sys/security/audit/audit_bsm_domain.c

   1 /*-
   2  * Copyright (c) 2008 Apple Inc.
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1.  Redistributions of source code must retain the above copyright
   9  *     notice, this list of conditions and the following disclaimer.
  10  * 2.  Redistributions in binary form must reproduce the above copyright
  11  *     notice, this list of conditions and the following disclaimer in the
  12  *     documentation and/or other materials provided with the distribution.
  13  * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
  14  *     its contributors may be used to endorse or promote products derived
  15  *     from this software without specific prior written permission.
  16  *
  17  * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
  18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  20  * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
  21  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  25  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
  26  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  27  * POSSIBILITY OF SUCH DAMAGE.
  28  *
  29  * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#3
  30  */
  31
  32 #include <sys/cdefs.h>
  33 __FBSDID("$FreeBSD$");
  34
  35 #include <sys/param.h>
  36 #include <sys/socket.h>
  37
  38 #include <security/audit/audit.h>
  39
  40 #include <bsm/audit_domain.h>
  41 #include <bsm/audit_record.h>
  42
  43 struct bsm_domain {
  44         u_short bd_bsm_domain;
  45         int     bd_local_domain;
  46 };
  47
  48 #define PF_NO_LOCAL_MAPPING     -600
  49
  50 static const struct bsm_domain bsm_domains[] = {
  51         { BSM_PF_UNSPEC, PF_UNSPEC },
  52         { BSM_PF_LOCAL, PF_LOCAL },
  53         { BSM_PF_INET, PF_INET },
  54         { BSM_PF_IMPLINK,
  55 #ifdef PF_IMPLINK
  56         PF_IMPLINK
  57 #else
  58         PF_NO_LOCAL_MAPPING
  59 #endif
  60         },
  61         { BSM_PF_PUP,
  62 #ifdef PF_PUP
  63         PF_PUP
  64 #else
  65         PF_NO_LOCAL_MAPPING
  66 #endif
  67         },
  68         { BSM_PF_CHAOS,
  69 #ifdef PF_CHAOS
  70         PF_CHAOS
  71 #else
  72         PF_NO_LOCAL_MAPPING
  73 #endif
  74         },
  75         { BSM_PF_NS,
  76 #ifdef PF_NS
  77         PF_NS
  78 #else
  79         PF_NO_LOCAL_MAPPING
  80 #endif
  81         },
  82         { BSM_PF_NBS,
  83 #ifdef PF_NBS
  84         PF_NBS
  85 #else
  86         PF_NO_LOCAL_MAPPING
  87 #endif
  88         },
  89         { BSM_PF_ECMA,
  90 #ifdef PF_ECMA
  91         PF_ECMA
  92 #else
  93         PF_NO_LOCAL_MAPPING
  94 #endif
  95         },
  96         { BSM_PF_DATAKIT,
  97 #ifdef PF_DATAKIT
  98         PF_DATAKIT
  99 #else
 100         PF_NO_LOCAL_MAPPING
 101 #endif
 102         },
 103         { BSM_PF_CCITT,
 104 #ifdef PF_CCITT
 105         PF_CCITT
 106 #else
 107         PF_NO_LOCAL_MAPPING
 108 #endif
 109         },
 110         { BSM_PF_SNA, PF_SNA },
 111         { BSM_PF_DECnet, PF_DECnet },
 112         { BSM_PF_DLI,
 113 #ifdef PF_DLI
 114         PF_DLI
 115 #else
 116         PF_NO_LOCAL_MAPPING
 117 #endif
 118         },
 119         { BSM_PF_LAT,
 120 #ifdef PF_LAT
 121         PF_LAT
 122 #else
 123         PF_NO_LOCAL_MAPPING
 124 #endif
 125         },
 126         { BSM_PF_HYLINK,
 127 #ifdef PF_HYLINK
 128         PF_HYLINK
 129 #else
 130         PF_NO_LOCAL_MAPPING
 131 #endif
 132         },
 133         { BSM_PF_APPLETALK, PF_APPLETALK },
 134         { BSM_PF_NIT,
 135 #ifdef PF_NIT
 136         PF_NIT
 137 #else
 138         PF_NO_LOCAL_MAPPING
 139 #endif
 140         },
 141         { BSM_PF_802,
 142 #ifdef PF_802
 143         PF_802
 144 #else
 145         PF_NO_LOCAL_MAPPING
 146 #endif
 147         },
 148         { BSM_PF_OSI,
 149 #ifdef PF_OSI
 150         PF_OSI
 151 #else
 152         PF_NO_LOCAL_MAPPING
 153 #endif
 154         },
 155         { BSM_PF_X25,
 156 #ifdef PF_X25
 157         PF_X25
 158 #else
 159         PF_NO_LOCAL_MAPPING
 160 #endif
 161         },
 162         { BSM_PF_OSINET,
 163 #ifdef PF_OSINET
 164         PF_OSINET
 165 #else
 166         PF_NO_LOCAL_MAPPING
 167 #endif
 168         },
 169         { BSM_PF_GOSIP,
 170 #ifdef PF_GOSIP
 171         PF_GOSIP
 172 #else
 173         PF_NO_LOCAL_MAPPING
 174 #endif
 175         },
 176         { BSM_PF_IPX, PF_IPX },
 177         { BSM_PF_ROUTE, PF_ROUTE },
 178         { BSM_PF_LINK,
 179 #ifdef PF_LINK
 180         PF_LINK
 181 #else
 182         PF_NO_LOCAL_MAPPING
 183 #endif
 184         },
 185         { BSM_PF_INET6, PF_INET6 },
 186         { BSM_PF_KEY, PF_KEY },
 187         { BSM_PF_NCA,
 188 #ifdef PF_NCA
 189         PF_NCA
 190 #else
 191         PF_NO_LOCAL_MAPPING
 192 #endif
 193         },
 194         { BSM_PF_POLICY,
 195 #ifdef PF_POLICY
 196         PF_POLICY
 197 #else
 198         PF_NO_LOCAL_MAPPING
 199 #endif
 200         },
 201         { BSM_PF_INET_OFFLOAD,
 202 #ifdef PF_INET_OFFLOAD
 203         PF_INET_OFFLOAD
 204 #else
 205         PF_NO_LOCAL_MAPPING
 206 #endif
 207         },
 208         { BSM_PF_NETBIOS,
 209 #ifdef PF_NETBIOS
 210         PF_NETBIOS
 211 #else
 212         PF_NO_LOCAL_MAPPING
 213 #endif
 214         },
 215         { BSM_PF_ISO,
 216 #ifdef PF_ISO
 217         PF_ISO
 218 #else
 219         PF_NO_LOCAL_MAPPING
 220 #endif
 221         },
 222         { BSM_PF_XTP,
 223 #ifdef PF_XTP
 224         PF_XTP
 225 #else
 226         PF_NO_LOCAL_MAPPING
 227 #endif
 228         },
 229         { BSM_PF_COIP,
 230 #ifdef PF_COIP
 231         PF_COIP
 232 #else
 233         PF_NO_LOCAL_MAPPING
 234 #endif
 235         },
 236         { BSM_PF_CNT,
 237 #ifdef PF_CNT
 238         PF_CNT
 239 #else
 240         PF_NO_LOCAL_MAPPING
 241 #endif
 242         },
 243         { BSM_PF_RTIP,
 244 #ifdef PF_RTIP
 245         PF_RTIP
 246 #else
 247         PF_NO_LOCAL_MAPPING
 248 #endif
 249         },
 250         { BSM_PF_SIP,
 251 #ifdef PF_SIP
 252         PF_SIP
 253 #else
 254         PF_NO_LOCAL_MAPPING
 255 #endif
 256         },
 257         { BSM_PF_PIP,
 258 #ifdef PF_PIP
 259         PF_PIP
 260 #else
 261         PF_NO_LOCAL_MAPPING
 262 #endif
 263         },
 264         { BSM_PF_ISDN,
 265 #ifdef PF_ISDN
 266         PF_ISDN
 267 #else
 268         PF_NO_LOCAL_MAPPING
 269 #endif
 270         },
 271         { BSM_PF_E164,
 272 #ifdef PF_E164
 273         PF_E164
 274 #else
 275         PF_NO_LOCAL_MAPPING
 276 #endif
 277         },
 278         { BSM_PF_NATM,
 279 #ifdef PF_NATM
 280         PF_NATM
 281 #else
 282         PF_NO_LOCAL_MAPPING
 283 #endif
 284         },
 285         { BSM_PF_ATM,
 286 #ifdef PF_ATM
 287         PF_ATM
 288 #else
 289         PF_NO_LOCAL_MAPPING
 290 #endif
 291         },
 292         { BSM_PF_NETGRAPH,
 293 #ifdef PF_NETGRAPH
 294         PF_NETGRAPH
 295 #else
 296         PF_NO_LOCAL_MAPPING
 297 #endif
 298         },
 299         { BSM_PF_SLOW,
 300 #ifdef PF_SLOW
 301         PF_SLOW
 302 #else
 303         PF_NO_LOCAL_MAPPING
 304 #endif
 305         },
 306         { BSM_PF_SCLUSTER,
 307 #ifdef PF_SCLUSTER
 308         PF_SCLUSTER
 309 #else
 310         PF_NO_LOCAL_MAPPING
 311 #endif
 312         },
 313         { BSM_PF_ARP,
 314 #ifdef PF_ARP
 315         PF_ARP
 316 #else
 317         PF_NO_LOCAL_MAPPING
 318 #endif
 319         },
 320         { BSM_PF_BLUETOOTH,
 321 #ifdef PF_BLUETOOTH
 322         PF_BLUETOOTH
 323 #else
 324         PF_NO_LOCAL_MAPPING
 325 #endif
 326         },
 327         { BSM_PF_AX25,
 328 #ifdef PF_AX25
 329         PF_AX25
 330 #else
 331         PF_NO_LOCAL_MAPPING
 332 #endif
 333         },
 334         { BSM_PF_ROSE,
 335 #ifdef PF_ROSE
 336         PF_ROSE
 337 #else
 338         PF_NO_LOCAL_MAPPING
 339 #endif
 340         },
 341         { BSM_PF_NETBEUI,
 342 #ifdef PF_NETBEUI
 343         PF_NETBEUI
 344 #else
 345         PF_NO_LOCAL_MAPPING
 346 #endif
 347         },
 348         { BSM_PF_SECURITY,
 349 #ifdef PF_SECURITY
 350         PF_SECURITY
 351 #else
 352         PF_NO_LOCAL_MAPPING
 353 #endif
 354         },
 355         { BSM_PF_PACKET,
 356 #ifdef PF_PACKET
 357         PF_PACKET
 358 #else
 359         PF_NO_LOCAL_MAPPING
 360 #endif
 361         },
 362         { BSM_PF_ASH,
 363 #ifdef PF_ASH
 364         PF_ASH
 365 #else
 366         PF_NO_LOCAL_MAPPING
 367 #endif
 368         },
 369         { BSM_PF_ECONET,
 370 #ifdef PF_ECONET
 371         PF_ECONET
 372 #else
 373         PF_NO_LOCAL_MAPPING
 374 #endif
 375         },
 376         { BSM_PF_ATMSVC,
 377 #ifdef PF_ATMSVC
 378         PF_ATMSVC
 379 #else
 380         PF_NO_LOCAL_MAPPING
 381 #endif
 382         },
 383         { BSM_PF_IRDA,
 384 #ifdef PF_IRDA
 385         PF_IRDA
 386 #else
 387         PF_NO_LOCAL_MAPPING
 388 #endif
 389         },
 390         { BSM_PF_PPPOX,
 391 #ifdef PF_PPPOX
 392         PF_PPPOX
 393 #else
 394         PF_NO_LOCAL_MAPPING
 395 #endif
 396         },
 397         { BSM_PF_WANPIPE,
 398 #ifdef PF_WANPIPE
 399         PF_WANPIPE
 400 #else
 401         PF_NO_LOCAL_MAPPING
 402 #endif
 403         },
 404         { BSM_PF_LLC,
 405 #ifdef PF_LLC
 406         PF_LLC
 407 #else
 408         PF_NO_LOCAL_MAPPING
 409 #endif
 410         },
 411         { BSM_PF_CAN,
 412 #ifdef PF_CAN
 413         PF_CAN
 414 #else
 415         PF_NO_LOCAL_MAPPING
 416 #endif
 417         },
 418         { BSM_PF_TIPC,
 419 #ifdef PF_TIPC
 420         PF_TIPC
 421 #else
 422         PF_NO_LOCAL_MAPPING
 423 #endif
 424         },
 425         { BSM_PF_IUCV,
 426 #ifdef PF_IUCV
 427         PF_IUCV
 428 #else
 429         PF_NO_LOCAL_MAPPING
 430 #endif
 431         },
 432         { BSM_PF_RXRPC,
 433 #ifdef PF_RXRPC
 434         PF_RXRPC
 435 #else
 436         PF_NO_LOCAL_MAPPING
 437 #endif
 438         },
 439         { BSM_PF_PHONET,
 440 #ifdef PF_PHONET
 441         PF_PHONET
 442 #else
 443         PF_NO_LOCAL_MAPPING
 444 #endif
 445         },
 446 };
 447 static const int bsm_domains_count = sizeof(bsm_domains) /
 448             sizeof(bsm_domains[0]);
 449
 450 static const struct bsm_domain *
 451 bsm_lookup_local_domain(int local_domain)
 452 {
 453         int i;
 454
 455         for (i = 0; i < bsm_domains_count; i++) {
 456                 if (bsm_domains[i].bd_local_domain == local_domain)
 457                         return (&bsm_domains[i]);
 458         }
 459         return (NULL);
 460 }
 461
 462 u_short
 463 au_domain_to_bsm(int local_domain)
 464 {
 465         const struct bsm_domain *bstp;
 466
 467         bstp = bsm_lookup_local_domain(local_domain);
 468         if (bstp == NULL)
 469                 return (BSM_PF_UNKNOWN);
 470         return (bstp->bd_bsm_domain);
 471 }
 472
 473 static const struct bsm_domain *
 474 bsm_lookup_bsm_domain(u_short bsm_domain)
 475 {
 476         int i;
 477
 478         for (i = 0; i < bsm_domains_count; i++) {
 479                 if (bsm_domains[i].bd_bsm_domain == bsm_domain)
 480                         return (&bsm_domains[i]);
 481         }
 482         return (NULL);
 483 }
 484
 485 int
 486 au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
 487 {
 488         const struct bsm_domain *bstp;
 489
 490         bstp = bsm_lookup_bsm_domain(bsm_domain);
 491         if (bstp == NULL || bstp->bd_local_domain)
 492                 return (-1);
 493         *local_domainp = bstp->bd_local_domain;
 494         return (0);
 495 }