xref: /freebsd/sys/security/audit/bsm_domain.c (revision 361e428888e630eb708c72cf31579a25ba5d4f03)
1 /*-
2  * Copyright (c) 2008 Apple Inc.
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1.  Redistributions of source code must retain the above copyright
9  *     notice, this list of conditions and the following disclaimer.
10  * 2.  Redistributions in binary form must reproduce the above copyright
11  *     notice, this list of conditions and the following disclaimer in the
12  *     documentation and/or other materials provided with the distribution.
13  * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
14  *     its contributors may be used to endorse or promote products derived
15  *     from this software without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
21  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
25  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
26  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27  * POSSIBILITY OF SUCH DAMAGE.
28  */
29 
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
32 
33 #include <sys/param.h>
34 #include <sys/socket.h>
35 
36 #include <security/audit/audit.h>
37 
38 #include <bsm/audit_domain.h>
39 #include <bsm/audit_record.h>
40 
41 struct bsm_domain {
42 	u_short	bd_bsm_domain;
43 	int	bd_local_domain;
44 };
45 
46 #define	PF_NO_LOCAL_MAPPING	-600
47 
48 static const struct bsm_domain bsm_domains[] = {
49 	{ BSM_PF_UNSPEC, PF_UNSPEC },
50 	{ BSM_PF_LOCAL, PF_LOCAL },
51 	{ BSM_PF_INET, PF_INET },
52 	{ BSM_PF_IMPLINK,
53 #ifdef PF_IMPLINK
54 	PF_IMPLINK
55 #else
56 	PF_NO_LOCAL_MAPPING
57 #endif
58 	},
59 	{ BSM_PF_PUP,
60 #ifdef PF_PUP
61 	PF_PUP
62 #else
63 	PF_NO_LOCAL_MAPPING
64 #endif
65 	},
66 	{ BSM_PF_CHAOS,
67 #ifdef PF_CHAOS
68 	PF_CHAOS
69 #else
70 	PF_NO_LOCAL_MAPPING
71 #endif
72 	},
73 	{ BSM_PF_NS,
74 #ifdef PF_NS
75 	PF_NS
76 #else
77 	PF_NO_LOCAL_MAPPING
78 #endif
79 	},
80 	{ BSM_PF_NBS,
81 #ifdef PF_NBS
82 	PF_NBS
83 #else
84 	PF_NO_LOCAL_MAPPING
85 #endif
86 	},
87 	{ BSM_PF_ECMA,
88 #ifdef PF_ECMA
89 	PF_ECMA
90 #else
91 	PF_NO_LOCAL_MAPPING
92 #endif
93 	},
94 	{ BSM_PF_DATAKIT,
95 #ifdef PF_DATAKIT
96 	PF_DATAKIT
97 #else
98 	PF_NO_LOCAL_MAPPING
99 #endif
100 	},
101 	{ BSM_PF_CCITT,
102 #ifdef PF_CCITT
103 	PF_CCITT
104 #else
105 	PF_NO_LOCAL_MAPPING
106 #endif
107 	},
108 	{ BSM_PF_SNA, PF_SNA },
109 	{ BSM_PF_DECnet, PF_DECnet },
110 	{ BSM_PF_DLI,
111 #ifdef PF_DLI
112 	PF_DLI
113 #else
114 	PF_NO_LOCAL_MAPPING
115 #endif
116 	},
117 	{ BSM_PF_LAT,
118 #ifdef PF_LAT
119 	PF_LAT
120 #else
121 	PF_NO_LOCAL_MAPPING
122 #endif
123 	},
124 	{ BSM_PF_HYLINK,
125 #ifdef PF_HYLINK
126 	PF_HYLINK
127 #else
128 	PF_NO_LOCAL_MAPPING
129 #endif
130 	},
131 	{ BSM_PF_APPLETALK, PF_APPLETALK },
132 	{ BSM_PF_NIT,
133 #ifdef PF_NIT
134 	PF_NIT
135 #else
136 	PF_NO_LOCAL_MAPPING
137 #endif
138 	},
139 	{ BSM_PF_802,
140 #ifdef PF_802
141 	PF_802
142 #else
143 	PF_NO_LOCAL_MAPPING
144 #endif
145 	},
146 	{ BSM_PF_OSI,
147 #ifdef PF_OSI
148 	PF_OSI
149 #else
150 	PF_NO_LOCAL_MAPPING
151 #endif
152 	},
153 	{ BSM_PF_X25,
154 #ifdef PF_X25
155 	PF_X25
156 #else
157 	PF_NO_LOCAL_MAPPING
158 #endif
159 	},
160 	{ BSM_PF_OSINET,
161 #ifdef PF_OSINET
162 	PF_OSINET
163 #else
164 	PF_NO_LOCAL_MAPPING
165 #endif
166 	},
167 	{ BSM_PF_GOSIP,
168 #ifdef PF_GOSIP
169 	PF_GOSIP
170 #else
171 	PF_NO_LOCAL_MAPPING
172 #endif
173 	},
174 	{ BSM_PF_IPX, PF_IPX },
175 	{ BSM_PF_ROUTE, PF_ROUTE },
176 	{ BSM_PF_LINK,
177 #ifdef PF_LINK
178 	PF_LINK
179 #else
180 	PF_NO_LOCAL_MAPPING
181 #endif
182 	},
183 	{ BSM_PF_INET6, PF_INET6 },
184 	{ BSM_PF_KEY, PF_KEY },
185 	{ BSM_PF_NCA,
186 #ifdef PF_NCA
187 	PF_NCA
188 #else
189 	PF_NO_LOCAL_MAPPING
190 #endif
191 	},
192 	{ BSM_PF_POLICY,
193 #ifdef PF_POLICY
194 	PF_POLICY
195 #else
196 	PF_NO_LOCAL_MAPPING
197 #endif
198 	},
199 	{ BSM_PF_INET_OFFLOAD,
200 #ifdef PF_INET_OFFLOAD
201 	PF_INET_OFFLOAD
202 #else
203 	PF_NO_LOCAL_MAPPING
204 #endif
205 	},
206 	{ BSM_PF_NETBIOS,
207 #ifdef PF_NETBIOS
208 	PF_NETBIOS
209 #else
210 	PF_NO_LOCAL_MAPPING
211 #endif
212 	},
213 	{ BSM_PF_ISO,
214 #ifdef PF_ISO
215 	PF_ISO
216 #else
217 	PF_NO_LOCAL_MAPPING
218 #endif
219 	},
220 	{ BSM_PF_XTP,
221 #ifdef PF_XTP
222 	PF_XTP
223 #else
224 	PF_NO_LOCAL_MAPPING
225 #endif
226 	},
227 	{ BSM_PF_COIP,
228 #ifdef PF_COIP
229 	PF_COIP
230 #else
231 	PF_NO_LOCAL_MAPPING
232 #endif
233 	},
234 	{ BSM_PF_CNT,
235 #ifdef PF_CNT
236 	PF_CNT
237 #else
238 	PF_NO_LOCAL_MAPPING
239 #endif
240 	},
241 	{ BSM_PF_RTIP,
242 #ifdef PF_RTIP
243 	PF_RTIP
244 #else
245 	PF_NO_LOCAL_MAPPING
246 #endif
247 	},
248 	{ BSM_PF_SIP,
249 #ifdef PF_SIP
250 	PF_SIP
251 #else
252 	PF_NO_LOCAL_MAPPING
253 #endif
254 	},
255 	{ BSM_PF_PIP,
256 #ifdef PF_PIP
257 	PF_PIP
258 #else
259 	PF_NO_LOCAL_MAPPING
260 #endif
261 	},
262 	{ BSM_PF_ISDN,
263 #ifdef PF_ISDN
264 	PF_ISDN
265 #else
266 	PF_NO_LOCAL_MAPPING
267 #endif
268 	},
269 	{ BSM_PF_E164,
270 #ifdef PF_E164
271 	PF_E164
272 #else
273 	PF_NO_LOCAL_MAPPING
274 #endif
275 	},
276 	{ BSM_PF_NATM,
277 #ifdef PF_NATM
278 	PF_NATM
279 #else
280 	PF_NO_LOCAL_MAPPING
281 #endif
282 	},
283 	{ BSM_PF_ATM,
284 #ifdef PF_ATM
285 	PF_ATM
286 #else
287 	PF_NO_LOCAL_MAPPING
288 #endif
289 	},
290 	{ BSM_PF_NETGRAPH,
291 #ifdef PF_NETGRAPH
292 	PF_NETGRAPH
293 #else
294 	PF_NO_LOCAL_MAPPING
295 #endif
296 	},
297 	{ BSM_PF_SLOW,
298 #ifdef PF_SLOW
299 	PF_SLOW
300 #else
301 	PF_NO_LOCAL_MAPPING
302 #endif
303 	},
304 	{ BSM_PF_SCLUSTER,
305 #ifdef PF_SCLUSTER
306 	PF_SCLUSTER
307 #else
308 	PF_NO_LOCAL_MAPPING
309 #endif
310 	},
311 	{ BSM_PF_ARP,
312 #ifdef PF_ARP
313 	PF_ARP
314 #else
315 	PF_NO_LOCAL_MAPPING
316 #endif
317 	},
318 	{ BSM_PF_BLUETOOTH,
319 #ifdef PF_BLUETOOTH
320 	PF_BLUETOOTH
321 #else
322 	PF_NO_LOCAL_MAPPING
323 #endif
324 	},
325 	{ BSM_PF_AX25,
326 #ifdef PF_AX25
327 	PF_AX25
328 #else
329 	PF_NO_LOCAL_MAPPING
330 #endif
331 	},
332 	{ BSM_PF_ROSE,
333 #ifdef PF_ROSE
334 	PF_ROSE
335 #else
336 	PF_NO_LOCAL_MAPPING
337 #endif
338 	},
339 	{ BSM_PF_NETBEUI,
340 #ifdef PF_NETBEUI
341 	PF_NETBEUI
342 #else
343 	PF_NO_LOCAL_MAPPING
344 #endif
345 	},
346 	{ BSM_PF_SECURITY,
347 #ifdef PF_SECURITY
348 	PF_SECURITY
349 #else
350 	PF_NO_LOCAL_MAPPING
351 #endif
352 	},
353 	{ BSM_PF_PACKET,
354 #ifdef PF_PACKET
355 	PF_PACKET
356 #else
357 	PF_NO_LOCAL_MAPPING
358 #endif
359 	},
360 	{ BSM_PF_ASH,
361 #ifdef PF_ASH
362 	PF_ASH
363 #else
364 	PF_NO_LOCAL_MAPPING
365 #endif
366 	},
367 	{ BSM_PF_ECONET,
368 #ifdef PF_ECONET
369 	PF_ECONET
370 #else
371 	PF_NO_LOCAL_MAPPING
372 #endif
373 	},
374 	{ BSM_PF_ATMSVC,
375 #ifdef PF_ATMSVC
376 	PF_ATMSVC
377 #else
378 	PF_NO_LOCAL_MAPPING
379 #endif
380 	},
381 	{ BSM_PF_IRDA,
382 #ifdef PF_IRDA
383 	PF_IRDA
384 #else
385 	PF_NO_LOCAL_MAPPING
386 #endif
387 	},
388 	{ BSM_PF_PPPOX,
389 #ifdef PF_PPPOX
390 	PF_PPPOX
391 #else
392 	PF_NO_LOCAL_MAPPING
393 #endif
394 	},
395 	{ BSM_PF_WANPIPE,
396 #ifdef PF_WANPIPE
397 	PF_WANPIPE
398 #else
399 	PF_NO_LOCAL_MAPPING
400 #endif
401 	},
402 	{ BSM_PF_LLC,
403 #ifdef PF_LLC
404 	PF_LLC
405 #else
406 	PF_NO_LOCAL_MAPPING
407 #endif
408 	},
409 	{ BSM_PF_CAN,
410 #ifdef PF_CAN
411 	PF_CAN
412 #else
413 	PF_NO_LOCAL_MAPPING
414 #endif
415 	},
416 	{ BSM_PF_TIPC,
417 #ifdef PF_TIPC
418 	PF_TIPC
419 #else
420 	PF_NO_LOCAL_MAPPING
421 #endif
422 	},
423 	{ BSM_PF_IUCV,
424 #ifdef PF_IUCV
425 	PF_IUCV
426 #else
427 	PF_NO_LOCAL_MAPPING
428 #endif
429 	},
430 	{ BSM_PF_RXRPC,
431 #ifdef PF_RXRPC
432 	PF_RXRPC
433 #else
434 	PF_NO_LOCAL_MAPPING
435 #endif
436 	},
437 	{ BSM_PF_PHONET,
438 #ifdef PF_PHONET
439 	PF_PHONET
440 #else
441 	PF_NO_LOCAL_MAPPING
442 #endif
443 	},
444 };
445 static const int bsm_domains_count = sizeof(bsm_domains) /
446 	    sizeof(bsm_domains[0]);
447 
448 static const struct bsm_domain *
449 bsm_lookup_local_domain(int local_domain)
450 {
451 	int i;
452 
453 	for (i = 0; i < bsm_domains_count; i++) {
454 		if (bsm_domains[i].bd_local_domain == local_domain)
455 			return (&bsm_domains[i]);
456 	}
457 	return (NULL);
458 }
459 
460 u_short
461 au_domain_to_bsm(int local_domain)
462 {
463 	const struct bsm_domain *bstp;
464 
465 	bstp = bsm_lookup_local_domain(local_domain);
466 	if (bstp == NULL)
467 		return (BSM_PF_UNKNOWN);
468 	return (bstp->bd_bsm_domain);
469 }
470 
471 static const struct bsm_domain *
472 bsm_lookup_bsm_domain(u_short bsm_domain)
473 {
474 	int i;
475 
476 	for (i = 0; i < bsm_domains_count; i++) {
477 		if (bsm_domains[i].bd_bsm_domain == bsm_domain)
478 			return (&bsm_domains[i]);
479 	}
480 	return (NULL);
481 }
482 
483 int
484 au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
485 {
486 	const struct bsm_domain *bstp;
487 
488 	bstp = bsm_lookup_bsm_domain(bsm_domain);
489 	if (bstp == NULL || bstp->bd_local_domain)
490 		return (-1);
491 	*local_domainp = bstp->bd_local_domain;
492 	return (0);
493 }
494