static const char *print_a2(const char *val, const rnode *r)
{
int machine = r->machine, syscall = r->syscall;
char *out;
const char *sys = audit_syscall_to_name(syscall, machine);
if (sys) {
if (strncmp(sys, "fcntl", 5) == 0) {
int ival;
errno = 0;
ival = strtoul(val, NULL, 16);
if (errno) {
asprintf(&out, "conversion error(%s)", val);
return out;
}
switch (r->a1)
{
case F_SETOWN:
return print_uid(val, 16);
case F_SETFD:
if (ival == FD_CLOEXEC)
return strdup("FD_CLOEXEC");
/* Fall thru okay. */
case F_SETFL:
case F_SETLEASE:
case F_GETLEASE:
case F_NOTIFY:
break;
}
} else if (strcmp(sys, "openat") == 0)
return print_open_flags(val);
else if (strcmp(sys, "fchmodat") == 0)
return print_mode_short(val);
else if (strstr(sys, "chown"))
return print_gid(val, 16);
else if (strcmp(sys, "setresuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setresgid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "tgkill") == 0)
return print_signals(val, 16);
else if (strcmp(sys, "mkdirat") == 0)
return print_mode_short(val);
else if (strcmp(sys, "mmap") == 0)
return print_prot(val, 1);
else if (strcmp(sys, "mprotect") == 0)
return print_prot(val, 0);
else if (strcmp(sys, "socket") == 0)
return print_socket_proto(val);
else if (strcmp(sys, "clone") == 0)
return print_clone_flags(val);
else if (strcmp(sys, "recvmsg") == 0)
return print_recv(val);
}
return strdup(val);
}
static const char *print_a1(const char *val, const rnode *r)
{
int machine = r->machine, syscall = r->syscall;
const char *sys = audit_syscall_to_name(syscall, machine);
if (sys) {
if (strcmp(sys, "open") == 0)
return print_open_flags(val);
else if (strcmp(sys, "epoll_ctl") == 0)
return print_epoll_ctl(val);
else if (strcmp(sys, "chmod") == 0)
return print_mode_short(val);
else if (strcmp(sys, "fchmod") == 0)
return print_mode_short(val);
else if (strstr(sys, "chown"))
return print_uid(val, 16);
else if (strcmp(sys, "setreuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setresuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setregid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "setresgid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "kill") == 0)
return print_signals(val, 16);
else if (strcmp(sys, "tkill") == 0)
return print_signals(val, 16);
else if (strcmp(sys, "mkdir") == 0)
return print_mode_short(val);
else if (strcmp(sys, "creat") == 0)
return print_mode_short(val);
else if (strncmp(sys, "fcntl", 5) == 0)
return print_fcntl_cmd(val);
else if (strcmp(sys, "mknod") == 0)
return print_mode(val, 16);
else if (strcmp(sys, "socket") == 0)
return print_socket_type(val);
}
return strdup(val);
}
void print_bookeeping_data(void)
{
printk(KERN_DEBUG "bookeeping_data= 0x%08x, VIRT_TO_MQX(bookeeping_data)= 0x%08x\n", bookeeping_data, VIRT_TO_MQX(bookeeping_data));
if(!bookeeping_data)
return;
printk(KERN_DEBUG ".init_string = %s\n", bookeeping_data->init_string);
#if 0
for(i=0; i<MCC_ATTR_MAX_RECEIVE_ENDPOINTS; i++)
{
printk(KERN_DEBUG "bookeeping_data->r_lists[%d](addr=0x%08x) .head= 0x%08x, .tail= 0x%08x\n",
i, VIRT_TO_MQX(&bookeeping_data->r_lists[i]), bookeeping_data->r_lists[i].head, bookeeping_data->r_lists[i].tail);
}
printk(KERN_DEBUG "bookeeping_data->free_list .head= 0x%08x, .tail= 0x%08x\n", bookeeping_data->free_list.head, bookeeping_data->free_list.tail);
#endif
print_signals();
#if 0
for(i=0; i<MCC_ATTR_MAX_RECEIVE_ENDPOINTS; i++)
{
printk(KERN_DEBUG "bookeeping_data->endpoint_table[%d] .endpoint=[%d, %d, %d] .list= 0x%08x\n",
i, bookeeping_data->endpoint_table[i].endpoint.core, bookeeping_data->endpoint_table[i].endpoint.node,
bookeeping_data->endpoint_table[i].endpoint.port, VIRT_TO_MQX(bookeeping_data->endpoint_table[i].list));
}
for(i=0; i<MCC_ATTR_NUM_RECEIVE_BUFFERS; i++) {
printk(KERN_DEBUG
"bookeeping_data->r_buffers[%d](addr=0x%08x).next= 0x%08x data[0-10]: 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x ",
i, VIRT_TO_MQX(&bookeeping_data->r_buffers[i]), bookeeping_data->r_buffers[i].next,
bookeeping_data->r_buffers[i].data[0], bookeeping_data->r_buffers[i].data[1], bookeeping_data->r_buffers[i].data[2],
bookeeping_data->r_buffers[i].data[3], bookeeping_data->r_buffers[i].data[4], bookeeping_data->r_buffers[i].data[5],
bookeeping_data->r_buffers[i].data[6], bookeeping_data->r_buffers[i].data[7], bookeeping_data->r_buffers[i].data[8],
bookeeping_data->r_buffers[i].data[9]);
}
#endif
}
static const char *print_a0(const char *val, const rnode *r)
{
int machine = r->machine, syscall = r->syscall;
const char *sys = audit_syscall_to_name(syscall, machine);
if (sys) {
if (strcmp(sys, "rt_sigaction") == 0)
return print_signals(val, 16);
else if (strcmp(sys, "setuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setreuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setresuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setfsuid") == 0)
return print_uid(val, 16);
else if (strcmp(sys, "setgid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "setregid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "setresgid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "setfsgid") == 0)
return print_gid(val, 16);
else if (strcmp(sys, "clock_settime") == 0)
return print_clock_id(val);
else if (strcmp(sys, "personality") == 0)
return print_personality(val);
else if (strcmp(sys, "ptrace") == 0)
return print_ptrace(val);
else if (strstr(sys, "etrlimit"))
return print_rlimit(val);
else if (strcmp(sys, "socket") == 0)
return print_socket_domain(val);
}
return strdup(val);
}
static void interpret(char *name, char *val, int comma, int rtype)
{
int type;
while (*name == ' '||*name == '(')
name++;
/* Do some fixups */
if (rtype == AUDIT_EXECVE && name[0] == 'a')
type = T_ESCAPED;
else if (rtype == AUDIT_AVC && strcmp(name, "saddr") == 0)
type = -1;
else if (strcmp(name, "acct") == 0) {
// Remove trailing punctuation
int len = strlen(val);
if (val[len-1] == ':')
val[len-1] = 0;
if (val[0] == '"')
type = T_ESCAPED;
else if (is_hex_string(val))
type = T_ESCAPED;
else
type = -1;
} else
type = audit_lookup_type(name);
switch(type) {
case T_UID:
print_uid(val);
break;
case T_GID:
print_gid(val);
break;
case T_SYSCALL:
print_syscall(val);
break;
case T_ARCH:
print_arch(val);
break;
case T_EXIT:
print_exit(val);
break;
case T_ESCAPED:
print_escaped(val);
break;
case T_PERM:
print_perm(val);
break;
case T_MODE:
print_mode(val);
break;
case T_SOCKADDR:
print_sockaddr(val);
break;
case T_FLAGS:
print_flags(val);
break;
case T_PROMISC:
print_promiscuous(val);
break;
case T_CAPABILITY:
print_capabilities(val);
break;
case T_SIGNAL:
print_signals(val);
break;
case T_KEY:
print_key(val);
break;
case T_LIST:
print_list(val);
break;
case T_TTY_DATA:
print_tty_data(val);
break;
default:
printf("%s%c", val, comma ? ',' : ' ');
}
}
