Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/security/mac_audit.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* 2 * Copyright (c) 2006-2007 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 /* 29 * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 30 * Copyright (c) 2001 Ilmar S. Habibulin 31 * Copyright (c) 2001, 2002, 2003, 2004 Networks Associates Technology, Inc. 32 * 33 * This software was developed by Robert Watson and Ilmar Habibulin for the 34 * TrustedBSD Project. 35 * 36 * This software was developed for the FreeBSD Project in part by Network 37 * Associates Laboratories, the Security Research Division of Network 38 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), 39 * as part of the DARPA CHATS research program. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 * 62 */ 63 #include <sys/param.h> 64 #include <sys/types.h> 65 #include <sys/vnode.h> 66 #include <sys/vnode_internal.h> 67 #include <sys/kauth.h> 68 #include <sys/queue.h> 69 #include <security/mac_internal.h> 70 #include <bsd/bsm/audit.h> 71 #include <bsd/security/audit/audit.h> 72 #include <bsd/sys/malloc.h> 73 #include <vm/vm_kern.h> 74 #include <kern/kalloc.h> 75 #include <kern/zalloc.h> 76 77 78 int mac_audit(__unused int len, __unused u_char *data); 79 80 81 #if CONFIG_AUDIT 82 83 /* The zone allocator is initialized in mac_base.c. */ 84 zone_t mac_audit_data_zone; 85 86 int 87 mac_system_check_audit(struct ucred *cred, void *record, int length) 88 { 89 int error; 90 91 MAC_CHECK(system_check_audit, cred, record, length); 92 93 return (error); 94 } 95 96 int 97 mac_system_check_auditon(struct ucred *cred, int cmd) 98 { 99 int error; 100 101 MAC_CHECK(system_check_auditon, cred, cmd); 102 103 return (error); 104 } 105 106 int 107 mac_system_check_auditctl(struct ucred *cred, struct vnode *vp) 108 { 109 int error; 110 struct label *vl = vp ? vp->v_label : NULL; 111 112 MAC_CHECK(system_check_auditctl, cred, vp, vl); 113 114 return (error); 115 } 116 117 int 118 mac_proc_check_getauid(struct proc *curp) 119 { 120 kauth_cred_t cred; 121 int error; 122 123 if (!mac_proc_enforce || 124 !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE)) 125 return 0; 126 127 cred = kauth_cred_proc_ref(curp); 128 MAC_CHECK(proc_check_getauid, cred); 129 kauth_cred_unref(&cred); 130 131 return (error); 132 } 133 134 int 135 mac_proc_check_setauid(struct proc *curp, uid_t auid) 136 { 137 kauth_cred_t cred; 138 int error; 139 140 if (!mac_proc_enforce || 141 !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE)) 142 return 0; 143 144 cred = kauth_cred_proc_ref(curp); 145 MAC_CHECK(proc_check_setauid, cred, auid); 146 kauth_cred_unref(&cred); 147 148 return (error); 149 } 150 151 int 152 mac_proc_check_getaudit(struct proc *curp) 153 { 154 kauth_cred_t cred; 155 int error; 156 157 if (!mac_proc_enforce || 158 !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE)) 159 return 0; 160 161 cred = kauth_cred_proc_ref(curp); 162 MAC_CHECK(proc_check_getaudit, cred); 163 kauth_cred_unref(&cred); 164 165 return (error); 166 } 167 168 int 169 mac_proc_check_setaudit(struct proc *curp, struct auditinfo_addr *ai) 170 { 171 kauth_cred_t cred; 172 int error; 173 174 if (!mac_proc_enforce || 175 !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE)) 176 return 0; 177 178 cred = kauth_cred_proc_ref(curp); 179 MAC_CHECK(proc_check_setaudit, cred, ai); 180 kauth_cred_unref(&cred); 181 182 return (error); 183 } 184 185 #if 0 186 /* 187 * This is the framework entry point for MAC policies to use to add 188 * arbitrary data to the current audit record. 189 * (Currently not supported, as no existing audit viewers would 190 * display this format) 191 * 192 */ 193 int 194 mac_audit_data(int len, u_char *data, mac_policy_handle_t handle) 195 { 196 char *sanitized; 197 198 if ((len <= 0) || (len > MAC_AUDIT_DATA_LIMIT)) 199 return (EINVAL); 200 201 sanitized = (char *)zalloc(mac_audit_data_zone); 202 203 bcopy(data, sanitized, len); 204 return (audit_mac_data(MAC_AUDIT_DATA_TYPE, len, sanitized)); 205 } 206 #endif 207 208 /* 209 * This is the entry point a MAC policy will call to add NULL- 210 * terminated ASCII text to the current audit record. 211 */ 212 int 213 mac_audit_text(char *text, mac_policy_handle_t handle) 214 { 215 char *sanitized; 216 const char *name; 217 int i, size, plen, len; 218 219 name = mac_get_mpc(handle)->mpc_name; 220 len = strlen(text); 221 plen = 2 + strlen(name); 222 if (plen + len >= MAC_AUDIT_DATA_LIMIT) 223 return (EINVAL); 224 225 /* 226 * Make sure the text is only composed of only ASCII printable 227 * characters. 228 */ 229 for (i=0; i < len; i++) 230 if (text[i] < (char) 32 || text[i] > (char) 126) 231 return (EINVAL); 232 233 size = len + plen + 1; 234 sanitized = (char *)zalloc(mac_audit_data_zone); 235 236 strlcpy(sanitized, name, MAC_AUDIT_DATA_LIMIT); 237 strncat(sanitized, ": ", MAC_AUDIT_DATA_LIMIT - plen + 2); 238 strncat(sanitized, text, MAC_AUDIT_DATA_LIMIT - plen); 239 240 return (audit_mac_data(MAC_AUDIT_TEXT_TYPE, size, (u_char *)sanitized)); 241 } 242 243 int 244 mac_audit_check_preselect(struct ucred *cred, unsigned short syscode, void *args) 245 { 246 struct mac_policy_conf *mpc; 247 int ret, error; 248 u_int i; 249 250 ret = MAC_AUDIT_DEFAULT; 251 for (i = 0; i < mac_policy_list.staticmax; i++) { 252 mpc = mac_policy_list.entries[i].mpc; 253 if (mpc == NULL) 254 continue; 255 256 if (mpc->mpc_ops->mpo_audit_check_preselect != NULL) { 257 error = mpc->mpc_ops->mpo_audit_check_preselect(cred, 258 syscode, args); 259 ret = (ret > error ? ret : error); 260 } 261 } 262 if (mac_policy_list_conditional_busy() != 0) { 263 for (; i <= mac_policy_list.maxindex; i++) { 264 mpc = mac_policy_list.entries[i].mpc; 265 if (mpc == NULL) 266 continue; 267 268 if (mpc->mpc_ops->mpo_audit_check_preselect != NULL) { 269 error = mpc->mpc_ops->mpo_audit_check_preselect(cred, 270 syscode, args); 271 ret = (ret > error ? ret : error); 272 } 273 } 274 mac_policy_list_unbusy(); 275 } 276 277 return (ret); 278 } 279 280 int 281 mac_audit_check_postselect(struct ucred *cred, unsigned short syscode, 282 void *args, int error, int retval, int mac_forced) 283 { 284 struct mac_policy_conf *mpc; 285 int ret, mac_error; 286 u_int i; 287 288 /* 289 * If the audit was forced by a MAC policy by mac_audit_check_preselect(), 290 * echo that. 291 */ 292 if (mac_forced) 293 return (MAC_AUDIT_YES); 294 295 ret = MAC_AUDIT_DEFAULT; 296 for (i = 0; i < mac_policy_list.staticmax; i++) { 297 mpc = mac_policy_list.entries[i].mpc; 298 if (mpc == NULL) 299 continue; 300 301 if (mpc->mpc_ops->mpo_audit_check_postselect != NULL) { 302 mac_error = mpc->mpc_ops->mpo_audit_check_postselect(cred, 303 syscode, args, error, retval); 304 ret = (ret > mac_error ? ret : mac_error); 305 } 306 } 307 if (mac_policy_list_conditional_busy() != 0) { 308 for (; i <= mac_policy_list.maxindex; i++) { 309 mpc = mac_policy_list.entries[i].mpc; 310 if (mpc == NULL) 311 continue; 312 313 if (mpc->mpc_ops->mpo_audit_check_postselect != NULL) { 314 mac_error = mpc->mpc_ops->mpo_audit_check_postselect(cred, 315 syscode, args, error, retval); 316 ret = (ret > mac_error ? ret : mac_error); 317 } 318 } 319 mac_policy_list_unbusy(); 320 } 321 322 return (ret); 323 } 324 325 #else /* !CONFIG_AUDIT */ 326 327 /* 328 * Function stubs for when AUDIT isn't defined. 329 */ 330 331 int 332 mac_system_check_audit(__unused struct ucred *cred, __unused void *record, __unused int length) 333 { 334 335 return (0); 336 } 337 338 int 339 mac_system_check_auditon(__unused struct ucred *cred, __unused int cmd) 340 { 341 342 return (0); 343 } 344 345 int 346 mac_system_check_auditctl(__unused struct ucred *cred, __unused struct vnode *vp) 347 { 348 349 return (0); 350 } 351 352 int 353 mac_proc_check_getauid(__unused struct proc *curp) 354 { 355 356 return (0); 357 } 358 359 int 360 mac_proc_check_setauid(__unused struct proc *curp, __unused uid_t auid) 361 { 362 363 return (0); 364 } 365 366 int 367 mac_proc_check_getaudit(__unused struct proc *curp) 368 { 369 370 return (0); 371 } 372 373 int 374 mac_proc_check_setaudit(__unused struct proc *curp, 375 __unused struct auditinfo_addr *ai) 376 { 377 378 return (0); 379 } 380 381 int 382 mac_audit_check_preselect(__unused struct ucred *cred, __unused unsigned short syscode, 383 __unused void *args) 384 { 385 386 return (MAC_AUDIT_DEFAULT); 387 } 388 389 int 390 mac_audit_check_postselect(__unused struct ucred *cred, __unused unsigned short syscode, 391 __unused void *args, __unused int error, __unused int retval, __unused int mac_forced) 392 { 393 394 return (MAC_AUDIT_DEFAULT); 395 } 396 397 int 398 mac_audit(__unused int len, __unused u_char *data) 399 { 400 401 return (0); 402 } 403 404 int 405 mac_audit_text(__unused char *text, __unused mac_policy_handle_t handle) 406 { 407 return (0); 408 } 409 #endif /* !CONFIG_AUDIT */
Cache object: 67c67defea3880006e2c3e72359739c1
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]