xref: /freebsd/sys/security/audit/bsm_domain.c (revision cfd6422a5217410fbd66f7a7a8a64d9d85e61229)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2008 Apple Inc.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1.  Redistributions of source code must retain the above copyright
11  *     notice, this list of conditions and the following disclaimer.
12  * 2.  Redistributions in binary form must reproduce the above copyright
13  *     notice, this list of conditions and the following disclaimer in the
14  *     documentation and/or other materials provided with the distribution.
15  * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
16  *     its contributors may be used to endorse or promote products derived
17  *     from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
23  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
27  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
28  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
34 
35 #include <sys/param.h>
36 #include <sys/socket.h>
37 
38 #include <security/audit/audit.h>
39 
40 #include <bsm/audit_domain.h>
41 #include <bsm/audit_record.h>
42 
43 struct bsm_domain {
44 	u_short	bd_bsm_domain;
45 	int	bd_local_domain;
46 };
47 
48 #define	PF_NO_LOCAL_MAPPING	-600
49 
50 static const struct bsm_domain bsm_domains[] = {
51 	{ BSM_PF_UNSPEC, PF_UNSPEC },
52 	{ BSM_PF_LOCAL, PF_LOCAL },
53 	{ BSM_PF_INET, PF_INET },
54 	{ BSM_PF_IMPLINK,
55 #ifdef PF_IMPLINK
56 	PF_IMPLINK
57 #else
58 	PF_NO_LOCAL_MAPPING
59 #endif
60 	},
61 	{ BSM_PF_PUP,
62 #ifdef PF_PUP
63 	PF_PUP
64 #else
65 	PF_NO_LOCAL_MAPPING
66 #endif
67 	},
68 	{ BSM_PF_CHAOS,
69 #ifdef PF_CHAOS
70 	PF_CHAOS
71 #else
72 	PF_NO_LOCAL_MAPPING
73 #endif
74 	},
75 	{ BSM_PF_NS,
76 #ifdef PF_NS
77 	PF_NS
78 #else
79 	PF_NO_LOCAL_MAPPING
80 #endif
81 	},
82 	{ BSM_PF_NBS,
83 #ifdef PF_NBS
84 	PF_NBS
85 #else
86 	PF_NO_LOCAL_MAPPING
87 #endif
88 	},
89 	{ BSM_PF_ECMA,
90 #ifdef PF_ECMA
91 	PF_ECMA
92 #else
93 	PF_NO_LOCAL_MAPPING
94 #endif
95 	},
96 	{ BSM_PF_DATAKIT,
97 #ifdef PF_DATAKIT
98 	PF_DATAKIT
99 #else
100 	PF_NO_LOCAL_MAPPING
101 #endif
102 	},
103 	{ BSM_PF_CCITT,
104 #ifdef PF_CCITT
105 	PF_CCITT
106 #else
107 	PF_NO_LOCAL_MAPPING
108 #endif
109 	},
110 	{ BSM_PF_SNA, PF_SNA },
111 	{ BSM_PF_DECnet, PF_DECnet },
112 	{ BSM_PF_DLI,
113 #ifdef PF_DLI
114 	PF_DLI
115 #else
116 	PF_NO_LOCAL_MAPPING
117 #endif
118 	},
119 	{ BSM_PF_LAT,
120 #ifdef PF_LAT
121 	PF_LAT
122 #else
123 	PF_NO_LOCAL_MAPPING
124 #endif
125 	},
126 	{ BSM_PF_HYLINK,
127 #ifdef PF_HYLINK
128 	PF_HYLINK
129 #else
130 	PF_NO_LOCAL_MAPPING
131 #endif
132 	},
133 	{ BSM_PF_APPLETALK, PF_APPLETALK },
134 	{ BSM_PF_NIT,
135 #ifdef PF_NIT
136 	PF_NIT
137 #else
138 	PF_NO_LOCAL_MAPPING
139 #endif
140 	},
141 	{ BSM_PF_802,
142 #ifdef PF_802
143 	PF_802
144 #else
145 	PF_NO_LOCAL_MAPPING
146 #endif
147 	},
148 	{ BSM_PF_OSI,
149 #ifdef PF_OSI
150 	PF_OSI
151 #else
152 	PF_NO_LOCAL_MAPPING
153 #endif
154 	},
155 	{ BSM_PF_X25,
156 #ifdef PF_X25
157 	PF_X25
158 #else
159 	PF_NO_LOCAL_MAPPING
160 #endif
161 	},
162 	{ BSM_PF_OSINET,
163 #ifdef PF_OSINET
164 	PF_OSINET
165 #else
166 	PF_NO_LOCAL_MAPPING
167 #endif
168 	},
169 	{ BSM_PF_GOSIP,
170 #ifdef PF_GOSIP
171 	PF_GOSIP
172 #else
173 	PF_NO_LOCAL_MAPPING
174 #endif
175 	},
176 	{ BSM_PF_IPX, PF_IPX },
177 	{ BSM_PF_ROUTE, PF_ROUTE },
178 	{ BSM_PF_LINK,
179 #ifdef PF_LINK
180 	PF_LINK
181 #else
182 	PF_NO_LOCAL_MAPPING
183 #endif
184 	},
185 	{ BSM_PF_INET6, PF_INET6 },
186 	{ BSM_PF_KEY, PF_KEY },
187 	{ BSM_PF_NCA,
188 #ifdef PF_NCA
189 	PF_NCA
190 #else
191 	PF_NO_LOCAL_MAPPING
192 #endif
193 	},
194 	{ BSM_PF_POLICY,
195 #ifdef PF_POLICY
196 	PF_POLICY
197 #else
198 	PF_NO_LOCAL_MAPPING
199 #endif
200 	},
201 	{ BSM_PF_INET_OFFLOAD,
202 #ifdef PF_INET_OFFLOAD
203 	PF_INET_OFFLOAD
204 #else
205 	PF_NO_LOCAL_MAPPING
206 #endif
207 	},
208 	{ BSM_PF_NETBIOS,
209 #ifdef PF_NETBIOS
210 	PF_NETBIOS
211 #else
212 	PF_NO_LOCAL_MAPPING
213 #endif
214 	},
215 	{ BSM_PF_ISO,
216 #ifdef PF_ISO
217 	PF_ISO
218 #else
219 	PF_NO_LOCAL_MAPPING
220 #endif
221 	},
222 	{ BSM_PF_XTP,
223 #ifdef PF_XTP
224 	PF_XTP
225 #else
226 	PF_NO_LOCAL_MAPPING
227 #endif
228 	},
229 	{ BSM_PF_COIP,
230 #ifdef PF_COIP
231 	PF_COIP
232 #else
233 	PF_NO_LOCAL_MAPPING
234 #endif
235 	},
236 	{ BSM_PF_CNT,
237 #ifdef PF_CNT
238 	PF_CNT
239 #else
240 	PF_NO_LOCAL_MAPPING
241 #endif
242 	},
243 	{ BSM_PF_RTIP,
244 #ifdef PF_RTIP
245 	PF_RTIP
246 #else
247 	PF_NO_LOCAL_MAPPING
248 #endif
249 	},
250 	{ BSM_PF_SIP,
251 #ifdef PF_SIP
252 	PF_SIP
253 #else
254 	PF_NO_LOCAL_MAPPING
255 #endif
256 	},
257 	{ BSM_PF_PIP,
258 #ifdef PF_PIP
259 	PF_PIP
260 #else
261 	PF_NO_LOCAL_MAPPING
262 #endif
263 	},
264 	{ BSM_PF_ISDN,
265 #ifdef PF_ISDN
266 	PF_ISDN
267 #else
268 	PF_NO_LOCAL_MAPPING
269 #endif
270 	},
271 	{ BSM_PF_E164,
272 #ifdef PF_E164
273 	PF_E164
274 #else
275 	PF_NO_LOCAL_MAPPING
276 #endif
277 	},
278 	{ BSM_PF_NATM,
279 #ifdef PF_NATM
280 	PF_NATM
281 #else
282 	PF_NO_LOCAL_MAPPING
283 #endif
284 	},
285 	{ BSM_PF_ATM,
286 #ifdef PF_ATM
287 	PF_ATM
288 #else
289 	PF_NO_LOCAL_MAPPING
290 #endif
291 	},
292 	{ BSM_PF_NETGRAPH,
293 #ifdef PF_NETGRAPH
294 	PF_NETGRAPH
295 #else
296 	PF_NO_LOCAL_MAPPING
297 #endif
298 	},
299 	{ BSM_PF_SLOW,
300 #ifdef PF_SLOW
301 	PF_SLOW
302 #else
303 	PF_NO_LOCAL_MAPPING
304 #endif
305 	},
306 	{ BSM_PF_SCLUSTER,
307 #ifdef PF_SCLUSTER
308 	PF_SCLUSTER
309 #else
310 	PF_NO_LOCAL_MAPPING
311 #endif
312 	},
313 	{ BSM_PF_ARP,
314 #ifdef PF_ARP
315 	PF_ARP
316 #else
317 	PF_NO_LOCAL_MAPPING
318 #endif
319 	},
320 	{ BSM_PF_BLUETOOTH,
321 #ifdef PF_BLUETOOTH
322 	PF_BLUETOOTH
323 #else
324 	PF_NO_LOCAL_MAPPING
325 #endif
326 	},
327 	{ BSM_PF_AX25,
328 #ifdef PF_AX25
329 	PF_AX25
330 #else
331 	PF_NO_LOCAL_MAPPING
332 #endif
333 	},
334 	{ BSM_PF_ROSE,
335 #ifdef PF_ROSE
336 	PF_ROSE
337 #else
338 	PF_NO_LOCAL_MAPPING
339 #endif
340 	},
341 	{ BSM_PF_NETBEUI,
342 #ifdef PF_NETBEUI
343 	PF_NETBEUI
344 #else
345 	PF_NO_LOCAL_MAPPING
346 #endif
347 	},
348 	{ BSM_PF_SECURITY,
349 #ifdef PF_SECURITY
350 	PF_SECURITY
351 #else
352 	PF_NO_LOCAL_MAPPING
353 #endif
354 	},
355 	{ BSM_PF_PACKET,
356 #ifdef PF_PACKET
357 	PF_PACKET
358 #else
359 	PF_NO_LOCAL_MAPPING
360 #endif
361 	},
362 	{ BSM_PF_ASH,
363 #ifdef PF_ASH
364 	PF_ASH
365 #else
366 	PF_NO_LOCAL_MAPPING
367 #endif
368 	},
369 	{ BSM_PF_ECONET,
370 #ifdef PF_ECONET
371 	PF_ECONET
372 #else
373 	PF_NO_LOCAL_MAPPING
374 #endif
375 	},
376 	{ BSM_PF_ATMSVC,
377 #ifdef PF_ATMSVC
378 	PF_ATMSVC
379 #else
380 	PF_NO_LOCAL_MAPPING
381 #endif
382 	},
383 	{ BSM_PF_IRDA,
384 #ifdef PF_IRDA
385 	PF_IRDA
386 #else
387 	PF_NO_LOCAL_MAPPING
388 #endif
389 	},
390 	{ BSM_PF_PPPOX,
391 #ifdef PF_PPPOX
392 	PF_PPPOX
393 #else
394 	PF_NO_LOCAL_MAPPING
395 #endif
396 	},
397 	{ BSM_PF_WANPIPE,
398 #ifdef PF_WANPIPE
399 	PF_WANPIPE
400 #else
401 	PF_NO_LOCAL_MAPPING
402 #endif
403 	},
404 	{ BSM_PF_LLC,
405 #ifdef PF_LLC
406 	PF_LLC
407 #else
408 	PF_NO_LOCAL_MAPPING
409 #endif
410 	},
411 	{ BSM_PF_CAN,
412 #ifdef PF_CAN
413 	PF_CAN
414 #else
415 	PF_NO_LOCAL_MAPPING
416 #endif
417 	},
418 	{ BSM_PF_TIPC,
419 #ifdef PF_TIPC
420 	PF_TIPC
421 #else
422 	PF_NO_LOCAL_MAPPING
423 #endif
424 	},
425 	{ BSM_PF_IUCV,
426 #ifdef PF_IUCV
427 	PF_IUCV
428 #else
429 	PF_NO_LOCAL_MAPPING
430 #endif
431 	},
432 	{ BSM_PF_RXRPC,
433 #ifdef PF_RXRPC
434 	PF_RXRPC
435 #else
436 	PF_NO_LOCAL_MAPPING
437 #endif
438 	},
439 	{ BSM_PF_PHONET,
440 #ifdef PF_PHONET
441 	PF_PHONET
442 #else
443 	PF_NO_LOCAL_MAPPING
444 #endif
445 	},
446 };
447 static const int bsm_domains_count = sizeof(bsm_domains) /
448 	    sizeof(bsm_domains[0]);
449 
450 static const struct bsm_domain *
451 bsm_lookup_local_domain(int local_domain)
452 {
453 	int i;
454 
455 	for (i = 0; i < bsm_domains_count; i++) {
456 		if (bsm_domains[i].bd_local_domain == local_domain)
457 			return (&bsm_domains[i]);
458 	}
459 	return (NULL);
460 }
461 
462 u_short
463 au_domain_to_bsm(int local_domain)
464 {
465 	const struct bsm_domain *bstp;
466 
467 	bstp = bsm_lookup_local_domain(local_domain);
468 	if (bstp == NULL)
469 		return (BSM_PF_UNKNOWN);
470 	return (bstp->bd_bsm_domain);
471 }
472 
473 static const struct bsm_domain *
474 bsm_lookup_bsm_domain(u_short bsm_domain)
475 {
476 	int i;
477 
478 	for (i = 0; i < bsm_domains_count; i++) {
479 		if (bsm_domains[i].bd_bsm_domain == bsm_domain)
480 			return (&bsm_domains[i]);
481 	}
482 	return (NULL);
483 }
484 
485 int
486 au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
487 {
488 	const struct bsm_domain *bstp;
489 
490 	bstp = bsm_lookup_bsm_domain(bsm_domain);
491 	if (bstp == NULL || bstp->bd_local_domain)
492 		return (-1);
493 	*local_domainp = bstp->bd_local_domain;
494 	return (0);
495 }
496