il_7029-4 Sdiff usr/src/uts/common/c2/audit.h

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

  22  * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 
  25 /*
  26  * This file contains the declarations of the various data structures
  27  * used by the auditing module(s).
  28  */
  29 
  30 #ifndef _BSM_AUDIT_H
  31 #define _BSM_AUDIT_H
  32 
  33 #ifdef __cplusplus
  34 extern "C" {
  35 #endif
  36 
  37 
  38 #include <sys/shm.h>      /* for shmid_ds structure */
  39 #include <sys/sem.h>      /* for semid_ds structure */
  40 #include <sys/msg.h>      /* for msqid_ds structure */
  41 #include <sys/atomic.h>   /* using atomics */

  42 
  43 /*
  44  * Audit conditions, statements reguarding what's to be done with
  45  * audit records.  None of the "global state" is returned by an
  46  * auditconfig -getcond call.  AUC_NOSPACE no longer seems used.
  47  */
  48 /* global state */
  49 #define AUC_UNSET       0       /* on/off hasn't been decided */
  50 #define AUC_ENABLED     1       /* loaded and enabled */
  51 /* pseudo state used in libbsm */
  52 #define AUC_DISABLED    0x100   /* c2audit module is excluded */
  53 /* local zone state */
  54 #define AUC_AUDITING    0x1     /* audit daemon is active */
  55 #define AUC_NOAUDIT     0x2     /* audit daemon is not active */
  56 #define AUC_INIT_AUDIT  0x4     /* audit ready but auditd has not run */
  57 #define AUC_NOSPACE     0x8     /* audit enabled, no space for audit records */
  58 
  59 /*
  60  * The user id -2 is never audited - in fact, a setauid(AU_NOAUDITID)
  61  * will turn off auditing.

 573  * as a protection when c2audit module is not loaded.
 574  */
 575 #define AU_ZONE_AUDITING(zcontext)          \
 576         (audit_active == C2AUDIT_LOADED &&  \
 577             ((AU_AUDIT_MASK) & au_zone_getstate((zcontext))))
 578 
 579 /*
 580  * Get auditing status
 581  */
 582 #define AU_AUDITING() (audit_getstate())
 583 
 584 int     audit_success(au_kcontext_t *, struct t_audit_data *, int, cred_t *);
 585 int     auditme(au_kcontext_t *, struct t_audit_data *, au_state_t);
 586 void    audit_fixpath(struct audit_path *, int);
 587 void    audit_ipc(int, int, void *);
 588 void    audit_ipcget(int, void *);
 589 void    audit_fdsend(int, struct file *, int);
 590 void    audit_fdrecv(int, struct file *);
 591 void    audit_priv(int, const struct priv_set *, int);
 592 void    audit_setppriv(int, int, const struct priv_set *, const cred_t *);


 593 void    audit_devpolicy(int, const struct devplcysys *);
 594 void    audit_update_context(proc_t *, cred_t *);
 595 void    audit_kssl(int, void *, int);
 596 void    audit_pf_policy(int, cred_t *, netstack_t *, char *, boolean_t, int,
 597     pid_t);
 598 void    audit_sec_attributes(caddr_t *, struct vnode *);
 599 
 600 #endif
 601 
 602 #ifdef __cplusplus
 603 }
 604 #endif
 605 
 606 #endif /* _BSM_AUDIT_H */

  22  * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 
  25 /*
  26  * This file contains the declarations of the various data structures
  27  * used by the auditing module(s).
  28  */
  29 
  30 #ifndef _BSM_AUDIT_H
  31 #define _BSM_AUDIT_H
  32 
  33 #ifdef __cplusplus
  34 extern "C" {
  35 #endif
  36 
  37 
  38 #include <sys/shm.h>      /* for shmid_ds structure */
  39 #include <sys/sem.h>      /* for semid_ds structure */
  40 #include <sys/msg.h>      /* for msqid_ds structure */
  41 #include <sys/atomic.h>   /* using atomics */
  42 #include <sys/secflags.h>
  43 
  44 /*
  45  * Audit conditions, statements reguarding what's to be done with
  46  * audit records.  None of the "global state" is returned by an
  47  * auditconfig -getcond call.  AUC_NOSPACE no longer seems used.
  48  */
  49 /* global state */
  50 #define AUC_UNSET       0       /* on/off hasn't been decided */
  51 #define AUC_ENABLED     1       /* loaded and enabled */
  52 /* pseudo state used in libbsm */
  53 #define AUC_DISABLED    0x100   /* c2audit module is excluded */
  54 /* local zone state */
  55 #define AUC_AUDITING    0x1     /* audit daemon is active */
  56 #define AUC_NOAUDIT     0x2     /* audit daemon is not active */
  57 #define AUC_INIT_AUDIT  0x4     /* audit ready but auditd has not run */
  58 #define AUC_NOSPACE     0x8     /* audit enabled, no space for audit records */
  59 
  60 /*
  61  * The user id -2 is never audited - in fact, a setauid(AU_NOAUDITID)
  62  * will turn off auditing.

 574  * as a protection when c2audit module is not loaded.
 575  */
 576 #define AU_ZONE_AUDITING(zcontext)          \
 577         (audit_active == C2AUDIT_LOADED &&  \
 578             ((AU_AUDIT_MASK) & au_zone_getstate((zcontext))))
 579 
 580 /*
 581  * Get auditing status
 582  */
 583 #define AU_AUDITING() (audit_getstate())
 584 
 585 int     audit_success(au_kcontext_t *, struct t_audit_data *, int, cred_t *);
 586 int     auditme(au_kcontext_t *, struct t_audit_data *, au_state_t);
 587 void    audit_fixpath(struct audit_path *, int);
 588 void    audit_ipc(int, int, void *);
 589 void    audit_ipcget(int, void *);
 590 void    audit_fdsend(int, struct file *, int);
 591 void    audit_fdrecv(int, struct file *);
 592 void    audit_priv(int, const struct priv_set *, int);
 593 void    audit_setppriv(int, int, const struct priv_set *, const cred_t *);
 594 void    audit_psecflags(proc_t *, psecflagwhich_t,
 595     const secflagdelta_t *);
 596 void    audit_devpolicy(int, const struct devplcysys *);
 597 void    audit_update_context(proc_t *, cred_t *);
 598 void    audit_kssl(int, void *, int);
 599 void    audit_pf_policy(int, cred_t *, netstack_t *, char *, boolean_t, int,
 600     pid_t);
 601 void    audit_sec_attributes(caddr_t *, struct vnode *);
 602 
 603 #endif
 604 
 605 #ifdef __cplusplus
 606 }
 607 #endif
 608 
 609 #endif /* _BSM_AUDIT_H */