1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*7c478bd9Sstevel@tonic-gate 29*7c478bd9Sstevel@tonic-gate #include <sys/param.h> 30*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 31*7c478bd9Sstevel@tonic-gate #include <sys/kmem.h> 32*7c478bd9Sstevel@tonic-gate #include <sys/t_lock.h> 33*7c478bd9Sstevel@tonic-gate #include <sys/thread.h> 34*7c478bd9Sstevel@tonic-gate #include <sys/systm.h> 35*7c478bd9Sstevel@tonic-gate #include <c2/audit.h> 36*7c478bd9Sstevel@tonic-gate #include <c2/audit_kernel.h> 37*7c478bd9Sstevel@tonic-gate #include <c2/audit_record.h> 38*7c478bd9Sstevel@tonic-gate 39*7c478bd9Sstevel@tonic-gate kmem_cache_t *au_pad_cache; 40*7c478bd9Sstevel@tonic-gate 41*7c478bd9Sstevel@tonic-gate static kmem_cache_t *au_buf_cache; 42*7c478bd9Sstevel@tonic-gate 43*7c478bd9Sstevel@tonic-gate /* 44*7c478bd9Sstevel@tonic-gate * au_buff_t and token_t are equivalent (see audit_record.h). Don't 45*7c478bd9Sstevel@tonic-gate * confuse this token_t with the one that is defined for userspace 46*7c478bd9Sstevel@tonic-gate * in the same header file. 47*7c478bd9Sstevel@tonic-gate */ 48*7c478bd9Sstevel@tonic-gate 49*7c478bd9Sstevel@tonic-gate /* 50*7c478bd9Sstevel@tonic-gate * Function: au_get_buff 51*7c478bd9Sstevel@tonic-gate * args: 52*7c478bd9Sstevel@tonic-gate */ 53*7c478bd9Sstevel@tonic-gate struct au_buff * 54*7c478bd9Sstevel@tonic-gate au_get_buff(void) 55*7c478bd9Sstevel@tonic-gate { 56*7c478bd9Sstevel@tonic-gate au_buff_t *buffer; 57*7c478bd9Sstevel@tonic-gate t_audit_data_t *tad = U2A(u); 58*7c478bd9Sstevel@tonic-gate 59*7c478bd9Sstevel@tonic-gate ASSERT(tad); 60*7c478bd9Sstevel@tonic-gate 61*7c478bd9Sstevel@tonic-gate /* 62*7c478bd9Sstevel@tonic-gate * If asynchronous (interrupt) thread, then we can't sleep 63*7c478bd9Sstevel@tonic-gate * (the tad ERRJMP flag is set at the start of async processing). 64*7c478bd9Sstevel@tonic-gate */ 65*7c478bd9Sstevel@tonic-gate if (tad->tad_ctrl & PAD_ERRJMP) { 66*7c478bd9Sstevel@tonic-gate buffer = kmem_cache_alloc(au_buf_cache, KM_NOSLEEP); 67*7c478bd9Sstevel@tonic-gate if (buffer == NULL) { 68*7c478bd9Sstevel@tonic-gate /* return to top of stack & report an error */ 69*7c478bd9Sstevel@tonic-gate ASSERT(tad->tad_errjmp); 70*7c478bd9Sstevel@tonic-gate longjmp(tad->tad_errjmp); 71*7c478bd9Sstevel@tonic-gate } 72*7c478bd9Sstevel@tonic-gate } else { 73*7c478bd9Sstevel@tonic-gate buffer = kmem_cache_alloc(au_buf_cache, KM_SLEEP); 74*7c478bd9Sstevel@tonic-gate } 75*7c478bd9Sstevel@tonic-gate /* Never gets here when buffer == NULL */ 76*7c478bd9Sstevel@tonic-gate bzero(buffer, sizeof (*buffer)); 77*7c478bd9Sstevel@tonic-gate return (buffer); 78*7c478bd9Sstevel@tonic-gate } 79*7c478bd9Sstevel@tonic-gate 80*7c478bd9Sstevel@tonic-gate /* 81*7c478bd9Sstevel@tonic-gate * Function: au_free_rec 82*7c478bd9Sstevel@tonic-gate * args: 83*7c478bd9Sstevel@tonic-gate * au_buff_t *buf; start of the record chain 84*7c478bd9Sstevel@tonic-gate */ 85*7c478bd9Sstevel@tonic-gate void 86*7c478bd9Sstevel@tonic-gate au_free_rec(au_buff_t *buf) 87*7c478bd9Sstevel@tonic-gate { 88*7c478bd9Sstevel@tonic-gate au_buff_t *next; 89*7c478bd9Sstevel@tonic-gate t_audit_data_t *tad = U2A(u); 90*7c478bd9Sstevel@tonic-gate 91*7c478bd9Sstevel@tonic-gate ASSERT(tad); 92*7c478bd9Sstevel@tonic-gate 93*7c478bd9Sstevel@tonic-gate /* 94*7c478bd9Sstevel@tonic-gate * If asynchronous (interrupt) thread, schedule the release 95*7c478bd9Sstevel@tonic-gate * (the tad ERRJMP flag is set at the start of async processing). 96*7c478bd9Sstevel@tonic-gate */ 97*7c478bd9Sstevel@tonic-gate if (tad->tad_ctrl & PAD_ERRJMP) { 98*7c478bd9Sstevel@tonic-gate /* Discard async events via softcall. */ 99*7c478bd9Sstevel@tonic-gate softcall(audit_async_discard_backend, buf); 100*7c478bd9Sstevel@tonic-gate } 101*7c478bd9Sstevel@tonic-gate 102*7c478bd9Sstevel@tonic-gate while (buf != NULL) { 103*7c478bd9Sstevel@tonic-gate next = buf->next_buf; 104*7c478bd9Sstevel@tonic-gate kmem_cache_free(au_buf_cache, buf); 105*7c478bd9Sstevel@tonic-gate buf = next; 106*7c478bd9Sstevel@tonic-gate } 107*7c478bd9Sstevel@tonic-gate } 108*7c478bd9Sstevel@tonic-gate 109*7c478bd9Sstevel@tonic-gate /* 110*7c478bd9Sstevel@tonic-gate * Backend routine to discard an async event. Invoked from softcall. 111*7c478bd9Sstevel@tonic-gate * (Note: the freeing of memory for the event can't be done safely in high 112*7c478bd9Sstevel@tonic-gate * interrupt context due to the chance of sleeping on an adaptive mutex. 113*7c478bd9Sstevel@tonic-gate * Hence the softcall.) 114*7c478bd9Sstevel@tonic-gate */ 115*7c478bd9Sstevel@tonic-gate void 116*7c478bd9Sstevel@tonic-gate audit_async_discard_backend(void *addr) 117*7c478bd9Sstevel@tonic-gate { 118*7c478bd9Sstevel@tonic-gate au_toss_token(addr); 119*7c478bd9Sstevel@tonic-gate } 120*7c478bd9Sstevel@tonic-gate 121*7c478bd9Sstevel@tonic-gate /* 122*7c478bd9Sstevel@tonic-gate * Function: au_append_rec 123*7c478bd9Sstevel@tonic-gate * args: 124*7c478bd9Sstevel@tonic-gate * au_buff_t *rec; start of the record chain 125*7c478bd9Sstevel@tonic-gate * au_buff_t *buf; buffer to append 126*7c478bd9Sstevel@tonic-gate * int pack; AU_PACK/1 - pack data, AU_LINK/0 - link buffer 127*7c478bd9Sstevel@tonic-gate */ 128*7c478bd9Sstevel@tonic-gate int 129*7c478bd9Sstevel@tonic-gate au_append_rec(au_buff_t *rec, au_buff_t *buf, int pack) 130*7c478bd9Sstevel@tonic-gate { 131*7c478bd9Sstevel@tonic-gate if (!rec) 132*7c478bd9Sstevel@tonic-gate return (-1); 133*7c478bd9Sstevel@tonic-gate 134*7c478bd9Sstevel@tonic-gate while (rec->next_buf) 135*7c478bd9Sstevel@tonic-gate rec = rec->next_buf; 136*7c478bd9Sstevel@tonic-gate if (((int)(rec->len + buf->len) <= AU_BUFSIZE) && pack) { 137*7c478bd9Sstevel@tonic-gate bcopy(buf->buf, (char *)(rec->buf + rec->len), 138*7c478bd9Sstevel@tonic-gate (uint_t)buf->len); 139*7c478bd9Sstevel@tonic-gate rec->len += buf->len; 140*7c478bd9Sstevel@tonic-gate rec->next_buf = buf->next_buf; 141*7c478bd9Sstevel@tonic-gate kmem_cache_free(au_buf_cache, buf); 142*7c478bd9Sstevel@tonic-gate } else { 143*7c478bd9Sstevel@tonic-gate rec->next_buf = buf; 144*7c478bd9Sstevel@tonic-gate } 145*7c478bd9Sstevel@tonic-gate return (0); 146*7c478bd9Sstevel@tonic-gate } 147*7c478bd9Sstevel@tonic-gate 148*7c478bd9Sstevel@tonic-gate /* 149*7c478bd9Sstevel@tonic-gate * Function: au_append_buf 150*7c478bd9Sstevel@tonic-gate * args: 151*7c478bd9Sstevel@tonic-gate * char *data; data buffer to append 152*7c478bd9Sstevel@tonic-gate * int len; size of data to append 153*7c478bd9Sstevel@tonic-gate * au_buff_t *buf; buffer to append to 154*7c478bd9Sstevel@tonic-gate */ 155*7c478bd9Sstevel@tonic-gate int 156*7c478bd9Sstevel@tonic-gate au_append_buf(const char *data, int len, au_buff_t *buf) 157*7c478bd9Sstevel@tonic-gate { 158*7c478bd9Sstevel@tonic-gate au_buff_t *new_buf; 159*7c478bd9Sstevel@tonic-gate int new_len; 160*7c478bd9Sstevel@tonic-gate 161*7c478bd9Sstevel@tonic-gate while (buf->next_buf != NULL) 162*7c478bd9Sstevel@tonic-gate buf = buf->next_buf; 163*7c478bd9Sstevel@tonic-gate 164*7c478bd9Sstevel@tonic-gate new_len = (uint_t)(buf->len + len) > AU_BUFSIZE ? 165*7c478bd9Sstevel@tonic-gate AU_BUFSIZE - buf->len : len; 166*7c478bd9Sstevel@tonic-gate bcopy(data, (buf->buf + buf->len), (uint_t)new_len); 167*7c478bd9Sstevel@tonic-gate buf->len += (uchar_t)new_len; 168*7c478bd9Sstevel@tonic-gate len -= new_len; 169*7c478bd9Sstevel@tonic-gate 170*7c478bd9Sstevel@tonic-gate while (len > 0) { 171*7c478bd9Sstevel@tonic-gate data += new_len; 172*7c478bd9Sstevel@tonic-gate if ((new_buf = au_get_buff()) == NULL) { 173*7c478bd9Sstevel@tonic-gate return (-1); 174*7c478bd9Sstevel@tonic-gate } 175*7c478bd9Sstevel@tonic-gate buf->next_buf = new_buf; 176*7c478bd9Sstevel@tonic-gate buf = new_buf; 177*7c478bd9Sstevel@tonic-gate new_len = len > AU_BUFSIZE ? AU_BUFSIZE : len; 178*7c478bd9Sstevel@tonic-gate bcopy(data, buf->buf, (uint_t)new_len); 179*7c478bd9Sstevel@tonic-gate buf->len = (uchar_t)new_len; 180*7c478bd9Sstevel@tonic-gate len -= new_len; 181*7c478bd9Sstevel@tonic-gate } 182*7c478bd9Sstevel@tonic-gate return (0); 183*7c478bd9Sstevel@tonic-gate } 184*7c478bd9Sstevel@tonic-gate 185*7c478bd9Sstevel@tonic-gate /*ARGSUSED1*/ 186*7c478bd9Sstevel@tonic-gate static int 187*7c478bd9Sstevel@tonic-gate au_pad_const(void *vpad, void *priv, int flags) 188*7c478bd9Sstevel@tonic-gate { 189*7c478bd9Sstevel@tonic-gate p_audit_data_t *pad = vpad; 190*7c478bd9Sstevel@tonic-gate 191*7c478bd9Sstevel@tonic-gate mutex_init(&pad->pad_lock, NULL, MUTEX_DEFAULT, NULL); 192*7c478bd9Sstevel@tonic-gate 193*7c478bd9Sstevel@tonic-gate return (0); 194*7c478bd9Sstevel@tonic-gate } 195*7c478bd9Sstevel@tonic-gate 196*7c478bd9Sstevel@tonic-gate /*ARGSUSED1*/ 197*7c478bd9Sstevel@tonic-gate static void 198*7c478bd9Sstevel@tonic-gate au_pad_destr(void *vpad, void *priv) 199*7c478bd9Sstevel@tonic-gate { 200*7c478bd9Sstevel@tonic-gate p_audit_data_t *pad = vpad; 201*7c478bd9Sstevel@tonic-gate 202*7c478bd9Sstevel@tonic-gate mutex_destroy(&pad->pad_lock); 203*7c478bd9Sstevel@tonic-gate } 204*7c478bd9Sstevel@tonic-gate 205*7c478bd9Sstevel@tonic-gate void 206*7c478bd9Sstevel@tonic-gate au_mem_init() 207*7c478bd9Sstevel@tonic-gate { 208*7c478bd9Sstevel@tonic-gate au_buf_cache = kmem_cache_create("audit_buffer", 209*7c478bd9Sstevel@tonic-gate sizeof (au_buff_t), 0, NULL, NULL, NULL, NULL, NULL, 0); 210*7c478bd9Sstevel@tonic-gate 211*7c478bd9Sstevel@tonic-gate au_pad_cache = kmem_cache_create("audit_proc", 212*7c478bd9Sstevel@tonic-gate sizeof (p_audit_data_t), 0, au_pad_const, au_pad_destr, 213*7c478bd9Sstevel@tonic-gate NULL, NULL, NULL, 0); 214*7c478bd9Sstevel@tonic-gate } 215