Page MenuHomeFreeBSD

audit(4): Add tests for all audit events of open(2) and openat(2)
ClosedPublic

Authored by aniketp on Jun 4 2018, 12:04 AM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 8 2024, 10:03 PM
Unknown Object (File)
Feb 4 2024, 3:46 AM
Unknown Object (File)
Feb 2 2024, 3:50 AM
Unknown Object (File)
Feb 1 2024, 8:54 AM
Unknown Object (File)
Jan 27 2024, 6:55 PM
Unknown Object (File)
Jan 27 2024, 6:55 PM
Unknown Object (File)
Jan 27 2024, 6:55 PM
Unknown Object (File)
Jan 27 2024, 6:55 PM
Subscribers

Details

Summary

The following changes introduce a new test-program open, which contains the tests for
open(2) and openat(2) system calls in various opening mode:

  • 72:AUE_OPEN_R:open(2) - read:fr
  • 73:AUE_OPEN_RC:open(2) - read,creat:fc,fr,fa,fm
  • 74:AUE_OPEN_RT:open(2) - read,trunc:fd,fr,fa,fm
  • 75:AUE_OPEN_RTC:open(2) - read,creat,trunc:fc,fd,fr,fa,fm
  • 76:AUE_OPEN_W:open(2) - write:fw
  • 77:AUE_OPEN_WC:open(2) - write,creat:fc,fw,fa,fm
  • 78:AUE_OPEN_WT:open(2) - write,trunc:fd,fw,fa,fm
  • 79:AUE_OPEN_WTC:open(2) - write,creat,trunc:fc,fd,fw,fa,fm
  • 80:AUE_OPEN_RW:open(2) - read,write:fr,fw
  • 81:AUE_OPEN_RWC:open(2) - read,write,creat:fc,fw,fr,fa,fm
  • 82:AUE_OPEN_RWT:open(2) - read,write,trunc:fd,fr,fw,fa,fm
  • 83:AUE_OPEN_RWTC:open(2) - read,write,creat,trunc:fc,fd,fw,fr,fa,fm

Similarly for openat(2) as well:

  • 270:AUE_OPENAT_R:openat(2) - read:fr
  • 271:AUE_OPENAT_RC:openat(2) - read,creat:fc,fr,fa,fm
  • 272:AUE_OPENAT_RT:openat(2) - read,trunc:fd,fr,fa,fm
  • 273:AUE_OPENAT_RTC:openat(2) - read,creat,trunc:fc,fd,fr,fa,fm
  • 274:AUE_OPENAT_W:openat(2) - write:fw
  • 275:AUE_OPENAT_WC:openat(2) - write,creat:fc,fw,fa,fm
  • 276:AUE_OPENAT_WT:openat(2) - write,trunc:fd,fw,fa,fm
  • 277:AUE_OPENAT_WTC:openat(2) - write,creat,trunc:fc,fd,fw,fa,fm
  • 278:AUE_OPENAT_RW:openat(2) - read,write:fr,fw
  • 279:AUE_OPENAT_RWC:openat(2) - read,write,create:fc,fw,fr,fa,fm
  • 280:AUE_OPENAT_RWT:openat(2) - read,write,trunc:fd,fw,fr,fa,fm
  • 281:AUE_OPENAT_RWTC:openat(2) - read,write,creat,trunc:fc,fd,fw,fr,fa,fm

Note: Testing all possible combinations of audit events in success and failure mode of
open(2) and openat(2) would have required 192 test cases. In order to limit the number
test-cases and test only the most important aspects, the audit classes have been restricted
to fr and fw only.

Test Plan

Execute make && make install from test/sys/audit.
Execute kyua test from /usr/tests/sys/audit. All testcases should succeed.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

  • Add the missing open.c source file

It looks ok, but it's incredibly repetitive. Do you think you could find a way to simplify it? One way would be to write macros to generate the individual test cases. libexec/tftpd/tests/functional.c takes that approach.

  • Update the test program to use macros for generating test cases

What happened to matching strings like read,create in the regex?

  • Include the specific regexes for individual audit events
  • Correct the format specifier of flag in test case description

No functional change

tests/sys/audit/open.c
67 ↗(On Diff #43327)

Printing the flags in hex isn't very helpful. Can you print them symbolically instead? Displaying them in ORed form should be fine.

Stringify the 'flag' macro argument using # preprocessing operator

tests/sys/audit/open.c
67 ↗(On Diff #43327)

They're displayed correctly now, but the grammer is off. How about "... call with flags = %s" ?

Update the test case description format

This revision was not accepted when it landed; it landed in state Needs Review.Jun 5 2018, 8:13 PM
This revision was automatically updated to reflect the committed changes.