]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_utilities/lib/ccaudit.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.220.15.tar.gz
[apple/security.git] / OSX / libsecurity_utilities / lib / ccaudit.h
1 /*
2 * Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 #ifndef _H_CCAUDIT
20 #define _H_CCAUDIT
21
22 #include <security_utilities/utilities.h>
23 #include <mach/message.h> // audit_token_t
24 #include <bsm/audit.h> // au_tid_t, etc.
25 #include <bsm/audit_kevents.h> // AUE_NULL
26
27 namespace Security {
28 namespace CommonCriteria {
29
30 class AuditToken;
31
32
33 /*
34 * For the most part, we won't have a machine ID to initialize the
35 * au_tid_t's machine field. There's no machine ID in the audit token,
36 * for example, since MIG is localhost-only.
37 */
38 class TerminalId: public PodWrapper<TerminalId, au_tid_t>
39 {
40 public:
41 TerminalId();
42 TerminalId(const TerminalId &t) { set(t); }
43 TerminalId(const au_tid_t &tid) { set(tid); }
44 ~TerminalId() { }
45
46 void set(const au_tid_t &tid) { port = tid.port; machine = tid.machine; }
47 };
48
49 /*
50 * audit_token_t provides all the info required for Common Criteria-mandated
51 * auditing. It's defined in <mach/mach_types.defs>. Its values are filled
52 * in by the kernel during a Mach RPC and it should be treated as read-only
53 * thereafter.
54 */
55 class AuditToken {
56 public:
57 AuditToken(const audit_token_t &token);
58 ~AuditToken() { }
59
60 audit_token_t auditToken() const { return mAuditToken; }
61 uid_t auditId() const { return mAuditId; }
62 uid_t euid() const { return mEuid; }
63 gid_t egid() const { return mEgid; }
64 uid_t ruid() const { return mRuid; }
65 gid_t rgid() const { return mRgid; }
66 pid_t pid() const { return mPid; }
67 au_asid_t sessionId() const { return mSessionId; }
68 const au_tid_t &terminalId() const { return mTerminalId; }
69
70 private:
71 audit_token_t mAuditToken;
72 uid_t mAuditId;
73 uid_t mEuid;
74 gid_t mEgid;
75 uid_t mRuid;
76 gid_t mRgid;
77 pid_t mPid; // of client
78 au_asid_t mSessionId;
79 TerminalId mTerminalId;
80 };
81
82
83 /*
84 * The (new) audit information structure
85 */
86 class AuditInfo : public PodWrapper<AuditInfo, auditinfo_addr_t> {
87 public:
88 void get();
89 void get(au_asid_t session);
90 void getPid(pid_t pid);
91 void set();
92 void create(uint64_t flags, uid_t auid = AU_DEFAUDITID);
93
94 uid_t uid() const { return this->ai_auid; }
95 uint64_t flags() const { return this->ai_flags; }
96 au_asid_t sessionId() const { return this->ai_asid; }
97
98 static AuditInfo current() { AuditInfo info; info.get(); return info; }
99 };
100
101
102 // XXX/gh 3926739
103 //
104 // NB: Qualify all uses of these names with the namespace (CommonCriteria).
105 // Existing source code already follows this convention.
106 enum ExternalErrors
107 {
108 errNone = 0,
109 errInvalidCredential = 1111, // try to make easier to find in log
110 errUserCanceled,
111 errTooManyTries,
112 errAuthDenied, // "Auth" --> authorization; named to
113 // avoid conflict with the C symbol
114 // errAuthorizationDenied already in
115 // use
116 errEndOfExternalErrors // sentry/placeholder
117 };
118
119
120
121 class AuditMask
122 {
123 public:
124 AuditMask(unsigned int s = AUE_NULL, unsigned int f = AUE_NULL)
125 {
126 mMask.am_success = s; mMask.am_failure = f;
127 }
128 ~AuditMask() { }
129 const au_mask_t &get(void) const { return mMask; }
130
131 private:
132 au_mask_t mMask;
133 };
134
135
136 // audit session state for the current process; only used by Server
137 class AuditSession
138 {
139 public:
140 AuditSession(au_id_t auid, au_asid_t sid)
141 : mAuditId(auid), mSessionId(sid) { }
142 ~AuditSession() { }
143
144 // set audit info for this process in kernel
145 void registerSession(void);
146
147 void auditId(au_id_t auid) { mAuditId = auid; }
148 void eventMask(AuditMask &mask) { mEventMask = mask; }
149 void terminalId(TerminalId &tid) { mTerminalId = tid; }
150 void sessionId(au_asid_t sid) { mSessionId = sid; }
151
152 au_id_t auditId(void) { return mAuditId; }
153 AuditMask &eventMask(void) { return mEventMask; }
154 TerminalId &terminalId(void) { return mTerminalId; }
155 au_asid_t sessionId(void) { return mSessionId; }
156
157 private:
158 au_id_t mAuditId;
159 AuditMask mEventMask;
160 TerminalId mTerminalId;
161 au_asid_t mSessionId;
162 };
163
164 //
165 // For submitting audit records. Not general-purpose: no ability to
166 // submit arbitrary BSM tokens, for example. However, the SecurityServer
167 // has only limited auditing requirements under Common Criteria.
168 //
169 class AuditRecord
170 {
171 public:
172 AuditRecord(const AuditToken &auditToken)
173 : mAuditToken(auditToken) { }
174 AuditRecord(const audit_token_t &auditToken)
175 : mAuditToken(auditToken) { }
176 ~AuditRecord() { }
177
178 // returnCode == 0 --> success; nonzero returnCode --> failure
179 void submit(const short event_code, const int returnCode,
180 const char *msg = NULL);
181
182 private:
183 AuditToken mAuditToken;
184 };
185
186 } // end namespace CommonCriteria
187 } // end namespace Security
188
189 #endif // _H_CCAUDIT
mirror of Security