3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 /*
26 * This file contains the declarations of the various data structures
27 * used by the auditing module(s).
28 */
29
30 #ifndef _BSM_AUDIT_H
31 #define _BSM_AUDIT_H
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37
38 #include <sys/shm.h> /* for shmid_ds structure */
39 #include <sys/sem.h> /* for semid_ds structure */
40 #include <sys/msg.h> /* for msqid_ds structure */
41 #include <sys/atomic.h> /* using atomics */
42 #include <sys/secflags.h>
473 #include <sys/model.h>
474 #include <sys/proc.h>
475 #include <sys/stream.h>
476 #include <sys/stropts.h>
477 #include <sys/file.h>
478 #include <sys/pathname.h>
479 #include <sys/vnode.h>
480 #include <sys/systm.h>
481 #include <netinet/in.h>
482 #include <c2/audit_door_infc.h>
483 #include <sys/crypto/ioctladmin.h>
484 #include <sys/netstack.h>
485 #include <sys/zone.h>
486
487 #ifdef __cplusplus
488 extern "C" {
489 #endif
490
491 struct fcntla;
492 struct t_audit_data;
493 struct audit_path;
494 struct priv_set;
495 struct devplcysys;
496
497 struct auditcalls {
498 long code;
499 long a1;
500 long a2;
501 long a3;
502 long a4;
503 long a5;
504 };
505
506 int audit(caddr_t, int);
507 int auditsys(struct auditcalls *, union rval *); /* fake stub */
508 void audit_cryptoadm(int, char *, crypto_mech_name_t *,
509 uint_t, uint_t, uint32_t, int);
510 void audit_init(void);
511 void audit_init_module(void);
512 void audit_newproc(struct proc *);
530 void audit_strputmsg(struct vnode *, struct strbuf *, struct strbuf *,
531 unsigned char, int, int);
532 void audit_closef(struct file *);
533 void audit_setf(struct file *, int);
534 void audit_reboot(void);
535 void audit_vncreate_start(void);
536 void audit_setfsat_path(int argnum);
537 void audit_vncreate_finish(struct vnode *, int);
538 void audit_exec(const char *, const char *, ssize_t, ssize_t, cred_t *);
539 void audit_enterprom(int);
540 void audit_exitprom(int);
541 void audit_chdirec(struct vnode *, struct vnode **);
542 void audit_sock(int, struct queue *, struct msgb *, int);
543 int audit_start(unsigned int, unsigned int, uint32_t, int, klwp_t *);
544 void audit_finish(unsigned int, unsigned int, int, union rval *);
545 int audit_async_start(label_t *, au_event_t, int);
546 void audit_async_finish(caddr_t *, au_event_t, au_emod_t, timestruc_t *);
547 void audit_async_discard_backend(void *);
548 void audit_async_done(caddr_t *, int);
549 void audit_async_drop(caddr_t *, int);
550
551 #ifndef AUK_CONTEXT_T
552 #define AUK_CONTEXT_T
553 typedef struct au_kcontext au_kcontext_t;
554 #endif
555
556 /* Zone audit context setup routine */
557 void au_zone_setup(void);
558
559 /*
560 * c2audit module states
561 */
562 #define C2AUDIT_DISABLED 0 /* c2audit module excluded in /etc/system */
563 #define C2AUDIT_UNLOADED 1 /* c2audit module not loaded */
564 #define C2AUDIT_LOADED 2 /* c2audit module loaded */
565
566 uint32_t audit_getstate(void);
567 int au_zone_getstate(const au_kcontext_t *);
568
569 /* The audit mask defining in which case is auditing enabled */
570 #define AU_AUDIT_MASK (AUC_AUDITING | AUC_NOSPACE)
571
572 /*
573 * Get the given zone audit status. zcontext != NULL serves
574 * as a protection when c2audit module is not loaded.
575 */
576 #define AU_ZONE_AUDITING(zcontext) \
577 (audit_active == C2AUDIT_LOADED && \
578 ((AU_AUDIT_MASK) & au_zone_getstate((zcontext))))
579
580 /*
581 * Get auditing status
582 */
583 #define AU_AUDITING() (audit_getstate())
584
585 int audit_success(au_kcontext_t *, struct t_audit_data *, int, cred_t *);
586 int auditme(au_kcontext_t *, struct t_audit_data *, au_state_t);
587 void audit_fixpath(struct audit_path *, int);
588 void audit_ipc(int, int, void *);
589 void audit_ipcget(int, void *);
590 void audit_fdsend(int, struct file *, int);
591 void audit_fdrecv(int, struct file *);
592 void audit_priv(int, const struct priv_set *, int);
593 void audit_setppriv(int, int, const struct priv_set *, const cred_t *);
594 void audit_psecflags(proc_t *, psecflagwhich_t,
595 const secflagdelta_t *);
596 void audit_devpolicy(int, const struct devplcysys *);
597 void audit_update_context(proc_t *, cred_t *);
598 void audit_kssl(int, void *, int);
599 void audit_pf_policy(int, cred_t *, netstack_t *, char *, boolean_t, int,
600 pid_t);
601 void audit_sec_attributes(caddr_t *, struct vnode *);
602
603 #endif
604
605 #ifdef __cplusplus
606 }
|
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 /*
27 * This file contains the declarations of the various data structures
28 * used by the auditing module(s).
29 */
30
31 #ifndef _BSM_AUDIT_H
32 #define _BSM_AUDIT_H
33
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37
38
39 #include <sys/shm.h> /* for shmid_ds structure */
40 #include <sys/sem.h> /* for semid_ds structure */
41 #include <sys/msg.h> /* for msqid_ds structure */
42 #include <sys/atomic.h> /* using atomics */
43 #include <sys/secflags.h>
474 #include <sys/model.h>
475 #include <sys/proc.h>
476 #include <sys/stream.h>
477 #include <sys/stropts.h>
478 #include <sys/file.h>
479 #include <sys/pathname.h>
480 #include <sys/vnode.h>
481 #include <sys/systm.h>
482 #include <netinet/in.h>
483 #include <c2/audit_door_infc.h>
484 #include <sys/crypto/ioctladmin.h>
485 #include <sys/netstack.h>
486 #include <sys/zone.h>
487
488 #ifdef __cplusplus
489 extern "C" {
490 #endif
491
492 struct fcntla;
493 struct t_audit_data;
494 struct t_audit_sacl;
495 struct audit_path;
496 struct priv_set;
497 struct devplcysys;
498
499 struct auditcalls {
500 long code;
501 long a1;
502 long a2;
503 long a3;
504 long a4;
505 long a5;
506 };
507
508 int audit(caddr_t, int);
509 int auditsys(struct auditcalls *, union rval *); /* fake stub */
510 void audit_cryptoadm(int, char *, crypto_mech_name_t *,
511 uint_t, uint_t, uint32_t, int);
512 void audit_init(void);
513 void audit_init_module(void);
514 void audit_newproc(struct proc *);
532 void audit_strputmsg(struct vnode *, struct strbuf *, struct strbuf *,
533 unsigned char, int, int);
534 void audit_closef(struct file *);
535 void audit_setf(struct file *, int);
536 void audit_reboot(void);
537 void audit_vncreate_start(void);
538 void audit_setfsat_path(int argnum);
539 void audit_vncreate_finish(struct vnode *, int);
540 void audit_exec(const char *, const char *, ssize_t, ssize_t, cred_t *);
541 void audit_enterprom(int);
542 void audit_exitprom(int);
543 void audit_chdirec(struct vnode *, struct vnode **);
544 void audit_sock(int, struct queue *, struct msgb *, int);
545 int audit_start(unsigned int, unsigned int, uint32_t, int, klwp_t *);
546 void audit_finish(unsigned int, unsigned int, int, union rval *);
547 int audit_async_start(label_t *, au_event_t, int);
548 void audit_async_finish(caddr_t *, au_event_t, au_emod_t, timestruc_t *);
549 void audit_async_discard_backend(void *);
550 void audit_async_done(caddr_t *, int);
551 void audit_async_drop(caddr_t *, int);
552 void audit_sacl(char *, cred_t *, uint32_t, boolean_t,
553 struct t_audit_sacl *);
554
555 #ifndef AUK_CONTEXT_T
556 #define AUK_CONTEXT_T
557 typedef struct au_kcontext au_kcontext_t;
558 #endif
559
560 /* Zone audit context setup routine */
561 void au_zone_setup(void);
562
563 /*
564 * c2audit module states
565 */
566 #define C2AUDIT_DISABLED 0 /* c2audit module excluded in /etc/system */
567 #define C2AUDIT_UNLOADED 1 /* c2audit module not loaded */
568 #define C2AUDIT_LOADED 2 /* c2audit module loaded */
569
570 uint32_t audit_getstate(void);
571 int au_zone_getstate(const au_kcontext_t *);
572
573 /* The audit mask defining in which case is auditing enabled */
574 #define AU_AUDIT_MASK (AUC_AUDITING | AUC_NOSPACE)
575
576 /*
577 * Get the given zone audit status. zcontext != NULL serves
578 * as a protection when c2audit module is not loaded.
579 */
580 #define AU_ZONE_AUDITING(zcontext) \
581 (audit_active == C2AUDIT_LOADED && \
582 ((AU_AUDIT_MASK) & au_zone_getstate((zcontext))))
583
584 #define AU_AUDIT_PERZONE() \
585 ((audit_policy & AUDIT_PERZONE) != 0)
586
587 /*
588 * Get auditing status
589 */
590 #define AU_AUDITING() (audit_getstate())
591
592 int audit_success(au_kcontext_t *, struct t_audit_data *, int, cred_t *);
593 int auditme(au_kcontext_t *, struct t_audit_data *, au_state_t);
594 int auditev(au_event_t, cred_t *);
595 void audit_fixpath(struct audit_path *, int);
596 void audit_ipc(int, int, void *);
597 void audit_ipcget(int, void *);
598 void audit_fdsend(int, struct file *, int);
599 void audit_fdrecv(int, struct file *);
600 void audit_priv(int, const struct priv_set *, int);
601 void audit_setppriv(int, int, const struct priv_set *, const cred_t *);
602 void audit_psecflags(proc_t *, psecflagwhich_t,
603 const secflagdelta_t *);
604 void audit_devpolicy(int, const struct devplcysys *);
605 void audit_update_context(proc_t *, cred_t *);
606 void audit_kssl(int, void *, int);
607 void audit_pf_policy(int, cred_t *, netstack_t *, char *, boolean_t, int,
608 pid_t);
609 void audit_sec_attributes(caddr_t *, struct vnode *);
610
611 #endif
612
613 #ifdef __cplusplus
614 }
|