/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
/*
* This file contains the declarations of the various data structures
* used by the auditing module(s).
*/
#ifndef _BSM_AUDIT_H
#define _BSM_AUDIT_H
#ifdef __cplusplus
extern "C" {
#endif
#include <sys/secflags.h>
/*
* Audit conditions, statements reguarding what's to be done with
* audit records. None of the "global state" is returned by an
* auditconfig -getcond call. AUC_NOSPACE no longer seems used.
*/
/* global state */
/* pseudo state used in libbsm */
/* local zone state */
/*
* The user id -2 is never audited - in fact, a setauid(AU_NOAUDITID)
* will turn off auditing.
*/
/*
*/
/*
* Defines for event modifier field
*/
/*
* Some typedefs for the fundamentals
*/
/*
* An audit event mask.
*/
struct au_mask {
};
/*
* The structure of the terminal ID (ipv4)
*/
struct au_tid {
};
#if defined(_SYSCALL32)
struct au_tid32 {
};
#endif
/*
* The structure of the terminal ID (ipv6)
*/
struct au_tid_addr {
};
struct au_port_s {
};
struct au_tid_addr64 {
};
#if defined(_SYSCALL32)
struct au_tid_addr32 {
};
#endif
struct au_ip {
};
/*
* Generic network address structure
*/
struct au_generic_tid {
union {
} gt_adr;
};
/*
* au_generic_tid_t gt_type values
* 0 is reserved for uninitialized data
*/
/*
* at_type values - address length used to identify address type
*/
/*
* Compatability with SunOS 4.x BSM module
*
* New code should not contain audit_state_t,
* au_state_t, nor au_termid as these types
* may go away in future releases.
*
* typedef new-5.x-bsm-name old-4.x-bsm-name
*/
/*
* Opcodes for bsm system calls
*/
/* 23 OBSOLETE */
/* 24 OBSOLETE */
/* 26 OBSOLETE */
/* 27 EOL announced for Sol 10 */
/* 28 OBSOLETE */
/* 30 OBSOLETE */
/* 31 OBSOLETE */
/* 32 OBSOLETE */
/* 33 OBSOLETE */
/* 34 OBSOLETE */
/*
* auditon(2) commands
*/
/*
* Audit Policy parameters (32 bits)
*/
/*
* If AUDIT_GLOBAL changes, corresponding changes are required in
* audit_syscalls.c's setpolicy().
*/
/*
* Kernel audit queue control parameters
*
* audit record recording blocks at hiwater # undelived records
* audit record recording resumes at lowwater # undelivered audit records
* bufsz determines how big the data xfers will be to the audit trail
*/
struct au_qctrl {
};
#if defined(_SYSCALL32)
struct au_qctrl32 {
};
#endif
/*
* default values of hiwater and lowater (note hi > lo)
*/
struct auditinfo {
};
#if defined(_SYSCALL32)
struct auditinfo32 {
};
#endif
struct k_auditinfo_addr {
};
struct auditinfo_addr {
};
struct auditinfo_addr64 {
};
#if defined(_SYSCALL32)
struct auditinfo_addr32 {
};
#endif
struct auditpinfo {
};
#if defined(_SYSCALL32)
struct auditpinfo32 {
};
#endif
struct auditpinfo_addr {
};
#if defined(_SYSCALL32)
struct auditpinfo_addr32 {
};
#endif
struct au_evclass_map {
};
/*
* Audit stat structures (used to be in audit_stat.h
*/
struct audit_stat {
};
/* get kernel audit context dependent on AUDIT_PERZONE policy */
/* get kernel audit context of global zone */
/* get kernel audit context of non-global zone */
/*
* audit token IPC types (shm, sem, msg) [for ipc attribute]
*/
#if defined(_KERNEL)
#ifdef __cplusplus
}
#endif
#include <sys/pathname.h>
#include <c2/audit_door_infc.h>
#include <sys/netstack.h>
#ifdef __cplusplus
extern "C" {
#endif
struct fcntla;
struct t_audit_data;
struct audit_path;
struct priv_set;
struct devplcysys;
struct auditcalls {
long code;
long a1;
long a2;
long a3;
long a4;
long a5;
};
void audit_cryptoadm(int, char *, crypto_mech_name_t *,
void audit_init(void);
void audit_init_module(void);
void audit_newproc(struct proc *);
void audit_pfree(struct proc *);
void audit_thread_create(kthread_id_t);
void audit_thread_free(kthread_id_t);
int, cred_t *);
void audit_anchorpath(struct pathname *, int);
void audit_symlink_create(struct vnode *, char *, char *, int);
int object_is_public(struct vattr *);
void audit_attributes(struct vnode *);
void audit_falloc(struct file *);
void audit_unfalloc(struct file *);
void audit_exit(int, int);
void audit_core_start(int);
void audit_core_finish(int);
unsigned char *, int *, int);
unsigned char, int, int);
void audit_closef(struct file *);
void audit_setf(struct file *, int);
void audit_reboot(void);
void audit_vncreate_start(void);
void audit_setfsat_path(int argnum);
void audit_vncreate_finish(struct vnode *, int);
void audit_enterprom(int);
void audit_exitprom(int);
void audit_finish(unsigned int, unsigned int, int, union rval *);
void audit_async_discard_backend(void *);
void audit_async_done(caddr_t *, int);
void audit_async_drop(caddr_t *, int);
#ifndef AUK_CONTEXT_T
#define AUK_CONTEXT_T
#endif
/* Zone audit context setup routine */
void au_zone_setup(void);
/*
* c2audit module states
*/
uint32_t audit_getstate(void);
int au_zone_getstate(const au_kcontext_t *);
/* The audit mask defining in which case is auditing enabled */
/*
* Get the given zone audit status. zcontext != NULL serves
* as a protection when c2audit module is not loaded.
*/
(audit_active == C2AUDIT_LOADED && \
/*
* Get auditing status
*/
void audit_fixpath(struct audit_path *, int);
void audit_ipc(int, int, void *);
void audit_ipcget(int, void *);
void audit_fdsend(int, struct file *, int);
void audit_fdrecv(int, struct file *);
void audit_priv(int, const struct priv_set *, int);
const secflagdelta_t *);
void audit_devpolicy(int, const struct devplcysys *);
void audit_kssl(int, void *, int);
pid_t);
#endif
#ifdef __cplusplus
}
#endif
#endif /* _BSM_AUDIT_H */