1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #ifndef _AUDIT_SCF_H
26 #define	_AUDIT_SCF_H
27 
28 #ifdef	__cplusplus
29 extern "C" {
30 #endif
31 
32 /*
33  * auditd smf(7)/libscf(3LIB) interface - set and display audit parameters
34  */
35 
36 #include <audit_plugin.h>
37 #include <bsm/libbsm.h>
38 #include <ctype.h>
39 #include <libintl.h>
40 #include <libscf_priv.h>
41 #include <stdlib.h>
42 #include <strings.h>
43 #include <sys/varargs.h>
44 #include <ucontext.h>
45 #include <zone.h>
46 
47 /* gettext() obfuscation routine for lint */
48 #ifdef __lint
49 #define	gettext(x)	x
50 #endif
51 
52 #ifndef DEBUG
53 #define	DEBUG	0
54 #endif
55 
56 #if DEBUG
57 FILE	*dbfp;		  /* debug file pointer */
58 #define	DPRINT(x)	{ if (dbfp == NULL) dbfp = __auditd_debug_file_open(); \
59 			    (void) fprintf x; (void) fflush(dbfp); }
60 #else	/* ! DEBUG */
61 #define	DPRINT(x)
62 #endif
63 
64 /* Audit subsystem service instances */
65 #define	AUDITD_FMRI	"svc:/system/auditd:default"
66 #define	AUDITSET_FMRI	"svc:/system/auditset:default"
67 
68 /* (ASI) Audit service instance SCF handles - libscf(3LIB) */
69 struct asi_scfhandle {
70 	scf_handle_t		*hndl;	/* base scf handle */
71 	scf_instance_t		*inst;	/* service instance handle */
72 	scf_propertygroup_t	*pgrp;	/* property group handle */
73 	scf_property_t		*prop;	/* property handle */
74 };
75 typedef	struct asi_scfhandle asi_scfhandle_t;
76 
77 struct asi_scfhandle_iter {
78 	scf_iter_t	*pgrp;		/* property group iter handle */
79 	scf_iter_t	*prop;		/* property iter handle */
80 	scf_value_t	*prop_val;	/* property value */
81 };
82 typedef struct asi_scfhandle_iter asi_scfhandle_iter_t;
83 
84 /*
85  * (ASI) Audit service instance (svc:/system/auditd:default) related
86  * configuration parameters.
87  */
88 #define	ASI_PGROUP_POLICY	"policy"
89 struct policy_sw {
90 	char		*policy;
91 	boolean_t	flag;
92 };
93 typedef struct policy_sw policy_sw_t;
94 
95 #define	ASI_PGROUP_QUEUECTRL	"queuectrl"
96 #define	QUEUECTRL_QBUFSZ	"qbufsz"
97 #define	QUEUECTRL_QDELAY	"qdelay"
98 #define	QUEUECTRL_QHIWATER	"qhiwater"
99 #define	QUEUECTRL_QLOWATER	"qlowater"
100 struct scf_qctrl {
101 	uint64_t	scf_qhiwater;
102 	uint64_t	scf_qlowater;
103 	uint64_t	scf_qbufsz;
104 	uint64_t	scf_qdelay;
105 };
106 typedef struct scf_qctrl scf_qctrl_t;
107 
108 #define	ASI_PGROUP_PRESELECTION	"preselection"
109 #define	PRESELECTION_FLAGS	"flags"
110 #define	PRESELECTION_NAFLAGS	"naflags"
111 #define	PRESELECTION_MAXBUF	256		/* max. length of na/flags */
112 
113 /* auditd(8) plugin related well known properties */
114 #define	PLUGIN_ACTIVE		"active"	/* plugin state */
115 #define	PLUGIN_PATH		"path"		/* plugin shared object */
116 #define	PLUGIN_QSIZE		"qsize"		/* plugin queue size */
117 
118 #define	PLUGIN_MAX		256		/* max. amount of plugins */
119 #define	PLUGIN_MAXBUF		256		/* max. length of plugin name */
120 #define	PLUGIN_MAXATT		256		/* max. length of plugin attr */
121 #define	PLUGIN_MAXKEY		256		/* max. length of plugin key */
122 #define	PLUGIN_MAXVAL		256		/* max. length of plugin val */
123 struct scf_plugin_kva_node {
124 	struct scf_plugin_kva_node	*next;
125 	struct scf_plugin_kva_node	*prev;
126 	char				plugin_name[PLUGIN_MAXBUF];
127 	kva_t				*plugin_kva;
128 };
129 typedef struct scf_plugin_kva_node scf_plugin_kva_node_t;
130 
131 /* Boundary checking macros for the queuectrl parameters. */
132 #define	AQ_MINLOW	1
133 #define	CHK_BDRY_QBUFSZ(x)	!((x) < AQ_BUFSZ || (x) > AQ_MAXBUFSZ)
134 #define	CHK_BDRY_QDELAY(x)	!((x) == 0 || (x) > AQ_MAXDELAY)
135 #define	CHK_BDRY_QLOWATER(low, high)	!((low) < AQ_MINLOW || (low) >= (high))
136 #define	CHK_BDRY_QHIWATER(low, high)	!((high) <= (low) || \
137 					    (high) < AQ_LOWATER || \
138 					    (high) > AQ_MAXHIGH)
139 
140 /*
141  * MAX_PROPVECS	maximum number of audit properties that will
142  * 		fit in the uint32_t audit policy mask.
143  */
144 #define	MAX_PROPVECS	32
145 
146 boolean_t do_getflags_scf(char **);
147 boolean_t do_getnaflags_scf(char **);
148 boolean_t do_getpluginconfig_scf(char *, scf_plugin_kva_node_t **);
149 boolean_t do_getpolicy_scf(uint32_t *);
150 boolean_t do_getqbufsz_scf(size_t *);
151 boolean_t do_getqctrl_scf(struct au_qctrl *);
152 boolean_t do_getqdelay_scf(clock_t *);
153 boolean_t do_getqhiwater_scf(size_t *);
154 boolean_t do_getqlowater_scf(size_t *);
155 boolean_t do_setflags_scf(char *);
156 boolean_t do_setnaflags_scf(char *);
157 boolean_t do_setpluginconfig_scf(char *, boolean_t, char *, int);
158 boolean_t do_setpolicy_scf(uint32_t);
159 boolean_t do_setqbufsz_scf(size_t *);
160 boolean_t do_setqctrl_scf(struct au_qctrl *);
161 boolean_t do_setqdelay_scf(clock_t *);
162 boolean_t do_setqhiwater_scf(size_t *);
163 boolean_t do_setqlowater_scf(size_t *);
164 void free_static_att_kva(kva_t *);
165 uint32_t get_policy(char *);
166 boolean_t plugin_avail_scf(const char *);
167 void plugin_kva_ll_free(scf_plugin_kva_node_t *);
168 void prt_error_va(char *, va_list);
169 
170 #ifdef	__cplusplus
171 }
172 #endif
173 
174 #endif	/* _AUDIT_SCF_H */
175