PERFORCE change 91134 for review

Sun Feb 5 00:42:39 GMT 2006

http://perforce.freebsd.org/chv.cgi?CH=91134

Change 91134 by wsalamon at gretsch on 2006/02/05 00:42:13

	Have the audit test library load the kernel event->class mapping
	table at init time.

Affected files ...

.. //depot/projects/trustedbsd/audit3/tools/regression/audit/test/include/audittest.h#5 edit
.. //depot/projects/trustedbsd/audit3/tools/regression/audit/test/lib/audittest.c#5 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/tools/regression/audit/test/include/audittest.h#5 (text+ko) ====

@@ -52,7 +52,7 @@
 /*
  * Function that will set up the process audit information.
  */
-void aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, 
+int aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, 
 		unsigned int flags);
 
 /*
@@ -75,7 +75,11 @@
 
 #define AUT_INIT() do {							\
 	assert(argc == 2);						\
-	aut_init(__FILE__, AUDIT_CLASSES, AUDIT_CLASSES, strtol(argv[1], NULL, 16)); \
+	if (aut_init(__FILE__, AUDIT_CLASSES, AUDIT_CLASSES,		\
+	    strtol(argv[1], NULL, 16)) != 0) {				\
+		fprintf(stderr, "Unable to initialize.\n");		\
+		exit (-1);						\
+	}								\
 } while(0)
 
 #define AUT_PRINTF(args...) do {					\

==== //depot/projects/trustedbsd/audit3/tools/regression/audit/test/lib/audittest.c#5 (text+ko) ====

@@ -40,6 +40,49 @@
 int aut_verbose;
 char logfile[MAXPATHLEN + 1];
 
+/*
+ * Set the event to class mapping in the kernel.
+ */
+static int
+set_kernel_classmap(void)
+{
+	au_event_ent_t ev, *evp;
+	au_evclass_map_t evc_map;
+	int ctr = 0;
+
+	/*
+	 * Process the audit event file, obtaining a class mapping for each
+	 * event, and send that mapping into the kernel.
+	*/
+	ev.ae_name = (char *)malloc(AU_EVENT_NAME_MAX);
+	ev.ae_desc = (char *)malloc(AU_EVENT_DESC_MAX);
+	if ((ev.ae_name == NULL) || (ev.ae_desc == NULL)) {
+		fprintf(stderr,
+		    "Memory allocation error when configuring audit controls.\n");
+		return (-1);
+	}
+	evp = &ev;
+	setauevent();
+	while ((evp = getauevent_r(evp)) != NULL) {
+		evc_map.ec_number = evp->ae_number;
+		evc_map.ec_class = evp->ae_class;
+		if (auditon(A_SETCLASS, &evc_map, sizeof(au_evclass_map_t))
+		    != 0)
+			fprintf(stderr,
+			    "Failed to register class mapping for event %s.\n",
+			     evp->ae_name);
+		else
+			ctr++;
+	}
+	endauevent();
+	free(ev.ae_name);
+	free(ev.ae_desc);
+	if (ctr == 0)
+		fprintf(stderr, "No events to class mappings registered.\n");
+
+	return (0);
+}
+
 /* 
  * Open the audit log file and tell the kernel.
  */
@@ -92,12 +135,19 @@
  * Initialization routine to set the audit log file, process audit masks,
  * and verbosity levels.
  */
-void aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, 
+int
+aut_init(char *prefix, unsigned int succ_mask, unsigned int fail_mask, 
 		unsigned int flags)
 {
+	if (set_kernel_classmap() != 0) {
+		fprintf(stderr, "Unable to set kernel event->class map.\n");
+		return (-1);
+	}
 	aut_verbose = flags;
 	aut_logfile(prefix);
 	aut_mask(succ_mask, fail_mask);
+
+	return (0);
 }
 
 /*
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

