xref: /illumos-gate/usr/src/uts/common/c2/audit_mem.c (revision dbed73cbda2229fd1aa6dc5743993cae7f0a7ee9) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <sys/param.h>
30 #include <sys/types.h>
31 #include <sys/kmem.h>
32 #include <sys/t_lock.h>
33 #include <sys/thread.h>
34 #include <sys/systm.h>
35 #include <c2/audit.h>
36 #include <c2/audit_kernel.h>
37 #include <c2/audit_record.h>
38 
39 kmem_cache_t *au_pad_cache;
40 
41 static kmem_cache_t *au_buf_cache;
42 
43 /*
44  * au_buff_t and token_t are equivalent (see audit_record.h).  Don't
45  * confuse this token_t with the one that is defined for userspace
46  * in the same header file.
47  */
48 
49 /*
50  * Function: au_get_buff
51  * args:
52  */
53 struct au_buff *
54 au_get_buff(void)
55 {
56 	au_buff_t *buffer;
57 	t_audit_data_t *tad = U2A(u);
58 
59 	ASSERT(tad);
60 
61 	/*
62 	 * If asynchronous (interrupt) thread, then we can't sleep
63 	 * (the tad ERRJMP flag is set at the start of async processing).
64 	 */
65 	if (tad->tad_ctrl & PAD_ERRJMP) {
66 		buffer = kmem_cache_alloc(au_buf_cache, KM_NOSLEEP);
67 		if (buffer == NULL) {
68 			/* return to top of stack & report an error */
69 			ASSERT(tad->tad_errjmp);
70 			longjmp(tad->tad_errjmp);
71 		}
72 	} else {
73 		buffer = kmem_cache_alloc(au_buf_cache, KM_SLEEP);
74 	}
75 	/* Never gets here when buffer == NULL */
76 	bzero(buffer, sizeof (*buffer));
77 	return (buffer);
78 }
79 
80 /*
81  * Function: au_free_rec
82  * args:
83  *	au_buff_t *buf;		start of the record chain
84  */
85 void
86 au_free_rec(au_buff_t *buf)
87 {
88 	au_buff_t *next;
89 	t_audit_data_t *tad = U2A(u);
90 
91 	ASSERT(tad);
92 
93 	/*
94 	 * If asynchronous (interrupt) thread, schedule the release
95 	 * (the tad ERRJMP flag is set at the start of async processing).
96 	 */
97 	if (tad->tad_ctrl & PAD_ERRJMP) {
98 		/* Discard async events via softcall. */
99 		softcall(audit_async_discard_backend, buf);
100 	}
101 
102 	while (buf != NULL) {
103 		next = buf->next_buf;
104 		kmem_cache_free(au_buf_cache, buf);
105 		buf = next;
106 	}
107 }
108 
109 /*
110  * Backend routine to discard an async event. Invoked from softcall.
111  * (Note: the freeing of memory for the event can't be done safely in high
112  * interrupt context due to the chance of sleeping on an adaptive mutex.
113  * Hence the softcall.)
114  */
115 void
116 audit_async_discard_backend(void *addr)
117 {
118 	au_toss_token(addr);
119 }
120 
121 /*
122  * Function: au_append_rec
123  * args:
124  *	au_buff_t *rec;		start of the record chain
125  *	au_buff_t *buf;		buffer to append
126  *	int        pack;	AU_PACK/1 - pack data, AU_LINK/0 - link buffer
127  */
128 int
129 au_append_rec(au_buff_t *rec, au_buff_t *buf, int pack)
130 {
131 	if (!rec)
132 		return (-1);
133 
134 	while (rec->next_buf)
135 		rec = rec->next_buf;
136 	if (((int)(rec->len + buf->len) <= AU_BUFSIZE) && pack) {
137 		bcopy(buf->buf, (char *)(rec->buf + rec->len),
138 		    (uint_t)buf->len);
139 		rec->len += buf->len;
140 		rec->next_buf = buf->next_buf;
141 		kmem_cache_free(au_buf_cache, buf);
142 	} else {
143 		rec->next_buf = buf;
144 	}
145 	return (0);
146 }
147 
148 /*
149  * Function: au_append_buf
150  * args:
151  *	char *data;		data buffer to append
152  *	int len;		size of data to append
153  *	au_buff_t *buf;		buffer to append to
154  */
155 int
156 au_append_buf(const char *data, int len, au_buff_t *buf)
157 {
158 	au_buff_t *new_buf;
159 	int	new_len;
160 
161 	while (buf->next_buf != NULL)
162 		buf = buf->next_buf;
163 
164 	new_len = (uint_t)(buf->len + len) > AU_BUFSIZE ?
165 		AU_BUFSIZE - buf->len : len;
166 	bcopy(data, (buf->buf + buf->len), (uint_t)new_len);
167 	buf->len += (uchar_t)new_len;
168 	len -= new_len;
169 
170 	while (len > 0) {
171 		data += new_len;
172 		if ((new_buf = au_get_buff()) == NULL) {
173 			return (-1);
174 		}
175 		buf->next_buf = new_buf;
176 		buf = new_buf;
177 		new_len = len > AU_BUFSIZE ? AU_BUFSIZE : len;
178 		bcopy(data, buf->buf, (uint_t)new_len);
179 		buf->len = (uchar_t)new_len;
180 		len -= new_len;
181 	}
182 	return (0);
183 }
184 
185 /*ARGSUSED1*/
186 static int
187 au_pad_const(void *vpad, void *priv, int flags)
188 {
189 	p_audit_data_t *pad = vpad;
190 
191 	mutex_init(&pad->pad_lock, NULL, MUTEX_DEFAULT, NULL);
192 
193 	return (0);
194 }
195 
196 /*ARGSUSED1*/
197 static void
198 au_pad_destr(void *vpad, void *priv)
199 {
200 	p_audit_data_t *pad = vpad;
201 
202 	mutex_destroy(&pad->pad_lock);
203 }
204 
205 void
206 au_mem_init()
207 {
208 	au_buf_cache = kmem_cache_create("audit_buffer",
209 		sizeof (au_buff_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
210 
211 	au_pad_cache = kmem_cache_create("audit_proc",
212 		sizeof (p_audit_data_t), 0, au_pad_const, au_pad_destr,
213 		NULL, NULL, NULL, 0);
214 }
215