]>
Commit | Line | Data |
---|---|---|
1 | /*- | |
2 | * Copyright (c) 2006 Robert N. M. Watson | |
3 | * Copyright (c) 2008 Apple, Inc. | |
4 | * All rights reserved. | |
5 | * | |
6 | * This software was developed by Robert Watson for the TrustedBSD Project. | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | |
13 | * 2. Redistributions in binary form must reproduce the above copyright | |
14 | * notice, this list of conditions and the following disclaimer in the | |
15 | * documentation and/or other materials provided with the distribution. | |
16 | * | |
17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |
18 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
20 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
23 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
24 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
25 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
26 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
27 | * SUCH DAMAGE. | |
28 | */ | |
29 | ||
30 | #ifndef _SECURITY_AUDIT_AUDIT_IOCTL_H_ | |
31 | #define _SECURITY_AUDIT_AUDIT_IOCTL_H_ | |
32 | ||
33 | #define AUDITPIPE_IOBASE 'A' | |
34 | #define AUDITSDEV_IOBASE 'S' | |
35 | ||
36 | /* | |
37 | * Data structures used for complex ioctl arguments. Do not change existing | |
38 | * structures, add new revised ones to be used by new ioctls, and keep the | |
39 | * old structures and ioctls for backwards compatibility. | |
40 | */ | |
41 | struct auditpipe_ioctl_preselect { | |
42 | au_id_t aip_auid; | |
43 | au_mask_t aip_mask; | |
44 | }; | |
45 | ||
46 | /* | |
47 | * Possible modes of operation for audit pipe preselection. | |
48 | */ | |
49 | #define AUDITPIPE_PRESELECT_MODE_TRAIL 1 /* Global audit trail. */ | |
50 | #define AUDITPIPE_PRESELECT_MODE_LOCAL 2 /* Local audit trail. */ | |
51 | ||
52 | /* | |
53 | * Ioctls to read and control the behavior of individual audit pipe devices. | |
54 | */ | |
55 | #define AUDITPIPE_GET_QLEN _IOR(AUDITPIPE_IOBASE, 1, u_int) | |
56 | #define AUDITPIPE_GET_QLIMIT _IOR(AUDITPIPE_IOBASE, 2, u_int) | |
57 | #define AUDITPIPE_SET_QLIMIT _IOW(AUDITPIPE_IOBASE, 3, u_int) | |
58 | #define AUDITPIPE_GET_QLIMIT_MIN _IOR(AUDITPIPE_IOBASE, 4, u_int) | |
59 | #define AUDITPIPE_GET_QLIMIT_MAX _IOR(AUDITPIPE_IOBASE, 5, u_int) | |
60 | #define AUDITPIPE_GET_PRESELECT_FLAGS _IOR(AUDITPIPE_IOBASE, 6, au_mask_t) | |
61 | #define AUDITPIPE_SET_PRESELECT_FLAGS _IOW(AUDITPIPE_IOBASE, 7, au_mask_t) | |
62 | #define AUDITPIPE_GET_PRESELECT_NAFLAGS _IOR(AUDITPIPE_IOBASE, 8, au_mask_t) | |
63 | #define AUDITPIPE_SET_PRESELECT_NAFLAGS _IOW(AUDITPIPE_IOBASE, 9, au_mask_t) | |
64 | #define AUDITPIPE_GET_PRESELECT_AUID _IOR(AUDITPIPE_IOBASE, 10, \ | |
65 | struct auditpipe_ioctl_preselect) | |
66 | #define AUDITPIPE_SET_PRESELECT_AUID _IOW(AUDITPIPE_IOBASE, 11, \ | |
67 | struct auditpipe_ioctl_preselect) | |
68 | #define AUDITPIPE_DELETE_PRESELECT_AUID _IOW(AUDITPIPE_IOBASE, 12, au_id_t) | |
69 | #define AUDITPIPE_FLUSH_PRESELECT_AUID _IO(AUDITPIPE_IOBASE, 13) | |
70 | #define AUDITPIPE_GET_PRESELECT_MODE _IOR(AUDITPIPE_IOBASE, 14, int) | |
71 | #define AUDITPIPE_SET_PRESELECT_MODE _IOW(AUDITPIPE_IOBASE, 15, int) | |
72 | #define AUDITPIPE_FLUSH _IO(AUDITPIPE_IOBASE, 16) | |
73 | #define AUDITPIPE_GET_MAXAUDITDATA _IOR(AUDITPIPE_IOBASE, 17, u_int) | |
74 | ||
75 | /* | |
76 | * Ioctls to retrieve audit pipe statistics. | |
77 | */ | |
78 | #define AUDITPIPE_GET_INSERTS _IOR(AUDITPIPE_IOBASE, 100, u_int64_t) | |
79 | #define AUDITPIPE_GET_READS _IOR(AUDITPIPE_IOBASE, 101, u_int64_t) | |
80 | #define AUDITPIPE_GET_DROPS _IOR(AUDITPIPE_IOBASE, 102, u_int64_t) | |
81 | #define AUDITPIPE_GET_TRUNCATES _IOR(AUDITPIPE_IOBASE, 103, u_int64_t) | |
82 | ||
83 | /* | |
84 | * Ioctls for the audit session device. | |
85 | */ | |
86 | #define AUDITSDEV_GET_QLEN _IOR(AUDITSDEV_IOBASE, 1, u_int) | |
87 | #define AUDITSDEV_GET_QLIMIT _IOR(AUDITSDEV_IOBASE, 2, u_int) | |
88 | #define AUDITSDEV_SET_QLIMIT _IOW(AUDITSDEV_IOBASE, 3, u_int) | |
89 | #define AUDITSDEV_GET_QLIMIT_MIN _IOR(AUDITSDEV_IOBASE, 4, u_int) | |
90 | #define AUDITSDEV_GET_QLIMIT_MAX _IOR(AUDITSDEV_IOBASE, 5, u_int) | |
91 | #define AUDITSDEV_FLUSH _IO(AUDITSDEV_IOBASE, 6) | |
92 | #define AUDITSDEV_GET_MAXDATA _IOR(AUDITSDEV_IOBASE, 7, u_int) | |
93 | ||
94 | /* | |
95 | * Ioctls to retrieve and set the ALLSESSIONS flag in the audit session device. | |
96 | */ | |
97 | #define AUDITSDEV_GET_ALLSESSIONS _IOR(AUDITSDEV_IOBASE, 100, u_int) | |
98 | #define AUDITSDEV_SET_ALLSESSIONS _IOW(AUDITSDEV_IOBASE, 101, u_int) | |
99 | ||
100 | /* | |
101 | * Ioctls to retrieve audit sessions device statistics. | |
102 | */ | |
103 | #define AUDITSDEV_GET_INSERTS _IOR(AUDITSDEV_IOBASE, 200, u_int64_t) | |
104 | #define AUDITSDEV_GET_READS _IOR(AUDITSDEV_IOBASE, 201, u_int64_t) | |
105 | #define AUDITSDEV_GET_DROPS _IOR(AUDITSDEV_IOBASE, 202, u_int64_t) | |
106 | ||
107 | #endif /* _SECURITY_AUDIT_AUDIT_IOCTL_H_ */ |