17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 228249a45fSJan Friedel * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 24*33f5ff17SMilan Jurik * Copyright 2012 Milan Jurik. All rights reserved. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate /* 297c478bd9Sstevel@tonic-gate * Token processing for auditreduce. 307c478bd9Sstevel@tonic-gate */ 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate #include <locale.h> 337c478bd9Sstevel@tonic-gate #include <sys/zone.h> 347c478bd9Sstevel@tonic-gate #include "auditr.h" 357c478bd9Sstevel@tonic-gate #include "toktable.h" 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate extern int re_exec2(char *); 387c478bd9Sstevel@tonic-gate 397c478bd9Sstevel@tonic-gate static void anchor_path(char *path); 407c478bd9Sstevel@tonic-gate static char *collapse_path(char *s); 417c478bd9Sstevel@tonic-gate static void get_string(adr_t *adr, char **p); 427c478bd9Sstevel@tonic-gate static int ipc_type_match(int flag, char type); 437c478bd9Sstevel@tonic-gate static void skip_string(adr_t *adr); 447c478bd9Sstevel@tonic-gate static int xgeneric(adr_t *adr); 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate #if AUDIT_REC 477c478bd9Sstevel@tonic-gate void 487c478bd9Sstevel@tonic-gate print_id(int id) 497c478bd9Sstevel@tonic-gate { 507c478bd9Sstevel@tonic-gate char *suffix; 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate if ((id < 0) || (id > MAXTOKEN) || 537c478bd9Sstevel@tonic-gate (tokentable[id].func == NOFUNC)) { 547c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 557c478bd9Sstevel@tonic-gate "token_processing: token %d not found\n", id); 567c478bd9Sstevel@tonic-gate return; 577c478bd9Sstevel@tonic-gate } 587c478bd9Sstevel@tonic-gate 597c478bd9Sstevel@tonic-gate switch (id) { 607c478bd9Sstevel@tonic-gate case AUT_NEWGROUPS: 617c478bd9Sstevel@tonic-gate suffix = "_new"; 627c478bd9Sstevel@tonic-gate break; 637c478bd9Sstevel@tonic-gate case AUT_ATTR32: 647c478bd9Sstevel@tonic-gate suffix = "32"; 657c478bd9Sstevel@tonic-gate break; 667c478bd9Sstevel@tonic-gate case AUT_ARG64: 677c478bd9Sstevel@tonic-gate case AUT_RETURN64: 687c478bd9Sstevel@tonic-gate case AUT_ATTR64: 697c478bd9Sstevel@tonic-gate case AUT_HEADER64: 707c478bd9Sstevel@tonic-gate case AUT_SUBJECT64: 717c478bd9Sstevel@tonic-gate case AUT_PROCESS64: 727c478bd9Sstevel@tonic-gate case AUT_OTHER_FILE64: 737c478bd9Sstevel@tonic-gate suffix = "64"; 747c478bd9Sstevel@tonic-gate break; 757c478bd9Sstevel@tonic-gate case AUT_SOCKET_EX: 767c478bd9Sstevel@tonic-gate case AUT_IN_ADDR_EX: 777c478bd9Sstevel@tonic-gate suffix = "_ex"; 787c478bd9Sstevel@tonic-gate break; 797c478bd9Sstevel@tonic-gate case AUT_HEADER32_EX: 807c478bd9Sstevel@tonic-gate case AUT_SUBJECT32_EX: 817c478bd9Sstevel@tonic-gate case AUT_PROCESS32_EX: 827c478bd9Sstevel@tonic-gate suffix = "32_ex"; 837c478bd9Sstevel@tonic-gate break; 847c478bd9Sstevel@tonic-gate case AUT_HEADER64_EX: 857c478bd9Sstevel@tonic-gate case AUT_SUBJECT64_EX: 867c478bd9Sstevel@tonic-gate case AUT_PROCESS64_EX: 877c478bd9Sstevel@tonic-gate suffix = "64_ex"; 887c478bd9Sstevel@tonic-gate break; 897c478bd9Sstevel@tonic-gate default: 907c478bd9Sstevel@tonic-gate suffix = ""; 917c478bd9Sstevel@tonic-gate break; 927c478bd9Sstevel@tonic-gate } 937c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "token_processing: %s%s\n", 947c478bd9Sstevel@tonic-gate tokentable[id].t_name, suffix); 957c478bd9Sstevel@tonic-gate } 967c478bd9Sstevel@tonic-gate #endif /* AUDIT_REC */ 977c478bd9Sstevel@tonic-gate 987c478bd9Sstevel@tonic-gate /* 997c478bd9Sstevel@tonic-gate * Process a token in a record to determine whether the record is interesting. 1007c478bd9Sstevel@tonic-gate */ 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate int 1037c478bd9Sstevel@tonic-gate token_processing(adr_t *adr, int tokenid) 1047c478bd9Sstevel@tonic-gate { 1057c478bd9Sstevel@tonic-gate if ((tokenid > 0) && (tokenid <= MAXTOKEN) && 1067c478bd9Sstevel@tonic-gate (tokentable[tokenid].func != NOFUNC)) { 1077c478bd9Sstevel@tonic-gate #if AUDIT_REC 1087c478bd9Sstevel@tonic-gate print_id(tokenid); 1097c478bd9Sstevel@tonic-gate #endif /* AUDIT_REC */ 1107c478bd9Sstevel@tonic-gate return ((*tokentable[tokenid].func)(adr)); 1117c478bd9Sstevel@tonic-gate } 1127c478bd9Sstevel@tonic-gate 1137c478bd9Sstevel@tonic-gate /* here if token id is not in table */ 1147c478bd9Sstevel@tonic-gate return (-2); 1157c478bd9Sstevel@tonic-gate } 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate 1187c478bd9Sstevel@tonic-gate /* There should not be any file or header tokens in the middle of a record */ 1197c478bd9Sstevel@tonic-gate 1207c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1217c478bd9Sstevel@tonic-gate int 1227c478bd9Sstevel@tonic-gate file_token(adr_t *adr) 1237c478bd9Sstevel@tonic-gate { 1247c478bd9Sstevel@tonic-gate return (-2); 1257c478bd9Sstevel@tonic-gate } 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1287c478bd9Sstevel@tonic-gate int 1297c478bd9Sstevel@tonic-gate file64_token(adr_t *adr) 1307c478bd9Sstevel@tonic-gate { 1317c478bd9Sstevel@tonic-gate return (-2); 1327c478bd9Sstevel@tonic-gate } 1337c478bd9Sstevel@tonic-gate 1347c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1357c478bd9Sstevel@tonic-gate int 1367c478bd9Sstevel@tonic-gate header_token(adr_t *adr) 1377c478bd9Sstevel@tonic-gate { 1387c478bd9Sstevel@tonic-gate return (-2); 1397c478bd9Sstevel@tonic-gate } 1407c478bd9Sstevel@tonic-gate 1417c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1427c478bd9Sstevel@tonic-gate int 1437c478bd9Sstevel@tonic-gate header32_ex_token(adr_t *adr) 1447c478bd9Sstevel@tonic-gate { 1457c478bd9Sstevel@tonic-gate return (-2); 1467c478bd9Sstevel@tonic-gate } 1477c478bd9Sstevel@tonic-gate 1487c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1497c478bd9Sstevel@tonic-gate int 1507c478bd9Sstevel@tonic-gate header64_ex_token(adr_t *adr) 1517c478bd9Sstevel@tonic-gate { 1527c478bd9Sstevel@tonic-gate return (-2); 1537c478bd9Sstevel@tonic-gate } 1547c478bd9Sstevel@tonic-gate 1557c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1567c478bd9Sstevel@tonic-gate int 1577c478bd9Sstevel@tonic-gate header64_token(adr_t *adr) 1587c478bd9Sstevel@tonic-gate { 1597c478bd9Sstevel@tonic-gate return (-2); 1607c478bd9Sstevel@tonic-gate } 1617c478bd9Sstevel@tonic-gate 1627c478bd9Sstevel@tonic-gate 1637c478bd9Sstevel@tonic-gate /* 1647c478bd9Sstevel@tonic-gate * ====================================================== 1657c478bd9Sstevel@tonic-gate * The following token processing routines return 1667c478bd9Sstevel@tonic-gate * -1: if the record is not interesting 1677c478bd9Sstevel@tonic-gate * -2: if an error is found 1687c478bd9Sstevel@tonic-gate * ====================================================== 1697c478bd9Sstevel@tonic-gate */ 1707c478bd9Sstevel@tonic-gate 1717c478bd9Sstevel@tonic-gate int 1727c478bd9Sstevel@tonic-gate trailer_token(adr_t *adr) 1737c478bd9Sstevel@tonic-gate { 1747c478bd9Sstevel@tonic-gate short magic_number; 1757c478bd9Sstevel@tonic-gate uint32_t bytes; 1767c478bd9Sstevel@tonic-gate 1777c478bd9Sstevel@tonic-gate adrm_u_short(adr, (ushort_t *)&magic_number, 1); 1787c478bd9Sstevel@tonic-gate if (magic_number != AUT_TRAILER_MAGIC) { 1797c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s\n", 1807c478bd9Sstevel@tonic-gate gettext("auditreduce: Bad trailer token")); 1817c478bd9Sstevel@tonic-gate return (-2); 1827c478bd9Sstevel@tonic-gate } 1837c478bd9Sstevel@tonic-gate adrm_u_int32(adr, &bytes, 1); 1847c478bd9Sstevel@tonic-gate 1857c478bd9Sstevel@tonic-gate return (-1); 1867c478bd9Sstevel@tonic-gate } 1877c478bd9Sstevel@tonic-gate 1887c478bd9Sstevel@tonic-gate 1897c478bd9Sstevel@tonic-gate /* 1907c478bd9Sstevel@tonic-gate * Format of arbitrary data token: 1917c478bd9Sstevel@tonic-gate * arbitrary data token id adr char 1927c478bd9Sstevel@tonic-gate * how to print adr_char 1937c478bd9Sstevel@tonic-gate * basic unit adr_char 1947c478bd9Sstevel@tonic-gate * unit count adr_char, specifying number of units of 1957c478bd9Sstevel@tonic-gate * data items depends on basic unit 1967c478bd9Sstevel@tonic-gate */ 1977c478bd9Sstevel@tonic-gate int 1987c478bd9Sstevel@tonic-gate arbitrary_data_token(adr_t *adr) 1997c478bd9Sstevel@tonic-gate { 2007c478bd9Sstevel@tonic-gate int i; 2017c478bd9Sstevel@tonic-gate char c1; 2027c478bd9Sstevel@tonic-gate short c2; 2037c478bd9Sstevel@tonic-gate int32_t c3; 2047c478bd9Sstevel@tonic-gate int64_t c4; 2057c478bd9Sstevel@tonic-gate char how_to_print, basic_unit, unit_count; 2067c478bd9Sstevel@tonic-gate 2077c478bd9Sstevel@tonic-gate /* get how_to_print, basic_unit, and unit_count */ 2087c478bd9Sstevel@tonic-gate adrm_char(adr, &how_to_print, 1); 2097c478bd9Sstevel@tonic-gate adrm_char(adr, &basic_unit, 1); 2107c478bd9Sstevel@tonic-gate adrm_char(adr, &unit_count, 1); 2117c478bd9Sstevel@tonic-gate for (i = 0; i < unit_count; i++) { 2127c478bd9Sstevel@tonic-gate switch (basic_unit) { 2137c478bd9Sstevel@tonic-gate /* case AUR_BYTE: has same value as AUR_CHAR */ 2147c478bd9Sstevel@tonic-gate case AUR_CHAR: 2157c478bd9Sstevel@tonic-gate adrm_char(adr, &c1, 1); 2167c478bd9Sstevel@tonic-gate break; 2177c478bd9Sstevel@tonic-gate case AUR_SHORT: 2187c478bd9Sstevel@tonic-gate adrm_short(adr, &c2, 1); 2197c478bd9Sstevel@tonic-gate break; 2207c478bd9Sstevel@tonic-gate case AUR_INT32: 2217c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&c3, 1); 2227c478bd9Sstevel@tonic-gate break; 2237c478bd9Sstevel@tonic-gate case AUR_INT64: 2247c478bd9Sstevel@tonic-gate adrm_int64(adr, (int64_t *)&c4, 1); 2257c478bd9Sstevel@tonic-gate break; 2267c478bd9Sstevel@tonic-gate default: 2277c478bd9Sstevel@tonic-gate return (-2); 2287c478bd9Sstevel@tonic-gate } 2297c478bd9Sstevel@tonic-gate } 2307c478bd9Sstevel@tonic-gate return (-1); 2317c478bd9Sstevel@tonic-gate } 2327c478bd9Sstevel@tonic-gate 2337c478bd9Sstevel@tonic-gate 2347c478bd9Sstevel@tonic-gate /* 2357c478bd9Sstevel@tonic-gate * Format of opaque token: 2367c478bd9Sstevel@tonic-gate * opaque token id adr_char 2377c478bd9Sstevel@tonic-gate * size adr_short 2387c478bd9Sstevel@tonic-gate * data adr_char, size times 2397c478bd9Sstevel@tonic-gate */ 2407c478bd9Sstevel@tonic-gate int 2417c478bd9Sstevel@tonic-gate opaque_token(adr_t *adr) 2427c478bd9Sstevel@tonic-gate { 2437c478bd9Sstevel@tonic-gate skip_string(adr); 2447c478bd9Sstevel@tonic-gate return (-1); 2457c478bd9Sstevel@tonic-gate } 2467c478bd9Sstevel@tonic-gate 2477c478bd9Sstevel@tonic-gate 2487c478bd9Sstevel@tonic-gate 2497c478bd9Sstevel@tonic-gate /* 2507c478bd9Sstevel@tonic-gate * Format of return32 value token: 2517c478bd9Sstevel@tonic-gate * return value token id adr_char 2527c478bd9Sstevel@tonic-gate * error number adr_char 2537c478bd9Sstevel@tonic-gate * return value adr_u_int32 2547c478bd9Sstevel@tonic-gate */ 2557c478bd9Sstevel@tonic-gate int 2567c478bd9Sstevel@tonic-gate return_value32_token(adr_t *adr) 2577c478bd9Sstevel@tonic-gate { 2587c478bd9Sstevel@tonic-gate char errnum; 2597c478bd9Sstevel@tonic-gate uint32_t value; 2607c478bd9Sstevel@tonic-gate 2617c478bd9Sstevel@tonic-gate adrm_char(adr, &errnum, 1); 2627c478bd9Sstevel@tonic-gate adrm_u_int32(adr, &value, 1); 2637c478bd9Sstevel@tonic-gate if ((flags & M_SORF) && 2647c478bd9Sstevel@tonic-gate ((global_class & mask.am_success) && (errnum == 0)) || 2657c478bd9Sstevel@tonic-gate ((global_class & mask.am_failure) && (errnum != 0))) { 2667c478bd9Sstevel@tonic-gate checkflags |= M_SORF; 2677c478bd9Sstevel@tonic-gate } 2687c478bd9Sstevel@tonic-gate return (-1); 2697c478bd9Sstevel@tonic-gate } 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate /* 2727c478bd9Sstevel@tonic-gate * Format of return64 value token: 2737c478bd9Sstevel@tonic-gate * return value token id adr_char 2747c478bd9Sstevel@tonic-gate * error number adr_char 2757c478bd9Sstevel@tonic-gate * return value adr_u_int64 2767c478bd9Sstevel@tonic-gate */ 2777c478bd9Sstevel@tonic-gate int 2787c478bd9Sstevel@tonic-gate return_value64_token(adr_t *adr) 2797c478bd9Sstevel@tonic-gate { 2807c478bd9Sstevel@tonic-gate char errnum; 2817c478bd9Sstevel@tonic-gate uint64_t value; 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate adrm_char(adr, &errnum, 1); 2847c478bd9Sstevel@tonic-gate adrm_u_int64(adr, &value, 1); 2857c478bd9Sstevel@tonic-gate if ((flags & M_SORF) && 2867c478bd9Sstevel@tonic-gate ((global_class & mask.am_success) && (errnum == 0)) || 2877c478bd9Sstevel@tonic-gate ((global_class & mask.am_failure) && (errnum != 0))) { 2887c478bd9Sstevel@tonic-gate checkflags |= M_SORF; 2897c478bd9Sstevel@tonic-gate } 2907c478bd9Sstevel@tonic-gate return (-1); 2917c478bd9Sstevel@tonic-gate } 2927c478bd9Sstevel@tonic-gate 2937c478bd9Sstevel@tonic-gate 2947c478bd9Sstevel@tonic-gate /* 2957c478bd9Sstevel@tonic-gate * Format of sequence token: 2967c478bd9Sstevel@tonic-gate * sequence token id adr_char 2977c478bd9Sstevel@tonic-gate * audit_count int32_t 2987c478bd9Sstevel@tonic-gate */ 2997c478bd9Sstevel@tonic-gate int 3007c478bd9Sstevel@tonic-gate sequence_token(adr_t *adr) 3017c478bd9Sstevel@tonic-gate { 3027c478bd9Sstevel@tonic-gate int32_t audit_count; 3037c478bd9Sstevel@tonic-gate 3047c478bd9Sstevel@tonic-gate adrm_int32(adr, &audit_count, 1); 3057c478bd9Sstevel@tonic-gate return (-1); 3067c478bd9Sstevel@tonic-gate } 3077c478bd9Sstevel@tonic-gate 3087c478bd9Sstevel@tonic-gate 3097c478bd9Sstevel@tonic-gate /* 3107c478bd9Sstevel@tonic-gate * Format of text token: 3117c478bd9Sstevel@tonic-gate * text token id adr_char 3127c478bd9Sstevel@tonic-gate * text adr_string 3137c478bd9Sstevel@tonic-gate */ 3147c478bd9Sstevel@tonic-gate int 3157c478bd9Sstevel@tonic-gate text_token(adr_t *adr) 3167c478bd9Sstevel@tonic-gate { 3177c478bd9Sstevel@tonic-gate skip_string(adr); 3187c478bd9Sstevel@tonic-gate return (-1); 3197c478bd9Sstevel@tonic-gate } 3207c478bd9Sstevel@tonic-gate 3217c478bd9Sstevel@tonic-gate 3227c478bd9Sstevel@tonic-gate /* 3237c478bd9Sstevel@tonic-gate * Format of ip_addr token: 3247c478bd9Sstevel@tonic-gate * ip token id adr_char 3257c478bd9Sstevel@tonic-gate * address adr_int32 3267c478bd9Sstevel@tonic-gate */ 3277c478bd9Sstevel@tonic-gate int 3287c478bd9Sstevel@tonic-gate ip_addr_token(adr_t *adr) 3297c478bd9Sstevel@tonic-gate { 3307c478bd9Sstevel@tonic-gate int32_t address; 3317c478bd9Sstevel@tonic-gate 3327c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&address, 4); 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate return (-1); 3357c478bd9Sstevel@tonic-gate } 3367c478bd9Sstevel@tonic-gate 3377c478bd9Sstevel@tonic-gate /* 3387c478bd9Sstevel@tonic-gate * Format of ip_addr_ex token: 3397c478bd9Sstevel@tonic-gate * ip token id adr_char 3407c478bd9Sstevel@tonic-gate * ip type adr_int32 3418249a45fSJan Friedel * ip address adr_u_char*type 3427c478bd9Sstevel@tonic-gate */ 3437c478bd9Sstevel@tonic-gate int 3447c478bd9Sstevel@tonic-gate ip_addr_ex_token(adr_t *adr) 3457c478bd9Sstevel@tonic-gate { 3467c478bd9Sstevel@tonic-gate int32_t type; 3478249a45fSJan Friedel uchar_t address[16]; 3487c478bd9Sstevel@tonic-gate 3497c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&type, 1); 3508249a45fSJan Friedel adrm_u_char(adr, address, type); 3517c478bd9Sstevel@tonic-gate 3527c478bd9Sstevel@tonic-gate return (-1); 3537c478bd9Sstevel@tonic-gate } 3547c478bd9Sstevel@tonic-gate 3557c478bd9Sstevel@tonic-gate /* 3567c478bd9Sstevel@tonic-gate * Format of ip token: 3577c478bd9Sstevel@tonic-gate * ip header token id adr_char 3587c478bd9Sstevel@tonic-gate * version adr_char 3597c478bd9Sstevel@tonic-gate * type of service adr_char 3607c478bd9Sstevel@tonic-gate * length adr_short 3617c478bd9Sstevel@tonic-gate * id adr_u_short 3627c478bd9Sstevel@tonic-gate * offset adr_u_short 3637c478bd9Sstevel@tonic-gate * ttl adr_char 3647c478bd9Sstevel@tonic-gate * protocol adr_char 3657c478bd9Sstevel@tonic-gate * checksum adr_u_short 3667c478bd9Sstevel@tonic-gate * source address adr_int32 3677c478bd9Sstevel@tonic-gate * destination address adr_int32 3687c478bd9Sstevel@tonic-gate */ 3697c478bd9Sstevel@tonic-gate int 3707c478bd9Sstevel@tonic-gate ip_token(adr_t *adr) 3717c478bd9Sstevel@tonic-gate { 3727c478bd9Sstevel@tonic-gate char version; 3737c478bd9Sstevel@tonic-gate char type; 3747c478bd9Sstevel@tonic-gate short len; 3757c478bd9Sstevel@tonic-gate unsigned short id, offset, checksum; 3767c478bd9Sstevel@tonic-gate char ttl, protocol; 3777c478bd9Sstevel@tonic-gate int32_t src, dest; 3787c478bd9Sstevel@tonic-gate 3797c478bd9Sstevel@tonic-gate adrm_char(adr, &version, 1); 3807c478bd9Sstevel@tonic-gate adrm_char(adr, &type, 1); 3817c478bd9Sstevel@tonic-gate adrm_short(adr, &len, 1); 3827c478bd9Sstevel@tonic-gate adrm_u_short(adr, &id, 1); 3837c478bd9Sstevel@tonic-gate adrm_u_short(adr, &offset, 1); 3847c478bd9Sstevel@tonic-gate adrm_char(adr, &ttl, 1); 3857c478bd9Sstevel@tonic-gate adrm_char(adr, &protocol, 1); 3867c478bd9Sstevel@tonic-gate adrm_u_short(adr, &checksum, 1); 3877c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&src, 4); 3887c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&dest, 4); 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate return (-1); 3917c478bd9Sstevel@tonic-gate } 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate 3947c478bd9Sstevel@tonic-gate /* 3957c478bd9Sstevel@tonic-gate * Format of iport token: 3967c478bd9Sstevel@tonic-gate * ip port address token id adr_char 3977c478bd9Sstevel@tonic-gate * port address adr_short 3987c478bd9Sstevel@tonic-gate */ 3997c478bd9Sstevel@tonic-gate int 4007c478bd9Sstevel@tonic-gate iport_token(adr_t *adr) 4017c478bd9Sstevel@tonic-gate { 4027c478bd9Sstevel@tonic-gate short address; 4037c478bd9Sstevel@tonic-gate 4047c478bd9Sstevel@tonic-gate adrm_short(adr, &address, 1); 4057c478bd9Sstevel@tonic-gate 4067c478bd9Sstevel@tonic-gate return (-1); 4077c478bd9Sstevel@tonic-gate } 4087c478bd9Sstevel@tonic-gate 4097c478bd9Sstevel@tonic-gate 4107c478bd9Sstevel@tonic-gate /* 4117c478bd9Sstevel@tonic-gate * Format of groups token: 4127c478bd9Sstevel@tonic-gate * group token id adr_char 4137c478bd9Sstevel@tonic-gate * group list adr_int32, 16 times 4147c478bd9Sstevel@tonic-gate */ 4157c478bd9Sstevel@tonic-gate int 4167c478bd9Sstevel@tonic-gate group_token(adr_t *adr) 4177c478bd9Sstevel@tonic-gate { 4187c478bd9Sstevel@tonic-gate int gid[16]; 4197c478bd9Sstevel@tonic-gate int i; 4207c478bd9Sstevel@tonic-gate int flag = 0; 4217c478bd9Sstevel@tonic-gate 4227c478bd9Sstevel@tonic-gate for (i = 0; i < 16; i++) { 4237c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&gid[i], 1); 4247c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 4257c478bd9Sstevel@tonic-gate if ((unsigned short)m_groupr == gid[i]) 4267c478bd9Sstevel@tonic-gate flag = 1; 4277c478bd9Sstevel@tonic-gate } 4287c478bd9Sstevel@tonic-gate } 4297c478bd9Sstevel@tonic-gate 4307c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 4317c478bd9Sstevel@tonic-gate if (flag) 4327c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 4337c478bd9Sstevel@tonic-gate } 4347c478bd9Sstevel@tonic-gate return (-1); 4357c478bd9Sstevel@tonic-gate } 4367c478bd9Sstevel@tonic-gate 4377c478bd9Sstevel@tonic-gate /* 4387c478bd9Sstevel@tonic-gate * Format of newgroups token: 4397c478bd9Sstevel@tonic-gate * group token id adr_char 4407c478bd9Sstevel@tonic-gate * number of groups adr_short 4417c478bd9Sstevel@tonic-gate * group list adr_int32, "number" times 4427c478bd9Sstevel@tonic-gate */ 4437c478bd9Sstevel@tonic-gate int 4447c478bd9Sstevel@tonic-gate newgroup_token(adr_t *adr) 4457c478bd9Sstevel@tonic-gate { 4467c478bd9Sstevel@tonic-gate gid_t gid; 4477c478bd9Sstevel@tonic-gate int i; 4487c478bd9Sstevel@tonic-gate short int number; 4497c478bd9Sstevel@tonic-gate 4507c478bd9Sstevel@tonic-gate adrm_short(adr, &number, 1); 4517c478bd9Sstevel@tonic-gate 4527c478bd9Sstevel@tonic-gate for (i = 0; i < number; i++) { 4537c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&gid, 1); 4547c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 4557c478bd9Sstevel@tonic-gate if (m_groupr == gid) 4567c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 4577c478bd9Sstevel@tonic-gate } 4587c478bd9Sstevel@tonic-gate } 4597c478bd9Sstevel@tonic-gate 4607c478bd9Sstevel@tonic-gate return (-1); 4617c478bd9Sstevel@tonic-gate } 4627c478bd9Sstevel@tonic-gate 4637c478bd9Sstevel@tonic-gate /* 4647c478bd9Sstevel@tonic-gate * Format of argument32 token: 4657c478bd9Sstevel@tonic-gate * argument token id adr_char 4667c478bd9Sstevel@tonic-gate * argument number adr_char 4677c478bd9Sstevel@tonic-gate * argument value adr_int32 4687c478bd9Sstevel@tonic-gate * argument description adr_string 4697c478bd9Sstevel@tonic-gate */ 4707c478bd9Sstevel@tonic-gate int 4717c478bd9Sstevel@tonic-gate argument32_token(adr_t *adr) 4727c478bd9Sstevel@tonic-gate { 4737c478bd9Sstevel@tonic-gate char arg_num; 4747c478bd9Sstevel@tonic-gate int32_t arg_val; 4757c478bd9Sstevel@tonic-gate 4767c478bd9Sstevel@tonic-gate adrm_char(adr, &arg_num, 1); 4777c478bd9Sstevel@tonic-gate adrm_int32(adr, &arg_val, 1); 4787c478bd9Sstevel@tonic-gate skip_string(adr); 4797c478bd9Sstevel@tonic-gate 4807c478bd9Sstevel@tonic-gate return (-1); 4817c478bd9Sstevel@tonic-gate } 4827c478bd9Sstevel@tonic-gate 4837c478bd9Sstevel@tonic-gate /* 4847c478bd9Sstevel@tonic-gate * Format of argument64 token: 4857c478bd9Sstevel@tonic-gate * argument token id adr_char 4867c478bd9Sstevel@tonic-gate * argument number adr_char 4877c478bd9Sstevel@tonic-gate * argument value adr_int64 4887c478bd9Sstevel@tonic-gate * argument description adr_string 4897c478bd9Sstevel@tonic-gate */ 4907c478bd9Sstevel@tonic-gate int 4917c478bd9Sstevel@tonic-gate argument64_token(adr_t *adr) 4927c478bd9Sstevel@tonic-gate { 4937c478bd9Sstevel@tonic-gate char arg_num; 4947c478bd9Sstevel@tonic-gate int64_t arg_val; 4957c478bd9Sstevel@tonic-gate 4967c478bd9Sstevel@tonic-gate adrm_char(adr, &arg_num, 1); 4977c478bd9Sstevel@tonic-gate adrm_int64(adr, &arg_val, 1); 4987c478bd9Sstevel@tonic-gate skip_string(adr); 4997c478bd9Sstevel@tonic-gate 5007c478bd9Sstevel@tonic-gate return (-1); 5017c478bd9Sstevel@tonic-gate } 5027c478bd9Sstevel@tonic-gate 503a7746f66Stz204579 /* 504a7746f66Stz204579 * Format of acl token: 505a7746f66Stz204579 * acl token id adr_char 506a7746f66Stz204579 * acl type adr_u_int32 507a7746f66Stz204579 * acl value adr_u_int32 (depends on type) 508a7746f66Stz204579 * file mode adr_u_int (in octal) 509a7746f66Stz204579 */ 5107c478bd9Sstevel@tonic-gate int 5117c478bd9Sstevel@tonic-gate acl_token(adr_t *adr) 5127c478bd9Sstevel@tonic-gate { 5137c478bd9Sstevel@tonic-gate 5147c478bd9Sstevel@tonic-gate int32_t id; 5157c478bd9Sstevel@tonic-gate int32_t mode; 5167c478bd9Sstevel@tonic-gate int32_t type; 5177c478bd9Sstevel@tonic-gate 5187c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 5197c478bd9Sstevel@tonic-gate adrm_int32(adr, &id, 1); 5207c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 5217c478bd9Sstevel@tonic-gate 5227c478bd9Sstevel@tonic-gate return (-1); 5237c478bd9Sstevel@tonic-gate } 5247c478bd9Sstevel@tonic-gate 5257c478bd9Sstevel@tonic-gate /* 526a7746f66Stz204579 * Format of ace token: 527a7746f66Stz204579 * ace token id adr_char 528a7746f66Stz204579 * ace who adr_u_int32 (uid/gid) 529a7746f66Stz204579 * access mask adr_u_int32 530a7746f66Stz204579 * ace flags adr_u_int16 531a7746f66Stz204579 * ace type adr_u_int16 532a7746f66Stz204579 */ 533a7746f66Stz204579 int 534a7746f66Stz204579 ace_token(adr_t *adr) 535a7746f66Stz204579 { 536a7746f66Stz204579 uid_t who; 537a7746f66Stz204579 uint32_t access_mask; 538a7746f66Stz204579 uint16_t flags, type; 539a7746f66Stz204579 540a7746f66Stz204579 adrm_uid(adr, &who, 1); 541a7746f66Stz204579 adrm_u_int32(adr, &access_mask, 1); 542a7746f66Stz204579 adrm_u_short(adr, &flags, 1); 543a7746f66Stz204579 adrm_u_short(adr, &type, 1); 544a7746f66Stz204579 545a7746f66Stz204579 return (-1); 546a7746f66Stz204579 } 547a7746f66Stz204579 548a7746f66Stz204579 /* 5497c478bd9Sstevel@tonic-gate * Format of attribute token: (old pre SunOS 5.7 format) 5507c478bd9Sstevel@tonic-gate * attribute token id adr_char 5517c478bd9Sstevel@tonic-gate * mode adr_int32 (printed in octal) 5527c478bd9Sstevel@tonic-gate * uid adr_int32 5537c478bd9Sstevel@tonic-gate * gid adr_int32 5547c478bd9Sstevel@tonic-gate * file system id adr_int32 5557c478bd9Sstevel@tonic-gate * node id adr_int32 5567c478bd9Sstevel@tonic-gate * device adr_int32 5577c478bd9Sstevel@tonic-gate */ 5587c478bd9Sstevel@tonic-gate int 5597c478bd9Sstevel@tonic-gate attribute_token(adr_t *adr) 5607c478bd9Sstevel@tonic-gate { 5617c478bd9Sstevel@tonic-gate int32_t dev; 5627c478bd9Sstevel@tonic-gate int32_t file_sysid; 5637c478bd9Sstevel@tonic-gate int32_t gid; 5647c478bd9Sstevel@tonic-gate int32_t mode; 5657c478bd9Sstevel@tonic-gate int32_t nodeid; 5667c478bd9Sstevel@tonic-gate int32_t uid; 5677c478bd9Sstevel@tonic-gate 5687c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 5697c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 5707c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 5717c478bd9Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1); 5727c478bd9Sstevel@tonic-gate adrm_int32(adr, &nodeid, 1); 5737c478bd9Sstevel@tonic-gate adrm_int32(adr, &dev, 1); 5747c478bd9Sstevel@tonic-gate 5757c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 5767c478bd9Sstevel@tonic-gate if (m_usere == uid) 5777c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 5787c478bd9Sstevel@tonic-gate } 5797c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 5807c478bd9Sstevel@tonic-gate if (m_groupe == gid) 5817c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 5827c478bd9Sstevel@tonic-gate } 5837c478bd9Sstevel@tonic-gate 5847c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 5857c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) && 5867c478bd9Sstevel@tonic-gate (obj_group == gid)) 5877c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 5887c478bd9Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) && 5897c478bd9Sstevel@tonic-gate (obj_owner == uid)) 5907c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 5917c478bd9Sstevel@tonic-gate } 5927c478bd9Sstevel@tonic-gate return (-1); 5937c478bd9Sstevel@tonic-gate } 5947c478bd9Sstevel@tonic-gate 5957c478bd9Sstevel@tonic-gate /* 5967c478bd9Sstevel@tonic-gate * Format of attribute32 token: 5977c478bd9Sstevel@tonic-gate * attribute token id adr_char 5987c478bd9Sstevel@tonic-gate * mode adr_int32 (printed in octal) 5997c478bd9Sstevel@tonic-gate * uid adr_int32 6007c478bd9Sstevel@tonic-gate * gid adr_int32 6017c478bd9Sstevel@tonic-gate * file system id adr_int32 6027c478bd9Sstevel@tonic-gate * node id adr_int64 6037c478bd9Sstevel@tonic-gate * device adr_int32 6047c478bd9Sstevel@tonic-gate */ 6057c478bd9Sstevel@tonic-gate int 6067c478bd9Sstevel@tonic-gate attribute32_token(adr_t *adr) 6077c478bd9Sstevel@tonic-gate { 6087c478bd9Sstevel@tonic-gate int32_t dev; 6097c478bd9Sstevel@tonic-gate int32_t file_sysid; 6107c478bd9Sstevel@tonic-gate int32_t gid; 6117c478bd9Sstevel@tonic-gate int32_t mode; 6127c478bd9Sstevel@tonic-gate int64_t nodeid; 6137c478bd9Sstevel@tonic-gate int32_t uid; 6147c478bd9Sstevel@tonic-gate 6157c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 6167c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 6177c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 6187c478bd9Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1); 6197c478bd9Sstevel@tonic-gate adrm_int64(adr, &nodeid, 1); 6207c478bd9Sstevel@tonic-gate adrm_int32(adr, &dev, 1); 6217c478bd9Sstevel@tonic-gate 6227c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 6237c478bd9Sstevel@tonic-gate if (m_usere == uid) 6247c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 6257c478bd9Sstevel@tonic-gate } 6267c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 6277c478bd9Sstevel@tonic-gate if (m_groupe == gid) 6287c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 6297c478bd9Sstevel@tonic-gate } 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 6327c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) && 6337c478bd9Sstevel@tonic-gate (obj_group == gid)) 6347c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6357c478bd9Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) && 6367c478bd9Sstevel@tonic-gate (obj_owner == uid)) 6377c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6387c478bd9Sstevel@tonic-gate } 6397c478bd9Sstevel@tonic-gate return (-1); 6407c478bd9Sstevel@tonic-gate } 6417c478bd9Sstevel@tonic-gate 6427c478bd9Sstevel@tonic-gate /* 6437c478bd9Sstevel@tonic-gate * Format of attribute64 token: 6447c478bd9Sstevel@tonic-gate * attribute token id adr_char 6457c478bd9Sstevel@tonic-gate * mode adr_int32 (printed in octal) 6467c478bd9Sstevel@tonic-gate * uid adr_int32 6477c478bd9Sstevel@tonic-gate * gid adr_int32 6487c478bd9Sstevel@tonic-gate * file system id adr_int32 6497c478bd9Sstevel@tonic-gate * node id adr_int64 6507c478bd9Sstevel@tonic-gate * device adr_int64 6517c478bd9Sstevel@tonic-gate */ 6527c478bd9Sstevel@tonic-gate int 6537c478bd9Sstevel@tonic-gate attribute64_token(adr_t *adr) 6547c478bd9Sstevel@tonic-gate { 6557c478bd9Sstevel@tonic-gate int64_t dev; 6567c478bd9Sstevel@tonic-gate int32_t file_sysid; 6577c478bd9Sstevel@tonic-gate int32_t gid; 6587c478bd9Sstevel@tonic-gate int32_t mode; 6597c478bd9Sstevel@tonic-gate int64_t nodeid; 6607c478bd9Sstevel@tonic-gate int32_t uid; 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 6637c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 6647c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 6657c478bd9Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1); 6667c478bd9Sstevel@tonic-gate adrm_int64(adr, &nodeid, 1); 6677c478bd9Sstevel@tonic-gate adrm_int64(adr, &dev, 1); 6687c478bd9Sstevel@tonic-gate 6697c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 6707c478bd9Sstevel@tonic-gate if (m_usere == uid) 6717c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 6727c478bd9Sstevel@tonic-gate } 6737c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 6747c478bd9Sstevel@tonic-gate if (m_groupe == gid) 6757c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 6767c478bd9Sstevel@tonic-gate } 6777c478bd9Sstevel@tonic-gate 6787c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 6797c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) && 6807c478bd9Sstevel@tonic-gate (obj_group == gid)) 6817c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6827c478bd9Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) && 6837c478bd9Sstevel@tonic-gate (obj_owner == uid)) 6847c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6857c478bd9Sstevel@tonic-gate } 6867c478bd9Sstevel@tonic-gate return (-1); 6877c478bd9Sstevel@tonic-gate } 6887c478bd9Sstevel@tonic-gate 6897c478bd9Sstevel@tonic-gate 6907c478bd9Sstevel@tonic-gate /* 6917c478bd9Sstevel@tonic-gate * Format of command token: 6927c478bd9Sstevel@tonic-gate * attribute token id adr_char 6937c478bd9Sstevel@tonic-gate * argc adr_short 6947c478bd9Sstevel@tonic-gate * argv len adr_short variable amount of argv len 6957c478bd9Sstevel@tonic-gate * argv text argv len and text 6967c478bd9Sstevel@tonic-gate * . 6977c478bd9Sstevel@tonic-gate * . 6987c478bd9Sstevel@tonic-gate * . 6997c478bd9Sstevel@tonic-gate * envp count adr_short variable amount of envp len 7007c478bd9Sstevel@tonic-gate * envp len adr_short and text 7017c478bd9Sstevel@tonic-gate * envp text envp len 7027c478bd9Sstevel@tonic-gate * . 7037c478bd9Sstevel@tonic-gate * . 7047c478bd9Sstevel@tonic-gate * . 7057c478bd9Sstevel@tonic-gate */ 7067c478bd9Sstevel@tonic-gate int 7077c478bd9Sstevel@tonic-gate cmd_token(adr_t *adr) 7087c478bd9Sstevel@tonic-gate { 7097c478bd9Sstevel@tonic-gate short cnt; 7107c478bd9Sstevel@tonic-gate short i; 7117c478bd9Sstevel@tonic-gate 7127c478bd9Sstevel@tonic-gate adrm_short(adr, &cnt, 1); 7137c478bd9Sstevel@tonic-gate 7147c478bd9Sstevel@tonic-gate for (i = 0; i < cnt; i++) 7157c478bd9Sstevel@tonic-gate skip_string(adr); 7167c478bd9Sstevel@tonic-gate 7177c478bd9Sstevel@tonic-gate adrm_short(adr, &cnt, 1); 7187c478bd9Sstevel@tonic-gate 7197c478bd9Sstevel@tonic-gate for (i = 0; i < cnt; i++) 7207c478bd9Sstevel@tonic-gate skip_string(adr); 7217c478bd9Sstevel@tonic-gate 7227c478bd9Sstevel@tonic-gate return (-1); 7237c478bd9Sstevel@tonic-gate } 7247c478bd9Sstevel@tonic-gate 7257c478bd9Sstevel@tonic-gate 7267c478bd9Sstevel@tonic-gate /* 7277c478bd9Sstevel@tonic-gate * Format of exit token: 7287c478bd9Sstevel@tonic-gate * attribute token id adr_char 7297c478bd9Sstevel@tonic-gate * return value adr_int32 7307c478bd9Sstevel@tonic-gate * errno adr_int32 7317c478bd9Sstevel@tonic-gate */ 7327c478bd9Sstevel@tonic-gate int 7337c478bd9Sstevel@tonic-gate exit_token(adr_t *adr) 7347c478bd9Sstevel@tonic-gate { 7357c478bd9Sstevel@tonic-gate int32_t retval; 7367c478bd9Sstevel@tonic-gate int32_t errno; 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate adrm_int32(adr, &retval, 1); 7397c478bd9Sstevel@tonic-gate adrm_int32(adr, &errno, 1); 7407c478bd9Sstevel@tonic-gate return (-1); 7417c478bd9Sstevel@tonic-gate } 7427c478bd9Sstevel@tonic-gate 7437c478bd9Sstevel@tonic-gate /* 7447c478bd9Sstevel@tonic-gate * Format of strings array token: 7457c478bd9Sstevel@tonic-gate * token id adr_char 7467c478bd9Sstevel@tonic-gate * count value adr_int32 7477c478bd9Sstevel@tonic-gate * strings null terminated strings 7487c478bd9Sstevel@tonic-gate */ 7497c478bd9Sstevel@tonic-gate static int 7507c478bd9Sstevel@tonic-gate strings_common_token(adr_t *adr) 7517c478bd9Sstevel@tonic-gate { 7527c478bd9Sstevel@tonic-gate int count, i; 7537c478bd9Sstevel@tonic-gate char c; 7547c478bd9Sstevel@tonic-gate 7557c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&count, 1); 7567c478bd9Sstevel@tonic-gate for (i = 1; i <= count; i++) { 7577c478bd9Sstevel@tonic-gate adrm_char(adr, &c, 1); 7587c478bd9Sstevel@tonic-gate while (c != (char)0) 7597c478bd9Sstevel@tonic-gate adrm_char(adr, &c, 1); 7607c478bd9Sstevel@tonic-gate } 7617c478bd9Sstevel@tonic-gate /* no dump option here, since we will have variable length fields */ 7627c478bd9Sstevel@tonic-gate return (-1); 7637c478bd9Sstevel@tonic-gate } 7647c478bd9Sstevel@tonic-gate 7657c478bd9Sstevel@tonic-gate int 7667c478bd9Sstevel@tonic-gate path_attr_token(adr_t *adr) 7677c478bd9Sstevel@tonic-gate { 7687c478bd9Sstevel@tonic-gate return (strings_common_token(adr)); 7697c478bd9Sstevel@tonic-gate } 7707c478bd9Sstevel@tonic-gate 7717c478bd9Sstevel@tonic-gate int 7727c478bd9Sstevel@tonic-gate exec_args_token(adr_t *adr) 7737c478bd9Sstevel@tonic-gate { 7747c478bd9Sstevel@tonic-gate return (strings_common_token(adr)); 7757c478bd9Sstevel@tonic-gate } 7767c478bd9Sstevel@tonic-gate 7777c478bd9Sstevel@tonic-gate int 7787c478bd9Sstevel@tonic-gate exec_env_token(adr_t *adr) 7797c478bd9Sstevel@tonic-gate { 7807c478bd9Sstevel@tonic-gate return (strings_common_token(adr)); 7817c478bd9Sstevel@tonic-gate } 7827c478bd9Sstevel@tonic-gate 7837c478bd9Sstevel@tonic-gate /* 7847c478bd9Sstevel@tonic-gate * Format of liaison token: 7857c478bd9Sstevel@tonic-gate */ 7867c478bd9Sstevel@tonic-gate int 7877c478bd9Sstevel@tonic-gate liaison_token(adr_t *adr) 7887c478bd9Sstevel@tonic-gate { 7897c478bd9Sstevel@tonic-gate int32_t li; 7907c478bd9Sstevel@tonic-gate 7917c478bd9Sstevel@tonic-gate adrm_int32(adr, &li, 1); 7927c478bd9Sstevel@tonic-gate return (-1); 7937c478bd9Sstevel@tonic-gate } 7947c478bd9Sstevel@tonic-gate 7957c478bd9Sstevel@tonic-gate 7967c478bd9Sstevel@tonic-gate /* 7977c478bd9Sstevel@tonic-gate * Format of path token: 7987c478bd9Sstevel@tonic-gate * path adr_string 7997c478bd9Sstevel@tonic-gate */ 8007c478bd9Sstevel@tonic-gate int 8017c478bd9Sstevel@tonic-gate path_token(adr_t *adr) 8027c478bd9Sstevel@tonic-gate { 8037c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_PATH)) { 8047c478bd9Sstevel@tonic-gate char *path; 8057c478bd9Sstevel@tonic-gate 8067c478bd9Sstevel@tonic-gate get_string(adr, &path); 8077c478bd9Sstevel@tonic-gate if (path[0] != '/') 8087c478bd9Sstevel@tonic-gate /* 8097c478bd9Sstevel@tonic-gate * anchor the path. user apps may not do it. 8107c478bd9Sstevel@tonic-gate */ 8117c478bd9Sstevel@tonic-gate anchor_path(path); 8127c478bd9Sstevel@tonic-gate /* 8137c478bd9Sstevel@tonic-gate * match against the collapsed path. that is what user sees. 8147c478bd9Sstevel@tonic-gate */ 8157c478bd9Sstevel@tonic-gate if (re_exec2(collapse_path(path)) == 1) 8167c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 8177c478bd9Sstevel@tonic-gate free(path); 8187c478bd9Sstevel@tonic-gate } else { 8197c478bd9Sstevel@tonic-gate skip_string(adr); 8207c478bd9Sstevel@tonic-gate } 8217c478bd9Sstevel@tonic-gate return (-1); 8227c478bd9Sstevel@tonic-gate } 8237c478bd9Sstevel@tonic-gate 8247c478bd9Sstevel@tonic-gate 8257c478bd9Sstevel@tonic-gate /* 8267c478bd9Sstevel@tonic-gate * Format of System V IPC permission token: 8277c478bd9Sstevel@tonic-gate * System V IPC permission token id adr_char 8287c478bd9Sstevel@tonic-gate * uid adr_int32 8297c478bd9Sstevel@tonic-gate * gid adr_int32 8307c478bd9Sstevel@tonic-gate * cuid adr_int32 8317c478bd9Sstevel@tonic-gate * cgid adr_int32 8327c478bd9Sstevel@tonic-gate * mode adr_int32 8337c478bd9Sstevel@tonic-gate * seq adr_int32 8347c478bd9Sstevel@tonic-gate * key adr_int32 8357c478bd9Sstevel@tonic-gate */ 8367c478bd9Sstevel@tonic-gate int 8377c478bd9Sstevel@tonic-gate s5_IPC_perm_token(adr_t *adr) 8387c478bd9Sstevel@tonic-gate { 8397c478bd9Sstevel@tonic-gate int32_t uid, gid, cuid, cgid, mode, seq; 8407c478bd9Sstevel@tonic-gate int32_t key; 8417c478bd9Sstevel@tonic-gate 8427c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 8437c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 8447c478bd9Sstevel@tonic-gate adrm_int32(adr, &cuid, 1); 8457c478bd9Sstevel@tonic-gate adrm_int32(adr, &cgid, 1); 8467c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 8477c478bd9Sstevel@tonic-gate adrm_int32(adr, &seq, 1); 8487c478bd9Sstevel@tonic-gate adrm_int32(adr, &key, 1); 8497c478bd9Sstevel@tonic-gate 8507c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 8517c478bd9Sstevel@tonic-gate if (m_usere == uid) 8527c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 8537c478bd9Sstevel@tonic-gate } 8547c478bd9Sstevel@tonic-gate 8557c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 8567c478bd9Sstevel@tonic-gate if (m_usere == cuid) 8577c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 8587c478bd9Sstevel@tonic-gate } 8597c478bd9Sstevel@tonic-gate 8607c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 8617c478bd9Sstevel@tonic-gate if (m_groupr == gid) 8627c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 8637c478bd9Sstevel@tonic-gate } 8647c478bd9Sstevel@tonic-gate 8657c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 8667c478bd9Sstevel@tonic-gate if (m_groupr == cgid) 8677c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 8687c478bd9Sstevel@tonic-gate } 8697c478bd9Sstevel@tonic-gate 8707c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && 8717c478bd9Sstevel@tonic-gate ((obj_owner == uid) || 8727c478bd9Sstevel@tonic-gate (obj_owner == cuid) || 8737c478bd9Sstevel@tonic-gate (obj_group == gid) || 8747c478bd9Sstevel@tonic-gate (obj_group == cgid))) { 8757c478bd9Sstevel@tonic-gate 8767c478bd9Sstevel@tonic-gate switch (obj_flag) { 8777c478bd9Sstevel@tonic-gate case OBJ_MSGGROUP: 8787c478bd9Sstevel@tonic-gate case OBJ_MSGOWNER: 8797c478bd9Sstevel@tonic-gate if (ipc_type_match(OBJ_MSG, ipc_type)) 8807c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 8817c478bd9Sstevel@tonic-gate break; 8827c478bd9Sstevel@tonic-gate case OBJ_SEMGROUP: 8837c478bd9Sstevel@tonic-gate case OBJ_SEMOWNER: 8847c478bd9Sstevel@tonic-gate if (ipc_type_match(OBJ_SEM, ipc_type)) 8857c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 8867c478bd9Sstevel@tonic-gate break; 8877c478bd9Sstevel@tonic-gate case OBJ_SHMGROUP: 8887c478bd9Sstevel@tonic-gate case OBJ_SHMOWNER: 8897c478bd9Sstevel@tonic-gate if (ipc_type_match(OBJ_SHM, ipc_type)) 8907c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 8917c478bd9Sstevel@tonic-gate break; 8927c478bd9Sstevel@tonic-gate } 8937c478bd9Sstevel@tonic-gate } 8947c478bd9Sstevel@tonic-gate return (-1); 8957c478bd9Sstevel@tonic-gate } 8967c478bd9Sstevel@tonic-gate 8977c478bd9Sstevel@tonic-gate 8987c478bd9Sstevel@tonic-gate /* 8997c478bd9Sstevel@tonic-gate * Format of process32 token: 9007c478bd9Sstevel@tonic-gate * process token id adr_char 9017c478bd9Sstevel@tonic-gate * auid adr_int32 9027c478bd9Sstevel@tonic-gate * euid adr_int32 9037c478bd9Sstevel@tonic-gate * egid adr_int32 9047c478bd9Sstevel@tonic-gate * ruid adr_int32 9057c478bd9Sstevel@tonic-gate * rgid adr_int32 9067c478bd9Sstevel@tonic-gate * pid adr_int32 9077c478bd9Sstevel@tonic-gate * sid adr_int32 9087c478bd9Sstevel@tonic-gate * termid adr_int32*2 9097c478bd9Sstevel@tonic-gate */ 9107c478bd9Sstevel@tonic-gate int 9117c478bd9Sstevel@tonic-gate process32_token(adr_t *adr) 9127c478bd9Sstevel@tonic-gate { 9137c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 9147c478bd9Sstevel@tonic-gate int32_t sid; 9157c478bd9Sstevel@tonic-gate int32_t port, machine; 9167c478bd9Sstevel@tonic-gate 9177c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 9187c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 9197c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 9207c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 9217c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 9227c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 9237c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 9247c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 9257c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 9267c478bd9Sstevel@tonic-gate 9277c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 9287c478bd9Sstevel@tonic-gate if (m_usera == auid) 9297c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 9307c478bd9Sstevel@tonic-gate } 9317c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 9327c478bd9Sstevel@tonic-gate if (m_usere == euid) 9337c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 9347c478bd9Sstevel@tonic-gate } 9357c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 9367c478bd9Sstevel@tonic-gate if (m_userr == ruid) 9377c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 9387c478bd9Sstevel@tonic-gate } 9397c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 9407c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 9417c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 9427c478bd9Sstevel@tonic-gate } 9437c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 9447c478bd9Sstevel@tonic-gate if (m_groupe == egid) 9457c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 9467c478bd9Sstevel@tonic-gate } 9477c478bd9Sstevel@tonic-gate 9487c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 9497c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 9507c478bd9Sstevel@tonic-gate (obj_id == pid)) { 9517c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9527c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 9537c478bd9Sstevel@tonic-gate ((obj_group == egid) || 9547c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 9557c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9567c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 9577c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 9587c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 9597c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9607c478bd9Sstevel@tonic-gate } 9617c478bd9Sstevel@tonic-gate } 9627c478bd9Sstevel@tonic-gate return (-1); 9637c478bd9Sstevel@tonic-gate } 9647c478bd9Sstevel@tonic-gate 9657c478bd9Sstevel@tonic-gate /* 9668249a45fSJan Friedel * Format of process32_ex token: 9677c478bd9Sstevel@tonic-gate * process token id adr_char 9687c478bd9Sstevel@tonic-gate * auid adr_int32 9697c478bd9Sstevel@tonic-gate * euid adr_int32 9707c478bd9Sstevel@tonic-gate * egid adr_int32 9717c478bd9Sstevel@tonic-gate * ruid adr_int32 9727c478bd9Sstevel@tonic-gate * rgid adr_int32 9737c478bd9Sstevel@tonic-gate * pid adr_int32 9747c478bd9Sstevel@tonic-gate * sid adr_int32 9758249a45fSJan Friedel * termid 9768249a45fSJan Friedel * port adr_int32 9778249a45fSJan Friedel * type adr_int32 9788249a45fSJan Friedel * ip address adr_u_char*type 9797c478bd9Sstevel@tonic-gate */ 9807c478bd9Sstevel@tonic-gate int 9817c478bd9Sstevel@tonic-gate process32_ex_token(adr_t *adr) 9827c478bd9Sstevel@tonic-gate { 9837c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 9847c478bd9Sstevel@tonic-gate int32_t sid; 9858249a45fSJan Friedel int32_t port, type; 9868249a45fSJan Friedel uchar_t addr[16]; 9877c478bd9Sstevel@tonic-gate 9887c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 9897c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 9907c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 9917c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 9927c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 9937c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 9947c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 9957c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 9967c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 9978249a45fSJan Friedel adrm_u_char(adr, addr, type); 9987c478bd9Sstevel@tonic-gate 9997c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 10007c478bd9Sstevel@tonic-gate if (m_usera == auid) 10017c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 10027c478bd9Sstevel@tonic-gate } 10037c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 10047c478bd9Sstevel@tonic-gate if (m_usere == euid) 10057c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 10067c478bd9Sstevel@tonic-gate } 10077c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 10087c478bd9Sstevel@tonic-gate if (m_userr == ruid) 10097c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 10107c478bd9Sstevel@tonic-gate } 10117c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 10127c478bd9Sstevel@tonic-gate if (m_groupr == egid) 10137c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 10147c478bd9Sstevel@tonic-gate } 10157c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 10167c478bd9Sstevel@tonic-gate if (m_groupe == egid) 10177c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 10187c478bd9Sstevel@tonic-gate } 10197c478bd9Sstevel@tonic-gate 10207c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 10217c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 10227c478bd9Sstevel@tonic-gate (obj_id == pid)) { 10237c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 10247c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 10257c478bd9Sstevel@tonic-gate ((obj_group == egid) || 10267c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 10277c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 10287c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 10297c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 10307c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 10317c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 10327c478bd9Sstevel@tonic-gate } 10337c478bd9Sstevel@tonic-gate } 10347c478bd9Sstevel@tonic-gate return (-1); 10357c478bd9Sstevel@tonic-gate } 10367c478bd9Sstevel@tonic-gate 10377c478bd9Sstevel@tonic-gate /* 10387c478bd9Sstevel@tonic-gate * Format of process64 token: 10397c478bd9Sstevel@tonic-gate * process token id adr_char 10407c478bd9Sstevel@tonic-gate * auid adr_int32 10417c478bd9Sstevel@tonic-gate * euid adr_int32 10427c478bd9Sstevel@tonic-gate * egid adr_int32 10437c478bd9Sstevel@tonic-gate * ruid adr_int32 10447c478bd9Sstevel@tonic-gate * rgid adr_int32 10457c478bd9Sstevel@tonic-gate * pid adr_int32 10467c478bd9Sstevel@tonic-gate * sid adr_int32 10477c478bd9Sstevel@tonic-gate * termid adr_int64+adr_int32 10487c478bd9Sstevel@tonic-gate */ 10497c478bd9Sstevel@tonic-gate int 10507c478bd9Sstevel@tonic-gate process64_token(adr_t *adr) 10517c478bd9Sstevel@tonic-gate { 10527c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 10537c478bd9Sstevel@tonic-gate int32_t sid; 10547c478bd9Sstevel@tonic-gate int64_t port; 10557c478bd9Sstevel@tonic-gate int32_t machine; 10567c478bd9Sstevel@tonic-gate 10577c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 10587c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 10597c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 10607c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 10617c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 10627c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 10637c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 10647c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 10657c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 10667c478bd9Sstevel@tonic-gate 10677c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 10687c478bd9Sstevel@tonic-gate if (m_usera == auid) 10697c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 10707c478bd9Sstevel@tonic-gate } 10717c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 10727c478bd9Sstevel@tonic-gate if (m_usere == euid) 10737c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 10747c478bd9Sstevel@tonic-gate } 10757c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 10767c478bd9Sstevel@tonic-gate if (m_userr == ruid) 10777c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 10787c478bd9Sstevel@tonic-gate } 10797c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 10807c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 10817c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 10827c478bd9Sstevel@tonic-gate } 10837c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 10847c478bd9Sstevel@tonic-gate if (m_groupe == egid) 10857c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 10867c478bd9Sstevel@tonic-gate } 10877c478bd9Sstevel@tonic-gate 10887c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 10897c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 10907c478bd9Sstevel@tonic-gate (obj_id == pid)) { 10917c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 10927c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 10937c478bd9Sstevel@tonic-gate ((obj_group == egid) || 10947c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 10957c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 10967c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 10977c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 10987c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 10997c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 11007c478bd9Sstevel@tonic-gate } 11017c478bd9Sstevel@tonic-gate } 11027c478bd9Sstevel@tonic-gate return (-1); 11037c478bd9Sstevel@tonic-gate } 11047c478bd9Sstevel@tonic-gate 11057c478bd9Sstevel@tonic-gate /* 11068249a45fSJan Friedel * Format of process64_ex token: 11077c478bd9Sstevel@tonic-gate * process token id adr_char 11087c478bd9Sstevel@tonic-gate * auid adr_int32 11097c478bd9Sstevel@tonic-gate * euid adr_int32 11107c478bd9Sstevel@tonic-gate * egid adr_int32 11117c478bd9Sstevel@tonic-gate * ruid adr_int32 11127c478bd9Sstevel@tonic-gate * rgid adr_int32 11137c478bd9Sstevel@tonic-gate * pid adr_int32 11147c478bd9Sstevel@tonic-gate * sid adr_int32 11158249a45fSJan Friedel * termid 11168249a45fSJan Friedel * port adr_int64 11178249a45fSJan Friedel * type adr_int32 11188249a45fSJan Friedel * ip address adr_u_char*type 11197c478bd9Sstevel@tonic-gate */ 11207c478bd9Sstevel@tonic-gate int 11217c478bd9Sstevel@tonic-gate process64_ex_token(adr_t *adr) 11227c478bd9Sstevel@tonic-gate { 11237c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 11247c478bd9Sstevel@tonic-gate int32_t sid; 11257c478bd9Sstevel@tonic-gate int64_t port; 11268249a45fSJan Friedel int32_t type; 11278249a45fSJan Friedel uchar_t addr[16]; 11287c478bd9Sstevel@tonic-gate 11297c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 11307c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 11317c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 11327c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 11337c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 11347c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 11357c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 11367c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 11377c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 11388249a45fSJan Friedel adrm_u_char(adr, addr, type); 11397c478bd9Sstevel@tonic-gate 11407c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 11417c478bd9Sstevel@tonic-gate if (m_usera == auid) 11427c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 11437c478bd9Sstevel@tonic-gate } 11447c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 11457c478bd9Sstevel@tonic-gate if (m_usere == euid) 11467c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 11477c478bd9Sstevel@tonic-gate } 11487c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 11497c478bd9Sstevel@tonic-gate if (m_userr == ruid) 11507c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 11517c478bd9Sstevel@tonic-gate } 11527c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 11537c478bd9Sstevel@tonic-gate if (m_groupr == egid) 11547c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 11557c478bd9Sstevel@tonic-gate } 11567c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 11577c478bd9Sstevel@tonic-gate if (m_groupe == egid) 11587c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 11597c478bd9Sstevel@tonic-gate } 11607c478bd9Sstevel@tonic-gate 11617c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 11627c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 11637c478bd9Sstevel@tonic-gate (obj_id == pid)) { 11647c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 11657c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 11667c478bd9Sstevel@tonic-gate ((obj_group == egid) || 11677c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 11687c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 11697c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 11707c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 11717c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 11727c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 11737c478bd9Sstevel@tonic-gate } 11747c478bd9Sstevel@tonic-gate } 11757c478bd9Sstevel@tonic-gate return (-1); 11767c478bd9Sstevel@tonic-gate } 11777c478bd9Sstevel@tonic-gate 11787c478bd9Sstevel@tonic-gate /* 11797c478bd9Sstevel@tonic-gate * Format of System V IPC token: 11807c478bd9Sstevel@tonic-gate * System V IPC token id adr_char 11817c478bd9Sstevel@tonic-gate * object id adr_int32 11827c478bd9Sstevel@tonic-gate */ 11837c478bd9Sstevel@tonic-gate int 11847c478bd9Sstevel@tonic-gate s5_IPC_token(adr_t *adr) 11857c478bd9Sstevel@tonic-gate { 11867c478bd9Sstevel@tonic-gate int32_t ipc_id; 11877c478bd9Sstevel@tonic-gate 11887c478bd9Sstevel@tonic-gate adrm_char(adr, &ipc_type, 1); /* Global */ 11897c478bd9Sstevel@tonic-gate adrm_int32(adr, &ipc_id, 1); 11907c478bd9Sstevel@tonic-gate 11917c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && 11927c478bd9Sstevel@tonic-gate ipc_type_match(obj_flag, ipc_type) && 11937c478bd9Sstevel@tonic-gate (obj_id == ipc_id)) 11947c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 11957c478bd9Sstevel@tonic-gate 11967c478bd9Sstevel@tonic-gate return (-1); 11977c478bd9Sstevel@tonic-gate } 11987c478bd9Sstevel@tonic-gate 11997c478bd9Sstevel@tonic-gate 12007c478bd9Sstevel@tonic-gate /* 12017c478bd9Sstevel@tonic-gate * Format of socket token: 12027c478bd9Sstevel@tonic-gate * socket_type adrm_short 12037c478bd9Sstevel@tonic-gate * remote_port adrm_short 12047c478bd9Sstevel@tonic-gate * remote_inaddr adrm_int32 12057c478bd9Sstevel@tonic-gate */ 12067c478bd9Sstevel@tonic-gate int 12077c478bd9Sstevel@tonic-gate socket_token(adr_t *adr) 12087c478bd9Sstevel@tonic-gate { 12097c478bd9Sstevel@tonic-gate short socket_type; 12107c478bd9Sstevel@tonic-gate short remote_port; 12117c478bd9Sstevel@tonic-gate int32_t remote_inaddr; 12127c478bd9Sstevel@tonic-gate 12137c478bd9Sstevel@tonic-gate adrm_short(adr, &socket_type, 1); 12147c478bd9Sstevel@tonic-gate adrm_short(adr, &remote_port, 1); 12157c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&remote_inaddr, 4); 12167c478bd9Sstevel@tonic-gate 12177c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) { 12187c478bd9Sstevel@tonic-gate if (socket_flag == SOCKFLG_MACHINE) { 12197c478bd9Sstevel@tonic-gate if (remote_inaddr == obj_id) 12207c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12217c478bd9Sstevel@tonic-gate } else if (socket_flag == SOCKFLG_PORT) { 12227c478bd9Sstevel@tonic-gate if (remote_port == obj_id) 12237c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12247c478bd9Sstevel@tonic-gate } 12257c478bd9Sstevel@tonic-gate } 12267c478bd9Sstevel@tonic-gate return (-1); 12277c478bd9Sstevel@tonic-gate } 12287c478bd9Sstevel@tonic-gate 12297c478bd9Sstevel@tonic-gate 12307c478bd9Sstevel@tonic-gate /* 12318249a45fSJan Friedel * Format of socket_ex token: 12328249a45fSJan Friedel * socket_domain adrm_short 12337c478bd9Sstevel@tonic-gate * socket_type adrm_short 12348249a45fSJan Friedel * address_type adrm_short 12358249a45fSJan Friedel * local_port adrm_short 12368249a45fSJan Friedel * local_inaddr adrm_u_char*address_type 12377c478bd9Sstevel@tonic-gate * remote_port adrm_short 12388249a45fSJan Friedel * remote_inaddr adrm_u_char*address_type 12397c478bd9Sstevel@tonic-gate */ 12407c478bd9Sstevel@tonic-gate int 12417c478bd9Sstevel@tonic-gate socket_ex_token(adr_t *adr) 12427c478bd9Sstevel@tonic-gate { 12437c478bd9Sstevel@tonic-gate short socket_domain; 12447c478bd9Sstevel@tonic-gate short socket_type; 12457c478bd9Sstevel@tonic-gate short ip_size; 12467c478bd9Sstevel@tonic-gate short local_port; 12478249a45fSJan Friedel uchar_t local_inaddr[16]; 12487c478bd9Sstevel@tonic-gate short remote_port; 12498249a45fSJan Friedel uchar_t remote_inaddr[16]; 12508249a45fSJan Friedel uchar_t *caddr = (uchar_t *)&obj_id; 12517c478bd9Sstevel@tonic-gate 12527c478bd9Sstevel@tonic-gate adrm_short(adr, &socket_domain, 1); 12537c478bd9Sstevel@tonic-gate adrm_short(adr, &socket_type, 1); 12547c478bd9Sstevel@tonic-gate adrm_short(adr, &ip_size, 1); 12557c478bd9Sstevel@tonic-gate 12567c478bd9Sstevel@tonic-gate /* validate ip size */ 12577c478bd9Sstevel@tonic-gate if ((ip_size != AU_IPv6) && (ip_size != AU_IPv4)) 12587c478bd9Sstevel@tonic-gate return (0); 12597c478bd9Sstevel@tonic-gate 12607c478bd9Sstevel@tonic-gate adrm_short(adr, &local_port, 1); 12617c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)local_inaddr, ip_size); 12627c478bd9Sstevel@tonic-gate 12637c478bd9Sstevel@tonic-gate adrm_short(adr, &remote_port, 1); 12647c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)remote_inaddr, ip_size); 12657c478bd9Sstevel@tonic-gate 12667c478bd9Sstevel@tonic-gate /* if IP type mis-match, then nothing to do */ 12677c478bd9Sstevel@tonic-gate if (ip_size != ip_type) 12687c478bd9Sstevel@tonic-gate return (-1); 12697c478bd9Sstevel@tonic-gate 12707c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) { 12717c478bd9Sstevel@tonic-gate if (socket_flag == SOCKFLG_MACHINE) { 12728249a45fSJan Friedel if (ip_type == AU_IPv6) { 12738249a45fSJan Friedel caddr = (uchar_t *)ip_ipv6; 12748249a45fSJan Friedel } 12758249a45fSJan Friedel if ((memcmp(local_inaddr, caddr, ip_type) == 0) || 12768249a45fSJan Friedel (memcmp(remote_inaddr, caddr, ip_type) == 0)) { 12777c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12787c478bd9Sstevel@tonic-gate } 12797c478bd9Sstevel@tonic-gate } else if (socket_flag == SOCKFLG_PORT) { 12808249a45fSJan Friedel if ((local_port == obj_id) || (remote_port == obj_id)) { 12817c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12827c478bd9Sstevel@tonic-gate } 12837c478bd9Sstevel@tonic-gate } 12848249a45fSJan Friedel } 12857c478bd9Sstevel@tonic-gate return (-1); 12867c478bd9Sstevel@tonic-gate } 12877c478bd9Sstevel@tonic-gate 12887c478bd9Sstevel@tonic-gate 12897c478bd9Sstevel@tonic-gate /* 12907c478bd9Sstevel@tonic-gate * Format of subject32 token: 12917c478bd9Sstevel@tonic-gate * subject token id adr_char 12927c478bd9Sstevel@tonic-gate * auid adr_int32 12937c478bd9Sstevel@tonic-gate * euid adr_int32 12947c478bd9Sstevel@tonic-gate * egid adr_int32 12957c478bd9Sstevel@tonic-gate * ruid adr_int32 12967c478bd9Sstevel@tonic-gate * rgid adr_int32 12977c478bd9Sstevel@tonic-gate * pid adr_int32 12987c478bd9Sstevel@tonic-gate * sid adr_int32 12997c478bd9Sstevel@tonic-gate * termid adr_int32*2 13007c478bd9Sstevel@tonic-gate */ 13017c478bd9Sstevel@tonic-gate int 13027c478bd9Sstevel@tonic-gate subject32_token(adr_t *adr) 13037c478bd9Sstevel@tonic-gate { 13047c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 13057c478bd9Sstevel@tonic-gate int32_t sid; 13067c478bd9Sstevel@tonic-gate int32_t port, machine; 13077c478bd9Sstevel@tonic-gate 13087c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 13097c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 13107c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 13117c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 13127c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 13137c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 13147c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 13157c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 13167c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 13177c478bd9Sstevel@tonic-gate 13187c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 13197c478bd9Sstevel@tonic-gate if (subj_id == pid) 13207c478bd9Sstevel@tonic-gate checkflags |= M_SUBJECT; 13217c478bd9Sstevel@tonic-gate } 13227c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 13237c478bd9Sstevel@tonic-gate if (m_usera == auid) 13247c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 13257c478bd9Sstevel@tonic-gate } 13267c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 13277c478bd9Sstevel@tonic-gate if (m_usere == euid) 13287c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 13297c478bd9Sstevel@tonic-gate } 13307c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 13317c478bd9Sstevel@tonic-gate if (m_userr == ruid) 13327c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 13337c478bd9Sstevel@tonic-gate } 13347c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 13357c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 13367c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 13377c478bd9Sstevel@tonic-gate } 13387c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 13397c478bd9Sstevel@tonic-gate if (m_groupe == egid) 13407c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 13417c478bd9Sstevel@tonic-gate } 1342924c9144Sgww if (flags & M_SID) { 1343d0fa49b7STony Nguyen if (m_sid == (au_asid_t)sid) 1344924c9144Sgww checkflags |= M_SID; 1345924c9144Sgww } 13467c478bd9Sstevel@tonic-gate return (-1); 13477c478bd9Sstevel@tonic-gate } 13487c478bd9Sstevel@tonic-gate 13497c478bd9Sstevel@tonic-gate /* 13507c478bd9Sstevel@tonic-gate * Format of subject32_ex token: 13517c478bd9Sstevel@tonic-gate * subject token id adr_char 13527c478bd9Sstevel@tonic-gate * auid adr_int32 13537c478bd9Sstevel@tonic-gate * euid adr_int32 13547c478bd9Sstevel@tonic-gate * egid adr_int32 13557c478bd9Sstevel@tonic-gate * ruid adr_int32 13567c478bd9Sstevel@tonic-gate * rgid adr_int32 13577c478bd9Sstevel@tonic-gate * pid adr_int32 13587c478bd9Sstevel@tonic-gate * sid adr_int32 13598249a45fSJan Friedel * termid 13608249a45fSJan Friedel * port adr_int32 13618249a45fSJan Friedel * type adr_int32 13628249a45fSJan Friedel * ip address adr_u_char*type 13637c478bd9Sstevel@tonic-gate */ 13647c478bd9Sstevel@tonic-gate int 13657c478bd9Sstevel@tonic-gate subject32_ex_token(adr_t *adr) 13667c478bd9Sstevel@tonic-gate { 13677c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 13687c478bd9Sstevel@tonic-gate int32_t sid; 13698249a45fSJan Friedel int32_t port, type; 13708249a45fSJan Friedel uchar_t addr[16]; 13717c478bd9Sstevel@tonic-gate 13727c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 13737c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 13747c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 13757c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 13767c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 13777c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 13787c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 13797c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 13807c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 13818249a45fSJan Friedel adrm_u_char(adr, addr, type); 13827c478bd9Sstevel@tonic-gate 13837c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 13847c478bd9Sstevel@tonic-gate if (subj_id == pid) 13857c478bd9Sstevel@tonic-gate checkflags = checkflags | M_SUBJECT; 13867c478bd9Sstevel@tonic-gate } 13877c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 13887c478bd9Sstevel@tonic-gate if (m_usera == auid) 13897c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 13907c478bd9Sstevel@tonic-gate } 13917c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 13927c478bd9Sstevel@tonic-gate if (m_usere == euid) 13937c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 13947c478bd9Sstevel@tonic-gate } 13957c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 13967c478bd9Sstevel@tonic-gate if (m_userr == ruid) 13977c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 13987c478bd9Sstevel@tonic-gate } 13997c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 14007c478bd9Sstevel@tonic-gate if (m_groupr == egid) 14017c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 14027c478bd9Sstevel@tonic-gate } 14037c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 14047c478bd9Sstevel@tonic-gate if (m_groupe == egid) 14057c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 14067c478bd9Sstevel@tonic-gate } 1407924c9144Sgww if (flags & M_SID) { 1408d0fa49b7STony Nguyen if (m_sid == (au_asid_t)sid) 1409924c9144Sgww checkflags = checkflags | M_SID; 1410924c9144Sgww } 14117c478bd9Sstevel@tonic-gate return (-1); 14127c478bd9Sstevel@tonic-gate } 14137c478bd9Sstevel@tonic-gate 14147c478bd9Sstevel@tonic-gate /* 14157c478bd9Sstevel@tonic-gate * Format of subject64 token: 14167c478bd9Sstevel@tonic-gate * subject token id adr_char 14177c478bd9Sstevel@tonic-gate * auid adr_int32 14187c478bd9Sstevel@tonic-gate * euid adr_int32 14197c478bd9Sstevel@tonic-gate * egid adr_int32 14207c478bd9Sstevel@tonic-gate * ruid adr_int32 14217c478bd9Sstevel@tonic-gate * rgid adr_int32 14227c478bd9Sstevel@tonic-gate * pid adr_int32 14237c478bd9Sstevel@tonic-gate * sid adr_int32 14247c478bd9Sstevel@tonic-gate * termid adr_int64+adr_int32 14257c478bd9Sstevel@tonic-gate */ 14267c478bd9Sstevel@tonic-gate int 14277c478bd9Sstevel@tonic-gate subject64_token(adr_t *adr) 14287c478bd9Sstevel@tonic-gate { 14297c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 14307c478bd9Sstevel@tonic-gate int32_t sid; 14317c478bd9Sstevel@tonic-gate int64_t port; 14327c478bd9Sstevel@tonic-gate int32_t machine; 14337c478bd9Sstevel@tonic-gate 14347c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 14357c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 14367c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 14377c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 14387c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 14397c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 14407c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 14417c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 14427c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 14437c478bd9Sstevel@tonic-gate 14447c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 14457c478bd9Sstevel@tonic-gate if (subj_id == pid) 14467c478bd9Sstevel@tonic-gate checkflags |= M_SUBJECT; 14477c478bd9Sstevel@tonic-gate } 14487c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 14497c478bd9Sstevel@tonic-gate if (m_usera == auid) 14507c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 14517c478bd9Sstevel@tonic-gate } 14527c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 14537c478bd9Sstevel@tonic-gate if (m_usere == euid) 14547c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 14557c478bd9Sstevel@tonic-gate } 14567c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 14577c478bd9Sstevel@tonic-gate if (m_userr == ruid) 14587c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 14597c478bd9Sstevel@tonic-gate } 14607c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 14617c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 14627c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 14637c478bd9Sstevel@tonic-gate } 14647c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 14657c478bd9Sstevel@tonic-gate if (m_groupe == egid) 14667c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 14677c478bd9Sstevel@tonic-gate } 1468924c9144Sgww if (flags & M_SID) { 1469d0fa49b7STony Nguyen if (m_sid == (au_asid_t)sid) 1470924c9144Sgww checkflags |= M_SID; 1471924c9144Sgww } 14727c478bd9Sstevel@tonic-gate return (-1); 14737c478bd9Sstevel@tonic-gate } 14747c478bd9Sstevel@tonic-gate 14757c478bd9Sstevel@tonic-gate /* 14768249a45fSJan Friedel * Format of subject64_ex token: 14777c478bd9Sstevel@tonic-gate * subject token id adr_char 14787c478bd9Sstevel@tonic-gate * auid adr_int32 14797c478bd9Sstevel@tonic-gate * euid adr_int32 14807c478bd9Sstevel@tonic-gate * egid adr_int32 14817c478bd9Sstevel@tonic-gate * ruid adr_int32 14827c478bd9Sstevel@tonic-gate * rgid adr_int32 14837c478bd9Sstevel@tonic-gate * pid adr_int32 14847c478bd9Sstevel@tonic-gate * sid adr_int32 14858249a45fSJan Friedel * termid 14868249a45fSJan Friedel * port adr_int64 14878249a45fSJan Friedel * type adr_int32 14888249a45fSJan Friedel * ip address adr_u_char*type 14897c478bd9Sstevel@tonic-gate */ 14907c478bd9Sstevel@tonic-gate int 14917c478bd9Sstevel@tonic-gate subject64_ex_token(adr_t *adr) 14927c478bd9Sstevel@tonic-gate { 14937c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 14947c478bd9Sstevel@tonic-gate int32_t sid; 14957c478bd9Sstevel@tonic-gate int64_t port; 14968249a45fSJan Friedel int32_t type; 14978249a45fSJan Friedel uchar_t addr[16]; 14987c478bd9Sstevel@tonic-gate 14997c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 15007c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 15017c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 15027c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 15037c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 15047c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 15057c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 15067c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 15077c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 15088249a45fSJan Friedel adrm_u_char(adr, addr, type); 15097c478bd9Sstevel@tonic-gate 15107c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 15117c478bd9Sstevel@tonic-gate if (subj_id == pid) 15127c478bd9Sstevel@tonic-gate checkflags = checkflags | M_SUBJECT; 15137c478bd9Sstevel@tonic-gate } 15147c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 15157c478bd9Sstevel@tonic-gate if (m_usera == auid) 15167c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 15177c478bd9Sstevel@tonic-gate } 15187c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 15197c478bd9Sstevel@tonic-gate if (m_usere == euid) 15207c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 15217c478bd9Sstevel@tonic-gate } 15227c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 15237c478bd9Sstevel@tonic-gate if (m_userr == ruid) 15247c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 15257c478bd9Sstevel@tonic-gate } 15267c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 15277c478bd9Sstevel@tonic-gate if (m_groupr == egid) 15287c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 15297c478bd9Sstevel@tonic-gate } 15307c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 15317c478bd9Sstevel@tonic-gate if (m_groupe == egid) 15327c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 15337c478bd9Sstevel@tonic-gate } 1534924c9144Sgww if (flags & M_SID) { 1535d0fa49b7STony Nguyen if (m_sid == (au_asid_t)sid) 1536924c9144Sgww checkflags = checkflags | M_SID; 1537924c9144Sgww } 15387c478bd9Sstevel@tonic-gate return (-1); 15397c478bd9Sstevel@tonic-gate } 15407c478bd9Sstevel@tonic-gate 15417c478bd9Sstevel@tonic-gate /* 15427c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15437c478bd9Sstevel@tonic-gate * tid_token(): Process tid token and display contents 15447c478bd9Sstevel@tonic-gate * 15457c478bd9Sstevel@tonic-gate * Format of tid token: 15467c478bd9Sstevel@tonic-gate * tid token id adr_char 15477c478bd9Sstevel@tonic-gate * address type adr_char 15487c478bd9Sstevel@tonic-gate * For address type of AU_IPADR... 15497c478bd9Sstevel@tonic-gate * remote port adr_short 15507c478bd9Sstevel@tonic-gate * local port adr_short 15517c478bd9Sstevel@tonic-gate * IP type adr_int32 15527c478bd9Sstevel@tonic-gate * IP addr adr_int32 if IPv4 15537c478bd9Sstevel@tonic-gate * IP addr 4 x adr_int32 if IPv6 15547c478bd9Sstevel@tonic-gate * address types other than AU_IPADR are not yet defined 15557c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15567c478bd9Sstevel@tonic-gate */ 15577c478bd9Sstevel@tonic-gate int 15587c478bd9Sstevel@tonic-gate tid_token(adr_t *adr) 15597c478bd9Sstevel@tonic-gate { 15607c478bd9Sstevel@tonic-gate int32_t address[4]; 15617c478bd9Sstevel@tonic-gate int32_t ip_type; 15627c478bd9Sstevel@tonic-gate char tid_type; 15637c478bd9Sstevel@tonic-gate short rport; 15647c478bd9Sstevel@tonic-gate short lport; 15657c478bd9Sstevel@tonic-gate 15667c478bd9Sstevel@tonic-gate adrm_char(adr, &tid_type, 1); 15677c478bd9Sstevel@tonic-gate switch (tid_type) { 15687c478bd9Sstevel@tonic-gate case AU_IPADR: 15697c478bd9Sstevel@tonic-gate adrm_short(adr, &rport, 1); 15707c478bd9Sstevel@tonic-gate adrm_short(adr, &lport, 1); 15717c478bd9Sstevel@tonic-gate adrm_int32(adr, &ip_type, 1); 15727c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&address, ip_type); 15737c478bd9Sstevel@tonic-gate break; 15747c478bd9Sstevel@tonic-gate default: 15757c478bd9Sstevel@tonic-gate return (0); 15767c478bd9Sstevel@tonic-gate } 15777c478bd9Sstevel@tonic-gate return (-1); 15787c478bd9Sstevel@tonic-gate } 15797c478bd9Sstevel@tonic-gate 15807c478bd9Sstevel@tonic-gate /* 15817c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15827c478bd9Sstevel@tonic-gate * zonename_token(): Process zonename token and display contents 15837c478bd9Sstevel@tonic-gate * 15847c478bd9Sstevel@tonic-gate * Format of zonename token: 15857c478bd9Sstevel@tonic-gate * zonename token id adr_char 15867c478bd9Sstevel@tonic-gate * zone name adr_string 15877c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15887c478bd9Sstevel@tonic-gate */ 15897c478bd9Sstevel@tonic-gate int 15907c478bd9Sstevel@tonic-gate zonename_token(adr_t *adr) 15917c478bd9Sstevel@tonic-gate { 15927c478bd9Sstevel@tonic-gate char *name; 15937c478bd9Sstevel@tonic-gate 15947c478bd9Sstevel@tonic-gate if (flags & M_ZONENAME) { 15957c478bd9Sstevel@tonic-gate get_string(adr, &name); 15967c478bd9Sstevel@tonic-gate if (strncmp(zonename, name, ZONENAME_MAX) == 0) 15977c478bd9Sstevel@tonic-gate checkflags |= M_ZONENAME; 15987c478bd9Sstevel@tonic-gate free(name); 15997c478bd9Sstevel@tonic-gate } else { 16007c478bd9Sstevel@tonic-gate skip_string(adr); 16017c478bd9Sstevel@tonic-gate } 16027c478bd9Sstevel@tonic-gate return (-1); 16037c478bd9Sstevel@tonic-gate } 16047c478bd9Sstevel@tonic-gate 16057c478bd9Sstevel@tonic-gate /* 1606103b2b15Sgww * fmri_token(): 1607103b2b15Sgww * 1608103b2b15Sgww * Format of fmri token: 1609103b2b15Sgww * fmri adr_string 1610103b2b15Sgww */ 1611103b2b15Sgww int 1612103b2b15Sgww fmri_token(adr_t *adr) 1613103b2b15Sgww { 1614103b2b15Sgww if ((flags & M_OBJECT) && (obj_flag == OBJ_FMRI)) { 1615103b2b15Sgww char *fmri_name; 1616103b2b15Sgww 1617103b2b15Sgww get_string(adr, &fmri_name); 1618103b2b15Sgww 1619103b2b15Sgww /* match token against service instance */ 1620103b2b15Sgww if (scf_cmp_pattern(fmri_name, &fmri) == 1) { 1621103b2b15Sgww checkflags |= M_OBJECT; 1622103b2b15Sgww } 1623103b2b15Sgww free(fmri_name); 1624103b2b15Sgww } else { 1625103b2b15Sgww skip_string(adr); 1626103b2b15Sgww } 1627103b2b15Sgww return (-1); 1628103b2b15Sgww } 1629103b2b15Sgww 1630103b2b15Sgww /* 16317c478bd9Sstevel@tonic-gate * Format of xatom token: 16327c478bd9Sstevel@tonic-gate */ 16337c478bd9Sstevel@tonic-gate int 16347c478bd9Sstevel@tonic-gate xatom_token(adr_t *adr) 16357c478bd9Sstevel@tonic-gate { 16367c478bd9Sstevel@tonic-gate skip_string(adr); 16377c478bd9Sstevel@tonic-gate 16387c478bd9Sstevel@tonic-gate return (-1); 16397c478bd9Sstevel@tonic-gate } 16407c478bd9Sstevel@tonic-gate 16417c478bd9Sstevel@tonic-gate /* 16427c478bd9Sstevel@tonic-gate * Format of xselect token: 16437c478bd9Sstevel@tonic-gate */ 16447c478bd9Sstevel@tonic-gate int 16457c478bd9Sstevel@tonic-gate xselect_token(adr_t *adr) 16467c478bd9Sstevel@tonic-gate { 16477c478bd9Sstevel@tonic-gate skip_string(adr); 16487c478bd9Sstevel@tonic-gate skip_string(adr); 16497c478bd9Sstevel@tonic-gate skip_string(adr); 16507c478bd9Sstevel@tonic-gate 16517c478bd9Sstevel@tonic-gate return (-1); 16527c478bd9Sstevel@tonic-gate } 16537c478bd9Sstevel@tonic-gate 16547c478bd9Sstevel@tonic-gate /* 16557c478bd9Sstevel@tonic-gate * anchor a path name with a slash 16567c478bd9Sstevel@tonic-gate * assume we have enough space 16577c478bd9Sstevel@tonic-gate */ 16587c478bd9Sstevel@tonic-gate void 16597c478bd9Sstevel@tonic-gate anchor_path(char *path) 16607c478bd9Sstevel@tonic-gate { 16617c478bd9Sstevel@tonic-gate (void) memmove((void *)(path + 1), (void *)path, strlen(path) + 1); 16627c478bd9Sstevel@tonic-gate *path = '/'; 16637c478bd9Sstevel@tonic-gate } 16647c478bd9Sstevel@tonic-gate 16657c478bd9Sstevel@tonic-gate 16667c478bd9Sstevel@tonic-gate /* 16677c478bd9Sstevel@tonic-gate * copy path to collapsed path. 16687c478bd9Sstevel@tonic-gate * collapsed path does not contain: 16697c478bd9Sstevel@tonic-gate * successive slashes 16707c478bd9Sstevel@tonic-gate * instances of dot-slash 16717c478bd9Sstevel@tonic-gate * instances of dot-dot-slash 16727c478bd9Sstevel@tonic-gate * passed path must be anchored with a '/' 16737c478bd9Sstevel@tonic-gate */ 16747c478bd9Sstevel@tonic-gate char * 16757c478bd9Sstevel@tonic-gate collapse_path(char *s) 16767c478bd9Sstevel@tonic-gate { 16777c478bd9Sstevel@tonic-gate int id; /* index of where we are in destination string */ 16787c478bd9Sstevel@tonic-gate int is; /* index of where we are in source string */ 16797c478bd9Sstevel@tonic-gate int slashseen; /* have we seen a slash */ 16807c478bd9Sstevel@tonic-gate int ls; /* length of source string */ 16817c478bd9Sstevel@tonic-gate 16827c478bd9Sstevel@tonic-gate ls = strlen(s) + 1; 16837c478bd9Sstevel@tonic-gate 16847c478bd9Sstevel@tonic-gate slashseen = 0; 16857c478bd9Sstevel@tonic-gate for (is = 0, id = 0; is < ls; is++) { 16867c478bd9Sstevel@tonic-gate /* thats all folks, we've reached the end of input */ 16877c478bd9Sstevel@tonic-gate if (s[is] == '\0') { 16887c478bd9Sstevel@tonic-gate if (id > 1 && s[id-1] == '/') { 16897c478bd9Sstevel@tonic-gate --id; 16907c478bd9Sstevel@tonic-gate } 16917c478bd9Sstevel@tonic-gate s[id++] = '\0'; 16927c478bd9Sstevel@tonic-gate break; 16937c478bd9Sstevel@tonic-gate } 16947c478bd9Sstevel@tonic-gate /* previous character was a / */ 16957c478bd9Sstevel@tonic-gate if (slashseen) { 16967c478bd9Sstevel@tonic-gate if (s[is] == '/') 16977c478bd9Sstevel@tonic-gate continue; /* another slash, ignore it */ 16987c478bd9Sstevel@tonic-gate } else if (s[is] == '/') { 16997c478bd9Sstevel@tonic-gate /* we see a /, just copy it and try again */ 17007c478bd9Sstevel@tonic-gate slashseen = 1; 17017c478bd9Sstevel@tonic-gate s[id++] = '/'; 17027c478bd9Sstevel@tonic-gate continue; 17037c478bd9Sstevel@tonic-gate } 17047c478bd9Sstevel@tonic-gate /* /./ seen */ 17057c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '/') { 17067c478bd9Sstevel@tonic-gate is += 1; 17077c478bd9Sstevel@tonic-gate continue; 17087c478bd9Sstevel@tonic-gate } 17097c478bd9Sstevel@tonic-gate /* XXX/. seen */ 17107c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '\0') { 17117c478bd9Sstevel@tonic-gate if (id > 1) 17127c478bd9Sstevel@tonic-gate id--; 17137c478bd9Sstevel@tonic-gate continue; 17147c478bd9Sstevel@tonic-gate } 17157c478bd9Sstevel@tonic-gate /* XXX/.. seen */ 17167c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '\0') { 17177c478bd9Sstevel@tonic-gate is += 1; 17187c478bd9Sstevel@tonic-gate if (id > 0) 17197c478bd9Sstevel@tonic-gate id--; 1720a7746f66Stz204579 while (id > 0 && s[--id] != '/') 1721a7746f66Stz204579 ; 17227c478bd9Sstevel@tonic-gate id++; 17237c478bd9Sstevel@tonic-gate continue; 17247c478bd9Sstevel@tonic-gate } 17257c478bd9Sstevel@tonic-gate /* XXX/../ seen */ 17267c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '/') { 17277c478bd9Sstevel@tonic-gate is += 2; 17287c478bd9Sstevel@tonic-gate if (id > 0) 17297c478bd9Sstevel@tonic-gate id--; 1730a7746f66Stz204579 while (id > 0 && s[--id] != '/') 1731a7746f66Stz204579 ; 17327c478bd9Sstevel@tonic-gate id++; 17337c478bd9Sstevel@tonic-gate continue; 17347c478bd9Sstevel@tonic-gate } 1735a7746f66Stz204579 while (is < ls && (s[id++] = s[is++]) != '/') 1736a7746f66Stz204579 ; 17377c478bd9Sstevel@tonic-gate is--; 17387c478bd9Sstevel@tonic-gate } 17397c478bd9Sstevel@tonic-gate return (s); 17407c478bd9Sstevel@tonic-gate } 17417c478bd9Sstevel@tonic-gate 17427c478bd9Sstevel@tonic-gate 17437c478bd9Sstevel@tonic-gate int 17447c478bd9Sstevel@tonic-gate ipc_type_match(int flag, char type) 17457c478bd9Sstevel@tonic-gate { 17467c478bd9Sstevel@tonic-gate if (flag == OBJ_SEM && type == AT_IPC_SEM) 17477c478bd9Sstevel@tonic-gate return (1); 17487c478bd9Sstevel@tonic-gate 17497c478bd9Sstevel@tonic-gate if (flag == OBJ_MSG && type == AT_IPC_MSG) 17507c478bd9Sstevel@tonic-gate return (1); 17517c478bd9Sstevel@tonic-gate 17527c478bd9Sstevel@tonic-gate if (flag == OBJ_SHM && type == AT_IPC_SHM) 17537c478bd9Sstevel@tonic-gate return (1); 17547c478bd9Sstevel@tonic-gate 17557c478bd9Sstevel@tonic-gate return (0); 17567c478bd9Sstevel@tonic-gate } 17577c478bd9Sstevel@tonic-gate 17587c478bd9Sstevel@tonic-gate 17597c478bd9Sstevel@tonic-gate void 17607c478bd9Sstevel@tonic-gate skip_string(adr_t *adr) 17617c478bd9Sstevel@tonic-gate { 17627c478bd9Sstevel@tonic-gate ushort_t c; 17637c478bd9Sstevel@tonic-gate 17647c478bd9Sstevel@tonic-gate adrm_u_short(adr, &c, 1); 17657c478bd9Sstevel@tonic-gate adr->adr_now += c; 17667c478bd9Sstevel@tonic-gate } 17677c478bd9Sstevel@tonic-gate 17687c478bd9Sstevel@tonic-gate 17697c478bd9Sstevel@tonic-gate void 17707c478bd9Sstevel@tonic-gate get_string(adr_t *adr, char **p) 17717c478bd9Sstevel@tonic-gate { 17727c478bd9Sstevel@tonic-gate ushort_t c; 17737c478bd9Sstevel@tonic-gate 17747c478bd9Sstevel@tonic-gate adrm_u_short(adr, &c, 1); 17757c478bd9Sstevel@tonic-gate *p = a_calloc(1, (size_t)c); 17767c478bd9Sstevel@tonic-gate adrm_char(adr, *p, c); 17777c478bd9Sstevel@tonic-gate } 17787c478bd9Sstevel@tonic-gate 17797c478bd9Sstevel@tonic-gate 17807c478bd9Sstevel@tonic-gate /* 17817c478bd9Sstevel@tonic-gate * Format of host token: 17827c478bd9Sstevel@tonic-gate * host ard_uint32 17837c478bd9Sstevel@tonic-gate */ 17847c478bd9Sstevel@tonic-gate int 17857c478bd9Sstevel@tonic-gate host_token(adr_t *adr) 17867c478bd9Sstevel@tonic-gate { 17877c478bd9Sstevel@tonic-gate uint32_t host; 17887c478bd9Sstevel@tonic-gate 17897c478bd9Sstevel@tonic-gate adrm_u_int32(adr, &host, 1); 17907c478bd9Sstevel@tonic-gate 17917c478bd9Sstevel@tonic-gate return (-1); 17927c478bd9Sstevel@tonic-gate } 17937c478bd9Sstevel@tonic-gate 17947c478bd9Sstevel@tonic-gate /* 17957c478bd9Sstevel@tonic-gate * Format of useofauth token: 17967c478bd9Sstevel@tonic-gate * uauth token id adr_char 17977c478bd9Sstevel@tonic-gate * uauth adr_string 17987c478bd9Sstevel@tonic-gate */ 17997c478bd9Sstevel@tonic-gate int 18007c478bd9Sstevel@tonic-gate useofauth_token(adr_t *adr) 18017c478bd9Sstevel@tonic-gate { 18027c478bd9Sstevel@tonic-gate skip_string(adr); 18037c478bd9Sstevel@tonic-gate return (-1); 18047c478bd9Sstevel@tonic-gate } 18057c478bd9Sstevel@tonic-gate 1806047f6e6fSgww /* 1807047f6e6fSgww * Format of user token: 1808047f6e6fSgww * user token id adr_char 1809047f6e6fSgww * uid adr_uid 1810047f6e6fSgww * username adr_string 1811047f6e6fSgww */ 1812047f6e6fSgww int 1813047f6e6fSgww user_token(adr_t *adr) 1814047f6e6fSgww { 1815047f6e6fSgww uid_t uid; 1816047f6e6fSgww 1817047f6e6fSgww adrm_uid(adr, &uid, 1); 1818047f6e6fSgww skip_string(adr); 1819047f6e6fSgww 1820047f6e6fSgww if ((flags & M_OBJECT) && (obj_flag == OBJ_USER) && 1821047f6e6fSgww (uid == obj_user)) { 1822047f6e6fSgww checkflags |= M_OBJECT; 1823047f6e6fSgww } 1824047f6e6fSgww 1825047f6e6fSgww return (-1); 1826047f6e6fSgww } 1827047f6e6fSgww 18287c478bd9Sstevel@tonic-gate int 18297c478bd9Sstevel@tonic-gate xcolormap_token(adr_t *adr) 18307c478bd9Sstevel@tonic-gate { 18317c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18327c478bd9Sstevel@tonic-gate } 18337c478bd9Sstevel@tonic-gate 18347c478bd9Sstevel@tonic-gate int 18357c478bd9Sstevel@tonic-gate xcursor_token(adr_t *adr) 18367c478bd9Sstevel@tonic-gate { 18377c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18387c478bd9Sstevel@tonic-gate } 18397c478bd9Sstevel@tonic-gate 18407c478bd9Sstevel@tonic-gate int 18417c478bd9Sstevel@tonic-gate xfont_token(adr_t *adr) 18427c478bd9Sstevel@tonic-gate { 18437c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18447c478bd9Sstevel@tonic-gate } 18457c478bd9Sstevel@tonic-gate 18467c478bd9Sstevel@tonic-gate int 18477c478bd9Sstevel@tonic-gate xgc_token(adr_t *adr) 18487c478bd9Sstevel@tonic-gate { 18497c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18507c478bd9Sstevel@tonic-gate } 18517c478bd9Sstevel@tonic-gate 18527c478bd9Sstevel@tonic-gate int 18537c478bd9Sstevel@tonic-gate xpixmap_token(adr_t *adr) 18547c478bd9Sstevel@tonic-gate { 18557c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18567c478bd9Sstevel@tonic-gate } 18577c478bd9Sstevel@tonic-gate 18587c478bd9Sstevel@tonic-gate int 18597c478bd9Sstevel@tonic-gate xwindow_token(adr_t *adr) 18607c478bd9Sstevel@tonic-gate { 18617c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18627c478bd9Sstevel@tonic-gate } 18637c478bd9Sstevel@tonic-gate 18647c478bd9Sstevel@tonic-gate 18657c478bd9Sstevel@tonic-gate /* 18667c478bd9Sstevel@tonic-gate * Format of xgeneric token: 18677c478bd9Sstevel@tonic-gate * XID adr_int32 18687c478bd9Sstevel@tonic-gate * creator UID adr_int32 18697c478bd9Sstevel@tonic-gate * 18707c478bd9Sstevel@tonic-gate * Includes: xcolormap, xcursor, xfont, xgc, xpixmap, and xwindow 18717c478bd9Sstevel@tonic-gate */ 18727c478bd9Sstevel@tonic-gate int 18737c478bd9Sstevel@tonic-gate xgeneric(adr_t *adr) 18747c478bd9Sstevel@tonic-gate { 18757c478bd9Sstevel@tonic-gate int32_t xid; 18767c478bd9Sstevel@tonic-gate int32_t uid; 18777c478bd9Sstevel@tonic-gate 18787c478bd9Sstevel@tonic-gate adrm_int32(adr, &xid, 1); 18797c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 18807c478bd9Sstevel@tonic-gate 18817c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 18827c478bd9Sstevel@tonic-gate if (m_usere == uid) 18837c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 18847c478bd9Sstevel@tonic-gate } 18857c478bd9Sstevel@tonic-gate 18867c478bd9Sstevel@tonic-gate return (-1); 18877c478bd9Sstevel@tonic-gate } 18887c478bd9Sstevel@tonic-gate 18897c478bd9Sstevel@tonic-gate 18907c478bd9Sstevel@tonic-gate /* 18917c478bd9Sstevel@tonic-gate * Format of xproperty token: 18927c478bd9Sstevel@tonic-gate * XID adr_int32 18937c478bd9Sstevel@tonic-gate * creator UID adr_int32 18947c478bd9Sstevel@tonic-gate * atom string adr_string 18957c478bd9Sstevel@tonic-gate */ 18967c478bd9Sstevel@tonic-gate int 18977c478bd9Sstevel@tonic-gate xproperty_token(adr_t *adr) 18987c478bd9Sstevel@tonic-gate { 18997c478bd9Sstevel@tonic-gate int32_t xid; 19007c478bd9Sstevel@tonic-gate int32_t uid; 19017c478bd9Sstevel@tonic-gate 19027c478bd9Sstevel@tonic-gate adrm_int32(adr, &xid, 1); 19037c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 19047c478bd9Sstevel@tonic-gate skip_string(adr); 19057c478bd9Sstevel@tonic-gate 19067c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 19077c478bd9Sstevel@tonic-gate if (m_usere == uid) 19087c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 19097c478bd9Sstevel@tonic-gate } 19107c478bd9Sstevel@tonic-gate 19117c478bd9Sstevel@tonic-gate return (-1); 19127c478bd9Sstevel@tonic-gate } 19137c478bd9Sstevel@tonic-gate 19147c478bd9Sstevel@tonic-gate 19157c478bd9Sstevel@tonic-gate /* 19167c478bd9Sstevel@tonic-gate * Format of xclient token: 19177c478bd9Sstevel@tonic-gate * xclient id adr_int32 19187c478bd9Sstevel@tonic-gate */ 19197c478bd9Sstevel@tonic-gate int 19207c478bd9Sstevel@tonic-gate xclient_token(adr_t *adr) 19217c478bd9Sstevel@tonic-gate { 19227c478bd9Sstevel@tonic-gate int32_t client_id; 19237c478bd9Sstevel@tonic-gate 19247c478bd9Sstevel@tonic-gate adrm_int32(adr, &client_id, 1); 19257c478bd9Sstevel@tonic-gate 19267c478bd9Sstevel@tonic-gate return (-1); 19277c478bd9Sstevel@tonic-gate } 19287c478bd9Sstevel@tonic-gate 19297c478bd9Sstevel@tonic-gate /* 19307c478bd9Sstevel@tonic-gate * Format of privilege set token: 19317c478bd9Sstevel@tonic-gate * priv_set type string 19327c478bd9Sstevel@tonic-gate * priv_set string 19337c478bd9Sstevel@tonic-gate */ 19347c478bd9Sstevel@tonic-gate 19357c478bd9Sstevel@tonic-gate int 19367c478bd9Sstevel@tonic-gate privilege_token(adr_t *adr) 19377c478bd9Sstevel@tonic-gate { 19387c478bd9Sstevel@tonic-gate skip_string(adr); /* set type name */ 19397c478bd9Sstevel@tonic-gate skip_string(adr); /* privilege set */ 19407c478bd9Sstevel@tonic-gate return (-1); 19417c478bd9Sstevel@tonic-gate } 19427c478bd9Sstevel@tonic-gate 19437c478bd9Sstevel@tonic-gate /* 1944a13cf099Sgww * Format of label token: 1945a13cf099Sgww * label ID 1 byte 1946a13cf099Sgww * compartment length 1 byte 1947a13cf099Sgww * classification 2 bytes 1948a13cf099Sgww * compartment words <compartment length> * 4 bytes 19497c478bd9Sstevel@tonic-gate */ 19507c478bd9Sstevel@tonic-gate int 1951a13cf099Sgww label_token(adr_t *adr) 19527c478bd9Sstevel@tonic-gate { 1953a13cf099Sgww static m_label_t *label = NULL; 195442096647STony Nguyen static size32_t l_size; 1955a13cf099Sgww int len; 19567c478bd9Sstevel@tonic-gate 1957a13cf099Sgww if (label == NULL) { 1958a13cf099Sgww label = m_label_alloc(MAC_LABEL); 1959a13cf099Sgww l_size = blabel_size() - 4; 1960a13cf099Sgww } 1961a13cf099Sgww 1962a13cf099Sgww if (label == NULL) { 1963a13cf099Sgww /* out of memory, should never happen; skip label */ 1964a13cf099Sgww char l; /* length */ 1965a13cf099Sgww 1966a13cf099Sgww adr->adr_now += sizeof (char); 1967a13cf099Sgww adrm_char(adr, (char *)&l, 1); 1968a13cf099Sgww adr->adr_now += sizeof (short) + (4 * l); 1969a13cf099Sgww return (-1); 1970a13cf099Sgww } 1971a13cf099Sgww 1972a13cf099Sgww adrm_char(adr, (char *)label, 4); 1973a13cf099Sgww len = (int)(((char *)label)[1] * 4); 1974a13cf099Sgww if (len > l_size) { 1975a13cf099Sgww return (-1); 1976a13cf099Sgww } 1977a13cf099Sgww adrm_char(adr, &((char *)label)[4], len); 19787c478bd9Sstevel@tonic-gate 197945916cd2Sjpk if (flags & M_LABEL) { 1980a13cf099Sgww if (blinrange(label, m_label)) 198145916cd2Sjpk checkflags = checkflags | M_LABEL; 19827c478bd9Sstevel@tonic-gate } 19837c478bd9Sstevel@tonic-gate 19847c478bd9Sstevel@tonic-gate return (-1); 19857c478bd9Sstevel@tonic-gate } 19867c478bd9Sstevel@tonic-gate 19877c478bd9Sstevel@tonic-gate 19887c478bd9Sstevel@tonic-gate /* 19897c478bd9Sstevel@tonic-gate * Format of useofpriv token: 19907c478bd9Sstevel@tonic-gate * success/failure adr_char 19917c478bd9Sstevel@tonic-gate * privilege(s) adr_string 19927c478bd9Sstevel@tonic-gate */ 19937c478bd9Sstevel@tonic-gate /* ARGSUSED */ 19947c478bd9Sstevel@tonic-gate int 19957c478bd9Sstevel@tonic-gate useofpriv_token(adr_t *adr) 19967c478bd9Sstevel@tonic-gate { 19977c478bd9Sstevel@tonic-gate char flag; 19987c478bd9Sstevel@tonic-gate 19997c478bd9Sstevel@tonic-gate adrm_char(adr, &flag, 1); 20007c478bd9Sstevel@tonic-gate skip_string(adr); 20017c478bd9Sstevel@tonic-gate return (-1); 20027c478bd9Sstevel@tonic-gate } 2003