bsm_domain.c revision 330897 
1/*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 2008 Apple Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1.  Redistributions of source code must retain the above copyright
11 *     notice, this list of conditions and the following disclaimer.
12 * 2.  Redistributions in binary form must reproduce the above copyright
13 *     notice, this list of conditions and the following disclaimer in the
14 *     documentation and/or other materials provided with the distribution.
15 * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
16 *     its contributors may be used to endorse or promote products derived
17 *     from this software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
23 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
27 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
28 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31
32#include <sys/cdefs.h>
33__FBSDID("$FreeBSD: stable/11/sys/security/audit/bsm_domain.c 330897 2018-03-14 03:19:51Z eadler $");
34
35#include <sys/param.h>
36#include <sys/socket.h>
37
38#include <security/audit/audit.h>
39
40#include <bsm/audit_domain.h>
41#include <bsm/audit_record.h>
42
43struct bsm_domain {
44	u_short	bd_bsm_domain;
45	int	bd_local_domain;
46};
47
48#define	PF_NO_LOCAL_MAPPING	-600
49
50static const struct bsm_domain bsm_domains[] = {
51	{ BSM_PF_UNSPEC, PF_UNSPEC },
52	{ BSM_PF_LOCAL, PF_LOCAL },
53	{ BSM_PF_INET, PF_INET },
54	{ BSM_PF_IMPLINK,
55#ifdef PF_IMPLINK
56	PF_IMPLINK
57#else
58	PF_NO_LOCAL_MAPPING
59#endif
60	},
61	{ BSM_PF_PUP,
62#ifdef PF_PUP
63	PF_PUP
64#else
65	PF_NO_LOCAL_MAPPING
66#endif
67	},
68	{ BSM_PF_CHAOS,
69#ifdef PF_CHAOS
70	PF_CHAOS
71#else
72	PF_NO_LOCAL_MAPPING
73#endif
74	},
75	{ BSM_PF_NS,
76#ifdef PF_NS
77	PF_NS
78#else
79	PF_NO_LOCAL_MAPPING
80#endif
81	},
82	{ BSM_PF_NBS,
83#ifdef PF_NBS
84	PF_NBS
85#else
86	PF_NO_LOCAL_MAPPING
87#endif
88	},
89	{ BSM_PF_ECMA,
90#ifdef PF_ECMA
91	PF_ECMA
92#else
93	PF_NO_LOCAL_MAPPING
94#endif
95	},
96	{ BSM_PF_DATAKIT,
97#ifdef PF_DATAKIT
98	PF_DATAKIT
99#else
100	PF_NO_LOCAL_MAPPING
101#endif
102	},
103	{ BSM_PF_CCITT,
104#ifdef PF_CCITT
105	PF_CCITT
106#else
107	PF_NO_LOCAL_MAPPING
108#endif
109	},
110	{ BSM_PF_SNA, PF_SNA },
111	{ BSM_PF_DECnet, PF_DECnet },
112	{ BSM_PF_DLI,
113#ifdef PF_DLI
114	PF_DLI
115#else
116	PF_NO_LOCAL_MAPPING
117#endif
118	},
119	{ BSM_PF_LAT,
120#ifdef PF_LAT
121	PF_LAT
122#else
123	PF_NO_LOCAL_MAPPING
124#endif
125	},
126	{ BSM_PF_HYLINK,
127#ifdef PF_HYLINK
128	PF_HYLINK
129#else
130	PF_NO_LOCAL_MAPPING
131#endif
132	},
133	{ BSM_PF_APPLETALK, PF_APPLETALK },
134	{ BSM_PF_NIT,
135#ifdef PF_NIT
136	PF_NIT
137#else
138	PF_NO_LOCAL_MAPPING
139#endif
140	},
141	{ BSM_PF_802,
142#ifdef PF_802
143	PF_802
144#else
145	PF_NO_LOCAL_MAPPING
146#endif
147	},
148	{ BSM_PF_OSI,
149#ifdef PF_OSI
150	PF_OSI
151#else
152	PF_NO_LOCAL_MAPPING
153#endif
154	},
155	{ BSM_PF_X25,
156#ifdef PF_X25
157	PF_X25
158#else
159	PF_NO_LOCAL_MAPPING
160#endif
161	},
162	{ BSM_PF_OSINET,
163#ifdef PF_OSINET
164	PF_OSINET
165#else
166	PF_NO_LOCAL_MAPPING
167#endif
168	},
169	{ BSM_PF_GOSIP,
170#ifdef PF_GOSIP
171	PF_GOSIP
172#else
173	PF_NO_LOCAL_MAPPING
174#endif
175	},
176	{ BSM_PF_IPX, PF_IPX },
177	{ BSM_PF_ROUTE, PF_ROUTE },
178	{ BSM_PF_LINK,
179#ifdef PF_LINK
180	PF_LINK
181#else
182	PF_NO_LOCAL_MAPPING
183#endif
184	},
185	{ BSM_PF_INET6, PF_INET6 },
186	{ BSM_PF_KEY, PF_KEY },
187	{ BSM_PF_NCA,
188#ifdef PF_NCA
189	PF_NCA
190#else
191	PF_NO_LOCAL_MAPPING
192#endif
193	},
194	{ BSM_PF_POLICY,
195#ifdef PF_POLICY
196	PF_POLICY
197#else
198	PF_NO_LOCAL_MAPPING
199#endif
200	},
201	{ BSM_PF_INET_OFFLOAD,
202#ifdef PF_INET_OFFLOAD
203	PF_INET_OFFLOAD
204#else
205	PF_NO_LOCAL_MAPPING
206#endif
207	},
208	{ BSM_PF_NETBIOS,
209#ifdef PF_NETBIOS
210	PF_NETBIOS
211#else
212	PF_NO_LOCAL_MAPPING
213#endif
214	},
215	{ BSM_PF_ISO,
216#ifdef PF_ISO
217	PF_ISO
218#else
219	PF_NO_LOCAL_MAPPING
220#endif
221	},
222	{ BSM_PF_XTP,
223#ifdef PF_XTP
224	PF_XTP
225#else
226	PF_NO_LOCAL_MAPPING
227#endif
228	},
229	{ BSM_PF_COIP,
230#ifdef PF_COIP
231	PF_COIP
232#else
233	PF_NO_LOCAL_MAPPING
234#endif
235	},
236	{ BSM_PF_CNT,
237#ifdef PF_CNT
238	PF_CNT
239#else
240	PF_NO_LOCAL_MAPPING
241#endif
242	},
243	{ BSM_PF_RTIP,
244#ifdef PF_RTIP
245	PF_RTIP
246#else
247	PF_NO_LOCAL_MAPPING
248#endif
249	},
250	{ BSM_PF_SIP,
251#ifdef PF_SIP
252	PF_SIP
253#else
254	PF_NO_LOCAL_MAPPING
255#endif
256	},
257	{ BSM_PF_PIP,
258#ifdef PF_PIP
259	PF_PIP
260#else
261	PF_NO_LOCAL_MAPPING
262#endif
263	},
264	{ BSM_PF_ISDN,
265#ifdef PF_ISDN
266	PF_ISDN
267#else
268	PF_NO_LOCAL_MAPPING
269#endif
270	},
271	{ BSM_PF_E164,
272#ifdef PF_E164
273	PF_E164
274#else
275	PF_NO_LOCAL_MAPPING
276#endif
277	},
278	{ BSM_PF_NATM,
279#ifdef PF_NATM
280	PF_NATM
281#else
282	PF_NO_LOCAL_MAPPING
283#endif
284	},
285	{ BSM_PF_ATM,
286#ifdef PF_ATM
287	PF_ATM
288#else
289	PF_NO_LOCAL_MAPPING
290#endif
291	},
292	{ BSM_PF_NETGRAPH,
293#ifdef PF_NETGRAPH
294	PF_NETGRAPH
295#else
296	PF_NO_LOCAL_MAPPING
297#endif
298	},
299	{ BSM_PF_SLOW,
300#ifdef PF_SLOW
301	PF_SLOW
302#else
303	PF_NO_LOCAL_MAPPING
304#endif
305	},
306	{ BSM_PF_SCLUSTER,
307#ifdef PF_SCLUSTER
308	PF_SCLUSTER
309#else
310	PF_NO_LOCAL_MAPPING
311#endif
312	},
313	{ BSM_PF_ARP,
314#ifdef PF_ARP
315	PF_ARP
316#else
317	PF_NO_LOCAL_MAPPING
318#endif
319	},
320	{ BSM_PF_BLUETOOTH,
321#ifdef PF_BLUETOOTH
322	PF_BLUETOOTH
323#else
324	PF_NO_LOCAL_MAPPING
325#endif
326	},
327	{ BSM_PF_AX25,
328#ifdef PF_AX25
329	PF_AX25
330#else
331	PF_NO_LOCAL_MAPPING
332#endif
333	},
334	{ BSM_PF_ROSE,
335#ifdef PF_ROSE
336	PF_ROSE
337#else
338	PF_NO_LOCAL_MAPPING
339#endif
340	},
341	{ BSM_PF_NETBEUI,
342#ifdef PF_NETBEUI
343	PF_NETBEUI
344#else
345	PF_NO_LOCAL_MAPPING
346#endif
347	},
348	{ BSM_PF_SECURITY,
349#ifdef PF_SECURITY
350	PF_SECURITY
351#else
352	PF_NO_LOCAL_MAPPING
353#endif
354	},
355	{ BSM_PF_PACKET,
356#ifdef PF_PACKET
357	PF_PACKET
358#else
359	PF_NO_LOCAL_MAPPING
360#endif
361	},
362	{ BSM_PF_ASH,
363#ifdef PF_ASH
364	PF_ASH
365#else
366	PF_NO_LOCAL_MAPPING
367#endif
368	},
369	{ BSM_PF_ECONET,
370#ifdef PF_ECONET
371	PF_ECONET
372#else
373	PF_NO_LOCAL_MAPPING
374#endif
375	},
376	{ BSM_PF_ATMSVC,
377#ifdef PF_ATMSVC
378	PF_ATMSVC
379#else
380	PF_NO_LOCAL_MAPPING
381#endif
382	},
383	{ BSM_PF_IRDA,
384#ifdef PF_IRDA
385	PF_IRDA
386#else
387	PF_NO_LOCAL_MAPPING
388#endif
389	},
390	{ BSM_PF_PPPOX,
391#ifdef PF_PPPOX
392	PF_PPPOX
393#else
394	PF_NO_LOCAL_MAPPING
395#endif
396	},
397	{ BSM_PF_WANPIPE,
398#ifdef PF_WANPIPE
399	PF_WANPIPE
400#else
401	PF_NO_LOCAL_MAPPING
402#endif
403	},
404	{ BSM_PF_LLC,
405#ifdef PF_LLC
406	PF_LLC
407#else
408	PF_NO_LOCAL_MAPPING
409#endif
410	},
411	{ BSM_PF_CAN,
412#ifdef PF_CAN
413	PF_CAN
414#else
415	PF_NO_LOCAL_MAPPING
416#endif
417	},
418	{ BSM_PF_TIPC,
419#ifdef PF_TIPC
420	PF_TIPC
421#else
422	PF_NO_LOCAL_MAPPING
423#endif
424	},
425	{ BSM_PF_IUCV,
426#ifdef PF_IUCV
427	PF_IUCV
428#else
429	PF_NO_LOCAL_MAPPING
430#endif
431	},
432	{ BSM_PF_RXRPC,
433#ifdef PF_RXRPC
434	PF_RXRPC
435#else
436	PF_NO_LOCAL_MAPPING
437#endif
438	},
439	{ BSM_PF_PHONET,
440#ifdef PF_PHONET
441	PF_PHONET
442#else
443	PF_NO_LOCAL_MAPPING
444#endif
445	},
446};
447static const int bsm_domains_count = sizeof(bsm_domains) /
448	    sizeof(bsm_domains[0]);
449
450static const struct bsm_domain *
451bsm_lookup_local_domain(int local_domain)
452{
453	int i;
454
455	for (i = 0; i < bsm_domains_count; i++) {
456		if (bsm_domains[i].bd_local_domain == local_domain)
457			return (&bsm_domains[i]);
458	}
459	return (NULL);
460}
461
462u_short
463au_domain_to_bsm(int local_domain)
464{
465	const struct bsm_domain *bstp;
466
467	bstp = bsm_lookup_local_domain(local_domain);
468	if (bstp == NULL)
469		return (BSM_PF_UNKNOWN);
470	return (bstp->bd_bsm_domain);
471}
472
473static const struct bsm_domain *
474bsm_lookup_bsm_domain(u_short bsm_domain)
475{
476	int i;
477
478	for (i = 0; i < bsm_domains_count; i++) {
479		if (bsm_domains[i].bd_bsm_domain == bsm_domain)
480			return (&bsm_domains[i]);
481	}
482	return (NULL);
483}
484
485int
486au_bsm_to_domain(u_short bsm_domain, int *local_domainp)
487{
488	const struct bsm_domain *bstp;
489
490	bstp = bsm_lookup_bsm_domain(bsm_domain);
491	if (bstp == NULL || bstp->bd_local_domain)
492		return (-1);
493	*local_domainp = bstp->bd_local_domain;
494	return (0);
495}
496