1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2008 Apple Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of Apple Inc. ("Apple") nor the names of 16 * its contributors may be used to endorse or promote products derived 17 * from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 23 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 27 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 28 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/param.h> 33 #include <sys/socket.h> 34 35 #include <security/audit/audit.h> 36 37 #include <bsm/audit_domain.h> 38 #include <bsm/audit_record.h> 39 40 struct bsm_domain { 41 u_short bd_bsm_domain; 42 int bd_local_domain; 43 }; 44 45 #define PF_NO_LOCAL_MAPPING -600 46 47 static const struct bsm_domain bsm_domains[] = { 48 { BSM_PF_UNSPEC, PF_UNSPEC }, 49 { BSM_PF_LOCAL, PF_LOCAL }, 50 { BSM_PF_INET, PF_INET }, 51 { BSM_PF_IMPLINK, 52 #ifdef PF_IMPLINK 53 PF_IMPLINK 54 #else 55 PF_NO_LOCAL_MAPPING 56 #endif 57 }, 58 { BSM_PF_PUP, 59 #ifdef PF_PUP 60 PF_PUP 61 #else 62 PF_NO_LOCAL_MAPPING 63 #endif 64 }, 65 { BSM_PF_CHAOS, 66 #ifdef PF_CHAOS 67 PF_CHAOS 68 #else 69 PF_NO_LOCAL_MAPPING 70 #endif 71 }, 72 { BSM_PF_NS, 73 #ifdef PF_NS 74 PF_NS 75 #else 76 PF_NO_LOCAL_MAPPING 77 #endif 78 }, 79 { BSM_PF_NBS, 80 #ifdef PF_NBS 81 PF_NBS 82 #else 83 PF_NO_LOCAL_MAPPING 84 #endif 85 }, 86 { BSM_PF_ECMA, 87 #ifdef PF_ECMA 88 PF_ECMA 89 #else 90 PF_NO_LOCAL_MAPPING 91 #endif 92 }, 93 { BSM_PF_DATAKIT, 94 #ifdef PF_DATAKIT 95 PF_DATAKIT 96 #else 97 PF_NO_LOCAL_MAPPING 98 #endif 99 }, 100 { BSM_PF_CCITT, 101 #ifdef PF_CCITT 102 PF_CCITT 103 #else 104 PF_NO_LOCAL_MAPPING 105 #endif 106 }, 107 { BSM_PF_SNA, PF_SNA }, 108 { BSM_PF_DECnet, PF_DECnet }, 109 { BSM_PF_DLI, 110 #ifdef PF_DLI 111 PF_DLI 112 #else 113 PF_NO_LOCAL_MAPPING 114 #endif 115 }, 116 { BSM_PF_LAT, 117 #ifdef PF_LAT 118 PF_LAT 119 #else 120 PF_NO_LOCAL_MAPPING 121 #endif 122 }, 123 { BSM_PF_HYLINK, 124 #ifdef PF_HYLINK 125 PF_HYLINK 126 #else 127 PF_NO_LOCAL_MAPPING 128 #endif 129 }, 130 { BSM_PF_APPLETALK, PF_APPLETALK }, 131 { BSM_PF_NIT, 132 #ifdef PF_NIT 133 PF_NIT 134 #else 135 PF_NO_LOCAL_MAPPING 136 #endif 137 }, 138 { BSM_PF_802, 139 #ifdef PF_802 140 PF_802 141 #else 142 PF_NO_LOCAL_MAPPING 143 #endif 144 }, 145 { BSM_PF_OSI, 146 #ifdef PF_OSI 147 PF_OSI 148 #else 149 PF_NO_LOCAL_MAPPING 150 #endif 151 }, 152 { BSM_PF_X25, 153 #ifdef PF_X25 154 PF_X25 155 #else 156 PF_NO_LOCAL_MAPPING 157 #endif 158 }, 159 { BSM_PF_OSINET, 160 #ifdef PF_OSINET 161 PF_OSINET 162 #else 163 PF_NO_LOCAL_MAPPING 164 #endif 165 }, 166 { BSM_PF_GOSIP, 167 #ifdef PF_GOSIP 168 PF_GOSIP 169 #else 170 PF_NO_LOCAL_MAPPING 171 #endif 172 }, 173 { BSM_PF_IPX, PF_IPX }, 174 { BSM_PF_ROUTE, PF_ROUTE }, 175 { BSM_PF_LINK, 176 #ifdef PF_LINK 177 PF_LINK 178 #else 179 PF_NO_LOCAL_MAPPING 180 #endif 181 }, 182 { BSM_PF_INET6, PF_INET6 }, 183 { BSM_PF_KEY, PF_KEY }, 184 { BSM_PF_NCA, 185 #ifdef PF_NCA 186 PF_NCA 187 #else 188 PF_NO_LOCAL_MAPPING 189 #endif 190 }, 191 { BSM_PF_POLICY, 192 #ifdef PF_POLICY 193 PF_POLICY 194 #else 195 PF_NO_LOCAL_MAPPING 196 #endif 197 }, 198 { BSM_PF_INET_OFFLOAD, 199 #ifdef PF_INET_OFFLOAD 200 PF_INET_OFFLOAD 201 #else 202 PF_NO_LOCAL_MAPPING 203 #endif 204 }, 205 { BSM_PF_NETBIOS, 206 #ifdef PF_NETBIOS 207 PF_NETBIOS 208 #else 209 PF_NO_LOCAL_MAPPING 210 #endif 211 }, 212 { BSM_PF_ISO, 213 #ifdef PF_ISO 214 PF_ISO 215 #else 216 PF_NO_LOCAL_MAPPING 217 #endif 218 }, 219 { BSM_PF_XTP, 220 #ifdef PF_XTP 221 PF_XTP 222 #else 223 PF_NO_LOCAL_MAPPING 224 #endif 225 }, 226 { BSM_PF_COIP, 227 #ifdef PF_COIP 228 PF_COIP 229 #else 230 PF_NO_LOCAL_MAPPING 231 #endif 232 }, 233 { BSM_PF_CNT, 234 #ifdef PF_CNT 235 PF_CNT 236 #else 237 PF_NO_LOCAL_MAPPING 238 #endif 239 }, 240 { BSM_PF_RTIP, 241 #ifdef PF_RTIP 242 PF_RTIP 243 #else 244 PF_NO_LOCAL_MAPPING 245 #endif 246 }, 247 { BSM_PF_SIP, 248 #ifdef PF_SIP 249 PF_SIP 250 #else 251 PF_NO_LOCAL_MAPPING 252 #endif 253 }, 254 { BSM_PF_PIP, 255 #ifdef PF_PIP 256 PF_PIP 257 #else 258 PF_NO_LOCAL_MAPPING 259 #endif 260 }, 261 { BSM_PF_ISDN, 262 #ifdef PF_ISDN 263 PF_ISDN 264 #else 265 PF_NO_LOCAL_MAPPING 266 #endif 267 }, 268 { BSM_PF_E164, 269 #ifdef PF_E164 270 PF_E164 271 #else 272 PF_NO_LOCAL_MAPPING 273 #endif 274 }, 275 { BSM_PF_NATM, 276 #ifdef PF_NATM 277 PF_NATM 278 #else 279 PF_NO_LOCAL_MAPPING 280 #endif 281 }, 282 { BSM_PF_ATM, 283 #ifdef PF_ATM 284 PF_ATM 285 #else 286 PF_NO_LOCAL_MAPPING 287 #endif 288 }, 289 { BSM_PF_NETGRAPH, 290 #ifdef PF_NETGRAPH 291 PF_NETGRAPH 292 #else 293 PF_NO_LOCAL_MAPPING 294 #endif 295 }, 296 { BSM_PF_SLOW, 297 #ifdef PF_SLOW 298 PF_SLOW 299 #else 300 PF_NO_LOCAL_MAPPING 301 #endif 302 }, 303 { BSM_PF_SCLUSTER, 304 #ifdef PF_SCLUSTER 305 PF_SCLUSTER 306 #else 307 PF_NO_LOCAL_MAPPING 308 #endif 309 }, 310 { BSM_PF_ARP, 311 #ifdef PF_ARP 312 PF_ARP 313 #else 314 PF_NO_LOCAL_MAPPING 315 #endif 316 }, 317 { BSM_PF_BLUETOOTH, 318 #ifdef PF_BLUETOOTH 319 PF_BLUETOOTH 320 #else 321 PF_NO_LOCAL_MAPPING 322 #endif 323 }, 324 { BSM_PF_AX25, 325 #ifdef PF_AX25 326 PF_AX25 327 #else 328 PF_NO_LOCAL_MAPPING 329 #endif 330 }, 331 { BSM_PF_ROSE, 332 #ifdef PF_ROSE 333 PF_ROSE 334 #else 335 PF_NO_LOCAL_MAPPING 336 #endif 337 }, 338 { BSM_PF_NETBEUI, 339 #ifdef PF_NETBEUI 340 PF_NETBEUI 341 #else 342 PF_NO_LOCAL_MAPPING 343 #endif 344 }, 345 { BSM_PF_SECURITY, 346 #ifdef PF_SECURITY 347 PF_SECURITY 348 #else 349 PF_NO_LOCAL_MAPPING 350 #endif 351 }, 352 { BSM_PF_PACKET, 353 #ifdef PF_PACKET 354 PF_PACKET 355 #else 356 PF_NO_LOCAL_MAPPING 357 #endif 358 }, 359 { BSM_PF_ASH, 360 #ifdef PF_ASH 361 PF_ASH 362 #else 363 PF_NO_LOCAL_MAPPING 364 #endif 365 }, 366 { BSM_PF_ECONET, 367 #ifdef PF_ECONET 368 PF_ECONET 369 #else 370 PF_NO_LOCAL_MAPPING 371 #endif 372 }, 373 { BSM_PF_ATMSVC, 374 #ifdef PF_ATMSVC 375 PF_ATMSVC 376 #else 377 PF_NO_LOCAL_MAPPING 378 #endif 379 }, 380 { BSM_PF_IRDA, 381 #ifdef PF_IRDA 382 PF_IRDA 383 #else 384 PF_NO_LOCAL_MAPPING 385 #endif 386 }, 387 { BSM_PF_PPPOX, 388 #ifdef PF_PPPOX 389 PF_PPPOX 390 #else 391 PF_NO_LOCAL_MAPPING 392 #endif 393 }, 394 { BSM_PF_WANPIPE, 395 #ifdef PF_WANPIPE 396 PF_WANPIPE 397 #else 398 PF_NO_LOCAL_MAPPING 399 #endif 400 }, 401 { BSM_PF_LLC, 402 #ifdef PF_LLC 403 PF_LLC 404 #else 405 PF_NO_LOCAL_MAPPING 406 #endif 407 }, 408 { BSM_PF_CAN, 409 #ifdef PF_CAN 410 PF_CAN 411 #else 412 PF_NO_LOCAL_MAPPING 413 #endif 414 }, 415 { BSM_PF_TIPC, 416 #ifdef PF_TIPC 417 PF_TIPC 418 #else 419 PF_NO_LOCAL_MAPPING 420 #endif 421 }, 422 { BSM_PF_IUCV, 423 #ifdef PF_IUCV 424 PF_IUCV 425 #else 426 PF_NO_LOCAL_MAPPING 427 #endif 428 }, 429 { BSM_PF_RXRPC, 430 #ifdef PF_RXRPC 431 PF_RXRPC 432 #else 433 PF_NO_LOCAL_MAPPING 434 #endif 435 }, 436 { BSM_PF_PHONET, 437 #ifdef PF_PHONET 438 PF_PHONET 439 #else 440 PF_NO_LOCAL_MAPPING 441 #endif 442 }, 443 }; 444 static const int bsm_domains_count = sizeof(bsm_domains) / 445 sizeof(bsm_domains[0]); 446 447 static const struct bsm_domain * 448 bsm_lookup_local_domain(int local_domain) 449 { 450 int i; 451 452 for (i = 0; i < bsm_domains_count; i++) { 453 if (bsm_domains[i].bd_local_domain == local_domain) 454 return (&bsm_domains[i]); 455 } 456 return (NULL); 457 } 458 459 u_short 460 au_domain_to_bsm(int local_domain) 461 { 462 const struct bsm_domain *bstp; 463 464 bstp = bsm_lookup_local_domain(local_domain); 465 if (bstp == NULL) 466 return (BSM_PF_UNKNOWN); 467 return (bstp->bd_bsm_domain); 468 } 469 470 static const struct bsm_domain * 471 bsm_lookup_bsm_domain(u_short bsm_domain) 472 { 473 int i; 474 475 for (i = 0; i < bsm_domains_count; i++) { 476 if (bsm_domains[i].bd_bsm_domain == bsm_domain) 477 return (&bsm_domains[i]); 478 } 479 return (NULL); 480 } 481 482 int 483 au_bsm_to_domain(u_short bsm_domain, int *local_domainp) 484 { 485 const struct bsm_domain *bstp; 486 487 bstp = bsm_lookup_bsm_domain(bsm_domain); 488 if (bstp == NULL || bstp->bd_local_domain) 489 return (-1); 490 *local_domainp = bstp->bd_local_domain; 491 return (0); 492 } 493