xref: /titanic_41/usr/src/lib/libbsm/common/audit_scf.h (revision 6a634c9dca3093f3922e4b7ab826d7bdf17bf78e) 
1*f8994074SJan Friedel /*
2*f8994074SJan Friedel  * CDDL HEADER START
3*f8994074SJan Friedel  *
4*f8994074SJan Friedel  * The contents of this file are subject to the terms of the
5*f8994074SJan Friedel  * Common Development and Distribution License (the "License").
6*f8994074SJan Friedel  * You may not use this file except in compliance with the License.
7*f8994074SJan Friedel  *
8*f8994074SJan Friedel  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*f8994074SJan Friedel  * or http://www.opensolaris.org/os/licensing.
10*f8994074SJan Friedel  * See the License for the specific language governing permissions
11*f8994074SJan Friedel  * and limitations under the License.
12*f8994074SJan Friedel  *
13*f8994074SJan Friedel  * When distributing Covered Code, include this CDDL HEADER in each
14*f8994074SJan Friedel  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*f8994074SJan Friedel  * If applicable, add the following below this CDDL HEADER, with the
16*f8994074SJan Friedel  * fields enclosed by brackets "[]" replaced with your own identifying
17*f8994074SJan Friedel  * information: Portions Copyright [yyyy] [name of copyright owner]
18*f8994074SJan Friedel  *
19*f8994074SJan Friedel  * CDDL HEADER END
20*f8994074SJan Friedel  */
21*f8994074SJan Friedel /*
22*f8994074SJan Friedel  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
23*f8994074SJan Friedel  */
24*f8994074SJan Friedel 
25*f8994074SJan Friedel #ifndef _AUDIT_SCF_H
26*f8994074SJan Friedel #define	_AUDIT_SCF_H
27*f8994074SJan Friedel 
28*f8994074SJan Friedel #ifdef	__cplusplus
29*f8994074SJan Friedel extern "C" {
30*f8994074SJan Friedel #endif
31*f8994074SJan Friedel 
32*f8994074SJan Friedel /*
33*f8994074SJan Friedel  * auditd smf(5)/libscf(3LIB) interface - set and display audit parameters
34*f8994074SJan Friedel  */
35*f8994074SJan Friedel 
36*f8994074SJan Friedel #include <audit_plugin.h>
37*f8994074SJan Friedel #include <bsm/libbsm.h>
38*f8994074SJan Friedel #include <ctype.h>
39*f8994074SJan Friedel #include <libintl.h>
40*f8994074SJan Friedel #include <libscf_priv.h>
41*f8994074SJan Friedel #include <stdlib.h>
42*f8994074SJan Friedel #include <strings.h>
43*f8994074SJan Friedel #include <sys/varargs.h>
44*f8994074SJan Friedel #include <ucontext.h>
45*f8994074SJan Friedel #include <zone.h>
46*f8994074SJan Friedel 
47*f8994074SJan Friedel /* gettext() obfuscation routine for lint */
48*f8994074SJan Friedel #ifdef __lint
49*f8994074SJan Friedel #define	gettext(x)	x
50*f8994074SJan Friedel #endif
51*f8994074SJan Friedel 
52*f8994074SJan Friedel #ifndef DEBUG
53*f8994074SJan Friedel #define	DEBUG	0
54*f8994074SJan Friedel #endif
55*f8994074SJan Friedel 
56*f8994074SJan Friedel #if DEBUG
57*f8994074SJan Friedel FILE	*dbfp;		  /* debug file pointer */
58*f8994074SJan Friedel #define	DPRINT(x)	{ if (dbfp == NULL) dbfp = __auditd_debug_file_open(); \
59*f8994074SJan Friedel 			    (void) fprintf x; (void) fflush(dbfp); }
60*f8994074SJan Friedel #else	/* ! DEBUG */
61*f8994074SJan Friedel #define	DPRINT(x)
62*f8994074SJan Friedel #endif
63*f8994074SJan Friedel 
64*f8994074SJan Friedel /* Audit subsystem service instances */
65*f8994074SJan Friedel #define	AUDITD_FMRI	"svc:/system/auditd:default"
66*f8994074SJan Friedel #define	AUDITSET_FMRI	"svc:/system/auditset:default"
67*f8994074SJan Friedel 
68*f8994074SJan Friedel /* (ASI) Audit service instance SCF handles - libscf(3LIB) */
69*f8994074SJan Friedel struct asi_scfhandle {
70*f8994074SJan Friedel 	scf_handle_t		*hndl;	/* base scf handle */
71*f8994074SJan Friedel 	scf_instance_t		*inst;	/* service instance handle */
72*f8994074SJan Friedel 	scf_propertygroup_t	*pgrp;	/* property group handle */
73*f8994074SJan Friedel 	scf_property_t		*prop;	/* property handle */
74*f8994074SJan Friedel };
75*f8994074SJan Friedel typedef	struct asi_scfhandle asi_scfhandle_t;
76*f8994074SJan Friedel 
77*f8994074SJan Friedel struct asi_scfhandle_iter {
78*f8994074SJan Friedel 	scf_iter_t	*pgrp;		/* property group iter handle */
79*f8994074SJan Friedel 	scf_iter_t	*prop;		/* property iter handle */
80*f8994074SJan Friedel 	scf_value_t	*prop_val;	/* property value */
81*f8994074SJan Friedel };
82*f8994074SJan Friedel typedef struct asi_scfhandle_iter asi_scfhandle_iter_t;
83*f8994074SJan Friedel 
84*f8994074SJan Friedel /*
85*f8994074SJan Friedel  * (ASI) Audit service instance (svc:/system/auditd:default) related
86*f8994074SJan Friedel  * configuration parameters.
87*f8994074SJan Friedel  */
88*f8994074SJan Friedel #define	ASI_PGROUP_POLICY	"policy"
89*f8994074SJan Friedel struct policy_sw {
90*f8994074SJan Friedel 	char		*policy;
91*f8994074SJan Friedel 	boolean_t	flag;
92*f8994074SJan Friedel };
93*f8994074SJan Friedel typedef struct policy_sw policy_sw_t;
94*f8994074SJan Friedel 
95*f8994074SJan Friedel #define	ASI_PGROUP_QUEUECTRL	"queuectrl"
96*f8994074SJan Friedel #define	QUEUECTRL_QBUFSZ	"qbufsz"
97*f8994074SJan Friedel #define	QUEUECTRL_QDELAY	"qdelay"
98*f8994074SJan Friedel #define	QUEUECTRL_QHIWATER	"qhiwater"
99*f8994074SJan Friedel #define	QUEUECTRL_QLOWATER	"qlowater"
100*f8994074SJan Friedel struct scf_qctrl {
101*f8994074SJan Friedel 	uint64_t	scf_qhiwater;
102*f8994074SJan Friedel 	uint64_t	scf_qlowater;
103*f8994074SJan Friedel 	uint64_t	scf_qbufsz;
104*f8994074SJan Friedel 	uint64_t	scf_qdelay;
105*f8994074SJan Friedel };
106*f8994074SJan Friedel typedef struct scf_qctrl scf_qctrl_t;
107*f8994074SJan Friedel 
108*f8994074SJan Friedel #define	ASI_PGROUP_PRESELECTION	"preselection"
109*f8994074SJan Friedel #define	PRESELECTION_FLAGS	"flags"
110*f8994074SJan Friedel #define	PRESELECTION_NAFLAGS	"naflags"
111*f8994074SJan Friedel #define	PRESELECTION_MAXBUF	256		/* max. length of na/flags */
112*f8994074SJan Friedel 
113*f8994074SJan Friedel /* auditd(1M) plugin related well known properties */
114*f8994074SJan Friedel #define	PLUGIN_ACTIVE		"active"	/* plugin state */
115*f8994074SJan Friedel #define	PLUGIN_PATH		"path"		/* plugin shared object */
116*f8994074SJan Friedel #define	PLUGIN_QSIZE		"qsize"		/* plugin queue size */
117*f8994074SJan Friedel 
118*f8994074SJan Friedel #define	PLUGIN_MAX		256		/* max. amount of plugins */
119*f8994074SJan Friedel #define	PLUGIN_MAXBUF		256		/* max. length of plugin name */
120*f8994074SJan Friedel #define	PLUGIN_MAXATT		256		/* max. length of plugin attr */
121*f8994074SJan Friedel #define	PLUGIN_MAXKEY		256		/* max. length of plugin key */
122*f8994074SJan Friedel #define	PLUGIN_MAXVAL		256		/* max. length of plugin val */
123*f8994074SJan Friedel struct scf_plugin_kva_node {
124*f8994074SJan Friedel 	struct scf_plugin_kva_node	*next;
125*f8994074SJan Friedel 	struct scf_plugin_kva_node	*prev;
126*f8994074SJan Friedel 	char				plugin_name[PLUGIN_MAXBUF];
127*f8994074SJan Friedel 	kva_t				*plugin_kva;
128*f8994074SJan Friedel };
129*f8994074SJan Friedel typedef struct scf_plugin_kva_node scf_plugin_kva_node_t;
130*f8994074SJan Friedel 
131*f8994074SJan Friedel /* Boundary checking macros for the queuectrl parameters. */
132*f8994074SJan Friedel #define	AQ_MINLOW	1
133*f8994074SJan Friedel #define	CHK_BDRY_QBUFSZ(x)	!((x) < AQ_BUFSZ || (x) > AQ_MAXBUFSZ)
134*f8994074SJan Friedel #define	CHK_BDRY_QDELAY(x)	!((x) == 0 || (x) > AQ_MAXDELAY)
135*f8994074SJan Friedel #define	CHK_BDRY_QLOWATER(low, high)	!((low) < AQ_MINLOW || (low) >= (high))
136*f8994074SJan Friedel #define	CHK_BDRY_QHIWATER(low, high)	!((high) <= (low) || \
137*f8994074SJan Friedel 					    (high) < AQ_LOWATER || \
138*f8994074SJan Friedel 					    (high) > AQ_MAXHIGH)
139*f8994074SJan Friedel 
140*f8994074SJan Friedel /*
141*f8994074SJan Friedel  * MAX_PROPVECS	maximum number of audit properties that will
142*f8994074SJan Friedel  * 		fit in the uint32_t audit policy mask.
143*f8994074SJan Friedel  */
144*f8994074SJan Friedel #define	MAX_PROPVECS	32
145*f8994074SJan Friedel 
146*f8994074SJan Friedel boolean_t do_getflags_scf(char **);
147*f8994074SJan Friedel boolean_t do_getnaflags_scf(char **);
148*f8994074SJan Friedel boolean_t do_getpluginconfig_scf(char *, scf_plugin_kva_node_t **);
149*f8994074SJan Friedel boolean_t do_getpolicy_scf(uint32_t *);
150*f8994074SJan Friedel boolean_t do_getqbufsz_scf(size_t *);
151*f8994074SJan Friedel boolean_t do_getqctrl_scf(struct au_qctrl *);
152*f8994074SJan Friedel boolean_t do_getqdelay_scf(clock_t *);
153*f8994074SJan Friedel boolean_t do_getqhiwater_scf(size_t *);
154*f8994074SJan Friedel boolean_t do_getqlowater_scf(size_t *);
155*f8994074SJan Friedel boolean_t do_setflags_scf(char *);
156*f8994074SJan Friedel boolean_t do_setnaflags_scf(char *);
157*f8994074SJan Friedel boolean_t do_setpluginconfig_scf(char *, boolean_t, char *, int);
158*f8994074SJan Friedel boolean_t do_setpolicy_scf(uint32_t);
159*f8994074SJan Friedel boolean_t do_setqbufsz_scf(size_t *);
160*f8994074SJan Friedel boolean_t do_setqctrl_scf(struct au_qctrl *);
161*f8994074SJan Friedel boolean_t do_setqdelay_scf(clock_t *);
162*f8994074SJan Friedel boolean_t do_setqhiwater_scf(size_t *);
163*f8994074SJan Friedel boolean_t do_setqlowater_scf(size_t *);
164*f8994074SJan Friedel void free_static_att_kva(kva_t *);
165*f8994074SJan Friedel uint32_t get_policy(char *);
166*f8994074SJan Friedel boolean_t plugin_avail_scf(const char *);
167*f8994074SJan Friedel void plugin_kva_ll_free(scf_plugin_kva_node_t *);
168*f8994074SJan Friedel void prt_error_va(char *, va_list);
169*f8994074SJan Friedel 
170*f8994074SJan Friedel #ifdef	__cplusplus
171*f8994074SJan Friedel }
172*f8994074SJan Friedel #endif
173*f8994074SJan Friedel 
174*f8994074SJan Friedel #endif	/* _AUDIT_SCF_H */
175