1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25 #ifndef _AUDIT_SCF_H 26 #define _AUDIT_SCF_H 27 28 #ifdef __cplusplus 29 extern "C" { 30 #endif 31 32 /* 33 * auditd smf(5)/libscf(3LIB) interface - set and display audit parameters 34 */ 35 36 #include <audit_plugin.h> 37 #include <bsm/libbsm.h> 38 #include <ctype.h> 39 #include <libintl.h> 40 #include <libscf_priv.h> 41 #include <stdlib.h> 42 #include <strings.h> 43 #include <sys/varargs.h> 44 #include <ucontext.h> 45 #include <zone.h> 46 47 /* gettext() obfuscation routine for lint */ 48 #ifdef __lint 49 #define gettext(x) x 50 #endif 51 52 #ifndef DEBUG 53 #define DEBUG 0 54 #endif 55 56 #if DEBUG 57 FILE *dbfp; /* debug file pointer */ 58 #define DPRINT(x) { if (dbfp == NULL) dbfp = __auditd_debug_file_open(); \ 59 (void) fprintf x; (void) fflush(dbfp); } 60 #else /* ! DEBUG */ 61 #define DPRINT(x) 62 #endif 63 64 /* Audit subsystem service instances */ 65 #define AUDITD_FMRI "svc:/system/auditd:default" 66 #define AUDITSET_FMRI "svc:/system/auditset:default" 67 68 /* (ASI) Audit service instance SCF handles - libscf(3LIB) */ 69 struct asi_scfhandle { 70 scf_handle_t *hndl; /* base scf handle */ 71 scf_instance_t *inst; /* service instance handle */ 72 scf_propertygroup_t *pgrp; /* property group handle */ 73 scf_property_t *prop; /* property handle */ 74 }; 75 typedef struct asi_scfhandle asi_scfhandle_t; 76 77 struct asi_scfhandle_iter { 78 scf_iter_t *pgrp; /* property group iter handle */ 79 scf_iter_t *prop; /* property iter handle */ 80 scf_value_t *prop_val; /* property value */ 81 }; 82 typedef struct asi_scfhandle_iter asi_scfhandle_iter_t; 83 84 /* 85 * (ASI) Audit service instance (svc:/system/auditd:default) related 86 * configuration parameters. 87 */ 88 #define ASI_PGROUP_POLICY "policy" 89 struct policy_sw { 90 char *policy; 91 boolean_t flag; 92 }; 93 typedef struct policy_sw policy_sw_t; 94 95 #define ASI_PGROUP_QUEUECTRL "queuectrl" 96 #define QUEUECTRL_QBUFSZ "qbufsz" 97 #define QUEUECTRL_QDELAY "qdelay" 98 #define QUEUECTRL_QHIWATER "qhiwater" 99 #define QUEUECTRL_QLOWATER "qlowater" 100 struct scf_qctrl { 101 uint64_t scf_qhiwater; 102 uint64_t scf_qlowater; 103 uint64_t scf_qbufsz; 104 uint64_t scf_qdelay; 105 }; 106 typedef struct scf_qctrl scf_qctrl_t; 107 108 #define ASI_PGROUP_PRESELECTION "preselection" 109 #define PRESELECTION_FLAGS "flags" 110 #define PRESELECTION_NAFLAGS "naflags" 111 #define PRESELECTION_MAXBUF 256 /* max. length of na/flags */ 112 113 /* auditd(1M) plugin related well known properties */ 114 #define PLUGIN_ACTIVE "active" /* plugin state */ 115 #define PLUGIN_PATH "path" /* plugin shared object */ 116 #define PLUGIN_QSIZE "qsize" /* plugin queue size */ 117 118 #define PLUGIN_MAX 256 /* max. amount of plugins */ 119 #define PLUGIN_MAXBUF 256 /* max. length of plugin name */ 120 #define PLUGIN_MAXATT 256 /* max. length of plugin attr */ 121 #define PLUGIN_MAXKEY 256 /* max. length of plugin key */ 122 #define PLUGIN_MAXVAL 256 /* max. length of plugin val */ 123 struct scf_plugin_kva_node { 124 struct scf_plugin_kva_node *next; 125 struct scf_plugin_kva_node *prev; 126 char plugin_name[PLUGIN_MAXBUF]; 127 kva_t *plugin_kva; 128 }; 129 typedef struct scf_plugin_kva_node scf_plugin_kva_node_t; 130 131 /* Boundary checking macros for the queuectrl parameters. */ 132 #define AQ_MINLOW 1 133 #define CHK_BDRY_QBUFSZ(x) !((x) < AQ_BUFSZ || (x) > AQ_MAXBUFSZ) 134 #define CHK_BDRY_QDELAY(x) !((x) == 0 || (x) > AQ_MAXDELAY) 135 #define CHK_BDRY_QLOWATER(low, high) !((low) < AQ_MINLOW || (low) >= (high)) 136 #define CHK_BDRY_QHIWATER(low, high) !((high) <= (low) || \ 137 (high) < AQ_LOWATER || \ 138 (high) > AQ_MAXHIGH) 139 140 /* 141 * MAX_PROPVECS maximum number of audit properties that will 142 * fit in the uint32_t audit policy mask. 143 */ 144 #define MAX_PROPVECS 32 145 146 boolean_t do_getflags_scf(char **); 147 boolean_t do_getnaflags_scf(char **); 148 boolean_t do_getpluginconfig_scf(char *, scf_plugin_kva_node_t **); 149 boolean_t do_getpolicy_scf(uint32_t *); 150 boolean_t do_getqbufsz_scf(size_t *); 151 boolean_t do_getqctrl_scf(struct au_qctrl *); 152 boolean_t do_getqdelay_scf(clock_t *); 153 boolean_t do_getqhiwater_scf(size_t *); 154 boolean_t do_getqlowater_scf(size_t *); 155 boolean_t do_setflags_scf(char *); 156 boolean_t do_setnaflags_scf(char *); 157 boolean_t do_setpluginconfig_scf(char *, boolean_t, char *, int); 158 boolean_t do_setpolicy_scf(uint32_t); 159 boolean_t do_setqbufsz_scf(size_t *); 160 boolean_t do_setqctrl_scf(struct au_qctrl *); 161 boolean_t do_setqdelay_scf(clock_t *); 162 boolean_t do_setqhiwater_scf(size_t *); 163 boolean_t do_setqlowater_scf(size_t *); 164 void free_static_att_kva(kva_t *); 165 uint32_t get_policy(char *); 166 boolean_t plugin_avail_scf(const char *); 167 void plugin_kva_ll_free(scf_plugin_kva_node_t *); 168 void prt_error_va(char *, va_list); 169 170 #ifdef __cplusplus 171 } 172 #endif 173 174 #endif /* _AUDIT_SCF_H */ 175