diff --git a/tests/sys/audit/file-attribute-access.c b/tests/sys/audit/file-attribute-access.c index 016d5772b933..9f4514bc3fde 100644 --- a/tests/sys/audit/file-attribute-access.c +++ b/tests/sys/audit/file-attribute-access.c @@ -1,1241 +1,1256 @@ /*- * Copyright (c) 2018 Aniket Pandey * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ #include #include -#include #include #include #include +#include #include +#include #include +#include #include #include "utils.h" static struct pollfd fds[1]; static mode_t mode = 0777; static pid_t pid; static fhandle_t fht; static int filedesc, fhdesc; static char extregex[80]; static char buff[] = "ezio"; static struct stat statbuff; static struct statfs statfsbuff; static const char *auclass = "fa"; static const char *name = "authorname"; static const char *path = "fileforaudit"; static const char *errpath = "dirdoesnotexist/fileforaudit"; static const char *successreg = "fileforaudit.*return,success"; static const char *failurereg = "fileforaudit.*return,failure"; ATF_TC_WITH_CLEANUP(stat_success); ATF_TC_HEAD(stat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "stat(2) call"); } ATF_TC_BODY(stat_success, tc) { /* File needs to exist to call stat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, stat(path, &statbuff)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(stat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(stat_failure); ATF_TC_HEAD(stat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "stat(2) call"); } ATF_TC_BODY(stat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, stat(errpath, &statbuff)); + ATF_REQUIRE_ERRNO(ENOENT, stat(errpath, &statbuff) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(stat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lstat_success); ATF_TC_HEAD(lstat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lstat(2) call"); } ATF_TC_BODY(lstat_success, tc) { /* Symbolic link needs to exist to call lstat(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, lstat(path, &statbuff)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(lstat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lstat_failure); ATF_TC_HEAD(lstat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lstat(2) call"); } ATF_TC_BODY(lstat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lstat(errpath, &statbuff)); + ATF_REQUIRE_ERRNO(ENOENT, lstat(errpath, &statbuff) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(lstat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fstat_success); ATF_TC_HEAD(fstat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fstat(2) call"); } ATF_TC_BODY(fstat_success, tc) { /* File needs to exist to call fstat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fstat(filedesc, &statbuff)); snprintf(extregex, sizeof(extregex), "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fstat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fstat_failure); ATF_TC_HEAD(fstat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fstat(2) call"); } ATF_TC_BODY(fstat_failure, tc) { FILE *pipefd = setup(fds, auclass); const char *regex = "fstat.*return,failure : Bad file descriptor"; /* Failure reason: bad file descriptor */ - ATF_REQUIRE_EQ(-1, fstat(-1, &statbuff)); + ATF_REQUIRE_ERRNO(EBADF, fstat(-1, &statbuff) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fstat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fstatat_success); ATF_TC_HEAD(fstatat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fstatat(2) call"); } ATF_TC_BODY(fstatat_success, tc) { /* File or Symbolic link needs to exist to call lstat(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fstatat(AT_FDCWD, path, &statbuff, AT_SYMLINK_NOFOLLOW)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(fstatat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fstatat_failure); ATF_TC_HEAD(fstatat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fstatat(2) call"); } ATF_TC_BODY(fstatat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, fstatat(AT_FDCWD, path, &statbuff, - AT_SYMLINK_NOFOLLOW)); + ATF_REQUIRE_ERRNO(ENOENT, + fstatat(AT_FDCWD, path, &statbuff, AT_SYMLINK_NOFOLLOW) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(fstatat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(statfs_success); ATF_TC_HEAD(statfs_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "statfs(2) call"); } ATF_TC_BODY(statfs_success, tc) { /* File needs to exist to call statfs(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, statfs(path, &statfsbuff)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(statfs_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(statfs_failure); ATF_TC_HEAD(statfs_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "statfs(2) call"); } ATF_TC_BODY(statfs_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, statfs(errpath, &statfsbuff)); + ATF_REQUIRE_ERRNO(ENOENT, statfs(errpath, &statfsbuff) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(statfs_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fstatfs_success); ATF_TC_HEAD(fstatfs_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fstatfs(2) call"); } ATF_TC_BODY(fstatfs_success, tc) { /* File needs to exist to call fstat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); /* Call stat(2) to store the Inode number of 'path' */ ATF_REQUIRE_EQ(0, stat(path, &statbuff)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fstatfs(filedesc, &statfsbuff)); snprintf(extregex, sizeof(extregex), "fstatfs.*%jd.*return,success", (intmax_t)statbuff.st_ino); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fstatfs_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fstatfs_failure); ATF_TC_HEAD(fstatfs_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fstatfs(2) call"); } ATF_TC_BODY(fstatfs_failure, tc) { FILE *pipefd = setup(fds, auclass); const char *regex = "fstatfs.*return,failure : Bad file descriptor"; /* Failure reason: bad file descriptor */ - ATF_REQUIRE_EQ(-1, fstatfs(-1, &statfsbuff)); + ATF_REQUIRE_ERRNO(EBADF, fstatfs(-1, &statfsbuff) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fstatfs_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(getfsstat_success); ATF_TC_HEAD(getfsstat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "getfsstat(2) call"); } ATF_TC_BODY(getfsstat_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "getfsstat.*%d.*success", pid); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE(getfsstat(NULL, 0, MNT_NOWAIT) != -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(getfsstat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(getfsstat_failure); ATF_TC_HEAD(getfsstat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "getfsstat(2) call"); } ATF_TC_BODY(getfsstat_failure, tc) { const char *regex = "getfsstat.*return,failure : Invalid argument"; FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid value for mode */ - ATF_REQUIRE_EQ(-1, getfsstat(NULL, 0, -1)); + ATF_REQUIRE_ERRNO(EINVAL, getfsstat(NULL, 0, -1) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(getfsstat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lgetfh_success); ATF_TC_HEAD(lgetfh_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lgetfh(2) call"); } ATF_TC_BODY(lgetfh_success, tc) { /* Symbolic link needs to exist to get a file-handle */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); const char *regex = "lgetfh.*return,success"; FILE *pipefd = setup(fds, "fa"); ATF_REQUIRE_EQ(0, lgetfh(path, &fht)); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(lgetfh_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lgetfh_failure); ATF_TC_HEAD(lgetfh_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lgetfh(2) call"); } ATF_TC_BODY(lgetfh_failure, tc) { const char *regex = "lgetfh.*return,failure"; FILE *pipefd = setup(fds, "fa"); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lgetfh(errpath, &fht)); + ATF_REQUIRE_ERRNO(ENOENT, lgetfh(errpath, &fht) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(lgetfh_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fhopen_success); ATF_TC_HEAD(fhopen_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fhopen(2) call"); } ATF_TC_BODY(fhopen_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fhopen.*%d.*return,success", pid); /* File needs to exist to get a file-handle */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); /* Get the file handle to be passed to fhopen(2) */ ATF_REQUIRE_EQ(0, getfh(path, &fht)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE((fhdesc = fhopen(&fht, O_RDWR)) != -1); check_audit(fds, extregex, pipefd); close(fhdesc); close(filedesc); } ATF_TC_CLEANUP(fhopen_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fhopen_failure); ATF_TC_HEAD(fhopen_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fhopen(2) call"); } ATF_TC_BODY(fhopen_failure, tc) { const char *regex = "fhopen.*return,failure : Invalid argument"; FILE *pipefd = setup(fds, auclass); /* * Failure reason: NULL does not represent any file handle * and O_CREAT is not allowed as the flag for fhopen(2) */ - ATF_REQUIRE_EQ(-1, fhopen(NULL, O_CREAT)); + ATF_REQUIRE_ERRNO(EINVAL, fhopen(NULL, O_CREAT) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fhopen_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fhstat_success); ATF_TC_HEAD(fhstat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fstat(2) call"); } ATF_TC_BODY(fhstat_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fhstat.*%d.*return,success", pid); /* File needs to exist to get a file-handle */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); /* Get the file handle to be passed to fhstat(2) */ ATF_REQUIRE_EQ(0, getfh(path, &fht)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fhstat(&fht, &statbuff)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fhstat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fhstat_failure); ATF_TC_HEAD(fhstat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fhstat(2) call"); } ATF_TC_BODY(fhstat_failure, tc) { const char *regex = "fhstat.*return,failure : Bad address"; FILE *pipefd = setup(fds, auclass); /* Failure reason: NULL does not represent any file handle */ - ATF_REQUIRE_EQ(-1, fhstat(NULL, NULL)); + ATF_REQUIRE_ERRNO(EFAULT, fhstat(NULL, NULL) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fhstat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fhstatfs_success); ATF_TC_HEAD(fhstatfs_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fstatfs(2) call"); } ATF_TC_BODY(fhstatfs_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fhstatfs.*%d.*success", pid); /* File needs to exist to get a file-handle */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); /* Get the file handle to be passed to fhstatfs(2) */ ATF_REQUIRE_EQ(0, getfh(path, &fht)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fhstatfs(&fht, &statfsbuff)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fhstatfs_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fhstatfs_failure); ATF_TC_HEAD(fhstatfs_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fhstatfs(2) call"); } ATF_TC_BODY(fhstatfs_failure, tc) { const char *regex = "fhstatfs.*return,failure : Bad address"; FILE *pipefd = setup(fds, auclass); /* Failure reason: NULL does not represent any file handle */ - ATF_REQUIRE_EQ(-1, fhstatfs(NULL, NULL)); + ATF_REQUIRE_ERRNO(EFAULT, fhstatfs(NULL, NULL) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fhstatfs_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(access_success); ATF_TC_HEAD(access_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "access(2) call"); } ATF_TC_BODY(access_success, tc) { /* File needs to exist to call access(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, access(path, F_OK)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(access_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(access_failure); ATF_TC_HEAD(access_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "access(2) call"); } ATF_TC_BODY(access_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, access(errpath, F_OK)); + ATF_REQUIRE_ERRNO(ENOENT, access(errpath, F_OK) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(access_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(eaccess_success); ATF_TC_HEAD(eaccess_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "eaccess(2) call"); } ATF_TC_BODY(eaccess_success, tc) { /* File needs to exist to call eaccess(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, eaccess(path, F_OK)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(eaccess_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(eaccess_failure); ATF_TC_HEAD(eaccess_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "eaccess(2) call"); } ATF_TC_BODY(eaccess_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, eaccess(errpath, F_OK)); + ATF_REQUIRE_ERRNO(ENOENT, eaccess(errpath, F_OK) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(eaccess_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(faccessat_success); ATF_TC_HEAD(faccessat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "faccessat(2) call"); } ATF_TC_BODY(faccessat_success, tc) { /* File needs to exist to call faccessat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, faccessat(AT_FDCWD, path, F_OK, AT_EACCESS)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(faccessat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(faccessat_failure); ATF_TC_HEAD(faccessat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "faccessat(2) call"); } ATF_TC_BODY(faccessat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, faccessat(AT_FDCWD, errpath, F_OK, AT_EACCESS)); + ATF_REQUIRE_ERRNO(ENOENT, + faccessat(AT_FDCWD, errpath, F_OK, AT_EACCESS) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(faccessat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(pathconf_success); ATF_TC_HEAD(pathconf_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "pathconf(2) call"); } ATF_TC_BODY(pathconf_success, tc) { /* File needs to exist to call pathconf(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); /* Get the maximum number of bytes of filename */ ATF_REQUIRE(pathconf(path, _PC_NAME_MAX) != -1); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(pathconf_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(pathconf_failure); ATF_TC_HEAD(pathconf_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "pathconf(2) call"); } ATF_TC_BODY(pathconf_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, pathconf(errpath, _PC_NAME_MAX)); + ATF_REQUIRE_ERRNO(ENOENT, pathconf(errpath, _PC_NAME_MAX) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(pathconf_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lpathconf_success); ATF_TC_HEAD(lpathconf_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lpathconf(2) call"); } ATF_TC_BODY(lpathconf_success, tc) { /* Symbolic link needs to exist to call lpathconf(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); /* Get the maximum number of bytes of symlink's name */ ATF_REQUIRE(lpathconf(path, _PC_SYMLINK_MAX) != -1); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(lpathconf_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lpathconf_failure); ATF_TC_HEAD(lpathconf_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lpathconf(2) call"); } ATF_TC_BODY(lpathconf_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lpathconf(errpath, _PC_SYMLINK_MAX)); + ATF_REQUIRE_ERRNO(ENOENT, lpathconf(errpath, _PC_SYMLINK_MAX) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(lpathconf_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fpathconf_success); ATF_TC_HEAD(fpathconf_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fpathconf(2) call"); } ATF_TC_BODY(fpathconf_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fpathconf.*%d.*success", pid); /* File needs to exist to call fpathconf(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); /* Get the maximum number of bytes of filename */ ATF_REQUIRE(fpathconf(filedesc, _PC_NAME_MAX) != -1); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fpathconf_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fpathconf_failure); ATF_TC_HEAD(fpathconf_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fpathconf(2) call"); } ATF_TC_BODY(fpathconf_failure, tc) { FILE *pipefd = setup(fds, auclass); const char *regex = "fpathconf.*return,failure : Bad file descriptor"; /* Failure reason: Bad file descriptor */ - ATF_REQUIRE_EQ(-1, fpathconf(-1, _PC_NAME_MAX)); + ATF_REQUIRE_ERRNO(EBADF, fpathconf(-1, _PC_NAME_MAX) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fpathconf_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_get_file_success); ATF_TC_HEAD(extattr_get_file_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_get_file(2) call"); } ATF_TC_BODY(extattr_get_file_success, tc) { /* File needs to exist to call extattr_get_file(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + skip_if_extattr_not_supported(path); + /* Set an extended attribute to be retrieved later on */ - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); + REQUIRE_EXTATTR_RESULT(sizeof(buff), + extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, buff, + sizeof(buff))); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_get_file.*%s.*%s.*return,success", path, name); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(sizeof(buff), extattr_get_file(path, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + REQUIRE_EXTATTR_RESULT(sizeof(buff), + extattr_get_file(path, EXTATTR_NAMESPACE_USER, name, NULL, 0)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_get_file_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_get_file_failure); ATF_TC_HEAD(extattr_get_file_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_get_file(2) call"); } ATF_TC_BODY(extattr_get_file_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_get_file.*%s.*%s.*failure", path, name); FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, extattr_get_file(path, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_get_file(path, EXTATTR_NAMESPACE_USER, name, NULL, 0) == + -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_get_file_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_get_fd_success); ATF_TC_HEAD(extattr_get_fd_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_get_fd(2) call"); } ATF_TC_BODY(extattr_get_fd_success, tc) { /* File needs to exist to call extattr_get_fd(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + skip_if_extattr_not_supported(path); + /* Set an extended attribute to be retrieved later on */ - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); + REQUIRE_EXTATTR_RESULT(sizeof(buff), + extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, buff, + sizeof(buff))); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_get_fd.*%s.*return,success", name); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(sizeof(buff), extattr_get_fd(filedesc, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + REQUIRE_EXTATTR_RESULT(sizeof(buff), + extattr_get_fd(filedesc, EXTATTR_NAMESPACE_USER, name, NULL, 0)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_get_fd_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_get_fd_failure); ATF_TC_HEAD(extattr_get_fd_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_get_fd(2) call"); } ATF_TC_BODY(extattr_get_fd_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_get_fd.*%s.*return,failure : Bad file descriptor", name); FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, extattr_get_fd(-1, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + ATF_REQUIRE_ERRNO(EBADF, + extattr_get_fd(-1, EXTATTR_NAMESPACE_USER, name, NULL, 0) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_get_fd_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_get_link_success); ATF_TC_HEAD(extattr_get_link_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_get_link(2) call"); } ATF_TC_BODY(extattr_get_link_success, tc) { /* Symbolic link needs to exist to call extattr_get_link(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); + skip_if_extattr_not_supported("."); + /* Set an extended attribute to be retrieved later on */ - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_link(path, - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); + REQUIRE_EXTATTR_RESULT(sizeof(buff), + extattr_set_link(path, EXTATTR_NAMESPACE_USER, name, buff, + sizeof(buff))); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_get_link.*%s.*%s.*return,success", path, name); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(sizeof(buff), extattr_get_link(path, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + REQUIRE_EXTATTR_RESULT(sizeof(buff), + extattr_get_link(path, EXTATTR_NAMESPACE_USER, name, NULL, 0)); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_get_link_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_get_link_failure); ATF_TC_HEAD(extattr_get_link_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_get_link(2) call"); } ATF_TC_BODY(extattr_get_link_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_get_link.*%s.*%s.*failure", path, name); FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, extattr_get_link(path, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_get_link(path, EXTATTR_NAMESPACE_USER, name, NULL, 0)); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_get_link_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_list_file_success); ATF_TC_HEAD(extattr_list_file_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_list_file(2) call"); } ATF_TC_BODY(extattr_list_file_success, tc) { - int readbuff; + ssize_t readbuff; /* File needs to exist to call extattr_list_file(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + skip_if_extattr_not_supported(path); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE((readbuff = extattr_list_file(path, - EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); + readbuff = REQUIRE_EXTATTR_SUCCESS( + extattr_list_file(path, EXTATTR_NAMESPACE_USER, NULL, 0)); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), - "extattr_list_file.*%s.*return,success,%d", path, readbuff); + "extattr_list_file.*%s.*return,success,%zd", path, readbuff); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_list_file_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_list_file_failure); ATF_TC_HEAD(extattr_list_file_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_list_file(2) call"); } ATF_TC_BODY(extattr_list_file_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_list_file.*%s.*return,failure", path); FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, extattr_list_file(path, - EXTATTR_NAMESPACE_USER, NULL, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_list_file(path, EXTATTR_NAMESPACE_USER, NULL, 0)); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_list_file_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_list_fd_success); ATF_TC_HEAD(extattr_list_fd_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_list_fd(2) call"); } ATF_TC_BODY(extattr_list_fd_success, tc) { - int readbuff; + ssize_t readbuff; /* File needs to exist to call extattr_list_fd(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + skip_if_extattr_not_supported(path); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE((readbuff = extattr_list_fd(filedesc, - EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); + readbuff = REQUIRE_EXTATTR_SUCCESS( + extattr_list_fd(filedesc, EXTATTR_NAMESPACE_USER, NULL, 0)); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), - "extattr_list_fd.*return,success,%d", readbuff); + "extattr_list_fd.*return,success,%zd", readbuff); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_list_fd_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_list_fd_failure); ATF_TC_HEAD(extattr_list_fd_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_list_fd(2) call"); } ATF_TC_BODY(extattr_list_fd_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_list_fd.*return,failure : Bad file descriptor"); FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, - extattr_list_fd(-1, EXTATTR_NAMESPACE_USER, NULL, 0)); + ATF_REQUIRE_ERRNO(EBADF, + extattr_list_fd(-1, EXTATTR_NAMESPACE_USER, NULL, 0) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_list_fd_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_list_link_success); ATF_TC_HEAD(extattr_list_link_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_list_link(2) call"); } ATF_TC_BODY(extattr_list_link_success, tc) { - int readbuff; + ssize_t readbuff; /* Symbolic link needs to exist to call extattr_list_link(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); - FILE *pipefd = setup(fds, auclass); + skip_if_extattr_not_supported("."); - ATF_REQUIRE((readbuff = extattr_list_link(path, - EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); + FILE *pipefd = setup(fds, auclass); + readbuff = REQUIRE_EXTATTR_SUCCESS( + extattr_list_link(path, EXTATTR_NAMESPACE_USER, NULL, 0)); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), - "extattr_list_link.*%s.*return,success,%d", path, readbuff); + "extattr_list_link.*%s.*return,success,%zd", path, readbuff); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_list_link_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_list_link_failure); ATF_TC_HEAD(extattr_list_link_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_list_link(2) call"); } ATF_TC_BODY(extattr_list_link_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_list_link.*%s.*failure", path); FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, extattr_list_link(path, - EXTATTR_NAMESPACE_USER, NULL, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_list_link(path, EXTATTR_NAMESPACE_USER, NULL, 0) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_list_link_failure, tc) { cleanup(); } ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, stat_success); ATF_TP_ADD_TC(tp, stat_failure); ATF_TP_ADD_TC(tp, lstat_success); ATF_TP_ADD_TC(tp, lstat_failure); ATF_TP_ADD_TC(tp, fstat_success); ATF_TP_ADD_TC(tp, fstat_failure); ATF_TP_ADD_TC(tp, fstatat_success); ATF_TP_ADD_TC(tp, fstatat_failure); ATF_TP_ADD_TC(tp, statfs_success); ATF_TP_ADD_TC(tp, statfs_failure); ATF_TP_ADD_TC(tp, fstatfs_success); ATF_TP_ADD_TC(tp, fstatfs_failure); ATF_TP_ADD_TC(tp, getfsstat_success); ATF_TP_ADD_TC(tp, getfsstat_failure); ATF_TP_ADD_TC(tp, lgetfh_success); ATF_TP_ADD_TC(tp, lgetfh_failure); ATF_TP_ADD_TC(tp, fhopen_success); ATF_TP_ADD_TC(tp, fhopen_failure); ATF_TP_ADD_TC(tp, fhstat_success); ATF_TP_ADD_TC(tp, fhstat_failure); ATF_TP_ADD_TC(tp, fhstatfs_success); ATF_TP_ADD_TC(tp, fhstatfs_failure); ATF_TP_ADD_TC(tp, access_success); ATF_TP_ADD_TC(tp, access_failure); ATF_TP_ADD_TC(tp, eaccess_success); ATF_TP_ADD_TC(tp, eaccess_failure); ATF_TP_ADD_TC(tp, faccessat_success); ATF_TP_ADD_TC(tp, faccessat_failure); ATF_TP_ADD_TC(tp, pathconf_success); ATF_TP_ADD_TC(tp, pathconf_failure); ATF_TP_ADD_TC(tp, lpathconf_success); ATF_TP_ADD_TC(tp, lpathconf_failure); ATF_TP_ADD_TC(tp, fpathconf_success); ATF_TP_ADD_TC(tp, fpathconf_failure); ATF_TP_ADD_TC(tp, extattr_get_file_success); ATF_TP_ADD_TC(tp, extattr_get_file_failure); ATF_TP_ADD_TC(tp, extattr_get_fd_success); ATF_TP_ADD_TC(tp, extattr_get_fd_failure); ATF_TP_ADD_TC(tp, extattr_get_link_success); ATF_TP_ADD_TC(tp, extattr_get_link_failure); ATF_TP_ADD_TC(tp, extattr_list_file_success); ATF_TP_ADD_TC(tp, extattr_list_file_failure); ATF_TP_ADD_TC(tp, extattr_list_fd_success); ATF_TP_ADD_TC(tp, extattr_list_fd_failure); ATF_TP_ADD_TC(tp, extattr_list_link_success); ATF_TP_ADD_TC(tp, extattr_list_link_failure); - return (atf_no_error()); } diff --git a/tests/sys/audit/file-attribute-modify.c b/tests/sys/audit/file-attribute-modify.c index 8df1d6d2d95f..689d7a0b8d61 100644 --- a/tests/sys/audit/file-attribute-modify.c +++ b/tests/sys/audit/file-attribute-modify.c @@ -1,1381 +1,1399 @@ /*- * Copyright (c) 2018 Aniket Pandey * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ #include #include #include #include #include #include #include +#include #include #include #include #include "utils.h" static pid_t pid; static uid_t uid = -1; static gid_t gid = -1; static int filedesc, retval; static struct pollfd fds[1]; static mode_t mode = 0777; static char extregex[80]; static char buff[] = "ezio"; static const char *auclass = "fm"; static const char *name = "authorname"; static const char *path = "fileforaudit"; static const char *errpath = "adirhasnoname/fileforaudit"; static const char *successreg = "fileforaudit.*return,success"; static const char *failurereg = "fileforaudit.*return,failure"; ATF_TC_WITH_CLEANUP(flock_success); ATF_TC_HEAD(flock_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "flock(2) call"); } ATF_TC_BODY(flock_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "flock.*%d.*return,success", pid); /* File needs to exist to call flock(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, flock(filedesc, LOCK_SH)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(flock_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(flock_failure); ATF_TC_HEAD(flock_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "flock(2) call"); } ATF_TC_BODY(flock_failure, tc) { const char *regex = "flock.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(-1, flock(-1, LOCK_SH)); + ATF_REQUIRE_ERRNO(EBADF, flock(-1, LOCK_SH) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(flock_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fcntl_success); ATF_TC_HEAD(fcntl_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fcntl(2) call"); } ATF_TC_BODY(fcntl_success, tc) { int flagstatus; /* File needs to exist to call fcntl(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); /* Retrieve the status flags of 'filedesc' and store it in flagstatus */ ATF_REQUIRE((flagstatus = fcntl(filedesc, F_GETFL, 0)) != -1); snprintf(extregex, sizeof(extregex), "fcntl.*return,success,%d", flagstatus); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fcntl_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fcntl_failure); ATF_TC_HEAD(fcntl_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fcntl(2) call"); } ATF_TC_BODY(fcntl_failure, tc) { const char *regex = "fcntl.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(-1, fcntl(-1, F_GETFL, 0)); + ATF_REQUIRE_ERRNO(EBADF, fcntl(-1, F_GETFL, 0) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fcntl_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fsync_success); ATF_TC_HEAD(fsync_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fsync(2) call"); } ATF_TC_BODY(fsync_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fsync.*%d.*return,success", pid); /* File needs to exist to call fsync(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fsync(filedesc)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fsync_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fsync_failure); ATF_TC_HEAD(fsync_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fsync(2) call"); } ATF_TC_BODY(fsync_failure, tc) { const char *regex = "fsync.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, fsync(-1)); + ATF_REQUIRE_ERRNO(EBADF, fsync(-1) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fsync_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chmod_success); ATF_TC_HEAD(chmod_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "chmod(2) call"); } ATF_TC_BODY(chmod_success, tc) { /* File needs to exist to call chmod(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, chmod(path, mode)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(chmod_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chmod_failure); ATF_TC_HEAD(chmod_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "chmod(2) call"); } ATF_TC_BODY(chmod_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, chmod(errpath, mode)); + ATF_REQUIRE_ERRNO(ENOENT, chmod(errpath, mode) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(chmod_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchmod_success); ATF_TC_HEAD(fchmod_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fchmod(2) call"); } ATF_TC_BODY(fchmod_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fchmod.*%d.*return,success", pid); /* File needs to exist to call fchmod(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fchmod(filedesc, mode)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fchmod_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchmod_failure); ATF_TC_HEAD(fchmod_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fchmod(2) call"); } ATF_TC_BODY(fchmod_failure, tc) { const char *regex = "fchmod.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, fchmod(-1, mode)); + ATF_REQUIRE_ERRNO(EBADF, fchmod(-1, mode) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fchmod_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lchmod_success); ATF_TC_HEAD(lchmod_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lchmod(2) call"); } ATF_TC_BODY(lchmod_success, tc) { /* Symbolic link needs to exist to call lchmod(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, lchmod(path, mode)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(lchmod_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lchmod_failure); ATF_TC_HEAD(lchmod_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lchmod(2) call"); } ATF_TC_BODY(lchmod_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, lchmod(errpath, mode)); + ATF_REQUIRE_ERRNO(ENOENT, lchmod(errpath, mode) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(lchmod_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchmodat_success); ATF_TC_HEAD(fchmodat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fchmodat(2) call"); } ATF_TC_BODY(fchmodat_success, tc) { /* File needs to exist to call fchmodat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fchmodat(AT_FDCWD, path, mode, 0)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(fchmodat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchmodat_failure); ATF_TC_HEAD(fchmodat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fchmodat(2) call"); } ATF_TC_BODY(fchmodat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, fchmodat(AT_FDCWD, errpath, mode, 0)); + ATF_REQUIRE_ERRNO(ENOENT, fchmodat(AT_FDCWD, errpath, mode, 0) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(fchmodat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chown_success); ATF_TC_HEAD(chown_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "chown(2) call"); } ATF_TC_BODY(chown_success, tc) { /* File needs to exist to call chown(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, chown(path, uid, gid)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(chown_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chown_failure); ATF_TC_HEAD(chown_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "chown(2) call"); } ATF_TC_BODY(chown_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, chown(errpath, uid, gid)); + ATF_REQUIRE_ERRNO(ENOENT, chown(errpath, uid, gid) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(chown_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchown_success); ATF_TC_HEAD(fchown_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fchown(2) call"); } ATF_TC_BODY(fchown_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fchown.*%d.*return,success", pid); /* File needs to exist to call fchown(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fchown(filedesc, uid, gid)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fchown_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchown_failure); ATF_TC_HEAD(fchown_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fchown(2) call"); } ATF_TC_BODY(fchown_failure, tc) { const char *regex = "fchown.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, fchown(-1, uid, gid)); + ATF_REQUIRE_ERRNO(EBADF, fchown(-1, uid, gid) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fchown_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lchown_success); ATF_TC_HEAD(lchown_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lchown(2) call"); } ATF_TC_BODY(lchown_success, tc) { /* Symbolic link needs to exist to call lchown(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, lchown(path, uid, gid)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(lchown_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lchown_failure); ATF_TC_HEAD(lchown_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lchown(2) call"); } ATF_TC_BODY(lchown_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: Symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lchown(errpath, uid, gid)); + ATF_REQUIRE_ERRNO(ENOENT, lchown(errpath, uid, gid) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(lchown_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchownat_success); ATF_TC_HEAD(fchownat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fchownat(2) call"); } ATF_TC_BODY(fchownat_success, tc) { /* File needs to exist to call fchownat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fchownat(AT_FDCWD, path, uid, gid, 0)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(fchownat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchownat_failure); ATF_TC_HEAD(fchownat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fchownat(2) call"); } ATF_TC_BODY(fchownat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, fchownat(AT_FDCWD, errpath, uid, gid, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + fchownat(AT_FDCWD, errpath, uid, gid, 0) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(fchownat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chflags_success); ATF_TC_HEAD(chflags_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "chflags(2) call"); } ATF_TC_BODY(chflags_success, tc) { /* File needs to exist to call chflags(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, chflags(path, UF_OFFLINE)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(chflags_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chflags_failure); ATF_TC_HEAD(chflags_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "chflags(2) call"); } ATF_TC_BODY(chflags_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, chflags(errpath, UF_OFFLINE)); + ATF_REQUIRE_ERRNO(ENOENT, chflags(errpath, UF_OFFLINE) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(chflags_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchflags_success); ATF_TC_HEAD(fchflags_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "fchflags(2) call"); } ATF_TC_BODY(fchflags_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "fchflags.*%d.*ret.*success", pid); /* File needs to exist to call fchflags(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fchflags(filedesc, UF_OFFLINE)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(fchflags_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(fchflags_failure); ATF_TC_HEAD(fchflags_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "fchflags(2) call"); } ATF_TC_BODY(fchflags_failure, tc) { const char *regex = "fchflags.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, fchflags(-1, UF_OFFLINE)); + ATF_REQUIRE_ERRNO(EBADF, fchflags(-1, UF_OFFLINE) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(fchflags_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lchflags_success); ATF_TC_HEAD(lchflags_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lchflags(2) call"); } ATF_TC_BODY(lchflags_success, tc) { /* Symbolic link needs to exist to call lchflags(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, lchflags(path, UF_OFFLINE)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(lchflags_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lchflags_failure); ATF_TC_HEAD(lchflags_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lchflags(2) call"); } ATF_TC_BODY(lchflags_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: Symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lchflags(errpath, UF_OFFLINE)); + ATF_REQUIRE_ERRNO(ENOENT, lchflags(errpath, UF_OFFLINE) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(lchflags_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chflagsat_success); ATF_TC_HEAD(chflagsat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "chflagsat(2) call"); } ATF_TC_BODY(chflagsat_success, tc) { /* File needs to exist to call chflagsat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, chflagsat(AT_FDCWD, path, UF_OFFLINE, 0)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(chflagsat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(chflagsat_failure); ATF_TC_HEAD(chflagsat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "chflagsat(2) call"); } ATF_TC_BODY(chflagsat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, chflagsat(AT_FDCWD, errpath, UF_OFFLINE, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + chflagsat(AT_FDCWD, errpath, UF_OFFLINE, 0) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(chflagsat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(utimes_success); ATF_TC_HEAD(utimes_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "utimes(2) call"); } ATF_TC_BODY(utimes_success, tc) { /* File needs to exist to call utimes(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, utimes(path, NULL)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(utimes_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(utimes_failure); ATF_TC_HEAD(utimes_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "utimes(2) call"); } ATF_TC_BODY(utimes_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, utimes(errpath, NULL)); + ATF_REQUIRE_ERRNO(ENOENT, utimes(errpath, NULL) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(utimes_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(futimes_success); ATF_TC_HEAD(futimes_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "futimes(2) call"); } ATF_TC_BODY(futimes_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "futimes.*%d.*ret.*success", pid); /* File needs to exist to call futimes(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, futimes(filedesc, NULL)); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(futimes_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(futimes_failure); ATF_TC_HEAD(futimes_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "futimes(2) call"); } ATF_TC_BODY(futimes_failure, tc) { const char *regex = "futimes.*return,failure : Bad file descriptor"; FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, futimes(-1, NULL)); + ATF_REQUIRE_ERRNO(EBADF, futimes(-1, NULL) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(futimes_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lutimes_success); ATF_TC_HEAD(lutimes_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "lutimes(2) call"); } ATF_TC_BODY(lutimes_success, tc) { /* Symbolic link needs to exist to call lutimes(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, lutimes(path, NULL)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(lutimes_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(lutimes_failure); ATF_TC_HEAD(lutimes_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "lutimes(2) call"); } ATF_TC_BODY(lutimes_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lutimes(errpath, NULL)); + ATF_REQUIRE_ERRNO(ENOENT, lutimes(errpath, NULL) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(lutimes_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(futimesat_success); ATF_TC_HEAD(futimesat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "futimesat(2) call"); } ATF_TC_BODY(futimesat_success, tc) { /* File needs to exist to call futimesat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, futimesat(AT_FDCWD, path, NULL)); check_audit(fds, successreg, pipefd); close(filedesc); } ATF_TC_CLEANUP(futimesat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(futimesat_failure); ATF_TC_HEAD(futimesat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "futimesat(2) call"); } ATF_TC_BODY(futimesat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, futimesat(AT_FDCWD, errpath, NULL)); + ATF_REQUIRE_ERRNO(ENOENT, futimesat(AT_FDCWD, errpath, NULL) == -1); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(futimesat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mprotect_success); ATF_TC_HEAD(mprotect_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mprotect(2) call"); } ATF_TC_BODY(mprotect_success, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "mprotect.*%d.*ret.*success", pid); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mprotect(NULL, 0, PROT_NONE)); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(mprotect_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mprotect_failure); ATF_TC_HEAD(mprotect_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mprotect(2) call"); } ATF_TC_BODY(mprotect_failure, tc) { const char *regex = "mprotect.*return,failure : Invalid argument"; FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(-1, mprotect((void *)SIZE_MAX, -1, PROT_NONE)); + ATF_REQUIRE_ERRNO(EINVAL, + mprotect((void *)SIZE_MAX, -1, PROT_NONE) == -1); check_audit(fds, regex, pipefd); } ATF_TC_CLEANUP(mprotect_failure, tc) { cleanup(); } /* * undelete(2) only works on whiteout files in union file system. Hence, no * test case for successful invocation. */ ATF_TC_WITH_CLEANUP(undelete_failure); ATF_TC_HEAD(undelete_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "undelete(2) call"); } ATF_TC_BODY(undelete_failure, tc) { pid = getpid(); snprintf(extregex, sizeof(extregex), "undelete.*%d.*ret.*failure", pid); FILE *pipefd = setup(fds, auclass); /* Failure reason: File does not exist */ - ATF_REQUIRE_EQ(-1, undelete(errpath)); + ATF_REQUIRE_ERRNO(ENOENT, undelete(errpath) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(undelete_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_set_file_success); ATF_TC_HEAD(extattr_set_file_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_set_file(2) call"); } ATF_TC_BODY(extattr_set_file_success, tc) { /* File needs to exist to call extattr_set_file(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + skip_if_extattr_not_supported(path); + /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_set_file.*%s.*%s.*return,success", path, name); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, + REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_set_file_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_set_file_failure); ATF_TC_HEAD(extattr_set_file_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_set_file(2) call"); } ATF_TC_BODY(extattr_set_file_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_set_file.*%s.*%s.*failure", path, name); FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, extattr_set_file(path, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, NULL, 0) == + -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_set_file_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_set_fd_success); ATF_TC_HEAD(extattr_set_fd_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_set_fd(2) call"); } ATF_TC_BODY(extattr_set_fd_success, tc) { /* File needs to exist to call extattr_set_fd(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + skip_if_extattr_not_supported(path); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_set_fd.*%s.*return,success", name); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_fd(filedesc, + REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_fd(filedesc, EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_set_fd_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_set_fd_failure); ATF_TC_HEAD(extattr_set_fd_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_set_fd(2) call"); } ATF_TC_BODY(extattr_set_fd_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_set_fd.*%s.*return,failure : Bad file descriptor", name); FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, extattr_set_fd(-1, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + ATF_REQUIRE_ERRNO(EBADF, + extattr_set_fd(-1, EXTATTR_NAMESPACE_USER, name, NULL, 0) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_set_fd_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_set_link_success); ATF_TC_HEAD(extattr_set_link_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_set_link(2) call"); } ATF_TC_BODY(extattr_set_link_success, tc) { /* Symbolic link needs to exist to call extattr_set_link(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); + skip_if_extattr_not_supported("."); + /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_set_link.*%s.*%s.*return,success", path, name); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_link(path, + REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_link(path, EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_set_link_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_set_link_failure); ATF_TC_HEAD(extattr_set_link_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_set_link(2) call"); } ATF_TC_BODY(extattr_set_link_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_set_link.*%s.*%s.*failure", path, name); FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, extattr_set_link(path, - EXTATTR_NAMESPACE_USER, name, NULL, 0)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_set_link(path, EXTATTR_NAMESPACE_USER, name, NULL, 0) == + -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_set_link_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_delete_file_success); ATF_TC_HEAD(extattr_delete_file_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_delete_file(2) call"); } ATF_TC_BODY(extattr_delete_file_success, tc) { /* File needs to exist to call extattr_delete_file(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, + skip_if_extattr_not_supported(path); + + REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE((retval = extattr_delete_file(path, - EXTATTR_NAMESPACE_USER, name)) != -1); + retval = REQUIRE_EXTATTR_SUCCESS( + extattr_delete_file(path, EXTATTR_NAMESPACE_USER, name)); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_delete_file.*%s.*return,success,%d", path, retval); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_delete_file_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_delete_file_failure); ATF_TC_HEAD(extattr_delete_file_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_delete_file(2) call"); } ATF_TC_BODY(extattr_delete_file_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_delete_file.*%s.*return,failure", path); FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, extattr_delete_file(path, - EXTATTR_NAMESPACE_USER, name)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_delete_file(path, EXTATTR_NAMESPACE_USER, name) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_delete_file_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_delete_fd_success); ATF_TC_HEAD(extattr_delete_fd_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_delete_fd(2) call"); } ATF_TC_BODY(extattr_delete_fd_success, tc) { /* File needs to exist to call extattr_delete_fd(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, + skip_if_extattr_not_supported(path); + + REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE((retval = extattr_delete_fd(filedesc, - EXTATTR_NAMESPACE_USER, name)) != -1); + retval = REQUIRE_EXTATTR_SUCCESS(extattr_delete_fd(filedesc, + EXTATTR_NAMESPACE_USER, name)); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_delete_fd.*return,success,%d", retval); check_audit(fds, extregex, pipefd); close(filedesc); } ATF_TC_CLEANUP(extattr_delete_fd_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_delete_fd_failure); ATF_TC_HEAD(extattr_delete_fd_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_delete_fd(2) call"); } ATF_TC_BODY(extattr_delete_fd_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_delete_fd.*return,failure : Bad file descriptor"); FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, extattr_delete_fd(-1, EXTATTR_NAMESPACE_USER, name)); + ATF_REQUIRE_ERRNO(EBADF, + extattr_delete_fd(-1, EXTATTR_NAMESPACE_USER, name) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_delete_fd_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_delete_link_success); ATF_TC_HEAD(extattr_delete_link_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "extattr_delete_link(2) call"); } ATF_TC_BODY(extattr_delete_link_success, tc) { /* Symbolic link needs to exist to call extattr_delete_link(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_link(path, + skip_if_extattr_not_supported("."); + + REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_link(path, EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE((retval = extattr_delete_link(path, - EXTATTR_NAMESPACE_USER, name)) != -1); + retval = REQUIRE_EXTATTR_SUCCESS(extattr_delete_link(path, + EXTATTR_NAMESPACE_USER, name)); /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_delete_link.*%s.*return,success,%d", path, retval); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_delete_link_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(extattr_delete_link_failure); ATF_TC_HEAD(extattr_delete_link_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "extattr_delete_link(2) call"); } ATF_TC_BODY(extattr_delete_link_failure, tc) { /* Prepare the regex to be checked in the audit record */ snprintf(extregex, sizeof(extregex), "extattr_delete_link.*%s.*failure", path); FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, extattr_delete_link(path, - EXTATTR_NAMESPACE_USER, name)); + ATF_REQUIRE_ERRNO(ENOENT, + extattr_delete_link(path, EXTATTR_NAMESPACE_USER, name) == -1); check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(extattr_delete_link_failure, tc) { cleanup(); } ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, flock_success); ATF_TP_ADD_TC(tp, flock_failure); ATF_TP_ADD_TC(tp, fcntl_success); ATF_TP_ADD_TC(tp, fcntl_failure); ATF_TP_ADD_TC(tp, fsync_success); ATF_TP_ADD_TC(tp, fsync_failure); ATF_TP_ADD_TC(tp, chmod_success); ATF_TP_ADD_TC(tp, chmod_failure); ATF_TP_ADD_TC(tp, fchmod_success); ATF_TP_ADD_TC(tp, fchmod_failure); ATF_TP_ADD_TC(tp, lchmod_success); ATF_TP_ADD_TC(tp, lchmod_failure); ATF_TP_ADD_TC(tp, fchmodat_success); ATF_TP_ADD_TC(tp, fchmodat_failure); ATF_TP_ADD_TC(tp, chown_success); ATF_TP_ADD_TC(tp, chown_failure); ATF_TP_ADD_TC(tp, fchown_success); ATF_TP_ADD_TC(tp, fchown_failure); ATF_TP_ADD_TC(tp, lchown_success); ATF_TP_ADD_TC(tp, lchown_failure); ATF_TP_ADD_TC(tp, fchownat_success); ATF_TP_ADD_TC(tp, fchownat_failure); ATF_TP_ADD_TC(tp, chflags_success); ATF_TP_ADD_TC(tp, chflags_failure); ATF_TP_ADD_TC(tp, fchflags_success); ATF_TP_ADD_TC(tp, fchflags_failure); ATF_TP_ADD_TC(tp, lchflags_success); ATF_TP_ADD_TC(tp, lchflags_failure); ATF_TP_ADD_TC(tp, chflagsat_success); ATF_TP_ADD_TC(tp, chflagsat_failure); ATF_TP_ADD_TC(tp, utimes_success); ATF_TP_ADD_TC(tp, utimes_failure); ATF_TP_ADD_TC(tp, futimes_success); ATF_TP_ADD_TC(tp, futimes_failure); ATF_TP_ADD_TC(tp, lutimes_success); ATF_TP_ADD_TC(tp, lutimes_failure); ATF_TP_ADD_TC(tp, futimesat_success); ATF_TP_ADD_TC(tp, futimesat_failure); ATF_TP_ADD_TC(tp, mprotect_success); ATF_TP_ADD_TC(tp, mprotect_failure); ATF_TP_ADD_TC(tp, undelete_failure); ATF_TP_ADD_TC(tp, extattr_set_file_success); ATF_TP_ADD_TC(tp, extattr_set_file_failure); ATF_TP_ADD_TC(tp, extattr_set_fd_success); ATF_TP_ADD_TC(tp, extattr_set_fd_failure); ATF_TP_ADD_TC(tp, extattr_set_link_success); ATF_TP_ADD_TC(tp, extattr_set_link_failure); ATF_TP_ADD_TC(tp, extattr_delete_file_success); ATF_TP_ADD_TC(tp, extattr_delete_file_failure); ATF_TP_ADD_TC(tp, extattr_delete_fd_success); ATF_TP_ADD_TC(tp, extattr_delete_fd_failure); ATF_TP_ADD_TC(tp, extattr_delete_link_success); ATF_TP_ADD_TC(tp, extattr_delete_link_failure); return (atf_no_error()); } diff --git a/tests/sys/audit/utils.c b/tests/sys/audit/utils.c index d7a1e6792b1c..be31f4138412 100644 --- a/tests/sys/audit/utils.c +++ b/tests/sys/audit/utils.c @@ -1,246 +1,264 @@ /*- * Copyright 2018 Aniket Pandey * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ +#include +#include #include #include #include #include #include #include #include #include #include #include #include "utils.h" /* * Checks the presence of "auditregex" in auditpipe(4) after the * corresponding system call has been triggered. */ static bool get_records(const char *auditregex, FILE *pipestream) { uint8_t *buff; tokenstr_t token; ssize_t size = 1024; char membuff[size]; char del[] = ","; int reclen, bytes = 0; FILE *memstream; /* * Open a stream on 'membuff' (address to memory buffer) for storing * the audit records in the default mode.'reclen' is the length of the * available records from auditpipe which is passed to the functions * au_fetch_tok(3) and au_print_flags_tok(3) for further use. */ ATF_REQUIRE((memstream = fmemopen(membuff, size, "w")) != NULL); ATF_REQUIRE((reclen = au_read_rec(pipestream, &buff)) != -1); /* * Iterate through each BSM token, extracting the bits that are * required to start processing the token sequences. */ while (bytes < reclen) { if (au_fetch_tok(&token, buff + bytes, reclen - bytes) == -1) { perror("au_read_rec"); atf_tc_fail("Incomplete Audit Record"); } /* Print the tokens as they are obtained, in the default form */ au_print_flags_tok(memstream, &token, del, AU_OFLAG_NONE); bytes += token.len; } free(buff); ATF_REQUIRE_EQ(0, fclose(memstream)); return (atf_utils_grep_string("%s", membuff, auditregex)); } /* * Override the system-wide audit mask settings in /etc/security/audit_control * and set the auditpipe's maximum allowed queue length limit */ static void set_preselect_mode(int filedesc, au_mask_t *fmask) { int qlimit_max; int fmode = AUDITPIPE_PRESELECT_MODE_LOCAL; /* Set local preselection mode for auditing */ if (ioctl(filedesc, AUDITPIPE_SET_PRESELECT_MODE, &fmode) < 0) atf_tc_fail("Preselection mode: %s", strerror(errno)); /* Set local preselection flag corresponding to the audit_event */ if (ioctl(filedesc, AUDITPIPE_SET_PRESELECT_FLAGS, fmask) < 0) atf_tc_fail("Preselection flag: %s", strerror(errno)); /* Set local preselection flag for non-attributable audit_events */ if (ioctl(filedesc, AUDITPIPE_SET_PRESELECT_NAFLAGS, fmask) < 0) atf_tc_fail("Preselection naflag: %s", strerror(errno)); /* Query the maximum possible queue length limit for auditpipe */ if (ioctl(filedesc, AUDITPIPE_GET_QLIMIT_MAX, &qlimit_max) < 0) atf_tc_fail("Query max-limit: %s", strerror(errno)); /* Set the queue length limit as obtained from previous step */ if (ioctl(filedesc, AUDITPIPE_SET_QLIMIT, &qlimit_max) < 0) atf_tc_fail("Set max-qlimit: %s", strerror(errno)); /* This removes any outstanding record on the auditpipe */ if (ioctl(filedesc, AUDITPIPE_FLUSH) < 0) atf_tc_fail("Auditpipe flush: %s", strerror(errno)); } /* * Get the corresponding audit_mask for class-name "name" then set the * success and failure bits for fmask to be used as the ioctl argument */ static au_mask_t get_audit_mask(const char *name) { au_mask_t fmask; au_class_ent_t *class; ATF_REQUIRE((class = getauclassnam(name)) != NULL); fmask.am_success = class->ac_class; fmask.am_failure = class->ac_class; return (fmask); } /* * Loop until the auditpipe returns something, check if it is what * we want, else repeat the procedure until ppoll(2) times out. */ static void check_auditpipe(struct pollfd fd[], const char *auditregex, FILE *pipestream) { struct timespec currtime, endtime, timeout; /* Set the expire time for poll(2) while waiting for syscall audit */ ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_MONOTONIC, &endtime)); /* Set limit to 30 seconds total and ~10s without an event. */ endtime.tv_sec += 30; for (;;) { /* Update the time left for auditpipe to return any event */ ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_MONOTONIC, &currtime)); timespecsub(&endtime, &currtime, &timeout); timeout.tv_sec = MIN(timeout.tv_sec, 9); if (timeout.tv_sec < 0) { atf_tc_fail("%s not found in auditpipe within the " "time limit", auditregex); } switch (ppoll(fd, 1, &timeout, NULL)) { /* ppoll(2) returns, check if it's what we want */ case 1: if (fd[0].revents & POLLIN) { if (get_records(auditregex, pipestream)) return; } else { atf_tc_fail("Auditpipe returned an " "unknown event %#x", fd[0].revents); } break; /* poll(2) timed out */ case 0: atf_tc_fail("%s not found in auditpipe within the " "time limit", auditregex); break; /* poll(2) standard error */ case -1: atf_tc_fail("Poll: %s", strerror(errno)); break; default: atf_tc_fail("Poll returned too many file descriptors"); } } } /* * Wrapper functions around static "check_auditpipe" */ static void check_audit_startup(struct pollfd fd[], const char *auditrgx, FILE *pipestream){ check_auditpipe(fd, auditrgx, pipestream); } void check_audit(struct pollfd fd[], const char *auditrgx, FILE *pipestream) { check_auditpipe(fd, auditrgx, pipestream); /* Teardown: /dev/auditpipe's instance opened for this test-suite */ ATF_REQUIRE_EQ(0, fclose(pipestream)); } +void +skip_if_extattr_not_supported(const char *path) +{ + ssize_t result; + + /* + * Some file systems (e.g. tmpfs) do not support extattr, so we need + * skip tests that use extattrs. To detect this we can check whether + * the extattr_list_file returns EOPNOTSUPP. + */ + result = extattr_list_file(path, EXTATTR_NAMESPACE_USER, NULL, 0); + if (result == -1 && errno == EOPNOTSUPP) { + atf_tc_skip("File system does not support extattrs."); + } +} + FILE *setup(struct pollfd fd[], const char *name) { au_mask_t fmask, nomask; fmask = get_audit_mask(name); nomask = get_audit_mask("no"); FILE *pipestream; ATF_REQUIRE((fd[0].fd = open("/dev/auditpipe", O_RDONLY)) != -1); ATF_REQUIRE((pipestream = fdopen(fd[0].fd, "r")) != NULL); fd[0].events = POLLIN; /* * Disable stream buffering for read operations from /dev/auditpipe. * Otherwise it is possible that fread(3), called via au_read_rec(3), * can store buffered data in user-space unbeknown to ppoll(2), which * as a result, reports that /dev/auditpipe is empty. */ ATF_REQUIRE_EQ(0, setvbuf(pipestream, NULL, _IONBF, 0)); /* Set local preselection audit_class as "no" for audit startup */ set_preselect_mode(fd[0].fd, &nomask); ATF_REQUIRE_EQ(0, system("service auditd onestatus || \ { service auditd onestart && touch started_auditd ; }")); /* If 'started_auditd' exists, that means we started auditd(8) */ if (atf_utils_file_exists("started_auditd")) check_audit_startup(fd, "audit startup", pipestream); /* Set local preselection parameters specific to "name" audit_class */ set_preselect_mode(fd[0].fd, &fmask); return (pipestream); } void cleanup(void) { if (atf_utils_file_exists("started_auditd")) system("service auditd onestop > /dev/null 2>&1"); } diff --git a/tests/sys/audit/utils.h b/tests/sys/audit/utils.h index 51001148c269..2f7a9e5cebb2 100644 --- a/tests/sys/audit/utils.h +++ b/tests/sys/audit/utils.h @@ -1,41 +1,62 @@ /*- * Copyright 2018 Aniket Pandey * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ #ifndef _UTILS_H_ #define _UTILS_H_ #include #include #include #include void check_audit(struct pollfd [], const char *, FILE *); FILE *setup(struct pollfd [], const char *); void cleanup(void); +void skip_if_extattr_not_supported(const char *); + +#define REQUIRE_EXTATTR_SUCCESS(call) \ + ({ \ + errno = 0; /* Reset errno before call */ \ + ssize_t result = (call); \ + if (result == -1) { \ + atf_tc_fail_requirement(__FILE__, __LINE__, \ + "%s failed with errno %d (%s)", #call, errno, \ + strerror(errno)); \ + } \ + result; \ + }) + +#define REQUIRE_EXTATTR_RESULT(_expected, expr) \ + do { \ + ssize_t expected = (_expected); \ + ssize_t _result = REQUIRE_EXTATTR_SUCCESS(expr); \ + ATF_REQUIRE_EQ_MSG(expected, _result, "%s: %zd != %zd", #expr, \ + expected, _result); \ + } while (0) #endif /* _SETUP_H_ */