PERFORCE change 92701 for review

Fri Mar 3 14:39:55 PST 2006

http://perforce.freebsd.org/chv.cgi?CH=92701

Change 92701 by rwatson at rwatson_zoo on 2006/03/03 22:39:36

	Integrate recent OpenBSM changes into src/sys/bsm and
	src/sys/security/audit.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#24 integrate
.. //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#7 integrate
.. //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#22 integrate
.. //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#10 integrate
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm_token.c#9 integrate

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#24 (text+ko) ====

@@ -30,7 +30,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#23 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#24 $
  * $FreeBSD: src/sys/bsm/audit.h,v 1.2 2006/02/01 19:54:22 rwatson Exp $
  */
 
@@ -258,25 +258,11 @@
 };
 typedef	struct auditpinfo_addr	auditpinfo_addr_t;
 
-/* Token and record structures. */
-
-struct au_token {
-	u_char			*t_data;
-	size_t			 len;
-	TAILQ_ENTRY(au_token)	 tokens;
-};
+/*
+ * Contents of token_t are opaque outside of libbsm.
+ */
 typedef	struct au_token	token_t;
 
-struct au_record {
-	char			 used;		/* Record currently in use? */
-	int			 desc;		/* Descriptor for record. */
-	TAILQ_HEAD(, au_token)	 token_q;	/* Queue of BSM tokens. */
-	u_char			*data;
-	size_t			 len;
-	LIST_ENTRY(au_record)	 au_rec_q;
-};
-typedef	struct au_record	au_record_t;
-
 /*
  * Kernel audit queue control parameters.
  */
@@ -328,6 +314,9 @@
 };
 typedef	struct au_evclass_map	au_evclass_map_t;
 
+/*
+ * Audit system calls.
+ */
 #if !defined(_KERNEL) && !defined(KERNEL)
 int	audit(const void *, int);
 int	auditon(int, void *, int);

==== //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#7 (text+ko) ====

@@ -34,11 +34,15 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#6 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#7 $
  */
 
-#ifndef _LIBBSM_INTERNAL_H
-#define	_LIBBSM_INTERNAL_H
+#ifndef _AUDIT_INTERNAL_H
+#define	_AUDIT_INTERNAL_H
+
+#if defined(__linux__) && !defined(__unused)
+#define	__unused
+#endif
 
 /*
  * audit_internal.h contains private interfaces that are shared by user space
@@ -47,7 +51,23 @@
  * broken with future releases of OpenBSM, which may delete, modify, or
  * otherwise break these interfaces or the assumptions they rely on.
  */
+struct au_token {
+	u_char			*t_data;
+	size_t			 len;
+	TAILQ_ENTRY(au_token)	 tokens;
+};
+
+struct au_record {
+	char			 used;		/* Record currently in use? */
+	int			 desc;		/* Descriptor for record. */
+	TAILQ_HEAD(, au_token)	 token_q;	/* Queue of BSM tokens. */
+	u_char			*data;
+	size_t			 len;
+	LIST_ENTRY(au_record)	 au_rec_q;
+};
+typedef	struct au_record	au_record_t;
 
+
 /* We could determined the header and trailer sizes by
  * defining appropriate structures. We hold off that approach
  * till we have a consistant way of using structures for all tokens.
@@ -96,4 +116,4 @@
 
 #define	ADD_STRING(loc, data, size)	ADD_MEM(loc, data, size)
 
-#endif /* !_LIBBSM_INTERNAL_H_ */
+#endif /* !_AUDIT_INTERNAL_H_ */

==== //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#22 (text+ko) ====

@@ -30,7 +30,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#21 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#22 $
  * $FreeBSD: src/sys/bsm/audit_kevents.h,v 1.5 2006/02/06 01:12:46 rwatson Exp $
  */
 

==== //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#10 (text+ko) ====

@@ -30,7 +30,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#9 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#10 $
  */
 
 #ifndef _BSM_AUDIT_RECORD_H_

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm_token.c#9 (text+ko) ====

@@ -30,15 +30,11 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm_token.c#8 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/security/audit/audit_bsm_token.c#9 $
  */
 
 #include <sys/types.h>
-#ifdef __APPLE__
-#include <compat/endian.h>
-#else /* !__APPLE__ */
 #include <sys/endian.h>
-#endif /* __APPLE__*/
 #include <sys/socket.h>
 #include <sys/time.h>
 
@@ -326,10 +322,7 @@
 
 	ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
 	ADD_U_INT32(dptr, type);
-	ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[0]);
-	ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[1]);
-	ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[2]);
-	ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[3]);
+	ADD_MEM(dptr, internet_addr, sizeof(*internet_addr));
 
 	return (t);
 }
@@ -416,9 +409,18 @@
 	ADD_U_INT16(dptr, perm->mode);
 
 	ADD_U_INT16(dptr, pad0);
+
+#ifdef HAVE_IPC_PERM___SEQ
+	ADD_U_INT16(dptr, perm->__seq);
+#else
 	ADD_U_INT16(dptr, perm->seq);
+#endif
 
+#ifdef HAVE_IPC_PERM___KEY
+	ADD_U_INT32(dptr, perm->__key);
+#else
 	ADD_U_INT32(dptr, perm->key);
+#endif
 
 	return (t);
 }
@@ -864,10 +866,7 @@
 	ADD_U_CHAR(dptr, so->sin6_family);
 
 	ADD_U_INT16(dptr, so->sin6_port);
-	ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[0]);
-	ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[1]);
-	ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[2]);
-	ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[3]);
+	ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr));
 
 	return (t);
 
@@ -991,7 +990,7 @@
 	    tid));
 }
 
-#if !defined(_KERNEL) && !defined(KERNEL)
+#if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS)
 /*
  * Collects audit information for the current process
  * and creates a subject token from it
