1 /*- 2 * Copyright (c) 2008 Apple Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of Apple Inc. ("Apple") nor the names of 14 * its contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 #include <sys/param.h> 34 #include <sys/socket.h> 35 36 #include <security/audit/audit.h> 37 38 #include <bsm/audit_domain.h> 39 #include <bsm/audit_record.h> 40 41 struct bsm_domain { 42 u_short bd_bsm_domain; 43 int bd_local_domain; 44 }; 45 46 #define PF_NO_LOCAL_MAPPING -600 47 48 static const struct bsm_domain bsm_domains[] = { 49 { BSM_PF_UNSPEC, PF_UNSPEC }, 50 { BSM_PF_LOCAL, PF_LOCAL }, 51 { BSM_PF_INET, PF_INET }, 52 { BSM_PF_IMPLINK, 53 #ifdef PF_IMPLINK 54 PF_IMPLINK 55 #else 56 PF_NO_LOCAL_MAPPING 57 #endif 58 }, 59 { BSM_PF_PUP, 60 #ifdef PF_PUP 61 PF_PUP 62 #else 63 PF_NO_LOCAL_MAPPING 64 #endif 65 }, 66 { BSM_PF_CHAOS, 67 #ifdef PF_CHAOS 68 PF_CHAOS 69 #else 70 PF_NO_LOCAL_MAPPING 71 #endif 72 }, 73 { BSM_PF_NS, 74 #ifdef PF_NS 75 PF_NS 76 #else 77 PF_NO_LOCAL_MAPPING 78 #endif 79 }, 80 { BSM_PF_NBS, 81 #ifdef PF_NBS 82 PF_NBS 83 #else 84 PF_NO_LOCAL_MAPPING 85 #endif 86 }, 87 { BSM_PF_ECMA, 88 #ifdef PF_ECMA 89 PF_ECMA 90 #else 91 PF_NO_LOCAL_MAPPING 92 #endif 93 }, 94 { BSM_PF_DATAKIT, 95 #ifdef PF_DATAKIT 96 PF_DATAKIT 97 #else 98 PF_NO_LOCAL_MAPPING 99 #endif 100 }, 101 { BSM_PF_CCITT, 102 #ifdef PF_CCITT 103 PF_CCITT 104 #else 105 PF_NO_LOCAL_MAPPING 106 #endif 107 }, 108 { BSM_PF_SNA, PF_SNA }, 109 { BSM_PF_DECnet, PF_DECnet }, 110 { BSM_PF_DLI, 111 #ifdef PF_DLI 112 PF_DLI 113 #else 114 PF_NO_LOCAL_MAPPING 115 #endif 116 }, 117 { BSM_PF_LAT, 118 #ifdef PF_LAT 119 PF_LAT 120 #else 121 PF_NO_LOCAL_MAPPING 122 #endif 123 }, 124 { BSM_PF_HYLINK, 125 #ifdef PF_HYLINK 126 PF_HYLINK 127 #else 128 PF_NO_LOCAL_MAPPING 129 #endif 130 }, 131 { BSM_PF_APPLETALK, PF_APPLETALK }, 132 { BSM_PF_NIT, 133 #ifdef PF_NIT 134 PF_NIT 135 #else 136 PF_NO_LOCAL_MAPPING 137 #endif 138 }, 139 { BSM_PF_802, 140 #ifdef PF_802 141 PF_802 142 #else 143 PF_NO_LOCAL_MAPPING 144 #endif 145 }, 146 { BSM_PF_OSI, 147 #ifdef PF_OSI 148 PF_OSI 149 #else 150 PF_NO_LOCAL_MAPPING 151 #endif 152 }, 153 { BSM_PF_X25, 154 #ifdef PF_X25 155 PF_X25 156 #else 157 PF_NO_LOCAL_MAPPING 158 #endif 159 }, 160 { BSM_PF_OSINET, 161 #ifdef PF_OSINET 162 PF_OSINET 163 #else 164 PF_NO_LOCAL_MAPPING 165 #endif 166 }, 167 { BSM_PF_GOSIP, 168 #ifdef PF_GOSIP 169 PF_GOSIP 170 #else 171 PF_NO_LOCAL_MAPPING 172 #endif 173 }, 174 { BSM_PF_IPX, PF_IPX }, 175 { BSM_PF_ROUTE, PF_ROUTE }, 176 { BSM_PF_LINK, 177 #ifdef PF_LINK 178 PF_LINK 179 #else 180 PF_NO_LOCAL_MAPPING 181 #endif 182 }, 183 { BSM_PF_INET6, PF_INET6 }, 184 { BSM_PF_KEY, PF_KEY }, 185 { BSM_PF_NCA, 186 #ifdef PF_NCA 187 PF_NCA 188 #else 189 PF_NO_LOCAL_MAPPING 190 #endif 191 }, 192 { BSM_PF_POLICY, 193 #ifdef PF_POLICY 194 PF_POLICY 195 #else 196 PF_NO_LOCAL_MAPPING 197 #endif 198 }, 199 { BSM_PF_INET_OFFLOAD, 200 #ifdef PF_INET_OFFLOAD 201 PF_INET_OFFLOAD 202 #else 203 PF_NO_LOCAL_MAPPING 204 #endif 205 }, 206 { BSM_PF_NETBIOS, 207 #ifdef PF_NETBIOS 208 PF_NETBIOS 209 #else 210 PF_NO_LOCAL_MAPPING 211 #endif 212 }, 213 { BSM_PF_ISO, 214 #ifdef PF_ISO 215 PF_ISO 216 #else 217 PF_NO_LOCAL_MAPPING 218 #endif 219 }, 220 { BSM_PF_XTP, 221 #ifdef PF_XTP 222 PF_XTP 223 #else 224 PF_NO_LOCAL_MAPPING 225 #endif 226 }, 227 { BSM_PF_COIP, 228 #ifdef PF_COIP 229 PF_COIP 230 #else 231 PF_NO_LOCAL_MAPPING 232 #endif 233 }, 234 { BSM_PF_CNT, 235 #ifdef PF_CNT 236 PF_CNT 237 #else 238 PF_NO_LOCAL_MAPPING 239 #endif 240 }, 241 { BSM_PF_RTIP, 242 #ifdef PF_RTIP 243 PF_RTIP 244 #else 245 PF_NO_LOCAL_MAPPING 246 #endif 247 }, 248 { BSM_PF_SIP, 249 #ifdef PF_SIP 250 PF_SIP 251 #else 252 PF_NO_LOCAL_MAPPING 253 #endif 254 }, 255 { BSM_PF_PIP, 256 #ifdef PF_PIP 257 PF_PIP 258 #else 259 PF_NO_LOCAL_MAPPING 260 #endif 261 }, 262 { BSM_PF_ISDN, 263 #ifdef PF_ISDN 264 PF_ISDN 265 #else 266 PF_NO_LOCAL_MAPPING 267 #endif 268 }, 269 { BSM_PF_E164, 270 #ifdef PF_E164 271 PF_E164 272 #else 273 PF_NO_LOCAL_MAPPING 274 #endif 275 }, 276 { BSM_PF_NATM, 277 #ifdef PF_NATM 278 PF_NATM 279 #else 280 PF_NO_LOCAL_MAPPING 281 #endif 282 }, 283 { BSM_PF_ATM, 284 #ifdef PF_ATM 285 PF_ATM 286 #else 287 PF_NO_LOCAL_MAPPING 288 #endif 289 }, 290 { BSM_PF_NETGRAPH, 291 #ifdef PF_NETGRAPH 292 PF_NETGRAPH 293 #else 294 PF_NO_LOCAL_MAPPING 295 #endif 296 }, 297 { BSM_PF_SLOW, 298 #ifdef PF_SLOW 299 PF_SLOW 300 #else 301 PF_NO_LOCAL_MAPPING 302 #endif 303 }, 304 { BSM_PF_SCLUSTER, 305 #ifdef PF_SCLUSTER 306 PF_SCLUSTER 307 #else 308 PF_NO_LOCAL_MAPPING 309 #endif 310 }, 311 { BSM_PF_ARP, 312 #ifdef PF_ARP 313 PF_ARP 314 #else 315 PF_NO_LOCAL_MAPPING 316 #endif 317 }, 318 { BSM_PF_BLUETOOTH, 319 #ifdef PF_BLUETOOTH 320 PF_BLUETOOTH 321 #else 322 PF_NO_LOCAL_MAPPING 323 #endif 324 }, 325 { BSM_PF_AX25, 326 #ifdef PF_AX25 327 PF_AX25 328 #else 329 PF_NO_LOCAL_MAPPING 330 #endif 331 }, 332 { BSM_PF_ROSE, 333 #ifdef PF_ROSE 334 PF_ROSE 335 #else 336 PF_NO_LOCAL_MAPPING 337 #endif 338 }, 339 { BSM_PF_NETBEUI, 340 #ifdef PF_NETBEUI 341 PF_NETBEUI 342 #else 343 PF_NO_LOCAL_MAPPING 344 #endif 345 }, 346 { BSM_PF_SECURITY, 347 #ifdef PF_SECURITY 348 PF_SECURITY 349 #else 350 PF_NO_LOCAL_MAPPING 351 #endif 352 }, 353 { BSM_PF_PACKET, 354 #ifdef PF_PACKET 355 PF_PACKET 356 #else 357 PF_NO_LOCAL_MAPPING 358 #endif 359 }, 360 { BSM_PF_ASH, 361 #ifdef PF_ASH 362 PF_ASH 363 #else 364 PF_NO_LOCAL_MAPPING 365 #endif 366 }, 367 { BSM_PF_ECONET, 368 #ifdef PF_ECONET 369 PF_ECONET 370 #else 371 PF_NO_LOCAL_MAPPING 372 #endif 373 }, 374 { BSM_PF_ATMSVC, 375 #ifdef PF_ATMSVC 376 PF_ATMSVC 377 #else 378 PF_NO_LOCAL_MAPPING 379 #endif 380 }, 381 { BSM_PF_IRDA, 382 #ifdef PF_IRDA 383 PF_IRDA 384 #else 385 PF_NO_LOCAL_MAPPING 386 #endif 387 }, 388 { BSM_PF_PPPOX, 389 #ifdef PF_PPPOX 390 PF_PPPOX 391 #else 392 PF_NO_LOCAL_MAPPING 393 #endif 394 }, 395 { BSM_PF_WANPIPE, 396 #ifdef PF_WANPIPE 397 PF_WANPIPE 398 #else 399 PF_NO_LOCAL_MAPPING 400 #endif 401 }, 402 { BSM_PF_LLC, 403 #ifdef PF_LLC 404 PF_LLC 405 #else 406 PF_NO_LOCAL_MAPPING 407 #endif 408 }, 409 { BSM_PF_CAN, 410 #ifdef PF_CAN 411 PF_CAN 412 #else 413 PF_NO_LOCAL_MAPPING 414 #endif 415 }, 416 { BSM_PF_TIPC, 417 #ifdef PF_TIPC 418 PF_TIPC 419 #else 420 PF_NO_LOCAL_MAPPING 421 #endif 422 }, 423 { BSM_PF_IUCV, 424 #ifdef PF_IUCV 425 PF_IUCV 426 #else 427 PF_NO_LOCAL_MAPPING 428 #endif 429 }, 430 { BSM_PF_RXRPC, 431 #ifdef PF_RXRPC 432 PF_RXRPC 433 #else 434 PF_NO_LOCAL_MAPPING 435 #endif 436 }, 437 { BSM_PF_PHONET, 438 #ifdef PF_PHONET 439 PF_PHONET 440 #else 441 PF_NO_LOCAL_MAPPING 442 #endif 443 }, 444 }; 445 static const int bsm_domains_count = sizeof(bsm_domains) / 446 sizeof(bsm_domains[0]); 447 448 static const struct bsm_domain * 449 bsm_lookup_local_domain(int local_domain) 450 { 451 int i; 452 453 for (i = 0; i < bsm_domains_count; i++) { 454 if (bsm_domains[i].bd_local_domain == local_domain) 455 return (&bsm_domains[i]); 456 } 457 return (NULL); 458 } 459 460 u_short 461 au_domain_to_bsm(int local_domain) 462 { 463 const struct bsm_domain *bstp; 464 465 bstp = bsm_lookup_local_domain(local_domain); 466 if (bstp == NULL) 467 return (BSM_PF_UNKNOWN); 468 return (bstp->bd_bsm_domain); 469 } 470 471 static const struct bsm_domain * 472 bsm_lookup_bsm_domain(u_short bsm_domain) 473 { 474 int i; 475 476 for (i = 0; i < bsm_domains_count; i++) { 477 if (bsm_domains[i].bd_bsm_domain == bsm_domain) 478 return (&bsm_domains[i]); 479 } 480 return (NULL); 481 } 482 483 int 484 au_bsm_to_domain(u_short bsm_domain, int *local_domainp) 485 { 486 const struct bsm_domain *bstp; 487 488 bstp = bsm_lookup_bsm_domain(bsm_domain); 489 if (bstp == NULL || bstp->bd_local_domain) 490 return (-1); 491 *local_domainp = bstp->bd_local_domain; 492 return (0); 493 } 494