Page MenuHomeFreeBSD

Add tests for various other ioctls for auditpipe(4)
Needs ReviewPublic

Authored by aniketp on Jul 26 2018, 7:06 AM.

Details

Reviewers
asomers
Summary

This revision introduces regression tests for various other ioctls for auditpipe. The ioctls are:

  • AUDITPIPE_GET_MAXAUDITDATA
  • AUDITPIPE_GET_PRESELECT_MODE
  • AUDITPIPE_SET_PRESELECT_MODE
  • AUDITPIPE_GET_PRESELECT_FLAGS
  • AUDITPIPE_SET_PRESELECT_FLAGS
  • AUDITPIPE_GET_PRESELECT_NAFLAGS
  • AUDITPIPE_SET_PRESELECT_NAFLAGS

Other important properties are also tested:

  • auditpipe_qlimit_less_than_qlimit_max
  • auditpipe_qlimit_more_than_qlimit_min
Test Plan

Execute make && make install from test/sys/auditpipe.
Execute kyua test from /usr/tests/sys/auditpipe. All testcases should succeed.

Diff Detail

Lint
Lint OK
Unit
No Unit Test Coverage
Build Status
Buildable 18415
Build 18124: arc lint + arc unit

Event Timeline

aniketp created this revision.Jul 26 2018, 7:06 AM
asomers requested changes to this revision.Jul 27 2018, 4:49 PM

Looks mostly good, except for the FLUSH test. As written, that one isn't going to be reliable.

tests/sys/auditpipe/auditpipe_test.c
229

This test isn't going to be reliable. You have no way to be sure that more auditable events didn't arrive after the flush but before AUDITPIPE_GET_QLEN.

This revision now requires changes to proceed.Jul 27 2018, 4:49 PM
aniketp updated this revision to Diff 45927.Jul 27 2018, 8:31 PM
  • Check if auditing was enabled before AUDITPIPE_FLUSH test
asomers requested changes to this revision.Jul 27 2018, 8:34 PM
asomers added inline comments.
tests/sys/auditpipe/auditpipe_test.c
234

Nope. In order for this technique to work, you need to stop auditing _before_ AUDITPIPE_FLUSH.

243

This needs to happen in the cleanup step, not in the body.

This revision now requires changes to proceed.Jul 27 2018, 8:34 PM
aniketp updated this revision to Diff 45928.Jul 27 2018, 8:41 PM
  • Move auditon code before starting calling AUDITPIPE_FLUSH
aniketp added inline comments.Jul 27 2018, 8:41 PM
tests/sys/auditpipe/auditpipe_test.c
243

But I've changed

ATF_REQUIRE_EQ(0, ioctl(filedesc, AUDITPIPE_GET_QLEN, &qlen));
ATF_REQUIRE_EQ(0, qlen);

to

ATF_CHECK_EQ(0, ioctl(filedesc, AUDITPIPE_GET_QLEN, &qlen));
ATF_CHECK_EQ(0, qlen);

for the same reason that the test case won't stop even if the require condition fails

asomers requested changes to this revision.Jul 27 2018, 8:54 PM
asomers added inline comments.
tests/sys/auditpipe/auditpipe_test.c
232

What happens if aucond was anything else? Then the test will be pointless, because there won't be anything in the audit trail. In that case, you should skip it. Or, start auditd just like you do in the audit tests.

235

This won't work either. By opening the auditpipe after pausing auditing, you're guaranteeing that the queue will be empty even before AUDITPIPE_FLUSH. You need to:

  1. Open auditpipe
  2. Cause something auditable to happen so the pipe gets data
  3. Suspend auditing
  4. Flush the pipe
  5. verify qlen == 0
243

Ok, I guess that's fine. Not universally, but it should be ok for this test. I say not universally, because something like a segfault could always prevent the tests's body from completing. But in this case I don't think there's anyway for the test to crash that wouldn't also be a possibility for the cleanup step.

This revision now requires changes to proceed.Jul 27 2018, 8:54 PM
aniketp updated this revision to Diff 45989.EditedJul 29 2018, 1:03 PM
  • Add auditable startup and closeup events if auditd(8) was not already running
asomers added inline comments.Jul 29 2018, 3:01 PM
tests/sys/auditpipe/auditpipe_test.c
235

Does this statement (or the one two lines above) cause an audit entry? If not, then the queue still may be empty before you flush it.