| 1 | /*- |
|---|---|
| 2 | * Copyright (c) 2008-2019 Apple Inc. All rights reserved. |
| 3 | * |
| 4 | * Redistribution and use in source and binary forms, with or without |
| 5 | * modification, are permitted provided that the following conditions |
| 6 | * are met: |
| 7 | * 1. Redistributions of source code must retain the above copyright |
| 8 | * notice, this list of conditions and the following disclaimer. |
| 9 | * 2. Redistributions in binary form must reproduce the above copyright |
| 10 | * notice, this list of conditions and the following disclaimer in the |
| 11 | * documentation and/or other materials provided with the distribution. |
| 12 | * 3. Neither the name of Apple Inc. ("Apple") nor the names of |
| 13 | * its contributors may be used to endorse or promote products derived |
| 14 | * from this software without specific prior written permission. |
| 15 | * |
| 16 | * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND |
| 17 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 19 | * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR |
| 20 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| 24 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING |
| 25 | * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| 26 | * POSSIBILITY OF SUCH DAMAGE. |
| 27 | * |
| 28 | */ |
| 29 | |
| 30 | #include <sys/param.h> |
| 31 | #include <sys/socket.h> |
| 32 | |
| 33 | #include <security/audit/audit.h> |
| 34 | |
| 35 | #include <bsm/audit_domain.h> |
| 36 | #include <bsm/audit_record.h> |
| 37 | |
| 38 | #if CONFIG_AUDIT |
| 39 | struct bsm_domain { |
| 40 | u_short bd_bsm_domain; |
| 41 | int bd_local_domain; |
| 42 | }; |
| 43 | |
| 44 | #define PF_NO_LOCAL_MAPPING -600 |
| 45 | |
| 46 | static const struct bsm_domain bsm_domains[] = { |
| 47 | { .bd_bsm_domain = BSM_PF_UNSPEC, .bd_local_domain = PF_UNSPEC }, |
| 48 | { .bd_bsm_domain = BSM_PF_LOCAL, .bd_local_domain = PF_LOCAL }, |
| 49 | { .bd_bsm_domain = BSM_PF_INET, .bd_local_domain = PF_INET }, |
| 50 | { .bd_bsm_domain = BSM_PF_IMPLINK, |
| 51 | #ifdef PF_IMPLINK |
| 52 | .bd_local_domain = PF_IMPLINK |
| 53 | #else |
| 54 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 55 | #endif |
| 56 | }, |
| 57 | { .bd_bsm_domain = BSM_PF_PUP, |
| 58 | #ifdef PF_PUP |
| 59 | .bd_local_domain = PF_PUP |
| 60 | #else |
| 61 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 62 | #endif |
| 63 | }, |
| 64 | { .bd_bsm_domain = BSM_PF_CHAOS, |
| 65 | #ifdef PF_CHAOS |
| 66 | .bd_local_domain = PF_CHAOS |
| 67 | #else |
| 68 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 69 | #endif |
| 70 | }, |
| 71 | { .bd_bsm_domain = BSM_PF_NS, |
| 72 | #ifdef PF_NS |
| 73 | .bd_local_domain = PF_NS |
| 74 | #else |
| 75 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 76 | #endif |
| 77 | }, |
| 78 | { .bd_bsm_domain = BSM_PF_NBS, |
| 79 | #ifdef PF_NBS |
| 80 | .bd_local_domain = PF_NBS |
| 81 | #else |
| 82 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 83 | #endif |
| 84 | }, |
| 85 | { .bd_bsm_domain = BSM_PF_ECMA, |
| 86 | #ifdef PF_ECMA |
| 87 | .bd_local_domain = PF_ECMA |
| 88 | #else |
| 89 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 90 | #endif |
| 91 | }, |
| 92 | { .bd_bsm_domain = BSM_PF_DATAKIT, |
| 93 | #ifdef PF_DATAKIT |
| 94 | .bd_local_domain = PF_DATAKIT |
| 95 | #else |
| 96 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 97 | #endif |
| 98 | }, |
| 99 | { .bd_bsm_domain = BSM_PF_CCITT, |
| 100 | #ifdef PF_CCITT |
| 101 | .bd_local_domain = PF_CCITT |
| 102 | #else |
| 103 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 104 | #endif |
| 105 | }, |
| 106 | { .bd_bsm_domain = BSM_PF_SNA, .bd_local_domain = PF_SNA }, |
| 107 | { .bd_bsm_domain = BSM_PF_DECnet, .bd_local_domain = PF_DECnet }, |
| 108 | { .bd_bsm_domain = BSM_PF_DLI, |
| 109 | #ifdef PF_DLI |
| 110 | .bd_local_domain = PF_DLI |
| 111 | #else |
| 112 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 113 | #endif |
| 114 | }, |
| 115 | { .bd_bsm_domain = BSM_PF_LAT, |
| 116 | #ifdef PF_LAT |
| 117 | .bd_local_domain = PF_LAT |
| 118 | #else |
| 119 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 120 | #endif |
| 121 | }, |
| 122 | { .bd_bsm_domain = BSM_PF_HYLINK, |
| 123 | #ifdef PF_HYLINK |
| 124 | .bd_local_domain = PF_HYLINK |
| 125 | #else |
| 126 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 127 | #endif |
| 128 | }, |
| 129 | { .bd_bsm_domain = BSM_PF_APPLETALK, .bd_local_domain = PF_APPLETALK }, |
| 130 | { .bd_bsm_domain = BSM_PF_NIT, |
| 131 | #ifdef PF_NIT |
| 132 | .bd_local_domain = PF_NIT |
| 133 | #else |
| 134 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 135 | #endif |
| 136 | }, |
| 137 | { .bd_bsm_domain = BSM_PF_802, |
| 138 | #ifdef PF_802 |
| 139 | .bd_local_domain = PF_802 |
| 140 | #else |
| 141 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 142 | #endif |
| 143 | }, |
| 144 | { .bd_bsm_domain = BSM_PF_OSI, |
| 145 | #ifdef PF_OSI |
| 146 | .bd_local_domain = PF_OSI |
| 147 | #else |
| 148 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 149 | #endif |
| 150 | }, |
| 151 | { .bd_bsm_domain = BSM_PF_X25, |
| 152 | #ifdef PF_X25 |
| 153 | .bd_local_domain = PF_X25 |
| 154 | #else |
| 155 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 156 | #endif |
| 157 | }, |
| 158 | { .bd_bsm_domain = BSM_PF_OSINET, |
| 159 | #ifdef PF_OSINET |
| 160 | .bd_local_domain = PF_OSINET |
| 161 | #else |
| 162 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 163 | #endif |
| 164 | }, |
| 165 | { .bd_bsm_domain = BSM_PF_GOSIP, |
| 166 | #ifdef PF_GOSIP |
| 167 | .bd_local_domain = PF_GOSIP |
| 168 | #else |
| 169 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 170 | #endif |
| 171 | }, |
| 172 | { .bd_bsm_domain = BSM_PF_IPX, .bd_local_domain = PF_IPX }, |
| 173 | { .bd_bsm_domain = BSM_PF_ROUTE, .bd_local_domain = PF_ROUTE }, |
| 174 | { .bd_bsm_domain = BSM_PF_LINK, |
| 175 | #ifdef PF_LINK |
| 176 | .bd_local_domain = PF_LINK |
| 177 | #else |
| 178 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 179 | #endif |
| 180 | }, |
| 181 | { .bd_bsm_domain = BSM_PF_INET6, .bd_local_domain = PF_INET6 }, |
| 182 | { .bd_bsm_domain = BSM_PF_KEY, .bd_local_domain = PF_KEY }, |
| 183 | { .bd_bsm_domain = BSM_PF_NCA, |
| 184 | #ifdef PF_NCA |
| 185 | .bd_local_domain = PF_NCA |
| 186 | #else |
| 187 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 188 | #endif |
| 189 | }, |
| 190 | { .bd_bsm_domain = BSM_PF_POLICY, |
| 191 | #ifdef PF_POLICY |
| 192 | .bd_local_domain = PF_POLICY |
| 193 | #else |
| 194 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 195 | #endif |
| 196 | }, |
| 197 | { .bd_bsm_domain = BSM_PF_INET_OFFLOAD, |
| 198 | #ifdef PF_INET_OFFLOAD |
| 199 | .bd_local_domain = PF_INET_OFFLOAD |
| 200 | #else |
| 201 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 202 | #endif |
| 203 | }, |
| 204 | { .bd_bsm_domain = BSM_PF_NETBIOS, |
| 205 | #ifdef PF_NETBIOS |
| 206 | .bd_local_domain = PF_NETBIOS |
| 207 | #else |
| 208 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 209 | #endif |
| 210 | }, |
| 211 | { .bd_bsm_domain = BSM_PF_ISO, |
| 212 | #ifdef PF_ISO |
| 213 | .bd_local_domain = PF_ISO |
| 214 | #else |
| 215 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 216 | #endif |
| 217 | }, |
| 218 | { .bd_bsm_domain = BSM_PF_XTP, |
| 219 | #ifdef PF_XTP |
| 220 | .bd_local_domain = PF_XTP |
| 221 | #else |
| 222 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 223 | #endif |
| 224 | }, |
| 225 | { .bd_bsm_domain = BSM_PF_COIP, |
| 226 | #ifdef PF_COIP |
| 227 | .bd_local_domain = PF_COIP |
| 228 | #else |
| 229 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 230 | #endif |
| 231 | }, |
| 232 | { .bd_bsm_domain = BSM_PF_CNT, |
| 233 | #ifdef PF_CNT |
| 234 | .bd_local_domain = PF_CNT |
| 235 | #else |
| 236 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 237 | #endif |
| 238 | }, |
| 239 | { .bd_bsm_domain = BSM_PF_RTIP, |
| 240 | #ifdef PF_RTIP |
| 241 | .bd_local_domain = PF_RTIP |
| 242 | #else |
| 243 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 244 | #endif |
| 245 | }, |
| 246 | { .bd_bsm_domain = BSM_PF_SIP, |
| 247 | #ifdef PF_SIP |
| 248 | .bd_local_domain = PF_SIP |
| 249 | #else |
| 250 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 251 | #endif |
| 252 | }, |
| 253 | { .bd_bsm_domain = BSM_PF_PIP, |
| 254 | #ifdef PF_PIP |
| 255 | .bd_local_domain = PF_PIP |
| 256 | #else |
| 257 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 258 | #endif |
| 259 | }, |
| 260 | { .bd_bsm_domain = BSM_PF_ISDN, |
| 261 | #ifdef PF_ISDN |
| 262 | .bd_local_domain = PF_ISDN |
| 263 | #else |
| 264 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 265 | #endif |
| 266 | }, |
| 267 | { .bd_bsm_domain = BSM_PF_E164, |
| 268 | #ifdef PF_E164 |
| 269 | .bd_local_domain = PF_E164 |
| 270 | #else |
| 271 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 272 | #endif |
| 273 | }, |
| 274 | { .bd_bsm_domain = BSM_PF_NATM, |
| 275 | #ifdef PF_NATM |
| 276 | .bd_local_domain = PF_NATM |
| 277 | #else |
| 278 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 279 | #endif |
| 280 | }, |
| 281 | { .bd_bsm_domain = BSM_PF_ATM, |
| 282 | #ifdef PF_ATM |
| 283 | .bd_local_domain = PF_ATM |
| 284 | #else |
| 285 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 286 | #endif |
| 287 | }, |
| 288 | { .bd_bsm_domain = BSM_PF_NETGRAPH, |
| 289 | #ifdef PF_NETGRAPH |
| 290 | .bd_local_domain = PF_NETGRAPH |
| 291 | #else |
| 292 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 293 | #endif |
| 294 | }, |
| 295 | { .bd_bsm_domain = BSM_PF_SLOW, |
| 296 | #ifdef PF_SLOW |
| 297 | .bd_local_domain = PF_SLOW |
| 298 | #else |
| 299 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 300 | #endif |
| 301 | }, |
| 302 | { .bd_bsm_domain = BSM_PF_SCLUSTER, |
| 303 | #ifdef PF_SCLUSTER |
| 304 | .bd_local_domain = PF_SCLUSTER |
| 305 | #else |
| 306 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 307 | #endif |
| 308 | }, |
| 309 | { .bd_bsm_domain = BSM_PF_ARP, |
| 310 | #ifdef PF_ARP |
| 311 | .bd_local_domain = PF_ARP |
| 312 | #else |
| 313 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 314 | #endif |
| 315 | }, |
| 316 | { .bd_bsm_domain = BSM_PF_BLUETOOTH, |
| 317 | #ifdef PF_BLUETOOTH |
| 318 | .bd_local_domain = PF_BLUETOOTH |
| 319 | #else |
| 320 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 321 | #endif |
| 322 | }, |
| 323 | { .bd_bsm_domain = BSM_PF_IEEE80211, |
| 324 | #ifdef PF_IEEE80211 |
| 325 | .bd_local_domain = PF_IEEE80211 |
| 326 | #else |
| 327 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 328 | #endif |
| 329 | }, |
| 330 | { .bd_bsm_domain = BSM_PF_AX25, |
| 331 | #ifdef PF_AX25 |
| 332 | .bd_local_domain = PF_AX25 |
| 333 | #else |
| 334 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 335 | #endif |
| 336 | }, |
| 337 | { .bd_bsm_domain = BSM_PF_ROSE, |
| 338 | #ifdef PF_ROSE |
| 339 | .bd_local_domain = PF_ROSE |
| 340 | #else |
| 341 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 342 | #endif |
| 343 | }, |
| 344 | { .bd_bsm_domain = BSM_PF_NETBEUI, |
| 345 | #ifdef PF_NETBEUI |
| 346 | .bd_local_domain = PF_NETBEUI |
| 347 | #else |
| 348 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 349 | #endif |
| 350 | }, |
| 351 | { .bd_bsm_domain = BSM_PF_SECURITY, |
| 352 | #ifdef PF_SECURITY |
| 353 | .bd_local_domain = PF_SECURITY |
| 354 | #else |
| 355 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 356 | #endif |
| 357 | }, |
| 358 | { .bd_bsm_domain = BSM_PF_PACKET, |
| 359 | #ifdef PF_PACKET |
| 360 | .bd_local_domain = PF_PACKET |
| 361 | #else |
| 362 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 363 | #endif |
| 364 | }, |
| 365 | { .bd_bsm_domain = BSM_PF_ASH, |
| 366 | #ifdef PF_ASH |
| 367 | .bd_local_domain = PF_ASH |
| 368 | #else |
| 369 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 370 | #endif |
| 371 | }, |
| 372 | { .bd_bsm_domain = BSM_PF_ECONET, |
| 373 | #ifdef PF_ECONET |
| 374 | .bd_local_domain = PF_ECONET |
| 375 | #else |
| 376 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 377 | #endif |
| 378 | }, |
| 379 | { .bd_bsm_domain = BSM_PF_ATMSVC, |
| 380 | #ifdef PF_ATMSVC |
| 381 | .bd_local_domain = PF_ATMSVC |
| 382 | #else |
| 383 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 384 | #endif |
| 385 | }, |
| 386 | { .bd_bsm_domain = BSM_PF_IRDA, |
| 387 | #ifdef PF_IRDA |
| 388 | .bd_local_domain = PF_IRDA |
| 389 | #else |
| 390 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 391 | #endif |
| 392 | }, |
| 393 | { .bd_bsm_domain = BSM_PF_PPPOX, |
| 394 | #ifdef PF_PPPOX |
| 395 | .bd_local_domain = PF_PPPOX |
| 396 | #else |
| 397 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 398 | #endif |
| 399 | }, |
| 400 | { .bd_bsm_domain = BSM_PF_WANPIPE, |
| 401 | #ifdef PF_WANPIPE |
| 402 | .bd_local_domain = PF_WANPIPE |
| 403 | #else |
| 404 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 405 | #endif |
| 406 | }, |
| 407 | { .bd_bsm_domain = BSM_PF_LLC, |
| 408 | #ifdef PF_LLC |
| 409 | .bd_local_domain = PF_LLC |
| 410 | #else |
| 411 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 412 | #endif |
| 413 | }, |
| 414 | { .bd_bsm_domain = BSM_PF_CAN, |
| 415 | #ifdef PF_CAN |
| 416 | .bd_local_domain = PF_CAN |
| 417 | #else |
| 418 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 419 | #endif |
| 420 | }, |
| 421 | { .bd_bsm_domain = BSM_PF_TIPC, |
| 422 | #ifdef PF_TIPC |
| 423 | .bd_local_domain = PF_TIPC |
| 424 | #else |
| 425 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 426 | #endif |
| 427 | }, |
| 428 | { .bd_bsm_domain = BSM_PF_IUCV, |
| 429 | #ifdef PF_IUCV |
| 430 | .bd_local_domain = PF_IUCV |
| 431 | #else |
| 432 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 433 | #endif |
| 434 | }, |
| 435 | { .bd_bsm_domain = BSM_PF_RXRPC, |
| 436 | #ifdef PF_RXRPC |
| 437 | .bd_local_domain = PF_RXRPC |
| 438 | #else |
| 439 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 440 | #endif |
| 441 | }, |
| 442 | { .bd_bsm_domain = BSM_PF_PHONET, |
| 443 | #ifdef PF_PHONET |
| 444 | .bd_local_domain = PF_PHONET |
| 445 | #else |
| 446 | .bd_local_domain = PF_NO_LOCAL_MAPPING |
| 447 | #endif |
| 448 | }, |
| 449 | }; |
| 450 | static const int bsm_domains_count = sizeof(bsm_domains) / |
| 451 | sizeof(bsm_domains[0]); |
| 452 | |
| 453 | static const struct bsm_domain * |
| 454 | bsm_lookup_local_domain(int local_domain) |
| 455 | { |
| 456 | int i; |
| 457 | |
| 458 | for (i = 0; i < bsm_domains_count; i++) { |
| 459 | if (bsm_domains[i].bd_local_domain == local_domain) { |
| 460 | return &bsm_domains[i]; |
| 461 | } |
| 462 | } |
| 463 | return NULL; |
| 464 | } |
| 465 | |
| 466 | u_short |
| 467 | au_domain_to_bsm(int local_domain) |
| 468 | { |
| 469 | const struct bsm_domain *bstp; |
| 470 | |
| 471 | bstp = bsm_lookup_local_domain(local_domain); |
| 472 | if (bstp == NULL) { |
| 473 | return BSM_PF_UNKNOWN; |
| 474 | } |
| 475 | return bstp->bd_bsm_domain; |
| 476 | } |
| 477 | |
| 478 | static const struct bsm_domain * |
| 479 | bsm_lookup_bsm_domain(u_short bsm_domain) |
| 480 | { |
| 481 | int i; |
| 482 | |
| 483 | for (i = 0; i < bsm_domains_count; i++) { |
| 484 | if (bsm_domains[i].bd_bsm_domain == bsm_domain) { |
| 485 | return &bsm_domains[i]; |
| 486 | } |
| 487 | } |
| 488 | return NULL; |
| 489 | } |
| 490 | |
| 491 | int |
| 492 | au_bsm_to_domain(u_short bsm_domain, int *local_domainp) |
| 493 | { |
| 494 | const struct bsm_domain *bstp; |
| 495 | |
| 496 | bstp = bsm_lookup_bsm_domain(bsm_domain); |
| 497 | if (bstp == NULL || bstp->bd_local_domain) { |
| 498 | return -1; |
| 499 | } |
| 500 | *local_domainp = bstp->bd_local_domain; |
| 501 | return 0; |
| 502 | } |
| 503 | #endif /* CONFIG_AUDIT */ |
| 504 |
Generated on 2024-Jun-06 from project xnu revision 10063.121.3
Powered by 
Code Browser 2.1
Generator usage only permitted with license.