au_to.c revision 103b2b152ab1f30e081cd8f98b88e71e6cd6d2fc
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#pragma ident	"%Z%%M%	%I%	%E% SMI"
27
28#include <sys/types.h>
29#include <unistd.h>
30#include <bsm/audit.h>
31#include <bsm/audit_record.h>
32#include <bsm/libbsm.h>
33#include <priv.h>
34#include <sys/ipc.h>
35#include <sys/param.h>
36#include <sys/socket.h>
37#include <sys/time.h>
38#include <sys/vnode.h>
39#include <malloc.h>
40#include <net/route.h>
41#include <netinet/in.h>
42#include <netinet/in_pcb.h>
43#include <string.h>
44#include <zone.h>
45#include <sys/tsol/label.h>
46#include <sys/tsol/label_macro.h>
47
48#define	NGROUPS		16	/* XXX - temporary */
49
50token_t *au_to_arg(char n, char *text, uint32_t v);
51#pragma weak au_to_arg = au_to_arg32
52token_t *au_to_return(char number, uint32_t value);
53#pragma weak au_to_return = au_to_return32
54
55static token_t *au_to_exec(char **, char);
56
57static token_t *
58get_token(int s)
59{
60	token_t *token;	/* Resultant token */
61
62	if ((token = (token_t *)malloc(sizeof (token_t))) == NULL)
63		return (NULL);
64	if ((token->tt_data = malloc(s)) == NULL) {
65		free(token);
66		return (NULL);
67	}
68	token->tt_size = s;
69	token->tt_next = NULL;
70	return (token);
71}
72
73/*
74 * au_to_header
75 * return s:
76 *	pointer to header token.
77 */
78token_t *
79au_to_header(au_event_t e_type, au_emod_t e_mod)
80{
81	adr_t adr;			/* adr memory stream header */
82	token_t *token;			/* token pointer */
83	char version = TOKEN_VERSION;	/* version of token family */
84	int32_t byte_count;
85	struct timeval tv;
86#ifdef _LP64
87	char data_header = AUT_HEADER64;	/* header for this token */
88
89	token = get_token(2 * sizeof (char) + sizeof (int32_t) +
90	    2 * sizeof (int64_t) + 2 * sizeof (short));
91#else
92	char data_header = AUT_HEADER32;
93
94	token = get_token(2 * sizeof (char) + 3 * sizeof (int32_t) +
95	    2 * sizeof (short));
96#endif
97
98	if (token == NULL)
99		return (NULL);
100	adr_start(&adr, token->tt_data);
101	adr_char(&adr, &data_header, 1);	/* token ID */
102	adr_int32(&adr, &byte_count, 1);	/* length of audit record */
103	adr_char(&adr, &version, 1);		/* version of audit tokens */
104	adr_short(&adr, &e_type, 1);		/* event ID */
105	adr_short(&adr, &e_mod, 1);		/* event ID modifier */
106#ifdef _LP64
107	adr_int64(&adr, (int64_t *)&tv, 2);	/* time & date */
108#else
109	adr_int32(&adr, (int32_t *)&tv, 2);	/* time & date */
110#endif
111	return (token);
112}
113
114/*
115 * au_to_header_ex
116 * return s:
117 *	pointer to header token.
118 */
119token_t *
120au_to_header_ex(au_event_t e_type, au_emod_t e_mod)
121{
122	adr_t adr;			/* adr memory stream header */
123	token_t *token;			/* token pointer */
124	char version = TOKEN_VERSION;	/* version of token family */
125	int32_t byte_count;
126	struct timeval tv;
127	auditinfo_addr_t audit_info;
128	au_tid_addr_t	*host_info = &audit_info.ai_termid;
129#ifdef _LP64
130	char data_header = AUT_HEADER64_EX;	/* header for this token */
131#else
132	char data_header = AUT_HEADER32_EX;
133#endif
134
135	/* If our host address can't be determined, revert to un-extended hdr */
136
137	if (auditon(A_GETKAUDIT, (caddr_t)&audit_info,
138	    sizeof (audit_info)) < 0)
139		return (au_to_header(e_type, e_mod));
140
141	if (host_info->at_type == AU_IPv6)
142		if (IN6_IS_ADDR_UNSPECIFIED((in6_addr_t *)host_info->at_addr))
143			return (au_to_header(e_type, e_mod));
144	else
145		if (host_info->at_addr[0] == htonl(INADDR_ANY))
146			return (au_to_header(e_type, e_mod));
147
148#ifdef _LP64
149	token = get_token(2 * sizeof (char) + sizeof (int32_t) +
150	    2 * sizeof (int64_t) + 2 * sizeof (short) +
151	    sizeof (int32_t) + host_info->at_type);
152#else
153	token = get_token(2 * sizeof (char) + 3 * sizeof (int32_t) +
154	    2 * sizeof (short) + sizeof (int32_t) + host_info->at_type);
155#endif
156
157	if (token == NULL)
158		return (NULL);
159	adr_start(&adr, token->tt_data);
160	adr_char(&adr, &data_header, 1);	/* token ID */
161	adr_int32(&adr, &byte_count, 1);	/* length of audit record */
162	adr_char(&adr, &version, 1);		/* version of audit tokens */
163	adr_short(&adr, &e_type, 1);		/* event ID */
164	adr_short(&adr, &e_mod, 1);		/* event ID modifier */
165	adr_int32(&adr, (int32_t *)&host_info->at_type, 1);
166	adr_char(&adr, (char *)host_info->at_addr,
167	    (int)host_info->at_type);
168#ifdef _LP64
169	adr_int64(&adr, (int64_t *)&tv, 2);	/* time & date */
170#else
171	adr_int32(&adr, (int32_t *)&tv, 2);	/* time & date */
172#endif
173	return (token);
174}
175
176/*
177 * au_to_trailer
178 * return s:
179 *	pointer to a trailer token.
180 */
181token_t *
182au_to_trailer(void)
183{
184	adr_t adr;				/* adr memory stream header */
185	token_t *token;				/* token pointer */
186	char data_header = AUT_TRAILER;		/* header for this token */
187	short magic = (short)AUT_TRAILER_MAGIC;	/* trailer magic number */
188	int32_t byte_count;
189
190	token = get_token(sizeof (char) + sizeof (int32_t) + sizeof (short));
191	if (token == NULL)
192		return (NULL);
193	adr_start(&adr, token->tt_data);
194	adr_char(&adr, &data_header, 1);	/* token ID */
195	adr_short(&adr, &magic, 1);		/* magic number */
196	adr_int32(&adr, &byte_count, 1);	/* length of audit record */
197
198	return (token);
199}
200
201/*
202 * au_to_arg32
203 * return s:
204 *	pointer to an argument token.
205 */
206token_t *
207au_to_arg32(char n, char *text, uint32_t v)
208{
209	token_t *token;			/* local token */
210	adr_t adr;			/* adr memory stream header */
211	char data_header = AUT_ARG32;	/* header for this token */
212	short bytes;			/* length of string */
213
214	bytes = strlen(text) + 1;
215
216	token = get_token((int)(2 * sizeof (char) + sizeof (int32_t) +
217	    sizeof (short) + bytes));
218	if (token == NULL)
219		return (NULL);
220	adr_start(&adr, token->tt_data);
221	adr_char(&adr, &data_header, 1);	/* token type */
222	adr_char(&adr, &n, 1);			/* argument id */
223	adr_int32(&adr, (int32_t *)&v, 1);	/* argument value */
224	adr_short(&adr, &bytes, 1);
225	adr_char(&adr, text, bytes);
226
227	return (token);
228}
229
230/*
231 * au_to_arg64
232 * return s:
233 *	pointer to an argument token.
234 */
235token_t *
236au_to_arg64(char n, char *text, uint64_t v)
237{
238	token_t *token;			/* local token */
239	adr_t adr;			/* adr memory stream header */
240	char data_header = AUT_ARG64;	/* header for this token */
241	short bytes;			/* length of string */
242
243	bytes = strlen(text) + 1;
244
245	token = get_token((int)(2 * sizeof (char) + sizeof (int64_t) +
246	    sizeof (short) + bytes));
247	if (token == NULL)
248		return (NULL);
249	adr_start(&adr, token->tt_data);
250	adr_char(&adr, &data_header, 1);	/* token type */
251	adr_char(&adr, &n, 1);			/* argument id */
252	adr_int64(&adr, (int64_t *)&v, 1);	/* argument value */
253	adr_short(&adr, &bytes, 1);
254	adr_char(&adr, text, bytes);
255
256	return (token);
257}
258
259
260/*
261 * au_to_attr
262 * return s:
263 *	pointer to an attribute token.
264 */
265token_t *
266au_to_attr(struct vattr *attr)
267{
268	token_t *token;			/* local token */
269	adr_t adr;			/* adr memory stream header */
270	int32_t value;
271#ifdef _LP64
272	char data_header = AUT_ATTR64;	/* header for this token */
273
274	token = get_token(sizeof (char) +
275	    sizeof (int32_t) * 4 +
276	    sizeof (int64_t) * 2);
277#else
278	char data_header = AUT_ATTR32;
279
280	token = get_token(sizeof (char) + sizeof (int32_t) * 5 +
281	    sizeof (int64_t));
282#endif
283
284	if (token == NULL)
285		return (NULL);
286	adr_start(&adr, token->tt_data);
287	adr_char(&adr, &data_header, 1);
288	value = (int32_t)attr->va_mode;
289	adr_int32(&adr, &value, 1);
290	value = (int32_t)attr->va_uid;
291	adr_int32(&adr, &value, 1);
292	value = (int32_t)attr->va_gid;
293	adr_int32(&adr, &value, 1);
294	adr_int32(&adr, (int32_t *)&(attr->va_fsid), 1);
295	adr_int64(&adr, (int64_t *)&(attr->va_nodeid), 1);
296#ifdef _LP64
297	adr_int64(&adr, (int64_t *)&(attr->va_rdev), 1);
298#else
299	adr_int32(&adr, (int32_t *)&(attr->va_rdev), 1);
300#endif
301
302	return (token);
303}
304
305/*
306 * au_to_data
307 * return s:
308 *	pointer to a data token.
309 */
310token_t *
311au_to_data(char unit_print, char unit_type, char unit_count, char *p)
312{
313	adr_t adr;			/* adr memory stream header */
314	token_t *token;			/* token pointer */
315	char data_header = AUT_DATA;	/* header for this token */
316	int byte_count;			/* number of bytes */
317
318	if (p == NULL || unit_count < 1)
319		return (NULL);
320
321	/*
322	 * Check validity of print type
323	 */
324	if (unit_print < AUP_BINARY || unit_print > AUP_STRING)
325		return (NULL);
326
327	switch (unit_type) {
328	case AUR_SHORT:
329		byte_count = unit_count * sizeof (short);
330		break;
331	case AUR_INT32:
332		byte_count = unit_count * sizeof (int32_t);
333		break;
334	case AUR_INT64:
335		byte_count = unit_count * sizeof (int64_t);
336		break;
337	/* case AUR_CHAR: */
338	case AUR_BYTE:
339		byte_count = unit_count * sizeof (char);
340		break;
341	default:
342		return (NULL);
343	}
344
345	token = get_token((int)(4 * sizeof (char) + byte_count));
346	if (token == NULL)
347		return (NULL);
348	adr_start(&adr, token->tt_data);
349	adr_char(&adr, &data_header, 1);
350	adr_char(&adr, &unit_print, 1);
351	adr_char(&adr, &unit_type, 1);
352	adr_char(&adr, &unit_count, 1);
353
354	switch (unit_type) {
355	case AUR_SHORT:
356		/* LINTED */
357		adr_short(&adr, (short *)p, unit_count);
358		break;
359	case AUR_INT32:
360		/* LINTED */
361		adr_int32(&adr, (int32_t *)p, unit_count);
362		break;
363	case AUR_INT64:
364		/* LINTED */
365		adr_int64(&adr, (int64_t *)p, unit_count);
366		break;
367	/* case AUR_CHAR: */
368	case AUR_BYTE:
369		adr_char(&adr, p, unit_count);
370		break;
371	}
372
373	return (token);
374}
375
376/*
377 * au_to_privset
378 *
379 * priv_type (LIMIT, INHERIT...) is the first string and privilege
380 * in translated into the second string.  The format is as follows:
381 *
382 *	token id	adr_char
383 *	priv type	adr_string (short, string)
384 *	priv set	adr_string (short, string)
385 *
386 * return s:
387 *	pointer to a AUT_PRIV token.
388 */
389token_t *
390au_to_privset(const char *priv_type, const priv_set_t *privilege)
391{
392	token_t	*token;			/* local token */
393	adr_t	adr;			/* adr memory stream header */
394	char	data_header = AUT_PRIV;	/* header for this token */
395	short	t_bytes;		/* length of type string */
396	short	p_bytes;		/* length of privilege string */
397	char	*priv_string;		/* privilege string */
398
399	t_bytes = strlen(priv_type) + 1;
400
401	if ((privilege == NULL) || (priv_string =
402	    priv_set_to_str(privilege, ',',
403	    PRIV_STR_LIT)) == NULL)
404		return (NULL);
405
406	p_bytes = strlen(priv_string) + 1;
407
408	token = get_token((int)(sizeof (char) + (2 * sizeof (short)) + t_bytes
409	    + p_bytes));
410	if (token == NULL)
411		return (NULL);
412
413	adr_start(&adr, token->tt_data);
414	adr_char(&adr, &data_header, 1);
415	adr_short(&adr, &t_bytes, 1);
416	adr_char(&adr, (char *)priv_type, t_bytes);
417	adr_short(&adr, &p_bytes, 1);
418	adr_char(&adr, priv_string, p_bytes);
419
420	free(priv_string);
421
422	return (token);
423}
424
425/*
426 * au_to_process
427 * return s:
428 *	pointer to a process token.
429 */
430
431token_t *
432au_to_process(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
433    pid_t pid, au_asid_t sid, au_tid_t *tid)
434{
435	token_t *token;			/* local token */
436	adr_t adr;			/* adr memory stream header */
437#ifdef _LP64
438	char data_header = AUT_PROCESS64;	/* header for this token */
439
440	token = get_token(sizeof (char) + 8 * sizeof (int32_t) +
441	    sizeof (int64_t));
442#else
443	char data_header = AUT_PROCESS32;
444
445	token = get_token(sizeof (char) + 9 * sizeof (int32_t));
446#endif
447
448	if (token == NULL)
449		return (NULL);
450	adr_start(&adr, token->tt_data);
451	adr_char(&adr, &data_header, 1);
452	adr_int32(&adr, (int32_t *)&auid, 1);
453	adr_int32(&adr, (int32_t *)&euid, 1);
454	adr_int32(&adr, (int32_t *)&egid, 1);
455	adr_int32(&adr, (int32_t *)&ruid, 1);
456	adr_int32(&adr, (int32_t *)&rgid, 1);
457	adr_int32(&adr, (int32_t *)&pid, 1);
458	adr_int32(&adr, (int32_t *)&sid, 1);
459#ifdef _LP64
460	adr_int64(&adr, (int64_t *)&tid->port, 1);
461#else
462	adr_int32(&adr, (int32_t *)&tid->port, 1);
463#endif
464	adr_int32(&adr, (int32_t *)&tid->machine, 1);
465
466	return (token);
467}
468
469/*
470 * au_to_process_ex
471 * return s:
472 *	pointer to a process_ex token.
473 */
474token_t *
475au_to_process_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
476    pid_t pid, au_asid_t sid, au_tid_addr_t *tid)
477{
478	token_t *token;			/* local token */
479	adr_t adr;			/* adr memory stream header */
480	char data_header;		/* header for this token */
481
482#ifdef _LP64
483	if (tid->at_type == AU_IPv6) {
484		data_header = AUT_PROCESS64_EX;
485		token = get_token(sizeof (char) + sizeof (int64_t) +
486		    12 * sizeof (int32_t));
487	} else {
488		data_header = AUT_PROCESS64;
489		token = get_token(sizeof (char) + sizeof (int64_t) +
490		    8 * sizeof (int32_t));
491	}
492#else
493	if (tid->at_type == AU_IPv6) {
494		data_header = AUT_PROCESS32_EX;
495		token = get_token(sizeof (char) + 13 * sizeof (int32_t));
496	} else {
497		data_header = AUT_PROCESS32;
498		token = get_token(sizeof (char) + 9 * sizeof (int32_t));
499	}
500#endif
501	if (token == NULL)
502		return (NULL);
503	adr_start(&adr, token->tt_data);
504	adr_char(&adr, &data_header, 1);
505	adr_int32(&adr, (int32_t *)&auid, 1);
506	adr_int32(&adr, (int32_t *)&euid, 1);
507	adr_int32(&adr, (int32_t *)&egid, 1);
508	adr_int32(&adr, (int32_t *)&ruid, 1);
509	adr_int32(&adr, (int32_t *)&rgid, 1);
510	adr_int32(&adr, (int32_t *)&pid, 1);
511	adr_int32(&adr, (int32_t *)&sid, 1);
512#ifdef _LP64
513	adr_int64(&adr, (int64_t *)&tid->at_port, 1);
514#else
515	adr_int32(&adr, (int32_t *)&tid->at_port, 1);
516#endif
517	if (tid->at_type == AU_IPv6) {
518		adr_int32(&adr, (int32_t *)&tid->at_type, 1);
519		adr_char(&adr, (char *)tid->at_addr, 16);
520	} else {
521		adr_char(&adr, (char *)tid->at_addr, 4);
522	}
523
524	return (token);
525}
526
527/*
528 * au_to_seq
529 * return s:
530 *	pointer to token chain containing a sequence token
531 */
532token_t *
533au_to_seq(int audit_count)
534{
535	token_t *token;			/* local token */
536	adr_t adr;			/* adr memory stream header */
537	char data_header = AUT_SEQ;	/* header for this token */
538
539	token = get_token(sizeof (char) + sizeof (int32_t));
540	if (token == NULL)
541		return (NULL);
542	adr_start(&adr, token->tt_data);
543	adr_char(&adr, &data_header, 1);
544	adr_int32(&adr, (int32_t *)&audit_count, 1);
545
546	return (token);
547}
548
549/*
550 * au_to_socket
551 * return s:
552 *	pointer to mbuf chain containing a socket token.
553 */
554token_t *
555au_to_socket(struct oldsocket *so)
556{
557	adr_t adr;
558	token_t *token;
559	char data_header = AUT_SOCKET;
560	struct inpcb *inp = so->so_pcb;
561
562	token = get_token(sizeof (char) + sizeof (short) * 3 +
563	    sizeof (int32_t) * 2);
564	if (token == NULL)
565		return (NULL);
566	adr_start(&adr, token->tt_data);
567	adr_char(&adr, &data_header, 1);
568	adr_short(&adr, (short *)&so->so_type, 1);
569	adr_short(&adr, (short *)&inp->inp_lport, 1);
570	adr_int32(&adr, (int32_t *)&inp->inp_laddr, 1);
571	adr_short(&adr, (short *)&inp->inp_fport, 1);
572	adr_int32(&adr, (int32_t *)&inp->inp_faddr, 1);
573
574	return (token);
575}
576
577/*
578 * au_to_subject
579 * return s:
580 *	pointer to a process token.
581 */
582
583token_t *
584au_to_subject(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
585    pid_t pid, au_asid_t sid, au_tid_t *tid)
586{
587	token_t *token;			/* local token */
588	adr_t adr;			/* adr memory stream header */
589#ifdef _LP64
590	char data_header = AUT_SUBJECT64;	/* header for this token */
591
592	token = get_token(sizeof (char) + sizeof (int64_t) +
593	    8 * sizeof (int32_t));
594#else
595	char data_header = AUT_SUBJECT32;
596
597	token = get_token(sizeof (char) + 9 * sizeof (int32_t));
598#endif
599
600	if (token == NULL)
601		return (NULL);
602	adr_start(&adr, token->tt_data);
603	adr_char(&adr, &data_header, 1);
604	adr_int32(&adr, (int32_t *)&auid, 1);
605	adr_int32(&adr, (int32_t *)&euid, 1);
606	adr_int32(&adr, (int32_t *)&egid, 1);
607	adr_int32(&adr, (int32_t *)&ruid, 1);
608	adr_int32(&adr, (int32_t *)&rgid, 1);
609	adr_int32(&adr, (int32_t *)&pid, 1);
610	adr_int32(&adr, (int32_t *)&sid, 1);
611#ifdef _LP64
612	adr_int64(&adr, (int64_t *)&tid->port, 1);
613#else
614	adr_int32(&adr, (int32_t *)&tid->port, 1);
615#endif
616	adr_int32(&adr, (int32_t *)&tid->machine, 1);
617
618	return (token);
619}
620
621/*
622 * au_to_subject_ex
623 * return s:
624 *	pointer to a process token.
625 */
626
627token_t *
628au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
629    pid_t pid, au_asid_t sid, au_tid_addr_t *tid)
630{
631	token_t *token;			/* local token */
632	adr_t adr;			/* adr memory stream header */
633#ifdef _LP64
634	char data_header;		/* header for this token */
635
636	if (tid->at_type == AU_IPv6) {
637		data_header = AUT_SUBJECT64_EX;
638		token = get_token(sizeof (char) + sizeof (int64_t) +
639		    12 * sizeof (int32_t));
640	} else {
641		data_header = AUT_SUBJECT64;
642		token = get_token(sizeof (char) + sizeof (int64_t) +
643		    8 * sizeof (int32_t));
644	}
645#else
646	char data_header;		/* header for this token */
647
648	if (tid->at_type == AU_IPv6) {
649		data_header = AUT_SUBJECT32_EX;
650		token = get_token(sizeof (char) + 13 * sizeof (int32_t));
651	} else {
652		data_header = AUT_SUBJECT32;
653		token = get_token(sizeof (char) + 9 * sizeof (int32_t));
654	}
655#endif
656
657	if (token == NULL)
658		return (NULL);
659	adr_start(&adr, token->tt_data);
660	adr_char(&adr, &data_header, 1);
661	adr_int32(&adr, (int32_t *)&auid, 1);
662	adr_int32(&adr, (int32_t *)&euid, 1);
663	adr_int32(&adr, (int32_t *)&egid, 1);
664	adr_int32(&adr, (int32_t *)&ruid, 1);
665	adr_int32(&adr, (int32_t *)&rgid, 1);
666	adr_int32(&adr, (int32_t *)&pid, 1);
667	adr_int32(&adr, (int32_t *)&sid, 1);
668#ifdef _LP64
669	adr_int64(&adr, (int64_t *)&tid->at_port, 1);
670#else
671	adr_int32(&adr, (int32_t *)&tid->at_port, 1);
672#endif
673	if (tid->at_type == AU_IPv6) {
674		adr_int32(&adr, (int32_t *)&tid->at_type, 1);
675		adr_char(&adr, (char *)tid->at_addr, 16);
676	} else {
677		adr_char(&adr, (char *)tid->at_addr, 4);
678	}
679
680	return (token);
681}
682
683/*
684 * au_to_me
685 * return s:
686 *	pointer to a process token.
687 */
688
689token_t *
690au_to_me(void)
691{
692	auditinfo_addr_t info;
693
694	if (getaudit_addr(&info, sizeof (info)))
695		return (NULL);
696	return (au_to_subject_ex(info.ai_auid, geteuid(), getegid(), getuid(),
697	    getgid(), getpid(), info.ai_asid, &info.ai_termid));
698}
699/*
700 * au_to_text
701 * return s:
702 *	pointer to a text token.
703 */
704token_t *
705au_to_text(char *text)
706{
707	token_t *token;			/* local token */
708	adr_t adr;			/* adr memory stream header */
709	char data_header = AUT_TEXT;	/* header for this token */
710	short bytes;			/* length of string */
711
712	bytes = strlen(text) + 1;
713	token = get_token((int)(sizeof (char) + sizeof (short) + bytes));
714	if (token == NULL)
715		return (NULL);
716	adr_start(&adr, token->tt_data);
717	adr_char(&adr, &data_header, 1);
718	adr_short(&adr, &bytes, 1);
719	adr_char(&adr, text, bytes);
720
721	return (token);
722}
723
724/*
725 * au_to_path
726 * return s:
727 *	pointer to a path token.
728 */
729token_t *
730au_to_path(char *path)
731{
732	token_t *token;			/* local token */
733	adr_t adr;			/* adr memory stream header */
734	char data_header = AUT_PATH;	/* header for this token */
735	short bytes;			/* length of string */
736
737	bytes = (short)strlen(path) + 1;
738
739	token = get_token((int)(sizeof (char) +  sizeof (short) + bytes));
740	if (token == NULL)
741		return (NULL);
742	adr_start(&adr, token->tt_data);
743	adr_char(&adr, &data_header, 1);
744	adr_short(&adr, &bytes, 1);
745	adr_char(&adr, path, bytes);
746
747	return (token);
748}
749
750/*
751 * au_to_cmd
752 * return s:
753 *	pointer to an command line argument token
754 */
755token_t *
756au_to_cmd(uint_t argc, char **argv, char **envp)
757{
758	token_t *token;			/* local token */
759	adr_t adr;			/* adr memory stream header */
760	char data_header = AUT_CMD;	/* header for this token */
761	short len = 0;
762	short cnt = 0;
763	short envc = 0;
764	short largc = (short)argc;
765
766	/*
767	 * one char for the header, one short for argc,
768	 * one short for # envp strings.
769	 */
770	len = sizeof (char) + sizeof (short) + sizeof (short);
771
772	/* get sizes of strings */
773
774	for (cnt = 0; cnt < argc; cnt++) {
775		len += (short)sizeof (short) + (short)(strlen(argv[cnt]) + 1);
776	}
777
778	if (envp != NULL) {
779		for (envc = 0; envp[envc] != NULL; envc++) {
780			len += (short)sizeof (short) +
781			    (short)(strlen(envp[envc]) + 1);
782		}
783	}
784
785	token = get_token(len);
786	if (token == NULL)
787		return (NULL);
788
789	adr_start(&adr, token->tt_data);
790	adr_char(&adr, &data_header, 1);
791
792	adr_short(&adr, &largc, 1);
793
794	for (cnt = 0; cnt < argc; cnt++) {
795		len = (short)(strlen(argv[cnt]) + 1);
796		adr_short(&adr, &len, 1);
797		adr_char(&adr, argv[cnt], len);
798	}
799
800	adr_short(&adr, &envc, 1);
801
802	for (cnt = 0; cnt < envc; cnt++) {
803		len = (short)(strlen(envp[cnt]) + 1);
804		adr_short(&adr, &len, 1);
805		adr_char(&adr, envp[cnt], len);
806	}
807
808	return (token);
809}
810
811/*
812 * au_to_exit
813 * return s:
814 *	pointer to a exit value token.
815 */
816token_t *
817au_to_exit(int retval, int err)
818{
819	token_t *token;			/* local token */
820	adr_t adr;			/* adr memory stream header */
821	char data_header = AUT_EXIT;	/* header for this token */
822
823	token = get_token(sizeof (char) + (2 * sizeof (int32_t)));
824	if (token == NULL)
825		return (NULL);
826	adr_start(&adr, token->tt_data);
827	adr_char(&adr, &data_header, 1);
828	adr_int32(&adr, (int32_t *)&retval, 1);
829	adr_int32(&adr, (int32_t *)&err, 1);
830
831	return (token);
832}
833
834/*
835 * au_to_return
836 * return s:
837 *	pointer to a return  value token.
838 */
839token_t *
840au_to_return32(char number, uint32_t value)
841{
842	token_t *token;				/* local token */
843	adr_t adr;				/* adr memory stream header */
844	char data_header = AUT_RETURN32;	/* header for this token */
845
846	token = get_token(2 * sizeof (char) + sizeof (int32_t));
847	if (token == NULL)
848		return (NULL);
849	adr_start(&adr, token->tt_data);
850	adr_char(&adr, &data_header, 1);
851	adr_char(&adr, &number, 1);
852	adr_int32(&adr, (int32_t *)&value, 1);
853
854	return (token);
855}
856
857/*
858 * au_to_return
859 * return s:
860 *	pointer to a return  value token.
861 */
862token_t *
863au_to_return64(char number, uint64_t value)
864{
865	token_t *token;				/* local token */
866	adr_t adr;				/* adr memory stream header */
867	char data_header = AUT_RETURN64;	/* header for this token */
868
869	token = get_token(2 * sizeof (char) + sizeof (int64_t));
870	if (token == NULL)
871		return (NULL);
872	adr_start(&adr, token->tt_data);
873	adr_char(&adr, &data_header, 1);
874	adr_char(&adr, &number, 1);
875	adr_int64(&adr, (int64_t *)&value, 1);
876
877	return (token);
878}
879
880
881/*
882 * au_to_opaque
883 * return s:
884 *	pointer to a opaque token.
885 */
886token_t *
887au_to_opaque(char *opaque, short bytes)
888{
889	token_t *token;			/* local token */
890	adr_t adr;			/* adr memory stream header */
891	char data_header = AUT_OPAQUE;	/* header for this token */
892
893	if (bytes < 1)
894		return (NULL);
895
896	token = get_token((int)(sizeof (char) + sizeof (short) + bytes));
897	if (token == NULL)
898		return (NULL);
899	adr_start(&adr, token->tt_data);
900	adr_char(&adr, &data_header, 1);
901	adr_short(&adr, &bytes, 1);
902	adr_char(&adr, opaque, bytes);
903
904	return (token);
905}
906
907/*
908 * au_to_in_addr
909 * return s:
910 *	pointer to a internet address token
911 */
912token_t *
913au_to_in_addr(struct in_addr *internet_addr)
914{
915	token_t *token;			/* local token */
916	adr_t adr;			/* adr memory stream header */
917	char data_header = AUT_IN_ADDR;	/* header for this token */
918
919	token = get_token(sizeof (char) + sizeof (uint32_t));
920	if (token == NULL)
921		return (NULL);
922	adr_start(&adr, token->tt_data);
923	adr_char(&adr, &data_header, 1);
924	adr_int32(&adr, (int32_t *)internet_addr, 1);
925
926	return (token);
927}
928
929/*
930 * au_to_iport
931 * return s:
932 *	pointer to token chain containing a ip port address token
933 */
934token_t *
935au_to_iport(ushort_t iport)
936{
937	token_t *token;			/* local token */
938	adr_t adr;			/* adr memory stream header */
939	char data_header = AUT_IPORT;	/* header for this token */
940
941	token = get_token(sizeof (char) + sizeof (short));
942	if (token == NULL)
943		return (NULL);
944	adr_start(&adr, token->tt_data);
945	adr_char(&adr, &data_header, 1);
946	adr_short(&adr, (short *)&iport, 1);
947
948	return (token);
949}
950
951token_t *
952au_to_ipc(char type, int id)
953{
954	token_t *token;			/* local token */
955	adr_t adr;			/* adr memory stream header */
956	char data_header = AUT_IPC;	/* header for this token */
957
958	token = get_token((2 * sizeof (char)) + sizeof (int32_t));
959	if (token == NULL)
960		return (NULL);
961	adr_start(&adr, token->tt_data);
962	adr_char(&adr, &data_header, 1);
963	adr_char(&adr, &type, 1);
964	adr_int32(&adr, (int32_t *)&id, 1);
965
966	return (token);
967}
968
969/*
970 * au_to_tid
971 *
972 * output format depends on type; at present only IP v4 and v6 addresses
973 * are defined.
974 *
975 * IPv4 -- tid type, 16 bit remote port, 16 bit local port, ip type,
976 *		32 bit IP address.
977 * IPv6 -- tid type, 16 bit remote port, 16 bit local port, ip type,
978 *		4 x 32 bit IP address.
979 *
980 */
981token_t *
982au_to_tid(au_generic_tid_t *tid)
983{
984	char		data_header = AUT_TID;	/* header for this token */
985	adr_t		adr;			/* adr memory stream header */
986	token_t		*token;			/* local token */
987	au_ip_t		*ip;
988
989	switch (tid->gt_type) {
990	case AU_IPADR:
991		ip = &(tid->gt_adr.at_ip);
992		token = get_token((int)(2 * sizeof (char) + 2 * sizeof (short) +
993			sizeof (uint32_t) + ip->at_type));
994		if (token == NULL)
995			return (NULL);
996
997		adr_start(&adr, token->tt_data);
998		adr_char(&adr, &data_header, 1);
999		adr_char(&adr, (char *)&(tid->gt_type), 1);
1000		adr_short(&adr, (short *)&(ip->at_r_port), 1);
1001		adr_short(&adr, (short *)&(ip->at_l_port), 1);
1002		adr_int32(&adr, (int32_t *)&(ip->at_type), 1);
1003
1004		adr_char(&adr, (char *)ip->at_addr, ip->at_type);
1005
1006		break;
1007	default:
1008		return (NULL);
1009	}
1010	return (token);
1011}
1012
1013/*
1014 * The Modifier tokens
1015 */
1016
1017/*
1018 * au_to_groups
1019 * return s:
1020 *	pointer to a group list token.
1021 *
1022 * This function is obsolete.  Please use au_to_newgroups.
1023 */
1024token_t *
1025au_to_groups(int *groups)
1026{
1027	token_t *token;			/* local token */
1028	adr_t adr;			/* adr memory stream header */
1029	char data_header = AUT_GROUPS;	/* header for this token */
1030
1031	token = get_token(sizeof (char) + NGROUPS * sizeof (int32_t));
1032	if (token == NULL)
1033		return (NULL);
1034	adr_start(&adr, token->tt_data);
1035	adr_char(&adr, &data_header, 1);
1036	adr_int32(&adr, (int32_t *)groups, NGROUPS);
1037
1038	return (token);
1039}
1040
1041/*
1042 * au_to_newgroups
1043 * return s:
1044 *	pointer to a group list token.
1045 */
1046token_t *
1047au_to_newgroups(int n, gid_t *groups)
1048{
1049	token_t *token;			/* local token */
1050	adr_t adr;			/* adr memory stream header */
1051	char data_header = AUT_NEWGROUPS;	/* header for this token */
1052	short n_groups;
1053
1054	if (n < NGROUPS_UMIN || n > NGROUPS_UMAX || groups == NULL)
1055		return (NULL);
1056	token = get_token(sizeof (char) + sizeof (short) + n * sizeof (gid_t));
1057	if (token == NULL)
1058		return (NULL);
1059	n_groups = (short)n;
1060	adr_start(&adr, token->tt_data);
1061	adr_char(&adr, &data_header, 1);
1062	adr_short(&adr, &n_groups, 1);
1063	adr_int32(&adr, (int32_t *)groups, n_groups);
1064
1065	return (token);
1066}
1067
1068/*
1069 * au_to_exec_args
1070 * returns:
1071 *	pointer to an exec args token.
1072 */
1073token_t *
1074au_to_exec_args(char **argv)
1075{
1076	return (au_to_exec(argv, AUT_EXEC_ARGS));
1077}
1078
1079/*
1080 * au_to_exec_env
1081 * returns:
1082 *	pointer to an exec args token.
1083 */
1084token_t *
1085au_to_exec_env(char **envp)
1086{
1087	return (au_to_exec(envp, AUT_EXEC_ENV));
1088}
1089
1090/*
1091 * au_to_exec
1092 * returns:
1093 *	pointer to an exec args token.
1094 */
1095static token_t *
1096au_to_exec(char **v, char data_header)
1097{
1098	token_t *token;
1099	adr_t adr;
1100	char **p;
1101	int32_t n = 0;
1102	int len = 0;
1103
1104	for (p = v; *p != NULL; p++) {
1105		len += strlen(*p) + 1;
1106		n++;
1107	}
1108	token = get_token(sizeof (char) + sizeof (int32_t) + len);
1109	if (token == (token_t *)NULL)
1110		return ((token_t *)NULL);
1111	adr_start(&adr, token->tt_data);
1112	adr_char(&adr, &data_header, 1);
1113	adr_int32(&adr, &n, 1);
1114	for (p = v; *p != NULL; p++) {
1115		adr_char(&adr, *p, strlen(*p) + 1);
1116	}
1117	return (token);
1118}
1119
1120/*
1121 * au_to_uauth
1122 * return s:
1123 *	pointer to a uauth token.
1124 */
1125token_t *
1126au_to_uauth(char *text)
1127{
1128	token_t *token;			/* local token */
1129	adr_t adr;			/* adr memory stream header */
1130	char data_header = AUT_UAUTH;	/* header for this token */
1131	short bytes;			/* length of string */
1132
1133	bytes = strlen(text) + 1;
1134
1135	token = get_token((int)(sizeof (char) + sizeof (short) + bytes));
1136	if (token == NULL)
1137		return (NULL);
1138	adr_start(&adr, token->tt_data);
1139	adr_char(&adr, &data_header, 1);
1140	adr_short(&adr, &bytes, 1);
1141	adr_char(&adr, text, bytes);
1142
1143	return (token);
1144}
1145
1146/*
1147 * au_to_xatom
1148 * return s:
1149 *	pointer to a xatom token.
1150 */
1151token_t *
1152au_to_xatom(ushort_t len, char *atom)
1153{
1154	token_t *token;			/* local token */
1155	adr_t adr;			/* adr memory stream header */
1156	char data_header = AUT_XATOM;	/* header for this token */
1157
1158	token = get_token((int)(sizeof (char) + sizeof (ushort_t) + len));
1159	if (token == NULL)
1160		return (NULL);
1161	adr_start(&adr, token->tt_data);
1162	adr_char(&adr, &data_header, 1);
1163	adr_short(&adr, (short *)&len, 1);
1164	adr_char(&adr, atom, len);
1165
1166	return (token);
1167}
1168
1169/*
1170 * au_to_xproto
1171 * return s:
1172 *	pointer to a X protocol token.
1173 */
1174token_t *
1175au_to_xproto(pid_t pid)
1176{
1177	token_t *token;			/* local token */
1178	adr_t adr;			/* adr memory stream header */
1179	char data_header = AUT_XPROTO;	/* header for this token */
1180	int32_t v = pid;
1181
1182	token = get_token(sizeof (char) + sizeof (int32_t));
1183	if (token == NULL)
1184		return (NULL);
1185	adr_start(&adr, token->tt_data);
1186	adr_char(&adr, &data_header, 1);
1187	adr_int32(&adr, &v, 1);
1188
1189	return (token);
1190}
1191
1192/*
1193 * au_to_xobj
1194 * return s:
1195 *	pointer to a X object token.
1196 */
1197token_t *
1198au_to_xobj(int oid, int xid, int cuid)
1199{
1200	token_t *token;			/* local token */
1201	adr_t adr;			/* adr memory stream header */
1202	char data_header = AUT_XOBJ;	/* header for this token */
1203
1204	token = get_token(sizeof (char) + 3 * sizeof (int32_t));
1205	if (token == NULL)
1206		return (NULL);
1207	adr_start(&adr, token->tt_data);
1208	adr_char(&adr, &data_header, 1);
1209	adr_int32(&adr, (int32_t *)&oid, 1);
1210	adr_int32(&adr, (int32_t *)&xid, 1);
1211	adr_int32(&adr, (int32_t *)&cuid, 1);
1212
1213	return (token);
1214}
1215
1216/*
1217 * au_to_xselect
1218 * return s:
1219 *	pointer to a X select token.
1220 */
1221token_t *
1222au_to_xselect(char *pstring, char *type, short dlen, char *data)
1223{
1224	token_t *token;			/* local token */
1225	adr_t adr;			/* adr memory stream header */
1226	char data_header = AUT_XSELECT;	/* header for this token */
1227	short bytes;
1228
1229	bytes = strlen(pstring) + strlen(type) + 2 + dlen;
1230	token = get_token((int)(sizeof (char) + sizeof (short) * 3 + bytes));
1231	if (token == NULL)
1232		return (NULL);
1233	adr_start(&adr, token->tt_data);
1234	adr_char(&adr, &data_header, 1);
1235	bytes = strlen(pstring) + 1;
1236	adr_short(&adr, &bytes, 1);
1237	adr_char(&adr, pstring, bytes);
1238	bytes = strlen(type) + 1;
1239	adr_short(&adr, &bytes, 1);
1240	adr_char(&adr, type, bytes);
1241	adr_short(&adr, &dlen, 1);
1242	adr_char(&adr, data, dlen);
1243	return (token);
1244}
1245
1246/*
1247 * au_to_label
1248 * return s:
1249 *	pointer to token chain containing a sensitivity label token.
1250 */
1251token_t *
1252au_to_label(bslabel_t *label)
1253{
1254	token_t *token;			/* local token */
1255	adr_t adr;			/* adr memory stream header */
1256	char data_header = AUT_LABEL;	/* header for this token */
1257	short bs = sizeof (bslabel_t);
1258
1259	token = get_token(sizeof (char) + bs);
1260	if (token == NULL)
1261		return (NULL);
1262	adr_start(&adr, token->tt_data);
1263	adr_char(&adr, &data_header, 1);
1264	adr_char(&adr, (char *)label, bs);
1265
1266	return (token);
1267}
1268
1269/*
1270 * au_to_mylabel
1271 * return s:
1272 *	pointer to a slabel token.
1273 */
1274token_t *
1275au_to_mylabel(void)
1276{
1277	bslabel_t	slabel;
1278	zoneid_t	zid = getzoneid();
1279
1280	if (zid == GLOBAL_ZONEID) {
1281		bsllow(&slabel);
1282	} else {
1283		if (zone_getattr(zid, ZONE_ATTR_SLBL, &slabel,
1284		    sizeof (bslabel_t)) < 0)
1285			return (NULL);
1286	}
1287	return (au_to_label(&slabel));
1288}
1289
1290/*
1291 * au_to_zonename
1292 * return s:
1293 *	pointer to a zonename token.
1294 */
1295token_t *
1296au_to_zonename(char *name)
1297{
1298	token_t *token;			/* local token */
1299	adr_t adr;			/* adr memory stream header */
1300	char data_header = AUT_ZONENAME;	/* header for this token */
1301	short bytes;			/* length of string */
1302
1303	if (name == NULL)
1304		return (NULL);
1305
1306	bytes = strlen(name) + 1;
1307	token = get_token((int)(sizeof (char) + sizeof (short) + bytes));
1308	if (token == NULL)
1309		return (NULL);
1310	adr_start(&adr, token->tt_data);
1311	adr_char(&adr, &data_header, 1);
1312	adr_short(&adr, &bytes, 1);
1313	adr_char(&adr, name, bytes);
1314
1315	return (token);
1316}
1317
1318/*
1319 * au_to_fmri
1320 * return s:
1321 *	pointer to a fmri token.
1322 */
1323token_t *
1324au_to_fmri(char *fmri)
1325{
1326	token_t *token;			/* local token */
1327	adr_t adr;			/* adr memory stream header */
1328	char data_header = AUT_FMRI;	/* header for this token */
1329	short bytes;			/* length of string */
1330
1331	if (fmri == NULL)
1332		return (NULL);
1333
1334	bytes = strlen(fmri) + 1;
1335	token = get_token((int)(sizeof (char) + sizeof (short) + bytes));
1336	if (token == NULL)
1337		return (NULL);
1338	adr_start(&adr, token->tt_data);
1339	adr_char(&adr, &data_header, 1);
1340	adr_short(&adr, &bytes, 1);
1341	adr_char(&adr, fmri, bytes);
1342
1343	return (token);
1344}
1345