6415509 audit TX code review issues
6415542 audit_allocate TX code review issues
6415563 use of ifdef TSOL TX code review issues
6449278 adt_token.c partial TX code review issues
6449280 uts/common/c2/audit.c partial TX code review issues
--- a/usr/src/cmd/cmd-inet/usr.sbin/in.ftpd/ftpcount.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/cmd/cmd-inet/usr.sbin/in.ftpd/ftpcount.c Mon Jul 24 15:37:46 2006 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 2003 Sun Microsystems, Inc. All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
@@ -33,10 +33,6 @@
****************************************************************************/
#include "config.h"
-#ifdef TSOL
-#include <tsol/priv.h>
-#endif
-
#include <stdio.h>
#include <errno.h>
#include <string.h>
@@ -217,11 +213,6 @@
#else
arg.l_type = F_RDLCK;
arg.l_whence = arg.l_start = arg.l_len = 0;
-#ifdef TSOL
- if (set_effective_priv(PRIV_ON, 1, PRIV_FILE_LOCK) != 0) {
- syslog(LOG_ERR, "Cannot add PRIV_FILE_LOCK to eff. priv. set");
- }
-#endif
while (-1 == fcntl(fd, F_SETLK, &arg)) {
#ifndef NO_PID_SLEEP_MSGS
syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %m");
@@ -230,11 +221,6 @@
sleep(1);
}
#ifndef HAVE_FLOCK
-#ifdef TSOL
- if (set_effective_priv(PRIV_OFF, 1, PRIV_FILE_LOCK) != 0) {
- syslog(LOG_ERR, "Cannot remove PRIV_FILE_LOCK from eff. priv. set");
- }
-#endif
#endif /* HAVE_FLOCK */
}
@@ -255,17 +241,7 @@
#else
arg.l_type = F_UNLCK;
arg.l_whence = arg.l_start = arg.l_len = 0;
-#ifdef TSOL
- if (set_effective_priv(PRIV_ON, 1, PRIV_FILE_LOCK) != 0) {
- syslog(LOG_ERR, "Cannot add PRIV_FILE_LOCK to eff. priv. set");
- }
-#endif
fcntl(fd, F_SETLK, &arg);
-#ifdef TSOL
- if (set_effective_priv(PRIV_OFF, 1, PRIV_FILE_LOCK) != 0) {
- syslog(LOG_ERR, "Cannot remove PRIV_FILE_LOCK from eff. priv. set");
- }
-#endif
#endif /* HAVE_FLOCK */
}
@@ -512,15 +488,6 @@
#endif
#endif
-#ifdef TSOL
-/* Before anything, clear the effective privilege set */
-
- if (set_effective_priv(PRIV_SET, 0) != 0) {
- syslog(LOG_ERR, "ftp[count|who] cannot clear effective privileges!");
- exit(1);
- }
-#endif
-
if ((progname = strrchr(argv[0], '/')))
++progname;
else
--- a/usr/src/cmd/praudit/format.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/cmd/praudit/format.c Mon Jul 24 15:37:46 2006 -0700
@@ -2,9 +2,8 @@
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License"). You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
* CDDL HEADER END
*/
/*
- * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
@@ -1290,10 +1289,8 @@
static struct em_map_ent em_map[] = {
{ (int)PAD_READ, "rd" }, /* data read from object */
{ (int)PAD_WRITE, "wr" }, /* data written to object */
-#ifdef TSOL
{ (int)PAD_SPRIVUSE, "sp" }, /* successfully used priv */
{ (int)PAD_FPRIVUSE, "fp" }, /* failed use of priv */
-#endif
{ (int)PAD_NONATTR, "na" }, /* non-attributable event */
{ (int)PAD_FAILURE, "fe" } /* fail audit event */
};
--- a/usr/src/cmd/smserverd/myaudit.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/cmd/smserverd/myaudit.c Mon Jul 24 15:37:46 2006 -0700
@@ -210,6 +210,8 @@
door_dp->audit_egid,
door_dp->audit_uid, door_dp->audit_gid, door_dp->audit_pid,
door_dp->audit_asid, &door_dp->audit_tid));
+ if (is_system_labeled())
+ (void) au_write(ad, au_to_mylabel());
if (door_dp->audit_policy & AUDIT_GROUP) {
int ng;
@@ -220,10 +222,6 @@
(void) au_write(ad, au_to_newgroups(ng, grplst));
}
}
-
- if (is_system_labeled())
- (void) au_write(ad, au_to_mylabel());
-
if (strlen(door_dp->audit_text) != 0) {
(void) au_write(ad, au_to_text(door_dp->audit_text));
}
--- a/usr/src/lib/libadt_jni/common/adt_jni.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/lib/libadt_jni/common/adt_jni.c Mon Jul 24 15:37:46 2006 -0700
@@ -2,9 +2,8 @@
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License"). You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
@@ -24,7 +23,7 @@
*
* JNI wrapper for adt interface within libbsm
*
- * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
*/
@@ -330,34 +329,3 @@
return (1);
}
-
-#ifdef TSOL
-/*
- * Class: com_sun_audit_AuditSession
- * Method: setSL
- * Signature: ([BLjava/lang/String;)V
- */
-
-/* ARGSUSED */
-JNIEXPORT void JNICALL
-Java_com_sun_audit_AuditSession_setSL(JNIEnv *env, jobject cls,
- jbyteArray jstate, jstring jlabel) {
-
- adt_session_data_t *state;
- const char *label;
-
- if (j2c_pointer(env, jstate, (caddr_t *)&state))
- return; /* j2c_pointer threw exception */
-
- if (state == NULL)
- return; /* invalid session */
-
- label = (*env)->GetStringUTFChars(env, jlabel, NULL);
-
- if (adt_put_slabel(state, (char *)label))
- local_throw(env, "java/lang/Exception", errno_to_i18n(errno));
-
- (*env)->ReleaseStringUTFChars(env, jlabel, label);
-}
-
-#endif /* TSOL */
--- a/usr/src/lib/libbsm/adt_record.dtd.1 Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/lib/libbsm/adt_record.dtd.1 Mon Jul 24 15:37:46 2006 -0700
@@ -79,14 +79,12 @@
arbitrary |
argument |
attribute |
- clearance |
cmd |
exit |
exec_args |
exec_env |
fmri |
group |
- information_label |
ip |
ip_address |
IPC |
@@ -140,7 +138,7 @@
first token (which is the record token):
(tokens),subject,group,(tokens),return,sequence,host
-(all tokens after the record token are optional; host is TSOL only.)
+(all tokens after the record token are optional; the host token is unused.)
-->
<!ELEMENT record (
@@ -270,9 +268,6 @@
count CDATA #REQUIRED
>
-<!-- clearance token -->
-<!ELEMENT clearance (#PCDATA)>
-
<!-- privilege token -->
<!ELEMENT privilege (#PCDATA)>
<!ATTLIST privilege
@@ -288,9 +283,6 @@
<!-- sensitivity_label token -->
<!ELEMENT sensitivity_label (#PCDATA)>
-<!-- information_label token -->
-<!ELEMENT information_label (#PCDATA)>
-
<!-- use_of_authorization token -->
<!ELEMENT use_of_authorization (#PCDATA)>
--- a/usr/src/lib/libbsm/adt_record.xsl.1 Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/lib/libbsm/adt_record.xsl.1 Mon Jul 24 15:37:46 2006 -0700
@@ -262,11 +262,6 @@
<xsl:value-of select="."/>
</xsl:template>
-<xsl:template match="clearance">
- <BR/>
- <I>CLEARANCE: </I> <xsl:value-of select="."/>
-</xsl:template>
-
<xsl:template match="privilege">
<BR/>
<I>PRIVILEGE: </I>
@@ -288,11 +283,6 @@
<I>SENSITIVITY_LABEL: </I> <xsl:value-of select="."/>
</xsl:template>
-<xsl:template match="information_label">
- <BR/>
- <I>INFORMATION_LABEL: </I> <xsl:value-of select="."/>
-</xsl:template>
-
<xsl:template match="use_of_authorization">
<BR/>
<I>USE_OF_AUTHORIZATION: </I> <xsl:value-of select="."/>
--- a/usr/src/lib/libbsm/common/adt_token.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/lib/libbsm/common/adt_token.c Mon Jul 24 15:37:46 2006 -0700
@@ -504,10 +504,9 @@
}
/*
- * generate a subject token and, depending on audit policy, a
- * group token. For TSOL, this is probably the right place
- * to generate a label token. Alternatively, a TSOL token could
- * be defined in adt.xml with 'opt="none".
+ * Generate subject information.
+ * If labels are present, generate the subject label token.
+ * If the group audit policy is set, generate the subject group token.
*
* The required flag does not apply here.
*
@@ -533,6 +532,8 @@
sp->as_euid, sp->as_egid, sp->as_ruid, sp->as_rgid,
getpid(), sp->as_info.ai_asid,
&(sp->as_info.ai_termid)));
+ if (is_system_labeled())
+ (void) au_write(event->ae_event_handle, au_to_mylabel());
/*
* If AUDIT_GROUP is set, a groups token must be output.
* In a session model, the groups list is undefined, so output an
@@ -554,9 +555,6 @@
au_to_newgroups(0, grouplist));
}
}
-
- if (is_system_labeled())
- (void) au_write(event->ae_event_handle, au_to_mylabel());
}
/*
--- a/usr/src/lib/libbsm/common/audit_allocate.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/lib/libbsm/common/audit_allocate.c Mon Jul 24 15:37:46 2006 -0700
@@ -125,6 +125,8 @@
return (0);
(void) au_write(ad, au_to_me()); /* add subject token */
+ if (is_system_labeled())
+ (void) au_write(ad, au_to_mylabel());
if (policy & AUDIT_GROUP) { /* add optional group token */
(void) memset(grplst, 0, sizeof (grplst));
@@ -136,8 +138,6 @@
}
(void) au_write(ad, au_to_newgroups(ng, grplst));
}
- if (is_system_labeled())
- (void) au_write(ad, au_to_mylabel());
if (status)
(void) au_write(ad, au_to_exit(status, -1));
--- a/usr/src/uts/common/c2/audit.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/uts/common/c2/audit.c Mon Jul 24 15:37:46 2006 -0700
@@ -63,7 +63,6 @@
#include <sys/devpolicy.h>
#include <sys/crypto/ioctladmin.h>
#include <inet/kssl/kssl.h>
-#include <sys/tsol/label.h>
static void add_return_token(caddr_t *, unsigned int scid, int err, int rval);
@@ -916,17 +915,10 @@
ASSERT(ainfo != NULL);
/*
- * Add a subject token (no locks since our private copy of
+ * Add subject information (no locks since our private copy of
* credential
*/
- AUDIT_SETSUBJ(&(u_ad), cr, ainfo);
-
- /* Add an optional group token */
- AUDIT_SETGROUP(&(u_ad), cr, kctx);
-
- /* Add slabel token */
- if (is_system_labeled())
- au_write(&(u_ad), au_to_label(CR_SL(cr)));
+ AUDIT_SETSUBJ(&(u_ad), cr, ainfo, kctx);
/* Add a return token (should use f argument) */
add_return_token((caddr_t *)&(u_ad), tad->tad_scid, 0, 0);
@@ -1135,15 +1127,8 @@
audit_sec_attributes((caddr_t *)&(ad), vp);
}
- /* Add a subject token */
- AUDIT_SETSUBJ((caddr_t *)&(ad), cr, ainfo);
-
- /* add an optional group token */
- AUDIT_SETGROUP((caddr_t *)&(ad), cr, kctx);
-
- /* add slabel token */
- if (is_system_labeled())
- au_write((caddr_t *)&(ad), au_to_label(CR_SL(cr)));
+ /* Add subject information */
+ AUDIT_SETSUBJ((caddr_t *)&(ad), cr, ainfo, kctx);
/* add a return token */
add_return_token((caddr_t *)&(ad), tad->tad_scid, 0, 0);
@@ -1333,14 +1318,8 @@
if (ainfo == NULL)
return;
- AUDIT_SETSUBJ(&(u_ad), cr, ainfo);
-
- /* add an optional group token */
- AUDIT_SETGROUP(&(u_ad), cr, kctx);
-
- /* add slabel token */
- if (is_system_labeled())
- au_uwrite(au_to_label(CR_SL(cr)));
+ /* Add subject information */
+ AUDIT_SETSUBJ(&(u_ad), cr, ainfo, kctx);
/* add a return token */
add_return_token((caddr_t *)&(u_ad), tad->tad_scid, 0, 0);
@@ -2169,15 +2148,8 @@
if (audit_success(kctx, tad, error) != AU_OK)
return;
- /* Add a subject token */
- AUDIT_SETSUBJ((caddr_t *)&(ad), cr, ainfo);
-
- /* add an optional group token */
- AUDIT_SETGROUP((caddr_t *)&(ad), cr, kctx);
-
- /* add slabel token */
- if (is_system_labeled())
- au_write((caddr_t *)&ad, au_to_label(CR_SL(cr)));
+ /* Add subject information */
+ AUDIT_SETSUBJ((caddr_t *)&(ad), cr, ainfo, kctx);
switch (cmd) {
case CRYPTO_LOAD_DEV_DISABLED:
@@ -2322,15 +2294,8 @@
if (audit_success(kctx, tad, error) != AU_OK)
return;
- /* Add a subject token */
- AUDIT_SETSUBJ((caddr_t *)&ad, cr, ainfo);
-
- /* add an optional group token */
- AUDIT_SETGROUP((caddr_t *)&ad, cr, kctx);
-
- /* Add slabel token */
- if (is_system_labeled())
- au_write(&(u_ad), au_to_label(CR_SL(cr)));
+ /* Add subject information */
+ AUDIT_SETSUBJ((caddr_t *)&ad, cr, ainfo, kctx);
switch (cmd) {
case KSSL_ADD_ENTRY: {
--- a/usr/src/uts/common/c2/audit.h Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/uts/common/c2/audit.h Mon Jul 24 15:37:46 2006 -0700
@@ -275,14 +275,8 @@
#define AUDIT_PUBLIC 0x0800 /* audit even "public" files */
#define AUDIT_ZONENAME 0x1000 /* emit zonename token */
#define AUDIT_PERZONE 0x2000 /* auditd and audit queue for each zone */
-
-/*
- * These next (WINDATA*) are used by TSOL. Although per-zone audit is not
- * used with TSOL, these policies still make sense to be categorized as
- * "local".
- */
-#define AUDIT_WINDATA_DOWN 0x00010000 /* include downgraded data */
-#define AUDIT_WINDATA_UP 0x00020000 /* include upgraded data */
+#define AUDIT_WINDATA_DOWN 0x4000 /* include paste downgraded data */
+#define AUDIT_WINDATA_UP 0x8000 /* include paste upgraded data */
/*
* If AUDIT_GLOBAL changes, corresponding changes are required in
--- a/usr/src/uts/common/c2/audit_kernel.h Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/uts/common/c2/audit_kernel.h Mon Jul 24 15:37:46 2006 -0700
@@ -2,9 +2,8 @@
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License"). You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
* CDDL HEADER END
*/
/*
- * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
@@ -38,6 +37,8 @@
#include <sys/taskq.h>
#include <sys/zone.h>
+#include <sys/tsol/label.h>
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -383,23 +384,21 @@
#endif
/*
- * Macros for repeated token generation operations
+ * Macro for uniform "subject" token(s) generation
*/
-#define AUDIT_SETSUBJ(u, c, a) \
- au_write(u, au_to_subject( \
- crgetuid(c), \
- crgetgid(c), \
- crgetruid(c), \
- crgetrgid(c), \
- curproc->p_pid, \
- a->ai_auid, \
- a->ai_asid, \
- &(a->ai_termid)))
-
-#define AUDIT_SETGROUP(u, c, k) \
- if (k->auk_policy & AUDIT_GROUP) \
- au_write(u, au_to_groups( \
- crgetgroups(c), \
+#define AUDIT_SETSUBJ(u, c, a, k) \
+ au_write((u), \
+ au_to_subject(crgetuid(c), \
+ crgetgid(c), crgetruid(c), \
+ crgetrgid(c), curproc->p_pid, \
+ (a)->ai_auid, (a)->ai_asid, \
+ &((a)->ai_termid))); \
+ if (is_system_labeled()) \
+ au_write((u), \
+ au_to_label(CR_SL((c)))); \
+ if ((k)->auk_policy & AUDIT_GROUP) \
+ au_write((u), \
+ au_to_groups(crgetgroups(c),\
crgetngroups(c)))
/*
--- a/usr/src/uts/common/c2/audit_record.h Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/uts/common/c2/audit_record.h Mon Jul 24 15:37:46 2006 -0700
@@ -55,11 +55,7 @@
* SunOS 5.7
*/
-#ifdef TSOL
-#define TOKEN_VERSION 4
-#else /* !TSOL */
#define TOKEN_VERSION 2
-#endif /* TSOL */
/*
* Audit record token type codes
@@ -114,9 +110,9 @@
#define AUT_IPC_PERM ((char)0x32)
#define AUT_LABEL ((char)0x33)
#define AUT_GROUPS ((char)0x34)
-#define AUT_ILABEL ((char)0x35)
-#define AUT_SLABEL ((char)0x36)
-#define AUT_CLEAR ((char)0x37)
+/*
+ * 0x35, 0x36, 0x37 unused
+ */
#define AUT_PRIV ((char)0x38)
#define AUT_UPRIV ((char)0x39)
#define AUT_LIAISON ((char)0x3A)
@@ -737,7 +733,7 @@
extern token_t *au_to_return32(char, uint32_t);
extern token_t *au_to_return64(char, uint64_t);
extern token_t *au_to_seq(int);
-extern token_t *au_to_label(bslabel_t *);
+extern token_t *au_to_label(m_label_t *);
extern token_t *au_to_socket(struct oldsocket *);
extern token_t *au_to_socket_ex(short, short,
struct sockaddr *, struct sockaddr *);
--- a/usr/src/uts/common/c2/audit_start.c Mon Jul 24 13:52:59 2006 -0700
+++ b/usr/src/uts/common/c2/audit_start.c Mon Jul 24 15:37:46 2006 -0700
@@ -43,7 +43,6 @@
#include <sys/debug.h>
#include <sys/cred_impl.h>
#include <sys/zone.h>
-#include <sys/tsol/label.h>
#include <c2/audit.h>
#include <c2/audit_kernel.h>
#include <c2/audit_kevents.h>
@@ -422,15 +421,8 @@
ASSERT(ainfo != NULL);
- /* Add a subject token */
- AUDIT_SETSUBJ(&(u_ad), cr, ainfo);
-
- /* Add an optional group token */
- AUDIT_SETGROUP(&(u_ad), cr, kctx);
-
- /* Add token for process SL */
- if (is_system_labeled())
- au_write(&(u_ad), au_to_label(CR_SL(cr)));
+ /* Add subject information */
+ AUDIT_SETSUBJ(&(u_ad), cr, ainfo, kctx);
if (tad->tad_evmod & PAD_SPRIVUSE)
au_write(&(u_ad),