NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>

*** 18,27 ****
--- 18,28 ----
   *
   * CDDL HEADER END
   */
  /*
   * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
+  * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
   */
  
  /*
   * This file contains the envelope code for system call auditing.
   */
*** 461,466 ****
--- 462,494 ----
                  if (amask.as_success & estate || amask.as_failure & estate)
                          flag = 1;
          }
  
          return (flag);
+ }
+ 
+ /*
+  * determine if we've preselected this event (non-syscall).
+  */
+ 
+ int
+ auditev(au_event_t event, cred_t *cr)
+ {
+         au_mask_t amask;
+         const auditinfo_addr_t *ainfo;
+         au_state_t estate;
+         au_kcontext_t *kctx = GET_KCTX_PZ;
+ 
+         ASSERT3U(event, <=, MAX_KEVENTS);
+ 
+         estate = kctx->auk_ets[event];
+         ainfo = crgetauinfo(cr);
+         if (ainfo == NULL)
+                 return (0);
+         amask = ainfo->ai_mask;
+ 
+         if ((amask.as_success & estate) != 0 ||
+             (amask.as_failure & estate) != 0)
+                 return (AU_OK);
+ 
+         return (0);
  }