PERFORCE change 76272 for review

Robert Watson rwatson at FreeBSD.org
Sat Apr 30 13:28:48 GMT 2005 

http://perforce.freebsd.org/chv.cgi?CH=76272

Change 76272 by rwatson at rwatson_paprika on 2005/04/30 13:28:09

	Merge additional changes from Darwin 8.0's bsm-8 distribution:
	
	- Resort comments relating to Apple internal APIs; where we don't
	  consider an API internal yet, add a comment if Apple considers
	  them internal
	
	- Semantic change to cannot_audit(): don't audit if we're not   
	  auditing, rather than do not audit if in the no-audit state.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/libbsm/libbsm.h#8 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/libbsm/libbsm.h#8 (text+ko) ====

@@ -773,27 +773,6 @@
 
 typedef struct tokenstr tokenstr_t;
 
-/*
- * XXX  This prototype should be in audit_record.h
- *
- * au_free_token()
- *
- * @summary - au_free_token() deallocates a token_t created by any of
- * the au_to_*() BSM API functions.  
- *
- * The BSM API generally manages deallocation of token_t objects.  However, 
- * if au_write() is passed a bad audit descriptor, the token_t * parameter
- * will be left untouched.  In that case, the caller can deallocate the 
- * token_t using au_free_token() if desired.  This is, in fact, what
- * audit_write() does, in keeping with the existing memory management model
- * of the BSM API.  
- *
- * @param tok - A token_t * generated by one of the au_to_*() BSM API
- * calls.  For convenience, tok may be NULL, in which case
- * au_free_token() returns immediately.  
- */
-void au_free_token(token_t *tok);
-
 void setauevent();
 void endauevent();
 struct au_event_ent *getauevent();
@@ -911,6 +890,29 @@
 
 __BEGIN_DECLS
 /*
+ * XXX  This prototype should be in audit_record.h
+ *
+ * au_free_token()
+ *
+ * @summary - au_free_token() deallocates a token_t created by any of
+ * the au_to_*() BSM API functions.  
+ *
+ * The BSM API generally manages deallocation of token_t objects.  However, 
+ * if au_write() is passed a bad audit descriptor, the token_t * parameter
+ * will be left untouched.  In that case, the caller can deallocate the 
+ * token_t using au_free_token() if desired.  This is, in fact, what
+ * audit_write() does, in keeping with the existing memory management model
+ * of the BSM API.  
+ *
+ * @param tok - A token_t * generated by one of the au_to_*() BSM API
+ * calls.  For convenience, tok may be NULL, in which case
+ * au_free_token() returns immediately.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
+ */
+void au_free_token(token_t *tok);
+
+/*
  * Lightweight check to determine if auditing is enabled.  If a client
  * wants to use this to govern whether an entire series of audit calls
  * should be made--as in the common case of a caller building a set of
@@ -921,32 +923,17 @@
  * Otherwise the function can return any of the errno values defined for 
  * setaudit(2), or AU_UNIMPL if audit does not appear to be supported by 
  * the system.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int au_get_state(void);
 __END_DECLS
 
 /* OpenSSH compatibility */
-#define cannot_audit(x) (au_get_state() == AUC_NOAUDIT)
+#define cannot_audit(x) (!(au_get_state() == AUC_AUDITING))
 
 __BEGIN_DECLS
 /*
- * The following calls all wrap the existing BSM API.  They use the
- * provided subject information, if any, to construct the subject token
- * required for every log message.  They use the provided return/error
- * value(s), if any, to construct the success/failure indication required
- * for every log message.  They only permit one "miscellaneous" token, 
- * which should contain the event-specific logging information mandated by
- * CAPP.  
- *
- * All these calls assume the caller has previously determined that
- * auditing is enabled by calling au_get_state().  
- *
- * NB: these calls are NOT part of the BSM API.  They are NOT guaranteed to
- * remain unchanged or even available in future.  Use them at your own
- * risk.  
- */
-
-/*
  * audit_set_terminal_id()
  *
  * @summary - audit_set_terminal_id() fills in an au_tid_t struct, which is
@@ -957,10 +944,27 @@
  * @return - kAUNoErr on success; kAUBadParamErr if tid is NULL, kAUStatErr 
  * or kAUSysctlErr if one of the underlying system calls fails (a message
  * is sent to the system log in those cases).  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_set_terminal_id(au_tid_t *tid);
 
 /*
+ * BEGIN au_write() WRAPPERS
+ *
+ * The following calls all wrap the existing BSM API.  They use the
+ * provided subject information, if any, to construct the subject token
+ * required for every log message.  They use the provided return/error
+ * value(s), if any, to construct the success/failure indication required
+ * for every log message.  They only permit one "miscellaneous" token, 
+ * which should contain the event-specific logging information mandated by
+ * CAPP.  
+ *
+ * All these calls assume the caller has previously determined that
+ * auditing is enabled by calling au_get_state().  
+ */
+
+/*
  * audit_write()
  *
  * @summary - audit_write() is the basis for the other audit_write_*() 
@@ -995,6 +999,8 @@
  *
  * @return - The status of the call: 0 (zero) on success, else one of the
  * kAU*Err values defined above.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_write(short event_code, token_t *subject, token_t *misctok, char
 		retval, int errcode);
@@ -1037,6 +1043,8 @@
  *
  * @return - The status of the call: 0 (zero) on success, else one of the
  * kAU*Err values defined above.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_write_success(short event_code, token_t *misctok, au_id_t auid, 
 			uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 
@@ -1058,6 +1066,8 @@
  *
  * @return - The status of the call: 0 (zero) on success, else one of the
  * kAU*Err values defined above.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_write_success_self(short event_code, token_t *misctok);
 
@@ -1102,6 +1112,8 @@
  *
  * @return - The status of the call: 0 (zero) on success, else one of the
  * kAU*Err values defined above.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_write_failure(short event_code, char *errmsg, int errret, 
 			au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
@@ -1127,6 +1139,8 @@
  *
  * @return - The status of the call: 0 (zero) on success, else one of the
  * kAU*Err values defined above.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_write_failure_self(short event_code, char *errmsg, int errret);
 
@@ -1157,6 +1171,8 @@
  *
  * @return - The status of the call: 0 (zero) on success, else one of the
  * kAU*Err values defined above.  
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 int audit_write_failure_na(short event_code, char *errmsg, int errret,
 			   uid_t euid, gid_t egid, pid_t pid, au_tid_t *tid);
@@ -1200,6 +1216,8 @@
  *
  * @param tidp - Pointer to an au_tid_t; on return will be set to the task 
  * or sender's terminal ID
+ *
+ * XXXRW: In Apple's bsm-8, these are marked __APPLE_API_PRIVATE.
  */
 void audit_token_to_au32(
 	audit_token_t	atoken,
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list