1 /*-
2 * Copyright (c) 2008 Apple Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of Apple Inc. ("Apple") nor the names of
14 * its contributors may be used to endorse or promote products derived
15 * from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 * POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD: releng/11.0/sys/security/audit/bsm_domain.c 292522 2015-12-20 23:22:04Z brueffer $");
32
33 #include <sys/param.h>
34 #include <sys/socket.h>
35
36 #include <security/audit/audit.h>
37
38 #include <bsm/audit_domain.h>
39 #include <bsm/audit_record.h>
40
41 struct bsm_domain {
42 u_short bd_bsm_domain;
43 int bd_local_domain;
44 };
45
46 #define PF_NO_LOCAL_MAPPING -600
47
48 static const struct bsm_domain bsm_domains[] = {
49 { BSM_PF_UNSPEC, PF_UNSPEC },
50 { BSM_PF_LOCAL, PF_LOCAL },
51 { BSM_PF_INET, PF_INET },
52 { BSM_PF_IMPLINK,
53 #ifdef PF_IMPLINK
54 PF_IMPLINK
55 #else
56 PF_NO_LOCAL_MAPPING
57 #endif
58 },
59 { BSM_PF_PUP,
60 #ifdef PF_PUP
61 PF_PUP
62 #else
63 PF_NO_LOCAL_MAPPING
64 #endif
65 },
66 { BSM_PF_CHAOS,
67 #ifdef PF_CHAOS
68 PF_CHAOS
69 #else
70 PF_NO_LOCAL_MAPPING
71 #endif
72 },
73 { BSM_PF_NS,
74 #ifdef PF_NS
75 PF_NS
76 #else
77 PF_NO_LOCAL_MAPPING
78 #endif
79 },
80 { BSM_PF_NBS,
81 #ifdef PF_NBS
82 PF_NBS
83 #else
84 PF_NO_LOCAL_MAPPING
85 #endif
86 },
87 { BSM_PF_ECMA,
88 #ifdef PF_ECMA
89 PF_ECMA
90 #else
91 PF_NO_LOCAL_MAPPING
92 #endif
93 },
94 { BSM_PF_DATAKIT,
95 #ifdef PF_DATAKIT
96 PF_DATAKIT
97 #else
98 PF_NO_LOCAL_MAPPING
99 #endif
100 },
101 { BSM_PF_CCITT,
102 #ifdef PF_CCITT
103 PF_CCITT
104 #else
105 PF_NO_LOCAL_MAPPING
106 #endif
107 },
108 { BSM_PF_SNA, PF_SNA },
109 { BSM_PF_DECnet, PF_DECnet },
110 { BSM_PF_DLI,
111 #ifdef PF_DLI
112 PF_DLI
113 #else
114 PF_NO_LOCAL_MAPPING
115 #endif
116 },
117 { BSM_PF_LAT,
118 #ifdef PF_LAT
119 PF_LAT
120 #else
121 PF_NO_LOCAL_MAPPING
122 #endif
123 },
124 { BSM_PF_HYLINK,
125 #ifdef PF_HYLINK
126 PF_HYLINK
127 #else
128 PF_NO_LOCAL_MAPPING
129 #endif
130 },
131 { BSM_PF_APPLETALK, PF_APPLETALK },
132 { BSM_PF_NIT,
133 #ifdef PF_NIT
134 PF_NIT
135 #else
136 PF_NO_LOCAL_MAPPING
137 #endif
138 },
139 { BSM_PF_802,
140 #ifdef PF_802
141 PF_802
142 #else
143 PF_NO_LOCAL_MAPPING
144 #endif
145 },
146 { BSM_PF_OSI,
147 #ifdef PF_OSI
148 PF_OSI
149 #else
150 PF_NO_LOCAL_MAPPING
151 #endif
152 },
153 { BSM_PF_X25,
154 #ifdef PF_X25
155 PF_X25
156 #else
157 PF_NO_LOCAL_MAPPING
158 #endif
159 },
160 { BSM_PF_OSINET,
161 #ifdef PF_OSINET
162 PF_OSINET
163 #else
164 PF_NO_LOCAL_MAPPING
165 #endif
166 },
167 { BSM_PF_GOSIP,
168 #ifdef PF_GOSIP
169 PF_GOSIP
170 #else
171 PF_NO_LOCAL_MAPPING
172 #endif
173 },
174 { BSM_PF_IPX, PF_IPX },
175 { BSM_PF_ROUTE, PF_ROUTE },
176 { BSM_PF_LINK,
177 #ifdef PF_LINK
178 PF_LINK
179 #else
180 PF_NO_LOCAL_MAPPING
181 #endif
182 },
183 { BSM_PF_INET6, PF_INET6 },
184 { BSM_PF_KEY, PF_KEY },
185 { BSM_PF_NCA,
186 #ifdef PF_NCA
187 PF_NCA
188 #else
189 PF_NO_LOCAL_MAPPING
190 #endif
191 },
192 { BSM_PF_POLICY,
193 #ifdef PF_POLICY
194 PF_POLICY
195 #else
196 PF_NO_LOCAL_MAPPING
197 #endif
198 },
199 { BSM_PF_INET_OFFLOAD,
200 #ifdef PF_INET_OFFLOAD
201 PF_INET_OFFLOAD
202 #else
203 PF_NO_LOCAL_MAPPING
204 #endif
205 },
206 { BSM_PF_NETBIOS,
207 #ifdef PF_NETBIOS
208 PF_NETBIOS
209 #else
210 PF_NO_LOCAL_MAPPING
211 #endif
212 },
213 { BSM_PF_ISO,
214 #ifdef PF_ISO
215 PF_ISO
216 #else
217 PF_NO_LOCAL_MAPPING
218 #endif
219 },
220 { BSM_PF_XTP,
221 #ifdef PF_XTP
222 PF_XTP
223 #else
224 PF_NO_LOCAL_MAPPING
225 #endif
226 },
227 { BSM_PF_COIP,
228 #ifdef PF_COIP
229 PF_COIP
230 #else
231 PF_NO_LOCAL_MAPPING
232 #endif
233 },
234 { BSM_PF_CNT,
235 #ifdef PF_CNT
236 PF_CNT
237 #else
238 PF_NO_LOCAL_MAPPING
239 #endif
240 },
241 { BSM_PF_RTIP,
242 #ifdef PF_RTIP
243 PF_RTIP
244 #else
245 PF_NO_LOCAL_MAPPING
246 #endif
247 },
248 { BSM_PF_SIP,
249 #ifdef PF_SIP
250 PF_SIP
251 #else
252 PF_NO_LOCAL_MAPPING
253 #endif
254 },
255 { BSM_PF_PIP,
256 #ifdef PF_PIP
257 PF_PIP
258 #else
259 PF_NO_LOCAL_MAPPING
260 #endif
261 },
262 { BSM_PF_ISDN,
263 #ifdef PF_ISDN
264 PF_ISDN
265 #else
266 PF_NO_LOCAL_MAPPING
267 #endif
268 },
269 { BSM_PF_E164,
270 #ifdef PF_E164
271 PF_E164
272 #else
273 PF_NO_LOCAL_MAPPING
274 #endif
275 },
276 { BSM_PF_NATM,
277 #ifdef PF_NATM
278 PF_NATM
279 #else
280 PF_NO_LOCAL_MAPPING
281 #endif
282 },
283 { BSM_PF_ATM,
284 #ifdef PF_ATM
285 PF_ATM
286 #else
287 PF_NO_LOCAL_MAPPING
288 #endif
289 },
290 { BSM_PF_NETGRAPH,
291 #ifdef PF_NETGRAPH
292 PF_NETGRAPH
293 #else
294 PF_NO_LOCAL_MAPPING
295 #endif
296 },
297 { BSM_PF_SLOW,
298 #ifdef PF_SLOW
299 PF_SLOW
300 #else
301 PF_NO_LOCAL_MAPPING
302 #endif
303 },
304 { BSM_PF_SCLUSTER,
305 #ifdef PF_SCLUSTER
306 PF_SCLUSTER
307 #else
308 PF_NO_LOCAL_MAPPING
309 #endif
310 },
311 { BSM_PF_ARP,
312 #ifdef PF_ARP
313 PF_ARP
314 #else
315 PF_NO_LOCAL_MAPPING
316 #endif
317 },
318 { BSM_PF_BLUETOOTH,
319 #ifdef PF_BLUETOOTH
320 PF_BLUETOOTH
321 #else
322 PF_NO_LOCAL_MAPPING
323 #endif
324 },
325 { BSM_PF_AX25,
326 #ifdef PF_AX25
327 PF_AX25
328 #else
329 PF_NO_LOCAL_MAPPING
330 #endif
331 },
332 { BSM_PF_ROSE,
333 #ifdef PF_ROSE
334 PF_ROSE
335 #else
336 PF_NO_LOCAL_MAPPING
337 #endif
338 },
339 { BSM_PF_NETBEUI,
340 #ifdef PF_NETBEUI
341 PF_NETBEUI
342 #else
343 PF_NO_LOCAL_MAPPING
344 #endif
345 },
346 { BSM_PF_SECURITY,
347 #ifdef PF_SECURITY
348 PF_SECURITY
349 #else
350 PF_NO_LOCAL_MAPPING
351 #endif
352 },
353 { BSM_PF_PACKET,
354 #ifdef PF_PACKET
355 PF_PACKET
356 #else
357 PF_NO_LOCAL_MAPPING
358 #endif
359 },
360 { BSM_PF_ASH,
361 #ifdef PF_ASH
362 PF_ASH
363 #else
364 PF_NO_LOCAL_MAPPING
365 #endif
366 },
367 { BSM_PF_ECONET,
368 #ifdef PF_ECONET
369 PF_ECONET
370 #else
371 PF_NO_LOCAL_MAPPING
372 #endif
373 },
374 { BSM_PF_ATMSVC,
375 #ifdef PF_ATMSVC
376 PF_ATMSVC
377 #else
378 PF_NO_LOCAL_MAPPING
379 #endif
380 },
381 { BSM_PF_IRDA,
382 #ifdef PF_IRDA
383 PF_IRDA
384 #else
385 PF_NO_LOCAL_MAPPING
386 #endif
387 },
388 { BSM_PF_PPPOX,
389 #ifdef PF_PPPOX
390 PF_PPPOX
391 #else
392 PF_NO_LOCAL_MAPPING
393 #endif
394 },
395 { BSM_PF_WANPIPE,
396 #ifdef PF_WANPIPE
397 PF_WANPIPE
398 #else
399 PF_NO_LOCAL_MAPPING
400 #endif
401 },
402 { BSM_PF_LLC,
403 #ifdef PF_LLC
404 PF_LLC
405 #else
406 PF_NO_LOCAL_MAPPING
407 #endif
408 },
409 { BSM_PF_CAN,
410 #ifdef PF_CAN
411 PF_CAN
412 #else
413 PF_NO_LOCAL_MAPPING
414 #endif
415 },
416 { BSM_PF_TIPC,
417 #ifdef PF_TIPC
418 PF_TIPC
419 #else
420 PF_NO_LOCAL_MAPPING
421 #endif
422 },
423 { BSM_PF_IUCV,
424 #ifdef PF_IUCV
425 PF_IUCV
426 #else
427 PF_NO_LOCAL_MAPPING
428 #endif
429 },
430 { BSM_PF_RXRPC,
431 #ifdef PF_RXRPC
432 PF_RXRPC
433 #else
434 PF_NO_LOCAL_MAPPING
435 #endif
436 },
437 { BSM_PF_PHONET,
438 #ifdef PF_PHONET
439 PF_PHONET
440 #else
441 PF_NO_LOCAL_MAPPING
442 #endif
443 },
444 };
445 static const int bsm_domains_count = sizeof(bsm_domains) /
446 sizeof(bsm_domains[0]);
447
448 static const struct bsm_domain *
449 bsm_lookup_local_domain(int local_domain)
450 {
451 int i;
452
453 for (i = 0; i < bsm_domains_count; i++) {
454 if (bsm_domains[i].bd_local_domain == local_domain)
455 return (&bsm_domains[i]);
456 }
457 return (NULL);
458 }
459
460 u_short
461 au_domain_to_bsm(int local_domain)
462 {
463 const struct bsm_domain *bstp;
464
465 bstp = bsm_lookup_local_domain(local_domain);
466 if (bstp == NULL)
467 return (BSM_PF_UNKNOWN);
468 return (bstp->bd_bsm_domain);
469 }
470
471 static const struct bsm_domain *
472 bsm_lookup_bsm_domain(u_short bsm_domain)
473 {
474 int i;
475
476 for (i = 0; i < bsm_domains_count; i++) {
477 if (bsm_domains[i].bd_bsm_domain == bsm_domain)
478 return (&bsm_domains[i]);
479 }
480 return (NULL);
481 }
482
483 int
484 au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
485 {
486 const struct bsm_domain *bstp;
487
488 bstp = bsm_lookup_bsm_domain(bsm_domain);
489 if (bstp == NULL || bstp->bd_local_domain)
490 return (-1);
491 *local_domainp = bstp->bd_local_domain;
492 return (0);
493 }
Cache object: a01daf6c8a859cb861d05bc414242986
|