xref: /titanic_52/usr/src/lib/libbsm/common/au_open.c (revision c1ecd8b9404ee0d96d93f02e82c441b9bb149a3d)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <sys/param.h>
30 #include <sys/time.h>
31 #include <sys/types.h>
32 #include <stdlib.h>
33 #include <string.h>
34 #include <bsm/audit.h>
35 #include <bsm/libbsm.h>
36 #include <bsm/audit_record.h>
37 #include <synch.h>
38 
39 
40 /*
41  * Open an audit record = find a free descriptor and pass it back.
42  * The descriptors are in a "fixed" length array which is extended
43  * whenever it gets full.
44  *
45  *  Since the expected frequency of copies is expected to be low,
46  *  and since realloc loses data if it fails to expand the buffer,
47  *  calloc() is used rather than realloc().
48  */
49 
50 /*
51  * AU_TABLE_MAX must be a integer multiple of AU_TABLE_LENGTH
52  */
53 #define	AU_TABLE_LENGTH	16
54 #define	AU_TABLE_MAX	256
55 
56 static token_t	**au_d;
57 static int	au_d_length = 0;	/* current table length */
58 static int	au_d_required_length = AU_TABLE_LENGTH; /* new table length */
59 static mutex_t  mutex_au_d = DEFAULTMUTEX;
60 
61 int
62 #ifdef __STDC__
63 au_open(void)
64 #else
65 au_open()
66 #endif
67 {
68 	int d;			/* descriptor */
69 	token_t	**au_d_new;
70 
71 	(void) mutex_lock(&mutex_au_d);
72 
73 	if (au_d_required_length > au_d_length) {
74 		au_d_new = (token_t **)calloc(au_d_required_length,
75 		    sizeof (au_d));
76 
77 		if (au_d_new == NULL) {
78 			au_d_required_length = au_d_length;
79 			(void) mutex_unlock(&mutex_au_d);
80 			return (-1);
81 		}
82 		if (au_d_length > 0) {
83 			(void) memcpy(au_d_new, au_d, au_d_length *
84 			    sizeof (au_d));
85 			free(au_d);
86 		}
87 		au_d = au_d_new;
88 		au_d_length = au_d_required_length;
89 	}
90 	for (d = 0; d < au_d_length; d++) {
91 		if (au_d[d] == (token_t *)0) {
92 			au_d[d] = (token_t *)&au_d;
93 			(void) mutex_unlock(&mutex_au_d);
94 			return (d);
95 		}
96 	}
97 	/*
98 	 * table full; make more room.
99 	 * AU_TABLE_MAX limits recursion.
100 	 * Logic here expects AU_TABLE_MAX to be multiple of AU_TABLE_LENGTH
101 	 */
102 	if (au_d_length >= AU_TABLE_MAX) {
103 		(void) mutex_unlock(&mutex_au_d);
104 		return (-1);
105 	}
106 	au_d_required_length += AU_TABLE_LENGTH;
107 	(void) mutex_unlock(&mutex_au_d);
108 
109 	return (au_open());
110 }
111 
112 /*
113  * Write to an audit descriptor.
114  * Add the mbuf to the descriptor chain and free the chain passed in.
115  */
116 
117 int
118 #ifdef __STDC__
119 au_write(int d, token_t *m)
120 #else
121 au_write(d, m)
122 	int d;
123 	token_t *m;
124 #endif
125 {
126 	token_t *mp;
127 
128 	if (d < 0)
129 		return (-1);
130 	if (m == (token_t *)0)
131 		return (-1);
132 	(void) mutex_lock(&mutex_au_d);
133 	if ((d >= au_d_length) || (au_d[d] == (token_t *)0)) {
134 		(void) mutex_unlock(&mutex_au_d);
135 		return (-1);
136 	} else if (au_d[d] == (token_t *)&au_d) {
137 		au_d[d] = m;
138 		(void) mutex_unlock(&mutex_au_d);
139 		return (0);
140 	}
141 	for (mp = au_d[d]; mp->tt_next != (token_t *)0; mp = mp->tt_next)
142 		;
143 	mp->tt_next = m;
144 	(void) mutex_unlock(&mutex_au_d);
145 	return (0);
146 }
147 
148 /*
149  * Close an audit descriptor.
150  * Use the second parameter to indicate if it should be written or not.
151  */
152 int
153 #ifdef __STDC__
154 au_close(int d, int right, short e_type)
155 #else
156 au_close(d, right, e_type)
157 	int d;
158 	int right;
159 	short e_type;
160 #endif
161 {
162 	short e_mod;
163 	struct timeval now;	/* current time */
164 	adr_t adr;		/* adr header */
165 	auditinfo_addr_t	audit_info;
166 	au_tid_addr_t	*host_info = &audit_info.ai_termid;
167 	token_t *dchain;	/* mbuf chain which is the tokens */
168 	token_t *record;	/* mbuf chain which is the record */
169 	char data_header;	/* token type */
170 	char version;		/* token version */
171 	char *buffer;		/* to build record into */
172 	int  byte_count;	/* bytes in the record */
173 	int   v;
174 
175 	(void) mutex_lock(&mutex_au_d);
176 	if (d < 0 || d >= au_d_length ||
177 	    ((dchain = au_d[d]) == (token_t *)0)) {
178 		(void) mutex_unlock(&mutex_au_d);
179 		return (-1);
180 	}
181 
182 	au_d[d] = (token_t *)0;
183 
184 	if (dchain == (token_t *)&au_d) {
185 		(void) mutex_unlock(&mutex_au_d);
186 		return (0);
187 	}
188 	/*
189 	 * If not to be written toss the record
190 	 */
191 	if (!right) {
192 		while (dchain != (token_t *)0) {
193 			record = dchain;
194 			dchain = dchain->tt_next;
195 			free(record->tt_data);
196 			free(record);
197 		}
198 		(void) mutex_unlock(&mutex_au_d);
199 		return (0);
200 	}
201 
202 	/*
203 	 * Count up the bytes used in the record.
204 	 */
205 	byte_count = sizeof (char) * 2 + sizeof (short) * 2 +
206 			sizeof (int32_t) + sizeof (struct timeval);
207 
208 	for (record = dchain; record != (token_t *)0;
209 		record = record->tt_next) {
210 			byte_count += record->tt_size;
211 	}
212 
213 #ifdef _LP64
214 #define	HEADER_ID	AUT_HEADER64
215 #define	HEADER_ID_EX	AUT_HEADER64_EX
216 #else
217 #define	HEADER_ID	AUT_HEADER32
218 #define	HEADER_ID_EX	AUT_HEADER32_EX
219 #endif
220 
221 	/* Use the extended headed if our host address can be determined. */
222 
223 	data_header = HEADER_ID;		/* Assume the worst */
224 	if (auditon(A_GETKAUDIT, (caddr_t)&audit_info,
225 	    sizeof (audit_info)) == 0) {
226 		int	have_valid_addr;
227 
228 		if (host_info->at_type == AU_IPv6)
229 			have_valid_addr = IN6_IS_ADDR_UNSPECIFIED(
230 			    (in6_addr_t *)host_info->at_addr) ? 0 : 1;
231 		else
232 			have_valid_addr = (host_info->at_addr[0] ==
233 			    htonl(INADDR_ANY)) ? 0 : 1;
234 
235 		if (have_valid_addr) {
236 			data_header = HEADER_ID_EX;
237 			byte_count += sizeof (int32_t) + host_info->at_type;
238 		}
239 	}
240 
241 	/*
242 	 * Build the header
243 	 */
244 	buffer = malloc((size_t)byte_count);
245 	(void) gettimeofday(&now, NULL);
246 	version = TOKEN_VERSION;
247 	e_mod = 0;
248 	adr_start(&adr, buffer);
249 	adr_char(&adr, &data_header, 1);
250 	adr_int32(&adr, (int32_t *)&byte_count, 1);
251 	adr_char(&adr, &version, 1);
252 	adr_short(&adr, &e_type, 1);
253 	adr_short(&adr, &e_mod, 1);
254 	if (data_header == HEADER_ID_EX) {
255 		adr_int32(&adr, (int32_t *)&host_info->at_type, 1);
256 		adr_char(&adr, (char *)&host_info->at_addr[0],
257 		    (int)host_info->at_type);
258 	}
259 #ifdef _LP64
260 	adr_int64(&adr, (int64_t *)&now, 2);
261 #else
262 	adr_int32(&adr, (int32_t *)&now, 2);
263 #endif
264 	/*
265 	 * Tack on the data, and free the tokens.
266 	 * We're not supposed to know how adr works, but ...
267 	 */
268 	while (dchain != (token_t *)0) {
269 		(void) memcpy(adr.adr_now, dchain->tt_data, dchain->tt_size);
270 		adr.adr_now += dchain->tt_size;
271 		record = dchain;
272 		dchain = dchain->tt_next;
273 		free(record->tt_data);
274 		free(record);
275 	}
276 	/*
277 	 * Send it down to the system
278 	 */
279 	v = audit((caddr_t)buffer, byte_count);
280 	free(buffer);
281 	(void) mutex_unlock(&mutex_au_d);
282 	return (v);
283 }
284