Merge OpenBSM 1.1 changes to the FreeBSD 8.x kernel:

- Add and use mapping of fcntl(2) commands to new BSM constant space.
- Adopt (int) rather than (long) arguments to a number of auditon(2)
  commands, as has happened in Solaris, and add compatibility code to
  handle the old comments.

Note that BSM_PF_IEEE80211 is partially but not fully removed, as the
userspace OpenBSM 1.1alpha5 code still depends on it.  Once userspace
is updated, I'll GCC the kernel constant.

MFC after:		2 weeks
Sponsored by:		Apple, Inc.
Obtained from:		TrustedBSD Project
Portions submitted by:	sson

sys/bsm/audit.h

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2005 Apple Inc.
+ * Copyright (c) 2005-2009 Apple Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,21 +26,15 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#5
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9
  * $FreeBSD$
  */
 
-#ifndef _BSM_AUDIT_H
+#ifndef	_BSM_AUDIT_H
 #define	_BSM_AUDIT_H
 
-#ifdef	__APPLE__
-/* Temporary until rdar://problem/6133383 is resolved. */
-#include <sys/types.h>
 #include <sys/param.h>
-#include <sys/socket.h>
-#include <sys/cdefs.h>
-#include <sys/queue.h>
-#endif /* __APPLE__ */
+#include <sys/types.h>
 
 #define	AUDIT_RECORD_MAGIC	0x828a0f1b
 #define	MAX_AUDIT_RECORDS	20
@@ -101,20 +95,20 @@
 /*
  * auditon(2) commands.
  */
-#define	A_GETPOLICY	2
-#define	A_SETPOLICY	3
+#define	A_OLDGETPOLICY	2
+#define	A_OLDSETPOLICY	3
 #define	A_GETKMASK	4
 #define	A_SETKMASK	5
-#define	A_GETQCTRL	6
-#define	A_SETQCTRL	7
+#define	A_OLDGETQCTRL	6
+#define	A_OLDSETQCTRL	7
 #define	A_GETCWD	8
 #define	A_GETCAR	9
 #define	A_GETSTAT	12
 #define	A_SETSTAT	13
 #define	A_SETUMASK	14
 #define	A_SETSMASK	15
-#define	A_GETCOND	20
-#define	A_SETCOND	21
+#define	A_OLDGETCOND	20
+#define	A_OLDSETCOND	21
 #define	A_GETCLASS	22
 #define	A_SETCLASS	23
 #define	A_GETPINFO	24
@@ -126,6 +120,12 @@
 #define	A_SETKAUDIT	30
 #define	A_SENDTRIGGER	31
 #define	A_GETSINFO_ADDR	32
+#define	A_GETPOLICY	33
+#define	A_SETPOLICY	34
+#define	A_GETQCTRL	35
+#define	A_SETQCTRL	36
+#define	A_GETCOND	37
+#define	A_SETCOND	38
 
 /*
  * Audit policy controls.
@@ -216,7 +216,6 @@ struct auditpinfo {
 	au_mask_t	ap_mask;	/* Audit masks. */
 	au_tid_t	ap_termid;	/* Terminal ID. */
 	au_asid_t	ap_asid;	/* Audit session ID. */
-	u_int64_t	ap_flags;	/* Audit session flags. */
 };
 typedef	struct auditpinfo	auditpinfo_t;
 
@@ -226,15 +225,12 @@ struct auditpinfo_addr {
 	au_mask_t	ap_mask;	/* Audit masks. */
 	au_tid_addr_t	ap_termid;	/* Terminal ID. */
 	au_asid_t	ap_asid;	/* Audit session ID. */
+	u_int64_t	ap_flags;	/* Audit session flags. */
 };
 typedef	struct auditpinfo_addr	auditpinfo_addr_t;
 
 struct au_session {
 	auditinfo_addr_t	*as_aia_p;	/* Ptr to full audit info. */
-#define	as_asid			as_aia_p->ai_asid
-#define	as_auid			as_aia_p->ai_auid
-#define	as_termid		as_aia_p->ai_termid
-
 	au_mask_t		 as_mask;	/* Process Audit Masks. */
 };
 typedef struct au_session       au_session_t;
@@ -245,13 +241,22 @@ typedef struct au_session       au_session_t;
 typedef	struct au_token	token_t;
 
 /*
- * Kernel audit queue control parameters.
+ * Kernel audit queue control parameters:
+ * 			Default:		Maximum:
+ * 	aq_hiwater:	AQ_HIWATER (100)	AQ_MAXHIGH (10000) 
+ * 	aq_lowater:	AQ_LOWATER (10)		<aq_hiwater
+ * 	aq_bufsz:	AQ_BUFSZ (32767)	AQ_MAXBUFSZ (1048576)
+ * 	aq_delay:	20			20000 (not used) 
  */
 struct au_qctrl {
-	size_t	aq_hiwater;
-	size_t	aq_lowater;
-	size_t	aq_bufsz;
-	clock_t	aq_delay;
+	int	aq_hiwater;	/* Max # of audit recs in queue when */
+				/* threads with new ARs get blocked. */ 
+
+	int	aq_lowater;	/* # of audit recs in queue when */
+				/* blocked threads get unblocked. */
+
+	int	aq_bufsz;	/* Max size of audit record for audit(2). */
+	int	aq_delay;	/* Queue delay (not used). */
 	int	aq_minfree;	/* Minimum filesystem percent free space. */
 };
 typedef	struct au_qctrl	au_qctrl_t;
@@ -308,6 +313,13 @@ int	getaudit(struct auditinfo *);
 int	setaudit(const struct auditinfo *);
 int	getaudit_addr(struct auditinfo_addr *, int);
 int	setaudit_addr(const struct auditinfo_addr *, int);
+
+#ifdef __APPLE_API_PRIVATE
+#include <mach/port.h>
+mach_port_name_t audit_session_self(void);
+au_asid_t	 audit_session_join(mach_port_name_t port);
+#endif /* __APPLE_API_PRIVATE */
+
 #endif /* defined(_KERNEL) || defined(KERNEL) */
 
 __END_DECLS

sys/bsm/audit_kevents.h

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2005 Apple Inc.
+ * Copyright (c) 2005-2009 Apple Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,13 +26,19 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#5
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#6
  * $FreeBSD$
  */
 
 #ifndef _BSM_AUDIT_KEVENTS_H_
 #define	_BSM_AUDIT_KEVENTS_H_
 
+/*
+ * The reserved event numbers for kernel events are 1...2047 and 43001..44900.
+ */
+#define	AUE_IS_A_KEVENT(e)	(((e) > 0 && (e) < 2048) || 	\
+    				 ((e) > 43000 && (e) < 45000))
+
 /*
  * Values marked as AUE_NULL are not required to be audited as per CAPP.
  *
@@ -589,6 +595,8 @@
 #define	AUE_FSGETPATH		43191	/* Darwin. */
 #define	AUE_PREAD		43192	/* Darwin/FreeBSD. */
 #define	AUE_PWRITE		43193	/* Darwin/FreeBSD. */
+#define	AUE_FSCTL		43194	/* Darwin. */
+#define	AUE_FFSCTL		43195	/* Darwin. */
 
 /*
  * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
@@ -674,12 +682,10 @@
 #define	AUE_CSOPS		AUE_NULL
 #define	AUE_DUP			AUE_NULL
 #define	AUE_FDATASYNC		AUE_NULL
-#define	AUE_FFSCTL		AUE_NULL
 #define	AUE_FGETATTRLIST	AUE_NULL
 #define	AUE_FGETXATTR		AUE_NULL
 #define	AUE_FLISTXATTR		AUE_NULL
 #define	AUE_FREMOVEXATTR	AUE_NULL
-#define	AUE_FSCTL		AUE_NULL
 #define	AUE_FSETATTRLIST	AUE_NULL
 #define	AUE_FSETXATTR		AUE_NULL
 #define	AUE_FSTATFS64		AUE_NULL

sys/bsm/audit_record.h

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2005-2008 Apple Inc.
+ * Copyright (c) 2005-2009 Apple Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#9
+ * P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#10
  * $FreeBSD$
  */
 
@@ -286,10 +286,12 @@ token_t	*au_to_zonename(const char *zonename);
  */
 int	 au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
 int	 au_bsm_to_errno(u_char bsm_error, int *errorp);
+int	 au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
 int	 au_bsm_to_socket_type(u_short bsm_socket_type,
 	    int *local_socket_typep);
 u_short	 au_domain_to_bsm(int local_domain);
 u_char	 au_errno_to_bsm(int local_errno);
+u_short	 au_fcntl_cmd_to_bsm(int local_fcntl_command);
 u_short	 au_socket_type_to_bsm(int local_socket_type);
 
 __END_DECLS

sys/conf/files

@@ -2528,6 +2528,7 @@ security/audit/audit_arg.c	optional audit
 security/audit/audit_bsm.c	optional audit
 security/audit/audit_bsm_domain.c	optional audit
 security/audit/audit_bsm_errno.c	optional audit
+security/audit/audit_bsm_fcntl.c	optional audit
 security/audit/audit_bsm_klib.c	optional audit
 security/audit/audit_bsm_socket_type.c	optional audit
 security/audit/audit_bsm_token.c	optional audit

sys/security/audit/audit.c

@@ -129,8 +129,8 @@ struct mtx		audit_mtx;
  * outstanding in the system.
  */
 struct kaudit_queue	audit_q;
-size_t			audit_q_len;
-size_t			audit_pre_q_len;
+int			audit_q_len;
+int			audit_pre_q_len;
 
 /*
  * Audit queue control settings (minimum free, low/high water marks, etc.)

sys/security/audit/audit_bsm.c

@@ -287,13 +287,20 @@ audit_sys_auditon(struct audit_record *ar, struct au_record *rec)
 	struct au_token *tok;
 
 	switch (ar->ar_arg_cmd) {
+	case A_OLDSETPOLICY:
+		if ((size_t)ar->ar_arg_len == sizeof(int64_t)) {
+			tok = au_to_arg32(3, "length", ar->ar_arg_len);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "policy",
+			    ar->ar_arg_auditon.au_policy64);
+			kau_write(rec, tok);
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_SETPOLICY:
-		if (sizeof(ar->ar_arg_auditon.au_flags) > 4)
-			tok = au_to_arg64(1, "policy",
-			    ar->ar_arg_auditon.au_flags);
-		else
-			tok = au_to_arg32(1, "policy",
-			    ar->ar_arg_auditon.au_flags);
+		tok = au_to_arg32(3, "length", ar->ar_arg_len);
+		kau_write(rec, tok);
+		tok = au_to_arg32(1, "policy", ar->ar_arg_auditon.au_policy);
 		kau_write(rec, tok);
 		break;
 
@@ -306,20 +313,42 @@ audit_sys_auditon(struct audit_record *ar, struct au_record *rec)
 		kau_write(rec, tok);
 		break;
 
+	case A_OLDSETQCTRL:
+		if ((size_t)ar->ar_arg_len == sizeof(au_qctrl64_t)) {
+			tok = au_to_arg32(3, "length", ar->ar_arg_len);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "setqctrl:aq_hiwater",
+			    ar->ar_arg_auditon.au_qctrl64.aq64_hiwater);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "setqctrl:aq_lowater",
+			    ar->ar_arg_auditon.au_qctrl64.aq64_lowater);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "setqctrl:aq_bufsz",
+			    ar->ar_arg_auditon.au_qctrl64.aq64_bufsz);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "setqctrl:aq_delay",
+			    ar->ar_arg_auditon.au_qctrl64.aq64_delay);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "setqctrl:aq_minfree",
+			    ar->ar_arg_auditon.au_qctrl64.aq64_minfree);
+			kau_write(rec, tok);
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_SETQCTRL:
 		tok = au_to_arg32(3, "setqctrl:aq_hiwater",
 		    ar->ar_arg_auditon.au_qctrl.aq_hiwater);
 		kau_write(rec, tok);
-		tok = au_to_arg32(3, "setqctrl:aq_lowater",
+		tok = au_to_arg32(2, "setqctrl:aq_lowater",
 		    ar->ar_arg_auditon.au_qctrl.aq_lowater);
 		kau_write(rec, tok);
-		tok = au_to_arg32(3, "setqctrl:aq_bufsz",
+		tok = au_to_arg32(2, "setqctrl:aq_bufsz",
 		    ar->ar_arg_auditon.au_qctrl.aq_bufsz);
 		kau_write(rec, tok);
-		tok = au_to_arg32(3, "setqctrl:aq_delay",
+		tok = au_to_arg32(2, "setqctrl:aq_delay",
 		    ar->ar_arg_auditon.au_qctrl.aq_delay);
 		kau_write(rec, tok);
-		tok = au_to_arg32(3, "setqctrl:aq_minfree",
+		tok = au_to_arg32(2, "setqctrl:aq_minfree",
 		    ar->ar_arg_auditon.au_qctrl.aq_minfree);
 		kau_write(rec, tok);
 		break;
@@ -334,34 +363,47 @@ audit_sys_auditon(struct audit_record *ar, struct au_record *rec)
 		break;
 
 	case A_SETSMASK:
-		tok = au_to_arg32(3, "setsmask:as_success",
+		tok = au_to_arg32(3, "length", ar->ar_arg_len);
+		kau_write(rec, tok);
+		tok = au_to_arg32(2, "setsmask:as_success",
 		    ar->ar_arg_auditon.au_auinfo.ai_mask.am_success);
 		kau_write(rec, tok);
-		tok = au_to_arg32(3, "setsmask:as_failure",
+		tok = au_to_arg32(2, "setsmask:as_failure",
 		    ar->ar_arg_auditon.au_auinfo.ai_mask.am_failure);
 		kau_write(rec, tok);
 		break;
 
+	case A_OLDSETCOND:
+		if ((size_t)ar->ar_arg_len == sizeof(int64_t)) {
+			tok = au_to_arg32(3, "length", ar->ar_arg_len);
+			kau_write(rec, tok);
+			tok = au_to_arg64(2, "setcond",
+			    ar->ar_arg_auditon.au_cond64);
+			kau_write(rec, tok);
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_SETCOND:
-		if (sizeof(ar->ar_arg_auditon.au_cond) > 4)
-			tok = au_to_arg64(3, "setcond",
-			    ar->ar_arg_auditon.au_cond);
-		else
-			tok = au_to_arg32(3, "setcond",
-			    ar->ar_arg_auditon.au_cond);
+		tok = au_to_arg32(3, "length", ar->ar_arg_len);
+		kau_write(rec, tok);
+		tok = au_to_arg32(3, "setcond", ar->ar_arg_auditon.au_cond);
 		kau_write(rec, tok);
 		break;
 
 	case A_SETCLASS:
+		tok = au_to_arg32(3, "length", ar->ar_arg_len);
+		kau_write(rec, tok);
 		tok = au_to_arg32(2, "setclass:ec_event",
 		    ar->ar_arg_auditon.au_evclass.ec_number);
 		kau_write(rec, tok);
-		tok = au_to_arg32(3, "setclass:ec_class",
+		tok = au_to_arg32(2, "setclass:ec_class",
 		    ar->ar_arg_auditon.au_evclass.ec_class);
 		kau_write(rec, tok);
 		break;
 
 	case A_SETPMASK:
+		tok = au_to_arg32(3, "length", ar->ar_arg_len);
+		kau_write(rec, tok);
 		tok = au_to_arg32(2, "setpmask:as_success",
 		    ar->ar_arg_auditon.au_aupinfo.ap_mask.am_success);
 		kau_write(rec, tok);
@@ -371,6 +413,8 @@ audit_sys_auditon(struct audit_record *ar, struct au_record *rec)
 		break;
 
 	case A_SETFSIZE:
+		tok = au_to_arg32(3, "length", ar->ar_arg_len);
+		kau_write(rec, tok);
 		tok = au_to_arg32(2, "setfsize:filesize",
 		    ar->ar_arg_auditon.au_fstat.af_filesz);
 		kau_write(rec, tok);
@@ -847,12 +891,13 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 		break;
 
 	case AUE_FCNTL:
+		if (ARG_IS_VALID(kar, ARG_CMD)) {
+			tok = au_to_arg32(2, "cmd",
+			    au_fcntl_cmd_to_bsm(ar->ar_arg_cmd));
+			kau_write(rec, tok);
+		}
 		if (ar->ar_arg_cmd == F_GETLK || ar->ar_arg_cmd == F_SETLK ||
 		    ar->ar_arg_cmd == F_SETLKW) {
-			if (ARG_IS_VALID(kar, ARG_CMD)) {
-				tok = au_to_arg32(2, "cmd", ar->ar_arg_cmd);
-				kau_write(rec, tok);
-			}
 			FD_VNODE1_TOKENS;
 		}
 		break;

sys/security/audit/audit_bsm_domain.c

@@ -26,7 +26,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE. 
  *
- * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#2
+ * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#3
  */
 
 #include <sys/cdefs.h>
@@ -322,13 +322,6 @@ static const struct bsm_domain bsm_domains[] = {
 	PF_BLUETOOTH
 #else
 	PF_NO_LOCAL_MAPPING
-#endif
-	},
-	{ BSM_PF_IEEE80211,
-#ifdef PF_IEEE80211
-	PF_IEEE80211
-#else
-	PF_NO_LOCAL_MAPPING
 #endif
 	},
 	{ BSM_PF_AX25,

sys/security/audit/audit_bsm_fcntl.c

@@ -27,16 +27,18 @@
  * POSSIBILITY OF SUCH DAMAGE.
  *
  * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_fcntl.c#2
- * $FreeBSD$
  */
 
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
 #include <sys/param.h>
 #include <sys/fcntl.h>
 
-#include <config/config.h>
+#include <security/audit/audit.h>
 
 #include <bsm/audit_fcntl.h>
-#include <bsm/libbsm.h>
+#include <bsm/audit_record.h>
 
 struct bsm_fcntl_cmd {
 	u_short	bfc_bsm_fcntl_cmd;

sys/security/audit/audit_bsm_token.c

@@ -30,7 +30,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90
+ * P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91
  */
 
 #include <sys/cdefs.h>
@@ -1460,7 +1460,7 @@ au_to_header32_ex(int rec_size, au_event_t e_type, au_emod_t e_mod)
 
 	if (gettimeofday(&tm, NULL) == -1)
 		return (NULL);
-	if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) {
+	if (audit_get_kaudit(&aia, sizeof(aia)) != 0) {
 		if (errno != ENOSYS)
 			return (NULL);
 		return (au_to_header32_tm(rec_size, e_type, e_mod, tm));

sys/security/audit/audit_private.h

@@ -118,18 +118,34 @@ struct socket_au_info {
 	u_short		so_lport;	/* Local port. */
 };
 
+/*
+ * The following is used for A_OLDSETQCTRL and AU_OLDGETQCTRL and a 64-bit
+ * userland.
+ */
+struct au_qctrl64 {
+	u_int64_t	aq64_hiwater;
+	u_int64_t	aq64_lowater;
+	u_int64_t	aq64_bufsz;
+	u_int64_t	aq64_delay;
+	u_int64_t	aq64_minfree;
+};
+typedef	struct au_qctrl64	au_qctrl64_t;
+
 union auditon_udata {
 	char			*au_path;
-	long			au_cond;
-	long			au_flags;
-	long			au_policy;
+	int			au_cond;
+	int			au_flags;
+	int			au_policy;
 	int			au_trigger;
+	int64_t			au_cond64;
+	int64_t			au_policy64;
 	au_evclass_map_t	au_evclass;
 	au_mask_t		au_mask;
 	auditinfo_t		au_auinfo;
 	auditpinfo_t		au_aupinfo;
 	auditpinfo_addr_t	au_aupinfo_addr;
 	au_qctrl_t		au_qctrl;
+	au_qctrl64_t		au_qctrl64;
 	au_stat_t		au_stat;
 	au_fstat_t		au_fstat;
 	auditinfo_addr_t	au_kau_info;
@@ -275,8 +291,8 @@ extern struct mtx		audit_mtx;
 extern struct cv		audit_watermark_cv;
 extern struct cv		audit_worker_cv;
 extern struct kaudit_queue	audit_q;
-extern size_t			audit_q_len;
-extern size_t			audit_pre_q_len;
+extern int			audit_q_len;
+extern int			audit_pre_q_len;
 extern int			audit_in_failure;
 
 /*

sys/security/audit/audit_syscalls.c

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2005 Apple Inc.
+ * Copyright (c) 1999-2009 Apple Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -187,12 +187,15 @@ auditon(struct thread *td, struct auditon_args *uap)
 	 */
 	switch (uap->cmd) {
 	case A_SETPOLICY:
+	case A_OLDSETPOLICY:
 	case A_SETKMASK:
 	case A_SETQCTRL:
+	case A_OLDSETQCTRL:
 	case A_SETSTAT:
 	case A_SETUMASK:
 	case A_SETSMASK:
 	case A_SETCOND:
+	case A_OLDSETCOND:
 	case A_SETCLASS:
 	case A_SETPMASK:
 	case A_SETFSIZE:
@@ -212,7 +215,22 @@ auditon(struct thread *td, struct auditon_args *uap)
 	 * XXXAUDIT: Locking?
 	 */
 	switch (uap->cmd) {
+	case A_OLDGETPOLICY:
+		if (uap->length == sizeof(udata.au_policy64)) {
+			if (!audit_fail_stop)
+				udata.au_policy64 |= AUDIT_CNT;
+			if (audit_panic_on_write_fail)
+				udata.au_policy64 |= AUDIT_AHLT;
+			if (audit_argv)
+				udata.au_policy64 |= AUDIT_ARGV;
+			if (audit_arge)
+				udata.au_policy64 |= AUDIT_ARGE;
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_GETPOLICY:
+		if (uap->length != sizeof(udata.au_policy))
+			return (EINVAL);
 		if (!audit_fail_stop)
 			udata.au_policy |= AUDIT_CNT;
 		if (audit_panic_on_write_fail)
@@ -223,7 +241,23 @@ auditon(struct thread *td, struct auditon_args *uap)
 			udata.au_policy |= AUDIT_ARGE;
 		break;
 
+	case A_OLDSETPOLICY:
+		if (uap->length == sizeof(udata.au_policy64)) {
+			if (udata.au_policy & (~AUDIT_CNT|AUDIT_AHLT|
+			    AUDIT_ARGV|AUDIT_ARGE))
+				return (EINVAL);
+			audit_fail_stop = ((udata.au_policy64 & AUDIT_CNT) ==
+			    0);
+			audit_panic_on_write_fail = (udata.au_policy64 &
+			    AUDIT_AHLT);
+			audit_argv = (udata.au_policy64 & AUDIT_ARGV);
+			audit_arge = (udata.au_policy64 & AUDIT_ARGE);
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_SETPOLICY:
+		if (uap->length != sizeof(udata.au_policy))
+			return (EINVAL);
 		if (udata.au_policy & ~(AUDIT_CNT|AUDIT_AHLT|AUDIT_ARGV|
 		    AUDIT_ARGE))
 			return (EINVAL);
@@ -237,18 +271,60 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_GETKMASK:
+		if (uap->length != sizeof(udata.au_mask))
+			return (EINVAL);
 		udata.au_mask = audit_nae_mask;
 		break;
 
 	case A_SETKMASK:
+		if (uap->length != sizeof(udata.au_mask))
+			return (EINVAL);
 		audit_nae_mask = udata.au_mask;
 		break;
 
+	case A_OLDGETQCTRL:
+		if (uap->length == sizeof(udata.au_qctrl64)) {
+			udata.au_qctrl64.aq64_hiwater =
+			    (u_int64_t)audit_qctrl.aq_hiwater;
+			udata.au_qctrl64.aq64_lowater =
+			    (u_int64_t)audit_qctrl.aq_lowater;
+			udata.au_qctrl64.aq64_bufsz =
+			    (u_int64_t)audit_qctrl.aq_bufsz;
+			udata.au_qctrl64.aq64_minfree =
+			    (u_int64_t)audit_qctrl.aq_minfree;
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_GETQCTRL:
+		if (uap->length != sizeof(udata.au_qctrl))
+			return (EINVAL);
 		udata.au_qctrl = audit_qctrl;
 		break;
 
+	case A_OLDSETQCTRL:
+		if (uap->length == sizeof(udata.au_qctrl64)) {
+			if ((udata.au_qctrl64.aq64_hiwater > AQ_MAXHIGH) ||
+			    (udata.au_qctrl64.aq64_lowater >=
+			    udata.au_qctrl.aq_hiwater) ||
+			    (udata.au_qctrl64.aq64_bufsz > AQ_MAXBUFSZ) ||
+			    (udata.au_qctrl64.aq64_minfree < 0) ||
+			    (udata.au_qctrl64.aq64_minfree > 100))
+				return (EINVAL);
+			audit_qctrl.aq_hiwater =
+			    (int)udata.au_qctrl64.aq64_hiwater;
+			audit_qctrl.aq_lowater =
+			    (int)udata.au_qctrl64.aq64_lowater;
+			audit_qctrl.aq_bufsz =
+			    (int)udata.au_qctrl64.aq64_bufsz;
+			audit_qctrl.aq_minfree =
+			    (int)udata.au_qctrl64.aq64_minfree;
+			audit_qctrl.aq_delay = -1;	/* Not used. */
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_SETQCTRL:
+		if (uap->length != sizeof(udata.au_qctrl))
+			return (EINVAL);
 		if ((udata.au_qctrl.aq_hiwater > AQ_MAXHIGH) ||
 		    (udata.au_qctrl.aq_lowater >= udata.au_qctrl.aq_hiwater) ||
 		    (udata.au_qctrl.aq_bufsz > AQ_MAXBUFSZ) ||
@@ -285,14 +361,40 @@ auditon(struct thread *td, struct auditon_args *uap)
 		return (ENOSYS);
 		break;
 
+	case A_OLDGETCOND:
+		if (uap->length == sizeof(udata.au_cond64)) {
+			if (audit_enabled && !audit_suspended)
+				udata.au_cond64 = AUC_AUDITING;
+			else
+				udata.au_cond64 = AUC_NOAUDIT;
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_GETCOND:
+		if (uap->length != sizeof(udata.au_cond))
+			return (EINVAL);
 		if (audit_enabled && !audit_suspended)
 			udata.au_cond = AUC_AUDITING;
 		else
 			udata.au_cond = AUC_NOAUDIT;
 		break;
 
+	case A_OLDSETCOND:
+		if (uap->length == sizeof(udata.au_cond64)) {
+			if (udata.au_cond64 == AUC_NOAUDIT)
+				audit_suspended = 1;
+			if (udata.au_cond64 == AUC_AUDITING)
+				audit_suspended = 0;
+			if (udata.au_cond64 == AUC_DISABLED) {
+				audit_suspended = 1;
+				audit_shutdown(NULL, 0);
+			}
+			break;
+		}
+		/* FALLTHROUGH */
 	case A_SETCOND:
+		if (uap->length != sizeof(udata.au_cond))
+			return (EINVAL);
 		if (udata.au_cond == AUC_NOAUDIT)
 			audit_suspended = 1;
 		if (udata.au_cond == AUC_AUDITING)
@@ -304,16 +406,22 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_GETCLASS:
+		if (uap->length != sizeof(udata.au_evclass))
+			return (EINVAL);
 		udata.au_evclass.ec_class = au_event_class(
 		    udata.au_evclass.ec_number);
 		break;
 
 	case A_SETCLASS:
+		if (uap->length != sizeof(udata.au_evclass))
+			return (EINVAL);
 		au_evclassmap_insert(udata.au_evclass.ec_number,
 		    udata.au_evclass.ec_class);
 		break;
 
 	case A_GETPINFO:
+		if (uap->length != sizeof(udata.au_aupinfo))
+			return (EINVAL);
 		if (udata.au_aupinfo.ap_pid < 1)
 			return (ESRCH);
 		if ((tp = pfind(udata.au_aupinfo.ap_pid)) == NULL)
@@ -341,6 +449,8 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_SETPMASK:
+		if (uap->length != sizeof(udata.au_aupinfo))
+			return (EINVAL);
 		if (udata.au_aupinfo.ap_pid < 1)
 			return (ESRCH);
 		newcred = crget();
@@ -365,6 +475,8 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_SETFSIZE:
+		if (uap->length != sizeof(udata.au_fstat))
+			return (EINVAL);
 		if ((udata.au_fstat.af_filesz != 0) &&
 		   (udata.au_fstat.af_filesz < MIN_AUDIT_FILE_SIZE))
 			return (EINVAL);
@@ -372,11 +484,15 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_GETFSIZE:
+		if (uap->length != sizeof(udata.au_fstat))
+			return (EINVAL);
 		udata.au_fstat.af_filesz = audit_fstat.af_filesz;
 		udata.au_fstat.af_currsz = audit_fstat.af_currsz;
 		break;
 
 	case A_GETPINFO_ADDR:
+		if (uap->length != sizeof(udata.au_aupinfo_addr))
+			return (EINVAL);
 		if (udata.au_aupinfo_addr.ap_pid < 1)
 			return (ESRCH);
 		if ((tp = pfind(udata.au_aupinfo_addr.ap_pid)) == NULL)
@@ -393,10 +509,14 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_GETKAUDIT:
+		if (uap->length != sizeof(udata.au_kau_info))
+			return (EINVAL);
 		audit_get_kinfo(&udata.au_kau_info);
 		break;
 
 	case A_SETKAUDIT:
+		if (uap->length != sizeof(udata.au_kau_info))
+			return (EINVAL);
 		if (udata.au_kau_info.ai_termid.at_type != AU_IPv4 &&
 		    udata.au_kau_info.ai_termid.at_type != AU_IPv6)
 			return (EINVAL);
@@ -404,6 +524,8 @@ auditon(struct thread *td, struct auditon_args *uap)
 		break;
 
 	case A_SENDTRIGGER:
+		if (uap->length != sizeof(udata.au_trigger))
+			return (EINVAL);
 		if ((udata.au_trigger < AUDIT_TRIGGER_MIN) ||
 		    (udata.au_trigger > AUDIT_TRIGGER_MAX))
 			return (EINVAL);
@@ -418,12 +540,15 @@ auditon(struct thread *td, struct auditon_args *uap)
 	 */
 	switch (uap->cmd) {
 	case A_GETPOLICY:
+	case A_OLDGETPOLICY:
 	case A_GETKMASK:
 	case A_GETQCTRL:
+	case A_OLDGETQCTRL:
 	case A_GETCWD:
 	case A_GETCAR:
 	case A_GETSTAT:
 	case A_GETCOND:
+	case A_OLDGETCOND:
 	case A_GETCLASS:
 	case A_GETPINFO:
 	case A_GETFSIZE: