xref: /illumos-gate/usr/src/uts/common/syscall/auditsys.c (revision 30165b7f6753bc3d48c52319bed7ec7b3ea36b3c)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #include <sys/systm.h>
26 #include <sys/errno.h>
27 #include <sys/policy.h>
28 
29 #include <c2/audit.h>
30 #include <c2/audit_kernel.h>
31 #include <c2/audit_record.h>
32 
33 #define	CLEAR_VAL -1
34 
35 extern kmutex_t pidlock;
36 
37 uint32_t audit_policy; /* global audit policies in force */
38 
39 
40 /*ARGSUSED1*/
41 int
42 auditsys(struct auditcalls *uap, rval_t *rvp)
43 {
44 	int err;
45 	int result = 0;
46 
47 	if (audit_active == C2AUDIT_DISABLED)
48 		return (ENOTSUP);
49 
50 	switch (uap->code) {
51 	case BSM_GETAUID:
52 		result = getauid((caddr_t)uap->a1);
53 		break;
54 	case BSM_SETAUID:
55 		result = setauid((caddr_t)uap->a1);
56 		break;
57 	case BSM_GETAUDIT:
58 		result = getaudit((caddr_t)uap->a1);
59 		break;
60 	case BSM_GETAUDIT_ADDR:
61 		result = getaudit_addr((caddr_t)uap->a1, (int)uap->a2);
62 		break;
63 	case BSM_SETAUDIT:
64 		result = setaudit((caddr_t)uap->a1);
65 		break;
66 	case BSM_SETAUDIT_ADDR:
67 		result = setaudit_addr((caddr_t)uap->a1, (int)uap->a2);
68 		break;
69 	case BSM_AUDITCTL:
70 		result = auditctl((int)uap->a1, (caddr_t)uap->a2, (int)uap->a3);
71 		break;
72 	case BSM_AUDIT:
73 		if (audit_active == C2AUDIT_UNLOADED)
74 			return (0);
75 		result = audit((caddr_t)uap->a1, (int)uap->a2);
76 		break;
77 	case BSM_AUDITDOOR:
78 		if (audit_active == C2AUDIT_LOADED) {
79 			result = auditdoor((int)uap->a1);
80 			break;
81 		}
82 		/* FALLTHROUGH */
83 	default:
84 		if (audit_active == C2AUDIT_LOADED) {
85 			result = EINVAL;
86 			break;
87 		}
88 		/* Return a different error when not privileged */
89 		err = secpolicy_audit_config(CRED());
90 		if (err == 0)
91 			return (EINVAL);
92 		else
93 			return (err);
94 	}
95 	rvp->r_vals = result;
96 	return (result);
97 }
98 
99 /*
100  * Return the audit user ID for the current process.  Currently only
101  * the privileged processes may see the audit id.  That may change.
102  * If copyout is unsucessful return EFAULT.
103  */
104 int
105 getauid(caddr_t auid_p)
106 {
107 	const auditinfo_addr_t	*ainfo;
108 
109 	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
110 		return (EPERM);
111 
112 	ainfo = crgetauinfo(CRED());
113 	if (ainfo == NULL)
114 		return (EINVAL);
115 
116 	if (copyout(&ainfo->ai_auid, auid_p, sizeof (au_id_t)))
117 		return (EFAULT);
118 
119 	return (0);
120 }
121 
122 /*
123  * Set the audit userid, for a process.  This can only be changed by
124  * privileged processes.  The audit userid is inherited across forks & execs.
125  * Passed in is a pointer to the au_id_t; if copyin unsuccessful return EFAULT.
126  */
127 int
128 setauid(caddr_t auid_p)
129 {
130 	proc_t *p;
131 	au_id_t	auid;
132 	cred_t *newcred;
133 	auditinfo_addr_t *auinfo;
134 
135 	if (secpolicy_audit_config(CRED()) != 0)
136 		return (EPERM);
137 
138 	if (copyin(auid_p, &auid, sizeof (au_id_t))) {
139 		return (EFAULT);
140 	}
141 
142 	newcred = cralloc();
143 	if ((auinfo = crgetauinfo_modifiable(newcred)) == NULL) {
144 		crfree(newcred);
145 		return (EINVAL);
146 	}
147 
148 	/* grab p_crlock and switch to new cred */
149 	p = curproc;
150 	mutex_enter(&p->p_crlock);
151 	crcopy_to(p->p_cred, newcred);
152 	p->p_cred = newcred;
153 
154 	auinfo->ai_auid = auid;			/* update the auid */
155 
156 	/* unlock and broadcast the cred changes */
157 	mutex_exit(&p->p_crlock);
158 	crset(p, newcred);
159 
160 	return (0);
161 }
162 
163 /*
164  * Get the audit state information from the current process.
165  * Return EFAULT if copyout fails.
166  */
167 int
168 getaudit(caddr_t info_p)
169 {
170 	STRUCT_DECL(auditinfo, info);
171 	const auditinfo_addr_t	*ainfo;
172 	model_t	model;
173 
174 	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
175 		return (EPERM);
176 
177 	model = get_udatamodel();
178 	STRUCT_INIT(info, model);
179 
180 	ainfo = crgetauinfo(CRED());
181 	if (ainfo == NULL)
182 		return (EINVAL);
183 
184 	/* trying to read a process with an IPv6 address? */
185 	if (ainfo->ai_termid.at_type == AU_IPv6)
186 		return (EOVERFLOW);
187 
188 	STRUCT_FSET(info, ai_auid, ainfo->ai_auid);
189 	STRUCT_FSET(info, ai_mask, ainfo->ai_mask);
190 #ifdef _LP64
191 	if (model == DATAMODEL_ILP32) {
192 		dev32_t dev;
193 		/* convert internal 64 bit form to 32 bit version */
194 		if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
195 			return (EOVERFLOW);
196 		}
197 		STRUCT_FSET(info, ai_termid.port, dev);
198 	} else
199 		STRUCT_FSET(info, ai_termid.port, ainfo->ai_termid.at_port);
200 #else
201 	STRUCT_FSET(info, ai_termid.port, ainfo->ai_termid.at_port);
202 #endif
203 	STRUCT_FSET(info, ai_termid.machine, ainfo->ai_termid.at_addr[0]);
204 	STRUCT_FSET(info, ai_asid, ainfo->ai_asid);
205 
206 	if (copyout(STRUCT_BUF(info), info_p, STRUCT_SIZE(info)))
207 		return (EFAULT);
208 
209 	return (0);
210 }
211 
212 /*
213  * Get the audit state information from the current process.
214  * Return EFAULT if copyout fails.
215  */
216 int
217 getaudit_addr(caddr_t info_p, int len)
218 {
219 	STRUCT_DECL(auditinfo_addr, info);
220 	const auditinfo_addr_t	*ainfo;
221 	model_t	model;
222 
223 	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
224 		return (EPERM);
225 
226 	model = get_udatamodel();
227 	STRUCT_INIT(info, model);
228 
229 	if (len < STRUCT_SIZE(info))
230 		return (EOVERFLOW);
231 
232 	ainfo = crgetauinfo(CRED());
233 
234 	if (ainfo == NULL)
235 		return (EINVAL);
236 
237 	STRUCT_FSET(info, ai_auid, ainfo->ai_auid);
238 	STRUCT_FSET(info, ai_mask, ainfo->ai_mask);
239 #ifdef _LP64
240 	if (model == DATAMODEL_ILP32) {
241 		dev32_t dev;
242 		/* convert internal 64 bit form to 32 bit version */
243 		if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
244 			return (EOVERFLOW);
245 		}
246 		STRUCT_FSET(info, ai_termid.at_port, dev);
247 	} else
248 		STRUCT_FSET(info, ai_termid.at_port, ainfo->ai_termid.at_port);
249 #else
250 	STRUCT_FSET(info, ai_termid.at_port, ainfo->ai_termid.at_port);
251 #endif
252 	STRUCT_FSET(info, ai_termid.at_type, ainfo->ai_termid.at_type);
253 	STRUCT_FSET(info, ai_termid.at_addr[0], ainfo->ai_termid.at_addr[0]);
254 	STRUCT_FSET(info, ai_termid.at_addr[1], ainfo->ai_termid.at_addr[1]);
255 	STRUCT_FSET(info, ai_termid.at_addr[2], ainfo->ai_termid.at_addr[2]);
256 	STRUCT_FSET(info, ai_termid.at_addr[3], ainfo->ai_termid.at_addr[3]);
257 	STRUCT_FSET(info, ai_asid, ainfo->ai_asid);
258 
259 	if (copyout(STRUCT_BUF(info), info_p, STRUCT_SIZE(info)))
260 		return (EFAULT);
261 
262 	return (0);
263 }
264 
265 /*
266  * Set the audit state information for the current process.
267  * Return EFAULT if copyout fails.
268  */
269 int
270 setaudit(caddr_t info_p)
271 {
272 	STRUCT_DECL(auditinfo, info);
273 	proc_t *p;
274 	cred_t	*newcred;
275 	model_t	model;
276 	auditinfo_addr_t *ainfo;
277 
278 	if (secpolicy_audit_config(CRED()) != 0)
279 		return (EPERM);
280 
281 	model = get_udatamodel();
282 	STRUCT_INIT(info, model);
283 
284 	if (copyin(info_p, STRUCT_BUF(info), STRUCT_SIZE(info)))
285 		return (EFAULT);
286 
287 	newcred = cralloc();
288 	if ((ainfo = crgetauinfo_modifiable(newcred)) == NULL) {
289 		crfree(newcred);
290 		return (EINVAL);
291 	}
292 
293 	/* grab p_crlock and switch to new cred */
294 	p = curproc;
295 	mutex_enter(&p->p_crlock);
296 	crcopy_to(p->p_cred, newcred);
297 	p->p_cred = newcred;
298 
299 	/* Set audit mask, id, termid and session id as specified */
300 	ainfo->ai_auid = STRUCT_FGET(info, ai_auid);
301 #ifdef _LP64
302 	/* only convert to 64 bit if coming from a 32 bit binary */
303 	if (model == DATAMODEL_ILP32)
304 		ainfo->ai_termid.at_port =
305 		    DEVEXPL(STRUCT_FGET(info, ai_termid.port));
306 	else
307 		ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.port);
308 #else
309 	ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.port);
310 #endif
311 	ainfo->ai_termid.at_type = AU_IPv4;
312 	ainfo->ai_termid.at_addr[0] = STRUCT_FGET(info, ai_termid.machine);
313 	ainfo->ai_asid = STRUCT_FGET(info, ai_asid);
314 	ainfo->ai_mask = STRUCT_FGET(info, ai_mask);
315 
316 	/* unlock and broadcast the cred changes */
317 	mutex_exit(&p->p_crlock);
318 	crset(p, newcred);
319 
320 	return (0);
321 }
322 
323 /*
324  * Set the audit state information for the current process.
325  * Return EFAULT if copyin fails.
326  */
327 int
328 setaudit_addr(caddr_t info_p, int len)
329 {
330 	STRUCT_DECL(auditinfo_addr, info);
331 	proc_t *p;
332 	cred_t	*newcred;
333 	model_t	model;
334 	int i;
335 	int type;
336 	auditinfo_addr_t *ainfo;
337 
338 	if (secpolicy_audit_config(CRED()) != 0)
339 		return (EPERM);
340 
341 	model = get_udatamodel();
342 	STRUCT_INIT(info, model);
343 
344 	if (len < STRUCT_SIZE(info))
345 		return (EOVERFLOW);
346 
347 	if (copyin(info_p, STRUCT_BUF(info), STRUCT_SIZE(info)))
348 		return (EFAULT);
349 
350 	type = STRUCT_FGET(info, ai_termid.at_type);
351 	if ((type != AU_IPv4) && (type != AU_IPv6))
352 		return (EINVAL);
353 
354 	newcred = cralloc();
355 	if ((ainfo = crgetauinfo_modifiable(newcred)) == NULL) {
356 		crfree(newcred);
357 		return (EINVAL);
358 	}
359 
360 	/* grab p_crlock and switch to new cred */
361 	p = curproc;
362 	mutex_enter(&p->p_crlock);
363 	crcopy_to(p->p_cred, newcred);
364 	p->p_cred = newcred;
365 
366 	/* Set audit mask, id, termid and session id as specified */
367 	ainfo->ai_auid = STRUCT_FGET(info, ai_auid);
368 	ainfo->ai_mask = STRUCT_FGET(info, ai_mask);
369 #ifdef _LP64
370 	/* only convert to 64 bit if coming from a 32 bit binary */
371 	if (model == DATAMODEL_ILP32)
372 		ainfo->ai_termid.at_port =
373 		    DEVEXPL(STRUCT_FGET(info, ai_termid.at_port));
374 	else
375 		ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.at_port);
376 #else
377 	ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.at_port);
378 #endif
379 	ainfo->ai_termid.at_type = type;
380 	bzero(&ainfo->ai_termid.at_addr[0], sizeof (ainfo->ai_termid.at_addr));
381 	for (i = 0; i < (type/sizeof (int)); i++)
382 		ainfo->ai_termid.at_addr[i] =
383 		    STRUCT_FGET(info, ai_termid.at_addr[i]);
384 
385 	if (ainfo->ai_termid.at_type == AU_IPv6 &&
386 	    IN6_IS_ADDR_V4MAPPED(((in6_addr_t *)ainfo->ai_termid.at_addr))) {
387 		ainfo->ai_termid.at_type = AU_IPv4;
388 		ainfo->ai_termid.at_addr[0] = ainfo->ai_termid.at_addr[3];
389 		ainfo->ai_termid.at_addr[1] = 0;
390 		ainfo->ai_termid.at_addr[2] = 0;
391 		ainfo->ai_termid.at_addr[3] = 0;
392 	}
393 
394 	ainfo->ai_asid = STRUCT_FGET(info, ai_asid);
395 
396 	/* unlock and broadcast the cred changes */
397 	mutex_exit(&p->p_crlock);
398 	crset(p, newcred);
399 
400 	return (0);
401 }
402 
403 /*
404  * Get the global policy flag
405  */
406 static int
407 getpolicy(caddr_t data)
408 {
409 	uint32_t	policy;
410 	au_kcontext_t	*kctx = GET_KCTX_PZ;
411 
412 	policy = audit_policy | kctx->auk_policy;
413 
414 	if (copyout(&policy, data, sizeof (policy)))
415 		return (EFAULT);
416 	return (0);
417 }
418 
419 /*
420  * Set the global and local policy flags
421  *
422  * The global flags only make sense from the global zone;
423  * the local flags depend on the AUDIT_PERZONE policy:
424  * if the perzone policy is set, then policy is set separately
425  * per zone, else held only in the global zone.
426  *
427  * The initial value of a local zone's policy flag is determined
428  * by the value of the global zone's flags at the time the
429  * local zone is created.
430  *
431  * While auditconfig(1M) allows setting and unsetting policies one bit
432  * at a time, the mask passed in from auditconfig() is created by a
433  * syscall to getpolicy and then modified based on the auditconfig()
434  * cmd line, so the input policy value is used to replace the existing
435  * policy.
436  */
437 static int
438 setpolicy(caddr_t data)
439 {
440 	uint32_t	policy;
441 	au_kcontext_t	*kctx;
442 
443 	if (copyin(data, &policy, sizeof (policy)))
444 		return (EFAULT);
445 
446 	kctx = GET_KCTX_NGZ;
447 
448 	if (INGLOBALZONE(curproc)) {
449 		if (policy & ~(AUDIT_GLOBAL | AUDIT_LOCAL))
450 			return (EINVAL);
451 
452 		audit_policy = policy & AUDIT_GLOBAL;
453 	} else {
454 		if (!(audit_policy & AUDIT_PERZONE))
455 			return (EINVAL);
456 
457 		if (policy & ~AUDIT_LOCAL)	/* global bits are a no-no */
458 			return (EINVAL);
459 	}
460 	kctx->auk_policy = policy & AUDIT_LOCAL;
461 
462 	/*
463 	 * auk_current_vp is NULL before auditd starts (or during early
464 	 * auditd starup) or if auditd is halted; in either case,
465 	 * notification of a policy change is not needed, since auditd
466 	 * reads policy as it comes up.  The error return from au_doormsg()
467 	 * is ignored to avoid a race condition -- for example if auditd
468 	 * segv's, the audit state may be "auditing" but the door may
469 	 * be closed.  Returning an error if the door is open makes it
470 	 * impossible for Greenline to restart auditd.
471 	 */
472 	if (kctx->auk_current_vp != NULL)
473 		(void) au_doormsg(kctx, AU_DBUF_POLICY, &policy);
474 
475 	/*
476 	 * Wake up anyone who might have blocked on full audit
477 	 * partitions. audit daemons need to set AUDIT_FULL when no
478 	 * space so we can tell if we should start dropping records.
479 	 */
480 	mutex_enter(&(kctx->auk_queue.lock));
481 
482 	if ((policy & (AUDIT_CNT | AUDIT_SCNT) &&
483 	    (kctx->auk_queue.cnt >= kctx->auk_queue.hiwater)))
484 		cv_broadcast(&(kctx->auk_queue.write_cv));
485 
486 	mutex_exit(&(kctx->auk_queue.lock));
487 
488 	return (0);
489 }
490 
491 static int
492 getamask(caddr_t data)
493 {
494 	au_kcontext_t	*kctx;
495 
496 	kctx = GET_KCTX_PZ;
497 
498 	if (copyout(&kctx->auk_info.ai_amask, data, sizeof (au_mask_t)))
499 		return (EFAULT);
500 
501 	return (0);
502 }
503 
504 static int
505 setamask(caddr_t data)
506 {
507 	au_mask_t	mask;
508 	au_kcontext_t	*kctx;
509 
510 	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
511 		return (EINVAL);
512 
513 	kctx = GET_KCTX_NGZ;
514 
515 	if (copyin(data, &mask, sizeof (au_mask_t)))
516 		return (EFAULT);
517 
518 	kctx->auk_info.ai_amask = mask;
519 	return (0);
520 }
521 
522 static int
523 getkmask(caddr_t data)
524 {
525 	au_kcontext_t	*kctx;
526 
527 	kctx = GET_KCTX_PZ;
528 
529 	if (copyout(&kctx->auk_info.ai_namask, data, sizeof (au_mask_t)))
530 		return (EFAULT);
531 	return (0);
532 }
533 
534 static int
535 setkmask(caddr_t data)
536 {
537 	au_mask_t	mask;
538 	au_kcontext_t	*kctx;
539 
540 	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
541 		return (EINVAL);
542 
543 	kctx = GET_KCTX_NGZ;
544 
545 	if (copyin(data, &mask, sizeof (au_mask_t)))
546 		return (EFAULT);
547 
548 	kctx->auk_info.ai_namask = mask;
549 	return (0);
550 }
551 
552 static int
553 getkaudit(caddr_t info_p, int len)
554 {
555 	STRUCT_DECL(auditinfo_addr, info);
556 	model_t model;
557 	au_kcontext_t	*kctx = GET_KCTX_PZ;
558 
559 	model = get_udatamodel();
560 	STRUCT_INIT(info, model);
561 
562 	if (len < STRUCT_SIZE(info))
563 		return (EOVERFLOW);
564 
565 	STRUCT_FSET(info, ai_auid, kctx->auk_info.ai_auid);
566 	STRUCT_FSET(info, ai_mask, kctx->auk_info.ai_namask);
567 #ifdef _LP64
568 	if (model == DATAMODEL_ILP32) {
569 		dev32_t dev;
570 		/* convert internal 64 bit form to 32 bit version */
571 		if (cmpldev(&dev, kctx->auk_info.ai_termid.at_port) == 0) {
572 			return (EOVERFLOW);
573 		}
574 		STRUCT_FSET(info, ai_termid.at_port, dev);
575 	} else {
576 		STRUCT_FSET(info, ai_termid.at_port,
577 		    kctx->auk_info.ai_termid.at_port);
578 	}
579 #else
580 	STRUCT_FSET(info, ai_termid.at_port,
581 	    kctx->auk_info.ai_termid.at_port);
582 #endif
583 	STRUCT_FSET(info, ai_termid.at_type,
584 	    kctx->auk_info.ai_termid.at_type);
585 	STRUCT_FSET(info, ai_termid.at_addr[0],
586 	    kctx->auk_info.ai_termid.at_addr[0]);
587 	STRUCT_FSET(info, ai_termid.at_addr[1],
588 	    kctx->auk_info.ai_termid.at_addr[1]);
589 	STRUCT_FSET(info, ai_termid.at_addr[2],
590 	    kctx->auk_info.ai_termid.at_addr[2]);
591 	STRUCT_FSET(info, ai_termid.at_addr[3],
592 	    kctx->auk_info.ai_termid.at_addr[3]);
593 	STRUCT_FSET(info, ai_asid, kctx->auk_info.ai_asid);
594 
595 	if (copyout(STRUCT_BUF(info), info_p, STRUCT_SIZE(info)))
596 		return (EFAULT);
597 
598 	return (0);
599 }
600 
601 /*
602  * the host address for AUDIT_PERZONE == 0 is that of the global
603  * zone and for local zones it is of the current zone.
604  */
605 static int
606 setkaudit(caddr_t info_p, int len)
607 {
608 	STRUCT_DECL(auditinfo_addr, info);
609 	model_t model;
610 	au_kcontext_t	*kctx;
611 
612 	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
613 		return (EINVAL);
614 
615 	kctx = GET_KCTX_NGZ;
616 
617 	model = get_udatamodel();
618 	STRUCT_INIT(info, model);
619 
620 	if (len < STRUCT_SIZE(info))
621 		return (EOVERFLOW);
622 
623 	if (copyin(info_p, STRUCT_BUF(info), STRUCT_SIZE(info)))
624 		return (EFAULT);
625 
626 	if ((STRUCT_FGET(info, ai_termid.at_type) != AU_IPv4) &&
627 	    (STRUCT_FGET(info, ai_termid.at_type) != AU_IPv6))
628 		return (EINVAL);
629 
630 	/* Set audit mask, termid and session id as specified */
631 	kctx->auk_info.ai_auid = STRUCT_FGET(info, ai_auid);
632 	kctx->auk_info.ai_namask = STRUCT_FGET(info, ai_mask);
633 #ifdef _LP64
634 	/* only convert to 64 bit if coming from a 32 bit binary */
635 	if (model == DATAMODEL_ILP32)
636 		kctx->auk_info.ai_termid.at_port =
637 		    DEVEXPL(STRUCT_FGET(info, ai_termid.at_port));
638 	else
639 		kctx->auk_info.ai_termid.at_port =
640 		    STRUCT_FGET(info, ai_termid.at_port);
641 #else
642 	kctx->auk_info.ai_termid.at_port = STRUCT_FGET(info, ai_termid.at_port);
643 #endif
644 	kctx->auk_info.ai_termid.at_type = STRUCT_FGET(info, ai_termid.at_type);
645 	bzero(&kctx->auk_info.ai_termid.at_addr[0],
646 	    sizeof (kctx->auk_info.ai_termid.at_addr));
647 	kctx->auk_info.ai_termid.at_addr[0] =
648 	    STRUCT_FGET(info, ai_termid.at_addr[0]);
649 	kctx->auk_info.ai_termid.at_addr[1] =
650 	    STRUCT_FGET(info, ai_termid.at_addr[1]);
651 	kctx->auk_info.ai_termid.at_addr[2] =
652 	    STRUCT_FGET(info, ai_termid.at_addr[2]);
653 	kctx->auk_info.ai_termid.at_addr[3] =
654 	    STRUCT_FGET(info, ai_termid.at_addr[3]);
655 	kctx->auk_info.ai_asid = STRUCT_FGET(info, ai_asid);
656 
657 	if (kctx->auk_info.ai_termid.at_type == AU_IPv6 &&
658 	    IN6_IS_ADDR_V4MAPPED(
659 	    ((in6_addr_t *)kctx->auk_info.ai_termid.at_addr))) {
660 		kctx->auk_info.ai_termid.at_type = AU_IPv4;
661 		kctx->auk_info.ai_termid.at_addr[0] =
662 		    kctx->auk_info.ai_termid.at_addr[3];
663 		kctx->auk_info.ai_termid.at_addr[1] = 0;
664 		kctx->auk_info.ai_termid.at_addr[2] = 0;
665 		kctx->auk_info.ai_termid.at_addr[3] = 0;
666 	}
667 	if (kctx->auk_info.ai_termid.at_type == AU_IPv6)
668 		kctx->auk_hostaddr_valid = IN6_IS_ADDR_UNSPECIFIED(
669 		    (in6_addr_t *)kctx->auk_info.ai_termid.at_addr) ? 0 : 1;
670 	else
671 		kctx->auk_hostaddr_valid =
672 		    (kctx->auk_info.ai_termid.at_addr[0] ==
673 		    htonl(INADDR_ANY)) ? 0 : 1;
674 
675 	return (0);
676 }
677 
678 static int
679 getqctrl(caddr_t data)
680 {
681 	au_kcontext_t	*kctx = GET_KCTX_PZ;
682 	STRUCT_DECL(au_qctrl, qctrl);
683 	STRUCT_INIT(qctrl, get_udatamodel());
684 
685 	mutex_enter(&(kctx->auk_queue.lock));
686 	STRUCT_FSET(qctrl, aq_hiwater, kctx->auk_queue.hiwater);
687 	STRUCT_FSET(qctrl, aq_lowater, kctx->auk_queue.lowater);
688 	STRUCT_FSET(qctrl, aq_bufsz, kctx->auk_queue.bufsz);
689 	STRUCT_FSET(qctrl, aq_delay, kctx->auk_queue.delay);
690 	mutex_exit(&(kctx->auk_queue.lock));
691 
692 	if (copyout(STRUCT_BUF(qctrl), data, STRUCT_SIZE(qctrl)))
693 		return (EFAULT);
694 
695 	return (0);
696 }
697 
698 static int
699 setqctrl(caddr_t data)
700 {
701 	au_kcontext_t	*kctx;
702 	struct au_qctrl qctrl_tmp;
703 	STRUCT_DECL(au_qctrl, qctrl);
704 	STRUCT_INIT(qctrl, get_udatamodel());
705 
706 	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
707 		return (EINVAL);
708 	kctx = GET_KCTX_NGZ;
709 
710 	if (copyin(data, STRUCT_BUF(qctrl), STRUCT_SIZE(qctrl)))
711 		return (EFAULT);
712 
713 	qctrl_tmp.aq_hiwater = (size_t)STRUCT_FGET(qctrl, aq_hiwater);
714 	qctrl_tmp.aq_lowater = (size_t)STRUCT_FGET(qctrl, aq_lowater);
715 	qctrl_tmp.aq_bufsz = (size_t)STRUCT_FGET(qctrl, aq_bufsz);
716 	qctrl_tmp.aq_delay = (clock_t)STRUCT_FGET(qctrl, aq_delay);
717 
718 	/* enforce sane values */
719 
720 	if (qctrl_tmp.aq_hiwater <= qctrl_tmp.aq_lowater)
721 		return (EINVAL);
722 
723 	if (qctrl_tmp.aq_hiwater < AQ_LOWATER)
724 		return (EINVAL);
725 
726 	if (qctrl_tmp.aq_hiwater > AQ_MAXHIGH)
727 		return (EINVAL);
728 
729 	if (qctrl_tmp.aq_bufsz < AQ_BUFSZ)
730 		return (EINVAL);
731 
732 	if (qctrl_tmp.aq_bufsz > AQ_MAXBUFSZ)
733 		return (EINVAL);
734 
735 	if (qctrl_tmp.aq_delay == 0)
736 		return (EINVAL);
737 
738 	if (qctrl_tmp.aq_delay > AQ_MAXDELAY)
739 		return (EINVAL);
740 
741 	/* update everything at once so things are consistant */
742 	mutex_enter(&(kctx->auk_queue.lock));
743 	kctx->auk_queue.hiwater = qctrl_tmp.aq_hiwater;
744 	kctx->auk_queue.lowater = qctrl_tmp.aq_lowater;
745 	kctx->auk_queue.bufsz = qctrl_tmp.aq_bufsz;
746 	kctx->auk_queue.delay = qctrl_tmp.aq_delay;
747 
748 	if (kctx->auk_queue.rd_block &&
749 	    kctx->auk_queue.cnt > kctx->auk_queue.lowater)
750 		cv_broadcast(&(kctx->auk_queue.read_cv));
751 
752 	if (kctx->auk_queue.wt_block &&
753 	    kctx->auk_queue.cnt < kctx->auk_queue.hiwater)
754 		cv_broadcast(&(kctx->auk_queue.write_cv));
755 
756 	mutex_exit(&(kctx->auk_queue.lock));
757 
758 	return (0);
759 }
760 
761 static int
762 getcwd(caddr_t data, int length)
763 {
764 	struct p_audit_data	*pad;
765 	struct audit_path	*app;
766 	int	pathlen;
767 
768 	pad = P2A(curproc);
769 	ASSERT(pad != NULL);
770 
771 	mutex_enter(&(pad->pad_lock));
772 	app = pad->pad_cwd;
773 	au_pathhold(app);
774 	mutex_exit(&(pad->pad_lock));
775 
776 	pathlen = app->audp_sect[1] - app->audp_sect[0];
777 	if (pathlen > length) {
778 		au_pathrele(app);
779 		return (E2BIG);
780 	}
781 
782 	if (copyout(app->audp_sect[0], data, pathlen)) {
783 		au_pathrele(app);
784 		return (EFAULT);
785 	}
786 
787 	au_pathrele(app);
788 	return (0);
789 }
790 
791 static int
792 getcar(caddr_t data, int length)
793 {
794 	struct p_audit_data	*pad;
795 	struct audit_path	*app;
796 	int	pathlen;
797 
798 	pad = P2A(curproc);
799 	ASSERT(pad != NULL);
800 
801 	mutex_enter(&(pad->pad_lock));
802 	app = pad->pad_root;
803 	au_pathhold(app);
804 	mutex_exit(&(pad->pad_lock));
805 
806 	pathlen = app->audp_sect[1] - app->audp_sect[0];
807 	if (pathlen > length) {
808 		au_pathrele(app);
809 		return (E2BIG);
810 	}
811 
812 	if (copyout(app->audp_sect[0], data, pathlen)) {
813 		au_pathrele(app);
814 		return (EFAULT);
815 	}
816 
817 	au_pathrele(app);
818 	return (0);
819 }
820 
821 static int
822 getstat(caddr_t data)
823 {
824 	au_kcontext_t	*kctx = GET_KCTX_PZ;
825 
826 	membar_consumer();
827 
828 	if (copyout((caddr_t)&(kctx->auk_statistics), data, sizeof (au_stat_t)))
829 		return (EFAULT);
830 	return (0);
831 }
832 
833 static int
834 setstat(caddr_t data)
835 {
836 	au_kcontext_t *kctx = GET_KCTX_PZ;
837 	au_stat_t au_stat;
838 
839 	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
840 		return (EINVAL);
841 
842 	if (copyin(data, &au_stat, sizeof (au_stat_t)))
843 		return (EFAULT);
844 
845 	if (au_stat.as_generated == CLEAR_VAL)
846 		kctx->auk_statistics.as_generated = 0;
847 	if (au_stat.as_nonattrib == CLEAR_VAL)
848 		kctx->auk_statistics.as_nonattrib = 0;
849 	if (au_stat.as_kernel == CLEAR_VAL)
850 		kctx->auk_statistics.as_kernel = 0;
851 	if (au_stat.as_audit == CLEAR_VAL)
852 		kctx->auk_statistics.as_audit = 0;
853 	if (au_stat.as_auditctl == CLEAR_VAL)
854 		kctx->auk_statistics.as_auditctl = 0;
855 	if (au_stat.as_enqueue == CLEAR_VAL)
856 		kctx->auk_statistics.as_enqueue = 0;
857 	if (au_stat.as_written == CLEAR_VAL)
858 		kctx->auk_statistics.as_written = 0;
859 	if (au_stat.as_wblocked == CLEAR_VAL)
860 		kctx->auk_statistics.as_wblocked = 0;
861 	if (au_stat.as_rblocked == CLEAR_VAL)
862 		kctx->auk_statistics.as_rblocked = 0;
863 	if (au_stat.as_dropped == CLEAR_VAL)
864 		kctx->auk_statistics.as_dropped = 0;
865 	if (au_stat.as_totalsize == CLEAR_VAL)
866 		kctx->auk_statistics.as_totalsize = 0;
867 
868 	membar_producer();
869 
870 	return (0);
871 
872 }
873 
874 static int
875 setumask(caddr_t data)
876 {
877 	STRUCT_DECL(auditinfo, user_info);
878 	struct proc *p;
879 	const auditinfo_addr_t	*ainfo;
880 	model_t	model;
881 
882 	/* setumask not applicable in non-global zones without perzone policy */
883 	if (!(audit_policy & AUDIT_PERZONE) && (!INGLOBALZONE(curproc)))
884 		return (EINVAL);
885 
886 	model = get_udatamodel();
887 	STRUCT_INIT(user_info, model);
888 
889 	if (copyin(data, STRUCT_BUF(user_info), STRUCT_SIZE(user_info)))
890 		return (EFAULT);
891 
892 	mutex_enter(&pidlock);	/* lock the process queue against updates */
893 	for (p = practive; p != NULL; p = p->p_next) {
894 		cred_t	*cr;
895 
896 		/* if in non-global zone only modify processes in same zone */
897 		if (!HASZONEACCESS(curproc, p->p_zone->zone_id))
898 			continue;
899 
900 		mutex_enter(&p->p_lock);	/* so process doesn't go away */
901 
902 		/* skip system processes and ones being created or going away */
903 		if (p->p_stat == SIDL || p->p_stat == SZOMB ||
904 		    (p->p_flag & (SSYS | SEXITING | SEXITLWPS))) {
905 			mutex_exit(&p->p_lock);
906 			continue;
907 		}
908 
909 		mutex_enter(&p->p_crlock);
910 		crhold(cr = p->p_cred);
911 		mutex_exit(&p->p_crlock);
912 		ainfo = crgetauinfo(cr);
913 		if (ainfo == NULL) {
914 			mutex_exit(&p->p_lock);
915 			crfree(cr);
916 			continue;
917 		}
918 
919 		if (ainfo->ai_auid == STRUCT_FGET(user_info, ai_auid)) {
920 			au_mask_t	mask;
921 			int		err;
922 
923 			/*
924 			 * Here's a process which matches the specified auid.
925 			 * If its mask doesn't already match the new mask,
926 			 * save the new mask in the pad, to be picked up
927 			 * next syscall.
928 			 */
929 			mask = STRUCT_FGET(user_info, ai_mask);
930 			err = bcmp(&mask, &ainfo->ai_mask, sizeof (au_mask_t));
931 			crfree(cr);
932 			if (err != 0) {
933 				struct p_audit_data *pad = P2A(p);
934 				ASSERT(pad != NULL);
935 
936 				mutex_enter(&(pad->pad_lock));
937 				pad->pad_flags |= PAD_SETMASK;
938 				pad->pad_newmask = mask;
939 				mutex_exit(&(pad->pad_lock));
940 
941 				/*
942 				 * No need to call set_proc_pre_sys(), since
943 				 * t_pre_sys is ALWAYS on when audit is
944 				 * enabled...due to syscall auditing.
945 				 */
946 			}
947 		} else {
948 			crfree(cr);
949 		}
950 		mutex_exit(&p->p_lock);
951 	}
952 	mutex_exit(&pidlock);
953 
954 	return (0);
955 }
956 
957 static int
958 setsmask(caddr_t data)
959 {
960 	STRUCT_DECL(auditinfo, user_info);
961 	struct proc *p;
962 	const auditinfo_addr_t	*ainfo;
963 	model_t	model;
964 
965 	/* setsmask not applicable in non-global zones without perzone policy */
966 	if (!(audit_policy & AUDIT_PERZONE) && (!INGLOBALZONE(curproc)))
967 		return (EINVAL);
968 
969 	model = get_udatamodel();
970 	STRUCT_INIT(user_info, model);
971 
972 	if (copyin(data, STRUCT_BUF(user_info), STRUCT_SIZE(user_info)))
973 		return (EFAULT);
974 
975 	mutex_enter(&pidlock);	/* lock the process queue against updates */
976 	for (p = practive; p != NULL; p = p->p_next) {
977 		cred_t	*cr;
978 
979 		/* if in non-global zone only modify processes in same zone */
980 		if (!HASZONEACCESS(curproc, p->p_zone->zone_id))
981 			continue;
982 
983 		mutex_enter(&p->p_lock);	/* so process doesn't go away */
984 
985 		/* skip system processes and ones being created or going away */
986 		if (p->p_stat == SIDL || p->p_stat == SZOMB ||
987 		    (p->p_flag & (SSYS | SEXITING | SEXITLWPS))) {
988 			mutex_exit(&p->p_lock);
989 			continue;
990 		}
991 
992 		mutex_enter(&p->p_crlock);
993 		crhold(cr = p->p_cred);
994 		mutex_exit(&p->p_crlock);
995 		ainfo = crgetauinfo(cr);
996 		if (ainfo == NULL) {
997 			mutex_exit(&p->p_lock);
998 			crfree(cr);
999 			continue;
1000 		}
1001 
1002 		if (ainfo->ai_asid == STRUCT_FGET(user_info, ai_asid)) {
1003 			au_mask_t	mask;
1004 			int		err;
1005 
1006 			/*
1007 			 * Here's a process which matches the specified asid.
1008 			 * If its mask doesn't already match the new mask,
1009 			 * save the new mask in the pad, to be picked up
1010 			 * next syscall.
1011 			 */
1012 			mask = STRUCT_FGET(user_info, ai_mask);
1013 			err = bcmp(&mask, &ainfo->ai_mask, sizeof (au_mask_t));
1014 			crfree(cr);
1015 			if (err != 0) {
1016 				struct p_audit_data *pad = P2A(p);
1017 				ASSERT(pad != NULL);
1018 
1019 				mutex_enter(&(pad->pad_lock));
1020 				pad->pad_flags |= PAD_SETMASK;
1021 				pad->pad_newmask = mask;
1022 				mutex_exit(&(pad->pad_lock));
1023 
1024 				/*
1025 				 * No need to call set_proc_pre_sys(), since
1026 				 * t_pre_sys is ALWAYS on when audit is
1027 				 * enabled...due to syscall auditing.
1028 				 */
1029 			}
1030 		} else {
1031 			crfree(cr);
1032 		}
1033 		mutex_exit(&p->p_lock);
1034 	}
1035 	mutex_exit(&pidlock);
1036 
1037 	return (0);
1038 }
1039 
1040 /*
1041  * Get the current audit state of the system
1042  */
1043 static int
1044 getcond(caddr_t data)
1045 {
1046 	au_kcontext_t *kctx = GET_KCTX_PZ;
1047 
1048 	if (copyout(&(kctx->auk_auditstate), data, sizeof (int)))
1049 		return (EFAULT);
1050 
1051 	return (0);
1052 }
1053 
1054 /*
1055  * Set the current audit state of the system to on (AUC_AUDITING) or
1056  * off (AUC_NOAUDIT).
1057  */
1058 /* ARGSUSED */
1059 static int
1060 setcond(caddr_t data)
1061 {
1062 	int auditstate;
1063 	au_kcontext_t *kctx;
1064 
1065 	if (!(audit_policy & AUDIT_PERZONE) && (!INGLOBALZONE(curproc)))
1066 		return (EINVAL);
1067 
1068 	kctx = GET_KCTX_NGZ;
1069 
1070 	if (copyin(data, &auditstate, sizeof (int)))
1071 		return (EFAULT);
1072 
1073 	switch (auditstate) {
1074 	case AUC_AUDITING:		/* Turn auditing on */
1075 		if (audit_active == C2AUDIT_UNLOADED)
1076 			audit_init_module();
1077 		kctx->auk_auditstate = AUC_AUDITING;
1078 		if (!(audit_policy & AUDIT_PERZONE) && INGLOBALZONE(curproc))
1079 			set_all_zone_usr_proc_sys(ALL_ZONES);
1080 		else
1081 			set_all_zone_usr_proc_sys(curproc->p_zone->zone_id);
1082 		break;
1083 
1084 	case AUC_NOAUDIT:		/* Turn auditing off */
1085 		if (kctx->auk_auditstate == AUC_NOAUDIT)
1086 			break;
1087 		kctx->auk_auditstate = AUC_NOAUDIT;
1088 
1089 		/* clear out the audit queue */
1090 
1091 		mutex_enter(&(kctx->auk_queue.lock));
1092 		if (kctx->auk_queue.wt_block)
1093 			cv_broadcast(&(kctx->auk_queue.write_cv));
1094 
1095 		/* unblock au_output_thread */
1096 		cv_broadcast(&(kctx->auk_queue.read_cv));
1097 
1098 		mutex_exit(&(kctx->auk_queue.lock));
1099 		break;
1100 
1101 	default:
1102 		return (EINVAL);
1103 	}
1104 
1105 	return (0);
1106 }
1107 
1108 static int
1109 getclass(caddr_t data)
1110 {
1111 	au_evclass_map_t event;
1112 	au_kcontext_t	*kctx = GET_KCTX_PZ;
1113 
1114 	if (copyin(data, &event, sizeof (au_evclass_map_t)))
1115 		return (EFAULT);
1116 
1117 	if (event.ec_number > MAX_KEVENTS)
1118 		return (EINVAL);
1119 
1120 	event.ec_class = kctx->auk_ets[event.ec_number];
1121 
1122 	if (copyout(&event, data, sizeof (au_evclass_map_t)))
1123 		return (EFAULT);
1124 
1125 	return (0);
1126 }
1127 
1128 static int
1129 setclass(caddr_t data)
1130 {
1131 	au_evclass_map_t event;
1132 	au_kcontext_t	*kctx;
1133 
1134 	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
1135 		return (EINVAL);
1136 
1137 	kctx = GET_KCTX_NGZ;
1138 
1139 	if (copyin(data, &event, sizeof (au_evclass_map_t)))
1140 		return (EFAULT);
1141 
1142 	if (event.ec_number > MAX_KEVENTS)
1143 		return (EINVAL);
1144 
1145 	kctx->auk_ets[event.ec_number] = event.ec_class;
1146 
1147 	return (0);
1148 }
1149 
1150 static int
1151 getpinfo(caddr_t data)
1152 {
1153 	STRUCT_DECL(auditpinfo, apinfo);
1154 	proc_t *proc;
1155 	const auditinfo_addr_t	*ainfo;
1156 	model_t	model;
1157 	cred_t	*cr, *newcred;
1158 
1159 	model = get_udatamodel();
1160 	STRUCT_INIT(apinfo, model);
1161 
1162 	if (copyin(data, STRUCT_BUF(apinfo), STRUCT_SIZE(apinfo)))
1163 		return (EFAULT);
1164 
1165 	newcred = cralloc();
1166 
1167 	mutex_enter(&pidlock);
1168 	if ((proc = prfind(STRUCT_FGET(apinfo, ap_pid))) == NULL) {
1169 		mutex_exit(&pidlock);
1170 		crfree(newcred);
1171 		return (ESRCH);		/* no such process */
1172 	}
1173 	mutex_enter(&proc->p_lock);	/* so process doesn't go away */
1174 	mutex_exit(&pidlock);
1175 
1176 	audit_update_context(proc, newcred);	/* make sure it's up-to-date */
1177 
1178 	mutex_enter(&proc->p_crlock);
1179 	crhold(cr = proc->p_cred);
1180 	mutex_exit(&proc->p_crlock);
1181 	mutex_exit(&proc->p_lock);
1182 
1183 	ainfo = crgetauinfo(cr);
1184 	if (ainfo == NULL) {
1185 		crfree(cr);
1186 		return (EINVAL);
1187 	}
1188 
1189 	/* designated process has an ipv6 address? */
1190 	if (ainfo->ai_termid.at_type == AU_IPv6) {
1191 		crfree(cr);
1192 		return (EOVERFLOW);
1193 	}
1194 
1195 	STRUCT_FSET(apinfo, ap_auid, ainfo->ai_auid);
1196 	STRUCT_FSET(apinfo, ap_asid, ainfo->ai_asid);
1197 #ifdef _LP64
1198 	if (model == DATAMODEL_ILP32) {
1199 		dev32_t dev;
1200 		/* convert internal 64 bit form to 32 bit version */
1201 		if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
1202 			crfree(cr);
1203 			return (EOVERFLOW);
1204 		}
1205 		STRUCT_FSET(apinfo, ap_termid.port, dev);
1206 	} else
1207 		STRUCT_FSET(apinfo, ap_termid.port, ainfo->ai_termid.at_port);
1208 #else
1209 	STRUCT_FSET(apinfo, ap_termid.port, ainfo->ai_termid.at_port);
1210 #endif
1211 	STRUCT_FSET(apinfo, ap_termid.machine, ainfo->ai_termid.at_addr[0]);
1212 	STRUCT_FSET(apinfo, ap_mask, ainfo->ai_mask);
1213 
1214 	crfree(cr);
1215 
1216 	if (copyout(STRUCT_BUF(apinfo), data, STRUCT_SIZE(apinfo)))
1217 		return (EFAULT);
1218 
1219 	return (0);
1220 }
1221 
1222 static int
1223 getpinfo_addr(caddr_t data, int len)
1224 {
1225 	STRUCT_DECL(auditpinfo_addr, apinfo);
1226 	proc_t *proc;
1227 	const auditinfo_addr_t	*ainfo;
1228 	model_t	model;
1229 	cred_t	*cr, *newcred;
1230 
1231 	model = get_udatamodel();
1232 	STRUCT_INIT(apinfo, model);
1233 
1234 	if (len < STRUCT_SIZE(apinfo))
1235 		return (EOVERFLOW);
1236 
1237 	if (copyin(data, STRUCT_BUF(apinfo), STRUCT_SIZE(apinfo)))
1238 		return (EFAULT);
1239 
1240 	newcred = cralloc();
1241 
1242 	mutex_enter(&pidlock);
1243 	if ((proc = prfind(STRUCT_FGET(apinfo, ap_pid))) == NULL) {
1244 		mutex_exit(&pidlock);
1245 		crfree(newcred);
1246 		return (ESRCH);
1247 	}
1248 	mutex_enter(&proc->p_lock);	/* so process doesn't go away */
1249 	mutex_exit(&pidlock);
1250 
1251 	audit_update_context(proc, newcred);	/* make sure it's up-to-date */
1252 
1253 	mutex_enter(&proc->p_crlock);
1254 	crhold(cr = proc->p_cred);
1255 	mutex_exit(&proc->p_crlock);
1256 	mutex_exit(&proc->p_lock);
1257 
1258 	ainfo = crgetauinfo(cr);
1259 	if (ainfo == NULL) {
1260 		crfree(cr);
1261 		return (EINVAL);
1262 	}
1263 
1264 	STRUCT_FSET(apinfo, ap_auid, ainfo->ai_auid);
1265 	STRUCT_FSET(apinfo, ap_asid, ainfo->ai_asid);
1266 #ifdef _LP64
1267 	if (model == DATAMODEL_ILP32) {
1268 		dev32_t dev;
1269 		/* convert internal 64 bit form to 32 bit version */
1270 		if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
1271 			crfree(cr);
1272 			return (EOVERFLOW);
1273 		}
1274 		STRUCT_FSET(apinfo, ap_termid.at_port, dev);
1275 	} else
1276 		STRUCT_FSET(apinfo, ap_termid.at_port,
1277 		    ainfo->ai_termid.at_port);
1278 #else
1279 	STRUCT_FSET(apinfo, ap_termid.at_port, ainfo->ai_termid.at_port);
1280 #endif
1281 	STRUCT_FSET(apinfo, ap_termid.at_type, ainfo->ai_termid.at_type);
1282 	STRUCT_FSET(apinfo, ap_termid.at_addr[0], ainfo->ai_termid.at_addr[0]);
1283 	STRUCT_FSET(apinfo, ap_termid.at_addr[1], ainfo->ai_termid.at_addr[1]);
1284 	STRUCT_FSET(apinfo, ap_termid.at_addr[2], ainfo->ai_termid.at_addr[2]);
1285 	STRUCT_FSET(apinfo, ap_termid.at_addr[3], ainfo->ai_termid.at_addr[3]);
1286 	STRUCT_FSET(apinfo, ap_mask, ainfo->ai_mask);
1287 
1288 	crfree(cr);
1289 
1290 	if (copyout(STRUCT_BUF(apinfo), data, STRUCT_SIZE(apinfo)))
1291 		return (EFAULT);
1292 
1293 	return (0);
1294 }
1295 
1296 static int
1297 setpmask(caddr_t data)
1298 {
1299 	STRUCT_DECL(auditpinfo, apinfo);
1300 	proc_t *proc;
1301 	cred_t	*newcred;
1302 	auditinfo_addr_t	*ainfo;
1303 	struct p_audit_data	*pad;
1304 
1305 	model_t	model;
1306 
1307 	model = get_udatamodel();
1308 	STRUCT_INIT(apinfo, model);
1309 
1310 	if (copyin(data, STRUCT_BUF(apinfo), STRUCT_SIZE(apinfo)))
1311 		return (EFAULT);
1312 
1313 	mutex_enter(&pidlock);
1314 	if ((proc = prfind(STRUCT_FGET(apinfo, ap_pid))) == NULL) {
1315 		mutex_exit(&pidlock);
1316 		return (ESRCH);
1317 	}
1318 	mutex_enter(&proc->p_lock);	/* so process doesn't go away */
1319 	mutex_exit(&pidlock);
1320 
1321 	newcred = cralloc();
1322 	if ((ainfo = crgetauinfo_modifiable(newcred)) == NULL) {
1323 		mutex_exit(&proc->p_lock);
1324 		crfree(newcred);
1325 		return (EINVAL);
1326 	}
1327 
1328 	mutex_enter(&proc->p_crlock);
1329 	crcopy_to(proc->p_cred, newcred);
1330 	proc->p_cred = newcred;
1331 
1332 	ainfo->ai_mask = STRUCT_FGET(apinfo, ap_mask);
1333 
1334 	/*
1335 	 * Unlock. No need to broadcast changes via set_proc_pre_sys(),
1336 	 * since t_pre_sys is ALWAYS on when audit is enabled... due to
1337 	 * syscall auditing.
1338 	 */
1339 	crfree(newcred);
1340 	mutex_exit(&proc->p_crlock);
1341 
1342 	/* Reset flag for any previous pending mask change; this supercedes */
1343 	pad = P2A(proc);
1344 	ASSERT(pad != NULL);
1345 	mutex_enter(&(pad->pad_lock));
1346 	pad->pad_flags &= ~PAD_SETMASK;
1347 	mutex_exit(&(pad->pad_lock));
1348 
1349 	mutex_exit(&proc->p_lock);
1350 
1351 	return (0);
1352 }
1353 
1354 /*
1355  * The out of control system call
1356  * This is audit kitchen sink aka auditadm, aka auditon
1357  */
1358 int
1359 auditctl(
1360 	int	cmd,
1361 	caddr_t data,
1362 	int	length)
1363 {
1364 	int result;
1365 
1366 	switch (cmd) {
1367 	case A_GETAMASK:
1368 	case A_GETCOND:
1369 	case A_GETCAR:
1370 	case A_GETCLASS:
1371 	case A_GETCWD:
1372 	case A_GETKAUDIT:
1373 	case A_GETKMASK:
1374 	case A_GETPINFO:
1375 	case A_GETPINFO_ADDR:
1376 	case A_GETPOLICY:
1377 	case A_GETQCTRL:
1378 	case A_GETSTAT:
1379 		if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
1380 			return (EPERM);
1381 		break;
1382 	default:
1383 		if (secpolicy_audit_config(CRED()) != 0)
1384 			return (EPERM);
1385 		break;
1386 	}
1387 
1388 	switch (cmd) {
1389 	case A_GETPOLICY:
1390 		result = getpolicy(data);
1391 		break;
1392 	case A_SETPOLICY:
1393 		result = setpolicy(data);
1394 		break;
1395 	case A_GETAMASK:
1396 		result = getamask(data);
1397 		break;
1398 	case A_SETAMASK:
1399 		result = setamask(data);
1400 		break;
1401 	case A_GETKMASK:
1402 		result = getkmask(data);
1403 		break;
1404 	case A_SETKMASK:
1405 		result = setkmask(data);
1406 		break;
1407 	case A_GETKAUDIT:
1408 		result = getkaudit(data, length);
1409 		break;
1410 	case A_SETKAUDIT:
1411 		result = setkaudit(data, length);
1412 		break;
1413 	case A_GETQCTRL:
1414 		result = getqctrl(data);
1415 		break;
1416 	case A_SETQCTRL:
1417 		result = setqctrl(data);
1418 		break;
1419 	case A_GETCWD:
1420 		result = getcwd(data, length);
1421 		break;
1422 	case A_GETCAR:
1423 		result = getcar(data, length);
1424 		break;
1425 	case A_GETSTAT:
1426 		result = getstat(data);
1427 		break;
1428 	case A_SETSTAT:
1429 		result = setstat(data);
1430 		break;
1431 	case A_SETUMASK:
1432 		result = setumask(data);
1433 		break;
1434 	case A_SETSMASK:
1435 		result = setsmask(data);
1436 		break;
1437 	case A_GETCOND:
1438 		result = getcond(data);
1439 		break;
1440 	case A_SETCOND:
1441 		result = setcond(data);
1442 		break;
1443 	case A_GETCLASS:
1444 		result = getclass(data);
1445 		break;
1446 	case A_SETCLASS:
1447 		result = setclass(data);
1448 		break;
1449 	case A_GETPINFO:
1450 		result = getpinfo(data);
1451 		break;
1452 	case A_GETPINFO_ADDR:
1453 		result = getpinfo_addr(data, length);
1454 		break;
1455 	case A_SETPMASK:
1456 		result = setpmask(data);
1457 		break;
1458 	default:
1459 		result = EINVAL;
1460 		break;
1461 	}
1462 	return (result);
1463 }
1464