From 9ebff4c6caa8b499d999cfd515d4d45eb3179769 Mon Sep 17 00:00:00 2001 From: Benjamin Kaduk Date: Sat, 8 Sep 2018 19:42:36 -0500 Subject: [PATCH] OPENAFS-SA-2018-001 audit: support butc types Add support for several complex butc types to enable butc auditing. Change-Id: I6aedd933cf5330cda40aae6f33827ae65409df32 --- Makefile.in | 2 +- src/audit/audit.c | 191 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/audit/audit.h | 6 ++ 3 files changed, 198 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 5483d77..7a54018 100644 --- a/Makefile.in +++ b/Makefile.in @@ -158,7 +158,7 @@ util: opr $(DIR_roken) procmgmt hcrypto lwp libafscp: util afs volser vlserver rx auth fsint +${COMPILE_PART1} libafscp ${COMPILE_PART2} -audit: util rx rxkad fsint +audit: util rx rxkad fsint bubasics +${COMPILE_PART1} audit ${COMPILE_PART2} #TODO comerr: util $(DIR_roken) diff --git a/src/audit/audit.c b/src/audit/audit.c index 4701d61..4e33741 100644 --- a/src/audit/audit.c +++ b/src/audit/audit.c @@ -24,6 +24,7 @@ #include #include "afs/afsint.h" +#include "afs/butc.h" #include #include #include "audit.h" @@ -138,6 +139,95 @@ audmakebuf(char *audEvent, va_list vaList) bufferPtr += sizeof(struct AFSFid); break; } + /* butc tape label */ + case AUD_TLBL: + { + struct tc_tapeLabel *label; + + label = (struct tc_tapeLabel *)va_arg(vaList, + struct tc_tapeLabel *); + if (label) + memcpy(bufferPtr, label, sizeof(*label)); + else + memset(bufferPtr, 0, sizeof(*label)); + bufferPtr += sizeof(label); + break; + } + /* butc dump interface */ + case AUD_TDI: + { + struct tc_dumpInterface *di; + + di = (struct tc_dumpInterface *) + va_arg(vaList, struct tc_dumpInterface *); + if (di) + memcpy(bufferPtr, di, sizeof(*di)); + else + memset(bufferPtr, 0, sizeof(*di)); + bufferPtr += sizeof(*di); + break; + } + /* + * butc dump array + * An array of dump descriptions, but the AIX audit package assumes fixed + * length, so we can only do the first one for now. + */ + case AUD_TDA: + { + struct tc_dumpArray *da; + + da = (struct tc_dumpArray *) + va_arg(vaList, struct tc_dumpArray *); + if (da && da->tc_dumpArray_len) { + memcpy(bufferPtr, &da->tc_dumpArray_len, sizeof(u_int)); + bufferPtr += sizeof(u_int); + memcpy(bufferPtr, da->tc_dumpArray_val, + sizeof(da->tc_dumpArray_val[0])); + } else { + memset(bufferPtr, 0, sizeof(u_int)); + bufferPtr += sizeof(u_int); + memset(bufferPtr, 0, sizeof(da->tc_dumpArray_val[0])); + } + bufferPtr += sizeof(da->tc_dumpArray_val[0]); + break; + } + /* + * butc restore array + * An array of restore descriptions, but the AIX audit package assumes + * fixed length, so we can only do the first one for now. + */ + case AUD_TRA: + { + struct tc_restoreArray *ra; + + ra = (struct tc_restoreArray *) + va_arg(vaList, struct tc_restoreArray *); + if (ra && ra->tc_restoreArray_len) { + memcpy(bufferPtr, &ra->tc_restoreArray_len, sizeof(u_int)); + bufferPtr += sizeof(u_int); + memcpy(bufferPtr, ra->tc_restoreArray_val, + sizeof(ra->tc_restoreArray_val[0])); + } else { + memset(bufferPtr, 0, sizeof(u_int)); + bufferPtr += sizeof(u_int); + memset(bufferPtr, 0, sizeof(ra->tc_restoreArray_val[0])); + } + bufferPtr += sizeof(ra->tc_restoreArray_val[0]); + break; + } + /* butc tape controller status */ + { + struct tciStatusS *status; + + status = (struct tciStatusS *)va_arg(vaList, + struct tciStatusS *); + if (status) + memcpy(bufferPtr, status, sizeof(*status)); + else + memset(bufferPtr, 0, sizeof(*status)); + bufferPtr += sizeof(*status); + break; + } default: #ifdef AFS_AIX32_ENV code = @@ -163,6 +253,11 @@ printbuf(int rec, char *audEvent, char *afsName, afs_int32 hostId, char *vaStr; struct AFSFid *vaFid; struct AFSCBFids *vaFids; + struct tc_tapeLabel *vaLabel; + struct tc_dumpInterface *vaDI; + struct tc_dumpArray *vaDA; + struct tc_restoreArray *vaRA; + struct tciStatusS *vaTCstatus; int num = LogThreadNum(); struct in_addr hostAddr; time_t currenttime; @@ -258,6 +353,102 @@ printbuf(int rec, char *audEvent, char *afsName, afs_int32 hostId, } break; + case AUD_TLBL: /* butc tape label */ + vaLabel = va_arg(vaList, struct tc_tapeLabel *); + + if (vaLabel) { + audit_ops->append_msg("TAPELABEL %d:%.*s:%.*s:%u ", + vaLabel->size, + TC_MAXTAPELEN, vaLabel->afsname, + TC_MAXTAPELEN, vaLabel->pname, + vaLabel->tapeId); + } else { + audit_ops->append_msg("TAPELABEL "); + } + break; + case AUD_TDI: + vaDI = va_arg(vaList, struct tc_dumpInterface *); + + if (vaDI) { + audit_ops->append_msg( + "TCDUMPINTERFACE %.*s:%.*s:%.*s:%d:%d:%d:$d:%.*s:%.*s:%d:%d:%d:%d:%d ", + TC_MAXDUMPPATH, vaDI->dumpPath, TC_MAXNAMELEN, vaDI->volumeSetName, + TC_MAXNAMELEN, vaDI->dumpName, vaDI->parentDumpId, vaDI->dumpLevel, + vaDI->doAppend, + vaDI->tapeSet.id, TC_MAXHOSTLEN, vaDI->tapeSet.tapeServer, + TC_MAXFORMATLEN, vaDI->tapeSet.format, vaDI->tapeSet.maxTapes, + vaDI->tapeSet.a, vaDI->tapeSet.b, vaDI->tapeSet.expDate, + vaDI->tapeSet.expType); + } else { + audit_ops->append_msg("TCDUMPINTERFACE "); + } + break; + case AUD_TDA: + vaDA = va_arg(vaList, struct tc_dumpArray *); + + if (vaDA) { + u_int i; + struct tc_dumpDesc *desc; + struct in_addr hostAddr; + + desc = vaDA->tc_dumpArray_val; + if (desc) { + audit_ops->append_msg("DUMPS %d ", vaDA->tc_dumpArray_len); + for (i = 0; i < vaDA->tc_dumpArray_len; i++, desc++) { + hostAddr.s_addr = desc->hostAddr; + audit_ops->append_msg("DUMP %d:%d:%.*s:$d:%d:%d:%s ", + desc->vid, desc->vtype, TC_MAXNAMELEN, desc->name, + desc->partition, desc->date, desc->cloneDate, + inet_ntoa(hostAddr)); + } + } else { + audit_ops->append_msg("DUMPS 0 DUMP 0:0::0:0:0:0.0.0.0"); + } + } + break; + case AUD_TRA: + vaRA = va_arg(vaList, struct tc_restoreArray *); + + if (vaRA) { + u_int i; + struct tc_restoreDesc *desc; + struct in_addr hostAddr; + + desc = vaRA->tc_restoreArray_val; + if (desc) { + audit_ops->append_msg("RESTORES %d ", + vaRA->tc_restoreArray_len); + for(i = 0; i < vaRA->tc_restoreArray_len; i++, desc++) { + hostAddr.s_addr = desc->hostAddr; + audit_ops->append_msg( + "RESTORE %d:%.*s:%d:%d:%d:%d:%d:%d:%d:%s:%.*s:%.*s ", + desc->flags, TC_MAXTAPELEN, desc->tapeName, + desc->dbDumpId, desc->initialDumpId, + desc->position, desc->origVid, desc->vid, + desc->partition, desc->dumpLevel, + inet_ntoa(hostAddr), TC_MAXNAMELEN, + desc->oldName, TC_MAXNAMELEN, desc->newName); + } + } else { + audit_ops->append_msg( + "RESTORES 0 RESTORE 0::0:0:0:0:0:0:0:0.0.0.0::: "); + } + } + break; + case AUD_TSTT: + vaTCstatus = va_arg(vaList, struct tciStatusS *); + + if (vaTCstatus) + audit_ops->append_msg("TCSTATUS %.*s:%d:%d:%d:%d:%.*s:%d:%d ", + TC_MAXNAMELEN, vaTCstatus->taskName, + vaTCstatus->taskId, vaTCstatus->flags, + vaTCstatus->dbDumpId, vaTCstatus->nKBytes, + TC_MAXNAMELEN, vaTCstatus->volumeName, + vaTCstatus->volsFailed, + vaTCstatus->lastPolled); + else + audit_ops->append_msg("TCSTATUS "); + break; default: audit_ops->append_msg("--badval-- "); break; diff --git a/src/audit/audit.h b/src/audit/audit.h index f8b4100..599620a 100644 --- a/src/audit/audit.h +++ b/src/audit/audit.h @@ -23,6 +23,12 @@ #define AUD_RESID 20 /* resid in variable list */ #define AUD_RSSIZERANGE 21 /* rssizerange in variable list */ #define AUD_LOOKUPINFO 22 /* LookupInfo in variable list */ +/* next 5 lines for butc */ +#define AUD_TLBL 30 /* Tape Controller label */ +#define AUD_TDI 31 /* Tape Controller dump interface */ +#define AUD_TDA 32 /* Tape Controller dump array */ +#define AUD_TRA 33 /* Tape Controller restore array */ +#define AUD_TSTT 34 /* Tape Controller status struct */ /* * Note: the master definitions of these error codes come from *.et -- 1.9.4