1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 /*
27 * Support routines for building audit records.
28 */
29
30 #include <sys/param.h>
31 #include <sys/systm.h> /* for rval */
32 #include <sys/time.h>
33 #include <sys/types.h>
34 #include <sys/vnode.h>
35 #include <sys/mode.h>
36 #include <sys/user.h>
37 #include <sys/session.h>
38 #include <sys/acl.h>
39 #include <sys/ipc_impl.h>
40 #include <netinet/in_systm.h>
41 #include <netinet/in.h>
42 #include <netinet/ip.h>
43 #include <sys/socket.h>
44 #include <net/route.h>
45 #include <netinet/in_pcb.h>
46 #include <c2/audit.h>
47 #include <c2/audit_kernel.h>
48 #include <c2/audit_record.h>
49 #include <sys/model.h> /* for model_t */
50 #include <sys/vmparam.h> /* for USRSTACK/USRSTACK32 */
51 #include <sys/vfs.h> /* for sonode */
52 #include <sys/socketvar.h> /* for sonode */
53 #include <sys/zone.h>
54 #include <sys/tsol/label.h>
55
56 /*
57 * These are the control tokens
58 */
59
60 /*
61 * au_to_header
62 * returns:
63 * pointer to au_membuf chain containing a header token.
64 */
65 token_t *
au_to_header(int byte_count,au_event_t e_type,au_emod_t e_mod)66 au_to_header(int byte_count, au_event_t e_type, au_emod_t e_mod)
67 {
68 adr_t adr; /* adr memory stream header */
69 token_t *m; /* au_membuf pointer */
70 #ifdef _LP64
71 char data_header = AUT_HEADER64; /* header for this token */
72 static int64_t zerotime[2];
73 #else
74 char data_header = AUT_HEADER32;
75 static int32_t zerotime[2];
76 #endif
77 char version = TOKEN_VERSION; /* version of token family */
78
79 m = au_getclr();
80
81 adr_start(&adr, memtod(m, char *));
82 adr_char(&adr, &data_header, 1); /* token ID */
83 adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */
84 /* audit record */
85 adr_char(&adr, &version, 1); /* version of audit tokens */
86 adr_ushort(&adr, &e_type, 1); /* event ID */
87 adr_ushort(&adr, &e_mod, 1); /* event ID modifier */
88 #ifdef _LP64
89 adr_int64(&adr, zerotime, 2); /* time & date space */
90 #else
91 adr_int32(&adr, zerotime, 2);
92 #endif
93 m->len = adr_count(&adr);
94
95 return (m);
96 }
97
98 token_t *
au_to_header_ex(int byte_count,au_event_t e_type,au_emod_t e_mod)99 au_to_header_ex(int byte_count, au_event_t e_type, au_emod_t e_mod)
100 {
101 adr_t adr; /* adr memory stream header */
102 token_t *m; /* au_membuf pointer */
103 au_kcontext_t *kctx = GET_KCTX_PZ;
104
105 #ifdef _LP64
106 char data_header = AUT_HEADER64_EX; /* header for this token */
107 static int64_t zerotime[2];
108 #else
109 char data_header = AUT_HEADER32_EX;
110 static int32_t zerotime[2];
111 #endif
112 char version = TOKEN_VERSION; /* version of token family */
113
114 m = au_getclr();
115
116 adr_start(&adr, memtod(m, char *));
117 adr_char(&adr, &data_header, 1); /* token ID */
118 adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */
119 /* audit record */
120 adr_char(&adr, &version, 1); /* version of audit tokens */
121 adr_ushort(&adr, &e_type, 1); /* event ID */
122 adr_ushort(&adr, &e_mod, 1); /* event ID modifier */
123 adr_uint32(&adr, &kctx->auk_info.ai_termid.at_type, 1);
124 adr_char(&adr, (char *)&kctx->auk_info.ai_termid.at_addr[0],
125 (int)kctx->auk_info.ai_termid.at_type);
126 #ifdef _LP64
127 adr_int64(&adr, zerotime, 2); /* time & date */
128 #else
129 adr_int32(&adr, zerotime, 2);
130 #endif
131 m->len = adr_count(&adr);
132
133 return (m);
134 }
135
136 /*
137 * au_to_trailer
138 * returns:
139 * pointer to au_membuf chain containing a trailer token.
140 */
141 token_t *
au_to_trailer(int byte_count)142 au_to_trailer(int byte_count)
143 {
144 adr_t adr; /* adr memory stream header */
145 token_t *m; /* au_membuf pointer */
146 char data_header = AUT_TRAILER; /* header for this token */
147 short magic = (short)AUT_TRAILER_MAGIC; /* trailer magic number */
148
149 m = au_getclr();
150
151 adr_start(&adr, memtod(m, char *));
152 adr_char(&adr, &data_header, 1); /* token ID */
153 adr_short(&adr, &magic, 1); /* magic number */
154 adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */
155 /* audit record */
156
157 m->len = adr_count(&adr);
158
159 return (m);
160 }
161 /*
162 * These are the data tokens
163 */
164
165 /*
166 * au_to_data
167 * returns:
168 * pointer to au_membuf chain containing a data token.
169 */
170 token_t *
au_to_data(char unit_print,char unit_type,char unit_count,char * p)171 au_to_data(char unit_print, char unit_type, char unit_count, char *p)
172 {
173 adr_t adr; /* adr memory stream header */
174 token_t *m; /* au_membuf pointer */
175 char data_header = AUT_DATA; /* header for this token */
176
177 ASSERT(p != NULL);
178 ASSERT(unit_count != 0);
179
180 switch (unit_type) {
181 case AUR_SHORT:
182 if (sizeof (short) * unit_count >= AU_BUFSIZE)
183 return (au_to_text("au_to_data: unit count too big"));
184 break;
185 case AUR_INT32:
186 if (sizeof (int32_t) * unit_count >= AU_BUFSIZE)
187 return (au_to_text("au_to_data: unit count too big"));
188 break;
189 case AUR_INT64:
190 if (sizeof (int64_t) * unit_count >= AU_BUFSIZE)
191 return (au_to_text("au_to_data: unit count too big"));
192 break;
193 case AUR_BYTE:
194 default:
195 #ifdef _CHAR_IS_UNSIGNED
196 if (sizeof (char) * unit_count >= AU_BUFSIZE)
197 return (au_to_text("au_to_data: unit count too big"));
198 #endif
199 /*
200 * we used to check for this:
201 * sizeof (char) * (int)unit_count >= AU_BUFSIZE).
202 * but the compiler is smart enough to see that
203 * will never be >= AU_BUFSIZE, since that's 128
204 * and unit_count maxes out at 127 (signed char),
205 * and complain.
206 */
207 break;
208 }
209
210 m = au_getclr();
211
212 adr_start(&adr, memtod(m, char *));
213 adr_char(&adr, &data_header, 1);
214 adr_char(&adr, &unit_print, 1);
215 adr_char(&adr, &unit_type, 1);
216 adr_char(&adr, &unit_count, 1);
217
218 switch (unit_type) {
219 case AUR_SHORT:
220 adr_short(&adr, (short *)p, unit_count);
221 break;
222 case AUR_INT32:
223 adr_int32(&adr, (int32_t *)p, unit_count);
224 break;
225 case AUR_INT64:
226 adr_int64(&adr, (int64_t *)p, unit_count);
227 break;
228 case AUR_BYTE:
229 default:
230 adr_char(&adr, p, unit_count);
231 break;
232 }
233
234 m->len = adr_count(&adr);
235
236 return (m);
237 }
238
239 /*
240 * au_to_process
241 * au_to_subject
242 * returns:
243 * pointer to au_membuf chain containing a process token.
244 */
245 static token_t *au_to_any_process(char, uid_t, gid_t, uid_t, gid_t,
246 pid_t, au_id_t, au_asid_t, const au_tid_addr_t *atid);
247
248 token_t *
au_to_process(uid_t uid,gid_t gid,uid_t ruid,gid_t rgid,pid_t pid,au_id_t auid,au_asid_t asid,const au_tid_addr_t * atid)249 au_to_process(uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid,
250 au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid)
251 {
252 char data_header;
253
254 #ifdef _LP64
255 if (atid->at_type == AU_IPv6)
256 data_header = AUT_PROCESS64_EX;
257 else
258 data_header = AUT_PROCESS64;
259 #else
260 if (atid->at_type == AU_IPv6)
261 data_header = AUT_PROCESS32_EX;
262 else
263 data_header = AUT_PROCESS32;
264 #endif
265
266 return (au_to_any_process(data_header, uid, gid, ruid,
267 rgid, pid, auid, asid, atid));
268 }
269
270 token_t *
au_to_subject(uid_t uid,gid_t gid,uid_t ruid,gid_t rgid,pid_t pid,au_id_t auid,au_asid_t asid,const au_tid_addr_t * atid)271 au_to_subject(uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid,
272 au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid)
273 {
274 char data_header;
275
276 #ifdef _LP64
277 if (atid->at_type == AU_IPv6)
278 data_header = AUT_SUBJECT64_EX;
279 else
280 data_header = AUT_SUBJECT64;
281 #else
282 if (atid->at_type == AU_IPv6)
283 data_header = AUT_SUBJECT32_EX;
284 else
285 data_header = AUT_SUBJECT32;
286 #endif
287 return (au_to_any_process(data_header, uid, gid, ruid,
288 rgid, pid, auid, asid, atid));
289 }
290
291
292 static token_t *
au_to_any_process(char data_header,uid_t uid,gid_t gid,uid_t ruid,gid_t rgid,pid_t pid,au_id_t auid,au_asid_t asid,const au_tid_addr_t * atid)293 au_to_any_process(char data_header,
294 uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid,
295 au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid)
296 {
297 token_t *m; /* local au_membuf */
298 adr_t adr; /* adr memory stream header */
299 int32_t value;
300
301 m = au_getclr();
302
303 adr_start(&adr, memtod(m, char *));
304 adr_char(&adr, &data_header, 1);
305 value = (int32_t)auid;
306 adr_int32(&adr, &value, 1);
307 value = (int32_t)uid;
308 adr_int32(&adr, &value, 1);
309 value = (int32_t)gid;
310 adr_int32(&adr, &value, 1);
311 value = (int32_t)ruid;
312 adr_int32(&adr, &value, 1);
313 value = (int32_t)rgid;
314 adr_int32(&adr, &value, 1);
315 value = (int32_t)pid;
316 adr_int32(&adr, &value, 1);
317 value = (int32_t)asid;
318 adr_int32(&adr, &value, 1);
319 #ifdef _LP64
320 adr_int64(&adr, (int64_t *)&(atid->at_port), 1);
321 #else
322 adr_int32(&adr, (int32_t *)&(atid->at_port), 1);
323 #endif
324 if (atid->at_type == AU_IPv6) {
325 adr_uint32(&adr, (uint_t *)&atid->at_type, 1);
326 adr_char(&adr, (char *)&atid->at_addr[0], 16);
327 } else {
328 adr_char(&adr, (char *)&(atid->at_addr[0]), 4);
329 }
330
331 m->len = adr_count(&adr);
332
333 return (m);
334 }
335
336 /*
337 * au_to_text
338 * returns:
339 * pointer to au_membuf chain containing a text token.
340 */
341 token_t *
au_to_text(const char * text)342 au_to_text(const char *text)
343 {
344 token_t *token; /* local au_membuf */
345 adr_t adr; /* adr memory stream header */
346 char data_header = AUT_TEXT; /* header for this token */
347 short bytes; /* length of string */
348
349 token = au_getclr();
350
351 bytes = (short)strlen(text) + 1;
352 adr_start(&adr, memtod(token, char *));
353 adr_char(&adr, &data_header, 1);
354 adr_short(&adr, &bytes, 1);
355
356 token->len = (char)adr_count(&adr);
357 /*
358 * Now attach the text
359 */
360 (void) au_append_buf(text, bytes, token);
361
362 return (token);
363 }
364
365 /*
366 * au_zonename_length
367 * returns:
368 * - length of zonename token to be generated
369 * - zone name up to ZONENAME_MAX + 1 in length
370 */
371 #define ZONE_TOKEN_OVERHEAD 3
372 /*
373 * the zone token is
374 * token id (1 byte)
375 * string length (2 bytes)
376 * the string (strlen(zonename) + 1)
377 */
378 size_t
au_zonename_length(zone_t * zone)379 au_zonename_length(zone_t *zone)
380 {
381 if (zone == NULL)
382 zone = curproc->p_zone;
383 return (strlen(zone->zone_name) + 1 +
384 ZONE_TOKEN_OVERHEAD);
385 }
386
387 /*
388 * au_to_zonename
389 *
390 * A length of zero input to au_to_zonename means the length is not
391 * pre-calculated.
392 *
393 * The caller is responsible for checking the AUDIT_ZONENAME policy
394 * before calling au_zonename_length() and au_to_zonename(). If
395 * the policy changes between the calls, no harm is done, so the
396 * policy only needs to be checked once.
397 *
398 * returns:
399 * pointer to au_membuf chain containing a zonename token; NULL if
400 * policy is off.
401 *
402 * if the zonename token is generated at token generation close time,
403 * the length of the token is already known and it is ASSERTed that
404 * it has not changed. If not precalculated, zone_length must be
405 * zero.
406 */
407 token_t *
au_to_zonename(size_t zone_length,zone_t * zone)408 au_to_zonename(size_t zone_length, zone_t *zone)
409 {
410 token_t *token; /* local au_membuf */
411 adr_t adr; /* adr memory stream header */
412 char data_header = AUT_ZONENAME; /* header for this token */
413 short bytes; /* length of string */
414
415 token = au_getclr();
416
417 if (zone == NULL)
418 zone = curproc->p_zone;
419 bytes = (short)strlen(zone->zone_name) + 1;
420 /*
421 * If zone_length != 0, it was precalculated and is
422 * the token length, not the string length.
423 */
424 ASSERT((zone_length == 0) ||
425 (zone_length == (bytes + ZONE_TOKEN_OVERHEAD)));
426
427 adr_start(&adr, memtod(token, char *));
428 adr_char(&adr, &data_header, 1);
429 adr_short(&adr, &bytes, 1);
430
431 token->len = (char)adr_count(&adr);
432 (void) au_append_buf(zone->zone_name, bytes, token);
433
434 return (token);
435 }
436
437 /*
438 * au_to_strings
439 * returns:
440 * pointer to au_membuf chain containing a strings array token.
441 */
442 token_t *
au_to_strings(char header,const char * kstrp,ssize_t count)443 au_to_strings(
444 char header, /* token type */
445 const char *kstrp, /* kernel string pointer */
446 ssize_t count) /* count of arguments */
447 {
448 token_t *token; /* local au_membuf */
449 token_t *m; /* local au_membuf */
450 adr_t adr; /* adr memory stream header */
451 size_t len;
452 int32_t tlen;
453
454 token = au_getclr();
455
456 adr_start(&adr, memtod(token, char *));
457 adr_char(&adr, &header, 1);
458 tlen = (int32_t)count;
459 adr_int32(&adr, &tlen, 1);
460
461 token->len = (char)adr_count(&adr);
462
463 while (count-- > 0) {
464 m = au_getclr();
465 len = strlen(kstrp) + 1;
466 (void) au_append_buf(kstrp, len, m);
467 (void) au_append_rec((token_t *)token, (token_t *)m, AU_PACK);
468 kstrp += len;
469 }
470
471 return (token);
472 }
473
474 /*
475 * au_to_exec_args
476 * returns:
477 * pointer to au_membuf chain containing a argv token.
478 */
479 token_t *
au_to_exec_args(const char * kstrp,ssize_t argc)480 au_to_exec_args(const char *kstrp, ssize_t argc)
481 {
482 return (au_to_strings(AUT_EXEC_ARGS, kstrp, argc));
483 }
484
485 /*
486 * au_to_exec_env
487 * returns:
488 * pointer to au_membuf chain containing a arge token.
489 */
490 token_t *
au_to_exec_env(const char * kstrp,ssize_t envc)491 au_to_exec_env(const char *kstrp, ssize_t envc)
492 {
493 return (au_to_strings(AUT_EXEC_ENV, kstrp, envc));
494 }
495
496 /*
497 * au_to_arg32
498 * char n; argument # being used
499 * char *text; text describing argument
500 * uint32_t v; argument value
501 * returns:
502 * pointer to au_membuf chain containing an argument token.
503 */
504 token_t *
au_to_arg32(char n,char * text,uint32_t v)505 au_to_arg32(char n, char *text, uint32_t v)
506 {
507 token_t *token; /* local au_membuf */
508 adr_t adr; /* adr memory stream header */
509 char data_header = AUT_ARG32; /* header for this token */
510 short bytes; /* length of string */
511
512 token = au_getclr();
513
514 bytes = strlen(text) + 1;
515 adr_start(&adr, memtod(token, char *));
516 adr_char(&adr, &data_header, 1); /* token type */
517 adr_char(&adr, &n, 1); /* argument id */
518 adr_uint32(&adr, &v, 1); /* argument value */
519 adr_short(&adr, &bytes, 1);
520
521 token->len = adr_count(&adr);
522 /*
523 * Now add the description
524 */
525 (void) au_append_buf(text, bytes, token);
526
527 return (token);
528 }
529
530
531 /*
532 * au_to_arg64
533 * char n; argument # being used
534 * char *text; text describing argument
535 * uint64_t v; argument value
536 * returns:
537 * pointer to au_membuf chain containing an argument token.
538 */
539 token_t *
au_to_arg64(char n,char * text,uint64_t v)540 au_to_arg64(char n, char *text, uint64_t v)
541 {
542 token_t *token; /* local au_membuf */
543 adr_t adr; /* adr memory stream header */
544 char data_header = AUT_ARG64; /* header for this token */
545 short bytes; /* length of string */
546
547 token = au_getclr();
548
549 bytes = strlen(text) + 1;
550 adr_start(&adr, memtod(token, char *));
551 adr_char(&adr, &data_header, 1); /* token type */
552 adr_char(&adr, &n, 1); /* argument id */
553 adr_uint64(&adr, &v, 1); /* argument value */
554 adr_short(&adr, &bytes, 1);
555
556 token->len = adr_count(&adr);
557 /*
558 * Now the description
559 */
560 (void) au_append_buf(text, bytes, token);
561
562 return (token);
563 }
564
565
566 /*
567 * au_to_path
568 * returns:
569 * pointer to au_membuf chain containing a path token.
570 */
571 token_t *
au_to_path(struct audit_path * app)572 au_to_path(struct audit_path *app)
573 {
574 token_t *token; /* local au_membuf */
575 token_t *m; /* local au_membuf */
576 adr_t adr; /* adr memory stream header */
577 char data_header = AUT_PATH; /* header for this token */
578 short bytes; /* length of string */
579 char *path = app->audp_sect[0];
580
581 bytes = (short)(app->audp_sect[1] - app->audp_sect[0]);
582
583 /*
584 * generate path token header
585 */
586 m = au_getclr();
587 adr_start(&adr, memtod(m, char *));
588 adr_char(&adr, &data_header, 1);
589 adr_short(&adr, &bytes, 1);
590 m->len = adr_count(&adr);
591
592 /* append path string */
593 token = m;
594 (void) au_append_buf(path, bytes, token);
595
596 if (app->audp_cnt > 1) {
597 /* generate attribute path strings token */
598 m = au_to_strings(AUT_XATPATH, app->audp_sect[1],
599 app->audp_cnt - 1);
600
601 token = au_append_token(token, m);
602 }
603
604 return (token);
605 }
606
607 /*
608 * au_to_ipc
609 * returns:
610 * pointer to au_membuf chain containing a System V IPC token.
611 */
612 token_t *
au_to_ipc(char type,int id)613 au_to_ipc(char type, int id)
614 {
615 token_t *m; /* local au_membuf */
616 adr_t adr; /* adr memory stream header */
617 char data_header = AUT_IPC; /* header for this token */
618
619 m = au_getclr();
620
621 adr_start(&adr, memtod(m, char *));
622 adr_char(&adr, &data_header, 1);
623 adr_char(&adr, &type, 1); /* type of IPC object */
624 adr_int32(&adr, (int32_t *)&id, 1);
625
626 m->len = adr_count(&adr);
627
628 return (m);
629 }
630
631 /*
632 * au_to_return32
633 * returns:
634 * pointer to au_membuf chain containing a return value token.
635 */
636 token_t *
au_to_return32(int error,int32_t rv)637 au_to_return32(int error, int32_t rv)
638 {
639 token_t *m; /* local au_membuf */
640 adr_t adr; /* adr memory stream header */
641 char data_header = AUT_RETURN32; /* header for this token */
642 int32_t val;
643 char ed = error;
644
645 m = au_getclr();
646
647 adr_start(&adr, memtod(m, char *));
648 adr_char(&adr, &data_header, 1);
649 adr_char(&adr, &ed, 1);
650
651 if (error) {
652 val = -1;
653 adr_int32(&adr, &val, 1);
654 } else {
655 adr_int32(&adr, &rv, 1);
656 }
657 m->len = adr_count(&adr);
658
659 return (m);
660 }
661
662 /*
663 * au_to_return64
664 * returns:
665 * pointer to au_membuf chain containing a return value token.
666 */
667 token_t *
au_to_return64(int error,int64_t rv)668 au_to_return64(int error, int64_t rv)
669 {
670 token_t *m; /* local au_membuf */
671 adr_t adr; /* adr memory stream header */
672 char data_header = AUT_RETURN64; /* header for this token */
673 int64_t val;
674 char ed = error;
675
676 m = au_getclr();
677
678 adr_start(&adr, memtod(m, char *));
679 adr_char(&adr, &data_header, 1);
680 adr_char(&adr, &ed, 1);
681
682 if (error) {
683 val = -1;
684 adr_int64(&adr, &val, 1);
685 } else {
686 adr_int64(&adr, &rv, 1);
687 }
688 m->len = adr_count(&adr);
689
690 return (m);
691 }
692
693 #ifdef AU_MAY_USE_SOMEDAY
694 /*
695 * au_to_opaque
696 * returns:
697 * pointer to au_membuf chain containing a opaque token.
698 */
699 token_t *
au_to_opaque(short bytes,char * opaque)700 au_to_opaque(short bytes, char *opaque)
701 {
702 token_t *token; /* local au_membuf */
703 adr_t adr; /* adr memory stream header */
704 char data_header = AUT_OPAQUE; /* header for this token */
705
706 token = au_getclr();
707
708 adr_start(&adr, memtod(token, char *));
709 adr_char(&adr, &data_header, 1);
710 adr_short(&adr, &bytes, 1);
711
712 token->len = adr_count(&adr);
713
714 /*
715 * Now attach the data
716 */
717 (void) au_append_buf(opaque, bytes, token);
718
719 return (token);
720 }
721 #endif /* AU_MAY_USE_SOMEDAY */
722
723 /*
724 * au_to_ip
725 * returns:
726 * pointer to au_membuf chain containing a ip header token
727 */
728 token_t *
au_to_ip(struct ip * ipp)729 au_to_ip(struct ip *ipp)
730 {
731 token_t *m; /* local au_membuf */
732 adr_t adr; /* adr memory stream header */
733 char data_header = AUT_IP; /* header for this token */
734
735 m = au_getclr();
736
737 adr_start(&adr, memtod(m, char *));
738 adr_char(&adr, &data_header, 1);
739 adr_char(&adr, (char *)ipp, 2);
740 adr_short(&adr, (short *)&(ipp->ip_len), 3);
741 adr_char(&adr, (char *)&(ipp->ip_ttl), 2);
742 adr_short(&adr, (short *)&(ipp->ip_sum), 1);
743 adr_int32(&adr, (int32_t *)&(ipp->ip_src), 2);
744
745 m->len = adr_count(&adr);
746
747 return (m);
748 }
749
750 /*
751 * au_to_iport
752 * returns:
753 * pointer to au_membuf chain containing a ip path token
754 */
755 token_t *
au_to_iport(ushort_t iport)756 au_to_iport(ushort_t iport)
757 {
758 token_t *m; /* local au_membuf */
759 adr_t adr; /* adr memory stream header */
760 char data_header = AUT_IPORT; /* header for this token */
761
762 m = au_getclr();
763
764 adr_start(&adr, memtod(m, char *));
765 adr_char(&adr, &data_header, 1);
766 adr_ushort(&adr, &iport, 1);
767
768 m->len = adr_count(&adr);
769
770 return (m);
771 }
772
773 /*
774 * au_to_in_addr
775 * returns:
776 * pointer to au_membuf chain containing a ip path token
777 */
778 token_t *
au_to_in_addr(struct in_addr * internet_addr)779 au_to_in_addr(struct in_addr *internet_addr)
780 {
781 token_t *m; /* local au_membuf */
782 adr_t adr; /* adr memory stream header */
783 char data_header = AUT_IN_ADDR; /* header for this token */
784
785 m = au_getclr();
786
787 adr_start(&adr, memtod(m, char *));
788 adr_char(&adr, &data_header, 1);
789 adr_char(&adr, (char *)internet_addr, sizeof (struct in_addr));
790
791 m->len = adr_count(&adr);
792
793 return (m);
794 }
795
796 /*
797 * au_to_in_addr_ex
798 * returns:
799 * pointer to au_membuf chain containing an ipv6 token
800 */
801 token_t *
au_to_in_addr_ex(int32_t * internet_addr)802 au_to_in_addr_ex(int32_t *internet_addr)
803 {
804 token_t *m; /* local au_membuf */
805 adr_t adr; /* adr memory stream header */
806 char data_header_v4 = AUT_IN_ADDR; /* header for v4 token */
807 char data_header_v6 = AUT_IN_ADDR_EX; /* header for v6 token */
808 int32_t type = AU_IPv6;
809
810 m = au_getclr();
811 adr_start(&adr, memtod(m, char *));
812
813 if (IN6_IS_ADDR_V4MAPPED((in6_addr_t *)internet_addr)) {
814 ipaddr_t in4;
815
816 /*
817 * An IPv4-mapped IPv6 address is really an IPv4 address
818 * in IPv6 format.
819 */
820 IN6_V4MAPPED_TO_IPADDR((in6_addr_t *)internet_addr, in4);
821
822 adr_char(&adr, &data_header_v4, 1);
823 adr_char(&adr, (char *)&in4, sizeof (ipaddr_t));
824 } else {
825 adr_char(&adr, &data_header_v6, 1);
826 adr_int32(&adr, &type, 1);
827 adr_char(&adr, (char *)internet_addr, sizeof (struct in6_addr));
828 }
829
830 m->len = adr_count(&adr);
831
832 return (m);
833 }
834
835 /*
836 * The Modifier tokens
837 */
838
839 /*
840 * au_to_attr
841 * returns:
842 * pointer to au_membuf chain containing an attribute token.
843 */
844 token_t *
au_to_attr(struct vattr * attr)845 au_to_attr(struct vattr *attr)
846 {
847 token_t *m; /* local au_membuf */
848 adr_t adr; /* adr memory stream header */
849 #ifdef _LP64
850 char data_header = AUT_ATTR64; /* header for this token */
851 #else
852 char data_header = AUT_ATTR32;
853 #endif
854 int32_t value;
855
856 m = au_getclr();
857
858 adr_start(&adr, memtod(m, char *));
859 adr_char(&adr, &data_header, 1);
860 value = (int32_t)attr->va_mode;
861 value |= (int32_t)(VTTOIF(attr->va_type));
862 adr_int32(&adr, &value, 1);
863 value = (int32_t)attr->va_uid;
864 adr_int32(&adr, &value, 1);
865 value = (int32_t)attr->va_gid;
866 adr_int32(&adr, &value, 1);
867 adr_int32(&adr, (int32_t *)&(attr->va_fsid), 1);
868 adr_int64(&adr, (int64_t *)&(attr->va_nodeid), 1);
869 #ifdef _LP64
870 adr_int64(&adr, (int64_t *)&(attr->va_rdev), 1);
871 #else
872 adr_int32(&adr, (int32_t *)&(attr->va_rdev), 1);
873 #endif
874
875 m->len = adr_count(&adr);
876
877 return (m);
878 }
879
880 token_t *
au_to_acl(struct acl * aclp)881 au_to_acl(struct acl *aclp)
882 {
883 token_t *m; /* local au_membuf */
884 adr_t adr; /* adr memory stream header */
885 char data_header = AUT_ACL; /* header for this token */
886 int32_t value;
887
888 m = au_getclr();
889
890 adr_start(&adr, memtod(m, char *));
891 adr_char(&adr, &data_header, 1);
892
893 value = (int32_t)aclp->a_type;
894 adr_int32(&adr, &value, 1);
895 value = (int32_t)aclp->a_id;
896 adr_int32(&adr, &value, 1);
897 value = (int32_t)aclp->a_perm;
898 adr_int32(&adr, &value, 1);
899
900 m->len = adr_count(&adr);
901 return (m);
902 }
903
904 token_t *
au_to_ace(ace_t * acep)905 au_to_ace(ace_t *acep)
906 {
907 token_t *m; /* local au_membuf */
908 adr_t adr; /* adr memory stream header */
909 char data_header = AUT_ACE; /* header for this token */
910
911 m = au_getclr();
912
913 adr_start(&adr, memtod(m, char *));
914 adr_char(&adr, &data_header, 1);
915
916 adr_uint32(&adr, &(acep->a_who), 1);
917 adr_uint32(&adr, &(acep->a_access_mask), 1);
918 adr_ushort(&adr, &(acep->a_flags), 1);
919 adr_ushort(&adr, &(acep->a_type), 1);
920
921 m->len = adr_count(&adr);
922 return (m);
923 }
924
925 /*
926 * au_to_ipc_perm
927 * returns:
928 * pointer to au_membuf chain containing a System V IPC attribute token.
929 */
930 token_t *
au_to_ipc_perm(struct kipc_perm * perm)931 au_to_ipc_perm(struct kipc_perm *perm)
932 {
933 token_t *m; /* local au_membuf */
934 adr_t adr; /* adr memory stream header */
935 char data_header = AUT_IPC_PERM; /* header for this token */
936 int32_t value;
937
938 m = au_getclr();
939
940 adr_start(&adr, memtod(m, char *));
941 adr_char(&adr, &data_header, 1);
942 value = (int32_t)perm->ipc_uid;
943 adr_int32(&adr, &value, 1);
944 value = (int32_t)perm->ipc_gid;
945 adr_int32(&adr, &value, 1);
946 value = (int32_t)perm->ipc_cuid;
947 adr_int32(&adr, &value, 1);
948 value = (int32_t)perm->ipc_cgid;
949 adr_int32(&adr, &value, 1);
950 value = (int32_t)perm->ipc_mode;
951 adr_int32(&adr, &value, 1);
952 value = 0; /* seq is now obsolete */
953 adr_int32(&adr, &value, 1);
954 value = (int32_t)perm->ipc_key;
955 adr_int32(&adr, &value, 1);
956
957 m->len = adr_count(&adr);
958
959 return (m);
960 }
961
962 token_t *
au_to_groups(const gid_t * crgroups,uint_t crngroups)963 au_to_groups(const gid_t *crgroups, uint_t crngroups)
964 {
965 token_t *m; /* local au_membuf */
966 adr_t adr; /* adr memory stream header */
967 char data_header = AUT_NEWGROUPS; /* header for this token */
968 short n_groups;
969
970 m = au_getclr();
971
972 adr_start(&adr, memtod(m, char *));
973 adr_char(&adr, &data_header, 1);
974 n_groups = (short)crngroups;
975 adr_short(&adr, &n_groups, 1);
976 adr_int32(&adr, (int32_t *)crgroups, (int)crngroups);
977
978 m->len = adr_count(&adr);
979
980 return (m);
981 }
982
983 /*
984 * au_to_socket_ex
985 * returns:
986 * pointer to au_membuf chain containing a socket token.
987 */
988 token_t *
au_to_socket_ex(short dom,short type,char * l,char * f)989 au_to_socket_ex(short dom, short type, char *l, char *f)
990 {
991 adr_t adr;
992 token_t *m;
993 char data_header = AUT_SOCKET_EX;
994 struct sockaddr_in6 *addr6;
995 struct sockaddr_in *addr4;
996 short size;
997
998 m = au_getclr();
999
1000 adr_start(&adr, memtod(m, char *));
1001 adr_char(&adr, &data_header, 1);
1002 adr_short(&adr, &dom, 1); /* dom of socket */
1003 adr_short(&adr, &type, 1); /* type of socket */
1004
1005 if (dom == AF_INET6) {
1006 size = AU_IPv6;
1007 adr_short(&adr, &size, 1); /* type of addresses */
1008 addr6 = (struct sockaddr_in6 *)l;
1009 adr_short(&adr, (short *)&addr6->sin6_port, 1);
1010 adr_char(&adr, (char *)&addr6->sin6_addr, size);
1011 addr6 = (struct sockaddr_in6 *)f;
1012 adr_short(&adr, (short *)&addr6->sin6_port, 1);
1013 adr_char(&adr, (char *)&addr6->sin6_addr, size);
1014 } else if (dom == AF_INET) {
1015 size = AU_IPv4;
1016 adr_short(&adr, &size, 1); /* type of addresses */
1017 addr4 = (struct sockaddr_in *)l;
1018 adr_short(&adr, (short *)&addr4->sin_port, 1);
1019 adr_char(&adr, (char *)&addr4->sin_addr, size);
1020 addr4 = (struct sockaddr_in *)f;
1021 adr_short(&adr, (short *)&addr4->sin_port, 1);
1022 adr_char(&adr, (char *)&addr4->sin_addr, size);
1023 }
1024
1025
1026 m->len = adr_count(&adr);
1027
1028 return (m);
1029 }
1030
1031 /*
1032 * au_to_seq
1033 * returns:
1034 * pointer to au_membuf chain containing a sequence token.
1035 */
1036 token_t *
au_to_seq()1037 au_to_seq()
1038 {
1039 adr_t adr;
1040 token_t *m;
1041 char data_header = AUT_SEQ;
1042 static int32_t zerocount;
1043
1044 m = au_getclr();
1045
1046 adr_start(&adr, memtod(m, char *));
1047
1048 adr_char(&adr, &data_header, 1);
1049
1050 adr_int32(&adr, &zerocount, 1);
1051
1052 m->len = adr_count(&adr);
1053
1054 return (m);
1055 }
1056
1057 token_t *
au_to_sock_inet(struct sockaddr_in * s_inet)1058 au_to_sock_inet(struct sockaddr_in *s_inet)
1059 {
1060 adr_t adr;
1061 token_t *m;
1062 char data_header = AUT_SOCKET;
1063
1064 m = au_getclr();
1065
1066 adr_start(&adr, memtod(m, char *));
1067 adr_char(&adr, &data_header, 1);
1068 adr_short(&adr, (short *)&s_inet->sin_family, 1);
1069 adr_short(&adr, (short *)&s_inet->sin_port, 1);
1070
1071 /* remote addr */
1072 adr_int32(&adr, (int32_t *)&s_inet->sin_addr.s_addr, 1);
1073
1074 m->len = (uchar_t)adr_count(&adr);
1075
1076 return (m);
1077 }
1078
1079 extern int maxprivbytes;
1080
1081 token_t *
au_to_privset(const char * set,const priv_set_t * pset,char data_header,int success)1082 au_to_privset(
1083 const char *set,
1084 const priv_set_t *pset,
1085 char data_header,
1086 int success)
1087 {
1088 token_t *token, *m;
1089 adr_t adr;
1090 int priv;
1091 const char *pname;
1092 char sf = (char)success;
1093 char *buf, *q;
1094 short sz;
1095 boolean_t full;
1096
1097 token = au_getclr();
1098
1099 adr_start(&adr, memtod(token, char *));
1100 adr_char(&adr, &data_header, 1);
1101 /*
1102 * set is not used for AUT_UPRIV and sf (== success) is not
1103 * used for AUT_PRIV
1104 */
1105 if (data_header == AUT_UPRIV) {
1106 adr_char(&adr, &sf, 1);
1107 } else {
1108 sz = strlen(set) + 1;
1109 adr_short(&adr, &sz, 1);
1110
1111 token->len = (uchar_t)adr_count(&adr);
1112 m = au_getclr();
1113
1114 (void) au_append_buf(set, sz, m);
1115 (void) au_append_rec(token, m, AU_PACK);
1116 adr.adr_now += sz;
1117 }
1118
1119 full = priv_isfullset(pset);
1120
1121 if (full) {
1122 buf = "ALL";
1123 sz = strlen(buf) + 1;
1124 } else {
1125 q = buf = kmem_alloc(maxprivbytes, KM_SLEEP);
1126 *buf = '\0';
1127
1128 for (priv = 0; (pname = priv_getbynum(priv)) != NULL; priv++) {
1129 if (priv_ismember(pset, priv)) {
1130 if (q != buf)
1131 *q++ = ',';
1132 (void) strcpy(q, pname);
1133 q += strlen(q);
1134 }
1135 }
1136 sz = (q - buf) + 1;
1137 }
1138
1139 adr_short(&adr, &sz, 1);
1140 token->len = (uchar_t)adr_count(&adr);
1141
1142 m = au_getclr();
1143 (void) au_append_buf(buf, sz, m);
1144 (void) au_append_rec(token, m, AU_PACK);
1145
1146 if (!full)
1147 kmem_free(buf, maxprivbytes);
1148
1149 return (token);
1150 }
1151
1152 /*
1153 * au_to_label
1154 * returns:
1155 * pointer to au_membuf chain containing a label token.
1156 */
1157 token_t *
au_to_label(bslabel_t * label)1158 au_to_label(bslabel_t *label)
1159 {
1160 token_t *m; /* local au_membuf */
1161 adr_t adr; /* adr memory stream header */
1162 char data_header = AUT_LABEL; /* header for this token */
1163
1164 m = au_getclr();
1165
1166 adr_start(&adr, memtod(m, char *));
1167 adr_char(&adr, &data_header, 1);
1168 adr_char(&adr, (char *)label, sizeof (_mac_label_impl_t));
1169
1170 m->len = adr_count(&adr);
1171
1172 return (m);
1173 }
1174