18523fda3SJan Friedel /*
28523fda3SJan Friedel  * CDDL HEADER START
38523fda3SJan Friedel  *
48523fda3SJan Friedel  * The contents of this file are subject to the terms of the
58523fda3SJan Friedel  * Common Development and Distribution License (the "License").
68523fda3SJan Friedel  * You may not use this file except in compliance with the License.
78523fda3SJan Friedel  *
88523fda3SJan Friedel  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
98523fda3SJan Friedel  * or http://www.opensolaris.org/os/licensing.
108523fda3SJan Friedel  * See the License for the specific language governing permissions
118523fda3SJan Friedel  * and limitations under the License.
128523fda3SJan Friedel  *
138523fda3SJan Friedel  * When distributing Covered Code, include this CDDL HEADER in each
148523fda3SJan Friedel  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
158523fda3SJan Friedel  * If applicable, add the following below this CDDL HEADER, with the
168523fda3SJan Friedel  * fields enclosed by brackets "[]" replaced with your own identifying
178523fda3SJan Friedel  * information: Portions Copyright [yyyy] [name of copyright owner]
188523fda3SJan Friedel  *
198523fda3SJan Friedel  * CDDL HEADER END
208523fda3SJan Friedel  */
218523fda3SJan Friedel /*
22f8994074SJan Friedel  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
238523fda3SJan Friedel  */
248523fda3SJan Friedel 
258523fda3SJan Friedel #ifndef _AUDIT_SCF_H
268523fda3SJan Friedel #define	_AUDIT_SCF_H
278523fda3SJan Friedel 
28f8994074SJan Friedel #ifdef	__cplusplus
29f8994074SJan Friedel extern "C" {
30f8994074SJan Friedel #endif
31f8994074SJan Friedel 
328523fda3SJan Friedel /*
33*bbf21555SRichard Lowe  * auditd smf(7)/libscf(3LIB) interface - set and display audit parameters
348523fda3SJan Friedel  */
358523fda3SJan Friedel 
368523fda3SJan Friedel #include <audit_plugin.h>
378523fda3SJan Friedel #include <bsm/libbsm.h>
38f8994074SJan Friedel #include <ctype.h>
398523fda3SJan Friedel #include <libintl.h>
408523fda3SJan Friedel #include <libscf_priv.h>
41f8994074SJan Friedel #include <stdlib.h>
428523fda3SJan Friedel #include <strings.h>
438523fda3SJan Friedel #include <sys/varargs.h>
44f8994074SJan Friedel #include <ucontext.h>
458523fda3SJan Friedel #include <zone.h>
468523fda3SJan Friedel 
478523fda3SJan Friedel /* gettext() obfuscation routine for lint */
488523fda3SJan Friedel #ifdef __lint
498523fda3SJan Friedel #define	gettext(x)	x
508523fda3SJan Friedel #endif
518523fda3SJan Friedel 
528523fda3SJan Friedel #ifndef DEBUG
538523fda3SJan Friedel #define	DEBUG	0
548523fda3SJan Friedel #endif
558523fda3SJan Friedel 
568523fda3SJan Friedel #if DEBUG
578523fda3SJan Friedel FILE	*dbfp;		  /* debug file pointer */
588523fda3SJan Friedel #define	DPRINT(x)	{ if (dbfp == NULL) dbfp = __auditd_debug_file_open(); \
598523fda3SJan Friedel 			    (void) fprintf x; (void) fflush(dbfp); }
608523fda3SJan Friedel #else	/* ! DEBUG */
618523fda3SJan Friedel #define	DPRINT(x)
628523fda3SJan Friedel #endif
638523fda3SJan Friedel 
64f8994074SJan Friedel /* Audit subsystem service instances */
65f8994074SJan Friedel #define	AUDITD_FMRI	"svc:/system/auditd:default"
66f8994074SJan Friedel #define	AUDITSET_FMRI	"svc:/system/auditset:default"
67f8994074SJan Friedel 
68f8994074SJan Friedel /* (ASI) Audit service instance SCF handles - libscf(3LIB) */
69f8994074SJan Friedel struct asi_scfhandle {
70f8994074SJan Friedel 	scf_handle_t		*hndl;	/* base scf handle */
71f8994074SJan Friedel 	scf_instance_t		*inst;	/* service instance handle */
72f8994074SJan Friedel 	scf_propertygroup_t	*pgrp;	/* property group handle */
73f8994074SJan Friedel 	scf_property_t		*prop;	/* property handle */
74f8994074SJan Friedel };
75f8994074SJan Friedel typedef	struct asi_scfhandle asi_scfhandle_t;
76f8994074SJan Friedel 
77f8994074SJan Friedel struct asi_scfhandle_iter {
78f8994074SJan Friedel 	scf_iter_t	*pgrp;		/* property group iter handle */
79f8994074SJan Friedel 	scf_iter_t	*prop;		/* property iter handle */
80f8994074SJan Friedel 	scf_value_t	*prop_val;	/* property value */
81f8994074SJan Friedel };
82f8994074SJan Friedel typedef struct asi_scfhandle_iter asi_scfhandle_iter_t;
83f8994074SJan Friedel 
848523fda3SJan Friedel /*
858523fda3SJan Friedel  * (ASI) Audit service instance (svc:/system/auditd:default) related
868523fda3SJan Friedel  * configuration parameters.
878523fda3SJan Friedel  */
888523fda3SJan Friedel #define	ASI_PGROUP_POLICY	"policy"
898523fda3SJan Friedel struct policy_sw {
908523fda3SJan Friedel 	char		*policy;
918523fda3SJan Friedel 	boolean_t	flag;
928523fda3SJan Friedel };
938523fda3SJan Friedel typedef struct policy_sw policy_sw_t;
948523fda3SJan Friedel 
958523fda3SJan Friedel #define	ASI_PGROUP_QUEUECTRL	"queuectrl"
968523fda3SJan Friedel #define	QUEUECTRL_QBUFSZ	"qbufsz"
978523fda3SJan Friedel #define	QUEUECTRL_QDELAY	"qdelay"
988523fda3SJan Friedel #define	QUEUECTRL_QHIWATER	"qhiwater"
998523fda3SJan Friedel #define	QUEUECTRL_QLOWATER	"qlowater"
1008523fda3SJan Friedel struct scf_qctrl {
1018523fda3SJan Friedel 	uint64_t	scf_qhiwater;
1028523fda3SJan Friedel 	uint64_t	scf_qlowater;
1038523fda3SJan Friedel 	uint64_t	scf_qbufsz;
1048523fda3SJan Friedel 	uint64_t	scf_qdelay;
1058523fda3SJan Friedel };
1068523fda3SJan Friedel typedef struct scf_qctrl scf_qctrl_t;
1078523fda3SJan Friedel 
108f8994074SJan Friedel #define	ASI_PGROUP_PRESELECTION	"preselection"
109f8994074SJan Friedel #define	PRESELECTION_FLAGS	"flags"
110f8994074SJan Friedel #define	PRESELECTION_NAFLAGS	"naflags"
111f8994074SJan Friedel #define	PRESELECTION_MAXBUF	256		/* max. length of na/flags */
112f8994074SJan Friedel 
113*bbf21555SRichard Lowe /* auditd(8) plugin related well known properties */
114f8994074SJan Friedel #define	PLUGIN_ACTIVE		"active"	/* plugin state */
115f8994074SJan Friedel #define	PLUGIN_PATH		"path"		/* plugin shared object */
116f8994074SJan Friedel #define	PLUGIN_QSIZE		"qsize"		/* plugin queue size */
117f8994074SJan Friedel 
118f8994074SJan Friedel #define	PLUGIN_MAX		256		/* max. amount of plugins */
119f8994074SJan Friedel #define	PLUGIN_MAXBUF		256		/* max. length of plugin name */
120f8994074SJan Friedel #define	PLUGIN_MAXATT		256		/* max. length of plugin attr */
121f8994074SJan Friedel #define	PLUGIN_MAXKEY		256		/* max. length of plugin key */
122f8994074SJan Friedel #define	PLUGIN_MAXVAL		256		/* max. length of plugin val */
123f8994074SJan Friedel struct scf_plugin_kva_node {
124f8994074SJan Friedel 	struct scf_plugin_kva_node	*next;
125f8994074SJan Friedel 	struct scf_plugin_kva_node	*prev;
126f8994074SJan Friedel 	char				plugin_name[PLUGIN_MAXBUF];
127f8994074SJan Friedel 	kva_t				*plugin_kva;
128f8994074SJan Friedel };
129f8994074SJan Friedel typedef struct scf_plugin_kva_node scf_plugin_kva_node_t;
130f8994074SJan Friedel 
1318523fda3SJan Friedel /* Boundary checking macros for the queuectrl parameters. */
1328523fda3SJan Friedel #define	AQ_MINLOW	1
1338523fda3SJan Friedel #define	CHK_BDRY_QBUFSZ(x)	!((x) < AQ_BUFSZ || (x) > AQ_MAXBUFSZ)
1348523fda3SJan Friedel #define	CHK_BDRY_QDELAY(x)	!((x) == 0 || (x) > AQ_MAXDELAY)
1358523fda3SJan Friedel #define	CHK_BDRY_QLOWATER(low, high)	!((low) < AQ_MINLOW || (low) >= (high))
1368523fda3SJan Friedel #define	CHK_BDRY_QHIWATER(low, high)	!((high) <= (low) || \
1378523fda3SJan Friedel 					    (high) < AQ_LOWATER || \
1388523fda3SJan Friedel 					    (high) > AQ_MAXHIGH)
1398523fda3SJan Friedel 
1408523fda3SJan Friedel /*
1418523fda3SJan Friedel  * MAX_PROPVECS	maximum number of audit properties that will
1428523fda3SJan Friedel  * 		fit in the uint32_t audit policy mask.
1438523fda3SJan Friedel  */
1448523fda3SJan Friedel #define	MAX_PROPVECS	32
1458523fda3SJan Friedel 
146f8994074SJan Friedel boolean_t do_getflags_scf(char **);
147f8994074SJan Friedel boolean_t do_getnaflags_scf(char **);
148f8994074SJan Friedel boolean_t do_getpluginconfig_scf(char *, scf_plugin_kva_node_t **);
1498523fda3SJan Friedel boolean_t do_getpolicy_scf(uint32_t *);
1508523fda3SJan Friedel boolean_t do_getqbufsz_scf(size_t *);
151f8994074SJan Friedel boolean_t do_getqctrl_scf(struct au_qctrl *);
1528523fda3SJan Friedel boolean_t do_getqdelay_scf(clock_t *);
1538523fda3SJan Friedel boolean_t do_getqhiwater_scf(size_t *);
1548523fda3SJan Friedel boolean_t do_getqlowater_scf(size_t *);
155f8994074SJan Friedel boolean_t do_setflags_scf(char *);
156f8994074SJan Friedel boolean_t do_setnaflags_scf(char *);
157f8994074SJan Friedel boolean_t do_setpluginconfig_scf(char *, boolean_t, char *, int);
1588523fda3SJan Friedel boolean_t do_setpolicy_scf(uint32_t);
1598523fda3SJan Friedel boolean_t do_setqbufsz_scf(size_t *);
160f8994074SJan Friedel boolean_t do_setqctrl_scf(struct au_qctrl *);
1618523fda3SJan Friedel boolean_t do_setqdelay_scf(clock_t *);
1628523fda3SJan Friedel boolean_t do_setqhiwater_scf(size_t *);
1638523fda3SJan Friedel boolean_t do_setqlowater_scf(size_t *);
164f8994074SJan Friedel void free_static_att_kva(kva_t *);
165f8994074SJan Friedel uint32_t get_policy(char *);
166f8994074SJan Friedel boolean_t plugin_avail_scf(const char *);
167f8994074SJan Friedel void plugin_kva_ll_free(scf_plugin_kva_node_t *);
168f8994074SJan Friedel void prt_error_va(char *, va_list);
169f8994074SJan Friedel 
170f8994074SJan Friedel #ifdef	__cplusplus
171f8994074SJan Friedel }
172f8994074SJan Friedel #endif
1738523fda3SJan Friedel 
1748523fda3SJan Friedel #endif	/* _AUDIT_SCF_H */
175