Index: tests/sys/audit/file-attribute-access.c =================================================================== --- tests/sys/audit/file-attribute-access.c +++ tests/sys/audit/file-attribute-access.c @@ -36,6 +36,7 @@ static struct pollfd fds[1]; static mode_t mode = 0777; +static int filedesc; static char extregex[80]; static struct stat statbuff; static const char *auclass = "fa"; @@ -55,10 +56,11 @@ ATF_TC_BODY(stat_success, tc) { /* File needs to exist to call stat(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, stat(path, &statbuff)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(stat_success, tc) @@ -140,7 +142,6 @@ ATF_TC_BODY(fstat_success, tc) { - int filedesc; /* File needs to exist to call fstat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); FILE *pipefd = setup(fds, auclass); @@ -149,6 +150,7 @@ snprintf(extregex, sizeof(extregex), "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino); check_audit(fds, extregex, pipefd); + close(filedesc); } ATF_TC_CLEANUP(fstat_success, tc) Index: tests/sys/audit/file-close.c =================================================================== --- tests/sys/audit/file-close.c +++ tests/sys/audit/file-close.c @@ -188,9 +188,7 @@ FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, revoke(ptyname)); check_audit(fds, extregex, pipefd); - - /* Close the file descriptor to pseudo terminal */ - ATF_REQUIRE_EQ(0, close(filedesc)); + close(filedesc); } ATF_TC_CLEANUP(revoke_success, tc) Index: tests/sys/audit/file-create.c =================================================================== --- tests/sys/audit/file-create.c +++ tests/sys/audit/file-create.c @@ -37,6 +37,7 @@ static struct pollfd fds[1]; static mode_t mode = 0777; +static int filedesc; static dev_t dev = 0; static const char *auclass = "fc"; static const char *path = "fileforaudit"; @@ -305,10 +306,11 @@ ATF_TC_BODY(rename_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, rename(path, "renamed")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(rename_success, tc) @@ -347,10 +349,11 @@ ATF_TC_BODY(renameat_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, renameat(AT_FDCWD, path, AT_FDCWD, "renamed")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(renameat_success, tc) @@ -389,10 +392,11 @@ ATF_TC_BODY(link_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, link(path, "hardlink")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(link_success, tc) @@ -431,10 +435,11 @@ ATF_TC_BODY(linkat_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, linkat(AT_FDCWD, path, AT_FDCWD, "hardlink", 0)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(linkat_success, tc) Index: tests/sys/audit/file-delete.c =================================================================== --- tests/sys/audit/file-delete.c +++ tests/sys/audit/file-delete.c @@ -35,6 +35,7 @@ static struct pollfd fds[1]; static mode_t mode = 0777; +static int filedesc; static const char *path = "fileforaudit"; static const char *errpath = "dirdoesnotexist/fileforaudit"; static const char *successreg = "fileforaudit.*return,success"; @@ -92,10 +93,11 @@ ATF_TC_BODY(rename_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, "fd"); ATF_REQUIRE_EQ(0, rename(path, "renamed")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(rename_success, tc) @@ -134,10 +136,11 @@ ATF_TC_BODY(renameat_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, "fd"); ATF_REQUIRE_EQ(0, renameat(AT_FDCWD, path, AT_FDCWD, "renamed")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(renameat_success, tc) @@ -176,10 +179,11 @@ ATF_TC_BODY(unlink_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, "fd"); ATF_REQUIRE_EQ(0, unlink(path)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(unlink_success, tc) Index: tests/sys/audit/file-write.c =================================================================== --- tests/sys/audit/file-write.c +++ tests/sys/audit/file-write.c @@ -33,6 +33,7 @@ static struct pollfd fds[1]; static mode_t mode = 0777; static off_t offlen = 0; +static int filedesc; static const char *path = "fileforaudit"; static const char *errpath = "dirdoesnotexist/fileforaudit"; static const char *successreg = "fileforaudit.*return,success"; @@ -49,10 +50,11 @@ ATF_TC_BODY(truncate_success, tc) { /* File needs to exist to call truncate(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, "fw"); ATF_REQUIRE_EQ(0, truncate(path, offlen)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(truncate_success, tc) @@ -91,13 +93,13 @@ ATF_TC_BODY(ftruncate_success, tc) { - int filedesc; const char *regex = "ftruncate.*return,success"; /* Valid file descriptor needs to exist to call ftruncate(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR)) != -1); FILE *pipefd = setup(fds, "fw"); ATF_REQUIRE_EQ(0, ftruncate(filedesc, offlen)); check_audit(fds, regex, pipefd); + close(filedesc); } ATF_TC_CLEANUP(ftruncate_success, tc) Index: tests/sys/audit/open.c =================================================================== --- tests/sys/audit/open.c +++ tests/sys/audit/open.c @@ -52,6 +52,7 @@ static struct pollfd fds[1]; static mode_t o_mode = 0777; +static int filedesc; static char extregex[80]; static const char *path = "fileforaudit"; static const char *errpath = "adirhasnoname/fileforaudit"; @@ -59,93 +60,97 @@ /* * Define test-cases for success and failure modes of both open(2) and openat(2) */ -#define OPEN_AT_TC_DEFINE(mode, regex, flag, class) \ -ATF_TC_WITH_CLEANUP(open_ ## mode ## _success); \ -ATF_TC_HEAD(open_ ## mode ## _success, tc) \ -{ \ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " \ - "open(2) call with flags = %s", #flag); \ -} \ -ATF_TC_BODY(open_ ## mode ## _success, tc) \ -{ \ - snprintf(extregex, sizeof(extregex), \ - "open.*%s.*fileforaudit.*return,success", regex); \ - /* File needs to exist for successful open(2) invocation */ \ - ATF_REQUIRE(open(path, O_CREAT, o_mode) != -1); \ - FILE *pipefd = setup(fds, class); \ - ATF_REQUIRE(syscall(SYS_open, path, flag) != -1); \ - check_audit(fds, extregex, pipefd); \ -} \ -ATF_TC_CLEANUP(open_ ## mode ## _success, tc) \ -{ \ - cleanup(); \ -} \ -ATF_TC_WITH_CLEANUP(open_ ## mode ## _failure); \ -ATF_TC_HEAD(open_ ## mode ## _failure, tc) \ -{ \ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " \ - "open(2) call with flags = %s", #flag); \ -} \ -ATF_TC_BODY(open_ ## mode ## _failure, tc) \ -{ \ - snprintf(extregex, sizeof(extregex), \ - "open.*%s.*fileforaudit.*return,failure", regex); \ - FILE *pipefd = setup(fds, class); \ - ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, flag)); \ - check_audit(fds, extregex, pipefd); \ -} \ -ATF_TC_CLEANUP(open_ ## mode ## _failure, tc) \ -{ \ - cleanup(); \ -} \ -ATF_TC_WITH_CLEANUP(openat_ ## mode ## _success); \ -ATF_TC_HEAD(openat_ ## mode ## _success, tc) \ -{ \ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " \ - "openat(2) call with flags = %s", #flag); \ -} \ -ATF_TC_BODY(openat_ ## mode ## _success, tc) \ -{ \ - snprintf(extregex, sizeof(extregex), \ - "openat.*%s.*fileforaudit.*return,success", regex); \ - /* File needs to exist for successful openat(2) invocation */ \ - ATF_REQUIRE(open(path, O_CREAT, o_mode) != -1); \ - FILE *pipefd = setup(fds, class); \ - ATF_REQUIRE(openat(AT_FDCWD, path, flag) != -1); \ - check_audit(fds, extregex, pipefd); \ -} \ -ATF_TC_CLEANUP(openat_ ## mode ## _success, tc) \ -{ \ - cleanup(); \ -} \ -ATF_TC_WITH_CLEANUP(openat_ ## mode ## _failure); \ -ATF_TC_HEAD(openat_ ## mode ## _failure, tc) \ -{ \ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " \ - "openat(2) call with flags = %s", #flag); \ -} \ -ATF_TC_BODY(openat_ ## mode ## _failure, tc) \ -{ \ - snprintf(extregex, sizeof(extregex), \ - "openat.*%s.*fileforaudit.*return,failure", regex); \ - FILE *pipefd = setup(fds, class); \ - ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, flag)); \ - check_audit(fds, extregex, pipefd); \ -} \ -ATF_TC_CLEANUP(openat_ ## mode ## _failure, tc) \ -{ \ - cleanup(); \ +#define OPEN_AT_TC_DEFINE(mode, regex, flag, class) \ +ATF_TC_WITH_CLEANUP(open_ ## mode ## _success); \ +ATF_TC_HEAD(open_ ## mode ## _success, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " \ + "open(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(open_ ## mode ## _success, tc) \ +{ \ + snprintf(extregex, sizeof(extregex), \ + "open.*%s.*fileforaudit.*return,success", regex); \ + /* File needs to exist for successful open(2) invocation */ \ + ATF_REQUIRE((filedesc = open(path, O_CREAT, o_mode)) != -1); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE(syscall(SYS_open, path, flag) != -1); \ + check_audit(fds, extregex, pipefd); \ + close(filedesc); \ +} \ +ATF_TC_CLEANUP(open_ ## mode ## _success, tc) \ +{ \ + cleanup(); \ +} \ +ATF_TC_WITH_CLEANUP(open_ ## mode ## _failure); \ +ATF_TC_HEAD(open_ ## mode ## _failure, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " \ + "open(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(open_ ## mode ## _failure, tc) \ +{ \ + snprintf(extregex, sizeof(extregex), \ + "open.*%s.*fileforaudit.*return,failure", regex); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, flag)); \ + check_audit(fds, extregex, pipefd); \ +} \ +ATF_TC_CLEANUP(open_ ## mode ## _failure, tc) \ +{ \ + cleanup(); \ +} \ +ATF_TC_WITH_CLEANUP(openat_ ## mode ## _success); \ +ATF_TC_HEAD(openat_ ## mode ## _success, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " \ + "openat(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(openat_ ## mode ## _success, tc) \ +{ \ + int filedesc2; \ + snprintf(extregex, sizeof(extregex), \ + "openat.*%s.*fileforaudit.*return,success", regex); \ + /* File needs to exist for successful openat(2) invocation */ \ + ATF_REQUIRE((filedesc = open(path, O_CREAT, o_mode)) != -1); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE((filedesc2 = openat(AT_FDCWD, path, flag)) != -1); \ + check_audit(fds, extregex, pipefd); \ + close(filedesc); \ + close(filedesc2); \ +} \ +ATF_TC_CLEANUP(openat_ ## mode ## _success, tc) \ +{ \ + cleanup(); \ +} \ +ATF_TC_WITH_CLEANUP(openat_ ## mode ## _failure); \ +ATF_TC_HEAD(openat_ ## mode ## _failure, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " \ + "openat(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(openat_ ## mode ## _failure, tc) \ +{ \ + snprintf(extregex, sizeof(extregex), \ + "openat.*%s.*fileforaudit.*return,failure", regex); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, flag)); \ + check_audit(fds, extregex, pipefd); \ +} \ +ATF_TC_CLEANUP(openat_ ## mode ## _failure, tc) \ +{ \ + cleanup(); \ } /* * Add both success and failure modes of open(2) and openat(2) */ -#define OPEN_AT_TC_ADD(tp, mode) \ -do { \ - ATF_TP_ADD_TC(tp, open_ ## mode ## _success); \ - ATF_TP_ADD_TC(tp, open_ ## mode ## _failure); \ - ATF_TP_ADD_TC(tp, openat_ ## mode ## _success); \ - ATF_TP_ADD_TC(tp, openat_ ## mode ## _failure); \ +#define OPEN_AT_TC_ADD(tp, mode) \ +do { \ + ATF_TP_ADD_TC(tp, open_ ## mode ## _success); \ + ATF_TP_ADD_TC(tp, open_ ## mode ## _failure); \ + ATF_TP_ADD_TC(tp, openat_ ## mode ## _success); \ + ATF_TP_ADD_TC(tp, openat_ ## mode ## _failure); \ } while (0) Index: tests/sys/audit/utils.c =================================================================== --- tests/sys/audit/utils.c +++ tests/sys/audit/utils.c @@ -27,15 +27,16 @@ #include -#include +#include +#include + +#include #include #include -#include -#include #include +#include +#include #include -#include -#include #include "utils.h" @@ -79,7 +80,7 @@ } free(buff); - fclose(memstream); + ATF_REQUIRE_EQ(0, fclose(memstream)); return (atf_utils_grep_string("%s", membuff, auditregex)); } @@ -193,10 +194,8 @@ void check_audit(struct pollfd fd[], const char *auditrgx, FILE *pipestream) { check_auditpipe(fd, auditrgx, pipestream); - - /* Cleanup */ - fclose(pipestream); - close(fd[0].fd); + /* Close the file descriptor and the opened stream of /dev/auditpipe */ + ATF_REQUIRE_EQ(0, fclose(pipestream)); } FILE @@ -207,9 +206,9 @@ nomask = get_audit_mask("no"); FILE *pipestream; - fd[0].fd = open("/dev/auditpipe", O_RDONLY); + ATF_REQUIRE((fd[0].fd = open("/dev/auditpipe", O_RDONLY)) != -1); + ATF_REQUIRE((pipestream = fdopen(fd[0].fd, "r")) != NULL); fd[0].events = POLLIN; - pipestream = fdopen(fd[0].fd, "r"); /* Set local preselection audit_class as "no" for audit startup */ set_preselect_mode(fd[0].fd, &nomask);