OPENAFS-SA-2018-001 audit: support butc types

Add support for several complex butc types to enable butc auditing. Change-Id: I6aedd933cf5330cda40aae6f33827ae65409df32
2025-01-18 06:50:12 +00:00 · 2018-09-08 19:42:36 -05:00 · 2018-09-08 19:42:36 -05:00 · 9ebff4c6ca
commit 9ebff4c6ca
parent 50216dbbc3
3 changed files with 198 additions and 1 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -158,7 +158,7 @@ util: opr $(DIR_roken) procmgmt hcrypto lwp
 libafscp: util afs volser vlserver rx auth fsint
 	+${COMPILE_PART1} libafscp ${COMPILE_PART2}

-audit: util rx rxkad fsint
+audit: util rx rxkad fsint bubasics
 	+${COMPILE_PART1} audit ${COMPILE_PART2} #TODO

 comerr: util $(DIR_roken)
--- a/src/audit/audit.c
+++ b/src/audit/audit.c
@ -24,6 +24,7 @@

 #include <afs/opr.h>
 #include "afs/afsint.h"
+#include "afs/butc.h"
 #include <rx/rx.h>
 #include <rx/rxkad.h>
 #include "audit.h"
@ -138,6 +139,95 @@ audmakebuf(char *audEvent, va_list vaList)
 		bufferPtr += sizeof(struct AFSFid);
 		break;
 	    }
+	/* butc tape label */
+	case AUD_TLBL:
+	    {
+		struct tc_tapeLabel *label;
+
+		label = (struct tc_tapeLabel *)va_arg(vaList,
+						      struct tc_tapeLabel *);
+		if (label)
+		    memcpy(bufferPtr, label, sizeof(*label));
+		else
+		    memset(bufferPtr, 0, sizeof(*label));
+		bufferPtr += sizeof(label);
+		break;
+	    }
+	/* butc dump interface */
+	case AUD_TDI:
+	    {
+		struct tc_dumpInterface *di;
+
+		di = (struct tc_dumpInterface *)
+			va_arg(vaList, struct tc_dumpInterface *);
+		if (di)
+		    memcpy(bufferPtr, di, sizeof(*di));
+		else
+		    memset(bufferPtr, 0, sizeof(*di));
+		bufferPtr += sizeof(*di);
+		break;
+	    }
+	/*
+	 * butc dump array
+	 * An array of dump descriptions, but the AIX audit package assumes fixed
+	 * length, so we can only do the first one for now.
+	 */
+	case AUD_TDA:
+	    {
+		struct tc_dumpArray *da;
+
+		da = (struct tc_dumpArray *)
+			va_arg(vaList, struct tc_dumpArray *);
+		if (da && da->tc_dumpArray_len) {
+		    memcpy(bufferPtr, &da->tc_dumpArray_len, sizeof(u_int));
+		    bufferPtr += sizeof(u_int);
+		    memcpy(bufferPtr, da->tc_dumpArray_val,
+			   sizeof(da->tc_dumpArray_val[0]));
+		} else {
+		    memset(bufferPtr, 0, sizeof(u_int));
+		    bufferPtr += sizeof(u_int);
+		    memset(bufferPtr, 0, sizeof(da->tc_dumpArray_val[0]));
+		}
+		bufferPtr += sizeof(da->tc_dumpArray_val[0]);
+		break;
+	    }
+	/*
+	 * butc restore array
+	 * An array of restore descriptions, but the AIX audit package assumes
+	 * fixed length, so we can only do the first one for now.
+	 */
+	case AUD_TRA:
+	    {
+		struct tc_restoreArray *ra;
+
+		ra = (struct tc_restoreArray *)
+			va_arg(vaList, struct tc_restoreArray *);
+		if (ra && ra->tc_restoreArray_len) {
+		    memcpy(bufferPtr, &ra->tc_restoreArray_len, sizeof(u_int));
+		    bufferPtr += sizeof(u_int);
+		    memcpy(bufferPtr, ra->tc_restoreArray_val,
+			   sizeof(ra->tc_restoreArray_val[0]));
+		} else {
+		    memset(bufferPtr, 0, sizeof(u_int));
+		    bufferPtr += sizeof(u_int);
+		    memset(bufferPtr, 0, sizeof(ra->tc_restoreArray_val[0]));
+		}
+		bufferPtr += sizeof(ra->tc_restoreArray_val[0]);
+		break;
+	    }
+	/* butc tape controller status */
+	    {
+		struct tciStatusS *status;
+
+		status = (struct tciStatusS *)va_arg(vaList,
+						     struct tciStatusS *);
+		if (status)
+		    memcpy(bufferPtr, status, sizeof(*status));
+		else
+		    memset(bufferPtr, 0, sizeof(*status));
+		bufferPtr += sizeof(*status);
+		break;
+	    }
 	default:
 #ifdef AFS_AIX32_ENV
 	    code =
@ -163,6 +253,11 @@ printbuf(int rec, char *audEvent, char *afsName, afs_int32 hostId,
    char *vaStr;
    struct AFSFid *vaFid;
    struct AFSCBFids *vaFids;
+    struct tc_tapeLabel *vaLabel;
+    struct tc_dumpInterface *vaDI;
+    struct tc_dumpArray *vaDA;
+    struct tc_restoreArray *vaRA;
+    struct tciStatusS *vaTCstatus;
    int num = LogThreadNum();
    struct in_addr hostAddr;
    time_t currenttime;
@ -258,6 +353,102 @@ printbuf(int rec, char *audEvent, char *afsName, afs_int32 hostId,

            }
 	    break;
+	case AUD_TLBL:		/* butc tape label */
+	    vaLabel = va_arg(vaList, struct tc_tapeLabel *);
+
+	    if (vaLabel) {
+		audit_ops->append_msg("TAPELABEL %d:%.*s:%.*s:%u ",
+				      vaLabel->size,
+				      TC_MAXTAPELEN, vaLabel->afsname,
+				      TC_MAXTAPELEN, vaLabel->pname,
+				      vaLabel->tapeId);
+	    } else {
+		audit_ops->append_msg("TAPELABEL <null>");
+	    }
+	    break;
+	case AUD_TDI:
+	    vaDI = va_arg(vaList, struct tc_dumpInterface *);
+
+	    if (vaDI) {
+		audit_ops->append_msg(
+    "TCDUMPINTERFACE %.*s:%.*s:%.*s:%d:%d:%d:$d:%.*s:%.*s:%d:%d:%d:%d:%d ",
+    TC_MAXDUMPPATH, vaDI->dumpPath, TC_MAXNAMELEN, vaDI->volumeSetName,
+    TC_MAXNAMELEN, vaDI->dumpName, vaDI->parentDumpId, vaDI->dumpLevel,
+    vaDI->doAppend,
+    vaDI->tapeSet.id, TC_MAXHOSTLEN, vaDI->tapeSet.tapeServer,
+    TC_MAXFORMATLEN, vaDI->tapeSet.format, vaDI->tapeSet.maxTapes,
+    vaDI->tapeSet.a, vaDI->tapeSet.b, vaDI->tapeSet.expDate,
+    vaDI->tapeSet.expType);
+	    } else {
+		audit_ops->append_msg("TCDUMPINTERFACE <null>");
+	    }
+	    break;
+	case AUD_TDA:
+	    vaDA = va_arg(vaList, struct tc_dumpArray *);
+
+	    if (vaDA) {
+		u_int i;
+		struct tc_dumpDesc *desc;
+		struct in_addr hostAddr;
+
+		desc = vaDA->tc_dumpArray_val;
+		if (desc) {
+		    audit_ops->append_msg("DUMPS %d ", vaDA->tc_dumpArray_len);
+		    for (i = 0; i < vaDA->tc_dumpArray_len; i++, desc++) {
+			hostAddr.s_addr = desc->hostAddr;
+			audit_ops->append_msg("DUMP %d:%d:%.*s:$d:%d:%d:%s ",
+			    desc->vid, desc->vtype, TC_MAXNAMELEN, desc->name,
+			    desc->partition, desc->date, desc->cloneDate,
+			    inet_ntoa(hostAddr));
+		    }
+		} else {
+		    audit_ops->append_msg("DUMPS 0 DUMP 0:0::0:0:0:0.0.0.0");
+		}
+	    }
+	    break;
+	case AUD_TRA:
+	    vaRA = va_arg(vaList, struct tc_restoreArray *);
+
+	    if (vaRA) {
+		u_int i;
+		struct tc_restoreDesc *desc;
+		struct in_addr hostAddr;
+
+		desc = vaRA->tc_restoreArray_val;
+		if (desc) {
+		    audit_ops->append_msg("RESTORES %d ",
+					  vaRA->tc_restoreArray_len);
+		    for(i = 0; i < vaRA->tc_restoreArray_len; i++, desc++) {
+			hostAddr.s_addr = desc->hostAddr;
+			audit_ops->append_msg(
+			    "RESTORE %d:%.*s:%d:%d:%d:%d:%d:%d:%d:%s:%.*s:%.*s ",
+			    desc->flags, TC_MAXTAPELEN, desc->tapeName,
+			    desc->dbDumpId, desc->initialDumpId,
+			    desc->position, desc->origVid, desc->vid,
+			    desc->partition, desc->dumpLevel,
+			    inet_ntoa(hostAddr), TC_MAXNAMELEN,
+			    desc->oldName, TC_MAXNAMELEN, desc->newName);
+		    }
+		} else {
+		    audit_ops->append_msg(
+			"RESTORES 0 RESTORE 0::0:0:0:0:0:0:0:0.0.0.0::: ");
+		}
+	    }
+	    break;
+	case AUD_TSTT:
+	    vaTCstatus = va_arg(vaList, struct tciStatusS *);
+
+	    if (vaTCstatus)
+		audit_ops->append_msg("TCSTATUS %.*s:%d:%d:%d:%d:%.*s:%d:%d ",
+				      TC_MAXNAMELEN, vaTCstatus->taskName,
+				      vaTCstatus->taskId, vaTCstatus->flags,
+				      vaTCstatus->dbDumpId, vaTCstatus->nKBytes,
+				      TC_MAXNAMELEN, vaTCstatus->volumeName,
+				      vaTCstatus->volsFailed,
+				      vaTCstatus->lastPolled);
+	    else
+		audit_ops->append_msg("TCSTATUS <null>");
+	    break;
 	default:
 	    audit_ops->append_msg("--badval-- ");
 	    break;
--- a/src/audit/audit.h
+++ b/src/audit/audit.h
@ -23,6 +23,12 @@
 #define AUD_RESID 20		/* resid         in variable list */
 #define AUD_RSSIZERANGE 21	/* rssizerange   in variable list */
 #define AUD_LOOKUPINFO 22	/* LookupInfo    in variable list */
+/* next 5 lines for butc */
+#define AUD_TLBL 30             /* Tape Controller label */
+#define AUD_TDI  31             /* Tape Controller dump interface */
+#define AUD_TDA  32             /* Tape Controller dump array */
+#define AUD_TRA  33             /* Tape Controller restore array */
+#define AUD_TSTT 34             /* Tape Controller status struct */

 /*
 * Note: the master definitions of these error codes come from *.et