1ed708e1fSRobert Watson /*- 2ed708e1fSRobert Watson * Copyright (c) 2006 Robert N. M. Watson 3ed708e1fSRobert Watson * All rights reserved. 4ed708e1fSRobert Watson * 5ed708e1fSRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 6ed708e1fSRobert Watson * 7ed708e1fSRobert Watson * Redistribution and use in source and binary forms, with or without 8ed708e1fSRobert Watson * modification, are permitted provided that the following conditions 9ed708e1fSRobert Watson * are met: 10ed708e1fSRobert Watson * 1. Redistributions of source code must retain the above copyright 11ed708e1fSRobert Watson * notice, this list of conditions and the following disclaimer. 12ed708e1fSRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 13ed708e1fSRobert Watson * notice, this list of conditions and the following disclaimer in the 14ed708e1fSRobert Watson * documentation and/or other materials provided with the distribution. 15ed708e1fSRobert Watson * 16ed708e1fSRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17ed708e1fSRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18ed708e1fSRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19ed708e1fSRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20ed708e1fSRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21ed708e1fSRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22ed708e1fSRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23ed708e1fSRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24ed708e1fSRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25ed708e1fSRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26ed708e1fSRobert Watson * SUCH DAMAGE. 27ed708e1fSRobert Watson */ 28ed708e1fSRobert Watson 29ed708e1fSRobert Watson #ifndef _SECURITY_AUDIT_AUDIT_IOCTL_H_ 30ed708e1fSRobert Watson #define _SECURITY_AUDIT_AUDIT_IOCTL_H_ 31ed708e1fSRobert Watson 32*1c97d643SAlan Somers #include <bsm/audit.h> 33*1c97d643SAlan Somers 34ed708e1fSRobert Watson #define AUDITPIPE_IOBASE 'A' 35ed708e1fSRobert Watson 36ed708e1fSRobert Watson /* 37e257c20eSRobert Watson * Data structures used for complex ioctl arguments. Do not change existing 38e257c20eSRobert Watson * structures, add new revised ones to be used by new ioctls, and keep the 39e257c20eSRobert Watson * old structures and ioctls for backwards compatibility. 40e257c20eSRobert Watson */ 41e257c20eSRobert Watson struct auditpipe_ioctl_preselect { 42e257c20eSRobert Watson au_id_t aip_auid; 43e257c20eSRobert Watson au_mask_t aip_mask; 44e257c20eSRobert Watson }; 45e257c20eSRobert Watson 46e257c20eSRobert Watson /* 47e257c20eSRobert Watson * Possible modes of operation for audit pipe preselection. 48e257c20eSRobert Watson */ 49e257c20eSRobert Watson #define AUDITPIPE_PRESELECT_MODE_TRAIL 1 /* Global audit trail. */ 50e257c20eSRobert Watson #define AUDITPIPE_PRESELECT_MODE_LOCAL 2 /* Local audit trail. */ 51e257c20eSRobert Watson 52e257c20eSRobert Watson /* 53ed708e1fSRobert Watson * Ioctls to read and control the behavior of individual audit pipe devices. 54ed708e1fSRobert Watson */ 55ed708e1fSRobert Watson #define AUDITPIPE_GET_QLEN _IOR(AUDITPIPE_IOBASE, 1, u_int) 56ed708e1fSRobert Watson #define AUDITPIPE_GET_QLIMIT _IOR(AUDITPIPE_IOBASE, 2, u_int) 57ed708e1fSRobert Watson #define AUDITPIPE_SET_QLIMIT _IOW(AUDITPIPE_IOBASE, 3, u_int) 58ed708e1fSRobert Watson #define AUDITPIPE_GET_QLIMIT_MIN _IOR(AUDITPIPE_IOBASE, 4, u_int) 59ed708e1fSRobert Watson #define AUDITPIPE_GET_QLIMIT_MAX _IOR(AUDITPIPE_IOBASE, 5, u_int) 60e257c20eSRobert Watson #define AUDITPIPE_GET_PRESELECT_FLAGS _IOR(AUDITPIPE_IOBASE, 6, au_mask_t) 61e257c20eSRobert Watson #define AUDITPIPE_SET_PRESELECT_FLAGS _IOW(AUDITPIPE_IOBASE, 7, au_mask_t) 62e257c20eSRobert Watson #define AUDITPIPE_GET_PRESELECT_NAFLAGS _IOR(AUDITPIPE_IOBASE, 8, au_mask_t) 63e257c20eSRobert Watson #define AUDITPIPE_SET_PRESELECT_NAFLAGS _IOW(AUDITPIPE_IOBASE, 9, au_mask_t) 64e257c20eSRobert Watson #define AUDITPIPE_GET_PRESELECT_AUID _IOR(AUDITPIPE_IOBASE, 10, \ 65e257c20eSRobert Watson struct auditpipe_ioctl_preselect) 66e257c20eSRobert Watson #define AUDITPIPE_SET_PRESELECT_AUID _IOW(AUDITPIPE_IOBASE, 11, \ 67e257c20eSRobert Watson struct auditpipe_ioctl_preselect) 68e257c20eSRobert Watson #define AUDITPIPE_DELETE_PRESELECT_AUID _IOW(AUDITPIPE_IOBASE, 12, au_id_t) 69e257c20eSRobert Watson #define AUDITPIPE_FLUSH_PRESELECT_AUID _IO(AUDITPIPE_IOBASE, 13) 70e257c20eSRobert Watson #define AUDITPIPE_GET_PRESELECT_MODE _IOR(AUDITPIPE_IOBASE, 14, int) 71e257c20eSRobert Watson #define AUDITPIPE_SET_PRESELECT_MODE _IOW(AUDITPIPE_IOBASE, 15, int) 72e257c20eSRobert Watson #define AUDITPIPE_FLUSH _IO(AUDITPIPE_IOBASE, 16) 739fe741b8SRobert Watson #define AUDITPIPE_GET_MAXAUDITDATA _IOR(AUDITPIPE_IOBASE, 17, u_int) 74ed708e1fSRobert Watson 75ed708e1fSRobert Watson /* 76ed708e1fSRobert Watson * Ioctls to retrieve audit pipe statistics. 77ed708e1fSRobert Watson */ 78ed708e1fSRobert Watson #define AUDITPIPE_GET_INSERTS _IOR(AUDITPIPE_IOBASE, 100, u_int64_t) 79ed708e1fSRobert Watson #define AUDITPIPE_GET_READS _IOR(AUDITPIPE_IOBASE, 101, u_int64_t) 80ed708e1fSRobert Watson #define AUDITPIPE_GET_DROPS _IOR(AUDITPIPE_IOBASE, 102, u_int64_t) 81ed708e1fSRobert Watson #define AUDITPIPE_GET_TRUNCATES _IOR(AUDITPIPE_IOBASE, 103, u_int64_t) 82ed708e1fSRobert Watson 83ed708e1fSRobert Watson #endif /* _SECURITY_AUDIT_AUDIT_IOCTL_H_ */ 84