Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/auditreduce/token.c
+++ new/usr/src/cmd/auditreduce/token.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 24 * Copyright 2012 Milan Jurik. All rights reserved.
25 25 */
26 26
27 27
28 28 /*
29 29 * Token processing for auditreduce.
30 30 */
31 31
32 32 #include <locale.h>
33 33 #include <sys/zone.h>
34 34 #include "auditr.h"
35 35 #include "toktable.h"
36 36
37 37 extern int re_exec2(char *);
38 38
39 39 static void anchor_path(char *path);
40 40 static char *collapse_path(char *s);
41 41 static void get_string(adr_t *adr, char **p);
42 42 static int ipc_type_match(int flag, char type);
43 43 static void skip_string(adr_t *adr);
44 44 static int xgeneric(adr_t *adr);
45 45
46 46 #if AUDIT_REC
47 47 void
48 48 print_id(int id)
49 49 {
50 50 char *suffix;
51 51
52 52 if ((id < 0) || (id > MAXTOKEN) ||
53 53 (tokentable[id].func == NOFUNC)) {
54 54 (void) fprintf(stderr,
55 55 "token_processing: token %d not found\n", id);
56 56 return;
57 57 }
58 58
59 59 switch (id) {
60 60 case AUT_NEWGROUPS:
61 61 suffix = "_new";
62 62 break;
63 63 case AUT_ATTR32:
64 64 suffix = "32";
65 65 break;
66 66 case AUT_ARG64:
67 67 case AUT_RETURN64:
68 68 case AUT_ATTR64:
69 69 case AUT_HEADER64:
70 70 case AUT_SUBJECT64:
71 71 case AUT_PROCESS64:
72 72 case AUT_OTHER_FILE64:
73 73 suffix = "64";
74 74 break;
75 75 case AUT_SOCKET_EX:
76 76 case AUT_IN_ADDR_EX:
77 77 suffix = "_ex";
78 78 break;
79 79 case AUT_HEADER32_EX:
80 80 case AUT_SUBJECT32_EX:
81 81 case AUT_PROCESS32_EX:
82 82 suffix = "32_ex";
83 83 break;
84 84 case AUT_HEADER64_EX:
85 85 case AUT_SUBJECT64_EX:
86 86 case AUT_PROCESS64_EX:
87 87 suffix = "64_ex";
88 88 break;
89 89 default:
90 90 suffix = "";
91 91 break;
92 92 }
93 93 (void) fprintf(stderr, "token_processing: %s%s\n",
94 94 tokentable[id].t_name, suffix);
95 95 }
96 96 #endif /* AUDIT_REC */
97 97
98 98 /*
99 99 * Process a token in a record to determine whether the record is interesting.
100 100 */
101 101
102 102 int
103 103 token_processing(adr_t *adr, int tokenid)
104 104 {
105 105 if ((tokenid > 0) && (tokenid <= MAXTOKEN) &&
106 106 (tokentable[tokenid].func != NOFUNC)) {
107 107 #if AUDIT_REC
108 108 print_id(tokenid);
109 109 #endif /* AUDIT_REC */
110 110 return ((*tokentable[tokenid].func)(adr));
111 111 }
112 112
113 113 /* here if token id is not in table */
114 114 return (-2);
115 115 }
116 116
117 117
118 118 /* There should not be any file or header tokens in the middle of a record */
119 119
120 120 /* ARGSUSED */
121 121 int
122 122 file_token(adr_t *adr)
123 123 {
124 124 return (-2);
125 125 }
126 126
127 127 /* ARGSUSED */
128 128 int
129 129 file64_token(adr_t *adr)
130 130 {
131 131 return (-2);
132 132 }
133 133
134 134 /* ARGSUSED */
135 135 int
136 136 header_token(adr_t *adr)
137 137 {
138 138 return (-2);
139 139 }
140 140
141 141 /* ARGSUSED */
142 142 int
143 143 header32_ex_token(adr_t *adr)
144 144 {
145 145 return (-2);
146 146 }
147 147
148 148 /* ARGSUSED */
149 149 int
150 150 header64_ex_token(adr_t *adr)
151 151 {
152 152 return (-2);
153 153 }
154 154
155 155 /* ARGSUSED */
156 156 int
157 157 header64_token(adr_t *adr)
158 158 {
159 159 return (-2);
160 160 }
161 161
162 162
163 163 /*
164 164 * ======================================================
165 165 * The following token processing routines return
166 166 * -1: if the record is not interesting
167 167 * -2: if an error is found
168 168 * ======================================================
169 169 */
170 170
171 171 int
172 172 trailer_token(adr_t *adr)
173 173 {
174 174 short magic_number;
175 175 uint32_t bytes;
176 176
177 177 adrm_u_short(adr, (ushort_t *)&magic_number, 1);
178 178 if (magic_number != AUT_TRAILER_MAGIC) {
179 179 (void) fprintf(stderr, "%s\n",
180 180 gettext("auditreduce: Bad trailer token"));
181 181 return (-2);
182 182 }
183 183 adrm_u_int32(adr, &bytes, 1);
184 184
185 185 return (-1);
186 186 }
187 187
188 188
189 189 /*
190 190 * Format of arbitrary data token:
191 191 * arbitrary data token id adr char
192 192 * how to print adr_char
193 193 * basic unit adr_char
194 194 * unit count adr_char, specifying number of units of
195 195 * data items depends on basic unit
196 196 */
197 197 int
198 198 arbitrary_data_token(adr_t *adr)
199 199 {
200 200 int i;
201 201 char c1;
202 202 short c2;
203 203 int32_t c3;
204 204 int64_t c4;
205 205 char how_to_print, basic_unit, unit_count;
206 206
207 207 /* get how_to_print, basic_unit, and unit_count */
208 208 adrm_char(adr, &how_to_print, 1);
209 209 adrm_char(adr, &basic_unit, 1);
210 210 adrm_char(adr, &unit_count, 1);
211 211 for (i = 0; i < unit_count; i++) {
212 212 switch (basic_unit) {
213 213 /* case AUR_BYTE: has same value as AUR_CHAR */
214 214 case AUR_CHAR:
215 215 adrm_char(adr, &c1, 1);
216 216 break;
217 217 case AUR_SHORT:
218 218 adrm_short(adr, &c2, 1);
219 219 break;
220 220 case AUR_INT32:
221 221 adrm_int32(adr, (int32_t *)&c3, 1);
222 222 break;
223 223 case AUR_INT64:
224 224 adrm_int64(adr, (int64_t *)&c4, 1);
225 225 break;
226 226 default:
227 227 return (-2);
228 228 }
229 229 }
230 230 return (-1);
231 231 }
232 232
233 233
234 234 /*
235 235 * Format of opaque token:
236 236 * opaque token id adr_char
237 237 * size adr_short
238 238 * data adr_char, size times
239 239 */
240 240 int
241 241 opaque_token(adr_t *adr)
242 242 {
243 243 skip_string(adr);
244 244 return (-1);
245 245 }
246 246
247 247
248 248
249 249 /*
250 250 * Format of return32 value token:
251 251 * return value token id adr_char
252 252 * error number adr_char
253 253 * return value adr_u_int32
254 254 */
255 255 int
256 256 return_value32_token(adr_t *adr)
257 257 {
258 258 char errnum;
259 259 uint32_t value;
260 260
261 261 adrm_char(adr, &errnum, 1);
262 262 adrm_u_int32(adr, &value, 1);
263 263 if ((flags & M_SORF) &&
264 264 ((global_class & mask.am_success) && (errnum == 0)) ||
265 265 ((global_class & mask.am_failure) && (errnum != 0))) {
266 266 checkflags |= M_SORF;
267 267 }
268 268 return (-1);
269 269 }
270 270
271 271 /*
272 272 * Format of return64 value token:
273 273 * return value token id adr_char
274 274 * error number adr_char
275 275 * return value adr_u_int64
276 276 */
277 277 int
278 278 return_value64_token(adr_t *adr)
279 279 {
280 280 char errnum;
281 281 uint64_t value;
282 282
283 283 adrm_char(adr, &errnum, 1);
284 284 adrm_u_int64(adr, &value, 1);
285 285 if ((flags & M_SORF) &&
286 286 ((global_class & mask.am_success) && (errnum == 0)) ||
287 287 ((global_class & mask.am_failure) && (errnum != 0))) {
288 288 checkflags |= M_SORF;
289 289 }
290 290 return (-1);
291 291 }
292 292
293 293
294 294 /*
295 295 * Format of sequence token:
296 296 * sequence token id adr_char
297 297 * audit_count int32_t
298 298 */
299 299 int
300 300 sequence_token(adr_t *adr)
301 301 {
302 302 int32_t audit_count;
303 303
304 304 adrm_int32(adr, &audit_count, 1);
305 305 return (-1);
306 306 }
307 307
308 308
309 309 /*
310 310 * Format of text token:
311 311 * text token id adr_char
312 312 * text adr_string
313 313 */
314 314 int
315 315 text_token(adr_t *adr)
316 316 {
317 317 skip_string(adr);
318 318 return (-1);
319 319 }
320 320
321 321
322 322 /*
323 323 * Format of ip_addr token:
324 324 * ip token id adr_char
325 325 * address adr_int32
326 326 */
327 327 int
328 328 ip_addr_token(adr_t *adr)
329 329 {
330 330 int32_t address;
331 331
332 332 adrm_char(adr, (char *)&address, 4);
333 333
334 334 return (-1);
335 335 }
336 336
337 337 /*
338 338 * Format of ip_addr_ex token:
339 339 * ip token id adr_char
340 340 * ip type adr_int32
341 341 * ip address adr_u_char*type
342 342 */
343 343 int
344 344 ip_addr_ex_token(adr_t *adr)
345 345 {
346 346 int32_t type;
347 347 uchar_t address[16];
348 348
349 349 adrm_int32(adr, (int32_t *)&type, 1);
350 350 adrm_u_char(adr, address, type);
351 351
352 352 return (-1);
353 353 }
354 354
355 355 /*
356 356 * Format of ip token:
357 357 * ip header token id adr_char
358 358 * version adr_char
359 359 * type of service adr_char
360 360 * length adr_short
361 361 * id adr_u_short
362 362 * offset adr_u_short
363 363 * ttl adr_char
364 364 * protocol adr_char
365 365 * checksum adr_u_short
366 366 * source address adr_int32
367 367 * destination address adr_int32
368 368 */
369 369 int
370 370 ip_token(adr_t *adr)
371 371 {
372 372 char version;
373 373 char type;
374 374 short len;
375 375 unsigned short id, offset, checksum;
376 376 char ttl, protocol;
377 377 int32_t src, dest;
378 378
379 379 adrm_char(adr, &version, 1);
380 380 adrm_char(adr, &type, 1);
381 381 adrm_short(adr, &len, 1);
382 382 adrm_u_short(adr, &id, 1);
383 383 adrm_u_short(adr, &offset, 1);
384 384 adrm_char(adr, &ttl, 1);
385 385 adrm_char(adr, &protocol, 1);
386 386 adrm_u_short(adr, &checksum, 1);
387 387 adrm_char(adr, (char *)&src, 4);
388 388 adrm_char(adr, (char *)&dest, 4);
389 389
390 390 return (-1);
391 391 }
392 392
393 393
394 394 /*
395 395 * Format of iport token:
396 396 * ip port address token id adr_char
397 397 * port address adr_short
398 398 */
399 399 int
400 400 iport_token(adr_t *adr)
401 401 {
402 402 short address;
403 403
404 404 adrm_short(adr, &address, 1);
405 405
406 406 return (-1);
407 407 }
408 408
409 409
410 410 /*
411 411 * Format of groups token:
412 412 * group token id adr_char
413 413 * group list adr_int32, 16 times
414 414 */
415 415 int
416 416 group_token(adr_t *adr)
417 417 {
418 418 int gid[16];
419 419 int i;
420 420 int flag = 0;
421 421
422 422 for (i = 0; i < 16; i++) {
423 423 adrm_int32(adr, (int32_t *)&gid[i], 1);
424 424 if (flags & M_GROUPR) {
425 425 if ((unsigned short)m_groupr == gid[i])
426 426 flag = 1;
427 427 }
428 428 }
429 429
430 430 if (flags & M_GROUPR) {
431 431 if (flag)
432 432 checkflags |= M_GROUPR;
433 433 }
434 434 return (-1);
435 435 }
436 436
437 437 /*
438 438 * Format of newgroups token:
439 439 * group token id adr_char
440 440 * number of groups adr_short
441 441 * group list adr_int32, "number" times
442 442 */
443 443 int
444 444 newgroup_token(adr_t *adr)
445 445 {
446 446 gid_t gid;
447 447 int i;
448 448 short int number;
449 449
450 450 adrm_short(adr, &number, 1);
451 451
452 452 for (i = 0; i < number; i++) {
453 453 adrm_int32(adr, (int32_t *)&gid, 1);
454 454 if (flags & M_GROUPR) {
455 455 if (m_groupr == gid)
456 456 checkflags |= M_GROUPR;
457 457 }
458 458 }
459 459
460 460 return (-1);
461 461 }
462 462
463 463 /*
464 464 * Format of argument32 token:
465 465 * argument token id adr_char
466 466 * argument number adr_char
467 467 * argument value adr_int32
468 468 * argument description adr_string
469 469 */
470 470 int
471 471 argument32_token(adr_t *adr)
472 472 {
473 473 char arg_num;
474 474 int32_t arg_val;
475 475
476 476 adrm_char(adr, &arg_num, 1);
477 477 adrm_int32(adr, &arg_val, 1);
478 478 skip_string(adr);
479 479
480 480 return (-1);
481 481 }
482 482
483 483 /*
484 484 * Format of argument64 token:
485 485 * argument token id adr_char
486 486 * argument number adr_char
487 487 * argument value adr_int64
488 488 * argument description adr_string
489 489 */
490 490 int
491 491 argument64_token(adr_t *adr)
492 492 {
493 493 char arg_num;
494 494 int64_t arg_val;
495 495
496 496 adrm_char(adr, &arg_num, 1);
497 497 adrm_int64(adr, &arg_val, 1);
498 498 skip_string(adr);
499 499
500 500 return (-1);
501 501 }
502 502
503 503 /*
504 504 * Format of acl token:
505 505 * acl token id adr_char
506 506 * acl type adr_u_int32
507 507 * acl value adr_u_int32 (depends on type)
508 508 * file mode adr_u_int (in octal)
509 509 */
510 510 int
511 511 acl_token(adr_t *adr)
512 512 {
513 513
514 514 int32_t id;
515 515 int32_t mode;
516 516 int32_t type;
517 517
518 518 adrm_int32(adr, &type, 1);
519 519 adrm_int32(adr, &id, 1);
520 520 adrm_int32(adr, &mode, 1);
521 521
522 522 return (-1);
523 523 }
524 524
525 525 /*
526 526 * Format of ace token:
527 527 * ace token id adr_char
528 528 * ace who adr_u_int32 (uid/gid)
529 529 * access mask adr_u_int32
530 530 * ace flags adr_u_int16
531 531 * ace type adr_u_int16
532 532 */
533 533 int
534 534 ace_token(adr_t *adr)
535 535 {
536 536 uid_t who;
537 537 uint32_t access_mask;
538 538 uint16_t flags, type;
539 539
540 540 adrm_uid(adr, &who, 1);
541 541 adrm_u_int32(adr, &access_mask, 1);
542 542 adrm_u_short(adr, &flags, 1);
543 543 adrm_u_short(adr, &type, 1);
544 544
545 545 return (-1);
546 546 }
547 547
548 548 /*
549 549 * Format of attribute token: (old pre SunOS 5.7 format)
550 550 * attribute token id adr_char
551 551 * mode adr_int32 (printed in octal)
552 552 * uid adr_int32
553 553 * gid adr_int32
554 554 * file system id adr_int32
555 555 * node id adr_int32
556 556 * device adr_int32
557 557 */
558 558 int
559 559 attribute_token(adr_t *adr)
560 560 {
561 561 int32_t dev;
562 562 int32_t file_sysid;
563 563 int32_t gid;
564 564 int32_t mode;
565 565 int32_t nodeid;
566 566 int32_t uid;
567 567
568 568 adrm_int32(adr, &mode, 1);
569 569 adrm_int32(adr, &uid, 1);
570 570 adrm_int32(adr, &gid, 1);
571 571 adrm_int32(adr, &file_sysid, 1);
572 572 adrm_int32(adr, &nodeid, 1);
573 573 adrm_int32(adr, &dev, 1);
574 574
575 575 if (!new_mode && (flags & M_USERE)) {
576 576 if (m_usere == uid)
577 577 checkflags |= M_USERE;
578 578 }
579 579 if (!new_mode && (flags & M_GROUPE)) {
580 580 if (m_groupe == gid)
581 581 checkflags |= M_GROUPE;
582 582 }
583 583
584 584 if (flags & M_OBJECT) {
585 585 if ((obj_flag & OBJ_FGROUP) &&
586 586 (obj_group == gid))
587 587 checkflags |= M_OBJECT;
588 588 else if ((obj_flag & OBJ_FOWNER) &&
589 589 (obj_owner == uid))
590 590 checkflags |= M_OBJECT;
591 591 }
592 592 return (-1);
593 593 }
594 594
595 595 /*
596 596 * Format of attribute32 token:
597 597 * attribute token id adr_char
598 598 * mode adr_int32 (printed in octal)
599 599 * uid adr_int32
600 600 * gid adr_int32
601 601 * file system id adr_int32
602 602 * node id adr_int64
603 603 * device adr_int32
604 604 */
605 605 int
606 606 attribute32_token(adr_t *adr)
607 607 {
608 608 int32_t dev;
609 609 int32_t file_sysid;
610 610 int32_t gid;
611 611 int32_t mode;
612 612 int64_t nodeid;
613 613 int32_t uid;
614 614
615 615 adrm_int32(adr, &mode, 1);
616 616 adrm_int32(adr, &uid, 1);
617 617 adrm_int32(adr, &gid, 1);
618 618 adrm_int32(adr, &file_sysid, 1);
619 619 adrm_int64(adr, &nodeid, 1);
620 620 adrm_int32(adr, &dev, 1);
621 621
622 622 if (!new_mode && (flags & M_USERE)) {
623 623 if (m_usere == uid)
624 624 checkflags |= M_USERE;
625 625 }
626 626 if (!new_mode && (flags & M_GROUPE)) {
627 627 if (m_groupe == gid)
628 628 checkflags |= M_GROUPE;
629 629 }
630 630
631 631 if (flags & M_OBJECT) {
632 632 if ((obj_flag & OBJ_FGROUP) &&
633 633 (obj_group == gid))
634 634 checkflags |= M_OBJECT;
635 635 else if ((obj_flag & OBJ_FOWNER) &&
636 636 (obj_owner == uid))
637 637 checkflags |= M_OBJECT;
638 638 }
639 639 return (-1);
640 640 }
641 641
642 642 /*
643 643 * Format of attribute64 token:
644 644 * attribute token id adr_char
645 645 * mode adr_int32 (printed in octal)
646 646 * uid adr_int32
647 647 * gid adr_int32
648 648 * file system id adr_int32
649 649 * node id adr_int64
650 650 * device adr_int64
651 651 */
652 652 int
653 653 attribute64_token(adr_t *adr)
654 654 {
655 655 int64_t dev;
656 656 int32_t file_sysid;
657 657 int32_t gid;
658 658 int32_t mode;
659 659 int64_t nodeid;
660 660 int32_t uid;
661 661
662 662 adrm_int32(adr, &mode, 1);
663 663 adrm_int32(adr, &uid, 1);
664 664 adrm_int32(adr, &gid, 1);
665 665 adrm_int32(adr, &file_sysid, 1);
666 666 adrm_int64(adr, &nodeid, 1);
667 667 adrm_int64(adr, &dev, 1);
668 668
669 669 if (!new_mode && (flags & M_USERE)) {
670 670 if (m_usere == uid)
671 671 checkflags |= M_USERE;
672 672 }
673 673 if (!new_mode && (flags & M_GROUPE)) {
674 674 if (m_groupe == gid)
675 675 checkflags |= M_GROUPE;
676 676 }
677 677
678 678 if (flags & M_OBJECT) {
679 679 if ((obj_flag & OBJ_FGROUP) &&
680 680 (obj_group == gid))
681 681 checkflags |= M_OBJECT;
682 682 else if ((obj_flag & OBJ_FOWNER) &&
683 683 (obj_owner == uid))
684 684 checkflags |= M_OBJECT;
685 685 }
686 686 return (-1);
687 687 }
688 688
689 689
690 690 /*
691 691 * Format of command token:
692 692 * attribute token id adr_char
693 693 * argc adr_short
694 694 * argv len adr_short variable amount of argv len
695 695 * argv text argv len and text
696 696 * .
697 697 * .
698 698 * .
699 699 * envp count adr_short variable amount of envp len
700 700 * envp len adr_short and text
701 701 * envp text envp len
702 702 * .
703 703 * .
704 704 * .
705 705 */
706 706 int
707 707 cmd_token(adr_t *adr)
708 708 {
709 709 short cnt;
710 710 short i;
711 711
712 712 adrm_short(adr, &cnt, 1);
713 713
714 714 for (i = 0; i < cnt; i++)
715 715 skip_string(adr);
716 716
717 717 adrm_short(adr, &cnt, 1);
718 718
719 719 for (i = 0; i < cnt; i++)
720 720 skip_string(adr);
721 721
722 722 return (-1);
723 723 }
724 724
725 725
726 726 /*
727 727 * Format of exit token:
728 728 * attribute token id adr_char
729 729 * return value adr_int32
730 730 * errno adr_int32
731 731 */
732 732 int
733 733 exit_token(adr_t *adr)
734 734 {
735 735 int32_t retval;
736 736 int32_t errno;
737 737
738 738 adrm_int32(adr, &retval, 1);
739 739 adrm_int32(adr, &errno, 1);
740 740 return (-1);
741 741 }
742 742
743 743 /*
744 744 * Format of strings array token:
745 745 * token id adr_char
746 746 * count value adr_int32
747 747 * strings null terminated strings
748 748 */
749 749 static int
750 750 strings_common_token(adr_t *adr)
751 751 {
752 752 int count, i;
753 753 char c;
754 754
755 755 adrm_int32(adr, (int32_t *)&count, 1);
756 756 for (i = 1; i <= count; i++) {
757 757 adrm_char(adr, &c, 1);
758 758 while (c != (char)0)
759 759 adrm_char(adr, &c, 1);
760 760 }
761 761 /* no dump option here, since we will have variable length fields */
762 762 return (-1);
763 763 }
764 764
765 765 int
766 766 path_attr_token(adr_t *adr)
767 767 {
768 768 return (strings_common_token(adr));
769 769 }
770 770
771 771 int
772 772 exec_args_token(adr_t *adr)
773 773 {
774 774 return (strings_common_token(adr));
775 775 }
776 776
777 777 int
778 778 exec_env_token(adr_t *adr)
779 779 {
780 780 return (strings_common_token(adr));
781 781 }
782 782
783 783 /*
784 784 * Format of liaison token:
785 785 */
786 786 int
787 787 liaison_token(adr_t *adr)
788 788 {
789 789 int32_t li;
790 790
791 791 adrm_int32(adr, &li, 1);
792 792 return (-1);
793 793 }
794 794
795 795
796 796 /*
797 797 * Format of path token:
798 798 * path adr_string
799 799 */
800 800 int
801 801 path_token(adr_t *adr)
802 802 {
803 803 if ((flags & M_OBJECT) && (obj_flag == OBJ_PATH)) {
804 804 char *path;
805 805
806 806 get_string(adr, &path);
807 807 if (path[0] != '/')
808 808 /*
809 809 * anchor the path. user apps may not do it.
810 810 */
811 811 anchor_path(path);
812 812 /*
813 813 * match against the collapsed path. that is what user sees.
814 814 */
815 815 if (re_exec2(collapse_path(path)) == 1)
816 816 checkflags |= M_OBJECT;
817 817 free(path);
818 818 } else {
819 819 skip_string(adr);
820 820 }
821 821 return (-1);
822 822 }
823 823
824 824
825 825 /*
826 826 * Format of System V IPC permission token:
827 827 * System V IPC permission token id adr_char
828 828 * uid adr_int32
829 829 * gid adr_int32
830 830 * cuid adr_int32
831 831 * cgid adr_int32
832 832 * mode adr_int32
833 833 * seq adr_int32
834 834 * key adr_int32
835 835 */
836 836 int
837 837 s5_IPC_perm_token(adr_t *adr)
838 838 {
839 839 int32_t uid, gid, cuid, cgid, mode, seq;
840 840 int32_t key;
841 841
842 842 adrm_int32(adr, &uid, 1);
843 843 adrm_int32(adr, &gid, 1);
844 844 adrm_int32(adr, &cuid, 1);
845 845 adrm_int32(adr, &cgid, 1);
846 846 adrm_int32(adr, &mode, 1);
847 847 adrm_int32(adr, &seq, 1);
848 848 adrm_int32(adr, &key, 1);
849 849
850 850 if (!new_mode && (flags & M_USERE)) {
851 851 if (m_usere == uid)
852 852 checkflags |= M_USERE;
853 853 }
854 854
855 855 if (!new_mode && (flags & M_USERE)) {
856 856 if (m_usere == cuid)
857 857 checkflags |= M_USERE;
858 858 }
859 859
860 860 if (!new_mode && (flags & M_GROUPR)) {
861 861 if (m_groupr == gid)
862 862 checkflags |= M_GROUPR;
863 863 }
864 864
865 865 if (!new_mode && (flags & M_GROUPR)) {
866 866 if (m_groupr == cgid)
867 867 checkflags |= M_GROUPR;
868 868 }
869 869
870 870 if ((flags & M_OBJECT) &&
871 871 ((obj_owner == uid) ||
872 872 (obj_owner == cuid) ||
873 873 (obj_group == gid) ||
874 874 (obj_group == cgid))) {
875 875
876 876 switch (obj_flag) {
877 877 case OBJ_MSGGROUP:
878 878 case OBJ_MSGOWNER:
879 879 if (ipc_type_match(OBJ_MSG, ipc_type))
880 880 checkflags |= M_OBJECT;
881 881 break;
882 882 case OBJ_SEMGROUP:
883 883 case OBJ_SEMOWNER:
884 884 if (ipc_type_match(OBJ_SEM, ipc_type))
885 885 checkflags |= M_OBJECT;
886 886 break;
887 887 case OBJ_SHMGROUP:
888 888 case OBJ_SHMOWNER:
889 889 if (ipc_type_match(OBJ_SHM, ipc_type))
890 890 checkflags |= M_OBJECT;
891 891 break;
892 892 }
893 893 }
894 894 return (-1);
895 895 }
896 896
897 897
898 898 /*
899 899 * Format of process32 token:
900 900 * process token id adr_char
901 901 * auid adr_int32
902 902 * euid adr_int32
903 903 * egid adr_int32
904 904 * ruid adr_int32
905 905 * rgid adr_int32
906 906 * pid adr_int32
907 907 * sid adr_int32
908 908 * termid adr_int32*2
909 909 */
910 910 int
911 911 process32_token(adr_t *adr)
912 912 {
913 913 int32_t auid, euid, egid, ruid, rgid, pid;
914 914 int32_t sid;
915 915 int32_t port, machine;
916 916
917 917 adrm_int32(adr, &auid, 1);
918 918 adrm_int32(adr, &euid, 1);
919 919 adrm_int32(adr, &egid, 1);
920 920 adrm_int32(adr, &ruid, 1);
921 921 adrm_int32(adr, &rgid, 1);
922 922 adrm_int32(adr, &pid, 1);
923 923 adrm_int32(adr, &sid, 1);
924 924 adrm_int32(adr, &port, 1);
925 925 adrm_int32(adr, &machine, 1);
926 926
927 927 if (!new_mode && (flags & M_USERA)) {
928 928 if (m_usera == auid)
929 929 checkflags |= M_USERA;
930 930 }
931 931 if (!new_mode && (flags & M_USERE)) {
932 932 if (m_usere == euid)
933 933 checkflags |= M_USERE;
934 934 }
935 935 if (!new_mode && (flags & M_USERR)) {
936 936 if (m_userr == ruid)
937 937 checkflags |= M_USERR;
938 938 }
939 939 if (!new_mode && (flags & M_GROUPR)) {
940 940 if (m_groupr == rgid)
941 941 checkflags |= M_GROUPR;
942 942 }
943 943 if (!new_mode && (flags & M_GROUPE)) {
944 944 if (m_groupe == egid)
945 945 checkflags |= M_GROUPE;
946 946 }
947 947
948 948 if (flags & M_OBJECT) {
949 949 if ((obj_flag & OBJ_PROC) &&
950 950 (obj_id == pid)) {
951 951 checkflags |= M_OBJECT;
952 952 } else if ((obj_flag & OBJ_PGROUP) &&
953 953 ((obj_group == egid) ||
954 954 (obj_group == rgid))) {
955 955 checkflags |= M_OBJECT;
956 956 } else if ((obj_flag & OBJ_POWNER) &&
957 957 ((obj_owner == euid) ||
958 958 (obj_group == ruid))) {
959 959 checkflags |= M_OBJECT;
960 960 }
961 961 }
962 962 return (-1);
963 963 }
964 964
965 965 /*
966 966 * Format of process32_ex token:
967 967 * process token id adr_char
968 968 * auid adr_int32
969 969 * euid adr_int32
970 970 * egid adr_int32
971 971 * ruid adr_int32
972 972 * rgid adr_int32
973 973 * pid adr_int32
974 974 * sid adr_int32
975 975 * termid
976 976 * port adr_int32
977 977 * type adr_int32
978 978 * ip address adr_u_char*type
979 979 */
980 980 int
981 981 process32_ex_token(adr_t *adr)
982 982 {
983 983 int32_t auid, euid, egid, ruid, rgid, pid;
984 984 int32_t sid;
985 985 int32_t port, type;
986 986 uchar_t addr[16];
987 987
988 988 adrm_int32(adr, &auid, 1);
989 989 adrm_int32(adr, &euid, 1);
990 990 adrm_int32(adr, &egid, 1);
991 991 adrm_int32(adr, &ruid, 1);
992 992 adrm_int32(adr, &rgid, 1);
993 993 adrm_int32(adr, &pid, 1);
994 994 adrm_int32(adr, &sid, 1);
995 995 adrm_int32(adr, &port, 1);
996 996 adrm_int32(adr, &type, 1);
997 997 adrm_u_char(adr, addr, type);
998 998
999 999 if (!new_mode && (flags & M_USERA)) {
1000 1000 if (m_usera == auid)
1001 1001 checkflags = checkflags | M_USERA;
1002 1002 }
1003 1003 if (!new_mode && (flags & M_USERE)) {
1004 1004 if (m_usere == euid)
1005 1005 checkflags = checkflags | M_USERE;
1006 1006 }
1007 1007 if (!new_mode && (flags & M_USERR)) {
1008 1008 if (m_userr == ruid)
1009 1009 checkflags = checkflags | M_USERR;
1010 1010 }
1011 1011 if (!new_mode && (flags & M_GROUPR)) {
1012 1012 if (m_groupr == egid)
1013 1013 checkflags = checkflags | M_GROUPR;
1014 1014 }
1015 1015 if (!new_mode && (flags & M_GROUPE)) {
1016 1016 if (m_groupe == egid)
1017 1017 checkflags = checkflags | M_GROUPE;
1018 1018 }
1019 1019
1020 1020 if (flags & M_OBJECT) {
1021 1021 if ((obj_flag & OBJ_PROC) &&
1022 1022 (obj_id == pid)) {
1023 1023 checkflags = checkflags | M_OBJECT;
1024 1024 } else if ((obj_flag & OBJ_PGROUP) &&
1025 1025 ((obj_group == egid) ||
1026 1026 (obj_group == rgid))) {
1027 1027 checkflags = checkflags | M_OBJECT;
1028 1028 } else if ((obj_flag & OBJ_POWNER) &&
1029 1029 ((obj_owner == euid) ||
1030 1030 (obj_group == ruid))) {
1031 1031 checkflags = checkflags | M_OBJECT;
1032 1032 }
1033 1033 }
1034 1034 return (-1);
1035 1035 }
1036 1036
1037 1037 /*
1038 1038 * Format of process64 token:
1039 1039 * process token id adr_char
1040 1040 * auid adr_int32
1041 1041 * euid adr_int32
1042 1042 * egid adr_int32
1043 1043 * ruid adr_int32
1044 1044 * rgid adr_int32
1045 1045 * pid adr_int32
1046 1046 * sid adr_int32
1047 1047 * termid adr_int64+adr_int32
1048 1048 */
1049 1049 int
1050 1050 process64_token(adr_t *adr)
1051 1051 {
1052 1052 int32_t auid, euid, egid, ruid, rgid, pid;
1053 1053 int32_t sid;
1054 1054 int64_t port;
1055 1055 int32_t machine;
1056 1056
1057 1057 adrm_int32(adr, &auid, 1);
1058 1058 adrm_int32(adr, &euid, 1);
1059 1059 adrm_int32(adr, &egid, 1);
1060 1060 adrm_int32(adr, &ruid, 1);
1061 1061 adrm_int32(adr, &rgid, 1);
1062 1062 adrm_int32(adr, &pid, 1);
1063 1063 adrm_int32(adr, &sid, 1);
1064 1064 adrm_int64(adr, &port, 1);
1065 1065 adrm_int32(adr, &machine, 1);
1066 1066
1067 1067 if (!new_mode && (flags & M_USERA)) {
1068 1068 if (m_usera == auid)
1069 1069 checkflags |= M_USERA;
1070 1070 }
1071 1071 if (!new_mode && (flags & M_USERE)) {
1072 1072 if (m_usere == euid)
1073 1073 checkflags |= M_USERE;
1074 1074 }
1075 1075 if (!new_mode && (flags & M_USERR)) {
1076 1076 if (m_userr == ruid)
1077 1077 checkflags |= M_USERR;
1078 1078 }
1079 1079 if (!new_mode && (flags & M_GROUPR)) {
1080 1080 if (m_groupr == rgid)
1081 1081 checkflags |= M_GROUPR;
1082 1082 }
1083 1083 if (!new_mode && (flags & M_GROUPE)) {
1084 1084 if (m_groupe == egid)
1085 1085 checkflags |= M_GROUPE;
1086 1086 }
1087 1087
1088 1088 if (flags & M_OBJECT) {
1089 1089 if ((obj_flag & OBJ_PROC) &&
1090 1090 (obj_id == pid)) {
1091 1091 checkflags |= M_OBJECT;
1092 1092 } else if ((obj_flag & OBJ_PGROUP) &&
1093 1093 ((obj_group == egid) ||
1094 1094 (obj_group == rgid))) {
1095 1095 checkflags |= M_OBJECT;
1096 1096 } else if ((obj_flag & OBJ_POWNER) &&
1097 1097 ((obj_owner == euid) ||
1098 1098 (obj_group == ruid))) {
1099 1099 checkflags |= M_OBJECT;
1100 1100 }
1101 1101 }
1102 1102 return (-1);
1103 1103 }
1104 1104
1105 1105 /*
1106 1106 * Format of process64_ex token:
1107 1107 * process token id adr_char
1108 1108 * auid adr_int32
1109 1109 * euid adr_int32
1110 1110 * egid adr_int32
1111 1111 * ruid adr_int32
1112 1112 * rgid adr_int32
1113 1113 * pid adr_int32
1114 1114 * sid adr_int32
1115 1115 * termid
1116 1116 * port adr_int64
1117 1117 * type adr_int32
1118 1118 * ip address adr_u_char*type
1119 1119 */
1120 1120 int
1121 1121 process64_ex_token(adr_t *adr)
1122 1122 {
1123 1123 int32_t auid, euid, egid, ruid, rgid, pid;
1124 1124 int32_t sid;
1125 1125 int64_t port;
1126 1126 int32_t type;
1127 1127 uchar_t addr[16];
1128 1128
1129 1129 adrm_int32(adr, &auid, 1);
1130 1130 adrm_int32(adr, &euid, 1);
1131 1131 adrm_int32(adr, &egid, 1);
1132 1132 adrm_int32(adr, &ruid, 1);
1133 1133 adrm_int32(adr, &rgid, 1);
1134 1134 adrm_int32(adr, &pid, 1);
1135 1135 adrm_int32(adr, &sid, 1);
1136 1136 adrm_int64(adr, &port, 1);
1137 1137 adrm_int32(adr, &type, 1);
1138 1138 adrm_u_char(adr, addr, type);
1139 1139
1140 1140 if (!new_mode && (flags & M_USERA)) {
1141 1141 if (m_usera == auid)
1142 1142 checkflags = checkflags | M_USERA;
1143 1143 }
1144 1144 if (!new_mode && (flags & M_USERE)) {
1145 1145 if (m_usere == euid)
1146 1146 checkflags = checkflags | M_USERE;
1147 1147 }
1148 1148 if (!new_mode && (flags & M_USERR)) {
1149 1149 if (m_userr == ruid)
1150 1150 checkflags = checkflags | M_USERR;
1151 1151 }
1152 1152 if (!new_mode && (flags & M_GROUPR)) {
1153 1153 if (m_groupr == egid)
1154 1154 checkflags = checkflags | M_GROUPR;
1155 1155 }
1156 1156 if (!new_mode && (flags & M_GROUPE)) {
1157 1157 if (m_groupe == egid)
1158 1158 checkflags = checkflags | M_GROUPE;
1159 1159 }
1160 1160
1161 1161 if (flags & M_OBJECT) {
1162 1162 if ((obj_flag & OBJ_PROC) &&
1163 1163 (obj_id == pid)) {
1164 1164 checkflags = checkflags | M_OBJECT;
1165 1165 } else if ((obj_flag & OBJ_PGROUP) &&
1166 1166 ((obj_group == egid) ||
1167 1167 (obj_group == rgid))) {
1168 1168 checkflags = checkflags | M_OBJECT;
1169 1169 } else if ((obj_flag & OBJ_POWNER) &&
1170 1170 ((obj_owner == euid) ||
1171 1171 (obj_group == ruid))) {
1172 1172 checkflags = checkflags | M_OBJECT;
1173 1173 }
1174 1174 }
1175 1175 return (-1);
1176 1176 }
1177 1177
1178 1178 /*
1179 1179 * Format of System V IPC token:
1180 1180 * System V IPC token id adr_char
1181 1181 * object id adr_int32
1182 1182 */
1183 1183 int
1184 1184 s5_IPC_token(adr_t *adr)
1185 1185 {
1186 1186 int32_t ipc_id;
1187 1187
1188 1188 adrm_char(adr, &ipc_type, 1); /* Global */
1189 1189 adrm_int32(adr, &ipc_id, 1);
1190 1190
1191 1191 if ((flags & M_OBJECT) &&
1192 1192 ipc_type_match(obj_flag, ipc_type) &&
1193 1193 (obj_id == ipc_id))
1194 1194 checkflags |= M_OBJECT;
1195 1195
1196 1196 return (-1);
1197 1197 }
1198 1198
1199 1199
1200 1200 /*
1201 1201 * Format of socket token:
1202 1202 * socket_type adrm_short
1203 1203 * remote_port adrm_short
1204 1204 * remote_inaddr adrm_int32
1205 1205 */
1206 1206 int
1207 1207 socket_token(adr_t *adr)
1208 1208 {
1209 1209 short socket_type;
1210 1210 short remote_port;
1211 1211 int32_t remote_inaddr;
1212 1212
1213 1213 adrm_short(adr, &socket_type, 1);
1214 1214 adrm_short(adr, &remote_port, 1);
1215 1215 adrm_char(adr, (char *)&remote_inaddr, 4);
1216 1216
1217 1217 if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) {
1218 1218 if (socket_flag == SOCKFLG_MACHINE) {
1219 1219 if (remote_inaddr == obj_id)
1220 1220 checkflags |= M_OBJECT;
1221 1221 } else if (socket_flag == SOCKFLG_PORT) {
1222 1222 if (remote_port == obj_id)
1223 1223 checkflags |= M_OBJECT;
1224 1224 }
1225 1225 }
1226 1226 return (-1);
1227 1227 }
1228 1228
1229 1229
1230 1230 /*
1231 1231 * Format of socket_ex token:
1232 1232 * socket_domain adrm_short
1233 1233 * socket_type adrm_short
1234 1234 * address_type adrm_short
1235 1235 * local_port adrm_short
1236 1236 * local_inaddr adrm_u_char*address_type
1237 1237 * remote_port adrm_short
1238 1238 * remote_inaddr adrm_u_char*address_type
1239 1239 */
1240 1240 int
1241 1241 socket_ex_token(adr_t *adr)
1242 1242 {
1243 1243 short socket_domain;
1244 1244 short socket_type;
1245 1245 short ip_size;
1246 1246 short local_port;
1247 1247 uchar_t local_inaddr[16];
1248 1248 short remote_port;
1249 1249 uchar_t remote_inaddr[16];
1250 1250 uchar_t *caddr = (uchar_t *)&obj_id;
1251 1251
1252 1252 adrm_short(adr, &socket_domain, 1);
1253 1253 adrm_short(adr, &socket_type, 1);
1254 1254 adrm_short(adr, &ip_size, 1);
1255 1255
1256 1256 /* validate ip size */
1257 1257 if ((ip_size != AU_IPv6) && (ip_size != AU_IPv4))
1258 1258 return (0);
1259 1259
1260 1260 adrm_short(adr, &local_port, 1);
1261 1261 adrm_char(adr, (char *)local_inaddr, ip_size);
1262 1262
1263 1263 adrm_short(adr, &remote_port, 1);
1264 1264 adrm_char(adr, (char *)remote_inaddr, ip_size);
1265 1265
1266 1266 /* if IP type mis-match, then nothing to do */
1267 1267 if (ip_size != ip_type)
1268 1268 return (-1);
1269 1269
1270 1270 if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) {
1271 1271 if (socket_flag == SOCKFLG_MACHINE) {
1272 1272 if (ip_type == AU_IPv6) {
1273 1273 caddr = (uchar_t *)ip_ipv6;
1274 1274 }
1275 1275 if ((memcmp(local_inaddr, caddr, ip_type) == 0) ||
1276 1276 (memcmp(remote_inaddr, caddr, ip_type) == 0)) {
1277 1277 checkflags |= M_OBJECT;
1278 1278 }
1279 1279 } else if (socket_flag == SOCKFLG_PORT) {
1280 1280 if ((local_port == obj_id) || (remote_port == obj_id)) {
1281 1281 checkflags |= M_OBJECT;
1282 1282 }
1283 1283 }
1284 1284 }
1285 1285 return (-1);
1286 1286 }
1287 1287
1288 1288
1289 1289 /*
1290 1290 * Format of subject32 token:
1291 1291 * subject token id adr_char
1292 1292 * auid adr_int32
1293 1293 * euid adr_int32
1294 1294 * egid adr_int32
1295 1295 * ruid adr_int32
1296 1296 * rgid adr_int32
1297 1297 * pid adr_int32
1298 1298 * sid adr_int32
1299 1299 * termid adr_int32*2
1300 1300 */
1301 1301 int
1302 1302 subject32_token(adr_t *adr)
1303 1303 {
1304 1304 int32_t auid, euid, egid, ruid, rgid, pid;
1305 1305 int32_t sid;
1306 1306 int32_t port, machine;
1307 1307
1308 1308 adrm_int32(adr, &auid, 1);
1309 1309 adrm_int32(adr, &euid, 1);
1310 1310 adrm_int32(adr, &egid, 1);
1311 1311 adrm_int32(adr, &ruid, 1);
1312 1312 adrm_int32(adr, &rgid, 1);
1313 1313 adrm_int32(adr, &pid, 1);
1314 1314 adrm_int32(adr, &sid, 1);
1315 1315 adrm_int32(adr, &port, 1);
1316 1316 adrm_int32(adr, &machine, 1);
1317 1317
1318 1318 if (flags & M_SUBJECT) {
1319 1319 if (subj_id == pid)
1320 1320 checkflags |= M_SUBJECT;
1321 1321 }
1322 1322 if (flags & M_USERA) {
1323 1323 if (m_usera == auid)
1324 1324 checkflags |= M_USERA;
1325 1325 }
1326 1326 if (flags & M_USERE) {
1327 1327 if (m_usere == euid)
1328 1328 checkflags |= M_USERE;
1329 1329 }
1330 1330 if (flags & M_USERR) {
1331 1331 if (m_userr == ruid)
1332 1332 checkflags |= M_USERR;
1333 1333 }
1334 1334 if (flags & M_GROUPR) {
1335 1335 if (m_groupr == rgid)
1336 1336 checkflags |= M_GROUPR;
1337 1337 }
1338 1338 if (flags & M_GROUPE) {
1339 1339 if (m_groupe == egid)
1340 1340 checkflags |= M_GROUPE;
1341 1341 }
1342 1342 if (flags & M_SID) {
1343 1343 if (m_sid == (au_asid_t)sid)
1344 1344 checkflags |= M_SID;
1345 1345 }
1346 1346 return (-1);
1347 1347 }
1348 1348
1349 1349 /*
1350 1350 * Format of subject32_ex token:
1351 1351 * subject token id adr_char
1352 1352 * auid adr_int32
1353 1353 * euid adr_int32
1354 1354 * egid adr_int32
1355 1355 * ruid adr_int32
1356 1356 * rgid adr_int32
1357 1357 * pid adr_int32
1358 1358 * sid adr_int32
1359 1359 * termid
1360 1360 * port adr_int32
1361 1361 * type adr_int32
1362 1362 * ip address adr_u_char*type
1363 1363 */
1364 1364 int
1365 1365 subject32_ex_token(adr_t *adr)
1366 1366 {
1367 1367 int32_t auid, euid, egid, ruid, rgid, pid;
1368 1368 int32_t sid;
1369 1369 int32_t port, type;
1370 1370 uchar_t addr[16];
1371 1371
1372 1372 adrm_int32(adr, &auid, 1);
1373 1373 adrm_int32(adr, &euid, 1);
1374 1374 adrm_int32(adr, &egid, 1);
1375 1375 adrm_int32(adr, &ruid, 1);
1376 1376 adrm_int32(adr, &rgid, 1);
1377 1377 adrm_int32(adr, &pid, 1);
1378 1378 adrm_int32(adr, &sid, 1);
1379 1379 adrm_int32(adr, &port, 1);
1380 1380 adrm_int32(adr, &type, 1);
1381 1381 adrm_u_char(adr, addr, type);
1382 1382
1383 1383 if (flags & M_SUBJECT) {
1384 1384 if (subj_id == pid)
1385 1385 checkflags = checkflags | M_SUBJECT;
1386 1386 }
1387 1387 if (flags & M_USERA) {
1388 1388 if (m_usera == auid)
1389 1389 checkflags = checkflags | M_USERA;
1390 1390 }
1391 1391 if (flags & M_USERE) {
1392 1392 if (m_usere == euid)
1393 1393 checkflags = checkflags | M_USERE;
1394 1394 }
1395 1395 if (flags & M_USERR) {
1396 1396 if (m_userr == ruid)
1397 1397 checkflags = checkflags | M_USERR;
1398 1398 }
1399 1399 if (flags & M_GROUPR) {
1400 1400 if (m_groupr == egid)
1401 1401 checkflags = checkflags | M_GROUPR;
1402 1402 }
1403 1403 if (flags & M_GROUPE) {
1404 1404 if (m_groupe == egid)
1405 1405 checkflags = checkflags | M_GROUPE;
1406 1406 }
1407 1407 if (flags & M_SID) {
1408 1408 if (m_sid == (au_asid_t)sid)
1409 1409 checkflags = checkflags | M_SID;
1410 1410 }
1411 1411 return (-1);
1412 1412 }
1413 1413
1414 1414 /*
1415 1415 * Format of subject64 token:
1416 1416 * subject token id adr_char
1417 1417 * auid adr_int32
1418 1418 * euid adr_int32
1419 1419 * egid adr_int32
1420 1420 * ruid adr_int32
1421 1421 * rgid adr_int32
1422 1422 * pid adr_int32
1423 1423 * sid adr_int32
1424 1424 * termid adr_int64+adr_int32
1425 1425 */
1426 1426 int
1427 1427 subject64_token(adr_t *adr)
1428 1428 {
1429 1429 int32_t auid, euid, egid, ruid, rgid, pid;
1430 1430 int32_t sid;
1431 1431 int64_t port;
1432 1432 int32_t machine;
1433 1433
1434 1434 adrm_int32(adr, &auid, 1);
1435 1435 adrm_int32(adr, &euid, 1);
1436 1436 adrm_int32(adr, &egid, 1);
1437 1437 adrm_int32(adr, &ruid, 1);
1438 1438 adrm_int32(adr, &rgid, 1);
1439 1439 adrm_int32(adr, &pid, 1);
1440 1440 adrm_int32(adr, &sid, 1);
1441 1441 adrm_int64(adr, &port, 1);
1442 1442 adrm_int32(adr, &machine, 1);
1443 1443
1444 1444 if (flags & M_SUBJECT) {
1445 1445 if (subj_id == pid)
1446 1446 checkflags |= M_SUBJECT;
1447 1447 }
1448 1448 if (flags & M_USERA) {
1449 1449 if (m_usera == auid)
1450 1450 checkflags |= M_USERA;
1451 1451 }
1452 1452 if (flags & M_USERE) {
1453 1453 if (m_usere == euid)
1454 1454 checkflags |= M_USERE;
1455 1455 }
1456 1456 if (flags & M_USERR) {
1457 1457 if (m_userr == ruid)
1458 1458 checkflags |= M_USERR;
1459 1459 }
1460 1460 if (flags & M_GROUPR) {
1461 1461 if (m_groupr == rgid)
1462 1462 checkflags |= M_GROUPR;
1463 1463 }
1464 1464 if (flags & M_GROUPE) {
1465 1465 if (m_groupe == egid)
1466 1466 checkflags |= M_GROUPE;
1467 1467 }
1468 1468 if (flags & M_SID) {
1469 1469 if (m_sid == (au_asid_t)sid)
1470 1470 checkflags |= M_SID;
1471 1471 }
1472 1472 return (-1);
1473 1473 }
1474 1474
1475 1475 /*
1476 1476 * Format of subject64_ex token:
1477 1477 * subject token id adr_char
1478 1478 * auid adr_int32
1479 1479 * euid adr_int32
1480 1480 * egid adr_int32
1481 1481 * ruid adr_int32
1482 1482 * rgid adr_int32
1483 1483 * pid adr_int32
1484 1484 * sid adr_int32
1485 1485 * termid
1486 1486 * port adr_int64
1487 1487 * type adr_int32
1488 1488 * ip address adr_u_char*type
1489 1489 */
1490 1490 int
1491 1491 subject64_ex_token(adr_t *adr)
1492 1492 {
1493 1493 int32_t auid, euid, egid, ruid, rgid, pid;
1494 1494 int32_t sid;
1495 1495 int64_t port;
1496 1496 int32_t type;
1497 1497 uchar_t addr[16];
1498 1498
1499 1499 adrm_int32(adr, &auid, 1);
1500 1500 adrm_int32(adr, &euid, 1);
1501 1501 adrm_int32(adr, &egid, 1);
1502 1502 adrm_int32(adr, &ruid, 1);
1503 1503 adrm_int32(adr, &rgid, 1);
1504 1504 adrm_int32(adr, &pid, 1);
1505 1505 adrm_int32(adr, &sid, 1);
1506 1506 adrm_int64(adr, &port, 1);
1507 1507 adrm_int32(adr, &type, 1);
1508 1508 adrm_u_char(adr, addr, type);
1509 1509
1510 1510 if (flags & M_SUBJECT) {
1511 1511 if (subj_id == pid)
1512 1512 checkflags = checkflags | M_SUBJECT;
1513 1513 }
1514 1514 if (flags & M_USERA) {
1515 1515 if (m_usera == auid)
1516 1516 checkflags = checkflags | M_USERA;
1517 1517 }
1518 1518 if (flags & M_USERE) {
1519 1519 if (m_usere == euid)
1520 1520 checkflags = checkflags | M_USERE;
1521 1521 }
1522 1522 if (flags & M_USERR) {
1523 1523 if (m_userr == ruid)
1524 1524 checkflags = checkflags | M_USERR;
1525 1525 }
1526 1526 if (flags & M_GROUPR) {
1527 1527 if (m_groupr == egid)
1528 1528 checkflags = checkflags | M_GROUPR;
1529 1529 }
1530 1530 if (flags & M_GROUPE) {
1531 1531 if (m_groupe == egid)
1532 1532 checkflags = checkflags | M_GROUPE;
1533 1533 }
1534 1534 if (flags & M_SID) {
1535 1535 if (m_sid == (au_asid_t)sid)
1536 1536 checkflags = checkflags | M_SID;
1537 1537 }
1538 1538 return (-1);
1539 1539 }
1540 1540
1541 1541 /*
1542 1542 * -----------------------------------------------------------------------
1543 1543 * tid_token(): Process tid token and display contents
1544 1544 *
1545 1545 * Format of tid token:
1546 1546 * tid token id adr_char
1547 1547 * address type adr_char
1548 1548 * For address type of AU_IPADR...
1549 1549 * remote port adr_short
1550 1550 * local port adr_short
1551 1551 * IP type adr_int32
1552 1552 * IP addr adr_int32 if IPv4
1553 1553 * IP addr 4 x adr_int32 if IPv6
1554 1554 * address types other than AU_IPADR are not yet defined
1555 1555 * -----------------------------------------------------------------------
1556 1556 */
1557 1557 int
1558 1558 tid_token(adr_t *adr)
1559 1559 {
1560 1560 int32_t address[4];
1561 1561 int32_t ip_type;
1562 1562 char tid_type;
1563 1563 short rport;
1564 1564 short lport;
1565 1565
1566 1566 adrm_char(adr, &tid_type, 1);
1567 1567 switch (tid_type) {
1568 1568 case AU_IPADR:
1569 1569 adrm_short(adr, &rport, 1);
1570 1570 adrm_short(adr, &lport, 1);
1571 1571 adrm_int32(adr, &ip_type, 1);
1572 1572 adrm_char(adr, (char *)&address, ip_type);
1573 1573 break;
1574 1574 default:
1575 1575 return (0);
1576 1576 }
1577 1577 return (-1);
1578 1578 }
1579 1579
1580 1580 /*
1581 1581 * -----------------------------------------------------------------------
1582 1582 * zonename_token(): Process zonename token and display contents
1583 1583 *
1584 1584 * Format of zonename token:
1585 1585 * zonename token id adr_char
1586 1586 * zone name adr_string
1587 1587 * -----------------------------------------------------------------------
1588 1588 */
1589 1589 int
1590 1590 zonename_token(adr_t *adr)
1591 1591 {
1592 1592 char *name;
1593 1593
1594 1594 if (flags & M_ZONENAME) {
1595 1595 get_string(adr, &name);
1596 1596 if (strncmp(zonename, name, ZONENAME_MAX) == 0)
1597 1597 checkflags |= M_ZONENAME;
1598 1598 free(name);
1599 1599 } else {
1600 1600 skip_string(adr);
1601 1601 }
1602 1602 return (-1);
1603 1603 }
1604 1604
1605 1605 /*
1606 1606 * fmri_token():
1607 1607 *
1608 1608 * Format of fmri token:
1609 1609 * fmri adr_string
1610 1610 */
1611 1611 int
1612 1612 fmri_token(adr_t *adr)
1613 1613 {
1614 1614 if ((flags & M_OBJECT) && (obj_flag == OBJ_FMRI)) {
1615 1615 char *fmri_name;
1616 1616
1617 1617 get_string(adr, &fmri_name);
1618 1618
1619 1619 /* match token against service instance */
1620 1620 if (scf_cmp_pattern(fmri_name, &fmri) == 1) {
1621 1621 checkflags |= M_OBJECT;
1622 1622 }
1623 1623 free(fmri_name);
1624 1624 } else {
1625 1625 skip_string(adr);
1626 1626 }
1627 1627 return (-1);
1628 1628 }
1629 1629
1630 1630 /*
1631 1631 * Format of xatom token:
1632 1632 */
1633 1633 int
1634 1634 xatom_token(adr_t *adr)
1635 1635 {
1636 1636 skip_string(adr);
1637 1637
1638 1638 return (-1);
1639 1639 }
1640 1640
1641 1641 /*
1642 1642 * Format of xselect token:
1643 1643 */
1644 1644 int
1645 1645 xselect_token(adr_t *adr)
1646 1646 {
1647 1647 skip_string(adr);
1648 1648 skip_string(adr);
1649 1649 skip_string(adr);
1650 1650
1651 1651 return (-1);
1652 1652 }
1653 1653
1654 1654 /*
1655 1655 * anchor a path name with a slash
1656 1656 * assume we have enough space
1657 1657 */
1658 1658 void
1659 1659 anchor_path(char *path)
1660 1660 {
1661 1661 (void) memmove((void *)(path + 1), (void *)path, strlen(path) + 1);
1662 1662 *path = '/';
1663 1663 }
1664 1664
1665 1665
1666 1666 /*
1667 1667 * copy path to collapsed path.
1668 1668 * collapsed path does not contain:
1669 1669 * successive slashes
1670 1670 * instances of dot-slash
1671 1671 * instances of dot-dot-slash
1672 1672 * passed path must be anchored with a '/'
1673 1673 */
1674 1674 char *
1675 1675 collapse_path(char *s)
1676 1676 {
1677 1677 int id; /* index of where we are in destination string */
1678 1678 int is; /* index of where we are in source string */
1679 1679 int slashseen; /* have we seen a slash */
1680 1680 int ls; /* length of source string */
1681 1681
1682 1682 ls = strlen(s) + 1;
1683 1683
1684 1684 slashseen = 0;
1685 1685 for (is = 0, id = 0; is < ls; is++) {
1686 1686 /* thats all folks, we've reached the end of input */
1687 1687 if (s[is] == '\0') {
1688 1688 if (id > 1 && s[id-1] == '/') {
1689 1689 --id;
1690 1690 }
1691 1691 s[id++] = '\0';
1692 1692 break;
1693 1693 }
1694 1694 /* previous character was a / */
1695 1695 if (slashseen) {
1696 1696 if (s[is] == '/')
1697 1697 continue; /* another slash, ignore it */
1698 1698 } else if (s[is] == '/') {
1699 1699 /* we see a /, just copy it and try again */
1700 1700 slashseen = 1;
1701 1701 s[id++] = '/';
1702 1702 continue;
1703 1703 }
1704 1704 /* /./ seen */
1705 1705 if (s[is] == '.' && s[is+1] == '/') {
1706 1706 is += 1;
1707 1707 continue;
1708 1708 }
1709 1709 /* XXX/. seen */
1710 1710 if (s[is] == '.' && s[is+1] == '\0') {
1711 1711 if (id > 1)
1712 1712 id--;
1713 1713 continue;
1714 1714 }
1715 1715 /* XXX/.. seen */
1716 1716 if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '\0') {
1717 1717 is += 1;
1718 1718 if (id > 0)
1719 1719 id--;
1720 1720 while (id > 0 && s[--id] != '/')
1721 1721 ;
1722 1722 id++;
1723 1723 continue;
1724 1724 }
1725 1725 /* XXX/../ seen */
1726 1726 if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '/') {
1727 1727 is += 2;
1728 1728 if (id > 0)
1729 1729 id--;
1730 1730 while (id > 0 && s[--id] != '/')
1731 1731 ;
1732 1732 id++;
1733 1733 continue;
1734 1734 }
1735 1735 while (is < ls && (s[id++] = s[is++]) != '/')
1736 1736 ;
1737 1737 is--;
1738 1738 }
1739 1739 return (s);
1740 1740 }
1741 1741
1742 1742
1743 1743 int
1744 1744 ipc_type_match(int flag, char type)
1745 1745 {
1746 1746 if (flag == OBJ_SEM && type == AT_IPC_SEM)
1747 1747 return (1);
1748 1748
1749 1749 if (flag == OBJ_MSG && type == AT_IPC_MSG)
1750 1750 return (1);
1751 1751
1752 1752 if (flag == OBJ_SHM && type == AT_IPC_SHM)
1753 1753 return (1);
1754 1754
1755 1755 return (0);
1756 1756 }
1757 1757
1758 1758
1759 1759 void
1760 1760 skip_string(adr_t *adr)
1761 1761 {
1762 1762 ushort_t c;
1763 1763
1764 1764 adrm_u_short(adr, &c, 1);
1765 1765 adr->adr_now += c;
1766 1766 }
1767 1767
1768 1768
1769 1769 void
1770 1770 get_string(adr_t *adr, char **p)
1771 1771 {
1772 1772 ushort_t c;
1773 1773
1774 1774 adrm_u_short(adr, &c, 1);
1775 1775 *p = a_calloc(1, (size_t)c);
1776 1776 adrm_char(adr, *p, c);
1777 1777 }
1778 1778
1779 1779
1780 1780 /*
1781 1781 * Format of host token:
1782 1782 * host ard_uint32
1783 1783 */
1784 1784 int
1785 1785 host_token(adr_t *adr)
1786 1786 {
1787 1787 uint32_t host;
1788 1788
1789 1789 adrm_u_int32(adr, &host, 1);
1790 1790
1791 1791 return (-1);
1792 1792 }
1793 1793
1794 1794 /*
1795 1795 * Format of useofauth token:
1796 1796 * uauth token id adr_char
1797 1797 * uauth adr_string
1798 1798 */
1799 1799 int
1800 1800 useofauth_token(adr_t *adr)
1801 1801 {
1802 1802 skip_string(adr);
1803 1803 return (-1);
1804 1804 }
1805 1805
1806 1806 /*
1807 1807 * Format of user token:
1808 1808 * user token id adr_char
1809 1809 * uid adr_uid
1810 1810 * username adr_string
1811 1811 */
1812 1812 int
1813 1813 user_token(adr_t *adr)
1814 1814 {
1815 1815 uid_t uid;
1816 1816
1817 1817 adrm_uid(adr, &uid, 1);
1818 1818 skip_string(adr);
1819 1819
1820 1820 if ((flags & M_OBJECT) && (obj_flag == OBJ_USER) &&
1821 1821 (uid == obj_user)) {
1822 1822 checkflags |= M_OBJECT;
1823 1823 }
1824 1824
1825 1825 return (-1);
1826 1826 }
1827 1827
1828 1828 int
1829 1829 xcolormap_token(adr_t *adr)
1830 1830 {
1831 1831 return (xgeneric(adr));
1832 1832 }
1833 1833
1834 1834 int
1835 1835 xcursor_token(adr_t *adr)
1836 1836 {
1837 1837 return (xgeneric(adr));
1838 1838 }
1839 1839
1840 1840 int
1841 1841 xfont_token(adr_t *adr)
1842 1842 {
1843 1843 return (xgeneric(adr));
1844 1844 }
1845 1845
1846 1846 int
1847 1847 xgc_token(adr_t *adr)
1848 1848 {
1849 1849 return (xgeneric(adr));
1850 1850 }
1851 1851
1852 1852 int
1853 1853 xpixmap_token(adr_t *adr)
1854 1854 {
1855 1855 return (xgeneric(adr));
1856 1856 }
1857 1857
1858 1858 int
1859 1859 xwindow_token(adr_t *adr)
1860 1860 {
1861 1861 return (xgeneric(adr));
1862 1862 }
1863 1863
1864 1864
1865 1865 /*
1866 1866 * Format of xgeneric token:
1867 1867 * XID adr_int32
1868 1868 * creator UID adr_int32
1869 1869 *
1870 1870 * Includes: xcolormap, xcursor, xfont, xgc, xpixmap, and xwindow
1871 1871 */
1872 1872 int
1873 1873 xgeneric(adr_t *adr)
1874 1874 {
1875 1875 int32_t xid;
1876 1876 int32_t uid;
1877 1877
1878 1878 adrm_int32(adr, &xid, 1);
1879 1879 adrm_int32(adr, &uid, 1);
1880 1880
1881 1881 if (flags & M_USERE) {
1882 1882 if (m_usere == uid)
1883 1883 checkflags = checkflags | M_USERE;
1884 1884 }
1885 1885
1886 1886 return (-1);
1887 1887 }
1888 1888
1889 1889
1890 1890 /*
1891 1891 * Format of xproperty token:
1892 1892 * XID adr_int32
1893 1893 * creator UID adr_int32
1894 1894 * atom string adr_string
1895 1895 */
1896 1896 int
1897 1897 xproperty_token(adr_t *adr)
1898 1898 {
1899 1899 int32_t xid;
1900 1900 int32_t uid;
1901 1901
1902 1902 adrm_int32(adr, &xid, 1);
1903 1903 adrm_int32(adr, &uid, 1);
1904 1904 skip_string(adr);
1905 1905
1906 1906 if (flags & M_USERE) {
1907 1907 if (m_usere == uid)
1908 1908 checkflags = checkflags | M_USERE;
1909 1909 }
1910 1910
1911 1911 return (-1);
1912 1912 }
1913 1913
1914 1914
1915 1915 /*
1916 1916 * Format of xclient token:
1917 1917 * xclient id adr_int32
1918 1918 */
1919 1919 int
1920 1920 xclient_token(adr_t *adr)
1921 1921 {
1922 1922 int32_t client_id;
1923 1923
1924 1924 adrm_int32(adr, &client_id, 1);
1925 1925
1926 1926 return (-1);
1927 1927 }
1928 1928
1929 1929 /*
1930 1930 * Format of privilege set token:
1931 1931 * priv_set type string
1932 1932 * priv_set string
1933 1933 */
|
↓ open down ↓ |
1933 lines elided |
↑ open up ↑ |
1934 1934
1935 1935 int
1936 1936 privilege_token(adr_t *adr)
1937 1937 {
1938 1938 skip_string(adr); /* set type name */
1939 1939 skip_string(adr); /* privilege set */
1940 1940 return (-1);
1941 1941 }
1942 1942
1943 1943 /*
1944 + * Format of security flags token:
1945 + * security flag set string
1946 + * security flags string
1947 + */
1948 +
1949 +int
1950 +secflags_token(adr_t *adr)
1951 +{
1952 + skip_string(adr); /* set name */
1953 + skip_string(adr); /* security flags */
1954 + return (-1);
1955 +}
1956 +
1957 +/*
1944 1958 * Format of label token:
1945 1959 * label ID 1 byte
1946 1960 * compartment length 1 byte
1947 1961 * classification 2 bytes
1948 1962 * compartment words <compartment length> * 4 bytes
1949 1963 */
1950 1964 int
1951 1965 label_token(adr_t *adr)
1952 1966 {
1953 1967 static m_label_t *label = NULL;
1954 1968 static size32_t l_size;
1955 1969 int len;
1956 1970
1957 1971 if (label == NULL) {
1958 1972 label = m_label_alloc(MAC_LABEL);
1959 1973 l_size = blabel_size() - 4;
1960 1974 }
1961 1975
1962 1976 if (label == NULL) {
1963 1977 /* out of memory, should never happen; skip label */
1964 1978 char l; /* length */
1965 1979
1966 1980 adr->adr_now += sizeof (char);
1967 1981 adrm_char(adr, (char *)&l, 1);
1968 1982 adr->adr_now += sizeof (short) + (4 * l);
1969 1983 return (-1);
1970 1984 }
1971 1985
1972 1986 adrm_char(adr, (char *)label, 4);
1973 1987 len = (int)(((char *)label)[1] * 4);
1974 1988 if (len > l_size) {
1975 1989 return (-1);
1976 1990 }
1977 1991 adrm_char(adr, &((char *)label)[4], len);
1978 1992
1979 1993 if (flags & M_LABEL) {
1980 1994 if (blinrange(label, m_label))
1981 1995 checkflags = checkflags | M_LABEL;
1982 1996 }
1983 1997
1984 1998 return (-1);
1985 1999 }
1986 2000
1987 2001
1988 2002 /*
1989 2003 * Format of useofpriv token:
1990 2004 * success/failure adr_char
1991 2005 * privilege(s) adr_string
1992 2006 */
1993 2007 /* ARGSUSED */
1994 2008 int
1995 2009 useofpriv_token(adr_t *adr)
1996 2010 {
1997 2011 char flag;
1998 2012
1999 2013 adrm_char(adr, &flag, 1);
2000 2014 skip_string(adr);
2001 2015 return (-1);
2002 2016 }
|
↓ open down ↓ |
49 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX