tests/sys/audit: Avoid race caused by starting auditd(8) for testing


tests/sys/audit: Avoid race caused by starting auditd(8) for testing

In the CheriBSD CI we reproducibly see the first test in sys/audit
(administrative:acct_failure) fail due to a missing startup message.
It appears this is caused by a race condition when starting auditd:
service auditd onestart returns as soon as the initial auditd() parent
exits (after the daemon(3) call).
We can avoid this problem by setting up the auditd infrastructure
in-process: libauditd contains audit_quick_{start,stop}() functions that
look like they are ideally suited to this task.
This patch also avoids forking lots of shell processes for each of the 418
tests by using auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)) to check
for a running auditd(8) instead of using service auditd onestatus.

With these two changes (and D28388 to fix the XFAIL'd test) I can now
boot and run cd /usr/tests/sys/audit && kyua test without any failures
in a single-core QEMU instance. Before there would always be at least one
failed test.

Besides making the tests more reliable in CI, a nice side-effect of this
change is that it also significantly speeds up running them by avoiding
lots of fork()/execve() caused by shell scripts:
Running kyua test on an AArch64 QEMU took 315s before and now takes 68s,
so it's roughly 3.5 times faster. This effect is even larger when running
on a CHERI-RISC-V QEMU since emulating CHERI instructions on an x86 host
is noticeably slower than emulating AArch64.

Test Plan: aarch64+amd64 QEMU no longer fail.

Reviewed By: asomers
Differential Revision: https://reviews.freebsd.org/D28451

(cherry picked from commit df093aa9463b2121d8307fb91c4ba7cf17f4ea64)


arichardsonAuthored on Feb 18 2021, 10:14 AM
Differential Revision
D28451: tests/sys/audit: Avoid race caused by starting auditd(8) for testing
R10:703419774f86: fix panic when rescue retransmission and FIN overlap