1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 /* 29 * Support routines for building audit records. 30 */ 31 32 #include <sys/param.h> 33 #include <sys/systm.h> /* for rval */ 34 #include <sys/time.h> 35 #include <sys/types.h> 36 #include <sys/vnode.h> 37 #include <sys/mode.h> 38 #include <sys/user.h> 39 #include <sys/session.h> 40 #include <sys/acl.h> 41 #include <sys/ipc_impl.h> 42 #include <netinet/in_systm.h> 43 #include <netinet/in.h> 44 #include <netinet/ip.h> 45 #include <sys/socket.h> 46 #include <net/route.h> 47 #include <netinet/in_pcb.h> 48 #include <c2/audit.h> 49 #include <c2/audit_kernel.h> 50 #include <c2/audit_record.h> 51 #include <sys/model.h> /* for model_t */ 52 #include <sys/vmparam.h> /* for USRSTACK/USRSTACK32 */ 53 #include <sys/vfs.h> /* for sonode */ 54 #include <sys/socketvar.h> /* for sonode */ 55 #include <sys/zone.h> 56 #include <sys/tsol/label.h> 57 58 /* 59 * These are the control tokens 60 */ 61 62 /* 63 * au_to_header 64 * returns: 65 * pointer to au_membuf chain containing a header token. 66 */ 67 token_t * 68 au_to_header(int byte_count, short e_type, short e_mod) 69 { 70 adr_t adr; /* adr memory stream header */ 71 token_t *m; /* au_membuf pointer */ 72 #ifdef _LP64 73 char data_header = AUT_HEADER64; /* header for this token */ 74 static int64_t zerotime[2]; 75 #else 76 char data_header = AUT_HEADER32; 77 static int32_t zerotime[2]; 78 #endif 79 char version = TOKEN_VERSION; /* version of token family */ 80 81 m = au_getclr(); 82 83 adr_start(&adr, memtod(m, char *)); 84 adr_char(&adr, &data_header, 1); /* token ID */ 85 adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */ 86 /* audit record */ 87 adr_char(&adr, &version, 1); /* version of audit tokens */ 88 adr_short(&adr, &e_type, 1); /* event ID */ 89 adr_short(&adr, &e_mod, 1); /* event ID modifier */ 90 #ifdef _LP64 91 adr_int64(&adr, zerotime, 2); /* time & date space */ 92 #else 93 adr_int32(&adr, zerotime, 2); 94 #endif 95 m->len = adr_count(&adr); 96 97 return (m); 98 } 99 100 token_t * 101 au_to_header_ex(int byte_count, au_event_t e_type, au_emod_t e_mod) 102 { 103 adr_t adr; /* adr memory stream header */ 104 token_t *m; /* au_membuf pointer */ 105 au_kcontext_t *kctx = SET_KCTX_PZ; 106 107 #ifdef _LP64 108 char data_header = AUT_HEADER64_EX; /* header for this token */ 109 static int64_t zerotime[2]; 110 #else 111 char data_header = AUT_HEADER32_EX; 112 static int32_t zerotime[2]; 113 #endif 114 char version = TOKEN_VERSION; /* version of token family */ 115 116 m = au_getclr(); 117 118 adr_start(&adr, memtod(m, char *)); 119 adr_char(&adr, &data_header, 1); /* token ID */ 120 adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */ 121 /* audit record */ 122 adr_char(&adr, &version, 1); /* version of audit tokens */ 123 adr_short(&adr, &e_type, 1); /* event ID */ 124 adr_short(&adr, &e_mod, 1); /* event ID modifier */ 125 adr_uint32(&adr, &kctx->auk_info.ai_termid.at_type, 1); 126 adr_char(&adr, (char *)&kctx->auk_info.ai_termid.at_addr[0], 127 (int)kctx->auk_info.ai_termid.at_type); 128 #ifdef _LP64 129 adr_int64(&adr, zerotime, 2); /* time & date */ 130 #else 131 adr_int32(&adr, zerotime, 2); 132 #endif 133 m->len = adr_count(&adr); 134 135 return (m); 136 } 137 138 /* 139 * au_to_trailer 140 * returns: 141 * pointer to au_membuf chain containing a trailer token. 142 */ 143 token_t * 144 au_to_trailer(int byte_count) 145 { 146 adr_t adr; /* adr memory stream header */ 147 token_t *m; /* au_membuf pointer */ 148 char data_header = AUT_TRAILER; /* header for this token */ 149 short magic = (short)AUT_TRAILER_MAGIC; /* trailer magic number */ 150 151 m = au_getclr(); 152 153 adr_start(&adr, memtod(m, char *)); 154 adr_char(&adr, &data_header, 1); /* token ID */ 155 adr_short(&adr, &magic, 1); /* magic number */ 156 adr_int32(&adr, (int32_t *)&byte_count, 1); /* length of */ 157 /* audit record */ 158 159 m->len = adr_count(&adr); 160 161 return (m); 162 } 163 /* 164 * These are the data tokens 165 */ 166 167 /* 168 * au_to_data 169 * returns: 170 * pointer to au_membuf chain containing a data token. 171 */ 172 token_t * 173 au_to_data(char unit_print, char unit_type, char unit_count, char *p) 174 { 175 adr_t adr; /* adr memory stream header */ 176 token_t *m; /* au_membuf pointer */ 177 char data_header = AUT_DATA; /* header for this token */ 178 179 ASSERT(p != NULL); 180 ASSERT(unit_count != 0); 181 182 switch (unit_type) { 183 case AUR_SHORT: 184 if (sizeof (short) * unit_count >= AU_BUFSIZE) 185 return (au_to_text("au_to_data: unit count too big")); 186 break; 187 case AUR_INT32: 188 if (sizeof (int32_t) * unit_count >= AU_BUFSIZE) 189 return (au_to_text("au_to_data: unit count too big")); 190 break; 191 case AUR_INT64: 192 if (sizeof (int64_t) * unit_count >= AU_BUFSIZE) 193 return (au_to_text("au_to_data: unit count too big")); 194 break; 195 case AUR_BYTE: 196 default: 197 #ifdef _CHAR_IS_UNSIGNED 198 if (sizeof (char) * unit_count >= AU_BUFSIZE) 199 return (au_to_text("au_to_data: unit count too big")); 200 #endif 201 /* 202 * we used to check for this: 203 * sizeof (char) * (int)unit_count >= AU_BUFSIZE). 204 * but the compiler is smart enough to see that 205 * will never be >= AU_BUFSIZE, since that's 128 206 * and unit_count maxes out at 127 (signed char), 207 * and complain. 208 */ 209 break; 210 } 211 212 m = au_getclr(); 213 214 adr_start(&adr, memtod(m, char *)); 215 adr_char(&adr, &data_header, 1); 216 adr_char(&adr, &unit_print, 1); 217 adr_char(&adr, &unit_type, 1); 218 adr_char(&adr, &unit_count, 1); 219 220 switch (unit_type) { 221 case AUR_SHORT: 222 adr_short(&adr, (short *)p, unit_count); 223 break; 224 case AUR_INT32: 225 adr_int32(&adr, (int32_t *)p, unit_count); 226 break; 227 case AUR_INT64: 228 adr_int64(&adr, (int64_t *)p, unit_count); 229 break; 230 case AUR_BYTE: 231 default: 232 adr_char(&adr, p, unit_count); 233 break; 234 } 235 236 m->len = adr_count(&adr); 237 238 return (m); 239 } 240 241 /* 242 * au_to_process 243 * au_to_subject 244 * returns: 245 * pointer to au_membuf chain containing a process token. 246 */ 247 static token_t *au_to_any_process(char, uid_t, gid_t, uid_t, gid_t, 248 pid_t, au_id_t, au_asid_t, const au_tid_addr_t *atid); 249 250 token_t * 251 au_to_process(uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid, 252 au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid) 253 { 254 char data_header; 255 256 #ifdef _LP64 257 if (atid->at_type == AU_IPv6) 258 data_header = AUT_PROCESS64_EX; 259 else 260 data_header = AUT_PROCESS64; 261 #else 262 if (atid->at_type == AU_IPv6) 263 data_header = AUT_PROCESS32_EX; 264 else 265 data_header = AUT_PROCESS32; 266 #endif 267 268 return (au_to_any_process(data_header, uid, gid, ruid, 269 rgid, pid, auid, asid, atid)); 270 } 271 272 token_t * 273 au_to_subject(uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid, 274 au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid) 275 { 276 char data_header; 277 278 #ifdef _LP64 279 if (atid->at_type == AU_IPv6) 280 data_header = AUT_SUBJECT64_EX; 281 else 282 data_header = AUT_SUBJECT64; 283 #else 284 if (atid->at_type == AU_IPv6) 285 data_header = AUT_SUBJECT32_EX; 286 else 287 data_header = AUT_SUBJECT32; 288 #endif 289 return (au_to_any_process(data_header, uid, gid, ruid, 290 rgid, pid, auid, asid, atid)); 291 } 292 293 294 static token_t * 295 au_to_any_process(char data_header, 296 uid_t uid, gid_t gid, uid_t ruid, gid_t rgid, pid_t pid, 297 au_id_t auid, au_asid_t asid, const au_tid_addr_t *atid) 298 { 299 token_t *m; /* local au_membuf */ 300 adr_t adr; /* adr memory stream header */ 301 int32_t value; 302 303 m = au_getclr(); 304 305 adr_start(&adr, memtod(m, char *)); 306 adr_char(&adr, &data_header, 1); 307 value = (int32_t)auid; 308 adr_int32(&adr, &value, 1); 309 value = (int32_t)uid; 310 adr_int32(&adr, &value, 1); 311 value = (int32_t)gid; 312 adr_int32(&adr, &value, 1); 313 value = (int32_t)ruid; 314 adr_int32(&adr, &value, 1); 315 value = (int32_t)rgid; 316 adr_int32(&adr, &value, 1); 317 value = (int32_t)pid; 318 adr_int32(&adr, &value, 1); 319 value = (int32_t)asid; 320 adr_int32(&adr, &value, 1); 321 #ifdef _LP64 322 adr_int64(&adr, (int64_t *)&(atid->at_port), 1); 323 #else 324 adr_int32(&adr, (int32_t *)&(atid->at_port), 1); 325 #endif 326 if (atid->at_type == AU_IPv6) { 327 adr_uint32(&adr, (uint_t *)&atid->at_type, 1); 328 adr_char(&adr, (char *)&atid->at_addr[0], 16); 329 } else { 330 adr_char(&adr, (char *)&(atid->at_addr[0]), 4); 331 } 332 333 m->len = adr_count(&adr); 334 335 return (m); 336 } 337 338 /* 339 * au_to_text 340 * returns: 341 * pointer to au_membuf chain containing a text token. 342 */ 343 token_t * 344 au_to_text(const char *text) 345 { 346 token_t *token; /* local au_membuf */ 347 adr_t adr; /* adr memory stream header */ 348 char data_header = AUT_TEXT; /* header for this token */ 349 short bytes; /* length of string */ 350 351 token = au_getclr(); 352 353 bytes = (short)strlen(text) + 1; 354 adr_start(&adr, memtod(token, char *)); 355 adr_char(&adr, &data_header, 1); 356 adr_short(&adr, &bytes, 1); 357 358 token->len = (char)adr_count(&adr); 359 /* 360 * Now attach the text 361 */ 362 (void) au_append_buf(text, bytes, token); 363 364 return (token); 365 } 366 367 /* 368 * au_zonename_length 369 * returns: 370 * - length of zonename token to be generated 371 * - zone name up to ZONENAME_MAX + 1 in length 372 */ 373 #define ZONE_TOKEN_OVERHEAD 3 374 /* 375 * the zone token is 376 * token id (1 byte) 377 * string length (2 bytes) 378 * the string (strlen(zonename) + 1) 379 */ 380 size_t 381 au_zonename_length() 382 { 383 return (strlen(curproc->p_zone->zone_name) + 1 + 384 ZONE_TOKEN_OVERHEAD); 385 } 386 387 /* 388 * au_to_zonename 389 * 390 * A length of zero input to au_to_zonename means the length is not 391 * pre-calculated. 392 * 393 * The caller is responsible for checking the AUDIT_ZONENAME policy 394 * before calling au_zonename_length() and au_to_zonename(). If 395 * the policy changes between the calls, no harm is done, so the 396 * policy only needs to be checked once. 397 * 398 * returns: 399 * pointer to au_membuf chain containing a zonename token; NULL if 400 * policy is off. 401 * 402 * if the zonename token is generated at token generation close time, 403 * the length of the token is already known and it is ASSERTed that 404 * it has not changed. If not precalculated, zone_length must be 405 * zero. 406 */ 407 token_t * 408 au_to_zonename(size_t zone_length) 409 { 410 token_t *token; /* local au_membuf */ 411 adr_t adr; /* adr memory stream header */ 412 char data_header = AUT_ZONENAME; /* header for this token */ 413 short bytes; /* length of string */ 414 415 token = au_getclr(); 416 417 bytes = (short)strlen(curproc->p_zone->zone_name) + 1; 418 /* 419 * If zone_length != 0, it was precalculated and is 420 * the token length, not the string length. 421 */ 422 ASSERT((zone_length == 0) || 423 (zone_length == (bytes + ZONE_TOKEN_OVERHEAD))); 424 425 adr_start(&adr, memtod(token, char *)); 426 adr_char(&adr, &data_header, 1); 427 adr_short(&adr, &bytes, 1); 428 429 token->len = (char)adr_count(&adr); 430 (void) au_append_buf(curproc->p_zone->zone_name, bytes, token); 431 432 return (token); 433 } 434 435 /* 436 * au_to_strings 437 * returns: 438 * pointer to au_membuf chain containing a strings array token. 439 */ 440 token_t * 441 au_to_strings( 442 char header, /* token type */ 443 const char *kstrp, /* kernel string pointer */ 444 ssize_t count) /* count of arguments */ 445 { 446 token_t *token; /* local au_membuf */ 447 token_t *m; /* local au_membuf */ 448 adr_t adr; /* adr memory stream header */ 449 size_t len; 450 int32_t tlen; 451 452 token = au_getclr(); 453 454 adr_start(&adr, memtod(token, char *)); 455 adr_char(&adr, &header, 1); 456 tlen = (int32_t)count; 457 adr_int32(&adr, &tlen, 1); 458 459 token->len = (char)adr_count(&adr); 460 461 while (count-- > 0) { 462 m = au_getclr(); 463 len = strlen(kstrp) + 1; 464 (void) au_append_buf(kstrp, len, m); 465 (void) au_append_rec((token_t *)token, (token_t *)m, AU_PACK); 466 kstrp += len; 467 } 468 469 return (token); 470 } 471 472 /* 473 * au_to_exec_args 474 * returns: 475 * pointer to au_membuf chain containing a argv token. 476 */ 477 token_t * 478 au_to_exec_args(const char *kstrp, ssize_t argc) 479 { 480 return (au_to_strings(AUT_EXEC_ARGS, kstrp, argc)); 481 } 482 483 /* 484 * au_to_exec_env 485 * returns: 486 * pointer to au_membuf chain containing a arge token. 487 */ 488 token_t * 489 au_to_exec_env(const char *kstrp, ssize_t envc) 490 { 491 return (au_to_strings(AUT_EXEC_ENV, kstrp, envc)); 492 } 493 494 /* 495 * au_to_arg32 496 * char n; argument # being used 497 * char *text; text describing argument 498 * uint32_t v; argument value 499 * returns: 500 * pointer to au_membuf chain containing an argument token. 501 */ 502 token_t * 503 au_to_arg32(char n, char *text, uint32_t v) 504 { 505 token_t *token; /* local au_membuf */ 506 adr_t adr; /* adr memory stream header */ 507 char data_header = AUT_ARG32; /* header for this token */ 508 short bytes; /* length of string */ 509 510 token = au_getclr(); 511 512 bytes = strlen(text) + 1; 513 adr_start(&adr, memtod(token, char *)); 514 adr_char(&adr, &data_header, 1); /* token type */ 515 adr_char(&adr, &n, 1); /* argument id */ 516 adr_uint32(&adr, &v, 1); /* argument value */ 517 adr_short(&adr, &bytes, 1); 518 519 token->len = adr_count(&adr); 520 /* 521 * Now add the description 522 */ 523 (void) au_append_buf(text, bytes, token); 524 525 return (token); 526 } 527 528 529 /* 530 * au_to_arg64 531 * char n; argument # being used 532 * char *text; text describing argument 533 * uint64_t v; argument value 534 * returns: 535 * pointer to au_membuf chain containing an argument token. 536 */ 537 token_t * 538 au_to_arg64(char n, char *text, uint64_t v) 539 { 540 token_t *token; /* local au_membuf */ 541 adr_t adr; /* adr memory stream header */ 542 char data_header = AUT_ARG64; /* header for this token */ 543 short bytes; /* length of string */ 544 545 token = au_getclr(); 546 547 bytes = strlen(text) + 1; 548 adr_start(&adr, memtod(token, char *)); 549 adr_char(&adr, &data_header, 1); /* token type */ 550 adr_char(&adr, &n, 1); /* argument id */ 551 adr_uint64(&adr, &v, 1); /* argument value */ 552 adr_short(&adr, &bytes, 1); 553 554 token->len = adr_count(&adr); 555 /* 556 * Now the description 557 */ 558 (void) au_append_buf(text, bytes, token); 559 560 return (token); 561 } 562 563 564 /* 565 * au_to_path 566 * returns: 567 * pointer to au_membuf chain containing a path token. 568 */ 569 token_t * 570 au_to_path(struct audit_path *app) 571 { 572 token_t *token; /* local au_membuf */ 573 token_t *m; /* local au_membuf */ 574 adr_t adr; /* adr memory stream header */ 575 char data_header = AUT_PATH; /* header for this token */ 576 short bytes; /* length of string */ 577 char *path = app->audp_sect[0]; 578 579 bytes = (short)(app->audp_sect[1] - app->audp_sect[0]); 580 581 /* 582 * generate path token header 583 */ 584 m = au_getclr(); 585 adr_start(&adr, memtod(m, char *)); 586 adr_char(&adr, &data_header, 1); 587 adr_short(&adr, &bytes, 1); 588 m->len = adr_count(&adr); 589 590 /* append path string */ 591 token = m; 592 (void) au_append_buf(path, bytes, token); 593 594 if (app->audp_cnt > 1) { 595 /* generate attribute path strings token */ 596 m = au_to_strings(AUT_XATPATH, app->audp_sect[1], 597 app->audp_cnt - 1); 598 599 token = au_append_token(token, m); 600 } 601 602 return (token); 603 } 604 605 /* 606 * au_to_ipc 607 * returns: 608 * pointer to au_membuf chain containing a System V IPC token. 609 */ 610 token_t * 611 au_to_ipc(char type, int id) 612 { 613 token_t *m; /* local au_membuf */ 614 adr_t adr; /* adr memory stream header */ 615 char data_header = AUT_IPC; /* header for this token */ 616 617 m = au_getclr(); 618 619 adr_start(&adr, memtod(m, char *)); 620 adr_char(&adr, &data_header, 1); 621 adr_char(&adr, &type, 1); /* type of IPC object */ 622 adr_int32(&adr, (int32_t *)&id, 1); 623 624 m->len = adr_count(&adr); 625 626 return (m); 627 } 628 629 /* 630 * au_to_return32 631 * returns: 632 * pointer to au_membuf chain containing a return value token. 633 */ 634 token_t * 635 au_to_return32(int error, int32_t rv) 636 { 637 token_t *m; /* local au_membuf */ 638 adr_t adr; /* adr memory stream header */ 639 char data_header = AUT_RETURN32; /* header for this token */ 640 int32_t val; 641 char ed = error; 642 643 m = au_getclr(); 644 645 adr_start(&adr, memtod(m, char *)); 646 adr_char(&adr, &data_header, 1); 647 adr_char(&adr, &ed, 1); 648 649 if (error) { 650 val = -1; 651 adr_int32(&adr, &val, 1); 652 } else { 653 adr_int32(&adr, &rv, 1); 654 } 655 m->len = adr_count(&adr); 656 657 return (m); 658 } 659 660 /* 661 * au_to_return64 662 * returns: 663 * pointer to au_membuf chain containing a return value token. 664 */ 665 token_t * 666 au_to_return64(int error, int64_t rv) 667 { 668 token_t *m; /* local au_membuf */ 669 adr_t adr; /* adr memory stream header */ 670 char data_header = AUT_RETURN64; /* header for this token */ 671 int64_t val; 672 char ed = error; 673 674 m = au_getclr(); 675 676 adr_start(&adr, memtod(m, char *)); 677 adr_char(&adr, &data_header, 1); 678 adr_char(&adr, &ed, 1); 679 680 if (error) { 681 val = -1; 682 adr_int64(&adr, &val, 1); 683 } else { 684 adr_int64(&adr, &rv, 1); 685 } 686 m->len = adr_count(&adr); 687 688 return (m); 689 } 690 691 #ifdef AU_MAY_USE_SOMEDAY 692 /* 693 * au_to_opaque 694 * returns: 695 * pointer to au_membuf chain containing a opaque token. 696 */ 697 token_t * 698 au_to_opaque(short bytes, char *opaque) 699 { 700 token_t *token; /* local au_membuf */ 701 adr_t adr; /* adr memory stream header */ 702 char data_header = AUT_OPAQUE; /* header for this token */ 703 704 token = au_getclr(); 705 706 adr_start(&adr, memtod(token, char *)); 707 adr_char(&adr, &data_header, 1); 708 adr_short(&adr, &bytes, 1); 709 710 token->len = adr_count(&adr); 711 712 /* 713 * Now attach the data 714 */ 715 (void) au_append_buf(opaque, bytes, token); 716 717 return (token); 718 } 719 #endif /* AU_MAY_USE_SOMEDAY */ 720 721 /* 722 * au_to_ip 723 * returns: 724 * pointer to au_membuf chain containing a ip header token 725 */ 726 token_t * 727 au_to_ip(struct ip *ipp) 728 { 729 token_t *m; /* local au_membuf */ 730 adr_t adr; /* adr memory stream header */ 731 char data_header = AUT_IP; /* header for this token */ 732 733 m = au_getclr(); 734 735 adr_start(&adr, memtod(m, char *)); 736 adr_char(&adr, &data_header, 1); 737 adr_char(&adr, (char *)ipp, 2); 738 adr_short(&adr, (short *)&(ipp->ip_len), 3); 739 adr_char(&adr, (char *)&(ipp->ip_ttl), 2); 740 adr_short(&adr, (short *)&(ipp->ip_sum), 1); 741 adr_int32(&adr, (int32_t *)&(ipp->ip_src), 2); 742 743 m->len = adr_count(&adr); 744 745 return (m); 746 } 747 748 /* 749 * au_to_iport 750 * returns: 751 * pointer to au_membuf chain containing a ip path token 752 */ 753 token_t * 754 au_to_iport(ushort_t iport) 755 { 756 token_t *m; /* local au_membuf */ 757 adr_t adr; /* adr memory stream header */ 758 char data_header = AUT_IPORT; /* header for this token */ 759 760 m = au_getclr(); 761 762 adr_start(&adr, memtod(m, char *)); 763 adr_char(&adr, &data_header, 1); 764 adr_ushort(&adr, &iport, 1); 765 766 m->len = adr_count(&adr); 767 768 return (m); 769 } 770 771 /* 772 * au_to_in_addr 773 * returns: 774 * pointer to au_membuf chain containing a ip path token 775 */ 776 token_t * 777 au_to_in_addr(struct in_addr *internet_addr) 778 { 779 token_t *m; /* local au_membuf */ 780 adr_t adr; /* adr memory stream header */ 781 char data_header = AUT_IN_ADDR; /* header for this token */ 782 783 m = au_getclr(); 784 785 adr_start(&adr, memtod(m, char *)); 786 adr_char(&adr, &data_header, 1); 787 adr_char(&adr, (char *)internet_addr, sizeof (struct in_addr)); 788 789 m->len = adr_count(&adr); 790 791 return (m); 792 } 793 794 /* 795 * au_to_in_addr_ex 796 * returns: 797 * pointer to au_membuf chain containing an ipv6 token 798 */ 799 token_t * 800 au_to_in_addr_ex(int32_t *internet_addr) 801 { 802 token_t *m; /* local au_membuf */ 803 adr_t adr; /* adr memory stream header */ 804 char data_header_v4 = AUT_IN_ADDR; /* header for v4 token */ 805 char data_header_v6 = AUT_IN_ADDR_EX; /* header for v6 token */ 806 int32_t type = AU_IPv6; 807 808 m = au_getclr(); 809 adr_start(&adr, memtod(m, char *)); 810 811 if (IN6_IS_ADDR_V4MAPPED((in6_addr_t *)internet_addr)) { 812 adr_char(&adr, &data_header_v4, 1); 813 adr_char(&adr, (char *)internet_addr, sizeof (struct in_addr)); 814 } else { 815 adr_char(&adr, &data_header_v6, 1); 816 adr_int32(&adr, &type, 1); 817 adr_char(&adr, (char *)internet_addr, sizeof (struct in6_addr)); 818 } 819 820 m->len = adr_count(&adr); 821 822 return (m); 823 } 824 825 /* 826 * The Modifier tokens 827 */ 828 829 /* 830 * au_to_attr 831 * returns: 832 * pointer to au_membuf chain containing an attribute token. 833 */ 834 token_t * 835 au_to_attr(struct vattr *attr) 836 { 837 token_t *m; /* local au_membuf */ 838 adr_t adr; /* adr memory stream header */ 839 #ifdef _LP64 840 char data_header = AUT_ATTR64; /* header for this token */ 841 #else 842 char data_header = AUT_ATTR32; 843 #endif 844 int32_t value; 845 846 m = au_getclr(); 847 848 adr_start(&adr, memtod(m, char *)); 849 adr_char(&adr, &data_header, 1); 850 value = (int32_t)attr->va_mode; 851 value |= (int32_t)(VTTOIF(attr->va_type)); 852 adr_int32(&adr, &value, 1); 853 value = (int32_t)attr->va_uid; 854 adr_int32(&adr, &value, 1); 855 value = (int32_t)attr->va_gid; 856 adr_int32(&adr, &value, 1); 857 adr_int32(&adr, (int32_t *)&(attr->va_fsid), 1); 858 adr_int64(&adr, (int64_t *)&(attr->va_nodeid), 1); 859 #ifdef _LP64 860 adr_int64(&adr, (int64_t *)&(attr->va_rdev), 1); 861 #else 862 adr_int32(&adr, (int32_t *)&(attr->va_rdev), 1); 863 #endif 864 865 m->len = adr_count(&adr); 866 867 return (m); 868 } 869 870 token_t * 871 au_to_acl(struct acl *aclp) 872 { 873 token_t *m; /* local au_membuf */ 874 adr_t adr; /* adr memory stream header */ 875 char data_header = AUT_ACL; /* header for this token */ 876 int32_t value; 877 878 m = au_getclr(); 879 880 adr_start(&adr, memtod(m, char *)); 881 adr_char(&adr, &data_header, 1); 882 883 value = (int32_t)aclp->a_type; 884 adr_int32(&adr, &value, 1); 885 value = (int32_t)aclp->a_id; 886 adr_int32(&adr, &value, 1); 887 value = (int32_t)aclp->a_perm; 888 adr_int32(&adr, &value, 1); 889 890 m->len = adr_count(&adr); 891 return (m); 892 } 893 894 /* 895 * au_to_ipc_perm 896 * returns: 897 * pointer to au_membuf chain containing a System V IPC attribute token. 898 */ 899 token_t * 900 au_to_ipc_perm(struct kipc_perm *perm) 901 { 902 token_t *m; /* local au_membuf */ 903 adr_t adr; /* adr memory stream header */ 904 char data_header = AUT_IPC_PERM; /* header for this token */ 905 int32_t value; 906 907 m = au_getclr(); 908 909 adr_start(&adr, memtod(m, char *)); 910 adr_char(&adr, &data_header, 1); 911 value = (int32_t)perm->ipc_uid; 912 adr_int32(&adr, &value, 1); 913 value = (int32_t)perm->ipc_gid; 914 adr_int32(&adr, &value, 1); 915 value = (int32_t)perm->ipc_cuid; 916 adr_int32(&adr, &value, 1); 917 value = (int32_t)perm->ipc_cgid; 918 adr_int32(&adr, &value, 1); 919 value = (int32_t)perm->ipc_mode; 920 adr_int32(&adr, &value, 1); 921 value = 0; /* seq is now obsolete */ 922 adr_int32(&adr, &value, 1); 923 value = (int32_t)perm->ipc_key; 924 adr_int32(&adr, &value, 1); 925 926 m->len = adr_count(&adr); 927 928 return (m); 929 } 930 931 token_t * 932 au_to_groups(const gid_t *crgroups, uint_t crngroups) 933 { 934 token_t *m; /* local au_membuf */ 935 adr_t adr; /* adr memory stream header */ 936 char data_header = AUT_NEWGROUPS; /* header for this token */ 937 short n_groups; 938 939 m = au_getclr(); 940 941 adr_start(&adr, memtod(m, char *)); 942 adr_char(&adr, &data_header, 1); 943 n_groups = (short)crngroups; 944 adr_short(&adr, &n_groups, 1); 945 adr_int32(&adr, (int32_t *)crgroups, (int)crngroups); 946 947 m->len = adr_count(&adr); 948 949 return (m); 950 } 951 952 /* 953 * au_to_socket_ex 954 * returns: 955 * pointer to au_membuf chain containing a socket token. 956 */ 957 token_t * 958 au_to_socket_ex(short dom, short type, char *l, char *f) 959 { 960 adr_t adr; 961 token_t *m; 962 char data_header = AUT_SOCKET_EX; 963 struct sockaddr_in6 *addr6; 964 struct sockaddr_in *addr4; 965 short size; 966 967 m = au_getclr(); 968 969 adr_start(&adr, memtod(m, char *)); 970 adr_char(&adr, &data_header, 1); 971 adr_short(&adr, &dom, 1); /* dom of socket */ 972 adr_short(&adr, &type, 1); /* type of socket */ 973 974 if (dom == AF_INET6) { 975 size = AU_IPv6; 976 adr_short(&adr, &size, 1); /* type of addresses */ 977 addr6 = (struct sockaddr_in6 *)l; 978 adr_short(&adr, (short *)&addr6->sin6_port, 1); 979 adr_char(&adr, (char *)&addr6->sin6_addr, size); 980 addr6 = (struct sockaddr_in6 *)f; 981 adr_short(&adr, (short *)&addr6->sin6_port, 1); 982 adr_char(&adr, (char *)&addr6->sin6_addr, size); 983 } else if (dom == AF_INET) { 984 size = AU_IPv4; 985 adr_short(&adr, &size, 1); /* type of addresses */ 986 addr4 = (struct sockaddr_in *)l; 987 adr_short(&adr, (short *)&addr4->sin_port, 1); 988 adr_char(&adr, (char *)&addr4->sin_addr, size); 989 addr4 = (struct sockaddr_in *)f; 990 adr_short(&adr, (short *)&addr4->sin_port, 1); 991 adr_char(&adr, (char *)&addr4->sin_addr, size); 992 } 993 994 995 m->len = adr_count(&adr); 996 997 return (m); 998 } 999 1000 /* 1001 * au_to_seq 1002 * returns: 1003 * pointer to au_membuf chain containing a sequence token. 1004 */ 1005 token_t * 1006 au_to_seq() 1007 { 1008 adr_t adr; 1009 token_t *m; 1010 char data_header = AUT_SEQ; 1011 static int32_t zerocount; 1012 1013 m = au_getclr(); 1014 1015 adr_start(&adr, memtod(m, char *)); 1016 1017 adr_char(&adr, &data_header, 1); 1018 1019 adr_int32(&adr, &zerocount, 1); 1020 1021 m->len = adr_count(&adr); 1022 1023 return (m); 1024 } 1025 1026 token_t * 1027 au_to_sock_inet(struct sockaddr_in *s_inet) 1028 { 1029 adr_t adr; 1030 token_t *m; 1031 char data_header = AUT_SOCKET; 1032 1033 m = au_getclr(); 1034 1035 adr_start(&adr, memtod(m, char *)); 1036 adr_char(&adr, &data_header, 1); 1037 adr_short(&adr, (short *)&s_inet->sin_family, 1); 1038 adr_short(&adr, (short *)&s_inet->sin_port, 1); 1039 1040 /* remote addr */ 1041 adr_int32(&adr, (int32_t *)&s_inet->sin_addr.s_addr, 1); 1042 1043 m->len = (uchar_t)adr_count(&adr); 1044 1045 return (m); 1046 } 1047 1048 extern int maxprivbytes; 1049 1050 token_t * 1051 au_to_privset( 1052 const char *set, 1053 const priv_set_t *pset, 1054 char data_header, 1055 int success) 1056 { 1057 token_t *token, *m; 1058 adr_t adr; 1059 int priv; 1060 const char *pname; 1061 char sf = (char)success; 1062 char *buf, *q; 1063 short sz; 1064 boolean_t full; 1065 1066 token = au_getclr(); 1067 1068 adr_start(&adr, memtod(token, char *)); 1069 adr_char(&adr, &data_header, 1); 1070 /* 1071 * set is not used for AUT_UPRIV and sf (== success) is not 1072 * used for AUT_PRIV 1073 */ 1074 if (data_header == AUT_UPRIV) { 1075 adr_char(&adr, &sf, 1); 1076 } else { 1077 sz = strlen(set) + 1; 1078 adr_short(&adr, &sz, 1); 1079 1080 token->len = (uchar_t)adr_count(&adr); 1081 m = au_getclr(); 1082 1083 (void) au_append_buf(set, sz, m); 1084 (void) au_append_rec(token, m, AU_PACK); 1085 adr.adr_now += sz; 1086 } 1087 1088 full = priv_isfullset(pset); 1089 1090 if (full) { 1091 buf = "ALL"; 1092 sz = strlen(buf) + 1; 1093 } else { 1094 q = buf = kmem_alloc(maxprivbytes, KM_SLEEP); 1095 *buf = '\0'; 1096 1097 for (priv = 0; (pname = priv_getbynum(priv)) != NULL; priv++) { 1098 if (priv_ismember(pset, priv)) { 1099 if (q != buf) 1100 *q++ = ','; 1101 (void) strcpy(q, pname); 1102 q += strlen(q); 1103 } 1104 } 1105 sz = (q - buf) + 1; 1106 } 1107 1108 adr_short(&adr, &sz, 1); 1109 token->len = (uchar_t)adr_count(&adr); 1110 1111 m = au_getclr(); 1112 (void) au_append_buf(buf, sz, m); 1113 (void) au_append_rec(token, m, AU_PACK); 1114 1115 if (!full) 1116 kmem_free(buf, maxprivbytes); 1117 1118 return (token); 1119 } 1120 1121 /* 1122 * au_to_label 1123 * returns: 1124 * pointer to au_membuf chain containing a sensitivity label token. 1125 */ 1126 token_t * 1127 au_to_label(bslabel_t *label) 1128 { 1129 token_t *m; /* local au_membuf */ 1130 adr_t adr; /* adr memory stream header */ 1131 char data_header = AUT_LABEL; /* header for this token */ 1132 1133 m = au_getclr(); 1134 1135 adr_start(&adr, memtod(m, char *)); 1136 adr_char(&adr, &data_header, 1); 1137 adr_char(&adr, (char *)label, sizeof (bslabel_t)); 1138 m->len = adr_count(&adr); 1139 1140 return (m); 1141 } 1142