bsd/security/audit/audit_bsm_domain.c

   1 /*-
   2  * Copyright (c) 2008-2009 Apple Inc.
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1.  Redistributions of source code must retain the above copyright
   9  *     notice, this list of conditions and the following disclaimer.
  10  * 2.  Redistributions in binary form must reproduce the above copyright
  11  *     notice, this list of conditions and the following disclaimer in the
  12  *     documentation and/or other materials provided with the distribution.
  13  * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
  14  *     its contributors may be used to endorse or promote products derived
  15  *     from this software without specific prior written permission.
  16  *
  17  * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
  18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  20  * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
  21  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  25  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
  26  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  27  * POSSIBILITY OF SUCH DAMAGE.
  28  *
  29  */
  30
  31 #include <sys/param.h>
  32 #include <sys/socket.h>
  33
  34 #include <security/audit/audit.h>
  35
  36 #include <bsm/audit_domain.h>
  37 #include <bsm/audit_record.h>
  38
  39 #if CONFIG_AUDIT
  40 struct bsm_domain {
  41         u_short bd_bsm_domain;
  42         int     bd_local_domain;
  43 };
  44
  45 #define PF_NO_LOCAL_MAPPING     -600
  46
  47 static const struct bsm_domain bsm_domains[] = {
  48         { BSM_PF_UNSPEC, PF_UNSPEC },
  49         { BSM_PF_LOCAL, PF_LOCAL },
  50         { BSM_PF_INET, PF_INET },
  51         { BSM_PF_IMPLINK,
  52 #ifdef PF_IMPLINK
  53         PF_IMPLINK
  54 #else
  55         PF_NO_LOCAL_MAPPING
  56 #endif
  57         },
  58         { BSM_PF_PUP,
  59 #ifdef PF_PUP
  60         PF_PUP
  61 #else
  62         PF_NO_LOCAL_MAPPING
  63 #endif
  64         },
  65         { BSM_PF_CHAOS,
  66 #ifdef PF_CHAOS
  67         PF_CHAOS
  68 #else
  69         PF_NO_LOCAL_MAPPING
  70 #endif
  71         },
  72         { BSM_PF_NS,
  73 #ifdef PF_NS
  74         PF_NS
  75 #else
  76         PF_NO_LOCAL_MAPPING
  77 #endif
  78         },
  79         { BSM_PF_NBS,
  80 #ifdef PF_NBS
  81         PF_NBS
  82 #else
  83         PF_NO_LOCAL_MAPPING
  84 #endif
  85         },
  86         { BSM_PF_ECMA,
  87 #ifdef PF_ECMA
  88         PF_ECMA
  89 #else
  90         PF_NO_LOCAL_MAPPING
  91 #endif
  92         },
  93         { BSM_PF_DATAKIT,
  94 #ifdef PF_DATAKIT
  95         PF_DATAKIT
  96 #else
  97         PF_NO_LOCAL_MAPPING
  98 #endif
  99         },
 100         { BSM_PF_CCITT,
 101 #ifdef PF_CCITT
 102         PF_CCITT
 103 #else
 104         PF_NO_LOCAL_MAPPING
 105 #endif
 106         },
 107         { BSM_PF_SNA, PF_SNA },
 108         { BSM_PF_DECnet, PF_DECnet },
 109         { BSM_PF_DLI,
 110 #ifdef PF_DLI
 111         PF_DLI
 112 #else
 113         PF_NO_LOCAL_MAPPING
 114 #endif
 115         },
 116         { BSM_PF_LAT,
 117 #ifdef PF_LAT
 118         PF_LAT
 119 #else
 120         PF_NO_LOCAL_MAPPING
 121 #endif
 122         },
 123         { BSM_PF_HYLINK,
 124 #ifdef PF_HYLINK
 125         PF_HYLINK
 126 #else
 127         PF_NO_LOCAL_MAPPING
 128 #endif
 129         },
 130         { BSM_PF_APPLETALK, PF_APPLETALK },
 131         { BSM_PF_NIT,
 132 #ifdef PF_NIT
 133         PF_NIT
 134 #else
 135         PF_NO_LOCAL_MAPPING
 136 #endif
 137         },
 138         { BSM_PF_802,
 139 #ifdef PF_802
 140         PF_802
 141 #else
 142         PF_NO_LOCAL_MAPPING
 143 #endif
 144         },
 145         { BSM_PF_OSI,
 146 #ifdef PF_OSI
 147         PF_OSI
 148 #else
 149         PF_NO_LOCAL_MAPPING
 150 #endif
 151         },
 152         { BSM_PF_X25,
 153 #ifdef PF_X25
 154         PF_X25
 155 #else
 156         PF_NO_LOCAL_MAPPING
 157 #endif
 158         },
 159         { BSM_PF_OSINET,
 160 #ifdef PF_OSINET
 161         PF_OSINET
 162 #else
 163         PF_NO_LOCAL_MAPPING
 164 #endif
 165         },
 166         { BSM_PF_GOSIP,
 167 #ifdef PF_GOSIP
 168         PF_GOSIP
 169 #else
 170         PF_NO_LOCAL_MAPPING
 171 #endif
 172         },
 173         { BSM_PF_IPX, PF_IPX },
 174         { BSM_PF_ROUTE, PF_ROUTE },
 175         { BSM_PF_LINK,
 176 #ifdef PF_LINK
 177         PF_LINK
 178 #else
 179         PF_NO_LOCAL_MAPPING
 180 #endif
 181         },
 182         { BSM_PF_INET6, PF_INET6 },
 183         { BSM_PF_KEY, PF_KEY },
 184         { BSM_PF_NCA,
 185 #ifdef PF_NCA
 186         PF_NCA
 187 #else
 188         PF_NO_LOCAL_MAPPING
 189 #endif
 190         },
 191         { BSM_PF_POLICY,
 192 #ifdef PF_POLICY
 193         PF_POLICY
 194 #else
 195         PF_NO_LOCAL_MAPPING
 196 #endif
 197         },
 198         { BSM_PF_INET_OFFLOAD,
 199 #ifdef PF_INET_OFFLOAD
 200         PF_INET_OFFLOAD
 201 #else
 202         PF_NO_LOCAL_MAPPING
 203 #endif
 204         },
 205         { BSM_PF_NETBIOS,
 206 #ifdef PF_NETBIOS
 207         PF_NETBIOS
 208 #else
 209         PF_NO_LOCAL_MAPPING
 210 #endif
 211         },
 212         { BSM_PF_ISO,
 213 #ifdef PF_ISO
 214         PF_ISO
 215 #else
 216         PF_NO_LOCAL_MAPPING
 217 #endif
 218         },
 219         { BSM_PF_XTP,
 220 #ifdef PF_XTP
 221         PF_XTP
 222 #else
 223         PF_NO_LOCAL_MAPPING
 224 #endif
 225         },
 226         { BSM_PF_COIP,
 227 #ifdef PF_COIP
 228         PF_COIP
 229 #else
 230         PF_NO_LOCAL_MAPPING
 231 #endif
 232         },
 233         { BSM_PF_CNT,
 234 #ifdef PF_CNT
 235         PF_CNT
 236 #else
 237         PF_NO_LOCAL_MAPPING
 238 #endif
 239         },
 240         { BSM_PF_RTIP,
 241 #ifdef PF_RTIP
 242         PF_RTIP
 243 #else
 244         PF_NO_LOCAL_MAPPING
 245 #endif
 246         },
 247         { BSM_PF_SIP,
 248 #ifdef PF_SIP
 249         PF_SIP
 250 #else
 251         PF_NO_LOCAL_MAPPING
 252 #endif
 253         },
 254         { BSM_PF_PIP,
 255 #ifdef PF_PIP
 256         PF_PIP
 257 #else
 258         PF_NO_LOCAL_MAPPING
 259 #endif
 260         },
 261         { BSM_PF_ISDN,
 262 #ifdef PF_ISDN
 263         PF_ISDN
 264 #else
 265         PF_NO_LOCAL_MAPPING
 266 #endif
 267         },
 268         { BSM_PF_E164,
 269 #ifdef PF_E164
 270         PF_E164
 271 #else
 272         PF_NO_LOCAL_MAPPING
 273 #endif
 274         },
 275         { BSM_PF_NATM,
 276 #ifdef PF_NATM
 277         PF_NATM
 278 #else
 279         PF_NO_LOCAL_MAPPING
 280 #endif
 281         },
 282         { BSM_PF_ATM,
 283 #ifdef PF_ATM
 284         PF_ATM
 285 #else
 286         PF_NO_LOCAL_MAPPING
 287 #endif
 288         },
 289         { BSM_PF_NETGRAPH,
 290 #ifdef PF_NETGRAPH
 291         PF_NETGRAPH
 292 #else
 293         PF_NO_LOCAL_MAPPING
 294 #endif
 295         },
 296         { BSM_PF_SLOW,
 297 #ifdef PF_SLOW
 298         PF_SLOW
 299 #else
 300         PF_NO_LOCAL_MAPPING
 301 #endif
 302         },
 303         { BSM_PF_SCLUSTER,
 304 #ifdef PF_SCLUSTER
 305         PF_SCLUSTER
 306 #else
 307         PF_NO_LOCAL_MAPPING
 308 #endif
 309         },
 310         { BSM_PF_ARP,
 311 #ifdef PF_ARP
 312         PF_ARP
 313 #else
 314         PF_NO_LOCAL_MAPPING
 315 #endif
 316         },
 317         { BSM_PF_BLUETOOTH,
 318 #ifdef PF_BLUETOOTH
 319         PF_BLUETOOTH
 320 #else
 321         PF_NO_LOCAL_MAPPING
 322 #endif
 323         },
 324         { BSM_PF_IEEE80211,
 325 #ifdef PF_IEEE80211
 326         PF_IEEE80211
 327 #else
 328         PF_NO_LOCAL_MAPPING
 329 #endif
 330         },
 331         { BSM_PF_AX25,
 332 #ifdef PF_AX25
 333         PF_AX25
 334 #else
 335         PF_NO_LOCAL_MAPPING
 336 #endif
 337         },
 338         { BSM_PF_ROSE,
 339 #ifdef PF_ROSE
 340         PF_ROSE
 341 #else
 342         PF_NO_LOCAL_MAPPING
 343 #endif
 344         },
 345         { BSM_PF_NETBEUI,
 346 #ifdef PF_NETBEUI
 347         PF_NETBEUI
 348 #else
 349         PF_NO_LOCAL_MAPPING
 350 #endif
 351         },
 352         { BSM_PF_SECURITY,
 353 #ifdef PF_SECURITY
 354         PF_SECURITY
 355 #else
 356         PF_NO_LOCAL_MAPPING
 357 #endif
 358         },
 359         { BSM_PF_PACKET,
 360 #ifdef PF_PACKET
 361         PF_PACKET
 362 #else
 363         PF_NO_LOCAL_MAPPING
 364 #endif
 365         },
 366         { BSM_PF_ASH,
 367 #ifdef PF_ASH
 368         PF_ASH
 369 #else
 370         PF_NO_LOCAL_MAPPING
 371 #endif
 372         },
 373         { BSM_PF_ECONET,
 374 #ifdef PF_ECONET
 375         PF_ECONET
 376 #else
 377         PF_NO_LOCAL_MAPPING
 378 #endif
 379         },
 380         { BSM_PF_ATMSVC,
 381 #ifdef PF_ATMSVC
 382         PF_ATMSVC
 383 #else
 384         PF_NO_LOCAL_MAPPING
 385 #endif
 386         },
 387         { BSM_PF_IRDA,
 388 #ifdef PF_IRDA
 389         PF_IRDA
 390 #else
 391         PF_NO_LOCAL_MAPPING
 392 #endif
 393         },
 394         { BSM_PF_PPPOX,
 395 #ifdef PF_PPPOX
 396         PF_PPPOX
 397 #else
 398         PF_NO_LOCAL_MAPPING
 399 #endif
 400         },
 401         { BSM_PF_WANPIPE,
 402 #ifdef PF_WANPIPE
 403         PF_WANPIPE
 404 #else
 405         PF_NO_LOCAL_MAPPING
 406 #endif
 407         },
 408         { BSM_PF_LLC,
 409 #ifdef PF_LLC
 410         PF_LLC
 411 #else
 412         PF_NO_LOCAL_MAPPING
 413 #endif
 414         },
 415         { BSM_PF_CAN,
 416 #ifdef PF_CAN
 417         PF_CAN
 418 #else
 419         PF_NO_LOCAL_MAPPING
 420 #endif
 421         },
 422         { BSM_PF_TIPC,
 423 #ifdef PF_TIPC
 424         PF_TIPC
 425 #else
 426         PF_NO_LOCAL_MAPPING
 427 #endif
 428         },
 429         { BSM_PF_IUCV,
 430 #ifdef PF_IUCV
 431         PF_IUCV
 432 #else
 433         PF_NO_LOCAL_MAPPING
 434 #endif
 435         },
 436         { BSM_PF_RXRPC,
 437 #ifdef PF_RXRPC
 438         PF_RXRPC
 439 #else
 440         PF_NO_LOCAL_MAPPING
 441 #endif
 442         },
 443         { BSM_PF_PHONET,
 444 #ifdef PF_PHONET
 445         PF_PHONET
 446 #else
 447         PF_NO_LOCAL_MAPPING
 448 #endif
 449         },
 450 };
 451 static const int bsm_domains_count = sizeof(bsm_domains) /
 452             sizeof(bsm_domains[0]);
 453
 454 static const struct bsm_domain *
 455 bsm_lookup_local_domain(int local_domain)
 456 {
 457         int i;
 458
 459         for (i = 0; i < bsm_domains_count; i++) {
 460                 if (bsm_domains[i].bd_local_domain == local_domain)
 461                         return (&bsm_domains[i]);
 462         }
 463         return (NULL);
 464 }
 465
 466 u_short
 467 au_domain_to_bsm(int local_domain)
 468 {
 469         const struct bsm_domain *bstp;
 470
 471         bstp = bsm_lookup_local_domain(local_domain);
 472         if (bstp == NULL)
 473                 return (BSM_PF_UNKNOWN);
 474         return (bstp->bd_bsm_domain);
 475 }
 476
 477 static const struct bsm_domain *
 478 bsm_lookup_bsm_domain(u_short bsm_domain)
 479 {
 480         int i;
 481
 482         for (i = 0; i < bsm_domains_count; i++) {
 483                 if (bsm_domains[i].bd_bsm_domain == bsm_domain)
 484                         return (&bsm_domains[i]);
 485         }
 486         return (NULL);
 487 }
 488
 489 int
 490 au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
 491 {
 492         const struct bsm_domain *bstp;
 493
 494         bstp = bsm_lookup_bsm_domain(bsm_domain);
 495         if (bstp == NULL || bstp->bd_local_domain)
 496                 return (-1);
 497         *local_domainp = bstp->bd_local_domain;
 498         return (0);
 499 }
 500 #endif /* CONFIG_AUDIT */