Changes in header32

Changes in header32_token en Copyright 2015 Java 7d4b968b0fa6afc6bca132c27e2041c979ee6101 - Merge from head up to r188941 (last revision before the USB stack switch) http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#7d4b968b0fa6afc6bca132c27e2041c979ee6101 Merge from head up to r188941 (last revision before the USB stack switch) List of files: /freebsd/contrib/openbsm/test/reference/header32_token Thu, 17 Sep 2009 15:31:39 +0200 Dag-Erling Smørgrav <des@FreeBSD.org> 7a0a89d2cb29ee2c383600fa59e42d714a6dcbcb - Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, both http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#7a0a89d2cb29ee2c383600fa59e42d714a6dcbcb Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, bothcontrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manualmerge). Add libauditd build parts and add to auditd's linkage;force libbsm to build before libauditd.OpenBSM history for imported revisions below for reference.MFC after: 1 monthSponsored by: Apple Inc.Obtained from: TrustedBSD ProjectOpenBSM 1.1 alpha 4- With the addition of BSM error number mapping, we also need to map the local error number passed to audit_submit(3) to a BSM error number, rather than have the caller perform that conversion.- Reallocate user audit events to avoid collisions with Solaris; adopt a more formal allocation scheme, and add some events allocated in Solaris that will be of immediate use on other platforms.- Add an event for Calife.- Add au_strerror(3), which allows generating strings for BSM errors directly, rather than requiring applications to map to the local error space, which might not be able to entirely represent the BSM error number space.- Major auditd rewrite for launchd(8) support. Add libauditd library that is shared between launchd and auditd.- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for (re)starting auditing under launchd(8) on Mac OS X.- Add 'current' symlink to active audit trail.- Add crash recovery of previous audit trail file when detected on audit startup that it has not been properly terminated.- Add the event AUE_audit_recovery to indicated when an audit trail file has been recovered from not being properly terminated. This event is stored in the new audit trail file and includes the path of recovered audit trail file.- Mac OS X and FreeBSD dependent code in auditd.c is separated into auditd_darwin.c and auditd_fbsd.c files.- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system calls.- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.- Add support for NOTICE level logging.OpenBSM 1.1 alpha 3- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map between BSM error numbers (largely the Solaris definitions) and local errno(2) values for 32-bit and 64-bit return tokens. This is required as operating systems don't agree on some of the values of more recent error numbers.- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the total size for the token. This buge.- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed. List of files: /freebsd/contrib/openbsm/test/reference/header32_token Wed, 31 Dec 2008 12:12:24 +0100 Robert Watson <rwatson@FreeBSD.org> bb97b41819ea5a5e5315006cdad6902bfa2b7eb6 - Vendor import of OpenBSM 1.0 alpha 11, with the following change history http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#bb97b41819ea5a5e5315006cdad6902bfa2b7eb6 Vendor import of OpenBSM 1.0 alpha 11, with the following change historynotes since the last import:OpenBSM 1.0 alpha 11- Reclassify certain read/write operations as having no class rather than the fr/fw class; our default classes audit intent (open) not operations (read, write).- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads and writes of sysctls as separate events. Add additional kernel environment and jail events for FreeBSD.- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued by the kernel audit implementation) so that they can be distinguished.- Disable rate limiting of rotate requests; as the kernel doesn't retransmit a dropped request, the log file will otherwise grow indefinitely if the trigger is dropped.- Improve auditd debugging output.- Fix a number of threading related bugs in audit_control file reading routines.- Add APIs au_poltostr() and au_strtopol() to convert between text representations of audit_control policy flags and the flags passed to auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY).- Add API getacpol() to return the 'policy:' entry from audit_control, an extension to the Solaris file format to allow specification of policy persistent flags.- Update audump to print the audit_control policy field.- Update auditd to read the audit_control policy field and set the kernel policy to match it when configuring/reconfiguring. Remove the -s and -h arguments as these policies are now set via the configuration file. If a policy line is not found in the configuration file, continue with the current default of setting AUDIT_CNT.- Fix bugs in the parsing of large execve(2) arguments and environmental variable tokens; increase maximum parsed argument and variable count.- configure now detects strlcat(), used by policy-related functions.- Reference token and record sample files added to test tree.Obtained from: TrustedBSD Project List of files: /freebsd/contrib/openbsm/test/reference/header32_token Thu, 21 Sep 2006 09:07:33 +0200 Robert Watson <rwatson@FreeBSD.org> 55b15aaa258d0af1cc402ed1c6986d02b9a33310 - This commit was generated by cvs2svn to compensate for changes in r162503, http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#55b15aaa258d0af1cc402ed1c6986d02b9a33310 This commit was generated by cvs2svn to compensate for changes in r162503,which included commits to RCS files with non-trunk default branches. List of files: /freebsd/contrib/openbsm/test/reference/header32_token Thu, 21 Sep 2006 09:07:33 +0200 Robert Watson <rwatson@FreeBSD.org> 7a0a89d2cb29ee2c383600fa59e42d714a6dcbcb - Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, both http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#7a0a89d2cb29ee2c383600fa59e42d714a6dcbcb Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, bothcontrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manualmerge). Add libauditd build parts and add to auditd's linkage;force libbsm to build before libauditd.OpenBSM history for imported revisions below for reference.MFC after: 1 monthSponsored by: Apple Inc.Obtained from: TrustedBSD ProjectOpenBSM 1.1 alpha 4- With the addition of BSM error number mapping, we also need to map the local error number passed to audit_submit(3) to a BSM error number, rather than have the caller perform that conversion.- Reallocate user audit events to avoid collisions with Solaris; adopt a more formal allocation scheme, and add some events allocated in Solaris that will be of immediate use on other platforms.- Add an event for Calife.- Add au_strerror(3), which allows generating strings for BSM errors directly, rather than requiring applications to map to the local error space, which might not be able to entirely represent the BSM error number space.- Major auditd rewrite for launchd(8) support. Add libauditd library that is shared between launchd and auditd.- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for (re)starting auditing under launchd(8) on Mac OS X.- Add 'current' symlink to active audit trail.- Add crash recovery of previous audit trail file when detected on audit startup that it has not been properly terminated.- Add the event AUE_audit_recovery to indicated when an audit trail file has been recovered from not being properly terminated. This event is stored in the new audit trail file and includes the path of recovered audit trail file.- Mac OS X and FreeBSD dependent code in auditd.c is separated into auditd_darwin.c and auditd_fbsd.c files.- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system calls.- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.- Add support for NOTICE level logging.OpenBSM 1.1 alpha 3- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map between BSM error numbers (largely the Solaris definitions) and local errno(2) values for 32-bit and 64-bit return tokens. This is required as operating systems don't agree on some of the values of more recent error numbers.- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the total size for the token. This buge.- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed. List of files: /freebsd/contrib/openbsm/test/reference/header32_token Wed, 31 Dec 2008 12:12:24 +0100 Robert Watson <rwatson@FreeBSD.org> bb97b41819ea5a5e5315006cdad6902bfa2b7eb6 - Vendor import of OpenBSM 1.0 alpha 11, with the following change history http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#bb97b41819ea5a5e5315006cdad6902bfa2b7eb6 Vendor import of OpenBSM 1.0 alpha 11, with the following change historynotes since the last import:OpenBSM 1.0 alpha 11- Reclassify certain read/write operations as having no class rather than the fr/fw class; our default classes audit intent (open) not operations (read, write).- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads and writes of sysctls as separate events. Add additional kernel environment and jail events for FreeBSD.- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued by the kernel audit implementation) so that they can be distinguished.- Disable rate limiting of rotate requests; as the kernel doesn't retransmit a dropped request, the log file will otherwise grow indefinitely if the trigger is dropped.- Improve auditd debugging output.- Fix a number of threading related bugs in audit_control file reading routines.- Add APIs au_poltostr() and au_strtopol() to convert between text representations of audit_control policy flags and the flags passed to auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY).- Add API getacpol() to return the 'policy:' entry from audit_control, an extension to the Solaris file format to allow specification of policy persistent flags.- Update audump to print the audit_control policy field.- Update auditd to read the audit_control policy field and set the kernel policy to match it when configuring/reconfiguring. Remove the -s and -h arguments as these policies are now set via the configuration file. If a policy line is not found in the configuration file, continue with the current default of setting AUDIT_CNT.- Fix bugs in the parsing of large execve(2) arguments and environmental variable tokens; increase maximum parsed argument and variable count.- configure now detects strlcat(), used by policy-related functions.- Reference token and record sample files added to test tree.Obtained from: TrustedBSD Project List of files: /freebsd/contrib/openbsm/test/reference/header32_token Thu, 21 Sep 2006 09:07:33 +0200 Robert Watson <rwatson@FreeBSD.org> 55b15aaa258d0af1cc402ed1c6986d02b9a33310 - This commit was generated by cvs2svn to compensate for changes in r162503, http://kernelsources.org:8080/source/history/freebsd/contrib/openbsm/test/reference/header32_token#55b15aaa258d0af1cc402ed1c6986d02b9a33310 This commit was generated by cvs2svn to compensate for changes in r162503,which included commits to RCS files with non-trunk default branches. List of files: /freebsd/contrib/openbsm/test/reference/header32_token Thu, 21 Sep 2006 09:07:33 +0200 Robert Watson <rwatson@FreeBSD.org>