upstream/illumos/illumos-gate: usr/src/uts/common/syscall/auditsys.c@63678502e95e (annotated)

0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	1	/*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	2	* CDDL HEADER START
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	3	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	4	* The contents of this file are subject to the terms of the
3369 907766ce9a30 4689038 auditon() error return is ambiguous tz204579 parents: 0 diff changeset	5	* Common Development and Distribution License (the "License").
907766ce9a30 4689038 auditon() error return is ambiguous tz204579 parents: 0 diff changeset	6	* You may not use this file except in compliance with the License.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	7	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	8	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	9	* or http://www.opensolaris.org/os/licensing.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	10	* See the License for the specific language governing permissions
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	11	* and limitations under the License.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	12	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	13	* When distributing Covered Code, include this CDDL HEADER in each
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	14	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	15	* If applicable, add the following below this CDDL HEADER, with the
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	16	* fields enclosed by brackets "[]" replaced with your own identifying
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	17	* information: Portions Copyright [yyyy] [name of copyright owner]
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	18	*
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	19	* CDDL HEADER END
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	20	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	21	/*
12273 63678502e95e PSARC 2009/377 In-kernel pfexec implementation. Casper H.S. Dik <Casper.Dik@Sun.COM> parents: 11871 diff changeset	22	* Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	23	*/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	24
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	25	#include <sys/systm.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	26	#include <sys/errno.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	27	#include <sys/policy.h>
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	28
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	29	#include <c2/audit.h>
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	30	#include <c2/audit_kernel.h>
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	31	#include <c2/audit_record.h>
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	32
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	33	#define CLEAR_VAL -1
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	34
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	35	extern kmutex_t pidlock;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	36
11871 62afedd2e4a5 PSARC/2009/613 auditon(2) clarification Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11861 diff changeset	37	uint32_t audit_policy; /* global audit policies in force */
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	38
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	39
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	40	/ARGSUSED1/
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	41	int
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	42	auditsys(struct auditcalls uap, rval_t rvp)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	43	{
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	44	int err;
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	45	int result = 0;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	46
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	47	if (audit_active == C2AUDIT_DISABLED)
3369 907766ce9a30 4689038 auditon() error return is ambiguous tz204579 parents: 0 diff changeset	48	return (ENOTSUP);
907766ce9a30 4689038 auditon() error return is ambiguous tz204579 parents: 0 diff changeset	49
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	50	switch (uap->code) {
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	51	case BSM_GETAUID:
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	52	result = getauid((caddr_t)uap->a1);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	53	break;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	54	case BSM_SETAUID:
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	55	result = setauid((caddr_t)uap->a1);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	56	break;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	57	case BSM_GETAUDIT:
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	58	result = getaudit((caddr_t)uap->a1);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	59	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	60	case BSM_GETAUDIT_ADDR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	61	result = getaudit_addr((caddr_t)uap->a1, (int)uap->a2);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	62	break;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	63	case BSM_SETAUDIT:
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	64	result = setaudit((caddr_t)uap->a1);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	65	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	66	case BSM_SETAUDIT_ADDR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	67	result = setaudit_addr((caddr_t)uap->a1, (int)uap->a2);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	68	break;
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	69	case BSM_AUDITCTL:
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	70	result = auditctl((int)uap->a1, (caddr_t)uap->a2, (int)uap->a3);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	71	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	72	case BSM_AUDIT:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	73	if (audit_active == C2AUDIT_UNLOADED)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	74	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	75	result = audit((caddr_t)uap->a1, (int)uap->a2);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	76	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	77	case BSM_AUDITDOOR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	78	if (audit_active == C2AUDIT_LOADED) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	79	result = auditdoor((int)uap->a1);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	80	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	81	}
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	82	default:
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	83	if (audit_active == C2AUDIT_LOADED) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	84	result = EINVAL;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	85	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	86	}
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	87	/* Return a different error when not privileged */
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	88	err = secpolicy_audit_config(CRED());
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	89	if (err == 0)
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	90	return (EINVAL);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	91	else
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	92	return (err);
68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	93	}
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	94	rvp->r_vals = result;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	95	return (result);
0 68f95e015346 OpenSolaris Launch stevel@tonic-gate parents: diff changeset	96	}
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	97
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	98	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	99	* Return the audit user ID for the current process. Currently only
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	100	* the privileged processes may see the audit id. That may change.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	101	* If copyout is unsucessful return EFAULT.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	102	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	103	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	104	getauid(caddr_t auid_p)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	105	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	106	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	107
12273 63678502e95e PSARC 2009/377 In-kernel pfexec implementation. Casper H.S. Dik <Casper.Dik@Sun.COM> parents: 11871 diff changeset	108	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	109	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	110
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	111	ainfo = crgetauinfo(CRED());
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	112	if (ainfo == NULL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	113	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	114
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	115	if (copyout(&ainfo->ai_auid, auid_p, sizeof (au_id_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	116	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	117
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	118	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	119	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	120
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	121	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	122	* Set the audit userid, for a process. This can only be changed by
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	123	* privileged processes. The audit userid is inherited across forks & execs.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	124	* Passed in is a pointer to the au_id_t; if copyin unsuccessful return EFAULT.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	125	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	126	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	127	setauid(caddr_t auid_p)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	128	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	129	proc_t *p;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	130	au_id_t auid;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	131	cred_t *newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	132	auditinfo_addr_t *auinfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	133
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	134	if (secpolicy_audit_config(CRED()) != 0)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	135	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	136
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	137	if (copyin(auid_p, &auid, sizeof (au_id_t))) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	138	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	139	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	140
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	141	newcred = cralloc();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	142	if ((auinfo = crgetauinfo_modifiable(newcred)) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	143	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	144	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	145	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	146
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	147	/* grab p_crlock and switch to new cred */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	148	p = curproc;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	149	mutex_enter(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	150	crcopy_to(p->p_cred, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	151	p->p_cred = newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	152
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	153	auinfo->ai_auid = auid; /* update the auid */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	154
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	155	/* unlock and broadcast the cred changes */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	156	mutex_exit(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	157	crset(p, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	158
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	159	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	160	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	161
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	162	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	163	* Get the audit state information from the current process.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	164	* Return EFAULT if copyout fails.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	165	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	166	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	167	getaudit(caddr_t info_p)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	168	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	169	STRUCT_DECL(auditinfo, info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	170	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	171	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	172
12273 63678502e95e PSARC 2009/377 In-kernel pfexec implementation. Casper H.S. Dik <Casper.Dik@Sun.COM> parents: 11871 diff changeset	173	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	174	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	175
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	176	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	177	STRUCT_INIT(info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	178
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	179	ainfo = crgetauinfo(CRED());
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	180	if (ainfo == NULL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	181	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	182
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	183	/* trying to read a process with an IPv6 address? */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	184	if (ainfo->ai_termid.at_type == AU_IPv6)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	185	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	186
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	187	STRUCT_FSET(info, ai_auid, ainfo->ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	188	STRUCT_FSET(info, ai_mask, ainfo->ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	189	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	190	if (model == DATAMODEL_ILP32) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	191	dev32_t dev;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	192	/* convert internal 64 bit form to 32 bit version */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	193	if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	194	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	195	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	196	STRUCT_FSET(info, ai_termid.port, dev);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	197	} else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	198	STRUCT_FSET(info, ai_termid.port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	199	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	200	STRUCT_FSET(info, ai_termid.port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	201	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	202	STRUCT_FSET(info, ai_termid.machine, ainfo->ai_termid.at_addr[0]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	203	STRUCT_FSET(info, ai_asid, ainfo->ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	204
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	205	if (copyout(STRUCT_BUF(info), info_p, STRUCT_SIZE(info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	206	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	207
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	208	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	209	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	210
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	211	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	212	* Get the audit state information from the current process.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	213	* Return EFAULT if copyout fails.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	214	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	215	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	216	getaudit_addr(caddr_t info_p, int len)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	217	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	218	STRUCT_DECL(auditinfo_addr, info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	219	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	220	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	221
12273 63678502e95e PSARC 2009/377 In-kernel pfexec implementation. Casper H.S. Dik <Casper.Dik@Sun.COM> parents: 11871 diff changeset	222	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	223	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	224
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	225	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	226	STRUCT_INIT(info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	227
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	228	if (len < STRUCT_SIZE(info))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	229	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	230
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	231	ainfo = crgetauinfo(CRED());
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	232
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	233	if (ainfo == NULL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	234	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	235
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	236	STRUCT_FSET(info, ai_auid, ainfo->ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	237	STRUCT_FSET(info, ai_mask, ainfo->ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	238	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	239	if (model == DATAMODEL_ILP32) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	240	dev32_t dev;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	241	/* convert internal 64 bit form to 32 bit version */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	242	if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	243	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	244	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	245	STRUCT_FSET(info, ai_termid.at_port, dev);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	246	} else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	247	STRUCT_FSET(info, ai_termid.at_port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	248	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	249	STRUCT_FSET(info, ai_termid.at_port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	250	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	251	STRUCT_FSET(info, ai_termid.at_type, ainfo->ai_termid.at_type);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	252	STRUCT_FSET(info, ai_termid.at_addr[0], ainfo->ai_termid.at_addr[0]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	253	STRUCT_FSET(info, ai_termid.at_addr[1], ainfo->ai_termid.at_addr[1]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	254	STRUCT_FSET(info, ai_termid.at_addr[2], ainfo->ai_termid.at_addr[2]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	255	STRUCT_FSET(info, ai_termid.at_addr[3], ainfo->ai_termid.at_addr[3]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	256	STRUCT_FSET(info, ai_asid, ainfo->ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	257
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	258	if (copyout(STRUCT_BUF(info), info_p, STRUCT_SIZE(info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	259	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	260
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	261	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	262	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	263
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	264	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	265	* Set the audit state information for the current process.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	266	* Return EFAULT if copyout fails.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	267	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	268	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	269	setaudit(caddr_t info_p)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	270	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	271	STRUCT_DECL(auditinfo, info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	272	proc_t *p;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	273	cred_t *newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	274	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	275	auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	276
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	277	if (secpolicy_audit_config(CRED()) != 0)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	278	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	279
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	280	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	281	STRUCT_INIT(info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	282
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	283	if (copyin(info_p, STRUCT_BUF(info), STRUCT_SIZE(info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	284	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	285
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	286	newcred = cralloc();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	287	if ((ainfo = crgetauinfo_modifiable(newcred)) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	288	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	289	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	290	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	291
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	292	/* grab p_crlock and switch to new cred */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	293	p = curproc;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	294	mutex_enter(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	295	crcopy_to(p->p_cred, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	296	p->p_cred = newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	297
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	298	/* Set audit mask, id, termid and session id as specified */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	299	ainfo->ai_auid = STRUCT_FGET(info, ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	300	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	301	/* only convert to 64 bit if coming from a 32 bit binary */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	302	if (model == DATAMODEL_ILP32)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	303	ainfo->ai_termid.at_port =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	304	DEVEXPL(STRUCT_FGET(info, ai_termid.port));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	305	else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	306	ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	307	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	308	ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	309	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	310	ainfo->ai_termid.at_type = AU_IPv4;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	311	ainfo->ai_termid.at_addr[0] = STRUCT_FGET(info, ai_termid.machine);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	312	ainfo->ai_asid = STRUCT_FGET(info, ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	313	ainfo->ai_mask = STRUCT_FGET(info, ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	314
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	315	/* unlock and broadcast the cred changes */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	316	mutex_exit(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	317	crset(p, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	318
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	319	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	320	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	321
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	322	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	323	* Set the audit state information for the current process.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	324	* Return EFAULT if copyin fails.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	325	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	326	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	327	setaudit_addr(caddr_t info_p, int len)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	328	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	329	STRUCT_DECL(auditinfo_addr, info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	330	proc_t *p;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	331	cred_t *newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	332	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	333	int i;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	334	int type;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	335	auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	336
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	337	if (secpolicy_audit_config(CRED()) != 0)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	338	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	339
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	340	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	341	STRUCT_INIT(info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	342
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	343	if (len < STRUCT_SIZE(info))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	344	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	345
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	346	if (copyin(info_p, STRUCT_BUF(info), STRUCT_SIZE(info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	347	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	348
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	349	type = STRUCT_FGET(info, ai_termid.at_type);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	350	if ((type != AU_IPv4) && (type != AU_IPv6))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	351	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	352
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	353	newcred = cralloc();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	354	if ((ainfo = crgetauinfo_modifiable(newcred)) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	355	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	356	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	357	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	358
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	359	/* grab p_crlock and switch to new cred */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	360	p = curproc;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	361	mutex_enter(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	362	crcopy_to(p->p_cred, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	363	p->p_cred = newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	364
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	365	/* Set audit mask, id, termid and session id as specified */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	366	ainfo->ai_auid = STRUCT_FGET(info, ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	367	ainfo->ai_mask = STRUCT_FGET(info, ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	368	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	369	/* only convert to 64 bit if coming from a 32 bit binary */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	370	if (model == DATAMODEL_ILP32)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	371	ainfo->ai_termid.at_port =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	372	DEVEXPL(STRUCT_FGET(info, ai_termid.at_port));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	373	else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	374	ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	375	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	376	ainfo->ai_termid.at_port = STRUCT_FGET(info, ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	377	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	378	ainfo->ai_termid.at_type = type;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	379	bzero(&ainfo->ai_termid.at_addr[0], sizeof (ainfo->ai_termid.at_addr));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	380	for (i = 0; i < (type/sizeof (int)); i++)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	381	ainfo->ai_termid.at_addr[i] =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	382	STRUCT_FGET(info, ai_termid.at_addr[i]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	383
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	384	if (ainfo->ai_termid.at_type == AU_IPv6 &&
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	385	IN6_IS_ADDR_V4MAPPED(((in6_addr_t *)ainfo->ai_termid.at_addr))) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	386	ainfo->ai_termid.at_type = AU_IPv4;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	387	ainfo->ai_termid.at_addr[0] = ainfo->ai_termid.at_addr[3];
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	388	ainfo->ai_termid.at_addr[1] = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	389	ainfo->ai_termid.at_addr[2] = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	390	ainfo->ai_termid.at_addr[3] = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	391	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	392
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	393	ainfo->ai_asid = STRUCT_FGET(info, ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	394
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	395	/* unlock and broadcast the cred changes */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	396	mutex_exit(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	397	crset(p, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	398
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	399	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	400	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	401
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	402	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	403	* Get the global policy flag
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	404	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	405	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	406	getpolicy(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	407	{
11871 62afedd2e4a5 PSARC/2009/613 auditon(2) clarification Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11861 diff changeset	408	uint32_t policy;
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	409	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	410
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	411	policy = audit_policy \| kctx->auk_policy;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	412
11871 62afedd2e4a5 PSARC/2009/613 auditon(2) clarification Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11861 diff changeset	413	if (copyout(&policy, data, sizeof (policy)))
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	414	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	415	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	416	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	417
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	418	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	419	* Set the global and local policy flags
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	420	*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	421	* The global flags only make sense from the global zone;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	422	* the local flags depend on the AUDIT_PERZONE policy:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	423	* if the perzone policy is set, then policy is set separately
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	424	* per zone, else held only in the global zone.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	425	*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	426	* The initial value of a local zone's policy flag is determined
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	427	* by the value of the global zone's flags at the time the
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	428	* local zone is created.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	429	*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	430	* While auditconfig(1M) allows setting and unsetting policies one bit
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	431	* at a time, the mask passed in from auditconfig() is created by a
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	432	* syscall to getpolicy and then modified based on the auditconfig()
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	433	* cmd line, so the input policy value is used to replace the existing
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	434	* policy.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	435	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	436	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	437	setpolicy(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	438	{
11871 62afedd2e4a5 PSARC/2009/613 auditon(2) clarification Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11861 diff changeset	439	uint32_t policy;
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	440	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	441
11871 62afedd2e4a5 PSARC/2009/613 auditon(2) clarification Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11861 diff changeset	442	if (copyin(data, &policy, sizeof (policy)))
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	443	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	444
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	445	kctx = GET_KCTX_NGZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	446
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	447	if (INGLOBALZONE(curproc)) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	448	if (policy & ~(AUDIT_GLOBAL \| AUDIT_LOCAL))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	449	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	450
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	451	audit_policy = policy & AUDIT_GLOBAL;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	452	} else {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	453	if (!(audit_policy & AUDIT_PERZONE))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	454	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	455
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	456	if (policy & ~AUDIT_LOCAL) /* global bits are a no-no */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	457	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	458	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	459	kctx->auk_policy = policy & AUDIT_LOCAL;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	460
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	461	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	462	* auk_current_vp is NULL before auditd starts (or during early
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	463	* auditd starup) or if auditd is halted; in either case,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	464	* notification of a policy change is not needed, since auditd
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	465	* reads policy as it comes up. The error return from au_doormsg()
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	466	* is ignored to avoid a race condition -- for example if auditd
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	467	* segv's, the audit state may be "auditing" but the door may
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	468	* be closed. Returning an error if the door is open makes it
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	469	* impossible for Greenline to restart auditd.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	470	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	471	if (kctx->auk_current_vp != NULL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	472	(void) au_doormsg(kctx, AU_DBUF_POLICY, &policy);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	473
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	474	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	475	* Wake up anyone who might have blocked on full audit
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	476	* partitions. audit daemons need to set AUDIT_FULL when no
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	477	* space so we can tell if we should start dropping records.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	478	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	479	mutex_enter(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	480
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	481	if ((policy & (AUDIT_CNT \| AUDIT_SCNT) &&
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	482	(kctx->auk_queue.cnt >= kctx->auk_queue.hiwater)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	483	cv_broadcast(&(kctx->auk_queue.write_cv));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	484
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	485	mutex_exit(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	486
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	487	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	488	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	489
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	490	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	491	getkmask(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	492	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	493	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	494
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	495	kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	496
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	497	if (copyout(&kctx->auk_info.ai_mask, data, sizeof (au_mask_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	498	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	499	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	500	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	501
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	502	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	503	setkmask(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	504	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	505	au_mask_t mask;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	506	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	507
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	508	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	509	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	510
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	511	kctx = GET_KCTX_NGZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	512
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	513	if (copyin(data, &mask, sizeof (au_mask_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	514	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	515
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	516	kctx->auk_info.ai_mask = mask;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	517	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	518	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	519
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	520	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	521	getkaudit(caddr_t info_p, int len)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	522	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	523	STRUCT_DECL(auditinfo_addr, info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	524	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	525	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	526
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	527	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	528	STRUCT_INIT(info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	529
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	530	if (len < STRUCT_SIZE(info))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	531	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	532
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	533	STRUCT_FSET(info, ai_auid, kctx->auk_info.ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	534	STRUCT_FSET(info, ai_mask, kctx->auk_info.ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	535	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	536	if (model == DATAMODEL_ILP32) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	537	dev32_t dev;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	538	/* convert internal 64 bit form to 32 bit version */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	539	if (cmpldev(&dev, kctx->auk_info.ai_termid.at_port) == 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	540	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	541	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	542	STRUCT_FSET(info, ai_termid.at_port, dev);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	543	} else {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	544	STRUCT_FSET(info, ai_termid.at_port,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	545	kctx->auk_info.ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	546	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	547	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	548	STRUCT_FSET(info, ai_termid.at_port,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	549	kctx->auk_info.ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	550	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	551	STRUCT_FSET(info, ai_termid.at_type,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	552	kctx->auk_info.ai_termid.at_type);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	553	STRUCT_FSET(info, ai_termid.at_addr[0],
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	554	kctx->auk_info.ai_termid.at_addr[0]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	555	STRUCT_FSET(info, ai_termid.at_addr[1],
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	556	kctx->auk_info.ai_termid.at_addr[1]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	557	STRUCT_FSET(info, ai_termid.at_addr[2],
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	558	kctx->auk_info.ai_termid.at_addr[2]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	559	STRUCT_FSET(info, ai_termid.at_addr[3],
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	560	kctx->auk_info.ai_termid.at_addr[3]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	561	STRUCT_FSET(info, ai_asid, kctx->auk_info.ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	562
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	563	if (copyout(STRUCT_BUF(info), info_p, STRUCT_SIZE(info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	564	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	565
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	566	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	567	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	568
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	569	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	570	* the host address for AUDIT_PERZONE == 0 is that of the global
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	571	* zone and for local zones it is of the current zone.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	572	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	573	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	574	setkaudit(caddr_t info_p, int len)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	575	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	576	STRUCT_DECL(auditinfo_addr, info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	577	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	578	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	579
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	580	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	581	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	582
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	583	kctx = GET_KCTX_NGZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	584
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	585	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	586	STRUCT_INIT(info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	587
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	588	if (len < STRUCT_SIZE(info))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	589	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	590
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	591	if (copyin(info_p, STRUCT_BUF(info), STRUCT_SIZE(info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	592	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	593
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	594	if ((STRUCT_FGET(info, ai_termid.at_type) != AU_IPv4) &&
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	595	(STRUCT_FGET(info, ai_termid.at_type) != AU_IPv6))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	596	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	597
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	598	/* Set audit mask, termid and session id as specified */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	599	kctx->auk_info.ai_auid = STRUCT_FGET(info, ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	600	kctx->auk_info.ai_mask = STRUCT_FGET(info, ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	601	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	602	/* only convert to 64 bit if coming from a 32 bit binary */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	603	if (model == DATAMODEL_ILP32)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	604	kctx->auk_info.ai_termid.at_port =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	605	DEVEXPL(STRUCT_FGET(info, ai_termid.at_port));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	606	else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	607	kctx->auk_info.ai_termid.at_port =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	608	STRUCT_FGET(info, ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	609	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	610	kctx->auk_info.ai_termid.at_port = STRUCT_FGET(info, ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	611	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	612	kctx->auk_info.ai_termid.at_type = STRUCT_FGET(info, ai_termid.at_type);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	613	bzero(&kctx->auk_info.ai_termid.at_addr[0],
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	614	sizeof (kctx->auk_info.ai_termid.at_addr));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	615	kctx->auk_info.ai_termid.at_addr[0] =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	616	STRUCT_FGET(info, ai_termid.at_addr[0]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	617	kctx->auk_info.ai_termid.at_addr[1] =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	618	STRUCT_FGET(info, ai_termid.at_addr[1]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	619	kctx->auk_info.ai_termid.at_addr[2] =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	620	STRUCT_FGET(info, ai_termid.at_addr[2]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	621	kctx->auk_info.ai_termid.at_addr[3] =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	622	STRUCT_FGET(info, ai_termid.at_addr[3]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	623	kctx->auk_info.ai_asid = STRUCT_FGET(info, ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	624
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	625	if (kctx->auk_info.ai_termid.at_type == AU_IPv6 &&
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	626	IN6_IS_ADDR_V4MAPPED(
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	627	((in6_addr_t *)kctx->auk_info.ai_termid.at_addr))) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	628	kctx->auk_info.ai_termid.at_type = AU_IPv4;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	629	kctx->auk_info.ai_termid.at_addr[0] =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	630	kctx->auk_info.ai_termid.at_addr[3];
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	631	kctx->auk_info.ai_termid.at_addr[1] = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	632	kctx->auk_info.ai_termid.at_addr[2] = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	633	kctx->auk_info.ai_termid.at_addr[3] = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	634	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	635	if (kctx->auk_info.ai_termid.at_type == AU_IPv6)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	636	kctx->auk_hostaddr_valid = IN6_IS_ADDR_UNSPECIFIED(
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	637	(in6_addr_t *)kctx->auk_info.ai_termid.at_addr) ? 0 : 1;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	638	else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	639	kctx->auk_hostaddr_valid =
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	640	(kctx->auk_info.ai_termid.at_addr[0] ==
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	641	htonl(INADDR_ANY)) ? 0 : 1;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	642
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	643	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	644	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	645
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	646	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	647	getqctrl(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	648	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	649	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	650	STRUCT_DECL(au_qctrl, qctrl);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	651	STRUCT_INIT(qctrl, get_udatamodel());
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	652
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	653	mutex_enter(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	654	STRUCT_FSET(qctrl, aq_hiwater, kctx->auk_queue.hiwater);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	655	STRUCT_FSET(qctrl, aq_lowater, kctx->auk_queue.lowater);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	656	STRUCT_FSET(qctrl, aq_bufsz, kctx->auk_queue.bufsz);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	657	STRUCT_FSET(qctrl, aq_delay, kctx->auk_queue.delay);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	658	mutex_exit(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	659
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	660	if (copyout(STRUCT_BUF(qctrl), data, STRUCT_SIZE(qctrl)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	661	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	662
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	663	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	664	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	665
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	666	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	667	setqctrl(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	668	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	669	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	670	struct au_qctrl qctrl_tmp;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	671	STRUCT_DECL(au_qctrl, qctrl);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	672	STRUCT_INIT(qctrl, get_udatamodel());
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	673
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	674	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	675	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	676	kctx = GET_KCTX_NGZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	677
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	678	if (copyin(data, STRUCT_BUF(qctrl), STRUCT_SIZE(qctrl)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	679	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	680
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	681	qctrl_tmp.aq_hiwater = (size_t)STRUCT_FGET(qctrl, aq_hiwater);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	682	qctrl_tmp.aq_lowater = (size_t)STRUCT_FGET(qctrl, aq_lowater);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	683	qctrl_tmp.aq_bufsz = (size_t)STRUCT_FGET(qctrl, aq_bufsz);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	684	qctrl_tmp.aq_delay = (clock_t)STRUCT_FGET(qctrl, aq_delay);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	685
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	686	/* enforce sane values */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	687
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	688	if (qctrl_tmp.aq_hiwater <= qctrl_tmp.aq_lowater)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	689	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	690
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	691	if (qctrl_tmp.aq_hiwater < AQ_LOWATER)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	692	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	693
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	694	if (qctrl_tmp.aq_hiwater > AQ_MAXHIGH)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	695	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	696
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	697	if (qctrl_tmp.aq_bufsz < AQ_BUFSZ)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	698	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	699
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	700	if (qctrl_tmp.aq_bufsz > AQ_MAXBUFSZ)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	701	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	702
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	703	if (qctrl_tmp.aq_delay == 0)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	704	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	705
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	706	if (qctrl_tmp.aq_delay > AQ_MAXDELAY)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	707	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	708
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	709	/* update everything at once so things are consistant */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	710	mutex_enter(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	711	kctx->auk_queue.hiwater = qctrl_tmp.aq_hiwater;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	712	kctx->auk_queue.lowater = qctrl_tmp.aq_lowater;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	713	kctx->auk_queue.bufsz = qctrl_tmp.aq_bufsz;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	714	kctx->auk_queue.delay = qctrl_tmp.aq_delay;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	715
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	716	if (kctx->auk_queue.rd_block &&
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	717	kctx->auk_queue.cnt > kctx->auk_queue.lowater)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	718	cv_broadcast(&(kctx->auk_queue.read_cv));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	719
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	720	if (kctx->auk_queue.wt_block &&
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	721	kctx->auk_queue.cnt < kctx->auk_queue.hiwater)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	722	cv_broadcast(&(kctx->auk_queue.write_cv));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	723
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	724	mutex_exit(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	725
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	726	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	727	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	728
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	729	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	730	getcwd(caddr_t data, int length)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	731	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	732	struct p_audit_data *pad;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	733	struct audit_path *app;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	734	int pathlen;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	735
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	736	pad = P2A(curproc);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	737	ASSERT(pad != NULL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	738
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	739	mutex_enter(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	740	app = pad->pad_cwd;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	741	au_pathhold(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	742	mutex_exit(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	743
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	744	pathlen = app->audp_sect[1] - app->audp_sect[0];
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	745	if (pathlen > length) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	746	au_pathrele(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	747	return (E2BIG);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	748	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	749
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	750	if (copyout(app->audp_sect[0], data, pathlen)) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	751	au_pathrele(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	752	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	753	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	754
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	755	au_pathrele(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	756	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	757	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	758
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	759	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	760	getcar(caddr_t data, int length)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	761	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	762	struct p_audit_data *pad;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	763	struct audit_path *app;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	764	int pathlen;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	765
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	766	pad = P2A(curproc);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	767	ASSERT(pad != NULL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	768
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	769	mutex_enter(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	770	app = pad->pad_root;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	771	au_pathhold(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	772	mutex_exit(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	773
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	774	pathlen = app->audp_sect[1] - app->audp_sect[0];
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	775	if (pathlen > length) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	776	au_pathrele(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	777	return (E2BIG);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	778	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	779
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	780	if (copyout(app->audp_sect[0], data, pathlen)) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	781	au_pathrele(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	782	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	783	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	784
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	785	au_pathrele(app);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	786	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	787	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	788
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	789	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	790	getstat(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	791	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	792	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	793
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	794	membar_consumer();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	795
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	796	if (copyout((caddr_t)&(kctx->auk_statistics), data, sizeof (au_stat_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	797	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	798	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	799	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	800
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	801	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	802	setstat(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	803	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	804	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	805	au_stat_t au_stat;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	806
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	807	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	808	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	809
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	810	if (copyin(data, &au_stat, sizeof (au_stat_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	811	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	812
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	813	if (au_stat.as_generated == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	814	kctx->auk_statistics.as_generated = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	815	if (au_stat.as_nonattrib == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	816	kctx->auk_statistics.as_nonattrib = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	817	if (au_stat.as_kernel == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	818	kctx->auk_statistics.as_kernel = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	819	if (au_stat.as_audit == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	820	kctx->auk_statistics.as_audit = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	821	if (au_stat.as_auditctl == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	822	kctx->auk_statistics.as_auditctl = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	823	if (au_stat.as_enqueue == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	824	kctx->auk_statistics.as_enqueue = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	825	if (au_stat.as_written == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	826	kctx->auk_statistics.as_written = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	827	if (au_stat.as_wblocked == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	828	kctx->auk_statistics.as_wblocked = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	829	if (au_stat.as_rblocked == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	830	kctx->auk_statistics.as_rblocked = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	831	if (au_stat.as_dropped == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	832	kctx->auk_statistics.as_dropped = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	833	if (au_stat.as_totalsize == CLEAR_VAL)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	834	kctx->auk_statistics.as_totalsize = 0;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	835
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	836	membar_producer();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	837
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	838	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	839
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	840	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	841
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	842	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	843	setumask(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	844	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	845	STRUCT_DECL(auditinfo, user_info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	846	struct proc *p;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	847	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	848	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	849
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	850	/* setumask not applicable in non-global zones without perzone policy */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	851	if (!(audit_policy & AUDIT_PERZONE) && (!INGLOBALZONE(curproc)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	852	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	853
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	854	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	855	STRUCT_INIT(user_info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	856
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	857	if (copyin(data, STRUCT_BUF(user_info), STRUCT_SIZE(user_info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	858	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	859
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	860	mutex_enter(&pidlock); /* lock the process queue against updates */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	861	for (p = practive; p != NULL; p = p->p_next) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	862	cred_t *cr;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	863
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	864	/* if in non-global zone only modify processes in same zone */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	865	if (!HASZONEACCESS(curproc, p->p_zone->zone_id))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	866	continue;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	867
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	868	mutex_enter(&p->p_lock); /* so process doesn't go away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	869
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	870	/* skip system processes and ones being created or going away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	871	if (p->p_stat == SIDL \|\| p->p_stat == SZOMB \|\|
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	872	(p->p_flag & (SSYS \| SEXITING \| SEXITLWPS))) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	873	mutex_exit(&p->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	874	continue;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	875	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	876
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	877	mutex_enter(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	878	crhold(cr = p->p_cred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	879	mutex_exit(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	880	ainfo = crgetauinfo(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	881	if (ainfo == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	882	mutex_exit(&p->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	883	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	884	continue;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	885	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	886
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	887	if (ainfo->ai_auid == STRUCT_FGET(user_info, ai_auid)) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	888	au_mask_t mask;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	889	int err;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	890
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	891	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	892	* Here's a process which matches the specified auid.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	893	* If its mask doesn't already match the new mask,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	894	* save the new mask in the pad, to be picked up
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	895	* next syscall.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	896	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	897	mask = STRUCT_FGET(user_info, ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	898	err = bcmp(&mask, &ainfo->ai_mask, sizeof (au_mask_t));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	899	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	900	if (err != 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	901	struct p_audit_data *pad = P2A(p);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	902	ASSERT(pad != NULL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	903
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	904	mutex_enter(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	905	pad->pad_flags \|= PAD_SETMASK;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	906	pad->pad_newmask = mask;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	907	mutex_exit(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	908
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	909	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	910	* No need to call set_proc_pre_sys(), since
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	911	* t_pre_sys is ALWAYS on when audit is
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	912	* enabled...due to syscall auditing.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	913	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	914	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	915	} else {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	916	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	917	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	918	mutex_exit(&p->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	919	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	920	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	921
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	922	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	923	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	924
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	925	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	926	setsmask(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	927	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	928	STRUCT_DECL(auditinfo, user_info);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	929	struct proc *p;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	930	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	931	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	932
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	933	/* setsmask not applicable in non-global zones without perzone policy */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	934	if (!(audit_policy & AUDIT_PERZONE) && (!INGLOBALZONE(curproc)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	935	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	936
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	937	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	938	STRUCT_INIT(user_info, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	939
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	940	if (copyin(data, STRUCT_BUF(user_info), STRUCT_SIZE(user_info)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	941	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	942
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	943	mutex_enter(&pidlock); /* lock the process queue against updates */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	944	for (p = practive; p != NULL; p = p->p_next) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	945	cred_t *cr;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	946
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	947	/* if in non-global zone only modify processes in same zone */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	948	if (!HASZONEACCESS(curproc, p->p_zone->zone_id))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	949	continue;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	950
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	951	mutex_enter(&p->p_lock); /* so process doesn't go away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	952
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	953	/* skip system processes and ones being created or going away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	954	if (p->p_stat == SIDL \|\| p->p_stat == SZOMB \|\|
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	955	(p->p_flag & (SSYS \| SEXITING \| SEXITLWPS))) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	956	mutex_exit(&p->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	957	continue;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	958	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	959
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	960	mutex_enter(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	961	crhold(cr = p->p_cred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	962	mutex_exit(&p->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	963	ainfo = crgetauinfo(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	964	if (ainfo == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	965	mutex_exit(&p->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	966	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	967	continue;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	968	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	969
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	970	if (ainfo->ai_asid == STRUCT_FGET(user_info, ai_asid)) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	971	au_mask_t mask;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	972	int err;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	973
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	974	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	975	* Here's a process which matches the specified asid.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	976	* If its mask doesn't already match the new mask,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	977	* save the new mask in the pad, to be picked up
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	978	* next syscall.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	979	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	980	mask = STRUCT_FGET(user_info, ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	981	err = bcmp(&mask, &ainfo->ai_mask, sizeof (au_mask_t));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	982	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	983	if (err != 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	984	struct p_audit_data *pad = P2A(p);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	985	ASSERT(pad != NULL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	986
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	987	mutex_enter(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	988	pad->pad_flags \|= PAD_SETMASK;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	989	pad->pad_newmask = mask;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	990	mutex_exit(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	991
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	992	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	993	* No need to call set_proc_pre_sys(), since
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	994	* t_pre_sys is ALWAYS on when audit is
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	995	* enabled...due to syscall auditing.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	996	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	997	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	998	} else {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	999	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1000	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1001	mutex_exit(&p->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1002	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1003	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1004
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1005	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1006	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1007
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1008	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1009	* Get the current audit state of the system
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1010	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1011	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1012	getcond(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1013	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1014	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1015
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1016	if (copyout(&(kctx->auk_auditstate), data, sizeof (int)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1017	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1018
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1019	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1020	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1021
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1022	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1023	* Set the current audit state of the system to on (AUC_AUDITING) or
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1024	* off (AUC_NOAUDIT).
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1025	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1026	/* ARGSUSED */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1027	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1028	setcond(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1029	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1030	int auditstate;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1031	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1032
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1033	if (!(audit_policy & AUDIT_PERZONE) && (!INGLOBALZONE(curproc)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1034	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1035
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1036	kctx = GET_KCTX_NGZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1037
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1038	if (copyin(data, &auditstate, sizeof (int)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1039	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1040
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1041	switch (auditstate) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1042	case AUC_AUDITING: /* Turn auditing on */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1043	if (audit_active == C2AUDIT_UNLOADED)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1044	audit_init_module();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1045	kctx->auk_auditstate = AUC_AUDITING;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1046	if (!(audit_policy & AUDIT_PERZONE) && INGLOBALZONE(curproc))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1047	set_all_zone_usr_proc_sys(ALL_ZONES);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1048	else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1049	set_all_zone_usr_proc_sys(curproc->p_zone->zone_id);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1050	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1051
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1052	case AUC_NOAUDIT: /* Turn auditing off */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1053	if (kctx->auk_auditstate == AUC_NOAUDIT)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1054	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1055	kctx->auk_auditstate = AUC_NOAUDIT;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1056
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1057	/* clear out the audit queue */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1058
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1059	mutex_enter(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1060	if (kctx->auk_queue.wt_block)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1061	cv_broadcast(&(kctx->auk_queue.write_cv));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1062
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1063	/* unblock au_output_thread */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1064	cv_broadcast(&(kctx->auk_queue.read_cv));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1065
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1066	mutex_exit(&(kctx->auk_queue.lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1067	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1068
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1069	default:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1070	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1071	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1072
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1073	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1074	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1075
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1076	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1077	getclass(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1078	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1079	au_evclass_map_t event;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1080	au_kcontext_t *kctx = GET_KCTX_PZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1081
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1082	if (copyin(data, &event, sizeof (au_evclass_map_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1083	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1084
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1085	if (event.ec_number > MAX_KEVENTS)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1086	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1087
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1088	event.ec_class = kctx->auk_ets[event.ec_number];
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1089
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1090	if (copyout(&event, data, sizeof (au_evclass_map_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1091	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1092
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1093	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1094	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1095
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1096	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1097	setclass(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1098	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1099	au_evclass_map_t event;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1100	au_kcontext_t *kctx;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1101
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1102	if (!(audit_policy & AUDIT_PERZONE) && !INGLOBALZONE(curproc))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1103	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1104
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1105	kctx = GET_KCTX_NGZ;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1106
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1107	if (copyin(data, &event, sizeof (au_evclass_map_t)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1108	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1109
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1110	if (event.ec_number > MAX_KEVENTS)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1111	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1112
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1113	kctx->auk_ets[event.ec_number] = event.ec_class;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1114
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1115	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1116	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1117
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1118	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1119	getpinfo(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1120	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1121	STRUCT_DECL(auditpinfo, apinfo);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1122	proc_t *proc;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1123	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1124	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1125	cred_t cr, newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1126
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1127	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1128	STRUCT_INIT(apinfo, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1129
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1130	if (copyin(data, STRUCT_BUF(apinfo), STRUCT_SIZE(apinfo)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1131	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1132
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1133	newcred = cralloc();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1134
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1135	mutex_enter(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1136	if ((proc = prfind(STRUCT_FGET(apinfo, ap_pid))) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1137	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1138	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1139	return (ESRCH); /* no such process */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1140	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1141	mutex_enter(&proc->p_lock); /* so process doesn't go away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1142	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1143
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1144	audit_update_context(proc, newcred); /* make sure it's up-to-date */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1145
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1146	mutex_enter(&proc->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1147	crhold(cr = proc->p_cred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1148	mutex_exit(&proc->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1149	mutex_exit(&proc->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1150
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1151	ainfo = crgetauinfo(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1152	if (ainfo == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1153	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1154	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1155	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1156
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1157	/* designated process has an ipv6 address? */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1158	if (ainfo->ai_termid.at_type == AU_IPv6) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1159	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1160	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1161	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1162
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1163	STRUCT_FSET(apinfo, ap_auid, ainfo->ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1164	STRUCT_FSET(apinfo, ap_asid, ainfo->ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1165	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1166	if (model == DATAMODEL_ILP32) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1167	dev32_t dev;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1168	/* convert internal 64 bit form to 32 bit version */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1169	if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1170	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1171	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1172	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1173	STRUCT_FSET(apinfo, ap_termid.port, dev);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1174	} else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1175	STRUCT_FSET(apinfo, ap_termid.port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1176	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1177	STRUCT_FSET(apinfo, ap_termid.port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1178	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1179	STRUCT_FSET(apinfo, ap_termid.machine, ainfo->ai_termid.at_addr[0]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1180	STRUCT_FSET(apinfo, ap_mask, ainfo->ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1181
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1182	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1183
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1184	if (copyout(STRUCT_BUF(apinfo), data, STRUCT_SIZE(apinfo)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1185	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1186
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1187	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1188	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1189
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1190	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1191	getpinfo_addr(caddr_t data, int len)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1192	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1193	STRUCT_DECL(auditpinfo_addr, apinfo);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1194	proc_t *proc;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1195	const auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1196	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1197	cred_t cr, newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1198
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1199	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1200	STRUCT_INIT(apinfo, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1201
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1202	if (len < STRUCT_SIZE(apinfo))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1203	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1204
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1205	if (copyin(data, STRUCT_BUF(apinfo), STRUCT_SIZE(apinfo)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1206	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1207
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1208	newcred = cralloc();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1209
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1210	mutex_enter(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1211	if ((proc = prfind(STRUCT_FGET(apinfo, ap_pid))) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1212	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1213	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1214	return (ESRCH);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1215	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1216	mutex_enter(&proc->p_lock); /* so process doesn't go away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1217	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1218
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1219	audit_update_context(proc, newcred); /* make sure it's up-to-date */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1220
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1221	mutex_enter(&proc->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1222	crhold(cr = proc->p_cred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1223	mutex_exit(&proc->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1224	mutex_exit(&proc->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1225
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1226	ainfo = crgetauinfo(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1227	if (ainfo == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1228	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1229	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1230	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1231
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1232	STRUCT_FSET(apinfo, ap_auid, ainfo->ai_auid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1233	STRUCT_FSET(apinfo, ap_asid, ainfo->ai_asid);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1234	#ifdef _LP64
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1235	if (model == DATAMODEL_ILP32) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1236	dev32_t dev;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1237	/* convert internal 64 bit form to 32 bit version */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1238	if (cmpldev(&dev, ainfo->ai_termid.at_port) == 0) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1239	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1240	return (EOVERFLOW);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1241	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1242	STRUCT_FSET(apinfo, ap_termid.at_port, dev);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1243	} else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1244	STRUCT_FSET(apinfo, ap_termid.at_port,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1245	ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1246	#else
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1247	STRUCT_FSET(apinfo, ap_termid.at_port, ainfo->ai_termid.at_port);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1248	#endif
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1249	STRUCT_FSET(apinfo, ap_termid.at_type, ainfo->ai_termid.at_type);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1250	STRUCT_FSET(apinfo, ap_termid.at_addr[0], ainfo->ai_termid.at_addr[0]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1251	STRUCT_FSET(apinfo, ap_termid.at_addr[1], ainfo->ai_termid.at_addr[1]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1252	STRUCT_FSET(apinfo, ap_termid.at_addr[2], ainfo->ai_termid.at_addr[2]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1253	STRUCT_FSET(apinfo, ap_termid.at_addr[3], ainfo->ai_termid.at_addr[3]);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1254	STRUCT_FSET(apinfo, ap_mask, ainfo->ai_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1255
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1256	crfree(cr);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1257
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1258	if (copyout(STRUCT_BUF(apinfo), data, STRUCT_SIZE(apinfo)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1259	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1260
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1261	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1262	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1263
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1264	static int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1265	setpmask(caddr_t data)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1266	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1267	STRUCT_DECL(auditpinfo, apinfo);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1268	proc_t *proc;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1269	cred_t *newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1270	auditinfo_addr_t *ainfo;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1271	struct p_audit_data *pad;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1272
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1273	model_t model;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1274
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1275	model = get_udatamodel();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1276	STRUCT_INIT(apinfo, model);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1277
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1278	if (copyin(data, STRUCT_BUF(apinfo), STRUCT_SIZE(apinfo)))
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1279	return (EFAULT);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1280
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1281	mutex_enter(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1282	if ((proc = prfind(STRUCT_FGET(apinfo, ap_pid))) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1283	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1284	return (ESRCH);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1285	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1286	mutex_enter(&proc->p_lock); /* so process doesn't go away */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1287	mutex_exit(&pidlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1288
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1289	newcred = cralloc();
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1290	if ((ainfo = crgetauinfo_modifiable(newcred)) == NULL) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1291	mutex_exit(&proc->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1292	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1293	return (EINVAL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1294	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1295
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1296	mutex_enter(&proc->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1297	crcopy_to(proc->p_cred, newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1298	proc->p_cred = newcred;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1299
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1300	ainfo->ai_mask = STRUCT_FGET(apinfo, ap_mask);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1301
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1302	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1303	* Unlock. No need to broadcast changes via set_proc_pre_sys(),
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1304	* since t_pre_sys is ALWAYS on when audit is enabled... due to
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1305	* syscall auditing.
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1306	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1307	crfree(newcred);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1308	mutex_exit(&proc->p_crlock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1309
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1310	/* Reset flag for any previous pending mask change; this supercedes */
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1311	pad = P2A(proc);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1312	ASSERT(pad != NULL);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1313	mutex_enter(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1314	pad->pad_flags &= ~PAD_SETMASK;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1315	mutex_exit(&(pad->pad_lock));
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1316
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1317	mutex_exit(&proc->p_lock);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1318
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1319	return (0);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1320	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1321
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1322	/*
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1323	* The out of control system call
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1324	* This is audit kitchen sink aka auditadm, aka auditon
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1325	*/
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1326	int
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1327	auditctl(
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1328	int cmd,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1329	caddr_t data,
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1330	int length)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1331	{
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1332	int result;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1333
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1334	switch (cmd) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1335	case A_GETCOND:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1336	case A_GETCAR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1337	case A_GETCLASS:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1338	case A_GETCWD:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1339	case A_GETKAUDIT:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1340	case A_GETKMASK:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1341	case A_GETPINFO:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1342	case A_GETPINFO_ADDR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1343	case A_GETPOLICY:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1344	case A_GETQCTRL:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1345	case A_GETSTAT:
12273 63678502e95e PSARC 2009/377 In-kernel pfexec implementation. Casper H.S. Dik <Casper.Dik@Sun.COM> parents: 11871 diff changeset	1346	if (secpolicy_audit_getattr(CRED(), B_FALSE) != 0)
11861 a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1347	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1348	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1349	default:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1350	if (secpolicy_audit_config(CRED()) != 0)
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1351	return (EPERM);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1352	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1353	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1354
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1355	switch (cmd) {
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1356	case A_GETPOLICY:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1357	result = getpolicy(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1358	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1359	case A_SETPOLICY:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1360	result = setpolicy(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1361	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1362	case A_GETKMASK:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1363	result = getkmask(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1364	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1365	case A_SETKMASK:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1366	result = setkmask(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1367	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1368	case A_GETKAUDIT:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1369	result = getkaudit(data, length);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1370	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1371	case A_SETKAUDIT:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1372	result = setkaudit(data, length);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1373	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1374	case A_GETQCTRL:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1375	result = getqctrl(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1376	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1377	case A_SETQCTRL:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1378	result = setqctrl(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1379	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1380	case A_GETCWD:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1381	result = getcwd(data, length);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1382	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1383	case A_GETCAR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1384	result = getcar(data, length);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1385	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1386	case A_GETSTAT:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1387	result = getstat(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1388	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1389	case A_SETSTAT:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1390	result = setstat(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1391	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1392	case A_SETUMASK:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1393	result = setumask(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1394	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1395	case A_SETSMASK:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1396	result = setsmask(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1397	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1398	case A_GETCOND:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1399	result = getcond(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1400	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1401	case A_SETCOND:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1402	result = setcond(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1403	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1404	case A_GETCLASS:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1405	result = getclass(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1406	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1407	case A_SETCLASS:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1408	result = setclass(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1409	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1410	case A_GETPINFO:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1411	result = getpinfo(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1412	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1413	case A_GETPINFO_ADDR:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1414	result = getpinfo_addr(data, length);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1415	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1416	case A_SETPMASK:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1417	result = setpmask(data);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1418	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1419	default:
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1420	result = EINVAL;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1421	break;
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1422	}
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1423	return (result);
a63258283f8f PSARC/2009/354 Always on / no reboot Solaris Audit Marek Pospisil <Marek.Pospisil@Sun.COM> parents: 11200 diff changeset	1424	}

author	Casper H.S. Dik <Casper.Dik@Sun.COM>
	Wed, 28 Apr 2010 10:01:37 +0200
changeset 12273	63678502e95e
parent 11871	62afedd2e4a5
child 12930	32a41a5f8110
permissions	-rw-r--r--