119 static void aus_mkdir(struct t_audit_data *);
120 static void aus_mkdirat(struct t_audit_data *);
121 static void aus_mknod(struct t_audit_data *);
122 static void aus_mknodat(struct t_audit_data *);
123 static void aus_mount(struct t_audit_data *);
124 static void aus_umount2(struct t_audit_data *);
125 static void aus_msgsys(struct t_audit_data *);
126 static void aus_semsys(struct t_audit_data *);
127 static void aus_close(struct t_audit_data *);
128 static void aus_fstatfs(struct t_audit_data *);
129 static void aus_setgid(struct t_audit_data *);
130 static void aus_setpgrp(struct t_audit_data *);
131 static void aus_setuid(struct t_audit_data *);
132 static void aus_shmsys(struct t_audit_data *);
133 static void aus_doorfs(struct t_audit_data *);
134 static void aus_ioctl(struct t_audit_data *);
135 static void aus_memcntl(struct t_audit_data *);
136 static void aus_mmap(struct t_audit_data *);
137 static void aus_munmap(struct t_audit_data *);
138 static void aus_priocntlsys(struct t_audit_data *);
139 static void aus_setegid(struct t_audit_data *);
140 static void aus_setgroups(struct t_audit_data *);
141 static void aus_seteuid(struct t_audit_data *);
142 static void aus_putmsg(struct t_audit_data *);
143 static void aus_putpmsg(struct t_audit_data *);
144 static void aus_getmsg(struct t_audit_data *);
145 static void aus_getpmsg(struct t_audit_data *);
146 static void aus_auditsys(struct t_audit_data *);
147 static void aus_sysinfo(struct t_audit_data *);
148 static void aus_modctl(struct t_audit_data *);
149 static void aus_kill(struct t_audit_data *);
150 static void aus_setregid(struct t_audit_data *);
151 static void aus_setreuid(struct t_audit_data *);
152 static void aus_labelsys(struct t_audit_data *);
153
154 static void auf_mknod(struct t_audit_data *, int, rval_t *);
155 static void auf_mknodat(struct t_audit_data *, int, rval_t *);
156 static void auf_msgsys(struct t_audit_data *, int, rval_t *);
157 static void auf_semsys(struct t_audit_data *, int, rval_t *);
158 static void auf_shmsys(struct t_audit_data *, int, rval_t *);
187
188 #define aui_null NULL /* NULL initialize function */
189 #define aus_null NULL /* NULL start function */
190 #define auf_null NULL /* NULL finish function */
191
192 struct audit_s2e audit_s2e[] =
193 {
194 /*
195 * ---------- ---------- ---------- ----------
196 * INITIAL AUDIT START SYSTEM
197 * PROCESSING EVENT PROCESSING CALL
198 * ---------- ---------- ---------- -----------
199 * FINISH EVENT
200 * PROCESSING CONTROL
201 * ----------------------------------------------------------
202 */
203 aui_null, AUE_NULL, aus_null, /* 0 unused (indirect) */
204 auf_null, 0,
205 aui_null, AUE_EXIT, aus_exit, /* 1 exit */
206 auf_null, S2E_NPT,
207 aui_null, AUE_NULL, aus_null, /* 2 (loadable) was forkall */
208 auf_null, 0,
209 aui_null, AUE_READ, aus_null, /* 3 read */
210 auf_read, S2E_PUB,
211 aui_null, AUE_WRITE, aus_null, /* 4 write */
212 auf_write, 0,
213 aui_open, AUE_OPEN, aus_open, /* 5 open */
214 auf_null, S2E_SP,
215 aui_null, AUE_CLOSE, aus_close, /* 6 close */
216 auf_null, 0,
217 aui_null, AUE_LINK, aus_null, /* 7 linkat */
218 auf_null, 0,
219 aui_null, AUE_NULL, aus_null, /* 8 (loadable) was creat */
220 auf_null, 0,
221 aui_null, AUE_LINK, aus_null, /* 9 link */
222 auf_null, 0,
223 aui_null, AUE_UNLINK, aus_null, /* 10 unlink */
224 auf_null, 0,
225 aui_null, AUE_SYMLINK, aus_null, /* 11 symlinkat */
226 auf_null, 0,
227 aui_null, AUE_CHDIR, aus_null, /* 12 chdir */
726 auf_null, 0
727 };
728
729 uint_t num_syscall = sizeof (audit_s2e) / sizeof (struct audit_s2e);
730
731
732 /* exit start function */
733 /*ARGSUSED*/
734 static void
735 aus_exit(struct t_audit_data *tad)
736 {
737 uint32_t rval;
738 struct a {
739 long rval;
740 } *uap = (struct a *)ttolwp(curthread)->lwp_ap;
741
742 rval = (uint32_t)uap->rval;
743 au_uwrite(au_to_arg32(1, "exit status", rval));
744 }
745
746 /* acct start function */
747 /*ARGSUSED*/
748 static void
749 aus_acct(struct t_audit_data *tad)
750 {
751 klwp_t *clwp = ttolwp(curthread);
752 uintptr_t fname;
753
754 struct a {
755 long fname; /* char * */
756 } *uap = (struct a *)clwp->lwp_ap;
757
758 fname = (uintptr_t)uap->fname;
759
760 if (fname == 0)
761 au_uwrite(au_to_arg32(1, "accounting off", (uint32_t)0));
762 }
763
764 /* chown start function */
765 /*ARGSUSED*/
|
119 static void aus_mkdir(struct t_audit_data *);
120 static void aus_mkdirat(struct t_audit_data *);
121 static void aus_mknod(struct t_audit_data *);
122 static void aus_mknodat(struct t_audit_data *);
123 static void aus_mount(struct t_audit_data *);
124 static void aus_umount2(struct t_audit_data *);
125 static void aus_msgsys(struct t_audit_data *);
126 static void aus_semsys(struct t_audit_data *);
127 static void aus_close(struct t_audit_data *);
128 static void aus_fstatfs(struct t_audit_data *);
129 static void aus_setgid(struct t_audit_data *);
130 static void aus_setpgrp(struct t_audit_data *);
131 static void aus_setuid(struct t_audit_data *);
132 static void aus_shmsys(struct t_audit_data *);
133 static void aus_doorfs(struct t_audit_data *);
134 static void aus_ioctl(struct t_audit_data *);
135 static void aus_memcntl(struct t_audit_data *);
136 static void aus_mmap(struct t_audit_data *);
137 static void aus_munmap(struct t_audit_data *);
138 static void aus_priocntlsys(struct t_audit_data *);
139 static void aus_psecflags(struct t_audit_data *);
140 static void aus_setegid(struct t_audit_data *);
141 static void aus_setgroups(struct t_audit_data *);
142 static void aus_seteuid(struct t_audit_data *);
143 static void aus_putmsg(struct t_audit_data *);
144 static void aus_putpmsg(struct t_audit_data *);
145 static void aus_getmsg(struct t_audit_data *);
146 static void aus_getpmsg(struct t_audit_data *);
147 static void aus_auditsys(struct t_audit_data *);
148 static void aus_sysinfo(struct t_audit_data *);
149 static void aus_modctl(struct t_audit_data *);
150 static void aus_kill(struct t_audit_data *);
151 static void aus_setregid(struct t_audit_data *);
152 static void aus_setreuid(struct t_audit_data *);
153 static void aus_labelsys(struct t_audit_data *);
154
155 static void auf_mknod(struct t_audit_data *, int, rval_t *);
156 static void auf_mknodat(struct t_audit_data *, int, rval_t *);
157 static void auf_msgsys(struct t_audit_data *, int, rval_t *);
158 static void auf_semsys(struct t_audit_data *, int, rval_t *);
159 static void auf_shmsys(struct t_audit_data *, int, rval_t *);
188
189 #define aui_null NULL /* NULL initialize function */
190 #define aus_null NULL /* NULL start function */
191 #define auf_null NULL /* NULL finish function */
192
193 struct audit_s2e audit_s2e[] =
194 {
195 /*
196 * ---------- ---------- ---------- ----------
197 * INITIAL AUDIT START SYSTEM
198 * PROCESSING EVENT PROCESSING CALL
199 * ---------- ---------- ---------- -----------
200 * FINISH EVENT
201 * PROCESSING CONTROL
202 * ----------------------------------------------------------
203 */
204 aui_null, AUE_NULL, aus_null, /* 0 unused (indirect) */
205 auf_null, 0,
206 aui_null, AUE_EXIT, aus_exit, /* 1 exit */
207 auf_null, S2E_NPT,
208 aui_null, AUE_PSECFLAGS, aus_psecflags, /* 2 psecflags */
209 auf_null, 0,
210 aui_null, AUE_READ, aus_null, /* 3 read */
211 auf_read, S2E_PUB,
212 aui_null, AUE_WRITE, aus_null, /* 4 write */
213 auf_write, 0,
214 aui_open, AUE_OPEN, aus_open, /* 5 open */
215 auf_null, S2E_SP,
216 aui_null, AUE_CLOSE, aus_close, /* 6 close */
217 auf_null, 0,
218 aui_null, AUE_LINK, aus_null, /* 7 linkat */
219 auf_null, 0,
220 aui_null, AUE_NULL, aus_null, /* 8 (loadable) was creat */
221 auf_null, 0,
222 aui_null, AUE_LINK, aus_null, /* 9 link */
223 auf_null, 0,
224 aui_null, AUE_UNLINK, aus_null, /* 10 unlink */
225 auf_null, 0,
226 aui_null, AUE_SYMLINK, aus_null, /* 11 symlinkat */
227 auf_null, 0,
228 aui_null, AUE_CHDIR, aus_null, /* 12 chdir */
727 auf_null, 0
728 };
729
730 uint_t num_syscall = sizeof (audit_s2e) / sizeof (struct audit_s2e);
731
732
733 /* exit start function */
734 /*ARGSUSED*/
735 static void
736 aus_exit(struct t_audit_data *tad)
737 {
738 uint32_t rval;
739 struct a {
740 long rval;
741 } *uap = (struct a *)ttolwp(curthread)->lwp_ap;
742
743 rval = (uint32_t)uap->rval;
744 au_uwrite(au_to_arg32(1, "exit status", rval));
745 }
746
747 /*ARGSUSED*/
748 static void
749 aus_psecflags(struct t_audit_data *tad)
750 {
751 struct a {
752 uintptr_t psp; /* procset_t */
753 uint_t cmd; /* psecflags_cmd_t */
754 uint_t arg;
755 } *uap = (struct a *)ttolwp(curthread)->lwp_ap;
756
757 au_uwrite(au_to_arg32(2, "cmd", (uint_t)uap->cmd));
758 au_uwrite(au_to_arg32(3, "arg", (uint_t)uap->arg));
759 }
760
761 /* acct start function */
762 /*ARGSUSED*/
763 static void
764 aus_acct(struct t_audit_data *tad)
765 {
766 klwp_t *clwp = ttolwp(curthread);
767 uintptr_t fname;
768
769 struct a {
770 long fname; /* char * */
771 } *uap = (struct a *)clwp->lwp_ap;
772
773 fname = (uintptr_t)uap->fname;
774
775 if (fname == 0)
776 au_uwrite(au_to_arg32(1, "accounting off", (uint32_t)0));
777 }
778
779 /* chown start function */
780 /*ARGSUSED*/
|