X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/fe8ab488e9161c46dd9885d58fc52996dc0249ff..e8c3f78193f1895ea514044358b93b1add9322f3:/bsd/security/audit/audit_arg.c

diff --git a/bsd/security/audit/audit_arg.c b/bsd/security/audit/audit_arg.c
index 4b16e76b6..950d1f49f 100644
--- a/bsd/security/audit/audit_arg.c
+++ b/bsd/security/audit/audit_arg.c
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2012 Apple Inc.
+ * Copyright (c) 1999-2016 Apple Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -59,6 +59,8 @@
 #include <sys/domain.h>
 #include <sys/protosw.h>
 #include <sys/socketvar.h>
+#include <sys/codesign.h>
+#include <sys/ubc.h>
 
 #include <bsm/audit.h>
 #include <bsm/audit_internal.h>
@@ -75,7 +77,6 @@
 #include <kern/host.h>
 #include <kern/kalloc.h>
 #include <kern/zalloc.h>
-#include <kern/wait_queue.h>
 #include <kern/sched_prim.h>
 
 #if CONFIG_MACF
@@ -135,6 +136,14 @@ audit_arg_len(struct kaudit_record *ar, user_size_t len)
 	ARG_SET_VALID(ar, ARG_LEN);
 }
 
+void
+audit_arg_fd2(struct kaudit_record *ar, int fd)
+{
+
+	ar->k_ar.ar_arg_fd2 = fd;
+	ARG_SET_VALID(ar, ARG_FD2);
+}
+
 void
 audit_arg_fd(struct kaudit_record *ar, int fd)
 {
@@ -347,16 +356,20 @@ void
 audit_arg_sockaddr(struct kaudit_record *ar, struct vnode *cwd_vp,
     struct sockaddr *sa)
 {
-	int slen;
+	char path[SOCK_MAXADDRLEN - offsetof(struct sockaddr_un, sun_path) + 1] = "";
 	struct sockaddr_un *sun;
-	char path[SOCK_MAXADDRLEN - offsetof(struct sockaddr_un, sun_path) + 1];
+	ssize_t namelen;
 
 	KASSERT(sa != NULL, ("audit_arg_sockaddr: sa == NULL"));
 
 	if (cwd_vp == NULL || sa == NULL)
 		return;
 
-	bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sa->sa_len);
+	if (sa->sa_len > sizeof(ar->k_ar.ar_arg_sockaddr))
+		bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sizeof(ar->k_ar.ar_arg_sockaddr));
+	else
+		bcopy(sa, &ar->k_ar.ar_arg_sockaddr, sa->sa_len);
+
 	switch (sa->sa_family) {
 	case AF_INET:
 		ARG_SET_VALID(ar, ARG_SADDRINET);
@@ -368,20 +381,14 @@ audit_arg_sockaddr(struct kaudit_record *ar, struct vnode *cwd_vp,
 
 	case AF_UNIX:
 		sun = (struct sockaddr_un *)sa;
-		slen = sun->sun_len - offsetof(struct sockaddr_un, sun_path);
-
-		if (slen >= 0) {
+		namelen = sun->sun_len - offsetof(struct sockaddr_un, sun_path);
+		if (namelen > 0 && (size_t)namelen < sizeof(path)) {
 			/*
-			 * Make sure the path is NULL-terminated
+			 * Make sure the path is NUL-terminated
 			 */
-			if (sun->sun_path[slen] != 0) {
-				bcopy(sun->sun_path, path, slen);
-				path[slen] = 0;
-				audit_arg_upath(ar, cwd_vp, path, ARG_UPATH1);
-			} else {
-				audit_arg_upath(ar, cwd_vp, sun->sun_path, 
-					ARG_UPATH1);
-			}
+			bcopy(sun->sun_path, path, namelen);
+			path[namelen] = 0;
+			audit_arg_upath(ar, cwd_vp, path, ARG_UPATH1);
 		}
 		ARG_SET_VALID(ar, ARG_SADDRUNIX);
 		break;
@@ -895,4 +902,91 @@ audit_sysclose(struct kaudit_record *ar, proc_t p, int fd)
 	fp_drop(p, fd, fp, 0);
 }
 
+void
+audit_identity_info_destruct(struct au_identity_info *id_info)
+{
+	if (!id_info) {
+		return;
+	}
+
+	if (id_info->signing_id != NULL) {
+		free(id_info->signing_id, M_AUDITTEXT);
+		id_info->signing_id = NULL;
+	}
+
+	if (id_info->team_id != NULL) {
+		free(id_info->team_id, M_AUDITTEXT);
+		id_info->team_id = NULL;
+	}
+
+	if (id_info->cdhash != NULL) {
+		free(id_info->cdhash, M_AUDITDATA);
+		id_info->cdhash = NULL;
+	}
+}
+
+void
+audit_identity_info_construct(struct au_identity_info *id_info)
+{
+	struct proc *p;
+	struct cs_blob *blob;
+	unsigned int signer_type = 0;
+	const char *signing_id = NULL;
+	const char* team_id = NULL;
+	const uint8_t *cdhash = NULL;
+	size_t src_len = 0;
+
+	p = current_proc();
+	blob = csproc_get_blob(p);
+	if (blob) {
+		signing_id = csblob_get_identity(blob);
+		cdhash = csblob_get_cdhash(blob);
+		team_id = csblob_get_teamid(blob);
+		signer_type = csblob_get_platform_binary(blob) ? 1 : 0;
+	}
+
+	id_info->signer_type = signer_type;
+
+	if (id_info->signing_id == NULL && signing_id != NULL) {
+		id_info->signing_id = malloc( MAX_AU_IDENTITY_SIGNING_ID_LENGTH,
+			M_AUDITTEXT, M_WAITOK);
+		if (id_info->signing_id != NULL) {
+			src_len = strlcpy(id_info->signing_id,
+				signing_id, MAX_AU_IDENTITY_SIGNING_ID_LENGTH);
+
+			if (src_len >= MAX_AU_IDENTITY_SIGNING_ID_LENGTH) {
+				id_info->signing_id_trunc = 1;
+			}
+		}
+	}
+
+	if (id_info->team_id == NULL && team_id != NULL) {
+		id_info->team_id = malloc(MAX_AU_IDENTITY_TEAM_ID_LENGTH,
+			M_AUDITTEXT, M_WAITOK);
+		if (id_info->team_id != NULL) {
+			src_len = strlcpy(id_info->team_id, team_id,
+				MAX_AU_IDENTITY_TEAM_ID_LENGTH);
+
+			if (src_len >= MAX_AU_IDENTITY_TEAM_ID_LENGTH) {
+				id_info->team_id_trunc = 1;
+			}
+		}
+	}
+
+	if (id_info->cdhash == NULL && cdhash != NULL) {
+		id_info->cdhash = malloc(CS_CDHASH_LEN, M_AUDITDATA, M_WAITOK);
+		if (id_info->cdhash != NULL) {
+			memcpy(id_info->cdhash, cdhash, CS_CDHASH_LEN);
+			id_info->cdhash_len = CS_CDHASH_LEN;
+		}
+	}
+}
+
+void
+audit_arg_identity(struct kaudit_record *ar)
+{
+	audit_identity_info_construct(&ar->k_ar.ar_arg_identity);
+	ARG_SET_VALID(ar, ARG_IDENTITY);
+}
+
 #endif /* CONFIG_AUDIT */