to_opaque 696 0 stevel * returns: 697 0 stevel * pointer to au_membuf chain containing a opaque token. 698 0 stevel */ 699 0 stevel token_t * 700 0 stevel au_to_opaque(short bytes, char *opaque) 701 0 stevel { 702 0 stevel token_t *token; /* local au_membuf */ 703 0 stevel adr_t adr; /* adr memory stream header */ 704 0 stevel char data_header = AUT_OPAQUE; /* header for this token */ 705 0 stevel 706 0 stevel token = au_getclr(); 707 0 stevel 708 0 stevel adr_start(&adr, memtod(token, char *)); 709 0 stevel adr_char(&adr, &data_header, 1); 710 0 stevel adr_short(&adr, &bytes, 1); 711 0 stevel 712 0 stevel token->len = adr_count(&adr); 713 0 stevel 714 0 stevel /* 715 0 stevel * Now attach the data 716 0 stevel */ 717 0 stevel (void) au_append_buf(opaque, bytes, token); 718 0 stevel 719 0 stevel return (token); 720 0 stevel } 721 0 stevel #endif /* AU_MAY_USE_SOMEDAY */ 722 0 stevel 723 0 stevel /* 724 0 stevel * au_to_ip 725 0 stevel * returns: 726 0 stevel * pointer to au_membuf chain containing a ip header token 727 0 stevel */ 728 0 stevel token_t * 729 0 stevel au_to_ip(struct ip *ipp) 730 0 stevel { 731 0 stevel token_t *m; /* local au_membuf */ 732 0 stevel adr_t adr; /* adr memory stream header */ 733 0 stevel char data_header = AUT_IP; /* header for this token */ 734 0 stevel 735 0 stevel m = au_getclr(); 736 0 stevel 737 0 stevel adr_start(&adr, memtod(m, char *)); 738 0 stevel adr_char(&adr, &data_header, 1); 739 0 stevel adr_char(&adr, (char *)ipp, 2); 740 0 stevel adr_short(&adr, (short *)&(ipp->ip_len), 3); 741 0 stevel adr_char(&adr, (char *)&(ipp->ip_ttl), 2); 742 0 stevel adr_short(&adr, (short *)&(ipp->ip_sum), 1); 743 0 stevel adr_int32(&adr, (int32_t *)&(ipp->ip_src), 2); 744 0 stevel 745 0 stevel m->len = adr_count(&adr); 746 0 stevel 747 0 stevel return (m); 748 0 stevel } 749 0 stevel 750 0 stevel /* 751 0 stevel * au_to_iport 752 0 stevel * returns: 753 0 stevel * pointer to au_membuf chain containing a ip path token 754 0 stevel */ 755 0 stevel token_t * 756 0 stevel au_to_iport(ushort_t iport) 757 0 stevel { 758 0 stevel token_t *m; /* local au_membuf */ 759 0 stevel adr_t adr; /* adr memory stream header */ 760 0 stevel char data_header = AUT_IPORT; /* header for this token */ 761 0 stevel 762 0 stevel m = au_getclr(); 763 0 stevel 764 0 stevel adr_start(&adr, memtod(m, char *)); 765 0 stevel adr_char(&adr, &data_header, 1); 766 0 stevel adr_ushort(&adr, &iport, 1); 767 0 stevel 768 0 stevel m->len = adr_count(&adr); 769 0 stevel 770 0 stevel return (m); 771 0 stevel } 772 0 stevel 773 0 stevel /* 774 0 stevel * au_to_in_addr 775 0 stevel * returns: 776 0 stevel * pointer to au_membuf chain containing a ip path token 777 0 stevel */ 778 0 stevel token_t * 779 0 stevel au_to_in_addr(struct in_addr *internet_addr) 780 0 stevel { 781 0 stevel token_t *m; /* local au_membuf */ 782 0 stevel adr_t adr; /* adr memory stream header */ 783 0 stevel char data_header = AUT_IN_ADDR; /* header for this token */ 784 0 stevel 785 0 stevel m = au_getclr(); 786 0 stevel 787 0 stevel adr_start(&adr, memtod(m, char *)); 788 0 stevel adr_char(&adr, &data_header, 1); 789 0 stevel adr_char(&adr, (char *)internet_addr, sizeof (struct in_addr)); 790 0 stevel 791 0 stevel m->len = adr_count(&adr); 792 0 stevel 793 0 stevel return (m); 794 0 stevel } 795 0 stevel 796 0 stevel /* 797 0 stevel * au_to_in_addr_ex 798 0 stevel * returns: 799 0 stevel * pointer to au_membuf chain containing an ipv6 token 800 0 stevel */ 801 0 stevel token_t * 802 0 stevel au_to_in_addr_ex(int32_t *internet_addr) 803 0 stevel { 804 0 stevel token_t *m; /* local au_membuf */ 805 0 stevel adr_t adr; /* adr memory stream header */ 806 0 stevel char data_header_v4 = AUT_IN_ADDR; /* header for v4 token */ 807 0 stevel char data_header_v6 = AUT_IN_ADDR_EX; /* header for v6 token */ 808 0 stevel int32_t type = AU_IPv6; 809 0 stevel 810 0 stevel m = au_getclr(); 811 0 stevel adr_start(&adr, memtod(m, char *)); 812 0 stevel 813 0 stevel if (IN6_IS_ADDR_V4MAPPED((in6_addr_t *)internet_addr)) { 814 7379 Ric ipaddr_t in4; 815 6688 rica 816 6688 rica /* 817 6688 rica * An IPv4-mapped IPv6 address is really an IPv4 address 818 6688 rica * in IPv6 format. 819 6688 rica */ 820 6688 rica IN6_V4MAPPED_TO_IPADDR((in6_addr_t *)internet_addr, in4); 821 6688 rica 822 0 stevel adr_char(&adr, &data_header_v4, 1); 823 7379 Ric adr_char(&adr, (char *)&in4, sizeof (ipaddr_t)); 824 0 stevel } else { 825 0 stevel adr_char(&adr, &data_header_v6, 1); 826 0 stevel adr_int32(&adr, &type, 1); 827 0 stevel adr_char(&adr, (char *)internet_addr, sizeof (struct in6_addr)); 828 0 stevel } 829 0 stevel 830 0 stevel m->len = adr_count(&adr); 831 0 stevel 832 0 stevel return (m); 833 0 stevel } 834 0 stevel 835 0 stevel /* 836 0 stevel * The Modifier tokens 837 0 stevel */ 838 0 stevel 839 0 stevel /* 840 0 stevel * au_to_attr 841 0 stevel * returns: 842 0 stevel * pointer to au_membuf chain containing an attribute token. 843 0 stevel */ 844 0 stevel token_t * 845 0 stevel au_to_attr(struct vattr *attr) 846 0 stevel { 847 0 stevel token_t *m; /* local au_membuf */ 848 0 stevel adr_t adr; /* adr memory stream header */ 849 0 stevel #ifdef _LP64 850 0 stevel char data_header = AUT_ATTR64; /* header for this token */ 851 0 stevel #else 852 0 stevel char data_header = AUT_ATTR32; 853 0 stevel #endif 854 0 stevel int32_t value; 855 0 stevel 856 0 stevel m = au_getclr(); 857 0 stevel 858 0 stevel adr_start(&adr, memtod(m, char *)); 859 0 stevel adr_char(&adr, &data_header, 1); 860 0 stevel value = (int32_t)attr->va_mode; 861 0 stevel value |= (int32_t)(VTTOIF(attr->va_type)); 862 0 stevel adr_int32(&adr, &value, 1); 863 0 stevel value = (int32_t)attr->va_uid; 864 0 stevel adr_int32(&adr, &value, 1); 865 0 stevel value = (int32_t)attr->va_gid; 866 0 stevel adr_int32(&adr, &value, 1); 867 0 stevel adr_int32(&adr, (int32_t *)&(attr->va_fsid), 1); 868 0 stevel adr_int64(&adr, (int64_t *)&(attr->va_nodeid), 1); 869 0 stevel #ifdef _LP64 870 0 stevel adr_int64(&adr, (int64_t *)&(attr->va_rdev), 1); 871 0 stevel #else 872 0 stevel adr_int32(&adr, (int32_t *)&(attr->va_rdev), 1); 873 0 stevel #endif 874 0 stevel 875 0 stevel m->len = adr_count(&adr); 876 0 stevel 877 0 stevel return (m); 878 0 stevel } 879 0 stevel 880 0 stevel token_t * 881 0 stevel au_to_acl(struct acl *aclp) 882 0 stevel { 883 0 stevel token_t *m; /* local au_membuf */ 884 0 stevel adr_t adr; /* adr memory stream header */ 885 0 stevel char data_header = AUT_ACL; /* header for this token */ 886 0 stevel int32_t value; 887 0 stevel 888 0 stevel m = au_getclr(); 889 0 stevel 890 0 stevel adr_start(&adr, memtod(m, char *)); 891 0 stevel adr_char(&adr, &data_header, 1); 892 0 stevel 893 0 stevel value = (int32_t)aclp->a_type; 894 0 stevel adr_int32(&adr, &value, 1); 895 0 stevel value = (int32_t)aclp->a_id; 896 0 stevel adr_int32(&adr, &value, 1); 897 0 stevel value = (int32_t)aclp->a_perm; 898 0 stevel adr_int32(&adr, &value, 1); 899 0 stevel 900 0 stevel m->len = adr_count(&adr); 901 0 stevel return (m); 902 0 stevel } 903 0 stevel 904 5344 tz204579 token_t * 905 5344 tz204579 au_to_ace(ace_t *acep) 906 5344 tz204579 { 907 5344 tz204579 token_t *m; /* local au_membuf */ 908 5344 tz204579 adr_t adr; /* adr memory stream header */ 909 5344 tz204579 char data_header = AUT_ACE; /* header for this token */ 910 5344 tz204579 911 5344 tz204579 m = au_getclr(); 912 5344 tz204579 913 5344 tz204579 adr_start(&adr, memtod(m, char *)); 914 5344 tz204579 adr_char(&adr, &data_header, 1); 915 5344 tz204579 916 5344 tz204579 adr_uint32(&adr, &(acep->a_who), 1); 917 5344 tz204579 adr_uint32(&adr, &(acep->a_access_mask), 1); 918 5344 tz204579 adr_ushort(&adr, &(acep->a_flags), 1); 919 5344 tz204579 adr_ushort(&adr, &(acep->a_type), 1); 920 5344 tz204579 921 5344 tz204579 m->len = adr_count(&adr); 922 5344 tz204579 return (m); 923 5344 tz204579 } 924 5344 tz204579 925 0 stevel /* 926 0 stevel * au_to_ipc_perm 927 0 stevel * returns: 928 0 stevel * pointer to au_membuf chain containing a System V IPC attribute token. 929 0 stevel */ 930 0 stevel token_t * 931 0 stevel au_to_ipc_perm(struct kipc_perm *perm) 932 0 stevel { 933 0 stevel token_t *m; /* local au_membuf */ 934 0 stevel adr_t adr; /* adr memory stream header */ 935 0 stevel char data_header = AUT_IPC_PERM; /* header for this token */ 936 0 stevel int32_t value; 937 0 stevel 938 0 stevel m = au_getclr(); 939 0 stevel 940 0 stevel adr_start(&adr, memtod(m, char *)); 941 0 stevel adr_char(&adr, &data_header, 1); 942 0 stevel value = (int32_t)perm->ipc_uid; 943 0 stevel adr_int32(&adr, &value, 1); 944 0 stevel value = (int32_t)perm->ipc_gid; 945 0 stevel adr_int32(&adr, &value, 1); 946 0 stevel value = (int32_t)perm->ipc_cuid; 947 0 stevel adr_int32(&adr, &value, 1); 948 0 stevel value = (int32_t)perm->ipc_cgid; 949 0 stevel adr_int32(&adr, &value, 1); 950 0 stevel value = (int32_t)perm->ipc_mode; 951 0 stevel adr_int32(&adr, &value, 1); 952 0 stevel value = 0; /* seq is now obsolete */ 953 0 stevel adr_int32(&adr, &value, 1); 954 0 stevel value = (int32_t)perm->ipc_key; 955 0 stevel adr_int32(&adr, &value, 1); 956 0 stevel 957 0 stevel m->len = adr_count(&adr); 958 0 stevel 959 0 stevel return (m); 960 0 stevel } 961 0 stevel 962 0 stevel token_t * 963 0 stevel au_to_groups(const gid_t *crgroups, uint_t crngroups) 964 0 stevel { 965 0 stevel token_t *m; /* local au_membuf */ 966 0 stevel adr_t adr; /* adr memory stream header */ 967 0 stevel char data_header = AUT_NEWGROUPS; /* header for this token */ 968 0 stevel short n_groups; 969 0 stevel 970 0 stevel m = au_getclr(); 971 0 stevel 972 0 stevel adr_start(&adr, memtod(m, char *)); 973 0 stevel adr_char(&adr, &data_header, 1); 974 0 stevel n_groups = (short)crngroups; 975 0 stevel adr_short(&adr, &n_groups, 1); 976 0 stevel adr_int32(&adr, (int32_t *)crgroups, (int)crngroups); 977 0 stevel 978 0 stevel m->len = adr_count(&adr); 979 0 stevel 980 0 stevel return (m); 981 0 stevel } 982 0 stevel 983 0 stevel /* 984 0 stevel * au_to_socket_ex 985 0 stevel * returns: 986 0 stevel * pointer to au_membuf chain containing a socket token. 987 0 stevel */ 988 0 stevel token_t * 989 0 stevel au_to_socket_ex(short dom, short type, char *l, char *f) 990 0 stevel { 991 0 stevel adr_t adr; 992 0 stevel token_t *m; 993 0 stevel char data_header = AUT_SOCKET_EX; 994 0 stevel struct sockaddr_in6 *addr6; 995 0 stevel struct sockaddr_in *addr4; 996 0 stevel short size; 997 0 stevel 998 0 stevel m = au_getclr(); 999 0 stevel 1000 0 stevel adr_start(&adr, memtod(m, char *)); 1001 0 stevel adr_char(&adr, &data_header, 1); 1002 0 stevel adr_short(&adr, &dom, 1); /* dom of socket */ 1003 0 stevel adr_short(&adr, &type, 1); /* type of socket */ 1004 0 stevel 1005 0 stevel if (dom == AF_INET6) { 1006 0 stevel size = AU_IPv6; 1007 0 stevel adr_short(&adr, &size, 1); /* type of addresses */ 1008 0 stevel addr6 = (struct sockaddr_in6 *)l; 1009 0 stevel adr_short(&adr, (short *)&addr6->sin6_port, 1); 1010 0 stevel adr_char(&adr, (char *)&addr6->sin6_addr, size); 1011 0 stevel addr6 = (struct sockaddr_in6 *)f; 1012 0 stevel adr_short(&adr, (short *)&addr6->sin6_port, 1); 1013 0 stevel adr_char(&adr, (char *)&addr6->sin6_addr, size); 1014 0 stevel } else if (dom == AF_INET) { 1015 0 stevel size = AU_IPv4; 1016 0 stevel adr_short(&adr, &size, 1); /* type of addresses */ 1017 0 stevel addr4 = (struct sockaddr_in *)l; 1018 0 stevel adr_short(&adr, (short *)&addr4->sin_port, 1); 1019 0 stevel adr_char(&adr, (char *)&addr4->sin_addr, size); 1020 0 stevel addr4 = (struct sockaddr_in *)f; 1021 0 stevel adr_short(&adr, (short *)&addr4->sin_port, 1); 1022 0 stevel adr_char(&adr, (char *)&addr4->sin_addr, size); 1023 0 stevel } 1024 0 stevel 1025 0 stevel 1026 0 stevel m->len = adr_count(&adr); 1027 0 stevel 1028 0 stevel return (m); 1029 0 stevel } 1030 0 stevel 1031 0 stevel /* 1032 0 stevel * au_to_seq 1033 0 stevel * returns: 1034 0 stevel * pointer to au_membuf chain containing a sequence token. 1035 0 stevel */ 1036 0 stevel token_t * 1037 0 stevel au_to_seq() 1038 0 stevel { 1039 0 stevel adr_t adr; 1040 0 stevel token_t *m; 1041 0 stevel char data_header = AUT_SEQ; 1042 0 stevel static int32_t zerocount; 1043 0 stevel 1044 0 stevel m = au_getclr(); 1045 0 stevel 1046 0 stevel adr_start(&adr, memtod(m, char *)); 1047 0 stevel 1048 0 stevel adr_char(&adr, &data_header, 1); 1049 0 stevel 1050 0 stevel adr_int32(&adr, &zerocount, 1); 1051 0 stevel 1052 0 stevel m->len = adr_count(&adr); 1053 0 stevel 1054 0 stevel return (m); 1055 0 stevel } 1056 0 stevel 1057 0 stevel token_t * 1058 0 stevel au_to_sock_inet(struct sockaddr_in *s_inet) 1059 0 stevel { 1060 0 stevel adr_t adr; 1061 0 stevel token_t *m; 1062 0 stevel char data_header = AUT_SOCKET; 1063 0 stevel 1064 0 stevel m = au_getclr(); 1065 0 stevel 1066 0 stevel adr_start(&adr, memtod(m, char *)); 1067 0 stevel adr_char(&adr, &data_header, 1); 1068 0 stevel adr_short(&adr, (short *)&s_inet->sin_family, 1); 1069 0 stevel adr_short(&adr, (short *)&s_inet->sin_port, 1); 1070 0 stevel 1071 0 stevel /* remote addr */ 1072 0 stevel adr_int32(&adr, (int32_t *)&s_inet->sin_addr.s_addr, 1); 1073 0 stevel 1074 0 stevel m->len = (uchar_t)adr_count(&adr); 1075 0 stevel 1076 0 stevel return (m); 1077 0 stevel } 1078 0 stevel 1079 0 stevel extern int maxprivbytes; 1080 0 stevel 1081 0 stevel token_t * 1082 0 stevel au_to_privset( 1083 0 stevel const char *set, 1084 0 stevel const priv_set_t *pset, 1085 0 stevel char data_header, 1086 0 stevel int success) 1087 0 stevel { 1088 0 stevel token_t *token, *m; 1089 0 stevel adr_t adr; 1090 0 stevel int priv; 1091 0 stevel const char *pname; 1092 0 stevel char sf = (char)success; 1093 0 stevel char *buf, *q; 1094 0 stevel short sz; 1095 0 stevel boolean_t full; 1096 0 stevel 1097 0 stevel token = au_getclr(); 1098 0 stevel 1099 0 stevel adr_start(&adr, memtod(token, char *)); 1100 0 stevel adr_char(&adr, &data_header, 1); 1101 0 stevel /* 1102 0 stevel * set is not used for AUT_UPRIV and sf (== success) is not 1103 0 stevel * used for AUT_PRIV 1104 0 stevel */ 1105 0 stevel if (data_header == AUT_UPRIV) { 1106 0 stevel adr_char(&adr, &sf, 1); 1107 0 stevel } else { 1108 0 stevel sz = strlen(set) + 1; 1109 0 stevel adr_short(&adr, &sz, 1); 1110 0 stevel 1111 0 stevel token->len = (uchar_t)adr_count(&adr); 1112 0 stevel m = au_getclr(); 1113 0 stevel 1114 0 stevel (void) au_append_buf(set, sz, m); 1115 0 stevel (void) au_append_rec(token, m, AU_PACK); 1116 0 stevel adr.adr_now += sz; 1117 0 stevel } 1118 0 stevel 1119 0 stevel full = priv_isfullset(pset); 1120 0 stevel 1121 0 stevel if (full) { 1122 0 stevel buf = "ALL"; 1123 0 stevel sz = strlen(buf) + 1; 1124 0 stevel } else { 1125 0 stevel q = buf = kmem_alloc(maxprivbytes, KM_SLEEP); 1126 0 stevel *buf = '\0'; 1127 0 stevel 1128 0 stevel for (priv = 0; (pname = priv_getbynum(priv)) != NULL; priv++) { 1129 0 stevel if (priv_ismember(pset, priv)) { 1130 0 stevel if (q != buf) 1131 0 stevel *q++ = ','; 1132 0 stevel (void) strcpy(q, pname); 1133 0 stevel q += strlen(q); 1134 0 stevel } 1135 0 stevel } 1136 0 stevel sz = (q - buf) + 1; 1137 0 stevel } 1138 0 stevel 1139 0 stevel adr_short(&adr, &sz, 1); 1140 0 stevel token->len = (uchar_t)adr_count(&adr); 1141 0 stevel 1142 0 stevel m = au_getclr(); 1143 0 stevel (void) au_append_buf(buf, sz, m); 1144 0 stevel (void) au_append_rec(token, m, AU_PACK); 1145 0 stevel 1146 0 stevel if (!full) 1147 0 stevel kmem_free(buf, maxprivbytes); 1148 0 stevel 1149 0 stevel return (token); 1150 0 stevel } 1151 1676 jpk 1152 1676 jpk /* 1153 1676 jpk * au_to_label 1154 1676 jpk * returns: 1155 2640 rica * pointer to au_membuf chain containing a label token. 1156 1676 jpk */ 1157 1676 jpk token_t * 1158 1676 jpk au_to_label(bslabel_t *label) 1159 1676 jpk { 1160 1676 jpk token_t *m; /* local au_membuf */ 1161 1676 jpk adr_t adr; /* adr memory stream header */ 1162 1676 jpk char data_header = AUT_LABEL; /* header for this token */ 1163 1676 jpk 1164 1676 jpk m = au_getclr(); 1165 1676 jpk 1166 1676 jpk adr_start(&adr, memtod(m, char *)); 1167 1676 jpk adr_char(&adr, &data_header, 1); 1168 7379 Ric adr_char(&adr, (char *)label, sizeof (_mac_label_impl_t)); 1169 7379 Ric 1170 1676 jpk m->len = adr_count(&adr); 1171 1676 jpk 1172 1676 jpk return (m); 1173 1676 jpk } 1174
Indexes created Tue Nov 24 19:14:31 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.