Mercurial > illumos > illumos-gate
changeset 5012:119c4a9949a8
6601349 libbsm is missing support for various X related audit tokens.
| author | gww |
|---|---|
| date | Fri, 07 Sep 2007 15:05:42 -0700 |
| parents | cc3cba45b236 |
| children | 29edb5b549e2 |
| files | usr/src/lib/libbsm/common/adr.c usr/src/lib/libbsm/common/au_to.c usr/src/lib/libbsm/common/libbsm.h usr/src/lib/libbsm/common/mapfile-vers usr/src/uts/common/c2/audit_record.h |
| diffstat | 5 files changed, 218 insertions(+), 86 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/lib/libbsm/common/adr.c Fri Sep 07 14:58:53 2007 -0700 +++ b/usr/src/lib/libbsm/common/adr.c Fri Sep 07 15:05:42 2007 -0700 @@ -35,25 +35,14 @@ #include <bsm/audit_record.h> void -#ifdef __STDC__ adr_start(adr_t *adr, char *p) -#else -adr_start(adr, p) - adr_t *adr; - char *p; -#endif { adr->adr_stream = p; adr->adr_now = p; } int -#ifdef __STDC__ adr_count(adr_t *adr) -#else -adr_count(adr) - adr_t *adr; -#endif { return (((intptr_t)adr->adr_now) - ((intptr_t)adr->adr_stream)); } @@ -63,14 +52,7 @@ * adr_char - pull out characters */ void -#ifdef __STDC__ adr_char(adr_t *adr, char *cp, int count) -#else -adr_char(adr, cp, count) - adr_t *adr; - char *cp; - int count; -#endif { while (count-- > 0) *adr->adr_now++ = *cp++; @@ -80,14 +62,7 @@ * adr_short - pull out shorts */ void -#ifdef __STDC__ adr_short(adr_t *adr, short *sp, int count) -#else -adr_short(adr, sp, count) - adr_t *adr; - short *sp; - int count; -#endif { for (; count-- > 0; sp++) { @@ -100,26 +75,37 @@ * adr_int32 - pull out uint32 */ #pragma weak adr_long = adr_int32 -#ifdef __STDC__ -void adr_long(adr_t *adr, int32_t *lp, int count); +void +adr_long(adr_t *adr, int32_t *lp, int count); void adr_int32(adr_t *adr, int32_t *lp, int count) -#else -void adr_long(); -void -adr_int32(adr, lp, count) - adr_t *adr; - int32_t *lp; - int count; -#endif { int i; /* index for counting */ - uint32_t l; /* value for shifting */ + uint32_t l; /* value for shifting */ for (; count-- > 0; lp++) { for (i = 0, l = *(uint32_t *)lp; i < 4; i++) { *adr->adr_now++ = - (char)((uint32_t)(l & 0xff000000) >> 24); + (char)((uint32_t)(l & 0xff000000) >> 24); + l <<= 8; + } + } +} + +/* + * adr_uid + */ + +void +adr_uid(adr_t *adr, uid_t *up, int count) +{ + int i; /* index for counting */ + uid_t l; /* value for shifting */ + + for (; count-- > 0; up++) { + for (i = 0, l = *(uint32_t *)up; i < 4; i++) { + *adr->adr_now++ = + (char)((uint32_t)(l & 0xff000000) >> 24); l <<= 8; } } @@ -129,14 +115,7 @@ * adr_int64 - pull out uint64_t */ void -#ifdef __STDC__ adr_int64(adr_t *adr, int64_t *lp, int count) -#else -adr_int64(adr, lp, count) - adr_t *adr; - int64_t *lp; - int count; -#endif { int i; /* index for counting */ uint64_t l; /* value for shifting */ @@ -144,7 +123,7 @@ for (; count-- > 0; lp++) { for (i = 0, l = *(uint64_t *)lp; i < 8; i++) { *adr->adr_now++ = (char) - ((uint64_t)(l & 0xff00000000000000ULL) >> 56); + ((uint64_t)(l & 0xff00000000000000ULL) >> 56); l <<= 8; } }
--- a/usr/src/lib/libbsm/common/au_to.c Fri Sep 07 14:58:53 2007 -0700 +++ b/usr/src/lib/libbsm/common/au_to.c Fri Sep 07 15:05:42 2007 -0700 @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -990,7 +990,7 @@ case AU_IPADR: ip = &(tid->gt_adr.at_ip); token = get_token((int)(2 * sizeof (char) + 2 * sizeof (short) + - sizeof (uint32_t) + ip->at_type)); + sizeof (uint32_t) + ip->at_type)); if (token == NULL) return (NULL); @@ -1144,18 +1144,49 @@ } /* + * au_to_upriv + * return s: + * pointer to a use of privilege token. + */ +token_t * +au_to_upriv(char sorf, char *priv) +{ + token_t *token; /* local token */ + adr_t adr; /* adr memory stream header */ + char data_header = AUT_UAUTH; /* header for this token */ + short bytes; /* length of string */ + + bytes = strlen(priv) + 1; + + token = get_token(sizeof (char) + sizeof (char) + sizeof (short) + + bytes); + if (token == NULL) + return (NULL); + adr_start(&adr, token->tt_data); + adr_char(&adr, &data_header, 1); + adr_char(&adr, &sorf, 1); /* success/failure */ + adr_short(&adr, &bytes, 1); + adr_char(&adr, priv, bytes); + + return (token); +} + +/* * au_to_xatom * return s: * pointer to a xatom token. */ token_t * -au_to_xatom(ushort_t len, char *atom) +au_to_xatom(char *atom) { token_t *token; /* local token */ adr_t adr; /* adr memory stream header */ char data_header = AUT_XATOM; /* header for this token */ + short len; - token = get_token((int)(sizeof (char) + sizeof (ushort_t) + len)); + len = strlen(atom) + 1; + + token = get_token(sizeof (char) + sizeof (short) + len); if (token == NULL) return (NULL); adr_start(&adr, token->tt_data); @@ -1167,79 +1198,185 @@ } /* - * au_to_xproto + * au_to_xselect * return s: - * pointer to a X protocol token. + * pointer to a X select token. */ token_t * -au_to_xproto(pid_t pid) +au_to_xselect(char *propname, char *proptype, char *windata) { token_t *token; /* local token */ adr_t adr; /* adr memory stream header */ - char data_header = AUT_XPROTO; /* header for this token */ - int32_t v = pid; + char data_header = AUT_XSELECT; /* header for this token */ + short proplen; + short typelen; + short datalen; - token = get_token(sizeof (char) + sizeof (int32_t)); + proplen = strlen(propname) + 1; + typelen = strlen(proptype) + 1; + datalen = strlen(windata) + 1; + + token = get_token(sizeof (char) + (sizeof (short) * 3) + + proplen + typelen + datalen); if (token == NULL) return (NULL); adr_start(&adr, token->tt_data); adr_char(&adr, &data_header, 1); - adr_int32(&adr, &v, 1); + adr_short(&adr, &proplen, 1); + adr_char(&adr, propname, proplen); + adr_short(&adr, &typelen, 1); + adr_char(&adr, proptype, typelen); + adr_short(&adr, &datalen, 1); + adr_char(&adr, windata, datalen); + + return (token); +} + +/* + * x_common + * return s: + * pointer to a common X token. + */ + +static token_t * +x_common(char data_header, int32_t xid, uid_t cuid) +{ + token_t *token; /* local token */ + adr_t adr; /* adr memory stream header */ + + token = get_token(sizeof (char) + sizeof (int32_t) + sizeof (uid_t)); + if (token == NULL) + return (NULL); + adr_start(&adr, token->tt_data); + adr_char(&adr, &data_header, 1); + adr_int32(&adr, &xid, 1); + adr_uid(&adr, &cuid, 1); return (token); } /* - * au_to_xobj + * au_to_xcolormap + * return s: + * pointer to a X Colormap token. + */ + +token_t * +au_to_xcolormap(int32_t xid, uid_t cuid) +{ + return (x_common(AUT_XCOLORMAP, xid, cuid)); +} + +/* + * au_to_xcursor + * return s: + * pointer to a X Cursor token. + */ + +token_t * +au_to_xcursor(int32_t xid, uid_t cuid) +{ + return (x_common(AUT_XCURSOR, xid, cuid)); +} + +/* + * au_to_xfont + * return s: + * pointer to a X Font token. + */ + +token_t * +au_to_xfont(int32_t xid, uid_t cuid) +{ + return (x_common(AUT_XFONT, xid, cuid)); +} + +/* + * au_to_xgc * return s: - * pointer to a X object token. + * pointer to a X Graphic Context token. + */ + +token_t * +au_to_xgc(int32_t xid, uid_t cuid) +{ + return (x_common(AUT_XGC, xid, cuid)); +} + +/* + * au_to_xpixmap + * return s: + * pointer to a X Pixal Map token. */ + token_t * -au_to_xobj(int oid, int xid, int cuid) +au_to_xpixmap(int32_t xid, uid_t cuid) +{ + return (x_common(AUT_XPIXMAP, xid, cuid)); +} + +/* + * au_to_xwindow + * return s: + * pointer to a X Window token. + */ + +token_t * +au_to_xwindow(int32_t xid, uid_t cuid) +{ + return (x_common(AUT_XWINDOW, xid, cuid)); +} + +/* + * au_to_xproperty + * return s: + * pointer to a X Property token. + */ + +token_t * +au_to_xproperty(int32_t xid, uid_t cuid, char *propname) { token_t *token; /* local token */ adr_t adr; /* adr memory stream header */ - char data_header = AUT_XOBJ; /* header for this token */ + char data_header = AUT_XPROPERTY; /* header for this token */ + short proplen; - token = get_token(sizeof (char) + 3 * sizeof (int32_t)); + proplen = strlen(propname) + 1; + + token = get_token(sizeof (char) + sizeof (int32_t) + sizeof (uid_t) + + sizeof (short) + proplen); if (token == NULL) return (NULL); adr_start(&adr, token->tt_data); adr_char(&adr, &data_header, 1); - adr_int32(&adr, (int32_t *)&oid, 1); - adr_int32(&adr, (int32_t *)&xid, 1); - adr_int32(&adr, (int32_t *)&cuid, 1); + adr_int32(&adr, &xid, 1); + adr_uid(&adr, &cuid, 1); + adr_short(&adr, &proplen, 1); + adr_char(&adr, propname, proplen); return (token); } /* - * au_to_xselect + * au_to_xclient * return s: - * pointer to a X select token. + * pointer to a X Client token */ + token_t * -au_to_xselect(char *pstring, char *type, short dlen, char *data) +au_to_xclient(uint32_t client) { token_t *token; /* local token */ adr_t adr; /* adr memory stream header */ - char data_header = AUT_XSELECT; /* header for this token */ - short bytes; + char data_header = AUT_XCLIENT; /* header for this token */ - bytes = strlen(pstring) + strlen(type) + 2 + dlen; - token = get_token((int)(sizeof (char) + sizeof (short) * 3 + bytes)); + token = get_token(sizeof (char) + sizeof (uint32_t)); if (token == NULL) return (NULL); adr_start(&adr, token->tt_data); adr_char(&adr, &data_header, 1); - bytes = strlen(pstring) + 1; - adr_short(&adr, &bytes, 1); - adr_char(&adr, pstring, bytes); - bytes = strlen(type) + 1; - adr_short(&adr, &bytes, 1); - adr_char(&adr, type, bytes); - adr_short(&adr, &dlen, 1); - adr_char(&adr, data, dlen); + adr_int32(&adr, (int32_t *)&client, 1); + return (token); }
--- a/usr/src/lib/libbsm/common/libbsm.h Fri Sep 07 14:58:53 2007 -0700 +++ b/usr/src/lib/libbsm/common/libbsm.h Fri Sep 07 15:05:42 2007 -0700 @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -105,6 +105,7 @@ extern void adr_char(adr_t *, char *, int); extern int adr_count(adr_t *); extern void adr_int32(adr_t *, int32_t *, int); +extern void adr_uid(adr_t *, uid_t *, int); extern void adr_int64(adr_t *, int64_t *, int); extern void adr_short(adr_t *, short *, int); extern void adr_start(adr_t *, char *);
--- a/usr/src/lib/libbsm/common/mapfile-vers Fri Sep 07 14:58:53 2007 -0700 +++ b/usr/src/lib/libbsm/common/mapfile-vers Fri Sep 07 15:05:42 2007 -0700 @@ -128,6 +128,7 @@ adrf_u_int64; adrf_u_short; adr_int32; + adr_uid; adr_int64; adrm_char; adrm_int32; @@ -260,10 +261,17 @@ au_to_seq; au_to_trailer; au_to_uauth; + au_to_upriv; au_to_xatom; - au_to_xobj; - au_to_xproto; + au_to_xcolormap; + au_to_xclient; + au_to_xcursor; + au_to_xfont; + au_to_xgc; + au_to_xpixmap; + au_to_xproperty; au_to_xselect; + au_to_xwindow; cacheauclass; cacheauclassnam; cacheauevent;
--- a/usr/src/uts/common/c2/audit_record.h Fri Sep 07 14:58:53 2007 -0700 +++ b/usr/src/uts/common/c2/audit_record.h Fri Sep 07 15:05:42 2007 -0700 @@ -746,10 +746,17 @@ extern token_t *au_to_tid(au_generic_tid_t *); extern token_t *au_to_trailer(void); extern token_t *au_to_uauth(char *); -extern token_t *au_to_xatom(ushort_t, char *); -extern token_t *au_to_xobj(int, int, int); -extern token_t *au_to_xproto(pid_t); -extern token_t *au_to_xselect(char *, char *, short, char *); +extern token_t *au_to_upriv(char, char *); +extern token_t *au_to_xatom(char *); +extern token_t *au_to_xselect(char *, char *, char *); +extern token_t *au_to_xcolormap(int32_t, uid_t); +extern token_t *au_to_xcursor(int32_t, uid_t); +extern token_t *au_to_xfont(int32_t, uid_t); +extern token_t *au_to_xgc(int32_t, uid_t); +extern token_t *au_to_xpixmap(int32_t, uid_t); +extern token_t *au_to_xwindow(int32_t, uid_t); +extern token_t *au_to_xproperty(int32_t, uid_t, char *); +extern token_t *au_to_xclient(uint32_t); extern token_t *au_to_zonename(char *); #endif /* _KERNEL */