17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*a7746f66Stz * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate /* 297c478bd9Sstevel@tonic-gate * Token processing for auditreduce. 307c478bd9Sstevel@tonic-gate */ 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate #include <locale.h> 337c478bd9Sstevel@tonic-gate #include <sys/zone.h> 347c478bd9Sstevel@tonic-gate #include "auditr.h" 357c478bd9Sstevel@tonic-gate #include "toktable.h" 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate extern int re_exec2(char *); 387c478bd9Sstevel@tonic-gate 397c478bd9Sstevel@tonic-gate static void anchor_path(char *path); 407c478bd9Sstevel@tonic-gate static char *collapse_path(char *s); 417c478bd9Sstevel@tonic-gate static void get_string(adr_t *adr, char **p); 427c478bd9Sstevel@tonic-gate static int ipc_type_match(int flag, char type); 437c478bd9Sstevel@tonic-gate static void skip_string(adr_t *adr); 447c478bd9Sstevel@tonic-gate static int xgeneric(adr_t *adr); 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate #if AUDIT_REC 477c478bd9Sstevel@tonic-gate void 487c478bd9Sstevel@tonic-gate print_id(int id) 497c478bd9Sstevel@tonic-gate { 507c478bd9Sstevel@tonic-gate char *suffix; 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate if ((id < 0) || (id > MAXTOKEN) || 537c478bd9Sstevel@tonic-gate (tokentable[id].func == NOFUNC)) { 547c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 557c478bd9Sstevel@tonic-gate "token_processing: token %d not found\n", id); 567c478bd9Sstevel@tonic-gate return; 577c478bd9Sstevel@tonic-gate } 587c478bd9Sstevel@tonic-gate 597c478bd9Sstevel@tonic-gate switch (id) { 607c478bd9Sstevel@tonic-gate case AUT_NEWGROUPS: 617c478bd9Sstevel@tonic-gate suffix = "_new"; 627c478bd9Sstevel@tonic-gate break; 637c478bd9Sstevel@tonic-gate case AUT_ATTR32: 647c478bd9Sstevel@tonic-gate suffix = "32"; 657c478bd9Sstevel@tonic-gate break; 667c478bd9Sstevel@tonic-gate case AUT_ARG64: 677c478bd9Sstevel@tonic-gate case AUT_RETURN64: 687c478bd9Sstevel@tonic-gate case AUT_ATTR64: 697c478bd9Sstevel@tonic-gate case AUT_HEADER64: 707c478bd9Sstevel@tonic-gate case AUT_SUBJECT64: 717c478bd9Sstevel@tonic-gate case AUT_PROCESS64: 727c478bd9Sstevel@tonic-gate case AUT_OTHER_FILE64: 737c478bd9Sstevel@tonic-gate suffix = "64"; 747c478bd9Sstevel@tonic-gate break; 757c478bd9Sstevel@tonic-gate case AUT_SOCKET_EX: 767c478bd9Sstevel@tonic-gate case AUT_IN_ADDR_EX: 777c478bd9Sstevel@tonic-gate suffix = "_ex"; 787c478bd9Sstevel@tonic-gate break; 797c478bd9Sstevel@tonic-gate case AUT_HEADER32_EX: 807c478bd9Sstevel@tonic-gate case AUT_SUBJECT32_EX: 817c478bd9Sstevel@tonic-gate case AUT_PROCESS32_EX: 827c478bd9Sstevel@tonic-gate suffix = "32_ex"; 837c478bd9Sstevel@tonic-gate break; 847c478bd9Sstevel@tonic-gate case AUT_HEADER64_EX: 857c478bd9Sstevel@tonic-gate case AUT_SUBJECT64_EX: 867c478bd9Sstevel@tonic-gate case AUT_PROCESS64_EX: 877c478bd9Sstevel@tonic-gate suffix = "64_ex"; 887c478bd9Sstevel@tonic-gate break; 897c478bd9Sstevel@tonic-gate default: 907c478bd9Sstevel@tonic-gate suffix = ""; 917c478bd9Sstevel@tonic-gate break; 927c478bd9Sstevel@tonic-gate } 937c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "token_processing: %s%s\n", 947c478bd9Sstevel@tonic-gate tokentable[id].t_name, suffix); 957c478bd9Sstevel@tonic-gate } 967c478bd9Sstevel@tonic-gate #endif /* AUDIT_REC */ 977c478bd9Sstevel@tonic-gate 987c478bd9Sstevel@tonic-gate /* 997c478bd9Sstevel@tonic-gate * Process a token in a record to determine whether the record is interesting. 1007c478bd9Sstevel@tonic-gate */ 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate int 1037c478bd9Sstevel@tonic-gate token_processing(adr_t *adr, int tokenid) 1047c478bd9Sstevel@tonic-gate { 1057c478bd9Sstevel@tonic-gate if ((tokenid > 0) && (tokenid <= MAXTOKEN) && 1067c478bd9Sstevel@tonic-gate (tokentable[tokenid].func != NOFUNC)) { 1077c478bd9Sstevel@tonic-gate #if AUDIT_REC 1087c478bd9Sstevel@tonic-gate print_id(tokenid); 1097c478bd9Sstevel@tonic-gate #endif /* AUDIT_REC */ 1107c478bd9Sstevel@tonic-gate return ((*tokentable[tokenid].func)(adr)); 1117c478bd9Sstevel@tonic-gate } 1127c478bd9Sstevel@tonic-gate 1137c478bd9Sstevel@tonic-gate /* here if token id is not in table */ 1147c478bd9Sstevel@tonic-gate return (-2); 1157c478bd9Sstevel@tonic-gate } 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate 1187c478bd9Sstevel@tonic-gate /* There should not be any file or header tokens in the middle of a record */ 1197c478bd9Sstevel@tonic-gate 1207c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1217c478bd9Sstevel@tonic-gate int 1227c478bd9Sstevel@tonic-gate file_token(adr_t *adr) 1237c478bd9Sstevel@tonic-gate { 1247c478bd9Sstevel@tonic-gate return (-2); 1257c478bd9Sstevel@tonic-gate } 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1287c478bd9Sstevel@tonic-gate int 1297c478bd9Sstevel@tonic-gate file64_token(adr_t *adr) 1307c478bd9Sstevel@tonic-gate { 1317c478bd9Sstevel@tonic-gate return (-2); 1327c478bd9Sstevel@tonic-gate } 1337c478bd9Sstevel@tonic-gate 1347c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1357c478bd9Sstevel@tonic-gate int 1367c478bd9Sstevel@tonic-gate header_token(adr_t *adr) 1377c478bd9Sstevel@tonic-gate { 1387c478bd9Sstevel@tonic-gate return (-2); 1397c478bd9Sstevel@tonic-gate } 1407c478bd9Sstevel@tonic-gate 1417c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1427c478bd9Sstevel@tonic-gate int 1437c478bd9Sstevel@tonic-gate header32_ex_token(adr_t *adr) 1447c478bd9Sstevel@tonic-gate { 1457c478bd9Sstevel@tonic-gate return (-2); 1467c478bd9Sstevel@tonic-gate } 1477c478bd9Sstevel@tonic-gate 1487c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1497c478bd9Sstevel@tonic-gate int 1507c478bd9Sstevel@tonic-gate header64_ex_token(adr_t *adr) 1517c478bd9Sstevel@tonic-gate { 1527c478bd9Sstevel@tonic-gate return (-2); 1537c478bd9Sstevel@tonic-gate } 1547c478bd9Sstevel@tonic-gate 1557c478bd9Sstevel@tonic-gate /* ARGSUSED */ 1567c478bd9Sstevel@tonic-gate int 1577c478bd9Sstevel@tonic-gate header64_token(adr_t *adr) 1587c478bd9Sstevel@tonic-gate { 1597c478bd9Sstevel@tonic-gate return (-2); 1607c478bd9Sstevel@tonic-gate } 1617c478bd9Sstevel@tonic-gate 1627c478bd9Sstevel@tonic-gate 1637c478bd9Sstevel@tonic-gate /* 1647c478bd9Sstevel@tonic-gate * ====================================================== 1657c478bd9Sstevel@tonic-gate * The following token processing routines return 1667c478bd9Sstevel@tonic-gate * -1: if the record is not interesting 1677c478bd9Sstevel@tonic-gate * -2: if an error is found 1687c478bd9Sstevel@tonic-gate * ====================================================== 1697c478bd9Sstevel@tonic-gate */ 1707c478bd9Sstevel@tonic-gate 1717c478bd9Sstevel@tonic-gate int 1727c478bd9Sstevel@tonic-gate trailer_token(adr_t *adr) 1737c478bd9Sstevel@tonic-gate { 1747c478bd9Sstevel@tonic-gate short magic_number; 1757c478bd9Sstevel@tonic-gate uint32_t bytes; 1767c478bd9Sstevel@tonic-gate 1777c478bd9Sstevel@tonic-gate adrm_u_short(adr, (ushort_t *)&magic_number, 1); 1787c478bd9Sstevel@tonic-gate if (magic_number != AUT_TRAILER_MAGIC) { 1797c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s\n", 180*a7746f66Stz gettext("auditreduce: Bad trailer token")); 1817c478bd9Sstevel@tonic-gate return (-2); 1827c478bd9Sstevel@tonic-gate } 1837c478bd9Sstevel@tonic-gate adrm_u_int32(adr, &bytes, 1); 1847c478bd9Sstevel@tonic-gate 1857c478bd9Sstevel@tonic-gate return (-1); 1867c478bd9Sstevel@tonic-gate } 1877c478bd9Sstevel@tonic-gate 1887c478bd9Sstevel@tonic-gate 1897c478bd9Sstevel@tonic-gate /* 1907c478bd9Sstevel@tonic-gate * Format of arbitrary data token: 1917c478bd9Sstevel@tonic-gate * arbitrary data token id adr char 1927c478bd9Sstevel@tonic-gate * how to print adr_char 1937c478bd9Sstevel@tonic-gate * basic unit adr_char 1947c478bd9Sstevel@tonic-gate * unit count adr_char, specifying number of units of 1957c478bd9Sstevel@tonic-gate * data items depends on basic unit 1967c478bd9Sstevel@tonic-gate * 1977c478bd9Sstevel@tonic-gate */ 1987c478bd9Sstevel@tonic-gate int 1997c478bd9Sstevel@tonic-gate arbitrary_data_token(adr_t *adr) 2007c478bd9Sstevel@tonic-gate { 2017c478bd9Sstevel@tonic-gate int i; 2027c478bd9Sstevel@tonic-gate char c1; 2037c478bd9Sstevel@tonic-gate short c2; 2047c478bd9Sstevel@tonic-gate int32_t c3; 2057c478bd9Sstevel@tonic-gate int64_t c4; 2067c478bd9Sstevel@tonic-gate char how_to_print, basic_unit, unit_count; 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate /* get how_to_print, basic_unit, and unit_count */ 2097c478bd9Sstevel@tonic-gate adrm_char(adr, &how_to_print, 1); 2107c478bd9Sstevel@tonic-gate adrm_char(adr, &basic_unit, 1); 2117c478bd9Sstevel@tonic-gate adrm_char(adr, &unit_count, 1); 2127c478bd9Sstevel@tonic-gate for (i = 0; i < unit_count; i++) { 2137c478bd9Sstevel@tonic-gate switch (basic_unit) { 2147c478bd9Sstevel@tonic-gate /* case AUR_BYTE: has same value as AUR_CHAR */ 2157c478bd9Sstevel@tonic-gate case AUR_CHAR: 2167c478bd9Sstevel@tonic-gate adrm_char(adr, &c1, 1); 2177c478bd9Sstevel@tonic-gate break; 2187c478bd9Sstevel@tonic-gate case AUR_SHORT: 2197c478bd9Sstevel@tonic-gate adrm_short(adr, &c2, 1); 2207c478bd9Sstevel@tonic-gate break; 2217c478bd9Sstevel@tonic-gate case AUR_INT32: 2227c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&c3, 1); 2237c478bd9Sstevel@tonic-gate break; 2247c478bd9Sstevel@tonic-gate case AUR_INT64: 2257c478bd9Sstevel@tonic-gate adrm_int64(adr, (int64_t *)&c4, 1); 2267c478bd9Sstevel@tonic-gate break; 2277c478bd9Sstevel@tonic-gate default: 2287c478bd9Sstevel@tonic-gate return (-2); 2297c478bd9Sstevel@tonic-gate break; 2307c478bd9Sstevel@tonic-gate } 2317c478bd9Sstevel@tonic-gate } 2327c478bd9Sstevel@tonic-gate return (-1); 2337c478bd9Sstevel@tonic-gate } 2347c478bd9Sstevel@tonic-gate 2357c478bd9Sstevel@tonic-gate 2367c478bd9Sstevel@tonic-gate /* 2377c478bd9Sstevel@tonic-gate * Format of opaque token: 2387c478bd9Sstevel@tonic-gate * opaque token id adr_char 2397c478bd9Sstevel@tonic-gate * size adr_short 2407c478bd9Sstevel@tonic-gate * data adr_char, size times 2417c478bd9Sstevel@tonic-gate * 2427c478bd9Sstevel@tonic-gate */ 2437c478bd9Sstevel@tonic-gate int 2447c478bd9Sstevel@tonic-gate opaque_token(adr_t *adr) 2457c478bd9Sstevel@tonic-gate { 2467c478bd9Sstevel@tonic-gate skip_string(adr); 2477c478bd9Sstevel@tonic-gate return (-1); 2487c478bd9Sstevel@tonic-gate } 2497c478bd9Sstevel@tonic-gate 2507c478bd9Sstevel@tonic-gate 2517c478bd9Sstevel@tonic-gate 2527c478bd9Sstevel@tonic-gate /* 2537c478bd9Sstevel@tonic-gate * Format of return32 value token: 2547c478bd9Sstevel@tonic-gate * return value token id adr_char 2557c478bd9Sstevel@tonic-gate * error number adr_char 2567c478bd9Sstevel@tonic-gate * return value adr_u_int32 2577c478bd9Sstevel@tonic-gate * 2587c478bd9Sstevel@tonic-gate */ 2597c478bd9Sstevel@tonic-gate int 2607c478bd9Sstevel@tonic-gate return_value32_token(adr_t *adr) 2617c478bd9Sstevel@tonic-gate { 2627c478bd9Sstevel@tonic-gate char errnum; 2637c478bd9Sstevel@tonic-gate uint32_t value; 2647c478bd9Sstevel@tonic-gate 2657c478bd9Sstevel@tonic-gate adrm_char(adr, &errnum, 1); 2667c478bd9Sstevel@tonic-gate adrm_u_int32(adr, &value, 1); 2677c478bd9Sstevel@tonic-gate if ((flags & M_SORF) && 268*a7746f66Stz ((global_class & mask.am_success) && (errnum == 0)) || 269*a7746f66Stz ((global_class & mask.am_failure) && (errnum != 0))) { 270*a7746f66Stz checkflags |= M_SORF; 2717c478bd9Sstevel@tonic-gate } 2727c478bd9Sstevel@tonic-gate return (-1); 2737c478bd9Sstevel@tonic-gate } 2747c478bd9Sstevel@tonic-gate 2757c478bd9Sstevel@tonic-gate /* 2767c478bd9Sstevel@tonic-gate * Format of return64 value token: 2777c478bd9Sstevel@tonic-gate * return value token id adr_char 2787c478bd9Sstevel@tonic-gate * error number adr_char 2797c478bd9Sstevel@tonic-gate * return value adr_u_int64 2807c478bd9Sstevel@tonic-gate * 2817c478bd9Sstevel@tonic-gate */ 2827c478bd9Sstevel@tonic-gate int 2837c478bd9Sstevel@tonic-gate return_value64_token(adr_t *adr) 2847c478bd9Sstevel@tonic-gate { 2857c478bd9Sstevel@tonic-gate char errnum; 2867c478bd9Sstevel@tonic-gate uint64_t value; 2877c478bd9Sstevel@tonic-gate 2887c478bd9Sstevel@tonic-gate adrm_char(adr, &errnum, 1); 2897c478bd9Sstevel@tonic-gate adrm_u_int64(adr, &value, 1); 2907c478bd9Sstevel@tonic-gate if ((flags & M_SORF) && 291*a7746f66Stz ((global_class & mask.am_success) && (errnum == 0)) || 292*a7746f66Stz ((global_class & mask.am_failure) && (errnum != 0))) { 293*a7746f66Stz checkflags |= M_SORF; 2947c478bd9Sstevel@tonic-gate } 2957c478bd9Sstevel@tonic-gate return (-1); 2967c478bd9Sstevel@tonic-gate } 2977c478bd9Sstevel@tonic-gate 2987c478bd9Sstevel@tonic-gate 2997c478bd9Sstevel@tonic-gate /* 3007c478bd9Sstevel@tonic-gate * Format of sequence token: 3017c478bd9Sstevel@tonic-gate * sequence token id adr_char 3027c478bd9Sstevel@tonic-gate * audit_count int32_t 3037c478bd9Sstevel@tonic-gate * 3047c478bd9Sstevel@tonic-gate */ 3057c478bd9Sstevel@tonic-gate int 3067c478bd9Sstevel@tonic-gate sequence_token(adr_t *adr) 3077c478bd9Sstevel@tonic-gate { 3087c478bd9Sstevel@tonic-gate int32_t audit_count; 3097c478bd9Sstevel@tonic-gate 3107c478bd9Sstevel@tonic-gate adrm_int32(adr, &audit_count, 1); 3117c478bd9Sstevel@tonic-gate return (-1); 3127c478bd9Sstevel@tonic-gate } 3137c478bd9Sstevel@tonic-gate 3147c478bd9Sstevel@tonic-gate 3157c478bd9Sstevel@tonic-gate /* 3167c478bd9Sstevel@tonic-gate * Format of text token: 3177c478bd9Sstevel@tonic-gate * text token id adr_char 3187c478bd9Sstevel@tonic-gate * text adr_string 3197c478bd9Sstevel@tonic-gate * 3207c478bd9Sstevel@tonic-gate */ 3217c478bd9Sstevel@tonic-gate int 3227c478bd9Sstevel@tonic-gate text_token(adr_t *adr) 3237c478bd9Sstevel@tonic-gate { 3247c478bd9Sstevel@tonic-gate skip_string(adr); 3257c478bd9Sstevel@tonic-gate return (-1); 3267c478bd9Sstevel@tonic-gate } 3277c478bd9Sstevel@tonic-gate 3287c478bd9Sstevel@tonic-gate 3297c478bd9Sstevel@tonic-gate /* 3307c478bd9Sstevel@tonic-gate * Format of ip_addr token: 3317c478bd9Sstevel@tonic-gate * ip token id adr_char 3327c478bd9Sstevel@tonic-gate * address adr_int32 3337c478bd9Sstevel@tonic-gate * 3347c478bd9Sstevel@tonic-gate */ 3357c478bd9Sstevel@tonic-gate int 3367c478bd9Sstevel@tonic-gate ip_addr_token(adr_t *adr) 3377c478bd9Sstevel@tonic-gate { 3387c478bd9Sstevel@tonic-gate int32_t address; 3397c478bd9Sstevel@tonic-gate 3407c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&address, 4); 3417c478bd9Sstevel@tonic-gate 3427c478bd9Sstevel@tonic-gate return (-1); 3437c478bd9Sstevel@tonic-gate } 3447c478bd9Sstevel@tonic-gate 3457c478bd9Sstevel@tonic-gate /* 3467c478bd9Sstevel@tonic-gate * Format of ip_addr_ex token: 3477c478bd9Sstevel@tonic-gate * ip token id adr_char 3487c478bd9Sstevel@tonic-gate * ip type adr_int32 3497c478bd9Sstevel@tonic-gate * address 4*adr_int32 3507c478bd9Sstevel@tonic-gate * 3517c478bd9Sstevel@tonic-gate */ 3527c478bd9Sstevel@tonic-gate int 3537c478bd9Sstevel@tonic-gate ip_addr_ex_token(adr_t *adr) 3547c478bd9Sstevel@tonic-gate { 3557c478bd9Sstevel@tonic-gate int32_t address[4]; 3567c478bd9Sstevel@tonic-gate int32_t type; 3577c478bd9Sstevel@tonic-gate 3587c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&type, 1); 3597c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&address, 4); 3607c478bd9Sstevel@tonic-gate 3617c478bd9Sstevel@tonic-gate return (-1); 3627c478bd9Sstevel@tonic-gate } 3637c478bd9Sstevel@tonic-gate 3647c478bd9Sstevel@tonic-gate /* 3657c478bd9Sstevel@tonic-gate * Format of ip token: 3667c478bd9Sstevel@tonic-gate * ip header token id adr_char 3677c478bd9Sstevel@tonic-gate * version adr_char 3687c478bd9Sstevel@tonic-gate * type of service adr_char 3697c478bd9Sstevel@tonic-gate * length adr_short 3707c478bd9Sstevel@tonic-gate * id adr_u_short 3717c478bd9Sstevel@tonic-gate * offset adr_u_short 3727c478bd9Sstevel@tonic-gate * ttl adr_char 3737c478bd9Sstevel@tonic-gate * protocol adr_char 3747c478bd9Sstevel@tonic-gate * checksum adr_u_short 3757c478bd9Sstevel@tonic-gate * source address adr_int32 3767c478bd9Sstevel@tonic-gate * destination address adr_int32 3777c478bd9Sstevel@tonic-gate * 3787c478bd9Sstevel@tonic-gate */ 3797c478bd9Sstevel@tonic-gate int 3807c478bd9Sstevel@tonic-gate ip_token(adr_t *adr) 3817c478bd9Sstevel@tonic-gate { 3827c478bd9Sstevel@tonic-gate char version; 3837c478bd9Sstevel@tonic-gate char type; 3847c478bd9Sstevel@tonic-gate short len; 3857c478bd9Sstevel@tonic-gate unsigned short id, offset, checksum; 3867c478bd9Sstevel@tonic-gate char ttl, protocol; 3877c478bd9Sstevel@tonic-gate int32_t src, dest; 3887c478bd9Sstevel@tonic-gate 3897c478bd9Sstevel@tonic-gate adrm_char(adr, &version, 1); 3907c478bd9Sstevel@tonic-gate adrm_char(adr, &type, 1); 3917c478bd9Sstevel@tonic-gate adrm_short(adr, &len, 1); 3927c478bd9Sstevel@tonic-gate adrm_u_short(adr, &id, 1); 3937c478bd9Sstevel@tonic-gate adrm_u_short(adr, &offset, 1); 3947c478bd9Sstevel@tonic-gate adrm_char(adr, &ttl, 1); 3957c478bd9Sstevel@tonic-gate adrm_char(adr, &protocol, 1); 3967c478bd9Sstevel@tonic-gate adrm_u_short(adr, &checksum, 1); 3977c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&src, 4); 3987c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&dest, 4); 3997c478bd9Sstevel@tonic-gate 4007c478bd9Sstevel@tonic-gate return (-1); 4017c478bd9Sstevel@tonic-gate } 4027c478bd9Sstevel@tonic-gate 4037c478bd9Sstevel@tonic-gate 4047c478bd9Sstevel@tonic-gate /* 4057c478bd9Sstevel@tonic-gate * Format of iport token: 4067c478bd9Sstevel@tonic-gate * ip port address token id adr_char 4077c478bd9Sstevel@tonic-gate * port address adr_short 4087c478bd9Sstevel@tonic-gate * 4097c478bd9Sstevel@tonic-gate */ 4107c478bd9Sstevel@tonic-gate int 4117c478bd9Sstevel@tonic-gate iport_token(adr_t *adr) 4127c478bd9Sstevel@tonic-gate { 4137c478bd9Sstevel@tonic-gate short address; 4147c478bd9Sstevel@tonic-gate 4157c478bd9Sstevel@tonic-gate adrm_short(adr, &address, 1); 4167c478bd9Sstevel@tonic-gate 4177c478bd9Sstevel@tonic-gate return (-1); 4187c478bd9Sstevel@tonic-gate } 4197c478bd9Sstevel@tonic-gate 4207c478bd9Sstevel@tonic-gate 4217c478bd9Sstevel@tonic-gate /* 4227c478bd9Sstevel@tonic-gate * Format of groups token: 4237c478bd9Sstevel@tonic-gate * group token id adr_char 4247c478bd9Sstevel@tonic-gate * group list adr_int32, 16 times 4257c478bd9Sstevel@tonic-gate * 4267c478bd9Sstevel@tonic-gate */ 4277c478bd9Sstevel@tonic-gate int 4287c478bd9Sstevel@tonic-gate group_token(adr_t *adr) 4297c478bd9Sstevel@tonic-gate { 4307c478bd9Sstevel@tonic-gate int gid[16]; 4317c478bd9Sstevel@tonic-gate int i; 4327c478bd9Sstevel@tonic-gate int flag = 0; 4337c478bd9Sstevel@tonic-gate 4347c478bd9Sstevel@tonic-gate for (i = 0; i < 16; i++) { 4357c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&gid[i], 1); 4367c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 4377c478bd9Sstevel@tonic-gate if ((unsigned short)m_groupr == gid[i]) 4387c478bd9Sstevel@tonic-gate flag = 1; 4397c478bd9Sstevel@tonic-gate } 4407c478bd9Sstevel@tonic-gate } 4417c478bd9Sstevel@tonic-gate 4427c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 4437c478bd9Sstevel@tonic-gate if (flag) 4447c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 4457c478bd9Sstevel@tonic-gate } 4467c478bd9Sstevel@tonic-gate return (-1); 4477c478bd9Sstevel@tonic-gate } 4487c478bd9Sstevel@tonic-gate 4497c478bd9Sstevel@tonic-gate /* 4507c478bd9Sstevel@tonic-gate * Format of newgroups token: 4517c478bd9Sstevel@tonic-gate * group token id adr_char 4527c478bd9Sstevel@tonic-gate * number of groups adr_short 4537c478bd9Sstevel@tonic-gate * group list adr_int32, "number" times 4547c478bd9Sstevel@tonic-gate * 4557c478bd9Sstevel@tonic-gate */ 4567c478bd9Sstevel@tonic-gate int 4577c478bd9Sstevel@tonic-gate newgroup_token(adr_t *adr) 4587c478bd9Sstevel@tonic-gate { 4597c478bd9Sstevel@tonic-gate gid_t gid; 4607c478bd9Sstevel@tonic-gate int i; 4617c478bd9Sstevel@tonic-gate short int number; 4627c478bd9Sstevel@tonic-gate 4637c478bd9Sstevel@tonic-gate adrm_short(adr, &number, 1); 4647c478bd9Sstevel@tonic-gate 4657c478bd9Sstevel@tonic-gate for (i = 0; i < number; i++) { 4667c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&gid, 1); 4677c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 4687c478bd9Sstevel@tonic-gate if (m_groupr == gid) 4697c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 4707c478bd9Sstevel@tonic-gate } 4717c478bd9Sstevel@tonic-gate } 4727c478bd9Sstevel@tonic-gate 4737c478bd9Sstevel@tonic-gate return (-1); 4747c478bd9Sstevel@tonic-gate } 4757c478bd9Sstevel@tonic-gate 4767c478bd9Sstevel@tonic-gate /* 4777c478bd9Sstevel@tonic-gate * Format of argument32 token: 4787c478bd9Sstevel@tonic-gate * argument token id adr_char 4797c478bd9Sstevel@tonic-gate * argument number adr_char 4807c478bd9Sstevel@tonic-gate * argument value adr_int32 4817c478bd9Sstevel@tonic-gate * argument description adr_string 4827c478bd9Sstevel@tonic-gate * 4837c478bd9Sstevel@tonic-gate */ 4847c478bd9Sstevel@tonic-gate int 4857c478bd9Sstevel@tonic-gate argument32_token(adr_t *adr) 4867c478bd9Sstevel@tonic-gate { 4877c478bd9Sstevel@tonic-gate char arg_num; 4887c478bd9Sstevel@tonic-gate int32_t arg_val; 4897c478bd9Sstevel@tonic-gate 4907c478bd9Sstevel@tonic-gate adrm_char(adr, &arg_num, 1); 4917c478bd9Sstevel@tonic-gate adrm_int32(adr, &arg_val, 1); 4927c478bd9Sstevel@tonic-gate skip_string(adr); 4937c478bd9Sstevel@tonic-gate 4947c478bd9Sstevel@tonic-gate return (-1); 4957c478bd9Sstevel@tonic-gate } 4967c478bd9Sstevel@tonic-gate 4977c478bd9Sstevel@tonic-gate /* 4987c478bd9Sstevel@tonic-gate * Format of argument64 token: 4997c478bd9Sstevel@tonic-gate * argument token id adr_char 5007c478bd9Sstevel@tonic-gate * argument number adr_char 5017c478bd9Sstevel@tonic-gate * argument value adr_int64 5027c478bd9Sstevel@tonic-gate * argument description adr_string 5037c478bd9Sstevel@tonic-gate * 5047c478bd9Sstevel@tonic-gate */ 5057c478bd9Sstevel@tonic-gate int 5067c478bd9Sstevel@tonic-gate argument64_token(adr_t *adr) 5077c478bd9Sstevel@tonic-gate { 5087c478bd9Sstevel@tonic-gate char arg_num; 5097c478bd9Sstevel@tonic-gate int64_t arg_val; 5107c478bd9Sstevel@tonic-gate 5117c478bd9Sstevel@tonic-gate adrm_char(adr, &arg_num, 1); 5127c478bd9Sstevel@tonic-gate adrm_int64(adr, &arg_val, 1); 5137c478bd9Sstevel@tonic-gate skip_string(adr); 5147c478bd9Sstevel@tonic-gate 5157c478bd9Sstevel@tonic-gate return (-1); 5167c478bd9Sstevel@tonic-gate } 5177c478bd9Sstevel@tonic-gate 518*a7746f66Stz /* 519*a7746f66Stz * Format of acl token: 520*a7746f66Stz * acl token id adr_char 521*a7746f66Stz * acl type adr_u_int32 522*a7746f66Stz * acl value adr_u_int32 (depends on type) 523*a7746f66Stz * file mode adr_u_int (in octal) 524*a7746f66Stz */ 5257c478bd9Sstevel@tonic-gate int 5267c478bd9Sstevel@tonic-gate acl_token(adr_t *adr) 5277c478bd9Sstevel@tonic-gate { 5287c478bd9Sstevel@tonic-gate 5297c478bd9Sstevel@tonic-gate int32_t id; 5307c478bd9Sstevel@tonic-gate int32_t mode; 5317c478bd9Sstevel@tonic-gate int32_t type; 5327c478bd9Sstevel@tonic-gate 5337c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 5347c478bd9Sstevel@tonic-gate adrm_int32(adr, &id, 1); 5357c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 5367c478bd9Sstevel@tonic-gate 5377c478bd9Sstevel@tonic-gate return (-1); 5387c478bd9Sstevel@tonic-gate } 5397c478bd9Sstevel@tonic-gate 540*a7746f66Stz /* 541*a7746f66Stz * Format of ace token: 542*a7746f66Stz * ace token id adr_char 543*a7746f66Stz * ace who adr_u_int32 (uid/gid) 544*a7746f66Stz * access mask adr_u_int32 545*a7746f66Stz * ace flags adr_u_int16 546*a7746f66Stz * ace type adr_u_int16 547*a7746f66Stz */ 548*a7746f66Stz int 549*a7746f66Stz ace_token(adr_t *adr) 550*a7746f66Stz { 551*a7746f66Stz uid_t who; 552*a7746f66Stz uint32_t access_mask; 553*a7746f66Stz uint16_t flags, type; 554*a7746f66Stz 555*a7746f66Stz adrm_uid(adr, &who, 1); 556*a7746f66Stz adrm_u_int32(adr, &access_mask, 1); 557*a7746f66Stz adrm_u_short(adr, &flags, 1); 558*a7746f66Stz adrm_u_short(adr, &type, 1); 559*a7746f66Stz 560*a7746f66Stz return (-1); 561*a7746f66Stz } 562*a7746f66Stz 5637c478bd9Sstevel@tonic-gate /* 5647c478bd9Sstevel@tonic-gate * Format of attribute token: (old pre SunOS 5.7 format) 5657c478bd9Sstevel@tonic-gate * attribute token id adr_char 5667c478bd9Sstevel@tonic-gate * mode adr_int32 (printed in octal) 5677c478bd9Sstevel@tonic-gate * uid adr_int32 5687c478bd9Sstevel@tonic-gate * gid adr_int32 5697c478bd9Sstevel@tonic-gate * file system id adr_int32 5707c478bd9Sstevel@tonic-gate * node id adr_int32 5717c478bd9Sstevel@tonic-gate * device adr_int32 5727c478bd9Sstevel@tonic-gate * 5737c478bd9Sstevel@tonic-gate */ 5747c478bd9Sstevel@tonic-gate int 5757c478bd9Sstevel@tonic-gate attribute_token(adr_t *adr) 5767c478bd9Sstevel@tonic-gate { 5777c478bd9Sstevel@tonic-gate int32_t dev; 5787c478bd9Sstevel@tonic-gate int32_t file_sysid; 5797c478bd9Sstevel@tonic-gate int32_t gid; 5807c478bd9Sstevel@tonic-gate int32_t mode; 5817c478bd9Sstevel@tonic-gate int32_t nodeid; 5827c478bd9Sstevel@tonic-gate int32_t uid; 5837c478bd9Sstevel@tonic-gate 5847c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 5857c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 5867c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 5877c478bd9Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1); 5887c478bd9Sstevel@tonic-gate adrm_int32(adr, &nodeid, 1); 5897c478bd9Sstevel@tonic-gate adrm_int32(adr, &dev, 1); 5907c478bd9Sstevel@tonic-gate 5917c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 5927c478bd9Sstevel@tonic-gate if (m_usere == uid) 5937c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 5947c478bd9Sstevel@tonic-gate } 5957c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 5967c478bd9Sstevel@tonic-gate if (m_groupe == gid) 5977c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 5987c478bd9Sstevel@tonic-gate } 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 6017c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) && 6027c478bd9Sstevel@tonic-gate (obj_group == gid)) 6037c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6047c478bd9Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) && 6057c478bd9Sstevel@tonic-gate (obj_owner == uid)) 6067c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6077c478bd9Sstevel@tonic-gate } 6087c478bd9Sstevel@tonic-gate return (-1); 6097c478bd9Sstevel@tonic-gate } 6107c478bd9Sstevel@tonic-gate 6117c478bd9Sstevel@tonic-gate /* 6127c478bd9Sstevel@tonic-gate * Format of attribute32 token: 6137c478bd9Sstevel@tonic-gate * attribute token id adr_char 6147c478bd9Sstevel@tonic-gate * mode adr_int32 (printed in octal) 6157c478bd9Sstevel@tonic-gate * uid adr_int32 6167c478bd9Sstevel@tonic-gate * gid adr_int32 6177c478bd9Sstevel@tonic-gate * file system id adr_int32 6187c478bd9Sstevel@tonic-gate * node id adr_int64 6197c478bd9Sstevel@tonic-gate * device adr_int32 6207c478bd9Sstevel@tonic-gate * 6217c478bd9Sstevel@tonic-gate */ 6227c478bd9Sstevel@tonic-gate int 6237c478bd9Sstevel@tonic-gate attribute32_token(adr_t *adr) 6247c478bd9Sstevel@tonic-gate { 6257c478bd9Sstevel@tonic-gate int32_t dev; 6267c478bd9Sstevel@tonic-gate int32_t file_sysid; 6277c478bd9Sstevel@tonic-gate int32_t gid; 6287c478bd9Sstevel@tonic-gate int32_t mode; 6297c478bd9Sstevel@tonic-gate int64_t nodeid; 6307c478bd9Sstevel@tonic-gate int32_t uid; 6317c478bd9Sstevel@tonic-gate 6327c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 6337c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 6347c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 6357c478bd9Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1); 6367c478bd9Sstevel@tonic-gate adrm_int64(adr, &nodeid, 1); 6377c478bd9Sstevel@tonic-gate adrm_int32(adr, &dev, 1); 6387c478bd9Sstevel@tonic-gate 6397c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 6407c478bd9Sstevel@tonic-gate if (m_usere == uid) 6417c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 6427c478bd9Sstevel@tonic-gate } 6437c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 6447c478bd9Sstevel@tonic-gate if (m_groupe == gid) 6457c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 6467c478bd9Sstevel@tonic-gate } 6477c478bd9Sstevel@tonic-gate 6487c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 6497c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) && 6507c478bd9Sstevel@tonic-gate (obj_group == gid)) 6517c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6527c478bd9Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) && 6537c478bd9Sstevel@tonic-gate (obj_owner == uid)) 6547c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 6557c478bd9Sstevel@tonic-gate } 6567c478bd9Sstevel@tonic-gate return (-1); 6577c478bd9Sstevel@tonic-gate } 6587c478bd9Sstevel@tonic-gate 6597c478bd9Sstevel@tonic-gate /* 6607c478bd9Sstevel@tonic-gate * Format of attribute64 token: 6617c478bd9Sstevel@tonic-gate * attribute token id adr_char 6627c478bd9Sstevel@tonic-gate * mode adr_int32 (printed in octal) 6637c478bd9Sstevel@tonic-gate * uid adr_int32 6647c478bd9Sstevel@tonic-gate * gid adr_int32 6657c478bd9Sstevel@tonic-gate * file system id adr_int32 6667c478bd9Sstevel@tonic-gate * node id adr_int64 6677c478bd9Sstevel@tonic-gate * device adr_int64 6687c478bd9Sstevel@tonic-gate * 6697c478bd9Sstevel@tonic-gate */ 6707c478bd9Sstevel@tonic-gate int 6717c478bd9Sstevel@tonic-gate attribute64_token(adr_t *adr) 6727c478bd9Sstevel@tonic-gate { 6737c478bd9Sstevel@tonic-gate int64_t dev; 6747c478bd9Sstevel@tonic-gate int32_t file_sysid; 6757c478bd9Sstevel@tonic-gate int32_t gid; 6767c478bd9Sstevel@tonic-gate int32_t mode; 6777c478bd9Sstevel@tonic-gate int64_t nodeid; 6787c478bd9Sstevel@tonic-gate int32_t uid; 6797c478bd9Sstevel@tonic-gate 6807c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 6817c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 6827c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 6837c478bd9Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1); 6847c478bd9Sstevel@tonic-gate adrm_int64(adr, &nodeid, 1); 6857c478bd9Sstevel@tonic-gate adrm_int64(adr, &dev, 1); 6867c478bd9Sstevel@tonic-gate 6877c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 6887c478bd9Sstevel@tonic-gate if (m_usere == uid) 6897c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 6907c478bd9Sstevel@tonic-gate } 6917c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 6927c478bd9Sstevel@tonic-gate if (m_groupe == gid) 6937c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 6947c478bd9Sstevel@tonic-gate } 6957c478bd9Sstevel@tonic-gate 6967c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 6977c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) && 6987c478bd9Sstevel@tonic-gate (obj_group == gid)) 6997c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 7007c478bd9Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) && 7017c478bd9Sstevel@tonic-gate (obj_owner == uid)) 7027c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 7037c478bd9Sstevel@tonic-gate } 7047c478bd9Sstevel@tonic-gate return (-1); 7057c478bd9Sstevel@tonic-gate } 7067c478bd9Sstevel@tonic-gate 7077c478bd9Sstevel@tonic-gate 7087c478bd9Sstevel@tonic-gate /* 7097c478bd9Sstevel@tonic-gate * Format of command token: 7107c478bd9Sstevel@tonic-gate * attribute token id adr_char 7117c478bd9Sstevel@tonic-gate * argc adr_short 7127c478bd9Sstevel@tonic-gate * argv len adr_short variable amount of argv len 7137c478bd9Sstevel@tonic-gate * argv text argv len and text 7147c478bd9Sstevel@tonic-gate * . 7157c478bd9Sstevel@tonic-gate * . 7167c478bd9Sstevel@tonic-gate * . 7177c478bd9Sstevel@tonic-gate * envp count adr_short variable amount of envp len 7187c478bd9Sstevel@tonic-gate * envp len adr_short and text 7197c478bd9Sstevel@tonic-gate * envp text envp len 7207c478bd9Sstevel@tonic-gate * . 7217c478bd9Sstevel@tonic-gate * . 7227c478bd9Sstevel@tonic-gate * . 7237c478bd9Sstevel@tonic-gate * 7247c478bd9Sstevel@tonic-gate */ 7257c478bd9Sstevel@tonic-gate int 7267c478bd9Sstevel@tonic-gate cmd_token(adr_t *adr) 7277c478bd9Sstevel@tonic-gate { 7287c478bd9Sstevel@tonic-gate short cnt; 7297c478bd9Sstevel@tonic-gate short i; 7307c478bd9Sstevel@tonic-gate 7317c478bd9Sstevel@tonic-gate adrm_short(adr, &cnt, 1); 7327c478bd9Sstevel@tonic-gate 7337c478bd9Sstevel@tonic-gate for (i = 0; i < cnt; i++) 7347c478bd9Sstevel@tonic-gate skip_string(adr); 7357c478bd9Sstevel@tonic-gate 7367c478bd9Sstevel@tonic-gate adrm_short(adr, &cnt, 1); 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate for (i = 0; i < cnt; i++) 7397c478bd9Sstevel@tonic-gate skip_string(adr); 7407c478bd9Sstevel@tonic-gate 7417c478bd9Sstevel@tonic-gate return (-1); 7427c478bd9Sstevel@tonic-gate } 7437c478bd9Sstevel@tonic-gate 7447c478bd9Sstevel@tonic-gate 7457c478bd9Sstevel@tonic-gate /* 7467c478bd9Sstevel@tonic-gate * Format of exit token: 7477c478bd9Sstevel@tonic-gate * attribute token id adr_char 7487c478bd9Sstevel@tonic-gate * return value adr_int32 7497c478bd9Sstevel@tonic-gate * errno adr_int32 7507c478bd9Sstevel@tonic-gate * 7517c478bd9Sstevel@tonic-gate */ 7527c478bd9Sstevel@tonic-gate int 7537c478bd9Sstevel@tonic-gate exit_token(adr_t *adr) 7547c478bd9Sstevel@tonic-gate { 7557c478bd9Sstevel@tonic-gate int32_t retval; 7567c478bd9Sstevel@tonic-gate int32_t errno; 7577c478bd9Sstevel@tonic-gate 7587c478bd9Sstevel@tonic-gate adrm_int32(adr, &retval, 1); 7597c478bd9Sstevel@tonic-gate adrm_int32(adr, &errno, 1); 7607c478bd9Sstevel@tonic-gate return (-1); 7617c478bd9Sstevel@tonic-gate } 7627c478bd9Sstevel@tonic-gate 7637c478bd9Sstevel@tonic-gate /* 7647c478bd9Sstevel@tonic-gate * Format of strings array token: 7657c478bd9Sstevel@tonic-gate * token id adr_char 7667c478bd9Sstevel@tonic-gate * count value adr_int32 7677c478bd9Sstevel@tonic-gate * strings null terminated strings 7687c478bd9Sstevel@tonic-gate */ 7697c478bd9Sstevel@tonic-gate static int 7707c478bd9Sstevel@tonic-gate strings_common_token(adr_t *adr) 7717c478bd9Sstevel@tonic-gate { 7727c478bd9Sstevel@tonic-gate int count, i; 7737c478bd9Sstevel@tonic-gate char c; 7747c478bd9Sstevel@tonic-gate 7757c478bd9Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&count, 1); 7767c478bd9Sstevel@tonic-gate for (i = 1; i <= count; i++) { 7777c478bd9Sstevel@tonic-gate adrm_char(adr, &c, 1); 7787c478bd9Sstevel@tonic-gate while (c != (char)0) 7797c478bd9Sstevel@tonic-gate adrm_char(adr, &c, 1); 7807c478bd9Sstevel@tonic-gate } 7817c478bd9Sstevel@tonic-gate /* no dump option here, since we will have variable length fields */ 7827c478bd9Sstevel@tonic-gate return (-1); 7837c478bd9Sstevel@tonic-gate } 7847c478bd9Sstevel@tonic-gate 7857c478bd9Sstevel@tonic-gate int 7867c478bd9Sstevel@tonic-gate path_attr_token(adr_t *adr) 7877c478bd9Sstevel@tonic-gate { 7887c478bd9Sstevel@tonic-gate return (strings_common_token(adr)); 7897c478bd9Sstevel@tonic-gate } 7907c478bd9Sstevel@tonic-gate 7917c478bd9Sstevel@tonic-gate int 7927c478bd9Sstevel@tonic-gate exec_args_token(adr_t *adr) 7937c478bd9Sstevel@tonic-gate { 7947c478bd9Sstevel@tonic-gate return (strings_common_token(adr)); 7957c478bd9Sstevel@tonic-gate } 7967c478bd9Sstevel@tonic-gate 7977c478bd9Sstevel@tonic-gate int 7987c478bd9Sstevel@tonic-gate exec_env_token(adr_t *adr) 7997c478bd9Sstevel@tonic-gate { 8007c478bd9Sstevel@tonic-gate return (strings_common_token(adr)); 8017c478bd9Sstevel@tonic-gate } 8027c478bd9Sstevel@tonic-gate 8037c478bd9Sstevel@tonic-gate /* 8047c478bd9Sstevel@tonic-gate * Format of liaison token: 8057c478bd9Sstevel@tonic-gate */ 8067c478bd9Sstevel@tonic-gate int 8077c478bd9Sstevel@tonic-gate liaison_token(adr_t *adr) 8087c478bd9Sstevel@tonic-gate { 8097c478bd9Sstevel@tonic-gate int32_t li; 8107c478bd9Sstevel@tonic-gate 8117c478bd9Sstevel@tonic-gate adrm_int32(adr, &li, 1); 8127c478bd9Sstevel@tonic-gate return (-1); 8137c478bd9Sstevel@tonic-gate } 8147c478bd9Sstevel@tonic-gate 8157c478bd9Sstevel@tonic-gate 8167c478bd9Sstevel@tonic-gate /* 8177c478bd9Sstevel@tonic-gate * Format of path token: 8187c478bd9Sstevel@tonic-gate * path adr_string 8197c478bd9Sstevel@tonic-gate */ 8207c478bd9Sstevel@tonic-gate int 8217c478bd9Sstevel@tonic-gate path_token(adr_t *adr) 8227c478bd9Sstevel@tonic-gate { 8237c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_PATH)) { 8247c478bd9Sstevel@tonic-gate char *path; 8257c478bd9Sstevel@tonic-gate 8267c478bd9Sstevel@tonic-gate get_string(adr, &path); 8277c478bd9Sstevel@tonic-gate if (path[0] != '/') 8287c478bd9Sstevel@tonic-gate /* 8297c478bd9Sstevel@tonic-gate * anchor the path. user apps may not do it. 8307c478bd9Sstevel@tonic-gate */ 8317c478bd9Sstevel@tonic-gate anchor_path(path); 8327c478bd9Sstevel@tonic-gate /* 8337c478bd9Sstevel@tonic-gate * match against the collapsed path. that is what user sees. 8347c478bd9Sstevel@tonic-gate */ 8357c478bd9Sstevel@tonic-gate if (re_exec2(collapse_path(path)) == 1) 8367c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 8377c478bd9Sstevel@tonic-gate free(path); 8387c478bd9Sstevel@tonic-gate } else { 8397c478bd9Sstevel@tonic-gate skip_string(adr); 8407c478bd9Sstevel@tonic-gate } 8417c478bd9Sstevel@tonic-gate return (-1); 8427c478bd9Sstevel@tonic-gate } 8437c478bd9Sstevel@tonic-gate 8447c478bd9Sstevel@tonic-gate 8457c478bd9Sstevel@tonic-gate /* 8467c478bd9Sstevel@tonic-gate * Format of System V IPC permission token: 8477c478bd9Sstevel@tonic-gate * System V IPC permission token id adr_char 8487c478bd9Sstevel@tonic-gate * uid adr_int32 8497c478bd9Sstevel@tonic-gate * gid adr_int32 8507c478bd9Sstevel@tonic-gate * cuid adr_int32 8517c478bd9Sstevel@tonic-gate * cgid adr_int32 8527c478bd9Sstevel@tonic-gate * mode adr_int32 8537c478bd9Sstevel@tonic-gate * seq adr_int32 8547c478bd9Sstevel@tonic-gate * key adr_int32 8557c478bd9Sstevel@tonic-gate */ 8567c478bd9Sstevel@tonic-gate int 8577c478bd9Sstevel@tonic-gate s5_IPC_perm_token(adr_t *adr) 8587c478bd9Sstevel@tonic-gate { 8597c478bd9Sstevel@tonic-gate int32_t uid, gid, cuid, cgid, mode, seq; 8607c478bd9Sstevel@tonic-gate int32_t key; 8617c478bd9Sstevel@tonic-gate 8627c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 8637c478bd9Sstevel@tonic-gate adrm_int32(adr, &gid, 1); 8647c478bd9Sstevel@tonic-gate adrm_int32(adr, &cuid, 1); 8657c478bd9Sstevel@tonic-gate adrm_int32(adr, &cgid, 1); 8667c478bd9Sstevel@tonic-gate adrm_int32(adr, &mode, 1); 8677c478bd9Sstevel@tonic-gate adrm_int32(adr, &seq, 1); 8687c478bd9Sstevel@tonic-gate adrm_int32(adr, &key, 1); 8697c478bd9Sstevel@tonic-gate 8707c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 8717c478bd9Sstevel@tonic-gate if (m_usere == uid) 8727c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 8737c478bd9Sstevel@tonic-gate } 8747c478bd9Sstevel@tonic-gate 8757c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 8767c478bd9Sstevel@tonic-gate if (m_usere == cuid) 8777c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 8787c478bd9Sstevel@tonic-gate } 8797c478bd9Sstevel@tonic-gate 8807c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 8817c478bd9Sstevel@tonic-gate if (m_groupr == gid) 8827c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 8837c478bd9Sstevel@tonic-gate } 8847c478bd9Sstevel@tonic-gate 8857c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 8867c478bd9Sstevel@tonic-gate if (m_groupr == cgid) 8877c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 8887c478bd9Sstevel@tonic-gate } 8897c478bd9Sstevel@tonic-gate 8907c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && 8917c478bd9Sstevel@tonic-gate ((obj_owner == uid) || 8927c478bd9Sstevel@tonic-gate (obj_owner == cuid) || 8937c478bd9Sstevel@tonic-gate (obj_group == gid) || 8947c478bd9Sstevel@tonic-gate (obj_group == cgid))) { 8957c478bd9Sstevel@tonic-gate 8967c478bd9Sstevel@tonic-gate switch (obj_flag) { 8977c478bd9Sstevel@tonic-gate case OBJ_MSGGROUP: 8987c478bd9Sstevel@tonic-gate case OBJ_MSGOWNER: 8997c478bd9Sstevel@tonic-gate if (ipc_type_match(OBJ_MSG, ipc_type)) 9007c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9017c478bd9Sstevel@tonic-gate break; 9027c478bd9Sstevel@tonic-gate case OBJ_SEMGROUP: 9037c478bd9Sstevel@tonic-gate case OBJ_SEMOWNER: 9047c478bd9Sstevel@tonic-gate if (ipc_type_match(OBJ_SEM, ipc_type)) 9057c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9067c478bd9Sstevel@tonic-gate break; 9077c478bd9Sstevel@tonic-gate case OBJ_SHMGROUP: 9087c478bd9Sstevel@tonic-gate case OBJ_SHMOWNER: 9097c478bd9Sstevel@tonic-gate if (ipc_type_match(OBJ_SHM, ipc_type)) 9107c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9117c478bd9Sstevel@tonic-gate break; 9127c478bd9Sstevel@tonic-gate } 9137c478bd9Sstevel@tonic-gate } 9147c478bd9Sstevel@tonic-gate return (-1); 9157c478bd9Sstevel@tonic-gate } 9167c478bd9Sstevel@tonic-gate 9177c478bd9Sstevel@tonic-gate 9187c478bd9Sstevel@tonic-gate /* 9197c478bd9Sstevel@tonic-gate * Format of process32 token: 9207c478bd9Sstevel@tonic-gate * process token id adr_char 9217c478bd9Sstevel@tonic-gate * auid adr_int32 9227c478bd9Sstevel@tonic-gate * euid adr_int32 9237c478bd9Sstevel@tonic-gate * egid adr_int32 9247c478bd9Sstevel@tonic-gate * ruid adr_int32 9257c478bd9Sstevel@tonic-gate * rgid adr_int32 9267c478bd9Sstevel@tonic-gate * pid adr_int32 9277c478bd9Sstevel@tonic-gate * sid adr_int32 9287c478bd9Sstevel@tonic-gate * termid adr_int32*2 9297c478bd9Sstevel@tonic-gate * 9307c478bd9Sstevel@tonic-gate */ 9317c478bd9Sstevel@tonic-gate int 9327c478bd9Sstevel@tonic-gate process32_token(adr_t *adr) 9337c478bd9Sstevel@tonic-gate { 9347c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 9357c478bd9Sstevel@tonic-gate int32_t sid; 9367c478bd9Sstevel@tonic-gate int32_t port, machine; 9377c478bd9Sstevel@tonic-gate 9387c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 9397c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 9407c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 9417c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 9427c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 9437c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 9447c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 9457c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 9467c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 9477c478bd9Sstevel@tonic-gate 9487c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 9497c478bd9Sstevel@tonic-gate if (m_usera == auid) 9507c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 9517c478bd9Sstevel@tonic-gate } 9527c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 9537c478bd9Sstevel@tonic-gate if (m_usere == euid) 9547c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 9557c478bd9Sstevel@tonic-gate } 9567c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 9577c478bd9Sstevel@tonic-gate if (m_userr == ruid) 9587c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 9597c478bd9Sstevel@tonic-gate } 9607c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 9617c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 9627c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 9637c478bd9Sstevel@tonic-gate } 9647c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 9657c478bd9Sstevel@tonic-gate if (m_groupe == egid) 9667c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 9677c478bd9Sstevel@tonic-gate } 9687c478bd9Sstevel@tonic-gate 9697c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 9707c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 9717c478bd9Sstevel@tonic-gate (obj_id == pid)) { 9727c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9737c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 9747c478bd9Sstevel@tonic-gate ((obj_group == egid) || 9757c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 9767c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9777c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 9787c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 9797c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 9807c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 9817c478bd9Sstevel@tonic-gate } 9827c478bd9Sstevel@tonic-gate } 9837c478bd9Sstevel@tonic-gate return (-1); 9847c478bd9Sstevel@tonic-gate } 9857c478bd9Sstevel@tonic-gate 9867c478bd9Sstevel@tonic-gate /* 9877c478bd9Sstevel@tonic-gate * Format of process32 token: 9887c478bd9Sstevel@tonic-gate * process token id adr_char 9897c478bd9Sstevel@tonic-gate * auid adr_int32 9907c478bd9Sstevel@tonic-gate * euid adr_int32 9917c478bd9Sstevel@tonic-gate * egid adr_int32 9927c478bd9Sstevel@tonic-gate * ruid adr_int32 9937c478bd9Sstevel@tonic-gate * rgid adr_int32 9947c478bd9Sstevel@tonic-gate * pid adr_int32 9957c478bd9Sstevel@tonic-gate * sid adr_int32 9967c478bd9Sstevel@tonic-gate * termid adr_int32*6 9977c478bd9Sstevel@tonic-gate * 9987c478bd9Sstevel@tonic-gate */ 9997c478bd9Sstevel@tonic-gate int 10007c478bd9Sstevel@tonic-gate process32_ex_token(adr_t *adr) 10017c478bd9Sstevel@tonic-gate { 10027c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 10037c478bd9Sstevel@tonic-gate int32_t sid; 10047c478bd9Sstevel@tonic-gate int32_t port, type, addr[4]; 10057c478bd9Sstevel@tonic-gate 10067c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 10077c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 10087c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 10097c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 10107c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 10117c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 10127c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 10137c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 10147c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 10157c478bd9Sstevel@tonic-gate adrm_int32(adr, &addr[0], 4); 10167c478bd9Sstevel@tonic-gate 10177c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 10187c478bd9Sstevel@tonic-gate if (m_usera == auid) 10197c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 10207c478bd9Sstevel@tonic-gate } 10217c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 10227c478bd9Sstevel@tonic-gate if (m_usere == euid) 10237c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 10247c478bd9Sstevel@tonic-gate } 10257c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 10267c478bd9Sstevel@tonic-gate if (m_userr == ruid) 10277c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 10287c478bd9Sstevel@tonic-gate } 10297c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 10307c478bd9Sstevel@tonic-gate if (m_groupr == egid) 10317c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 10327c478bd9Sstevel@tonic-gate } 10337c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 10347c478bd9Sstevel@tonic-gate if (m_groupe == egid) 10357c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 10367c478bd9Sstevel@tonic-gate } 10377c478bd9Sstevel@tonic-gate 10387c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 10397c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 10407c478bd9Sstevel@tonic-gate (obj_id == pid)) { 10417c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 10427c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 10437c478bd9Sstevel@tonic-gate ((obj_group == egid) || 10447c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 10457c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 10467c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 10477c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 10487c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 10497c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 10507c478bd9Sstevel@tonic-gate } 10517c478bd9Sstevel@tonic-gate } 10527c478bd9Sstevel@tonic-gate return (-1); 10537c478bd9Sstevel@tonic-gate } 10547c478bd9Sstevel@tonic-gate 10557c478bd9Sstevel@tonic-gate /* 10567c478bd9Sstevel@tonic-gate * Format of process64 token: 10577c478bd9Sstevel@tonic-gate * process token id adr_char 10587c478bd9Sstevel@tonic-gate * auid adr_int32 10597c478bd9Sstevel@tonic-gate * euid adr_int32 10607c478bd9Sstevel@tonic-gate * egid adr_int32 10617c478bd9Sstevel@tonic-gate * ruid adr_int32 10627c478bd9Sstevel@tonic-gate * rgid adr_int32 10637c478bd9Sstevel@tonic-gate * pid adr_int32 10647c478bd9Sstevel@tonic-gate * sid adr_int32 10657c478bd9Sstevel@tonic-gate * termid adr_int64+adr_int32 10667c478bd9Sstevel@tonic-gate * 10677c478bd9Sstevel@tonic-gate */ 10687c478bd9Sstevel@tonic-gate int 10697c478bd9Sstevel@tonic-gate process64_token(adr_t *adr) 10707c478bd9Sstevel@tonic-gate { 10717c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 10727c478bd9Sstevel@tonic-gate int32_t sid; 10737c478bd9Sstevel@tonic-gate int64_t port; 10747c478bd9Sstevel@tonic-gate int32_t machine; 10757c478bd9Sstevel@tonic-gate 10767c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 10777c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 10787c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 10797c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 10807c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 10817c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 10827c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 10837c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 10847c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 10857c478bd9Sstevel@tonic-gate 10867c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 10877c478bd9Sstevel@tonic-gate if (m_usera == auid) 10887c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 10897c478bd9Sstevel@tonic-gate } 10907c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 10917c478bd9Sstevel@tonic-gate if (m_usere == euid) 10927c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 10937c478bd9Sstevel@tonic-gate } 10947c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 10957c478bd9Sstevel@tonic-gate if (m_userr == ruid) 10967c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 10977c478bd9Sstevel@tonic-gate } 10987c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 10997c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 11007c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 11017c478bd9Sstevel@tonic-gate } 11027c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 11037c478bd9Sstevel@tonic-gate if (m_groupe == egid) 11047c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 11057c478bd9Sstevel@tonic-gate } 11067c478bd9Sstevel@tonic-gate 11077c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 11087c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 11097c478bd9Sstevel@tonic-gate (obj_id == pid)) { 11107c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 11117c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 11127c478bd9Sstevel@tonic-gate ((obj_group == egid) || 11137c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 11147c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 11157c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 11167c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 11177c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 11187c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 11197c478bd9Sstevel@tonic-gate } 11207c478bd9Sstevel@tonic-gate } 11217c478bd9Sstevel@tonic-gate return (-1); 11227c478bd9Sstevel@tonic-gate } 11237c478bd9Sstevel@tonic-gate 11247c478bd9Sstevel@tonic-gate /* 11257c478bd9Sstevel@tonic-gate * Format of process64 token: 11267c478bd9Sstevel@tonic-gate * process token id adr_char 11277c478bd9Sstevel@tonic-gate * auid adr_int32 11287c478bd9Sstevel@tonic-gate * euid adr_int32 11297c478bd9Sstevel@tonic-gate * egid adr_int32 11307c478bd9Sstevel@tonic-gate * ruid adr_int32 11317c478bd9Sstevel@tonic-gate * rgid adr_int32 11327c478bd9Sstevel@tonic-gate * pid adr_int32 11337c478bd9Sstevel@tonic-gate * sid adr_int32 11347c478bd9Sstevel@tonic-gate * termid adr_int64+5*adr_int32 11357c478bd9Sstevel@tonic-gate * 11367c478bd9Sstevel@tonic-gate */ 11377c478bd9Sstevel@tonic-gate int 11387c478bd9Sstevel@tonic-gate process64_ex_token(adr_t *adr) 11397c478bd9Sstevel@tonic-gate { 11407c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 11417c478bd9Sstevel@tonic-gate int32_t sid; 11427c478bd9Sstevel@tonic-gate int64_t port; 11437c478bd9Sstevel@tonic-gate int32_t type, addr[4]; 11447c478bd9Sstevel@tonic-gate 11457c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 11467c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 11477c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 11487c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 11497c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 11507c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 11517c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 11527c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 11537c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 11547c478bd9Sstevel@tonic-gate adrm_int32(adr, &addr[0], 4); 11557c478bd9Sstevel@tonic-gate 11567c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) { 11577c478bd9Sstevel@tonic-gate if (m_usera == auid) 11587c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 11597c478bd9Sstevel@tonic-gate } 11607c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) { 11617c478bd9Sstevel@tonic-gate if (m_usere == euid) 11627c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 11637c478bd9Sstevel@tonic-gate } 11647c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) { 11657c478bd9Sstevel@tonic-gate if (m_userr == ruid) 11667c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 11677c478bd9Sstevel@tonic-gate } 11687c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) { 11697c478bd9Sstevel@tonic-gate if (m_groupr == egid) 11707c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 11717c478bd9Sstevel@tonic-gate } 11727c478bd9Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) { 11737c478bd9Sstevel@tonic-gate if (m_groupe == egid) 11747c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 11757c478bd9Sstevel@tonic-gate } 11767c478bd9Sstevel@tonic-gate 11777c478bd9Sstevel@tonic-gate if (flags & M_OBJECT) { 11787c478bd9Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) && 11797c478bd9Sstevel@tonic-gate (obj_id == pid)) { 11807c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 11817c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) && 11827c478bd9Sstevel@tonic-gate ((obj_group == egid) || 11837c478bd9Sstevel@tonic-gate (obj_group == rgid))) { 11847c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 11857c478bd9Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) && 11867c478bd9Sstevel@tonic-gate ((obj_owner == euid) || 11877c478bd9Sstevel@tonic-gate (obj_group == ruid))) { 11887c478bd9Sstevel@tonic-gate checkflags = checkflags | M_OBJECT; 11897c478bd9Sstevel@tonic-gate } 11907c478bd9Sstevel@tonic-gate } 11917c478bd9Sstevel@tonic-gate return (-1); 11927c478bd9Sstevel@tonic-gate } 11937c478bd9Sstevel@tonic-gate 11947c478bd9Sstevel@tonic-gate /* 11957c478bd9Sstevel@tonic-gate * Format of System V IPC token: 11967c478bd9Sstevel@tonic-gate * System V IPC token id adr_char 11977c478bd9Sstevel@tonic-gate * object id adr_int32 11987c478bd9Sstevel@tonic-gate * 11997c478bd9Sstevel@tonic-gate */ 12007c478bd9Sstevel@tonic-gate int 12017c478bd9Sstevel@tonic-gate s5_IPC_token(adr_t *adr) 12027c478bd9Sstevel@tonic-gate { 12037c478bd9Sstevel@tonic-gate int32_t ipc_id; 12047c478bd9Sstevel@tonic-gate 12057c478bd9Sstevel@tonic-gate adrm_char(adr, &ipc_type, 1); /* Global */ 12067c478bd9Sstevel@tonic-gate adrm_int32(adr, &ipc_id, 1); 12077c478bd9Sstevel@tonic-gate 12087c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && 12097c478bd9Sstevel@tonic-gate ipc_type_match(obj_flag, ipc_type) && 12107c478bd9Sstevel@tonic-gate (obj_id == ipc_id)) 12117c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12127c478bd9Sstevel@tonic-gate 12137c478bd9Sstevel@tonic-gate return (-1); 12147c478bd9Sstevel@tonic-gate } 12157c478bd9Sstevel@tonic-gate 12167c478bd9Sstevel@tonic-gate 12177c478bd9Sstevel@tonic-gate /* 12187c478bd9Sstevel@tonic-gate * Format of socket token: 12197c478bd9Sstevel@tonic-gate * socket_type adrm_short 12207c478bd9Sstevel@tonic-gate * remote_port adrm_short 12217c478bd9Sstevel@tonic-gate * remote_inaddr adrm_int32 12227c478bd9Sstevel@tonic-gate * 12237c478bd9Sstevel@tonic-gate */ 12247c478bd9Sstevel@tonic-gate int 12257c478bd9Sstevel@tonic-gate socket_token(adr_t *adr) 12267c478bd9Sstevel@tonic-gate { 12277c478bd9Sstevel@tonic-gate short socket_type; 12287c478bd9Sstevel@tonic-gate short remote_port; 12297c478bd9Sstevel@tonic-gate int32_t remote_inaddr; 12307c478bd9Sstevel@tonic-gate 12317c478bd9Sstevel@tonic-gate adrm_short(adr, &socket_type, 1); 12327c478bd9Sstevel@tonic-gate adrm_short(adr, &remote_port, 1); 12337c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&remote_inaddr, 4); 12347c478bd9Sstevel@tonic-gate 12357c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) { 12367c478bd9Sstevel@tonic-gate if (socket_flag == SOCKFLG_MACHINE) { 12377c478bd9Sstevel@tonic-gate if (remote_inaddr == obj_id) 12387c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12397c478bd9Sstevel@tonic-gate } else if (socket_flag == SOCKFLG_PORT) { 12407c478bd9Sstevel@tonic-gate if (remote_port == obj_id) 12417c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12427c478bd9Sstevel@tonic-gate } 12437c478bd9Sstevel@tonic-gate } 12447c478bd9Sstevel@tonic-gate return (-1); 12457c478bd9Sstevel@tonic-gate } 12467c478bd9Sstevel@tonic-gate 12477c478bd9Sstevel@tonic-gate 12487c478bd9Sstevel@tonic-gate /* 12497c478bd9Sstevel@tonic-gate * Format of socket token: 12507c478bd9Sstevel@tonic-gate * socket_type adrm_short 12517c478bd9Sstevel@tonic-gate * remote_port adrm_short 12527c478bd9Sstevel@tonic-gate * remote_inaddr adrm_int32 12537c478bd9Sstevel@tonic-gate * 12547c478bd9Sstevel@tonic-gate */ 12557c478bd9Sstevel@tonic-gate int 12567c478bd9Sstevel@tonic-gate socket_ex_token(adr_t *adr) 12577c478bd9Sstevel@tonic-gate { 12587c478bd9Sstevel@tonic-gate short socket_domain; 12597c478bd9Sstevel@tonic-gate short socket_type; 12607c478bd9Sstevel@tonic-gate short ip_size; 12617c478bd9Sstevel@tonic-gate short local_port; 12627c478bd9Sstevel@tonic-gate int32_t local_inaddr[4]; 12637c478bd9Sstevel@tonic-gate short remote_port; 12647c478bd9Sstevel@tonic-gate int32_t remote_inaddr[4]; 12657c478bd9Sstevel@tonic-gate 12667c478bd9Sstevel@tonic-gate adrm_short(adr, &socket_domain, 1); 12677c478bd9Sstevel@tonic-gate adrm_short(adr, &socket_type, 1); 12687c478bd9Sstevel@tonic-gate adrm_short(adr, &ip_size, 1); 12697c478bd9Sstevel@tonic-gate 12707c478bd9Sstevel@tonic-gate /* validate ip size */ 12717c478bd9Sstevel@tonic-gate if ((ip_size != AU_IPv6) && (ip_size != AU_IPv4)) 12727c478bd9Sstevel@tonic-gate return (0); 12737c478bd9Sstevel@tonic-gate 12747c478bd9Sstevel@tonic-gate adrm_short(adr, &local_port, 1); 12757c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)local_inaddr, ip_size); 12767c478bd9Sstevel@tonic-gate 12777c478bd9Sstevel@tonic-gate adrm_short(adr, &remote_port, 1); 12787c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)remote_inaddr, ip_size); 12797c478bd9Sstevel@tonic-gate 12807c478bd9Sstevel@tonic-gate /* if IP type mis-match, then nothing to do */ 12817c478bd9Sstevel@tonic-gate if (ip_size != ip_type) 12827c478bd9Sstevel@tonic-gate return (-1); 12837c478bd9Sstevel@tonic-gate 12847c478bd9Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) { 12857c478bd9Sstevel@tonic-gate if (socket_flag == SOCKFLG_MACHINE) { 12867c478bd9Sstevel@tonic-gate if (ip_type == AU_IPv4) { 12877c478bd9Sstevel@tonic-gate if ((local_inaddr[0] == obj_id) || 12887c478bd9Sstevel@tonic-gate (remote_inaddr[0] == obj_id)) 12897c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 12907c478bd9Sstevel@tonic-gate } else { 12917c478bd9Sstevel@tonic-gate if (((local_inaddr[0] == ip_ipv6[0]) && 12927c478bd9Sstevel@tonic-gate (local_inaddr[1] == ip_ipv6[1]) && 12937c478bd9Sstevel@tonic-gate (local_inaddr[2] == ip_ipv6[2]) && 12947c478bd9Sstevel@tonic-gate (local_inaddr[3] == ip_ipv6[3])) || 12957c478bd9Sstevel@tonic-gate ((remote_inaddr[0] == ip_ipv6[0]) && 12967c478bd9Sstevel@tonic-gate (remote_inaddr[1] == ip_ipv6[1]) && 12977c478bd9Sstevel@tonic-gate (remote_inaddr[2] == ip_ipv6[2]) && 12987c478bd9Sstevel@tonic-gate (remote_inaddr[3] == ip_ipv6[3]))) 12997c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 13007c478bd9Sstevel@tonic-gate } 13017c478bd9Sstevel@tonic-gate } else if (socket_flag == SOCKFLG_PORT) { 13027c478bd9Sstevel@tonic-gate if ((local_port == obj_id) || (remote_port == obj_id)) 13037c478bd9Sstevel@tonic-gate checkflags |= M_OBJECT; 13047c478bd9Sstevel@tonic-gate } 13057c478bd9Sstevel@tonic-gate } 13067c478bd9Sstevel@tonic-gate return (-1); 13077c478bd9Sstevel@tonic-gate } 13087c478bd9Sstevel@tonic-gate 13097c478bd9Sstevel@tonic-gate 13107c478bd9Sstevel@tonic-gate /* 13117c478bd9Sstevel@tonic-gate * Format of subject32 token: 13127c478bd9Sstevel@tonic-gate * subject token id adr_char 13137c478bd9Sstevel@tonic-gate * auid adr_int32 13147c478bd9Sstevel@tonic-gate * euid adr_int32 13157c478bd9Sstevel@tonic-gate * egid adr_int32 13167c478bd9Sstevel@tonic-gate * ruid adr_int32 13177c478bd9Sstevel@tonic-gate * rgid adr_int32 13187c478bd9Sstevel@tonic-gate * pid adr_int32 13197c478bd9Sstevel@tonic-gate * sid adr_int32 13207c478bd9Sstevel@tonic-gate * termid adr_int32*2 13217c478bd9Sstevel@tonic-gate * 13227c478bd9Sstevel@tonic-gate */ 13237c478bd9Sstevel@tonic-gate int 13247c478bd9Sstevel@tonic-gate subject32_token(adr_t *adr) 13257c478bd9Sstevel@tonic-gate { 13267c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 13277c478bd9Sstevel@tonic-gate int32_t sid; 13287c478bd9Sstevel@tonic-gate int32_t port, machine; 13297c478bd9Sstevel@tonic-gate 13307c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 13317c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 13327c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 13337c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 13347c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 13357c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 13367c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 13377c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 13387c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 13397c478bd9Sstevel@tonic-gate 13407c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 13417c478bd9Sstevel@tonic-gate if (subj_id == pid) 13427c478bd9Sstevel@tonic-gate checkflags |= M_SUBJECT; 13437c478bd9Sstevel@tonic-gate } 13447c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 13457c478bd9Sstevel@tonic-gate if (m_usera == auid) 13467c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 13477c478bd9Sstevel@tonic-gate } 13487c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 13497c478bd9Sstevel@tonic-gate if (m_usere == euid) 13507c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 13517c478bd9Sstevel@tonic-gate } 13527c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 13537c478bd9Sstevel@tonic-gate if (m_userr == ruid) 13547c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 13557c478bd9Sstevel@tonic-gate } 13567c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 13577c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 13587c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 13597c478bd9Sstevel@tonic-gate } 13607c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 13617c478bd9Sstevel@tonic-gate if (m_groupe == egid) 13627c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 13637c478bd9Sstevel@tonic-gate } 1364924c9144Sgww if (flags & M_SID) { 1365924c9144Sgww if (m_sid == sid) 1366924c9144Sgww checkflags |= M_SID; 1367924c9144Sgww } 13687c478bd9Sstevel@tonic-gate return (-1); 13697c478bd9Sstevel@tonic-gate } 13707c478bd9Sstevel@tonic-gate 13717c478bd9Sstevel@tonic-gate /* 13727c478bd9Sstevel@tonic-gate * Format of subject32_ex token: 13737c478bd9Sstevel@tonic-gate * subject token id adr_char 13747c478bd9Sstevel@tonic-gate * auid adr_int32 13757c478bd9Sstevel@tonic-gate * euid adr_int32 13767c478bd9Sstevel@tonic-gate * egid adr_int32 13777c478bd9Sstevel@tonic-gate * ruid adr_int32 13787c478bd9Sstevel@tonic-gate * rgid adr_int32 13797c478bd9Sstevel@tonic-gate * pid adr_int32 13807c478bd9Sstevel@tonic-gate * sid adr_int32 13817c478bd9Sstevel@tonic-gate * termid_addr adr_int32*6 13827c478bd9Sstevel@tonic-gate * 13837c478bd9Sstevel@tonic-gate */ 13847c478bd9Sstevel@tonic-gate int 13857c478bd9Sstevel@tonic-gate subject32_ex_token(adr_t *adr) 13867c478bd9Sstevel@tonic-gate { 13877c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 13887c478bd9Sstevel@tonic-gate int32_t sid; 13897c478bd9Sstevel@tonic-gate int32_t port, type, addr[4]; 13907c478bd9Sstevel@tonic-gate 13917c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 13927c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 13937c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 13947c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 13957c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 13967c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 13977c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 13987c478bd9Sstevel@tonic-gate adrm_int32(adr, &port, 1); 13997c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 14007c478bd9Sstevel@tonic-gate adrm_int32(adr, &addr[0], 4); 14017c478bd9Sstevel@tonic-gate 14027c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 14037c478bd9Sstevel@tonic-gate if (subj_id == pid) 14047c478bd9Sstevel@tonic-gate checkflags = checkflags | M_SUBJECT; 14057c478bd9Sstevel@tonic-gate } 14067c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 14077c478bd9Sstevel@tonic-gate if (m_usera == auid) 14087c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 14097c478bd9Sstevel@tonic-gate } 14107c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 14117c478bd9Sstevel@tonic-gate if (m_usere == euid) 14127c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 14137c478bd9Sstevel@tonic-gate } 14147c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 14157c478bd9Sstevel@tonic-gate if (m_userr == ruid) 14167c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 14177c478bd9Sstevel@tonic-gate } 14187c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 14197c478bd9Sstevel@tonic-gate if (m_groupr == egid) 14207c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 14217c478bd9Sstevel@tonic-gate } 14227c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 14237c478bd9Sstevel@tonic-gate if (m_groupe == egid) 14247c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 14257c478bd9Sstevel@tonic-gate } 1426924c9144Sgww if (flags & M_SID) { 1427924c9144Sgww if (m_sid == sid) 1428924c9144Sgww checkflags = checkflags | M_SID; 1429924c9144Sgww } 14307c478bd9Sstevel@tonic-gate return (-1); 14317c478bd9Sstevel@tonic-gate } 14327c478bd9Sstevel@tonic-gate 14337c478bd9Sstevel@tonic-gate /* 14347c478bd9Sstevel@tonic-gate * Format of subject64 token: 14357c478bd9Sstevel@tonic-gate * subject token id adr_char 14367c478bd9Sstevel@tonic-gate * auid adr_int32 14377c478bd9Sstevel@tonic-gate * euid adr_int32 14387c478bd9Sstevel@tonic-gate * egid adr_int32 14397c478bd9Sstevel@tonic-gate * ruid adr_int32 14407c478bd9Sstevel@tonic-gate * rgid adr_int32 14417c478bd9Sstevel@tonic-gate * pid adr_int32 14427c478bd9Sstevel@tonic-gate * sid adr_int32 14437c478bd9Sstevel@tonic-gate * termid adr_int64+adr_int32 14447c478bd9Sstevel@tonic-gate * 14457c478bd9Sstevel@tonic-gate */ 14467c478bd9Sstevel@tonic-gate int 14477c478bd9Sstevel@tonic-gate subject64_token(adr_t *adr) 14487c478bd9Sstevel@tonic-gate { 14497c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 14507c478bd9Sstevel@tonic-gate int32_t sid; 14517c478bd9Sstevel@tonic-gate int64_t port; 14527c478bd9Sstevel@tonic-gate int32_t machine; 14537c478bd9Sstevel@tonic-gate 14547c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 14557c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 14567c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 14577c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 14587c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 14597c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 14607c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 14617c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 14627c478bd9Sstevel@tonic-gate adrm_int32(adr, &machine, 1); 14637c478bd9Sstevel@tonic-gate 14647c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 14657c478bd9Sstevel@tonic-gate if (subj_id == pid) 14667c478bd9Sstevel@tonic-gate checkflags |= M_SUBJECT; 14677c478bd9Sstevel@tonic-gate } 14687c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 14697c478bd9Sstevel@tonic-gate if (m_usera == auid) 14707c478bd9Sstevel@tonic-gate checkflags |= M_USERA; 14717c478bd9Sstevel@tonic-gate } 14727c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 14737c478bd9Sstevel@tonic-gate if (m_usere == euid) 14747c478bd9Sstevel@tonic-gate checkflags |= M_USERE; 14757c478bd9Sstevel@tonic-gate } 14767c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 14777c478bd9Sstevel@tonic-gate if (m_userr == ruid) 14787c478bd9Sstevel@tonic-gate checkflags |= M_USERR; 14797c478bd9Sstevel@tonic-gate } 14807c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 14817c478bd9Sstevel@tonic-gate if (m_groupr == rgid) 14827c478bd9Sstevel@tonic-gate checkflags |= M_GROUPR; 14837c478bd9Sstevel@tonic-gate } 14847c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 14857c478bd9Sstevel@tonic-gate if (m_groupe == egid) 14867c478bd9Sstevel@tonic-gate checkflags |= M_GROUPE; 14877c478bd9Sstevel@tonic-gate } 1488924c9144Sgww if (flags & M_SID) { 1489924c9144Sgww if (m_sid == sid) 1490924c9144Sgww checkflags |= M_SID; 1491924c9144Sgww } 14927c478bd9Sstevel@tonic-gate return (-1); 14937c478bd9Sstevel@tonic-gate } 14947c478bd9Sstevel@tonic-gate 14957c478bd9Sstevel@tonic-gate /* 14967c478bd9Sstevel@tonic-gate * Format of subject64 token: 14977c478bd9Sstevel@tonic-gate * subject token id adr_char 14987c478bd9Sstevel@tonic-gate * auid adr_int32 14997c478bd9Sstevel@tonic-gate * euid adr_int32 15007c478bd9Sstevel@tonic-gate * egid adr_int32 15017c478bd9Sstevel@tonic-gate * ruid adr_int32 15027c478bd9Sstevel@tonic-gate * rgid adr_int32 15037c478bd9Sstevel@tonic-gate * pid adr_int32 15047c478bd9Sstevel@tonic-gate * sid adr_int32 15057c478bd9Sstevel@tonic-gate * termid adr_int64+5*adr_int32 15067c478bd9Sstevel@tonic-gate * 15077c478bd9Sstevel@tonic-gate */ 15087c478bd9Sstevel@tonic-gate int 15097c478bd9Sstevel@tonic-gate subject64_ex_token(adr_t *adr) 15107c478bd9Sstevel@tonic-gate { 15117c478bd9Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid; 15127c478bd9Sstevel@tonic-gate int32_t sid; 15137c478bd9Sstevel@tonic-gate int64_t port; 15147c478bd9Sstevel@tonic-gate int32_t type, addr[4]; 15157c478bd9Sstevel@tonic-gate 15167c478bd9Sstevel@tonic-gate adrm_int32(adr, &auid, 1); 15177c478bd9Sstevel@tonic-gate adrm_int32(adr, &euid, 1); 15187c478bd9Sstevel@tonic-gate adrm_int32(adr, &egid, 1); 15197c478bd9Sstevel@tonic-gate adrm_int32(adr, &ruid, 1); 15207c478bd9Sstevel@tonic-gate adrm_int32(adr, &rgid, 1); 15217c478bd9Sstevel@tonic-gate adrm_int32(adr, &pid, 1); 15227c478bd9Sstevel@tonic-gate adrm_int32(adr, &sid, 1); 15237c478bd9Sstevel@tonic-gate adrm_int64(adr, &port, 1); 15247c478bd9Sstevel@tonic-gate adrm_int32(adr, &type, 1); 15257c478bd9Sstevel@tonic-gate adrm_int32(adr, &addr[0], 4); 15267c478bd9Sstevel@tonic-gate 15277c478bd9Sstevel@tonic-gate if (flags & M_SUBJECT) { 15287c478bd9Sstevel@tonic-gate if (subj_id == pid) 15297c478bd9Sstevel@tonic-gate checkflags = checkflags | M_SUBJECT; 15307c478bd9Sstevel@tonic-gate } 15317c478bd9Sstevel@tonic-gate if (flags & M_USERA) { 15327c478bd9Sstevel@tonic-gate if (m_usera == auid) 15337c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERA; 15347c478bd9Sstevel@tonic-gate } 15357c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 15367c478bd9Sstevel@tonic-gate if (m_usere == euid) 15377c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 15387c478bd9Sstevel@tonic-gate } 15397c478bd9Sstevel@tonic-gate if (flags & M_USERR) { 15407c478bd9Sstevel@tonic-gate if (m_userr == ruid) 15417c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERR; 15427c478bd9Sstevel@tonic-gate } 15437c478bd9Sstevel@tonic-gate if (flags & M_GROUPR) { 15447c478bd9Sstevel@tonic-gate if (m_groupr == egid) 15457c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPR; 15467c478bd9Sstevel@tonic-gate } 15477c478bd9Sstevel@tonic-gate if (flags & M_GROUPE) { 15487c478bd9Sstevel@tonic-gate if (m_groupe == egid) 15497c478bd9Sstevel@tonic-gate checkflags = checkflags | M_GROUPE; 15507c478bd9Sstevel@tonic-gate } 1551924c9144Sgww if (flags & M_SID) { 1552924c9144Sgww if (m_sid == sid) 1553924c9144Sgww checkflags = checkflags | M_SID; 1554924c9144Sgww } 15557c478bd9Sstevel@tonic-gate return (-1); 15567c478bd9Sstevel@tonic-gate } 15577c478bd9Sstevel@tonic-gate 15587c478bd9Sstevel@tonic-gate /* 15597c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15607c478bd9Sstevel@tonic-gate * tid_token(): Process tid token and display contents 15617c478bd9Sstevel@tonic-gate * 15627c478bd9Sstevel@tonic-gate * Format of tid token: 15637c478bd9Sstevel@tonic-gate * tid token id adr_char 15647c478bd9Sstevel@tonic-gate * address type adr_char 15657c478bd9Sstevel@tonic-gate * For address type of AU_IPADR... 15667c478bd9Sstevel@tonic-gate * remote port adr_short 15677c478bd9Sstevel@tonic-gate * local port adr_short 15687c478bd9Sstevel@tonic-gate * IP type adr_int32 15697c478bd9Sstevel@tonic-gate * IP addr adr_int32 if IPv4 15707c478bd9Sstevel@tonic-gate * IP addr 4 x adr_int32 if IPv6 15717c478bd9Sstevel@tonic-gate * address types other than AU_IPADR are not yet defined 15727c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15737c478bd9Sstevel@tonic-gate */ 15747c478bd9Sstevel@tonic-gate int 15757c478bd9Sstevel@tonic-gate tid_token(adr_t *adr) 15767c478bd9Sstevel@tonic-gate { 15777c478bd9Sstevel@tonic-gate int32_t address[4]; 15787c478bd9Sstevel@tonic-gate int32_t ip_type; 15797c478bd9Sstevel@tonic-gate char tid_type; 15807c478bd9Sstevel@tonic-gate short rport; 15817c478bd9Sstevel@tonic-gate short lport; 15827c478bd9Sstevel@tonic-gate 15837c478bd9Sstevel@tonic-gate adrm_char(adr, &tid_type, 1); 15847c478bd9Sstevel@tonic-gate switch (tid_type) { 15857c478bd9Sstevel@tonic-gate case AU_IPADR: 15867c478bd9Sstevel@tonic-gate adrm_short(adr, &rport, 1); 15877c478bd9Sstevel@tonic-gate adrm_short(adr, &lport, 1); 15887c478bd9Sstevel@tonic-gate adrm_int32(adr, &ip_type, 1); 15897c478bd9Sstevel@tonic-gate adrm_char(adr, (char *)&address, ip_type); 15907c478bd9Sstevel@tonic-gate break; 15917c478bd9Sstevel@tonic-gate default: 15927c478bd9Sstevel@tonic-gate return (0); 15937c478bd9Sstevel@tonic-gate } 15947c478bd9Sstevel@tonic-gate return (-1); 15957c478bd9Sstevel@tonic-gate } 15967c478bd9Sstevel@tonic-gate 15977c478bd9Sstevel@tonic-gate /* 15987c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 15997c478bd9Sstevel@tonic-gate * zonename_token(): Process zonename token and display contents 16007c478bd9Sstevel@tonic-gate * 16017c478bd9Sstevel@tonic-gate * Format of zonename token: 16027c478bd9Sstevel@tonic-gate * zonename token id adr_char 16037c478bd9Sstevel@tonic-gate * zone name adr_string 16047c478bd9Sstevel@tonic-gate * ----------------------------------------------------------------------- 16057c478bd9Sstevel@tonic-gate */ 16067c478bd9Sstevel@tonic-gate int 16077c478bd9Sstevel@tonic-gate zonename_token(adr_t *adr) 16087c478bd9Sstevel@tonic-gate { 16097c478bd9Sstevel@tonic-gate char *name; 16107c478bd9Sstevel@tonic-gate 16117c478bd9Sstevel@tonic-gate if (flags & M_ZONENAME) { 16127c478bd9Sstevel@tonic-gate get_string(adr, &name); 16137c478bd9Sstevel@tonic-gate if (strncmp(zonename, name, ZONENAME_MAX) == 0) 16147c478bd9Sstevel@tonic-gate checkflags |= M_ZONENAME; 16157c478bd9Sstevel@tonic-gate free(name); 16167c478bd9Sstevel@tonic-gate } else { 16177c478bd9Sstevel@tonic-gate skip_string(adr); 16187c478bd9Sstevel@tonic-gate } 16197c478bd9Sstevel@tonic-gate return (-1); 16207c478bd9Sstevel@tonic-gate } 16217c478bd9Sstevel@tonic-gate 1622103b2b15Sgww /* 1623103b2b15Sgww * fmri_token(): 1624103b2b15Sgww * 1625103b2b15Sgww * Format of fmri token: 1626103b2b15Sgww * fmri adr_string 1627103b2b15Sgww */ 1628103b2b15Sgww int 1629103b2b15Sgww fmri_token(adr_t *adr) 1630103b2b15Sgww { 1631103b2b15Sgww if ((flags & M_OBJECT) && (obj_flag == OBJ_FMRI)) { 1632103b2b15Sgww char *fmri_name; 1633103b2b15Sgww 1634103b2b15Sgww get_string(adr, &fmri_name); 1635103b2b15Sgww 1636103b2b15Sgww /* match token against service instance */ 1637103b2b15Sgww if (scf_cmp_pattern(fmri_name, &fmri) == 1) { 1638103b2b15Sgww checkflags |= M_OBJECT; 1639103b2b15Sgww } 1640103b2b15Sgww free(fmri_name); 1641103b2b15Sgww } else { 1642103b2b15Sgww skip_string(adr); 1643103b2b15Sgww } 1644103b2b15Sgww return (-1); 1645103b2b15Sgww } 1646103b2b15Sgww 16477c478bd9Sstevel@tonic-gate /* 16487c478bd9Sstevel@tonic-gate * Format of xatom token: 16497c478bd9Sstevel@tonic-gate */ 16507c478bd9Sstevel@tonic-gate int 16517c478bd9Sstevel@tonic-gate xatom_token(adr_t *adr) 16527c478bd9Sstevel@tonic-gate { 16537c478bd9Sstevel@tonic-gate skip_string(adr); 16547c478bd9Sstevel@tonic-gate 16557c478bd9Sstevel@tonic-gate return (-1); 16567c478bd9Sstevel@tonic-gate } 16577c478bd9Sstevel@tonic-gate 16587c478bd9Sstevel@tonic-gate /* 16597c478bd9Sstevel@tonic-gate * Format of xselect token: 16607c478bd9Sstevel@tonic-gate */ 16617c478bd9Sstevel@tonic-gate int 16627c478bd9Sstevel@tonic-gate xselect_token(adr_t *adr) 16637c478bd9Sstevel@tonic-gate { 16647c478bd9Sstevel@tonic-gate skip_string(adr); 16657c478bd9Sstevel@tonic-gate skip_string(adr); 16667c478bd9Sstevel@tonic-gate skip_string(adr); 16677c478bd9Sstevel@tonic-gate 16687c478bd9Sstevel@tonic-gate return (-1); 16697c478bd9Sstevel@tonic-gate } 16707c478bd9Sstevel@tonic-gate 16717c478bd9Sstevel@tonic-gate /* 16727c478bd9Sstevel@tonic-gate * anchor a path name with a slash 16737c478bd9Sstevel@tonic-gate * assume we have enough space 16747c478bd9Sstevel@tonic-gate */ 16757c478bd9Sstevel@tonic-gate void 16767c478bd9Sstevel@tonic-gate anchor_path(char *path) 16777c478bd9Sstevel@tonic-gate { 16787c478bd9Sstevel@tonic-gate (void) memmove((void *)(path + 1), (void *)path, strlen(path) + 1); 16797c478bd9Sstevel@tonic-gate *path = '/'; 16807c478bd9Sstevel@tonic-gate } 16817c478bd9Sstevel@tonic-gate 16827c478bd9Sstevel@tonic-gate 16837c478bd9Sstevel@tonic-gate /* 16847c478bd9Sstevel@tonic-gate * copy path to collapsed path. 16857c478bd9Sstevel@tonic-gate * collapsed path does not contain: 16867c478bd9Sstevel@tonic-gate * successive slashes 16877c478bd9Sstevel@tonic-gate * instances of dot-slash 16887c478bd9Sstevel@tonic-gate * instances of dot-dot-slash 16897c478bd9Sstevel@tonic-gate * passed path must be anchored with a '/' 16907c478bd9Sstevel@tonic-gate */ 16917c478bd9Sstevel@tonic-gate char * 16927c478bd9Sstevel@tonic-gate collapse_path(char *s) 16937c478bd9Sstevel@tonic-gate { 16947c478bd9Sstevel@tonic-gate int id; /* index of where we are in destination string */ 16957c478bd9Sstevel@tonic-gate int is; /* index of where we are in source string */ 16967c478bd9Sstevel@tonic-gate int slashseen; /* have we seen a slash */ 16977c478bd9Sstevel@tonic-gate int ls; /* length of source string */ 16987c478bd9Sstevel@tonic-gate 16997c478bd9Sstevel@tonic-gate ls = strlen(s) + 1; 17007c478bd9Sstevel@tonic-gate 17017c478bd9Sstevel@tonic-gate slashseen = 0; 17027c478bd9Sstevel@tonic-gate for (is = 0, id = 0; is < ls; is++) { 17037c478bd9Sstevel@tonic-gate /* thats all folks, we've reached the end of input */ 17047c478bd9Sstevel@tonic-gate if (s[is] == '\0') { 17057c478bd9Sstevel@tonic-gate if (id > 1 && s[id-1] == '/') { 17067c478bd9Sstevel@tonic-gate --id; 17077c478bd9Sstevel@tonic-gate } 17087c478bd9Sstevel@tonic-gate s[id++] = '\0'; 17097c478bd9Sstevel@tonic-gate break; 17107c478bd9Sstevel@tonic-gate } 17117c478bd9Sstevel@tonic-gate /* previous character was a / */ 17127c478bd9Sstevel@tonic-gate if (slashseen) { 17137c478bd9Sstevel@tonic-gate if (s[is] == '/') 17147c478bd9Sstevel@tonic-gate continue; /* another slash, ignore it */ 17157c478bd9Sstevel@tonic-gate } else if (s[is] == '/') { 17167c478bd9Sstevel@tonic-gate /* we see a /, just copy it and try again */ 17177c478bd9Sstevel@tonic-gate slashseen = 1; 17187c478bd9Sstevel@tonic-gate s[id++] = '/'; 17197c478bd9Sstevel@tonic-gate continue; 17207c478bd9Sstevel@tonic-gate } 17217c478bd9Sstevel@tonic-gate /* /./ seen */ 17227c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '/') { 17237c478bd9Sstevel@tonic-gate is += 1; 17247c478bd9Sstevel@tonic-gate continue; 17257c478bd9Sstevel@tonic-gate } 17267c478bd9Sstevel@tonic-gate /* XXX/. seen */ 17277c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '\0') { 17287c478bd9Sstevel@tonic-gate if (id > 1) 17297c478bd9Sstevel@tonic-gate id--; 17307c478bd9Sstevel@tonic-gate continue; 17317c478bd9Sstevel@tonic-gate } 17327c478bd9Sstevel@tonic-gate /* XXX/.. seen */ 17337c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '\0') { 17347c478bd9Sstevel@tonic-gate is += 1; 17357c478bd9Sstevel@tonic-gate if (id > 0) 17367c478bd9Sstevel@tonic-gate id--; 1737*a7746f66Stz while (id > 0 && s[--id] != '/') 1738*a7746f66Stz ; 17397c478bd9Sstevel@tonic-gate id++; 17407c478bd9Sstevel@tonic-gate continue; 17417c478bd9Sstevel@tonic-gate } 17427c478bd9Sstevel@tonic-gate /* XXX/../ seen */ 17437c478bd9Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '/') { 17447c478bd9Sstevel@tonic-gate is += 2; 17457c478bd9Sstevel@tonic-gate if (id > 0) 17467c478bd9Sstevel@tonic-gate id--; 1747*a7746f66Stz while (id > 0 && s[--id] != '/') 1748*a7746f66Stz ; 17497c478bd9Sstevel@tonic-gate id++; 17507c478bd9Sstevel@tonic-gate continue; 17517c478bd9Sstevel@tonic-gate } 1752*a7746f66Stz while (is < ls && (s[id++] = s[is++]) != '/') 1753*a7746f66Stz ; 17547c478bd9Sstevel@tonic-gate is--; 17557c478bd9Sstevel@tonic-gate } 17567c478bd9Sstevel@tonic-gate return (s); 17577c478bd9Sstevel@tonic-gate } 17587c478bd9Sstevel@tonic-gate 17597c478bd9Sstevel@tonic-gate 17607c478bd9Sstevel@tonic-gate int 17617c478bd9Sstevel@tonic-gate ipc_type_match(int flag, char type) 17627c478bd9Sstevel@tonic-gate { 17637c478bd9Sstevel@tonic-gate if (flag == OBJ_SEM && type == AT_IPC_SEM) 17647c478bd9Sstevel@tonic-gate return (1); 17657c478bd9Sstevel@tonic-gate 17667c478bd9Sstevel@tonic-gate if (flag == OBJ_MSG && type == AT_IPC_MSG) 17677c478bd9Sstevel@tonic-gate return (1); 17687c478bd9Sstevel@tonic-gate 17697c478bd9Sstevel@tonic-gate if (flag == OBJ_SHM && type == AT_IPC_SHM) 17707c478bd9Sstevel@tonic-gate return (1); 17717c478bd9Sstevel@tonic-gate 17727c478bd9Sstevel@tonic-gate return (0); 17737c478bd9Sstevel@tonic-gate } 17747c478bd9Sstevel@tonic-gate 17757c478bd9Sstevel@tonic-gate 17767c478bd9Sstevel@tonic-gate void 17777c478bd9Sstevel@tonic-gate skip_string(adr_t *adr) 17787c478bd9Sstevel@tonic-gate { 17797c478bd9Sstevel@tonic-gate ushort_t c; 17807c478bd9Sstevel@tonic-gate 17817c478bd9Sstevel@tonic-gate adrm_u_short(adr, &c, 1); 17827c478bd9Sstevel@tonic-gate adr->adr_now += c; 17837c478bd9Sstevel@tonic-gate } 17847c478bd9Sstevel@tonic-gate 17857c478bd9Sstevel@tonic-gate 17867c478bd9Sstevel@tonic-gate void 17877c478bd9Sstevel@tonic-gate get_string(adr_t *adr, char **p) 17887c478bd9Sstevel@tonic-gate { 17897c478bd9Sstevel@tonic-gate ushort_t c; 17907c478bd9Sstevel@tonic-gate 17917c478bd9Sstevel@tonic-gate adrm_u_short(adr, &c, 1); 17927c478bd9Sstevel@tonic-gate *p = a_calloc(1, (size_t)c); 17937c478bd9Sstevel@tonic-gate adrm_char(adr, *p, c); 17947c478bd9Sstevel@tonic-gate } 17957c478bd9Sstevel@tonic-gate 17967c478bd9Sstevel@tonic-gate 17977c478bd9Sstevel@tonic-gate /* 17987c478bd9Sstevel@tonic-gate * Format of host token: 17997c478bd9Sstevel@tonic-gate * host ard_uint32 18007c478bd9Sstevel@tonic-gate */ 18017c478bd9Sstevel@tonic-gate int 18027c478bd9Sstevel@tonic-gate host_token(adr_t *adr) 18037c478bd9Sstevel@tonic-gate { 18047c478bd9Sstevel@tonic-gate uint32_t host; 18057c478bd9Sstevel@tonic-gate 18067c478bd9Sstevel@tonic-gate adrm_u_int32(adr, &host, 1); 18077c478bd9Sstevel@tonic-gate 18087c478bd9Sstevel@tonic-gate return (-1); 18097c478bd9Sstevel@tonic-gate } 18107c478bd9Sstevel@tonic-gate 18117c478bd9Sstevel@tonic-gate /* 18127c478bd9Sstevel@tonic-gate * Format of useofauth token: 18137c478bd9Sstevel@tonic-gate * uauth token id adr_char 18147c478bd9Sstevel@tonic-gate * uauth adr_string 18157c478bd9Sstevel@tonic-gate * 18167c478bd9Sstevel@tonic-gate */ 18177c478bd9Sstevel@tonic-gate int 18187c478bd9Sstevel@tonic-gate useofauth_token(adr_t *adr) 18197c478bd9Sstevel@tonic-gate { 18207c478bd9Sstevel@tonic-gate skip_string(adr); 18217c478bd9Sstevel@tonic-gate return (-1); 18227c478bd9Sstevel@tonic-gate } 18237c478bd9Sstevel@tonic-gate 18247c478bd9Sstevel@tonic-gate int 18257c478bd9Sstevel@tonic-gate xcolormap_token(adr_t *adr) 18267c478bd9Sstevel@tonic-gate { 18277c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18287c478bd9Sstevel@tonic-gate } 18297c478bd9Sstevel@tonic-gate 18307c478bd9Sstevel@tonic-gate int 18317c478bd9Sstevel@tonic-gate xcursor_token(adr_t *adr) 18327c478bd9Sstevel@tonic-gate { 18337c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18347c478bd9Sstevel@tonic-gate } 18357c478bd9Sstevel@tonic-gate 18367c478bd9Sstevel@tonic-gate int 18377c478bd9Sstevel@tonic-gate xfont_token(adr_t *adr) 18387c478bd9Sstevel@tonic-gate { 18397c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18407c478bd9Sstevel@tonic-gate } 18417c478bd9Sstevel@tonic-gate 18427c478bd9Sstevel@tonic-gate int 18437c478bd9Sstevel@tonic-gate xgc_token(adr_t *adr) 18447c478bd9Sstevel@tonic-gate { 18457c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18467c478bd9Sstevel@tonic-gate } 18477c478bd9Sstevel@tonic-gate 18487c478bd9Sstevel@tonic-gate int 18497c478bd9Sstevel@tonic-gate xpixmap_token(adr_t *adr) 18507c478bd9Sstevel@tonic-gate { 18517c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18527c478bd9Sstevel@tonic-gate } 18537c478bd9Sstevel@tonic-gate 18547c478bd9Sstevel@tonic-gate int 18557c478bd9Sstevel@tonic-gate xwindow_token(adr_t *adr) 18567c478bd9Sstevel@tonic-gate { 18577c478bd9Sstevel@tonic-gate return (xgeneric(adr)); 18587c478bd9Sstevel@tonic-gate } 18597c478bd9Sstevel@tonic-gate 18607c478bd9Sstevel@tonic-gate 18617c478bd9Sstevel@tonic-gate /* 18627c478bd9Sstevel@tonic-gate * Format of xgeneric token: 18637c478bd9Sstevel@tonic-gate * XID adr_int32 18647c478bd9Sstevel@tonic-gate * creator UID adr_int32 18657c478bd9Sstevel@tonic-gate * 18667c478bd9Sstevel@tonic-gate * Includes: xcolormap, xcursor, xfont, xgc, xpixmap, and xwindow 18677c478bd9Sstevel@tonic-gate */ 18687c478bd9Sstevel@tonic-gate int 18697c478bd9Sstevel@tonic-gate xgeneric(adr_t *adr) 18707c478bd9Sstevel@tonic-gate { 18717c478bd9Sstevel@tonic-gate int32_t xid; 18727c478bd9Sstevel@tonic-gate int32_t uid; 18737c478bd9Sstevel@tonic-gate 18747c478bd9Sstevel@tonic-gate adrm_int32(adr, &xid, 1); 18757c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 18767c478bd9Sstevel@tonic-gate 18777c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 18787c478bd9Sstevel@tonic-gate if (m_usere == uid) 18797c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 18807c478bd9Sstevel@tonic-gate } 18817c478bd9Sstevel@tonic-gate 18827c478bd9Sstevel@tonic-gate return (-1); 18837c478bd9Sstevel@tonic-gate } 18847c478bd9Sstevel@tonic-gate 18857c478bd9Sstevel@tonic-gate 18867c478bd9Sstevel@tonic-gate /* 18877c478bd9Sstevel@tonic-gate * Format of xproperty token: 18887c478bd9Sstevel@tonic-gate * XID adr_int32 18897c478bd9Sstevel@tonic-gate * creator UID adr_int32 18907c478bd9Sstevel@tonic-gate * atom string adr_string 18917c478bd9Sstevel@tonic-gate */ 18927c478bd9Sstevel@tonic-gate int 18937c478bd9Sstevel@tonic-gate xproperty_token(adr_t *adr) 18947c478bd9Sstevel@tonic-gate { 18957c478bd9Sstevel@tonic-gate int32_t xid; 18967c478bd9Sstevel@tonic-gate int32_t uid; 18977c478bd9Sstevel@tonic-gate 18987c478bd9Sstevel@tonic-gate adrm_int32(adr, &xid, 1); 18997c478bd9Sstevel@tonic-gate adrm_int32(adr, &uid, 1); 19007c478bd9Sstevel@tonic-gate skip_string(adr); 19017c478bd9Sstevel@tonic-gate 19027c478bd9Sstevel@tonic-gate if (flags & M_USERE) { 19037c478bd9Sstevel@tonic-gate if (m_usere == uid) 19047c478bd9Sstevel@tonic-gate checkflags = checkflags | M_USERE; 19057c478bd9Sstevel@tonic-gate } 19067c478bd9Sstevel@tonic-gate 19077c478bd9Sstevel@tonic-gate return (-1); 19087c478bd9Sstevel@tonic-gate } 19097c478bd9Sstevel@tonic-gate 19107c478bd9Sstevel@tonic-gate 19117c478bd9Sstevel@tonic-gate /* 19127c478bd9Sstevel@tonic-gate * Format of xclient token: 19137c478bd9Sstevel@tonic-gate * xclient id adr_int32 19147c478bd9Sstevel@tonic-gate */ 19157c478bd9Sstevel@tonic-gate int 19167c478bd9Sstevel@tonic-gate xclient_token(adr_t *adr) 19177c478bd9Sstevel@tonic-gate { 19187c478bd9Sstevel@tonic-gate int32_t client_id; 19197c478bd9Sstevel@tonic-gate 19207c478bd9Sstevel@tonic-gate adrm_int32(adr, &client_id, 1); 19217c478bd9Sstevel@tonic-gate 19227c478bd9Sstevel@tonic-gate return (-1); 19237c478bd9Sstevel@tonic-gate } 19247c478bd9Sstevel@tonic-gate 19257c478bd9Sstevel@tonic-gate /* 19267c478bd9Sstevel@tonic-gate * Format of privilege set token: 19277c478bd9Sstevel@tonic-gate * priv_set type string 19287c478bd9Sstevel@tonic-gate * priv_set string 19297c478bd9Sstevel@tonic-gate */ 19307c478bd9Sstevel@tonic-gate 19317c478bd9Sstevel@tonic-gate int 19327c478bd9Sstevel@tonic-gate privilege_token(adr_t *adr) 19337c478bd9Sstevel@tonic-gate { 19347c478bd9Sstevel@tonic-gate skip_string(adr); /* set type name */ 19357c478bd9Sstevel@tonic-gate skip_string(adr); /* privilege set */ 19367c478bd9Sstevel@tonic-gate return (-1); 19377c478bd9Sstevel@tonic-gate } 19387c478bd9Sstevel@tonic-gate 19397c478bd9Sstevel@tonic-gate /* 1940a13cf099Sgww * Format of label token: 1941a13cf099Sgww * label ID 1 byte 1942a13cf099Sgww * compartment length 1 byte 1943a13cf099Sgww * classification 2 bytes 1944a13cf099Sgww * compartment words <compartment length> * 4 bytes 19457c478bd9Sstevel@tonic-gate */ 19467c478bd9Sstevel@tonic-gate int 1947a13cf099Sgww label_token(adr_t *adr) 19487c478bd9Sstevel@tonic-gate { 1949a13cf099Sgww static m_label_t *label = NULL; 1950a13cf099Sgww static size_t l_size; 1951a13cf099Sgww int len; 19527c478bd9Sstevel@tonic-gate 1953a13cf099Sgww if (label == NULL) { 1954a13cf099Sgww label = m_label_alloc(MAC_LABEL); 1955a13cf099Sgww l_size = blabel_size() - 4; 1956a13cf099Sgww } 1957a13cf099Sgww 1958a13cf099Sgww if (label == NULL) { 1959a13cf099Sgww /* out of memory, should never happen; skip label */ 1960a13cf099Sgww char l; /* length */ 1961a13cf099Sgww 1962a13cf099Sgww adr->adr_now += sizeof (char); 1963a13cf099Sgww adrm_char(adr, (char *)&l, 1); 1964a13cf099Sgww adr->adr_now += sizeof (short) + (4 * l); 1965a13cf099Sgww return (-1); 1966a13cf099Sgww } 1967a13cf099Sgww 1968a13cf099Sgww adrm_char(adr, (char *)label, 4); 1969a13cf099Sgww len = (int)(((char *)label)[1] * 4); 1970a13cf099Sgww if (len > l_size) { 1971a13cf099Sgww return (-1); 1972a13cf099Sgww } 1973a13cf099Sgww adrm_char(adr, &((char *)label)[4], len); 19747c478bd9Sstevel@tonic-gate 197545916cd2Sjpk if (flags & M_LABEL) { 1976a13cf099Sgww if (blinrange(label, m_label)) 197745916cd2Sjpk checkflags = checkflags | M_LABEL; 19787c478bd9Sstevel@tonic-gate } 19797c478bd9Sstevel@tonic-gate 19807c478bd9Sstevel@tonic-gate return (-1); 19817c478bd9Sstevel@tonic-gate } 19827c478bd9Sstevel@tonic-gate 19837c478bd9Sstevel@tonic-gate 19847c478bd9Sstevel@tonic-gate /* 19857c478bd9Sstevel@tonic-gate * Format of useofpriv token: 19867c478bd9Sstevel@tonic-gate * success/failure adr_char 19877c478bd9Sstevel@tonic-gate * privilege(s) adr_string 19887c478bd9Sstevel@tonic-gate */ 19897c478bd9Sstevel@tonic-gate /* ARGSUSED */ 19907c478bd9Sstevel@tonic-gate int 19917c478bd9Sstevel@tonic-gate useofpriv_token(adr_t *adr) 19927c478bd9Sstevel@tonic-gate { 19937c478bd9Sstevel@tonic-gate char flag; 19947c478bd9Sstevel@tonic-gate 19957c478bd9Sstevel@tonic-gate adrm_char(adr, &flag, 1); 19967c478bd9Sstevel@tonic-gate skip_string(adr); 19977c478bd9Sstevel@tonic-gate return (-1); 19987c478bd9Sstevel@tonic-gate } 1999