PERFORCE change 96593 for review

Wed May 3 15:23:45 UTC 2006

http://perforce.freebsd.org/chv.cgi?CH=96593

Change 96593 by rwatson at rwatson_zoo on 2006/05/03 15:23:36

	Rename pipe preselect ioctls to all include the word 'PRESELECT'.
	
	Implement simple pipe preselect audit ioctls, but not per-auid
	ioctls yet.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_ioctl.h#6 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#15 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_ioctl.h#6 (text+ko) ====

@@ -51,15 +51,15 @@
 #define	AUDITPIPE_SET_QLIMIT		_IOW(AUDITPIPE_IOBASE, 3, u_int)
 #define	AUDITPIPE_GET_QLIMIT_MIN	_IOR(AUDITPIPE_IOBASE, 4, u_int)
 #define	AUDITPIPE_GET_QLIMIT_MAX	_IOR(AUDITPIPE_IOBASE, 5, u_int)
-#define	AUDITPIPE_GET_FLAGS		_IOR(AUDITPIPE_IOBASE, 6, au_mask_t)
-#define	AUDITPIPE_SET_FLAGS		_IOW(AUDITPIPE_IOBASE, 7, au_mask_t)
-#define	AUDITPIPE_GET_NAFLAGS		_IOR(AUDITPIPE_IOBASE, 8, au_mask_t)
-#define	AUDITPIPE_SET_NAFLAGS		_IOW(AUDITPIPE_IOBASE, 9, au_mask_t)
-#define	AUDITPIPE_GET_PRESELECT		_IOR(AUDITPIPE_IOBASE, 10,	\
+#define	AUDITPIPE_GET_PRESELECT_FLAGS	_IOR(AUDITPIPE_IOBASE, 6, au_mask_t)
+#define	AUDITPIPE_SET_PRESELECT_FLAGS	_IOW(AUDITPIPE_IOBASE, 7, au_mask_t)
+#define	AUDITPIPE_GET_PRESELECT_NAFLAGS	_IOR(AUDITPIPE_IOBASE, 8, au_mask_t)
+#define	AUDITPIPE_SET_PRESELECT_NAFLAGS	_IOW(AUDITPIPE_IOBASE, 9, au_mask_t)
+#define	AUDITPIPE_GET_PRESELECT_AUID	_IOR(AUDITPIPE_IOBASE, 10,	\
 					    struct auditpipe_preselect)
-#define	AUDITPIPE_SET_PRESELECT		_IOW(AUDITPIPE_IOBASE, 11,	\
+#define	AUDITPIPE_SET_PRESELECT_AUID	_IOW(AUDITPIPE_IOBASE, 11,	\
 					    struct auditpipe_preselect)
-#define	AUDITPIPE_FLUSH_PRESELECT	_IO(AUDITPIPE_IOBASE, 11)
+#define	AUDITPIPE_FLUSH_PRESELECT_AUID	_IO(AUDITPIPE_IOBASE, 11)
 
 /*
  * Ioctls to retrieve audit pipe statistics.

==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_pipe.c#15 (text+ko) ====

@@ -499,11 +499,19 @@
 audit_pipe_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
     struct thread *td)
 {
+	struct auditpipe_preselect *aps;
 	struct audit_pipe *ap;
+	au_mask_t *maskp;
 	int error;
 
 	ap = dev->si_drv1;
 	KASSERT(ap != NULL, ("audit_pipe_ioctl: ap == NULL"));
+
+	/*
+	 * Audit pipe ioctls: first come standard device node ioctls, then
+	 * manipulation of pipe settings, and finally, statistics query
+	 * ioctls.
+	 */
 	switch (cmd) {
 	case FIONBIO:
 		mtx_lock(&audit_pipe_mtx);
@@ -575,6 +583,44 @@
 		error = 0;
 		break;
 
+	case AUDITPIPE_GET_PRESELECT_FLAGS:
+		maskp = (au_mask_t *)data;
+		*maskp = ap->ap_preselect_flags;
+		error = 0;
+		break;
+
+	case AUDITPIPE_SET_PRESELECT_FLAGS:
+		maskp = (au_mask_t *)data;
+		ap->ap_preselect_flags = *maskp;
+		error = 0;
+		break;
+
+	case AUDITPIPE_GET_PRESELECT_NAFLAGS:
+		maskp = (au_mask_t *)data;
+		*maskp = ap->ap_preselect_naflags;
+		error = 0;
+		break;
+
+	case AUDITPIPE_SET_PRESELECT_NAFLAGS:
+		maskp = (au_mask_t *)data;
+		ap->ap_preselect_naflags = *maskp;
+		error = 0;
+		break;
+
+	case AUDITPIPE_GET_PRESELECT_AUID:
+		aps = (struct auditpipe_preselect *)data;
+		error = EOPNOTSUPP;
+		break;
+
+	case AUDITPIPE_SET_PRESELECT_AUID:
+		aps = (struct auditpipe_preselect *)data;
+		error = EOPNOTSUPP;
+		break;
+
+	case AUDITPIPE_FLUSH_PRESELECT_AUID:
+		error = EOPNOTSUPP;
+		break;
+
 	case AUDITPIPE_GET_INSERTS:
 		*(u_int *)data = ap->ap_inserts;
 		error = 0;
