NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>

@@ -18,10 +18,11 @@
  *
  * CDDL HEADER END
  */
 /*
  * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
  */
 
 /*
  * This file contains the envelope code for system call auditing.
  */

@@ -461,6 +462,33 @@
                 if (amask.as_success & estate || amask.as_failure & estate)
                         flag = 1;
         }
 
         return (flag);
+}
+
+/*
+ * determine if we've preselected this event (non-syscall).
+ */
+
+int
+auditev(au_event_t event, cred_t *cr)
+{
+        au_mask_t amask;
+        const auditinfo_addr_t *ainfo;
+        au_state_t estate;
+        au_kcontext_t *kctx = GET_KCTX_PZ;
+
+        ASSERT3U(event, <=, MAX_KEVENTS);
+
+        estate = kctx->auk_ets[event];
+        ainfo = crgetauinfo(cr);
+        if (ainfo == NULL)
+                return (0);
+        amask = ainfo->ai_mask;
+
+        if ((amask.as_success & estate) != 0 ||
+            (amask.as_failure & estate) != 0)
+                return (AU_OK);
+
+        return (0);
 }