Page MenuHomeFreeBSD
Files F146721265

D15613.id43186.diff
No OneTemporary
Actions

D15613.id43186.diff
View Options

Index: tests/sys/audit/file-create.c
===================================================================
--- tests/sys/audit/file-create.c
+++ tests/sys/audit/file-create.c
@@ -26,8 +26,15 @@
* $FreeBSD$
*/
+/*
+ * Note: open(2) and openat(2) have been tested in various combination of flags
+ * with O_CREAT being common since all of them are separate auditable events
+ * See: https://github.com/openbsm/openbsm/blob/master/etc/audit_event#L93
+ */
+
#include <sys/types.h>
#include <sys/stat.h>
+#include <sys/syscall.h>
#include <atf-c.h>
#include <fcntl.h>
@@ -41,6 +48,7 @@
static dev_t dev = 0;
static const char *auclass = "fc";
static const char *path = "fileforaudit";
+static const char *errpath = "dirdoesnotexist/fileforaudit";
static const char *successreg = "fileforaudit.*return,success";
static const char *failurereg = "fileforaudit.*return,failure";
@@ -549,6 +557,518 @@
}
+ATF_TC_WITH_CLEANUP(open_read_creat_success);
+ATF_TC_HEAD(open_read_creat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful open(2)"
+ " call for O_RDONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(open_read_creat_success, tc)
+{
+ const char *regex = "read,creat.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(syscall(SYS_open, path, O_RDONLY | O_CREAT) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_creat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_creat_failure);
+ATF_TC_HEAD(open_read_creat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful open(2)"
+ " call for O_RDONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(open_read_creat_failure, tc)
+{
+ const char *regex = "read,creat.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, O_RDONLY | O_CREAT));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_creat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_creat_success);
+ATF_TC_HEAD(openat_read_creat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of successful openat(2)"
+ " call for O_RDONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(openat_read_creat_success, tc)
+{
+ const char *regex = "read,creat.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(openat(AT_FDCWD, path, O_RDONLY | O_CREAT) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_creat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_creat_failure);
+ATF_TC_HEAD(openat_read_creat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful openat"
+ " call for O_RDONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(openat_read_creat_failure, tc)
+{
+ const char *regex = "read,creat.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, O_RDONLY | O_CREAT));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_creat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_creat_trunc_success);
+ATF_TC_HEAD(open_read_creat_trunc_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful open(2)"
+ " call for O_RDONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(open_read_creat_trunc_success, tc)
+{
+ const char *regex = "read,creat,trunc.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(syscall(SYS_open, path, \
+ O_RDONLY | O_CREAT | O_TRUNC) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_creat_trunc_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_creat_trunc_failure);
+ATF_TC_HEAD(open_read_creat_trunc_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful open(2)"
+ " call for O_RDONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(open_read_creat_trunc_failure, tc)
+{
+ const char *regex = "read,creat,trunc.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, \
+ O_RDONLY | O_CREAT | O_TRUNC));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_creat_trunc_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_creat_trunc_success);
+ATF_TC_HEAD(openat_read_creat_trunc_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of successful openat(2)"
+ " call for O_RDONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(openat_read_creat_trunc_success, tc)
+{
+ const char *regex = "read,creat,trunc.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(openat(AT_FDCWD, path, O_RDONLY | O_CREAT | O_TRUNC) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_creat_trunc_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_creat_trunc_failure);
+ATF_TC_HEAD(openat_read_creat_trunc_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful openat"
+ " call for O_RDONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(openat_read_creat_trunc_failure, tc)
+{
+ const char *regex = "read,creat,trunc.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, \
+ O_RDONLY | O_CREAT | O_TRUNC));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_creat_trunc_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_write_creat_success);
+ATF_TC_HEAD(open_write_creat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful open(2)"
+ " call for O_WRONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(open_write_creat_success, tc)
+{
+ const char *regex = "write,creat.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(syscall(SYS_open, path, O_WRONLY | O_CREAT) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_write_creat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_write_creat_failure);
+ATF_TC_HEAD(open_write_creat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful open(2)"
+ " call for O_WRONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(open_write_creat_failure, tc)
+{
+ const char *regex = "write,creat.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, O_WRONLY | O_CREAT));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_write_creat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_write_creat_success);
+ATF_TC_HEAD(openat_write_creat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of successful openat(2)"
+ " call for O_WRONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(openat_write_creat_success, tc)
+{
+ const char *regex = "write,creat.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(openat(AT_FDCWD, path, O_WRONLY | O_CREAT) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_write_creat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_write_creat_failure);
+ATF_TC_HEAD(openat_write_creat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful openat"
+ " call for O_WRONLY, O_CREAT flags");
+}
+
+ATF_TC_BODY(openat_write_creat_failure, tc)
+{
+ const char *regex = "write,creat.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, O_WRONLY | O_CREAT));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_write_creat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_write_creat_trunc_success);
+ATF_TC_HEAD(open_write_creat_trunc_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful open(2)"
+ " call for O_WRONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(open_write_creat_trunc_success, tc)
+{
+ const char *regex = "write,creat,trunc.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(syscall(SYS_open, path, \
+ O_WRONLY | O_CREAT | O_TRUNC) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_write_creat_trunc_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_write_creat_trunc_failure);
+ATF_TC_HEAD(open_write_creat_trunc_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful open(2)"
+ " call for O_WRONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(open_write_creat_trunc_failure, tc)
+{
+ const char *regex = "write,creat,trunc.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, \
+ O_WRONLY | O_CREAT | O_TRUNC));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_write_creat_trunc_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_write_creat_trunc_success);
+ATF_TC_HEAD(openat_write_creat_trunc_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of successful openat(2)"
+ " call for O_WRONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(openat_write_creat_trunc_success, tc)
+{
+ const char *regex = "write,creat,trunc.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(openat(AT_FDCWD, path, O_WRONLY | O_CREAT | O_TRUNC) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_write_creat_trunc_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_write_creat_trunc_failure);
+ATF_TC_HEAD(openat_write_creat_trunc_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful openat"
+ " call for O_WRONLY, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(openat_write_creat_trunc_failure, tc)
+{
+ const char *regex = "write,creat,trunc.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, \
+ O_WRONLY | O_CREAT | O_TRUNC));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_write_creat_trunc_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_write_creat_success);
+ATF_TC_HEAD(open_read_write_creat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful open(2)"
+ " call for O_RDWR, O_CREAT flags");
+}
+
+ATF_TC_BODY(open_read_write_creat_success, tc)
+{
+ const char *regex = "read,write,creat.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(syscall(SYS_open, path, O_RDWR | O_CREAT) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_write_creat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_write_creat_failure);
+ATF_TC_HEAD(open_read_write_creat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful open(2)"
+ " call for O_RDWR, O_CREAT flags");
+}
+
+ATF_TC_BODY(open_read_write_creat_failure, tc)
+{
+ const char *regex = "read,write,creat.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, O_RDWR | O_CREAT));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_write_creat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_write_creat_success);
+ATF_TC_HEAD(openat_read_write_creat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of successful openat(2)"
+ " call for O_RDWR, O_CREAT flags");
+}
+
+ATF_TC_BODY(openat_read_write_creat_success, tc)
+{
+ const char *regex = "read,write,creat.*fileforaudit.*return,success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(openat(AT_FDCWD, path, O_RDWR | O_CREAT) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_write_creat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_write_creat_failure);
+ATF_TC_HEAD(openat_read_write_creat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful openat"
+ " call for O_RDWR, O_CREAT flags");
+}
+
+ATF_TC_BODY(openat_read_write_creat_failure, tc)
+{
+ const char *regex = "read,write,creat.*fileforaudit.*return,failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, O_RDWR | O_CREAT));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_write_creat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_write_creat_trunc_success);
+ATF_TC_HEAD(open_read_write_creat_trunc_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful open(2)"
+ " call for O_RDWR, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(open_read_write_creat_trunc_success, tc)
+{
+ const char *regex = "read,write,creat,trunc.*fileforaudit.*success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(syscall(SYS_open, path, O_RDWR | O_CREAT | O_TRUNC) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_write_creat_trunc_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(open_read_write_creat_trunc_failure);
+ATF_TC_HEAD(open_read_write_creat_trunc_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful open(2)"
+ " call for O_RDWR, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(open_read_write_creat_trunc_failure, tc)
+{
+ const char *regex = "read,write,creat,trunc.*fileforaudit.*failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, \
+ O_RDWR | O_CREAT | O_TRUNC));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(open_read_write_creat_trunc_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_write_creat_trunc_success);
+ATF_TC_HEAD(openat_read_write_creat_trunc_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of successful openat(2)"
+ " call for O_RDWR, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(openat_read_write_creat_trunc_success, tc)
+{
+ const char *regex = "read,write,creat,trunc.*fileforaudit.*success";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE(openat(AT_FDCWD, path, O_RDWR | O_CREAT | O_TRUNC) != -1);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_write_creat_trunc_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(openat_read_write_creat_trunc_failure);
+ATF_TC_HEAD(openat_read_write_creat_trunc_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of unsuccessful openat"
+ " call for O_RDWR, O_CREAT, O_TRUNC flags");
+}
+
+ATF_TC_BODY(openat_read_write_creat_trunc_failure, tc)
+{
+ const char *regex = "read,write,creat,trunc.*fileforaudit.*failure";
+ FILE *pipefd = setup(fds, auclass);
+ ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, \
+ O_RDWR | O_CREAT | O_TRUNC));
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(openat_read_write_creat_trunc_failure, tc)
+{
+ cleanup();
+}
+
+
ATF_TP_ADD_TCS(tp)
{
ATF_TP_ADD_TC(tp, mkdir_success);
@@ -581,5 +1101,35 @@
ATF_TP_ADD_TC(tp, symlinkat_success);
ATF_TP_ADD_TC(tp, symlinkat_failure);
+ ATF_TP_ADD_TC(tp, open_read_creat_success);
+ ATF_TP_ADD_TC(tp, open_read_creat_failure);
+ ATF_TP_ADD_TC(tp, openat_read_creat_success);
+ ATF_TP_ADD_TC(tp, openat_read_creat_failure);
+
+ ATF_TP_ADD_TC(tp, open_read_creat_trunc_success);
+ ATF_TP_ADD_TC(tp, open_read_creat_trunc_failure);
+ ATF_TP_ADD_TC(tp, openat_read_creat_trunc_success);
+ ATF_TP_ADD_TC(tp, openat_read_creat_trunc_failure);
+
+ ATF_TP_ADD_TC(tp, open_write_creat_success);
+ ATF_TP_ADD_TC(tp, open_write_creat_failure);
+ ATF_TP_ADD_TC(tp, openat_write_creat_success);
+ ATF_TP_ADD_TC(tp, openat_write_creat_failure);
+
+ ATF_TP_ADD_TC(tp, open_write_creat_trunc_success);
+ ATF_TP_ADD_TC(tp, open_write_creat_trunc_failure);
+ ATF_TP_ADD_TC(tp, openat_write_creat_trunc_success);
+ ATF_TP_ADD_TC(tp, openat_write_creat_trunc_failure);
+
+ ATF_TP_ADD_TC(tp, open_read_write_creat_success);
+ ATF_TP_ADD_TC(tp, open_read_write_creat_failure);
+ ATF_TP_ADD_TC(tp, openat_read_write_creat_success);
+ ATF_TP_ADD_TC(tp, openat_read_write_creat_failure);
+
+ ATF_TP_ADD_TC(tp, open_read_write_creat_trunc_success);
+ ATF_TP_ADD_TC(tp, open_read_write_creat_trunc_failure);
+ ATF_TP_ADD_TC(tp, openat_read_write_creat_trunc_success);
+ ATF_TP_ADD_TC(tp, openat_read_write_creat_trunc_failure);
+
return (atf_no_error());
}

File Metadata

Mime Type
text/plain
Expires
Fri, Mar 6, 12:55 AM (15 h, 4 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29305662
Default Alt Text
D15613.id43186.diff (15 KB)

Event Timeline