xref: /titanic_52/usr/src/uts/common/syscall/auditsys.c (revision 1ae0874509b6811fdde1dfd46f0d93fd09867a3f)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 1994,2002-2003 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <sys/systm.h>
30 #include <sys/errno.h>
31 #include <sys/policy.h>
32 
33 #include <c2/audit.h>
34 
35 /*ARGSUSED1*/
36 int
37 auditsys(struct auditcalls *uap, rval_t *rvp)
38 {
39 	int err;
40 
41 	/*
42 	 * this ugly hack is because auditsys returns 0 for
43 	 * all cases except audit_active == 0 and
44 	 * uap->code  == BSM_AUDITCTRL || BSM_AUDITON || default)
45 	 */
46 
47 	switch (uap->code) {
48 	case BSM_GETAUID:
49 	case BSM_SETAUID:
50 	case BSM_GETAUDIT:
51 	case BSM_SETAUDIT:
52 	case BSM_AUDIT:
53 	case BSM_AUDITSVC:
54 		return (0);
55 	case BSM_AUDITCTL:
56 	case BSM_AUDITON:
57 		if ((int)uap->a1 == A_GETCOND)
58 			err = secpolicy_audit_getattr(CRED());
59 		else
60 			/* FALLTHROUGH */
61 	default:
62 		/* Return a different error when not privileged */
63 		err = secpolicy_audit_config(CRED());
64 		if (err == 0)
65 			return (EINVAL);
66 		else
67 			return (err);
68 	}
69 }
70