Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/bsm/audit_internal.h
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2005-2008 Apple Inc. 5 * Copyright (c) 2005 SPARTA, Inc. 6 * All rights reserved. 7 * 8 * This code was developed in part by Robert N. M. Watson, Senior Principal 9 * Scientist, SPARTA, Inc. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of Apple Inc. ("Apple") nor the names of 21 * its contributors may be used to endorse or promote products derived 22 * from this software without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY 25 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 26 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 27 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY 28 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 29 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 30 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 31 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 * 35 * $FreeBSD$ 36 */ 37 38 #ifndef _AUDIT_INTERNAL_H 39 #define _AUDIT_INTERNAL_H 40 41 #if defined(__linux__) && !defined(__unused) 42 #define __unused 43 #endif 44 45 /* 46 * audit_internal.h contains private interfaces that are shared by user space 47 * and the kernel for the purposes of assembling audit records. Applications 48 * should not include this file or use the APIs found within, or it may be 49 * broken with future releases of OpenBSM, which may delete, modify, or 50 * otherwise break these interfaces or the assumptions they rely on. 51 */ 52 struct au_token { 53 u_char *t_data; 54 size_t len; 55 TAILQ_ENTRY(au_token) tokens; 56 }; 57 58 struct au_record { 59 char used; /* Record currently in use? */ 60 int desc; /* Descriptor for record. */ 61 TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */ 62 u_char *data; 63 size_t len; 64 LIST_ENTRY(au_record) au_rec_q; 65 }; 66 typedef struct au_record au_record_t; 67 68 69 /* 70 * We could determined the header and trailer sizes by defining appropriate 71 * structures. We hold off that approach until we have a consistent way of 72 * using structures for all tokens. This is not straightforward since these 73 * token structures may contain pointers of whose contents we do not know the 74 * size (e.g text tokens). 75 */ 76 #define AUDIT_HEADER_EX_SIZE(a) ((a)->ai_termid.at_type+18+sizeof(u_int32_t)) 77 #define AUDIT_HEADER_SIZE 18 78 #define MAX_AUDIT_HEADER_SIZE (5*sizeof(u_int32_t)+18) 79 #define AUDIT_TRAILER_SIZE 7 80 81 /* 82 * BSM token streams store fields in big endian byte order, so as to be 83 * portable; when encoding and decoding, we must convert byte orders for 84 * typed values. 85 */ 86 #define ADD_U_CHAR(loc, val) \ 87 do { \ 88 *(loc) = (val); \ 89 (loc) += sizeof(u_char); \ 90 } while(0) 91 92 93 #define ADD_U_INT16(loc, val) \ 94 do { \ 95 be16enc((loc), (val)); \ 96 (loc) += sizeof(u_int16_t); \ 97 } while(0) 98 99 #define ADD_U_INT32(loc, val) \ 100 do { \ 101 be32enc((loc), (val)); \ 102 (loc) += sizeof(u_int32_t); \ 103 } while(0) 104 105 #define ADD_U_INT64(loc, val) \ 106 do { \ 107 be64enc((loc), (val)); \ 108 (loc) += sizeof(u_int64_t); \ 109 } while(0) 110 111 #define ADD_MEM(loc, data, size) \ 112 do { \ 113 memcpy((loc), (data), (size)); \ 114 (loc) += size; \ 115 } while(0) 116 117 #define ADD_STRING(loc, data, size) ADD_MEM(loc, data, size) 118 119 #endif /* !_AUDIT_INTERNAL_H_ */
Cache object: 5476f6783d9939ced6e1ae8e884aa98b
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]