PERFORCE change 76336 for review
Robert Watson
rwatson at FreeBSD.org
Sun May 1 21:23:51 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=76336
Change 76336 by rwatson at rwatson_paprika on 2005/05/01 21:23:34
Rename print_sec() to print_sec32(); add a print_sec64() that
truncates the value of a 64-bit second count since we assume that
time_t is 32-bit.
Rename print_msec() to print_msec32(); add a print_msec64() that
truncates the value of a 64-bit millisecond count since that's
silly.
Implement fetch_header64_tok(), print_header64_tok(),
fetch_attr64_tok(), print_attr64_tok(), fetch_subject64_tok(),
print_subject64_tok().
It's now possible to print the basic 64-bit record types from a
64-bit Solaris BSM token stream.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#10 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#10 (text+ko) ====
@@ -281,7 +281,7 @@
/*
* Prints seconds in the ctime format
*/
-static void print_sec(FILE *fp, u_int32_t sec, char raw)
+static void print_sec32(FILE *fp, u_int32_t sec, char raw)
{
time_t time;
char timestr[26];
@@ -298,9 +298,29 @@
}
/*
+ * XXXRW: 64-bit token streams make use of 64-bit time stamps; since we
+ * assume a 32-bit time_t, we simply truncate for now.
+ */
+static void print_sec64(FILE *fp, u_int64_t sec, char raw)
+{
+ time_t time;
+ char timestr[26];
+
+ if(raw) {
+ fprintf(fp, "%u", (u_int32_t)sec);
+ }
+ else {
+ time = (time_t)sec;
+ ctime_r(&time, timestr);
+ timestr[24] = '\0'; /* No new line */
+ fprintf(fp, "%s", timestr);
+ }
+}
+
+/*
* Prints the excess milliseconds
*/
-static void print_msec(FILE *fp, u_int32_t msec, char raw)
+static void print_msec32(FILE *fp, u_int32_t msec, char raw)
{
if(raw) {
fprintf(fp, "%u", msec);
@@ -310,7 +330,23 @@
}
}
+/*
+ * XXXRW: 64-bit token streams make use of 64-bit time stamps; since we
+ * assume a 32-bit msec, we simply truncate for now.
+ */
+static void print_msec64(FILE *fp, u_int64_t msec, char raw)
+{
+ msec &= 0xffffffff;
+ if(raw) {
+ fprintf(fp, "%u", (u_int32_t)msec);
+ }
+ else {
+ fprintf(fp, " + %u msec", (u_int32_t)msec);
+ }
+}
+
+
/* prints a dotted form for the IP addres */
static void print_ip_address(FILE *fp, u_int32_t ip)
{
@@ -448,9 +484,72 @@
print_delim(fp, del);
print_evmod(fp, tok->tt.hdr32.e_mod, raw);
print_delim(fp, del);
- print_sec(fp, tok->tt.hdr32.s, raw);
+ print_sec32(fp, tok->tt.hdr32.s, raw);
+ print_delim(fp, del);
+ print_msec32(fp, tok->tt.hdr32.ms, raw);
+}
+
+/*
+ * record byte count 4 bytes
+ * event type 2 bytes
+ * event modifier 2 bytes
+ * seconds of time 4 bytes/8 bytes (32-bit/64-bit value)
+ * milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value)
+ * version #
+ */
+static int fetch_header64_tok(tokenstr_t *tok, char *buf, int len)
+{
+ int err = 0;
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.hdr64.size, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_CHAR(buf, len, tok->tt.hdr64.version, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT16(buf, len, tok->tt.hdr64.e_type, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT16(buf, len, tok->tt.hdr64.e_mod, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT64(buf, len, tok->tt.hdr64.s, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT64(buf, len, tok->tt.hdr64.ms, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static void print_header64_tok(FILE *fp, tokenstr_t *tok, char *del,
+ char raw, char sfrm)
+{
+ print_tok_type(fp, tok->id, "header", raw);
+ print_delim(fp, del);
+ print_4_bytes(fp, tok->tt.hdr64.size, "%u");
+ print_delim(fp, del);
+ print_1_byte(fp, tok->tt.hdr64.version, "%u");
+ print_delim(fp, del);
+ print_event(fp, tok->tt.hdr64.e_type, raw, sfrm);
+ print_delim(fp, del);
+ print_evmod(fp, tok->tt.hdr64.e_mod, raw);
+ print_delim(fp, del);
+ print_sec64(fp, tok->tt.hdr64.s, raw);
print_delim(fp, del);
- print_msec(fp, tok->tt.hdr32.ms, raw);
+ print_msec64(fp, tok->tt.hdr64.ms, raw);
}
/*
@@ -763,6 +862,69 @@
}
/*
+ * file access mode 4 bytes
+ * owner user ID 4 bytes
+ * owner group ID 4 bytes
+ * file system ID 4 bytes
+ * node ID 8 bytes
+ * device 4 bytes/8 bytes (32-bit/64-bit)
+ */
+static int fetch_attr64_tok(tokenstr_t *tok, char *buf, int len)
+{
+ int err = 0;
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.attr64.mode, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.attr64.uid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.attr64.gid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.attr64.fsid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT64(buf, len, tok->tt.attr64.nid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT64(buf, len, tok->tt.attr64.dev, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static void print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del,
+ char raw, char sfrm)
+{
+ print_tok_type(fp, tok->id, "attribute", raw);
+ print_delim(fp, del);
+ print_4_bytes(fp, tok->tt.attr64.mode, "%o");
+ print_delim(fp, del);
+ print_user(fp, tok->tt.attr64.uid, raw);
+ print_delim(fp, del);
+ print_group(fp, tok->tt.attr64.gid, raw);
+ print_delim(fp, del);
+ print_4_bytes(fp, tok->tt.attr64.fsid, "%u");
+ print_delim(fp, del);
+ print_8_bytes(fp, tok->tt.attr64.nid, "%lld");
+ print_delim(fp, del);
+ print_8_bytes(fp, tok->tt.attr64.dev, "%llu");
+}
+
+/*
* status 4 bytes
* return value 4 bytes
*/
@@ -919,9 +1081,9 @@
{
print_tok_type(fp, tok->id, "file", raw);
print_delim(fp, del);
- print_sec(fp, tok->tt.file.s, raw);
+ print_sec32(fp, tok->tt.file.s, raw);
print_delim(fp, del);
- print_msec(fp, tok->tt.file.ms, raw);
+ print_msec32(fp, tok->tt.file.ms, raw);
print_delim(fp, del);
print_string(fp, tok->tt.file.name, tok->tt.file.len);
}
@@ -1704,7 +1866,7 @@
* pid 4 bytes
* sessid 4 bytes
* terminal ID
- * portid 4 bytes
+ * portid 4 bytes/8 bytes (32-bit/64-bit value)
* machine id 4 bytes
*/
static int fetch_subject32_tok(tokenstr_t *tok, char *buf, int len)
@@ -1792,6 +1954,94 @@
* pid 4 bytes
* sessid 4 bytes
* terminal ID
+ * portid 4 bytes/8 bytes (32-bit/64-bit value)
+ * machine id 4 bytes
+ */
+static int fetch_subject64_tok(tokenstr_t *tok, char *buf, int len)
+{
+ int err = 0;
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.auid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.euid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.egid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.ruid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.rgid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.pid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.sid, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT64(buf, len, tok->tt.subj64.tid.port, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ READ_TOKEN_U_INT32(buf, len, tok->tt.subj64.tid.addr, tok->len, err);
+ if(err) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static void print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del,
+ char raw, char sfrm)
+{
+ print_tok_type(fp, tok->id, "subject", raw);
+ print_delim(fp, del);
+ print_user(fp, tok->tt.subj64.auid, raw);
+ print_delim(fp, del);
+ print_user(fp, tok->tt.subj64.euid, raw);
+ print_delim(fp, del);
+ print_group(fp, tok->tt.subj64.egid, raw);
+ print_delim(fp, del);
+ print_user(fp, tok->tt.subj64.ruid, raw);
+ print_delim(fp, del);
+ print_group(fp, tok->tt.subj64.rgid, raw);
+ print_delim(fp, del);
+ print_4_bytes(fp, tok->tt.subj64.pid, "%u");
+ print_delim(fp, del);
+ print_4_bytes(fp, tok->tt.subj64.sid, "%u");
+ print_delim(fp, del);
+ print_8_bytes(fp, tok->tt.subj64.tid.port, "%llu");
+ print_delim(fp, del);
+ print_ip_address(fp, tok->tt.subj64.tid.addr);
+}
+
+/*
+ * audit ID 4 bytes
+ * euid 4 bytes
+ * egid 4 bytes
+ * ruid 4 bytes
+ * rgid 4 bytes
+ * pid 4 bytes
+ * sessid 4 bytes
+ * terminal ID
* portid 4 bytes
* type 4 bytes
* machine id 16 bytes
@@ -2039,6 +2289,9 @@
case AU_HEADER_32_TOKEN :
return fetch_header32_tok(tok, buf, len);
+ case AU_HEADER_64_TOKEN :
+ return fetch_header64_tok(tok, buf, len);
+
case AU_TRAILER_TOKEN :
return fetch_trailer_tok(tok, buf, len);
@@ -2051,6 +2304,9 @@
case AU_ATTR32_TOKEN :
return fetch_attr32_tok(tok, buf, len);
+ case AU_ATTR64_TOKEN :
+ return fetch_attr64_tok(tok, buf, len);
+
case AU_EXIT_TOKEN :
return fetch_exit_tok(tok, buf, len);
@@ -2117,6 +2373,9 @@
case AU_SUBJECT_32_TOKEN :
return fetch_subject32_tok(tok, buf, len);
+ case AU_SUBJECT_64_TOKEN :
+ return fetch_subject64_tok(tok, buf, len);
+
case AU_SUBJECT_32_EX_TOKEN :
return fetch_subject32ex_tok(tok, buf, len);
@@ -2144,6 +2403,9 @@
case AU_HEADER_32_TOKEN :
return print_header32_tok(outfp, tok, del, raw, sfrm);
+ case AU_HEADER_64_TOKEN:
+ return print_header64_tok(outfp, tok, del, raw, sfrm);
+
case AU_TRAILER_TOKEN :
return print_trailer_tok(outfp, tok, del, raw, sfrm);
@@ -2159,6 +2421,9 @@
case AU_ATTR32_TOKEN :
return print_attr32_tok(outfp, tok, del, raw, sfrm);
+ case AU_ATTR64_TOKEN :
+ return print_attr64_tok(outfp, tok, del, raw, sfrm);
+
case AU_EXIT_TOKEN :
return print_exit_tok(outfp, tok, del, raw, sfrm);
@@ -2225,6 +2490,9 @@
case AU_SUBJECT_32_TOKEN :
return print_subject32_tok(outfp, tok, del, raw, sfrm);
+ case AU_SUBJECT_64_TOKEN :
+ return print_subject64_tok(outfp, tok, del, raw, sfrm);
+
case AU_SUBJECT_32_EX_TOKEN :
return print_subject32ex_tok(outfp, tok, del, raw, sfrm);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list