xref: /freebsd/sys/security/audit/bsm_domain.c (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2008 Apple Inc.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1.  Redistributions of source code must retain the above copyright
11  *     notice, this list of conditions and the following disclaimer.
12  * 2.  Redistributions in binary form must reproduce the above copyright
13  *     notice, this list of conditions and the following disclaimer in the
14  *     documentation and/or other materials provided with the distribution.
15  * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
16  *     its contributors may be used to endorse or promote products derived
17  *     from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
23  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
27  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
28  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 #include <sys/param.h>
33 #include <sys/socket.h>
34 
35 #include <security/audit/audit.h>
36 
37 #include <bsm/audit_domain.h>
38 #include <bsm/audit_record.h>
39 
40 struct bsm_domain {
41 	u_short	bd_bsm_domain;
42 	int	bd_local_domain;
43 };
44 
45 #define	PF_NO_LOCAL_MAPPING	-600
46 
47 static const struct bsm_domain bsm_domains[] = {
48 	{ BSM_PF_UNSPEC, PF_UNSPEC },
49 	{ BSM_PF_LOCAL, PF_LOCAL },
50 	{ BSM_PF_INET, PF_INET },
51 	{ BSM_PF_IMPLINK,
52 #ifdef PF_IMPLINK
53 	PF_IMPLINK
54 #else
55 	PF_NO_LOCAL_MAPPING
56 #endif
57 	},
58 	{ BSM_PF_PUP,
59 #ifdef PF_PUP
60 	PF_PUP
61 #else
62 	PF_NO_LOCAL_MAPPING
63 #endif
64 	},
65 	{ BSM_PF_CHAOS,
66 #ifdef PF_CHAOS
67 	PF_CHAOS
68 #else
69 	PF_NO_LOCAL_MAPPING
70 #endif
71 	},
72 	{ BSM_PF_NS,
73 #ifdef PF_NS
74 	PF_NS
75 #else
76 	PF_NO_LOCAL_MAPPING
77 #endif
78 	},
79 	{ BSM_PF_NBS,
80 #ifdef PF_NBS
81 	PF_NBS
82 #else
83 	PF_NO_LOCAL_MAPPING
84 #endif
85 	},
86 	{ BSM_PF_ECMA,
87 #ifdef PF_ECMA
88 	PF_ECMA
89 #else
90 	PF_NO_LOCAL_MAPPING
91 #endif
92 	},
93 	{ BSM_PF_DATAKIT,
94 #ifdef PF_DATAKIT
95 	PF_DATAKIT
96 #else
97 	PF_NO_LOCAL_MAPPING
98 #endif
99 	},
100 	{ BSM_PF_CCITT,
101 #ifdef PF_CCITT
102 	PF_CCITT
103 #else
104 	PF_NO_LOCAL_MAPPING
105 #endif
106 	},
107 	{ BSM_PF_SNA, PF_SNA },
108 	{ BSM_PF_DECnet, PF_DECnet },
109 	{ BSM_PF_DLI,
110 #ifdef PF_DLI
111 	PF_DLI
112 #else
113 	PF_NO_LOCAL_MAPPING
114 #endif
115 	},
116 	{ BSM_PF_LAT,
117 #ifdef PF_LAT
118 	PF_LAT
119 #else
120 	PF_NO_LOCAL_MAPPING
121 #endif
122 	},
123 	{ BSM_PF_HYLINK,
124 #ifdef PF_HYLINK
125 	PF_HYLINK
126 #else
127 	PF_NO_LOCAL_MAPPING
128 #endif
129 	},
130 	{ BSM_PF_APPLETALK, PF_APPLETALK },
131 	{ BSM_PF_NIT,
132 #ifdef PF_NIT
133 	PF_NIT
134 #else
135 	PF_NO_LOCAL_MAPPING
136 #endif
137 	},
138 	{ BSM_PF_802,
139 #ifdef PF_802
140 	PF_802
141 #else
142 	PF_NO_LOCAL_MAPPING
143 #endif
144 	},
145 	{ BSM_PF_OSI,
146 #ifdef PF_OSI
147 	PF_OSI
148 #else
149 	PF_NO_LOCAL_MAPPING
150 #endif
151 	},
152 	{ BSM_PF_X25,
153 #ifdef PF_X25
154 	PF_X25
155 #else
156 	PF_NO_LOCAL_MAPPING
157 #endif
158 	},
159 	{ BSM_PF_OSINET,
160 #ifdef PF_OSINET
161 	PF_OSINET
162 #else
163 	PF_NO_LOCAL_MAPPING
164 #endif
165 	},
166 	{ BSM_PF_GOSIP,
167 #ifdef PF_GOSIP
168 	PF_GOSIP
169 #else
170 	PF_NO_LOCAL_MAPPING
171 #endif
172 	},
173 	{ BSM_PF_IPX, PF_IPX },
174 	{ BSM_PF_ROUTE, PF_ROUTE },
175 	{ BSM_PF_LINK,
176 #ifdef PF_LINK
177 	PF_LINK
178 #else
179 	PF_NO_LOCAL_MAPPING
180 #endif
181 	},
182 	{ BSM_PF_INET6, PF_INET6 },
183 	{ BSM_PF_KEY, PF_KEY },
184 	{ BSM_PF_NCA,
185 #ifdef PF_NCA
186 	PF_NCA
187 #else
188 	PF_NO_LOCAL_MAPPING
189 #endif
190 	},
191 	{ BSM_PF_POLICY,
192 #ifdef PF_POLICY
193 	PF_POLICY
194 #else
195 	PF_NO_LOCAL_MAPPING
196 #endif
197 	},
198 	{ BSM_PF_INET_OFFLOAD,
199 #ifdef PF_INET_OFFLOAD
200 	PF_INET_OFFLOAD
201 #else
202 	PF_NO_LOCAL_MAPPING
203 #endif
204 	},
205 	{ BSM_PF_NETBIOS,
206 #ifdef PF_NETBIOS
207 	PF_NETBIOS
208 #else
209 	PF_NO_LOCAL_MAPPING
210 #endif
211 	},
212 	{ BSM_PF_ISO,
213 #ifdef PF_ISO
214 	PF_ISO
215 #else
216 	PF_NO_LOCAL_MAPPING
217 #endif
218 	},
219 	{ BSM_PF_XTP,
220 #ifdef PF_XTP
221 	PF_XTP
222 #else
223 	PF_NO_LOCAL_MAPPING
224 #endif
225 	},
226 	{ BSM_PF_COIP,
227 #ifdef PF_COIP
228 	PF_COIP
229 #else
230 	PF_NO_LOCAL_MAPPING
231 #endif
232 	},
233 	{ BSM_PF_CNT,
234 #ifdef PF_CNT
235 	PF_CNT
236 #else
237 	PF_NO_LOCAL_MAPPING
238 #endif
239 	},
240 	{ BSM_PF_RTIP,
241 #ifdef PF_RTIP
242 	PF_RTIP
243 #else
244 	PF_NO_LOCAL_MAPPING
245 #endif
246 	},
247 	{ BSM_PF_SIP,
248 #ifdef PF_SIP
249 	PF_SIP
250 #else
251 	PF_NO_LOCAL_MAPPING
252 #endif
253 	},
254 	{ BSM_PF_PIP,
255 #ifdef PF_PIP
256 	PF_PIP
257 #else
258 	PF_NO_LOCAL_MAPPING
259 #endif
260 	},
261 	{ BSM_PF_ISDN,
262 #ifdef PF_ISDN
263 	PF_ISDN
264 #else
265 	PF_NO_LOCAL_MAPPING
266 #endif
267 	},
268 	{ BSM_PF_E164,
269 #ifdef PF_E164
270 	PF_E164
271 #else
272 	PF_NO_LOCAL_MAPPING
273 #endif
274 	},
275 	{ BSM_PF_NATM,
276 #ifdef PF_NATM
277 	PF_NATM
278 #else
279 	PF_NO_LOCAL_MAPPING
280 #endif
281 	},
282 	{ BSM_PF_ATM,
283 #ifdef PF_ATM
284 	PF_ATM
285 #else
286 	PF_NO_LOCAL_MAPPING
287 #endif
288 	},
289 	{ BSM_PF_NETGRAPH,
290 #ifdef PF_NETGRAPH
291 	PF_NETGRAPH
292 #else
293 	PF_NO_LOCAL_MAPPING
294 #endif
295 	},
296 	{ BSM_PF_SLOW,
297 #ifdef PF_SLOW
298 	PF_SLOW
299 #else
300 	PF_NO_LOCAL_MAPPING
301 #endif
302 	},
303 	{ BSM_PF_SCLUSTER,
304 #ifdef PF_SCLUSTER
305 	PF_SCLUSTER
306 #else
307 	PF_NO_LOCAL_MAPPING
308 #endif
309 	},
310 	{ BSM_PF_ARP,
311 #ifdef PF_ARP
312 	PF_ARP
313 #else
314 	PF_NO_LOCAL_MAPPING
315 #endif
316 	},
317 	{ BSM_PF_BLUETOOTH,
318 #ifdef PF_BLUETOOTH
319 	PF_BLUETOOTH
320 #else
321 	PF_NO_LOCAL_MAPPING
322 #endif
323 	},
324 	{ BSM_PF_AX25,
325 #ifdef PF_AX25
326 	PF_AX25
327 #else
328 	PF_NO_LOCAL_MAPPING
329 #endif
330 	},
331 	{ BSM_PF_ROSE,
332 #ifdef PF_ROSE
333 	PF_ROSE
334 #else
335 	PF_NO_LOCAL_MAPPING
336 #endif
337 	},
338 	{ BSM_PF_NETBEUI,
339 #ifdef PF_NETBEUI
340 	PF_NETBEUI
341 #else
342 	PF_NO_LOCAL_MAPPING
343 #endif
344 	},
345 	{ BSM_PF_SECURITY,
346 #ifdef PF_SECURITY
347 	PF_SECURITY
348 #else
349 	PF_NO_LOCAL_MAPPING
350 #endif
351 	},
352 	{ BSM_PF_PACKET,
353 #ifdef PF_PACKET
354 	PF_PACKET
355 #else
356 	PF_NO_LOCAL_MAPPING
357 #endif
358 	},
359 	{ BSM_PF_ASH,
360 #ifdef PF_ASH
361 	PF_ASH
362 #else
363 	PF_NO_LOCAL_MAPPING
364 #endif
365 	},
366 	{ BSM_PF_ECONET,
367 #ifdef PF_ECONET
368 	PF_ECONET
369 #else
370 	PF_NO_LOCAL_MAPPING
371 #endif
372 	},
373 	{ BSM_PF_ATMSVC,
374 #ifdef PF_ATMSVC
375 	PF_ATMSVC
376 #else
377 	PF_NO_LOCAL_MAPPING
378 #endif
379 	},
380 	{ BSM_PF_IRDA,
381 #ifdef PF_IRDA
382 	PF_IRDA
383 #else
384 	PF_NO_LOCAL_MAPPING
385 #endif
386 	},
387 	{ BSM_PF_PPPOX,
388 #ifdef PF_PPPOX
389 	PF_PPPOX
390 #else
391 	PF_NO_LOCAL_MAPPING
392 #endif
393 	},
394 	{ BSM_PF_WANPIPE,
395 #ifdef PF_WANPIPE
396 	PF_WANPIPE
397 #else
398 	PF_NO_LOCAL_MAPPING
399 #endif
400 	},
401 	{ BSM_PF_LLC,
402 #ifdef PF_LLC
403 	PF_LLC
404 #else
405 	PF_NO_LOCAL_MAPPING
406 #endif
407 	},
408 	{ BSM_PF_CAN,
409 #ifdef PF_CAN
410 	PF_CAN
411 #else
412 	PF_NO_LOCAL_MAPPING
413 #endif
414 	},
415 	{ BSM_PF_TIPC,
416 #ifdef PF_TIPC
417 	PF_TIPC
418 #else
419 	PF_NO_LOCAL_MAPPING
420 #endif
421 	},
422 	{ BSM_PF_IUCV,
423 #ifdef PF_IUCV
424 	PF_IUCV
425 #else
426 	PF_NO_LOCAL_MAPPING
427 #endif
428 	},
429 	{ BSM_PF_RXRPC,
430 #ifdef PF_RXRPC
431 	PF_RXRPC
432 #else
433 	PF_NO_LOCAL_MAPPING
434 #endif
435 	},
436 	{ BSM_PF_PHONET,
437 #ifdef PF_PHONET
438 	PF_PHONET
439 #else
440 	PF_NO_LOCAL_MAPPING
441 #endif
442 	},
443 };
444 static const int bsm_domains_count = sizeof(bsm_domains) /
445 	    sizeof(bsm_domains[0]);
446 
447 static const struct bsm_domain *
448 bsm_lookup_local_domain(int local_domain)
449 {
450 	int i;
451 
452 	for (i = 0; i < bsm_domains_count; i++) {
453 		if (bsm_domains[i].bd_local_domain == local_domain)
454 			return (&bsm_domains[i]);
455 	}
456 	return (NULL);
457 }
458 
459 u_short
460 au_domain_to_bsm(int local_domain)
461 {
462 	const struct bsm_domain *bstp;
463 
464 	bstp = bsm_lookup_local_domain(local_domain);
465 	if (bstp == NULL)
466 		return (BSM_PF_UNKNOWN);
467 	return (bstp->bd_bsm_domain);
468 }
469 
470 static const struct bsm_domain *
471 bsm_lookup_bsm_domain(u_short bsm_domain)
472 {
473 	int i;
474 
475 	for (i = 0; i < bsm_domains_count; i++) {
476 		if (bsm_domains[i].bd_bsm_domain == bsm_domain)
477 			return (&bsm_domains[i]);
478 	}
479 	return (NULL);
480 }
481 
482 int
483 au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
484 {
485 	const struct bsm_domain *bstp;
486 
487 	bstp = bsm_lookup_bsm_domain(bsm_domain);
488 	if (bstp == NULL || bstp->bd_local_domain)
489 		return (-1);
490 	*local_domainp = bstp->bd_local_domain;
491 	return (0);
492 }
493