xref: /titanic_50/usr/src/lib/libbsm/common/adt.h (revision 7c478bd95313f5f23a4c958a745db2134aa03244)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * adt.h
24  *
25  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
26  * Use is subject to license terms.
27  *
28  * This is a contract private interface and is subject to change
29  */
30 
31 #ifndef _ADT_H
32 #define	_ADT_H
33 
34 #pragma ident	"%Z%%M%	%I%	%E% SMI"
35 
36 #include <bsm/audit.h>
37 #include <bsm/libbsm.h>
38 #include <bsm/audit_record.h>
39 #include <bsm/audit_uevents.h>
40 #include <door.h>
41 
42 #ifdef	__cplusplus
43 extern "C" {
44 #endif
45 
46 #define	ADT_STRING_MAX	511		/* max non-null characters */
47 #define	ADT_NO_ATTRIB	(uid_t)-1	/* unattributed user */
48 #define	ADT_NO_CHANGE	(uid_t)-2	/* no update for this parameter */
49 #define	ADT_NO_AUDIT	(uid_t)-3	/* unaudited user */
50 
51 /*
52  * terminal id types
53  */
54 #define	ADT_IPv4	0
55 #define	ADT_IPv6	1
56 
57 /*
58  * for adt_set_user(): ADT_NEW if creating a session for a newly
59  * authenticated user -- login -- and ADT_UPDATE if an authenticated
60  * user is changing uid/gid -- e.g., su.  ADT_USER changes only the
61  * ruid / euid / rgid / egid values and is appropriate for login-like
62  * operations where PAM has already set the audit context in the cred.
63  * ADT_SETTID is for the special case where it is necessary to store
64  * the terminal id in the credential before forking to the login or
65  * login-like process.
66  */
67 enum adt_user_context {ADT_NEW, ADT_UPDATE, ADT_USER, ADT_SETTID};
68 
69 typedef ulong_t			adt_session_flags_t;
70 typedef struct adt_session_data	adt_session_data_t;
71 typedef struct adt_export_data	adt_export_data_t;
72 typedef union adt_event_data	adt_event_data_t;
73 typedef struct adt_termid	adt_termid_t;
74 
75 /*
76  * flag defs for the flags argument of adt_start_session()
77  */
78 
79 #define	ADT_BUFFER_RECORDS	0x2	/* TSOL buffering */
80 #define	ADT_USE_PROC_DATA	0x1	/* copy audit char's from proc */
81 	/* | all of above = ADT_FLAGS_ALL  */
82 #define	ADT_FLAGS_ALL		ADT_BUFFER_RECORDS | \
83     ADT_USE_PROC_DATA
84 
85 /*
86  * Functions
87  */
88 
89 extern	int	adt_start_session(adt_session_data_t **,
90 		    const adt_export_data_t *,
91 		    adt_session_flags_t);
92 extern	int	adt_end_session(adt_session_data_t *);
93 extern	int	adt_dup_session(const adt_session_data_t *,
94     adt_session_data_t **);
95 
96 extern	int	adt_set_proc(const adt_session_data_t *);
97 extern	int	adt_set_user(const adt_session_data_t *, uid_t, gid_t,
98 		    uid_t, gid_t, const adt_termid_t *,
99 		    enum adt_user_context);
100 extern	int	adt_set_from_ucred(const adt_session_data_t *,
101 		    const ucred_t *,
102 		    enum adt_user_context);
103 
104 extern	size_t	adt_get_session_id(const adt_session_data_t *, char **);
105 
106 extern	size_t	adt_export_session_data(const adt_session_data_t *,
107 		    adt_export_data_t **);
108 extern	size_t	adt_import_proc(pid_t pid,
109 		    uid_t euid,
110 		    gid_t egid,
111 		    uid_t ruid,
112 		    gid_t rgid,
113 		    adt_export_data_t **external);
114 
115 extern	adt_event_data_t
116 		*adt_alloc_event(const adt_session_data_t *, au_event_t);
117 
118 extern	int	adt_put_event(const adt_event_data_t *, int, int);
119 extern	void	adt_free_event(adt_event_data_t *);
120 
121 extern	int	adt_load_termid(int, adt_termid_t **);
122 extern	int	adt_load_hostname(const char *, adt_termid_t **);
123 extern	int	adt_load_ttyname(const char *, adt_termid_t **);
124 
125 extern	boolean_t	adt_audit_enabled(void);
126 
127 #ifdef	__cplusplus
128 }
129 #endif
130 
131 #endif	/* _ADT_H */
132