Index: stable/11/tests/sys/audit/Makefile =================================================================== --- stable/11/tests/sys/audit/Makefile (revision 339086) +++ stable/11/tests/sys/audit/Makefile (revision 339087) @@ -1,17 +1,42 @@ # $FreeBSD$ TESTSDIR= ${TESTSBASE}/sys/audit -ATF_TESTS_C= file-create +ATF_TESTS_C= file-attribute-access +ATF_TESTS_C+= file-attribute-modify +ATF_TESTS_C+= file-create +ATF_TESTS_C+= file-delete +ATF_TESTS_C+= file-close +ATF_TESTS_C+= file-write +ATF_TESTS_C+= file-read +ATF_TESTS_C+= open +ATF_TESTS_C+= network +SRCS.file-attribute-access+= file-attribute-access.c +SRCS.file-attribute-access+= utils.c +SRCS.file-attribute-modify+= file-attribute-modify.c +SRCS.file-attribute-modify+= utils.c SRCS.file-create+= file-create.c SRCS.file-create+= utils.c +SRCS.file-delete+= file-delete.c +SRCS.file-delete+= utils.c +SRCS.file-close+= file-close.c +SRCS.file-close+= utils.c +SRCS.file-write+= file-write.c +SRCS.file-write+= utils.c +SRCS.file-read+= file-read.c +SRCS.file-read+= utils.c +SRCS.open+= open.c +SRCS.open+= utils.c +SRCS.network+= network.c +SRCS.network+= utils.c TEST_METADATA+= timeout="30" TEST_METADATA+= required_user="root" +TEST_METADATA+= is_exclusive="true" WARNS?= 6 -LDFLAGS+= -lbsm +LDFLAGS+= -lbsm -lutil .include Index: stable/11/tests/sys/audit/file-attribute-access.c =================================================================== --- stable/11/tests/sys/audit/file-attribute-access.c (nonexistent) +++ stable/11/tests/sys/audit/file-attribute-access.c (revision 339087) @@ -0,0 +1,698 @@ +/*- + * Copyright (c) 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "utils.h" + +static struct pollfd fds[1]; +static mode_t mode = 0777; +static pid_t pid; +static fhandle_t fht; +static int filedesc, fhdesc; +static char extregex[80]; +static struct stat statbuff; +static struct statfs statfsbuff; +static const char *auclass = "fa"; +static const char *path = "fileforaudit"; +static const char *errpath = "dirdoesnotexist/fileforaudit"; +static const char *successreg = "fileforaudit.*return,success"; +static const char *failurereg = "fileforaudit.*return,failure"; + + +ATF_TC_WITH_CLEANUP(stat_success); +ATF_TC_HEAD(stat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "stat(2) call"); +} + +ATF_TC_BODY(stat_success, tc) +{ + /* File needs to exist to call stat(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, stat(path, &statbuff)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(stat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(stat_failure); +ATF_TC_HEAD(stat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "stat(2) call"); +} + +ATF_TC_BODY(stat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, stat(errpath, &statbuff)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(stat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(lstat_success); +ATF_TC_HEAD(lstat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "lstat(2) call"); +} + +ATF_TC_BODY(lstat_success, tc) +{ + /* Symbolic link needs to exist to call lstat(2) */ + ATF_REQUIRE_EQ(0, symlink("symlink", path)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, lstat(path, &statbuff)); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(lstat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(lstat_failure); +ATF_TC_HEAD(lstat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "lstat(2) call"); +} + +ATF_TC_BODY(lstat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: symbolic link does not exist */ + ATF_REQUIRE_EQ(-1, lstat(errpath, &statbuff)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(lstat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fstat_success); +ATF_TC_HEAD(fstat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fstat(2) call"); +} + +ATF_TC_BODY(fstat_success, tc) +{ + /* File needs to exist to call fstat(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fstat(filedesc, &statbuff)); + + snprintf(extregex, sizeof(extregex), + "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fstat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fstat_failure); +ATF_TC_HEAD(fstat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fstat(2) call"); +} + +ATF_TC_BODY(fstat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + const char *regex = "fstat.*return,failure : Bad file descriptor"; + /* Failure reason: bad file descriptor */ + ATF_REQUIRE_EQ(-1, fstat(-1, &statbuff)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fstat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fstatat_success); +ATF_TC_HEAD(fstatat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fstatat(2) call"); +} + +ATF_TC_BODY(fstatat_success, tc) +{ + /* File or Symbolic link needs to exist to call lstat(2) */ + ATF_REQUIRE_EQ(0, symlink("symlink", path)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fstatat(AT_FDCWD, path, &statbuff, + AT_SYMLINK_NOFOLLOW)); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(fstatat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fstatat_failure); +ATF_TC_HEAD(fstatat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fstatat(2) call"); +} + +ATF_TC_BODY(fstatat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: symbolic link does not exist */ + ATF_REQUIRE_EQ(-1, fstatat(AT_FDCWD, path, &statbuff, + AT_SYMLINK_NOFOLLOW)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(fstatat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(statfs_success); +ATF_TC_HEAD(statfs_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "statfs(2) call"); +} + +ATF_TC_BODY(statfs_success, tc) +{ + /* File needs to exist to call statfs(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, statfs(path, &statfsbuff)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(statfs_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(statfs_failure); +ATF_TC_HEAD(statfs_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "statfs(2) call"); +} + +ATF_TC_BODY(statfs_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, statfs(errpath, &statfsbuff)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(statfs_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fstatfs_success); +ATF_TC_HEAD(fstatfs_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fstatfs(2) call"); +} + +ATF_TC_BODY(fstatfs_success, tc) +{ + /* File needs to exist to call fstat(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); + /* Call stat(2) to store the Inode number of 'path' */ + ATF_REQUIRE_EQ(0, stat(path, &statbuff)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fstatfs(filedesc, &statfsbuff)); + + snprintf(extregex, sizeof(extregex), "fstatfs.*%jd.*return,success", + (intmax_t)statbuff.st_ino); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fstatfs_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fstatfs_failure); +ATF_TC_HEAD(fstatfs_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fstatfs(2) call"); +} + +ATF_TC_BODY(fstatfs_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + const char *regex = "fstatfs.*return,failure : Bad file descriptor"; + /* Failure reason: bad file descriptor */ + ATF_REQUIRE_EQ(-1, fstatfs(-1, &statfsbuff)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fstatfs_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(getfsstat_success); +ATF_TC_HEAD(getfsstat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "getfsstat(2) call"); +} + +ATF_TC_BODY(getfsstat_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "getfsstat.*%d.*success", pid); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE(getfsstat(NULL, 0, MNT_NOWAIT) != -1); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(getfsstat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(getfsstat_failure); +ATF_TC_HEAD(getfsstat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "getfsstat(2) call"); +} + +ATF_TC_BODY(getfsstat_failure, tc) +{ + const char *regex = "getfsstat.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid value for mode */ + ATF_REQUIRE_EQ(-1, getfsstat(NULL, 0, -1)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(getfsstat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fhopen_success); +ATF_TC_HEAD(fhopen_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fhopen(2) call"); +} + +ATF_TC_BODY(fhopen_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "fhopen.*%d.*return,success", pid); + + /* File needs to exist to get a file-handle */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + /* Get the file handle to be passed to fhopen(2) */ + ATF_REQUIRE_EQ(0, getfh(path, &fht)); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE((fhdesc = fhopen(&fht, O_RDWR)) != -1); + check_audit(fds, extregex, pipefd); + + close(fhdesc); + close(filedesc); +} + +ATF_TC_CLEANUP(fhopen_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fhopen_failure); +ATF_TC_HEAD(fhopen_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fhopen(2) call"); +} + +ATF_TC_BODY(fhopen_failure, tc) +{ + const char *regex = "fhopen.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, auclass); + /* + * Failure reason: NULL does not represent any file handle + * and O_CREAT is not allowed as the flag for fhopen(2) + */ + ATF_REQUIRE_EQ(-1, fhopen(NULL, O_CREAT)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fhopen_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fhstat_success); +ATF_TC_HEAD(fhstat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fstat(2) call"); +} + +ATF_TC_BODY(fhstat_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "fhstat.*%d.*return,success", pid); + + /* File needs to exist to get a file-handle */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + /* Get the file handle to be passed to fhstat(2) */ + ATF_REQUIRE_EQ(0, getfh(path, &fht)); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fhstat(&fht, &statbuff)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fhstat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fhstat_failure); +ATF_TC_HEAD(fhstat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fhstat(2) call"); +} + +ATF_TC_BODY(fhstat_failure, tc) +{ + const char *regex = "fhstat.*return,failure : Bad address"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: NULL does not represent any file handle */ + ATF_REQUIRE_EQ(-1, fhstat(NULL, NULL)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fhstat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fhstatfs_success); +ATF_TC_HEAD(fhstatfs_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fstatfs(2) call"); +} + +ATF_TC_BODY(fhstatfs_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "fhstatfs.*%d.*success", pid); + + /* File needs to exist to get a file-handle */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + /* Get the file handle to be passed to fhstatfs(2) */ + ATF_REQUIRE_EQ(0, getfh(path, &fht)); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fhstatfs(&fht, &statfsbuff)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fhstatfs_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fhstatfs_failure); +ATF_TC_HEAD(fhstatfs_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fhstatfs(2) call"); +} + +ATF_TC_BODY(fhstatfs_failure, tc) +{ + const char *regex = "fhstatfs.*return,failure : Bad address"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: NULL does not represent any file handle */ + ATF_REQUIRE_EQ(-1, fhstatfs(NULL, NULL)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fhstatfs_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(access_success); +ATF_TC_HEAD(access_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "access(2) call"); +} + +ATF_TC_BODY(access_success, tc) +{ + /* File needs to exist to call access(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, access(path, F_OK)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(access_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(access_failure); +ATF_TC_HEAD(access_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "access(2) call"); +} + +ATF_TC_BODY(access_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, access(errpath, F_OK)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(access_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(eaccess_success); +ATF_TC_HEAD(eaccess_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "eaccess(2) call"); +} + +ATF_TC_BODY(eaccess_success, tc) +{ + /* File needs to exist to call eaccess(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, eaccess(path, F_OK)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(eaccess_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(eaccess_failure); +ATF_TC_HEAD(eaccess_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "eaccess(2) call"); +} + +ATF_TC_BODY(eaccess_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, eaccess(errpath, F_OK)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(eaccess_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(faccessat_success); +ATF_TC_HEAD(faccessat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "faccessat(2) call"); +} + +ATF_TC_BODY(faccessat_success, tc) +{ + /* File needs to exist to call faccessat(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, faccessat(AT_FDCWD, path, F_OK, AT_EACCESS)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(faccessat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(faccessat_failure); +ATF_TC_HEAD(faccessat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "faccessat(2) call"); +} + +ATF_TC_BODY(faccessat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, faccessat(AT_FDCWD, errpath, F_OK, AT_EACCESS)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(faccessat_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, stat_success); + ATF_TP_ADD_TC(tp, stat_failure); + ATF_TP_ADD_TC(tp, lstat_success); + ATF_TP_ADD_TC(tp, lstat_failure); + ATF_TP_ADD_TC(tp, fstat_success); + ATF_TP_ADD_TC(tp, fstat_failure); + ATF_TP_ADD_TC(tp, fstatat_success); + ATF_TP_ADD_TC(tp, fstatat_failure); + + ATF_TP_ADD_TC(tp, statfs_success); + ATF_TP_ADD_TC(tp, statfs_failure); + ATF_TP_ADD_TC(tp, fstatfs_success); + ATF_TP_ADD_TC(tp, fstatfs_failure); + + ATF_TP_ADD_TC(tp, getfsstat_success); + ATF_TP_ADD_TC(tp, getfsstat_failure); + + ATF_TP_ADD_TC(tp, fhopen_success); + ATF_TP_ADD_TC(tp, fhopen_failure); + ATF_TP_ADD_TC(tp, fhstat_success); + ATF_TP_ADD_TC(tp, fhstat_failure); + ATF_TP_ADD_TC(tp, fhstatfs_success); + ATF_TP_ADD_TC(tp, fhstatfs_failure); + + ATF_TP_ADD_TC(tp, access_success); + ATF_TP_ADD_TC(tp, access_failure); + ATF_TP_ADD_TC(tp, eaccess_success); + ATF_TP_ADD_TC(tp, eaccess_failure); + ATF_TP_ADD_TC(tp, faccessat_success); + ATF_TP_ADD_TC(tp, faccessat_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/file-attribute-access.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/file-attribute-modify.c =================================================================== --- stable/11/tests/sys/audit/file-attribute-modify.c (nonexistent) +++ stable/11/tests/sys/audit/file-attribute-modify.c (revision 339087) @@ -0,0 +1,581 @@ +/*- + * Copyright (c) 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include + +#include +#include +#include + +#include "utils.h" + +static pid_t pid; +static uid_t uid = -1; +static gid_t gid = -1; +static int filedesc; +static struct pollfd fds[1]; +static mode_t mode = 0777; +static char extregex[80]; +static const char *auclass = "fm"; +static const char *path = "fileforaudit"; +static const char *errpath = "adirhasnoname/fileforaudit"; +static const char *successreg = "fileforaudit.*return,success"; +static const char *failurereg = "fileforaudit.*return,failure"; + + +ATF_TC_WITH_CLEANUP(flock_success); +ATF_TC_HEAD(flock_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "flock(2) call"); +} + +ATF_TC_BODY(flock_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "flock.*%d.*return,success", pid); + + /* File needs to exist to call flock(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, flock(filedesc, LOCK_SH)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(flock_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(flock_failure); +ATF_TC_HEAD(flock_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "flock(2) call"); +} + +ATF_TC_BODY(flock_failure, tc) +{ + const char *regex = "flock.*return,failure : Bad file descriptor"; + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(-1, flock(-1, LOCK_SH)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(flock_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fcntl_success); +ATF_TC_HEAD(fcntl_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fcntl(2) call"); +} + +ATF_TC_BODY(fcntl_success, tc) +{ + int flagstatus; + /* File needs to exist to call fcntl(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + + /* Retrieve the status flags of 'filedesc' and store it in flagstatus */ + ATF_REQUIRE((flagstatus = fcntl(filedesc, F_GETFL, 0)) != -1); + snprintf(extregex, sizeof(extregex), + "fcntl.*return,success,%d", flagstatus); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fcntl_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fcntl_failure); +ATF_TC_HEAD(fcntl_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fcntl(2) call"); +} + +ATF_TC_BODY(fcntl_failure, tc) +{ + const char *regex = "fcntl.*return,failure : Bad file descriptor"; + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(-1, fcntl(-1, F_GETFL, 0)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fcntl_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fsync_success); +ATF_TC_HEAD(fsync_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fsync(2) call"); +} + +ATF_TC_BODY(fsync_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "fsync.*%d.*return,success", pid); + + /* File needs to exist to call fsync(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fsync(filedesc)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fsync_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fsync_failure); +ATF_TC_HEAD(fsync_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fsync(2) call"); +} + +ATF_TC_BODY(fsync_failure, tc) +{ + const char *regex = "fsync.*return,failure : Bad file descriptor"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid file descriptor */ + ATF_REQUIRE_EQ(-1, fsync(-1)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fsync_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(chmod_success); +ATF_TC_HEAD(chmod_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "chmod(2) call"); +} + +ATF_TC_BODY(chmod_success, tc) +{ + /* File needs to exist to call chmod(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, chmod(path, mode)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(chmod_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(chmod_failure); +ATF_TC_HEAD(chmod_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "chmod(2) call"); +} + +ATF_TC_BODY(chmod_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, chmod(errpath, mode)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(chmod_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchmod_success); +ATF_TC_HEAD(fchmod_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fchmod(2) call"); +} + +ATF_TC_BODY(fchmod_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "fchmod.*%d.*return,success", pid); + + /* File needs to exist to call fchmod(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fchmod(filedesc, mode)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fchmod_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchmod_failure); +ATF_TC_HEAD(fchmod_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fchmod(2) call"); +} + +ATF_TC_BODY(fchmod_failure, tc) +{ + const char *regex = "fchmod.*return,failure : Bad file descriptor"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid file descriptor */ + ATF_REQUIRE_EQ(-1, fchmod(-1, mode)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fchmod_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(lchmod_success); +ATF_TC_HEAD(lchmod_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "lchmod(2) call"); +} + +ATF_TC_BODY(lchmod_success, tc) +{ + /* Symbolic link needs to exist to call lchmod(2) */ + ATF_REQUIRE_EQ(0, symlink("symlink", path)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, lchmod(path, mode)); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(lchmod_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(lchmod_failure); +ATF_TC_HEAD(lchmod_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "lchmod(2) call"); +} + +ATF_TC_BODY(lchmod_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, lchmod(errpath, mode)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(lchmod_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchmodat_success); +ATF_TC_HEAD(fchmodat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fchmodat(2) call"); +} + +ATF_TC_BODY(fchmodat_success, tc) +{ + /* File needs to exist to call fchmodat(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fchmodat(AT_FDCWD, path, mode, 0)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fchmodat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchmodat_failure); +ATF_TC_HEAD(fchmodat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fchmodat(2) call"); +} + +ATF_TC_BODY(fchmodat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, fchmodat(AT_FDCWD, errpath, mode, 0)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(fchmodat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(chown_success); +ATF_TC_HEAD(chown_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "chown(2) call"); +} + +ATF_TC_BODY(chown_success, tc) +{ + /* File needs to exist to call chown(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, chown(path, uid, gid)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(chown_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(chown_failure); +ATF_TC_HEAD(chown_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "chown(2) call"); +} + +ATF_TC_BODY(chown_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, chown(errpath, uid, gid)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(chown_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchown_success); +ATF_TC_HEAD(fchown_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fchown(2) call"); +} + +ATF_TC_BODY(fchown_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "fchown.*%d.*return,success", pid); + + /* File needs to exist to call fchown(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fchown(filedesc, uid, gid)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fchown_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchown_failure); +ATF_TC_HEAD(fchown_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fchown(2) call"); +} + +ATF_TC_BODY(fchown_failure, tc) +{ + const char *regex = "fchown.*return,failure : Bad file descriptor"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid file descriptor */ + ATF_REQUIRE_EQ(-1, fchown(-1, uid, gid)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(fchown_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(lchown_success); +ATF_TC_HEAD(lchown_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "lchown(2) call"); +} + +ATF_TC_BODY(lchown_success, tc) +{ + /* Symbolic link needs to exist to call lchown(2) */ + ATF_REQUIRE_EQ(0, symlink("symlink", path)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, lchown(path, uid, gid)); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(lchown_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(lchown_failure); +ATF_TC_HEAD(lchown_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "lchown(2) call"); +} + +ATF_TC_BODY(lchown_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Symbolic link does not exist */ + ATF_REQUIRE_EQ(-1, lchown(errpath, uid, gid)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(lchown_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchownat_success); +ATF_TC_HEAD(fchownat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "fchownat(2) call"); +} + +ATF_TC_BODY(fchownat_success, tc) +{ + /* File needs to exist to call fchownat(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fchownat(AT_FDCWD, path, uid, gid, 0)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(fchownat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(fchownat_failure); +ATF_TC_HEAD(fchownat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "fchownat(2) call"); +} + +ATF_TC_BODY(fchownat_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, fchownat(AT_FDCWD, errpath, uid, gid, 0)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(fchownat_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, flock_success); + ATF_TP_ADD_TC(tp, flock_failure); + ATF_TP_ADD_TC(tp, fcntl_success); + ATF_TP_ADD_TC(tp, fcntl_failure); + ATF_TP_ADD_TC(tp, fsync_success); + ATF_TP_ADD_TC(tp, fsync_failure); + + ATF_TP_ADD_TC(tp, chmod_success); + ATF_TP_ADD_TC(tp, chmod_failure); + ATF_TP_ADD_TC(tp, fchmod_success); + ATF_TP_ADD_TC(tp, fchmod_failure); + ATF_TP_ADD_TC(tp, lchmod_success); + ATF_TP_ADD_TC(tp, lchmod_failure); + ATF_TP_ADD_TC(tp, fchmodat_success); + ATF_TP_ADD_TC(tp, fchmodat_failure); + + ATF_TP_ADD_TC(tp, chown_success); + ATF_TP_ADD_TC(tp, chown_failure); + ATF_TP_ADD_TC(tp, fchown_success); + ATF_TP_ADD_TC(tp, fchown_failure); + ATF_TP_ADD_TC(tp, lchown_success); + ATF_TP_ADD_TC(tp, lchown_failure); + ATF_TP_ADD_TC(tp, fchownat_success); + ATF_TP_ADD_TC(tp, fchownat_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/file-attribute-modify.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/file-close.c =================================================================== --- stable/11/tests/sys/audit/file-close.c (nonexistent) +++ stable/11/tests/sys/audit/file-close.c (revision 339087) @@ -0,0 +1,233 @@ +/*- + * Copyright 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include + +#include +#include +#include +#include +#include +#include + +#include "utils.h" + +static pid_t pid; +static struct pollfd fds[1]; +static mode_t mode = 0777; +static int filedesc; +static char extregex[80]; +static struct stat statbuff; +static const char *auclass = "cl"; +static const char *path = "fileforaudit"; +static const char *errpath = "dirdoesnotexist/fileforaudit"; +static const char *failurereg = "fileforaudit.*return,failure"; + + +ATF_TC_WITH_CLEANUP(munmap_success); +ATF_TC_HEAD(munmap_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "munmap(2) call"); +} + +ATF_TC_BODY(munmap_success, tc) +{ + pid = getpid(); + snprintf(extregex, sizeof(extregex), "munmap.*%d.*return,success", pid); + + /* Allocate sample memory, to be removed by munmap(2) */ + char *addr = mmap(NULL, sizeof(char), PROT_READ , MAP_ANONYMOUS, -1, 0); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, munmap(addr, sizeof(char))); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(munmap_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(munmap_failure); +ATF_TC_HEAD(munmap_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "munmap(2) call"); +} + +ATF_TC_BODY(munmap_failure, tc) +{ + const char *regex = "munmap.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(-1, munmap((void *)SIZE_MAX, -1)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(munmap_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(close_success); +ATF_TC_HEAD(close_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "close(2) call"); +} + +ATF_TC_BODY(close_success, tc) +{ + /* File needs to exist to call close(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); + /* Call stat(2) to store the Inode number of 'path' */ + ATF_REQUIRE_EQ(0, stat(path, &statbuff)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, close(filedesc)); + + /* intmax_t to support all architectures */ + snprintf(extregex, sizeof(extregex), "close.*%jd.*return,succes", + (intmax_t)statbuff.st_ino); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(close_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(close_failure); +ATF_TC_HEAD(close_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "close(2) call"); +} + +ATF_TC_BODY(close_failure, tc) +{ + const char *regex = "close.*return,failure"; + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, close(-1)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(close_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(closefrom_success); +ATF_TC_HEAD(closefrom_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "closefrom(2) call"); +} + +ATF_TC_BODY(closefrom_success, tc) +{ + const char *regex = "closefrom.*return,success"; + FILE *pipefd = setup(fds, auclass); + /* closefrom(2) returns 'void' */ + closefrom(INT_MAX); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(closefrom_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(revoke_success); +ATF_TC_HEAD(revoke_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "revoke(2) call"); +} + +ATF_TC_BODY(revoke_success, tc) +{ + char *ptyname; + pid = getpid(); + snprintf(extregex, sizeof(extregex), "revoke.*%d.*return,success", pid); + + /* Obtain a pseudo terminal and get the path to slave device */ + ATF_REQUIRE((filedesc = posix_openpt(O_RDWR | O_NOCTTY)) != -1); + ATF_REQUIRE((ptyname = ptsname(filedesc)) != NULL); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, revoke(ptyname)); + check_audit(fds, extregex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(revoke_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(revoke_failure); +ATF_TC_HEAD(revoke_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "revoke(2) call"); +} + +ATF_TC_BODY(revoke_failure, tc) +{ + FILE *pipefd = setup(fds, auclass); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, revoke(errpath)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(revoke_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, munmap_success); + ATF_TP_ADD_TC(tp, munmap_failure); + + ATF_TP_ADD_TC(tp, close_success); + ATF_TP_ADD_TC(tp, close_failure); + ATF_TP_ADD_TC(tp, closefrom_success); + + ATF_TP_ADD_TC(tp, revoke_success); + ATF_TP_ADD_TC(tp, revoke_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/file-close.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/file-create.c =================================================================== --- stable/11/tests/sys/audit/file-create.c (revision 339086) +++ stable/11/tests/sys/audit/file-create.c (revision 339087) @@ -1,585 +1,589 @@ /*- * Copyright 2018 Aniket Pandey - * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ #include #include #include #include #include #include #include "utils.h" static struct pollfd fds[1]; static mode_t mode = 0777; +static int filedesc; static dev_t dev = 0; static const char *auclass = "fc"; static const char *path = "fileforaudit"; static const char *successreg = "fileforaudit.*return,success"; static const char *failurereg = "fileforaudit.*return,failure"; ATF_TC_WITH_CLEANUP(mkdir_success); ATF_TC_HEAD(mkdir_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mkdir(2) call"); } ATF_TC_BODY(mkdir_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mkdir(path, mode)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(mkdir_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkdir_failure); ATF_TC_HEAD(mkdir_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mkdir(2) call"); } ATF_TC_BODY(mkdir_failure, tc) { ATF_REQUIRE_EQ(0, mkdir(path, mode)); FILE *pipefd = setup(fds, auclass); /* Failure reason: directory already exists */ ATF_REQUIRE_EQ(-1, mkdir(path, mode)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(mkdir_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkdirat_success); ATF_TC_HEAD(mkdirat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mkdirat(2) call"); } ATF_TC_BODY(mkdirat_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mkdirat(AT_FDCWD, path, mode)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(mkdirat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkdirat_failure); ATF_TC_HEAD(mkdirat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mkdirat(2) call"); } ATF_TC_BODY(mkdirat_failure, tc) { ATF_REQUIRE_EQ(0, mkdirat(AT_FDCWD, path, mode)); FILE *pipefd = setup(fds, auclass); /* Failure reason: directory already exists */ ATF_REQUIRE_EQ(-1, mkdirat(AT_FDCWD, path, mode)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(mkdirat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkfifo_success); ATF_TC_HEAD(mkfifo_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mkfifo(2) call"); } ATF_TC_BODY(mkfifo_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mkfifo(path, mode)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(mkfifo_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkfifo_failure); ATF_TC_HEAD(mkfifo_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mkfifo(2) call"); } ATF_TC_BODY(mkfifo_failure, tc) { ATF_REQUIRE_EQ(0, mkfifo(path, mode)); FILE *pipefd = setup(fds, auclass); /* Failure reason: FIFO already exists */ ATF_REQUIRE_EQ(-1, mkfifo(path, mode)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(mkfifo_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkfifoat_success); ATF_TC_HEAD(mkfifoat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mkfifoat(2) call"); } ATF_TC_BODY(mkfifoat_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mkfifoat(AT_FDCWD, path, mode)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(mkfifoat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mkfifoat_failure); ATF_TC_HEAD(mkfifoat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mkfifoat(2) call"); } ATF_TC_BODY(mkfifoat_failure, tc) { ATF_REQUIRE_EQ(0, mkfifoat(AT_FDCWD, path, mode)); FILE *pipefd = setup(fds, auclass); /* Failure reason: FIFO already exists */ ATF_REQUIRE_EQ(-1, mkfifoat(AT_FDCWD, path, mode)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(mkfifoat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mknod_success); ATF_TC_HEAD(mknod_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mknod(2) call"); } ATF_TC_BODY(mknod_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mknod(path, S_IFIFO | S_IRWXO, dev)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(mknod_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mknod_failure); ATF_TC_HEAD(mknod_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mknod(2) call"); } ATF_TC_BODY(mknod_failure, tc) { ATF_REQUIRE_EQ(0, mknod(path, S_IFIFO | S_IRWXO, dev)); FILE *pipefd = setup(fds, auclass); /* Failure reason: FIFO node already exists */ ATF_REQUIRE_EQ(-1, mknod(path, S_IFIFO | S_IRWXO, dev)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(mknod_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mknodat_success); ATF_TC_HEAD(mknodat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "mknodat(2) call"); } ATF_TC_BODY(mknodat_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, mknodat(AT_FDCWD, path, S_IFIFO | S_IRWXO, dev)); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(mknodat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(mknodat_failure); ATF_TC_HEAD(mknodat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "mknodat(2) call"); } ATF_TC_BODY(mknodat_failure, tc) { ATF_REQUIRE_EQ(0, mknodat(AT_FDCWD, path, S_IFIFO | S_IRWXO, dev)); FILE *pipefd = setup(fds, auclass); /* Failure reason: FIFO node already exists */ ATF_REQUIRE_EQ(-1, mknodat(AT_FDCWD, path, S_IFIFO | S_IRWXO, dev)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(mknodat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(rename_success); ATF_TC_HEAD(rename_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "rename(2) call"); } ATF_TC_BODY(rename_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, rename(path, "renamed")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(rename_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(rename_failure); ATF_TC_HEAD(rename_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "rename(2) call"); } ATF_TC_BODY(rename_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, rename(path, "renamed")); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(rename_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(renameat_success); ATF_TC_HEAD(renameat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "renameat(2) call"); } ATF_TC_BODY(renameat_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, renameat(AT_FDCWD, path, AT_FDCWD, "renamed")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(renameat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(renameat_failure); ATF_TC_HEAD(renameat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "renameat(2) call"); } ATF_TC_BODY(renameat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, renameat(AT_FDCWD, path, AT_FDCWD, "renamed")); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(renameat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(link_success); ATF_TC_HEAD(link_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "link(2) call"); } ATF_TC_BODY(link_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, link(path, "hardlink")); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(link_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(link_failure); ATF_TC_HEAD(link_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "link(2) call"); } ATF_TC_BODY(link_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, link(path, "hardlink")); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(link_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(linkat_success); ATF_TC_HEAD(linkat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "linkat(2) call"); } ATF_TC_BODY(linkat_success, tc) { - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, linkat(AT_FDCWD, path, AT_FDCWD, "hardlink", 0)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(linkat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(linkat_failure); ATF_TC_HEAD(linkat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "linkat(2) call"); } ATF_TC_BODY(linkat_failure, tc) { FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, linkat(AT_FDCWD, path, AT_FDCWD, "hardlink", 0)); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(linkat_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(symlink_success); ATF_TC_HEAD(symlink_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "symlink(2) call"); } ATF_TC_BODY(symlink_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, symlink(path, "symlink")); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(symlink_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(symlink_failure); ATF_TC_HEAD(symlink_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "symlink(2) call"); } ATF_TC_BODY(symlink_failure, tc) { ATF_REQUIRE_EQ(0, symlink(path, "symlink")); FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link already exists */ ATF_REQUIRE_EQ(-1, symlink(path, "symlink")); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(symlink_failure, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(symlinkat_success); ATF_TC_HEAD(symlinkat_success, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " "symlinkat(2) call"); } ATF_TC_BODY(symlinkat_success, tc) { FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, symlinkat(path, AT_FDCWD, "symlink")); check_audit(fds, successreg, pipefd); } ATF_TC_CLEANUP(symlinkat_success, tc) { cleanup(); } ATF_TC_WITH_CLEANUP(symlinkat_failure); ATF_TC_HEAD(symlinkat_failure, tc) { atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " "symlinkat(2) call"); } ATF_TC_BODY(symlinkat_failure, tc) { ATF_REQUIRE_EQ(0, symlinkat(path, AT_FDCWD, "symlink")); FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link already exists */ ATF_REQUIRE_EQ(-1, symlinkat(path, AT_FDCWD, "symlink")); check_audit(fds, failurereg, pipefd); } ATF_TC_CLEANUP(symlinkat_failure, tc) { cleanup(); } ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mkdir_success); ATF_TP_ADD_TC(tp, mkdir_failure); ATF_TP_ADD_TC(tp, mkdirat_success); ATF_TP_ADD_TC(tp, mkdirat_failure); ATF_TP_ADD_TC(tp, mkfifo_success); ATF_TP_ADD_TC(tp, mkfifo_failure); ATF_TP_ADD_TC(tp, mkfifoat_success); ATF_TP_ADD_TC(tp, mkfifoat_failure); ATF_TP_ADD_TC(tp, mknod_success); ATF_TP_ADD_TC(tp, mknod_failure); ATF_TP_ADD_TC(tp, mknodat_success); ATF_TP_ADD_TC(tp, mknodat_failure); ATF_TP_ADD_TC(tp, rename_success); ATF_TP_ADD_TC(tp, rename_failure); ATF_TP_ADD_TC(tp, renameat_success); ATF_TP_ADD_TC(tp, renameat_failure); ATF_TP_ADD_TC(tp, link_success); ATF_TP_ADD_TC(tp, link_failure); ATF_TP_ADD_TC(tp, linkat_success); ATF_TP_ADD_TC(tp, linkat_failure); ATF_TP_ADD_TC(tp, symlink_success); ATF_TP_ADD_TC(tp, symlink_failure); ATF_TP_ADD_TC(tp, symlinkat_success); ATF_TP_ADD_TC(tp, symlinkat_failure); return (atf_no_error()); } Index: stable/11/tests/sys/audit/file-delete.c =================================================================== --- stable/11/tests/sys/audit/file-delete.c (nonexistent) +++ stable/11/tests/sys/audit/file-delete.c (revision 339087) @@ -0,0 +1,274 @@ +/*- + * Copyright 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include + +#include +#include +#include + +#include "utils.h" + +static struct pollfd fds[1]; +static mode_t mode = 0777; +static int filedesc; +static const char *path = "fileforaudit"; +static const char *errpath = "dirdoesnotexist/fileforaudit"; +static const char *successreg = "fileforaudit.*return,success"; +static const char *failurereg = "fileforaudit.*return,failure"; + + +ATF_TC_WITH_CLEANUP(rmdir_success); +ATF_TC_HEAD(rmdir_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "rmdir(2) call"); +} + +ATF_TC_BODY(rmdir_success, tc) +{ + ATF_REQUIRE_EQ(0, mkdir(path, mode)); + FILE *pipefd = setup(fds, "fd"); + ATF_REQUIRE_EQ(0, rmdir(path)); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(rmdir_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(rmdir_failure); +ATF_TC_HEAD(rmdir_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "rmdir(2) call"); +} + +ATF_TC_BODY(rmdir_failure, tc) +{ + FILE *pipefd = setup(fds, "fd"); + /* Failure reason: directory does not exist */ + ATF_REQUIRE_EQ(-1, rmdir(errpath)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(rmdir_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(rename_success); +ATF_TC_HEAD(rename_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "rename(2) call"); +} + +ATF_TC_BODY(rename_success, tc) +{ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, "fd"); + ATF_REQUIRE_EQ(0, rename(path, "renamed")); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(rename_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(rename_failure); +ATF_TC_HEAD(rename_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "rename(2) call"); +} + +ATF_TC_BODY(rename_failure, tc) +{ + FILE *pipefd = setup(fds, "fd"); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, rename(path, "renamed")); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(rename_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(renameat_success); +ATF_TC_HEAD(renameat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "renameat(2) call"); +} + +ATF_TC_BODY(renameat_success, tc) +{ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, "fd"); + ATF_REQUIRE_EQ(0, renameat(AT_FDCWD, path, AT_FDCWD, "renamed")); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(renameat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(renameat_failure); +ATF_TC_HEAD(renameat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "renameat(2) call"); +} + +ATF_TC_BODY(renameat_failure, tc) +{ + FILE *pipefd = setup(fds, "fd"); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, renameat(AT_FDCWD, path, AT_FDCWD, "renamed")); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(renameat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(unlink_success); +ATF_TC_HEAD(unlink_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "unlink(2) call"); +} + +ATF_TC_BODY(unlink_success, tc) +{ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, "fd"); + ATF_REQUIRE_EQ(0, unlink(path)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(unlink_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(unlink_failure); +ATF_TC_HEAD(unlink_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "unlink(2) call"); +} + +ATF_TC_BODY(unlink_failure, tc) +{ + FILE *pipefd = setup(fds, "fd"); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, unlink(errpath)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(unlink_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(unlinkat_success); +ATF_TC_HEAD(unlinkat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "unlinkat(2) call"); +} + +ATF_TC_BODY(unlinkat_success, tc) +{ + ATF_REQUIRE_EQ(0, mkdir(path, mode)); + FILE *pipefd = setup(fds, "fd"); + ATF_REQUIRE_EQ(0, unlinkat(AT_FDCWD, path, AT_REMOVEDIR)); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(unlinkat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(unlinkat_failure); +ATF_TC_HEAD(unlinkat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "unlinkat(2) call"); +} + +ATF_TC_BODY(unlinkat_failure, tc) +{ + FILE *pipefd = setup(fds, "fd"); + /* Failure reason: directory does not exist */ + ATF_REQUIRE_EQ(-1, unlinkat(AT_FDCWD, errpath, AT_REMOVEDIR)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(unlinkat_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, rmdir_success); + ATF_TP_ADD_TC(tp, rmdir_failure); + + ATF_TP_ADD_TC(tp, rename_success); + ATF_TP_ADD_TC(tp, rename_failure); + ATF_TP_ADD_TC(tp, renameat_success); + ATF_TP_ADD_TC(tp, renameat_failure); + + ATF_TP_ADD_TC(tp, unlink_success); + ATF_TP_ADD_TC(tp, unlink_failure); + ATF_TP_ADD_TC(tp, unlinkat_success); + ATF_TP_ADD_TC(tp, unlinkat_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/file-delete.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/file-read.c =================================================================== --- stable/11/tests/sys/audit/file-read.c (nonexistent) +++ stable/11/tests/sys/audit/file-read.c (revision 339087) @@ -0,0 +1,136 @@ +/*- + * Copyright 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include + +#include "utils.h" + +static struct pollfd fds[1]; +static char buff[1024]; +static const char *path = "fileforaudit"; +static const char *successreg = "fileforaudit.*return,success"; +static const char *failurereg = "fileforaudit.*return,failure"; + + +ATF_TC_WITH_CLEANUP(readlink_success); +ATF_TC_HEAD(readlink_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "readlink(2) call"); +} + +ATF_TC_BODY(readlink_success, tc) +{ + memset(buff, 0, sizeof(buff)); + ATF_REQUIRE_EQ(0, symlink("symlink", path)); + FILE *pipefd = setup(fds, "fr"); + ATF_REQUIRE(readlink(path, buff, sizeof(buff)-1) != -1); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(readlink_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(readlink_failure); +ATF_TC_HEAD(readlink_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "readlink(2) call"); +} + +ATF_TC_BODY(readlink_failure, tc) +{ + memset(buff, 0, sizeof(buff)); + FILE *pipefd = setup(fds, "fr"); + /* Failure reason: symbolic link does not exist */ + ATF_REQUIRE_EQ(-1, readlink(path, buff, sizeof(buff)-1)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(readlink_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(readlinkat_success); +ATF_TC_HEAD(readlinkat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "readlinkat(2) call"); +} + +ATF_TC_BODY(readlinkat_success, tc) +{ + memset(buff, 0, sizeof(buff)); + ATF_REQUIRE_EQ(0, symlink("symlink", path)); + FILE *pipefd = setup(fds, "fr"); + ATF_REQUIRE(readlinkat(AT_FDCWD, path, buff, sizeof(buff)-1) != -1); + check_audit(fds, successreg, pipefd); +} + +ATF_TC_CLEANUP(readlinkat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(readlinkat_failure); +ATF_TC_HEAD(readlinkat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "readlinkat(2) call"); +} + +ATF_TC_BODY(readlinkat_failure, tc) +{ + memset(buff, 0, sizeof(buff)); + FILE *pipefd = setup(fds, "fr"); + /* Failure reason: symbolic link does not exist */ + ATF_REQUIRE_EQ(-1, readlinkat(AT_FDCWD, path, buff, sizeof(buff)-1)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(readlinkat_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, readlink_success); + ATF_TP_ADD_TC(tp, readlink_failure); + ATF_TP_ADD_TC(tp, readlinkat_success); + ATF_TP_ADD_TC(tp, readlinkat_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/file-read.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/file-write.c =================================================================== --- stable/11/tests/sys/audit/file-write.c (nonexistent) +++ stable/11/tests/sys/audit/file-write.c (revision 339087) @@ -0,0 +1,141 @@ +/*- + * Copyright 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include + +#include "utils.h" + +static struct pollfd fds[1]; +static mode_t mode = 0777; +static int filedesc; +static off_t offlen = 0; +static const char *path = "fileforaudit"; +static const char *errpath = "dirdoesnotexist/fileforaudit"; +static const char *successreg = "fileforaudit.*return,success"; +static const char *failurereg = "fileforaudit.*return,failure"; + + +ATF_TC_WITH_CLEANUP(truncate_success); +ATF_TC_HEAD(truncate_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "truncate(2) call"); +} + +ATF_TC_BODY(truncate_success, tc) +{ + /* File needs to exist to call truncate(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, "fw"); + ATF_REQUIRE_EQ(0, truncate(path, offlen)); + check_audit(fds, successreg, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(truncate_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(truncate_failure); +ATF_TC_HEAD(truncate_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "truncate(2) call"); +} + +ATF_TC_BODY(truncate_failure, tc) +{ + FILE *pipefd = setup(fds, "fw"); + /* Failure reason: file does not exist */ + ATF_REQUIRE_EQ(-1, truncate(errpath, offlen)); + check_audit(fds, failurereg, pipefd); +} + +ATF_TC_CLEANUP(truncate_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(ftruncate_success); +ATF_TC_HEAD(ftruncate_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "ftruncate(2) call"); +} + +ATF_TC_BODY(ftruncate_success, tc) +{ + const char *regex = "ftruncate.*return,success"; + /* Valid file descriptor needs to exist to call ftruncate(2) */ + ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR)) != -1); + FILE *pipefd = setup(fds, "fw"); + ATF_REQUIRE_EQ(0, ftruncate(filedesc, offlen)); + check_audit(fds, regex, pipefd); + close(filedesc); +} + +ATF_TC_CLEANUP(ftruncate_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(ftruncate_failure); +ATF_TC_HEAD(ftruncate_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "ftruncate(2) call"); +} + +ATF_TC_BODY(ftruncate_failure, tc) +{ + const char *regex = "ftruncate.*return,failure"; + FILE *pipefd = setup(fds, "fw"); + /* Failure reason: bad file descriptor */ + ATF_REQUIRE_EQ(-1, ftruncate(-1, offlen)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(ftruncate_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, truncate_success); + ATF_TP_ADD_TC(tp, truncate_failure); + ATF_TP_ADD_TC(tp, ftruncate_success); + ATF_TP_ADD_TC(tp, ftruncate_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/file-write.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/network.c =================================================================== --- stable/11/tests/sys/audit/network.c (nonexistent) +++ stable/11/tests/sys/audit/network.c (revision 339087) @@ -0,0 +1,412 @@ +/*- + * Copyright (c) 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include + +#include +#include +#include +#include + +#include "utils.h" + +#define SERVER_PATH "server" + +static int sockfd; +static socklen_t len; +static struct pollfd fds[1]; +static char extregex[80]; +static const char *auclass = "nt"; +static const char *nosupregex = "return,failure : Address family " + "not supported by protocol family"; +static const char *invalregex = "return,failur.*Socket operation on non-socket"; + +/* + * Variadic function to close socket descriptors + */ +static void +close_sockets(int count, ...) +{ + int sockd; + va_list socklist; + va_start(socklist, count); + for (sockd = 0; sockd < count; sockd++) { + close(va_arg(socklist, int)); + } + va_end(socklist); +} + +/* + * Assign local filesystem address to a Unix domain socket + */ +static void +assign_address(struct sockaddr_un *server) +{ + memset(server, 0, sizeof(*server)); + server->sun_family = AF_UNIX; + strcpy(server->sun_path, SERVER_PATH); +} + + +ATF_TC_WITH_CLEANUP(socket_success); +ATF_TC_HEAD(socket_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "socket(2) call"); +} + +ATF_TC_BODY(socket_success, tc) +{ + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); + /* Check the presence of sockfd in audit record */ + snprintf(extregex, sizeof(extregex), "socket.*ret.*success,%d", sockfd); + check_audit(fds, extregex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(socket_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(socket_failure); +ATF_TC_HEAD(socket_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "socket(2) call"); +} + +ATF_TC_BODY(socket_failure, tc) +{ + snprintf(extregex, sizeof(extregex), "socket.*%s", nosupregex); + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Unsupported value of 'domain' argument: 0 */ + ATF_REQUIRE_EQ(-1, socket(0, SOCK_STREAM, 0)); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(socket_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(socketpair_success); +ATF_TC_HEAD(socketpair_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "socketpair(2) call"); +} + +ATF_TC_BODY(socketpair_success, tc) +{ + int sv[2]; + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, socketpair(PF_UNIX, SOCK_STREAM, 0, sv)); + + /* Check for 0x0 (argument 3: default protocol) in the audit record */ + snprintf(extregex, sizeof(extregex), "socketpair.*0x0.*return,success"); + check_audit(fds, extregex, pipefd); + close_sockets(2, sv[0], sv[1]); +} + +ATF_TC_CLEANUP(socketpair_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(socketpair_failure); +ATF_TC_HEAD(socketpair_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "socketpair(2) call"); +} + +ATF_TC_BODY(socketpair_failure, tc) +{ + snprintf(extregex, sizeof(extregex), "socketpair.*%s", nosupregex); + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Unsupported value of 'domain' argument: 0 */ + ATF_REQUIRE_EQ(-1, socketpair(0, SOCK_STREAM, 0, NULL)); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(socketpair_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(setsockopt_success); +ATF_TC_HEAD(setsockopt_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "setsockopt(2) call"); +} + +ATF_TC_BODY(setsockopt_success, tc) +{ + int tr = 1; + ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); + /* Check the presence of sockfd in audit record */ + snprintf(extregex, sizeof(extregex), + "setsockopt.*0x%x.*return,success", sockfd); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, + SO_REUSEADDR, &tr, sizeof(int))); + check_audit(fds, extregex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(setsockopt_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(setsockopt_failure); +ATF_TC_HEAD(setsockopt_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "setsockopt(2) call"); +} + +ATF_TC_BODY(setsockopt_failure, tc) +{ + int tr = 1; + snprintf(extregex, sizeof(extregex), "setsockopt.*%s", invalregex); + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid socket descriptor */ + ATF_REQUIRE_EQ(-1, setsockopt(0, SOL_SOCKET, + SO_REUSEADDR, &tr, sizeof(int))); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(setsockopt_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bind_success); +ATF_TC_HEAD(bind_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "bind(2) call"); +} + +ATF_TC_BODY(bind_success, tc) +{ + struct sockaddr_un server; + assign_address(&server); + len = sizeof(struct sockaddr_un); + + /* Preliminary socket setup */ + ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); + /* Check the presence of AF_UNIX address path in audit record */ + snprintf(extregex, sizeof(extregex), + "bind.*unix.*%s.*return,success", SERVER_PATH); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); + check_audit(fds, extregex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(bind_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bind_failure); +ATF_TC_HEAD(bind_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "bind(2) call"); +} + +ATF_TC_BODY(bind_failure, tc) +{ + /* Preliminary socket setup */ + struct sockaddr_un server; + assign_address(&server); + len = sizeof(struct sockaddr_un); + /* Check the presence of AF_UNIX path in audit record */ + snprintf(extregex, sizeof(extregex), + "bind.*%s.*return,failure", SERVER_PATH); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid socket descriptor */ + ATF_REQUIRE_EQ(-1, bind(0, (struct sockaddr *)&server, len)); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(bind_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bindat_success); +ATF_TC_HEAD(bindat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "bindat(2) call"); +} + +ATF_TC_BODY(bindat_success, tc) +{ + struct sockaddr_un server; + assign_address(&server); + len = sizeof(struct sockaddr_un); + + /* Preliminary socket setup */ + ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); + /* Check the presence of socket descriptor in audit record */ + snprintf(extregex, sizeof(extregex), + "bindat.*0x%x.*return,success", sockfd); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, bindat(AT_FDCWD, sockfd, + (struct sockaddr *)&server, len)); + check_audit(fds, extregex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(bindat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bindat_failure); +ATF_TC_HEAD(bindat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "bindat(2) call"); +} + +ATF_TC_BODY(bindat_failure, tc) +{ + /* Preliminary socket setup */ + struct sockaddr_un server; + assign_address(&server); + len = sizeof(struct sockaddr_un); + snprintf(extregex, sizeof(extregex), "bindat.*%s", invalregex); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid socket descriptor */ + ATF_REQUIRE_EQ(-1, bindat(AT_FDCWD, 0, + (struct sockaddr *)&server, len)); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(bindat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(listen_success); +ATF_TC_HEAD(listen_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "listen(2) call"); +} + +ATF_TC_BODY(listen_success, tc) +{ + struct sockaddr_un server; + assign_address(&server); + len = sizeof(struct sockaddr_un); + + /* Preliminary socket setup */ + ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); + ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); + /* Check the presence of socket descriptor in the audit record */ + snprintf(extregex, sizeof(extregex), + "listen.*0x%x.*return,success", sockfd); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, listen(sockfd, 1)); + check_audit(fds, extregex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(listen_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(listen_failure); +ATF_TC_HEAD(listen_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "listen(2) call"); +} + +ATF_TC_BODY(listen_failure, tc) +{ + snprintf(extregex, sizeof(extregex), "listen.*%s", invalregex); + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid socket descriptor */ + ATF_REQUIRE_EQ(-1, listen(0, 1)); + check_audit(fds, extregex, pipefd); +} + +ATF_TC_CLEANUP(listen_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, socket_success); + ATF_TP_ADD_TC(tp, socket_failure); + ATF_TP_ADD_TC(tp, socketpair_success); + ATF_TP_ADD_TC(tp, socketpair_failure); + ATF_TP_ADD_TC(tp, setsockopt_success); + ATF_TP_ADD_TC(tp, setsockopt_failure); + + ATF_TP_ADD_TC(tp, bind_success); + ATF_TP_ADD_TC(tp, bind_failure); + ATF_TP_ADD_TC(tp, bindat_success); + ATF_TP_ADD_TC(tp, bindat_failure); + ATF_TP_ADD_TC(tp, listen_success); + ATF_TP_ADD_TC(tp, listen_failure); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/network.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/open.c =================================================================== --- stable/11/tests/sys/audit/open.c (nonexistent) +++ stable/11/tests/sys/audit/open.c (revision 339087) @@ -0,0 +1,196 @@ +/*- + * Copyright (c) 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +/* + * Note: open(2) and openat(2) have 12 events each for various values of 'flag' + * Please see: contrib/openbsm/etc/audit_event#L261 + * + * 270:AUE_OPENAT_R:openat(2) - read:fr + * 271:AUE_OPENAT_RC:openat(2) - read,creat:fc,fr,fa,fm + * 272:AUE_OPENAT_RT:openat(2) - read,trunc:fd,fr,fa,fm + * 273:AUE_OPENAT_RTC:openat(2) - read,creat,trunc:fc,fd,fr,fa,fm + * 274:AUE_OPENAT_W:openat(2) - write:fw + * 275:AUE_OPENAT_WC:openat(2) - write,creat:fc,fw,fa,fm + * 276:AUE_OPENAT_WT:openat(2) - write,trunc:fd,fw,fa,fm + * 277:AUE_OPENAT_WTC:openat(2) - write,creat,trunc:fc,fd,fw,fa,fm + * 278:AUE_OPENAT_RW:openat(2) - read,write:fr,fw + * 279:AUE_OPENAT_RWC:openat(2) - read,write,create:fc,fw,fr,fa,fm + * 280:AUE_OPENAT_RWT:openat(2) - read,write,trunc:fd,fw,fr,fa,fm + * 281:AUE_OPENAT_RWTC:openat(2) - read,write,creat,trunc:fc,fd,fw,fr,fa,fm + */ + +#include + +#include +#include + +#include "utils.h" + +static struct pollfd fds[1]; +static mode_t o_mode = 0777; +static int filedesc; +static char extregex[80]; +static const char *path = "fileforaudit"; +static const char *errpath = "adirhasnoname/fileforaudit"; + +/* + * Define test-cases for success and failure modes of both open(2) and openat(2) + */ +#define OPEN_AT_TC_DEFINE(mode, regex, flag, class) \ +ATF_TC_WITH_CLEANUP(open_ ## mode ## _success); \ +ATF_TC_HEAD(open_ ## mode ## _success, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " \ + "open(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(open_ ## mode ## _success, tc) \ +{ \ + snprintf(extregex, sizeof(extregex), \ + "open.*%s.*fileforaudit.*return,success", regex); \ + /* File needs to exist for successful open(2) invocation */ \ + ATF_REQUIRE((filedesc = open(path, O_CREAT, o_mode)) != -1); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE(syscall(SYS_open, path, flag) != -1); \ + check_audit(fds, extregex, pipefd); \ + close(filedesc); \ +} \ +ATF_TC_CLEANUP(open_ ## mode ## _success, tc) \ +{ \ + cleanup(); \ +} \ +ATF_TC_WITH_CLEANUP(open_ ## mode ## _failure); \ +ATF_TC_HEAD(open_ ## mode ## _failure, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " \ + "open(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(open_ ## mode ## _failure, tc) \ +{ \ + snprintf(extregex, sizeof(extregex), \ + "open.*%s.*fileforaudit.*return,failure", regex); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE_EQ(-1, syscall(SYS_open, errpath, flag)); \ + check_audit(fds, extregex, pipefd); \ +} \ +ATF_TC_CLEANUP(open_ ## mode ## _failure, tc) \ +{ \ + cleanup(); \ +} \ +ATF_TC_WITH_CLEANUP(openat_ ## mode ## _success); \ +ATF_TC_HEAD(openat_ ## mode ## _success, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " \ + "openat(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(openat_ ## mode ## _success, tc) \ +{ \ + int filedesc2; \ + snprintf(extregex, sizeof(extregex), \ + "openat.*%s.*fileforaudit.*return,success", regex); \ + /* File needs to exist for successful openat(2) invocation */ \ + ATF_REQUIRE((filedesc = open(path, O_CREAT, o_mode)) != -1); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE((filedesc2 = openat(AT_FDCWD, path, flag)) != -1); \ + check_audit(fds, extregex, pipefd); \ + close(filedesc2); \ + close(filedesc); \ +} \ +ATF_TC_CLEANUP(openat_ ## mode ## _success, tc) \ +{ \ + cleanup(); \ +} \ +ATF_TC_WITH_CLEANUP(openat_ ## mode ## _failure); \ +ATF_TC_HEAD(openat_ ## mode ## _failure, tc) \ +{ \ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " \ + "openat(2) call with flags = %s", #flag); \ +} \ +ATF_TC_BODY(openat_ ## mode ## _failure, tc) \ +{ \ + snprintf(extregex, sizeof(extregex), \ + "openat.*%s.*fileforaudit.*return,failure", regex); \ + FILE *pipefd = setup(fds, class); \ + ATF_REQUIRE_EQ(-1, openat(AT_FDCWD, errpath, flag)); \ + check_audit(fds, extregex, pipefd); \ +} \ +ATF_TC_CLEANUP(openat_ ## mode ## _failure, tc) \ +{ \ + cleanup(); \ +} + +/* + * Add both success and failure modes of open(2) and openat(2) + */ +#define OPEN_AT_TC_ADD(tp, mode) \ +do { \ + ATF_TP_ADD_TC(tp, open_ ## mode ## _success); \ + ATF_TP_ADD_TC(tp, open_ ## mode ## _failure); \ + ATF_TP_ADD_TC(tp, openat_ ## mode ## _success); \ + ATF_TP_ADD_TC(tp, openat_ ## mode ## _failure); \ +} while (0) + + +/* + * Each of the 12 OPEN_AT_TC_DEFINE statement is a group of 4 test-cases + * corresponding to separate audit events for open(2) and openat(2) + */ +OPEN_AT_TC_DEFINE(read, "read", O_RDONLY, "fr") +OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr") +OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr") +OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT + | O_TRUNC, "fr") +OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw") +OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw") +OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw") +OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT + | O_TRUNC, "fw") +OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr") +OPEN_AT_TC_DEFINE(read_write_creat, "read,write,creat", O_RDWR | O_CREAT, "fw") +OPEN_AT_TC_DEFINE(read_write_trunc, "read,write,trunc", O_RDWR | O_TRUNC, "fr") +OPEN_AT_TC_DEFINE(read_write_creat_trunc, "read,write,creat,trunc", O_RDWR | + O_CREAT | O_TRUNC, "fw") + + +ATF_TP_ADD_TCS(tp) +{ + OPEN_AT_TC_ADD(tp, read); + OPEN_AT_TC_ADD(tp, read_creat); + OPEN_AT_TC_ADD(tp, read_trunc); + OPEN_AT_TC_ADD(tp, read_creat_trunc); + + OPEN_AT_TC_ADD(tp, write); + OPEN_AT_TC_ADD(tp, write_creat); + OPEN_AT_TC_ADD(tp, write_trunc); + OPEN_AT_TC_ADD(tp, write_creat_trunc); + + OPEN_AT_TC_ADD(tp, read_write); + OPEN_AT_TC_ADD(tp, read_write_creat); + OPEN_AT_TC_ADD(tp, read_write_trunc); + OPEN_AT_TC_ADD(tp, read_write_creat_trunc); + + return (atf_no_error()); +} Property changes on: stable/11/tests/sys/audit/open.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: stable/11/tests/sys/audit/utils.c =================================================================== --- stable/11/tests/sys/audit/utils.c (revision 339086) +++ stable/11/tests/sys/audit/utils.c (revision 339087) @@ -1,234 +1,233 @@ /*- * Copyright 2018 Aniket Pandey - * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ #include -#include +#include +#include + +#include #include #include -#include -#include #include +#include +#include #include -#include -#include #include "utils.h" /* * Checks the presence of "auditregex" in auditpipe(4) after the * corresponding system call has been triggered. */ static bool get_records(const char *auditregex, FILE *pipestream) { uint8_t *buff; tokenstr_t token; ssize_t size = 1024; char membuff[size]; char del[] = ","; int reclen, bytes = 0; FILE *memstream; /* * Open a stream on 'membuff' (address to memory buffer) for storing * the audit records in the default mode.'reclen' is the length of the * available records from auditpipe which is passed to the functions * au_fetch_tok(3) and au_print_flags_tok(3) for further use. */ ATF_REQUIRE((memstream = fmemopen(membuff, size, "w")) != NULL); ATF_REQUIRE((reclen = au_read_rec(pipestream, &buff)) != -1); /* * Iterate through each BSM token, extracting the bits that are * required to start processing the token sequences. */ while (bytes < reclen) { if (au_fetch_tok(&token, buff + bytes, reclen - bytes) == -1) { perror("au_read_rec"); atf_tc_fail("Incomplete Audit Record"); } /* Print the tokens as they are obtained, in the default form */ au_print_flags_tok(memstream, &token, del, AU_OFLAG_NONE); bytes += token.len; } free(buff); - fclose(memstream); + ATF_REQUIRE_EQ(0, fclose(memstream)); return (atf_utils_grep_string("%s", membuff, auditregex)); } /* * Override the system-wide audit mask settings in /etc/security/audit_control * and set the auditpipe's maximum allowed queue length limit */ static void set_preselect_mode(int filedesc, au_mask_t *fmask) { int qlimit_max; int fmode = AUDITPIPE_PRESELECT_MODE_LOCAL; /* Set local preselection mode for auditing */ if (ioctl(filedesc, AUDITPIPE_SET_PRESELECT_MODE, &fmode) < 0) atf_tc_fail("Preselection mode: %s", strerror(errno)); /* Set local preselection flag corresponding to the audit_event */ if (ioctl(filedesc, AUDITPIPE_SET_PRESELECT_FLAGS, fmask) < 0) atf_tc_fail("Preselection flag: %s", strerror(errno)); /* Set local preselection flag for non-attributable audit_events */ if (ioctl(filedesc, AUDITPIPE_SET_PRESELECT_NAFLAGS, fmask) < 0) atf_tc_fail("Preselection naflag: %s", strerror(errno)); /* Query the maximum possible queue length limit for auditpipe */ if (ioctl(filedesc, AUDITPIPE_GET_QLIMIT_MAX, &qlimit_max) < 0) atf_tc_fail("Query max-limit: %s", strerror(errno)); /* Set the queue length limit as obtained from previous step */ if (ioctl(filedesc, AUDITPIPE_SET_QLIMIT, &qlimit_max) < 0) atf_tc_fail("Set max-qlimit: %s", strerror(errno)); /* This removes any outstanding record on the auditpipe */ if (ioctl(filedesc, AUDITPIPE_FLUSH) < 0) atf_tc_fail("Auditpipe flush: %s", strerror(errno)); } /* * Get the corresponding audit_mask for class-name "name" then set the * success and failure bits for fmask to be used as the ioctl argument */ static au_mask_t get_audit_mask(const char *name) { au_mask_t fmask; au_class_ent_t *class; ATF_REQUIRE((class = getauclassnam(name)) != NULL); fmask.am_success = class->ac_class; fmask.am_failure = class->ac_class; return (fmask); } /* * Loop until the auditpipe returns something, check if it is what * we want, else repeat the procedure until ppoll(2) times out. */ static void check_auditpipe(struct pollfd fd[], const char *auditregex, FILE *pipestream) { struct timespec currtime, endtime, timeout; /* Set the expire time for poll(2) while waiting for syscall audit */ ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_MONOTONIC, &endtime)); endtime.tv_sec += 10; timeout.tv_nsec = endtime.tv_nsec; for (;;) { /* Update the time left for auditpipe to return any event */ ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_MONOTONIC, &currtime)); timeout.tv_sec = endtime.tv_sec - currtime.tv_sec; switch (ppoll(fd, 1, &timeout, NULL)) { /* ppoll(2) returns, check if it's what we want */ case 1: if (fd[0].revents & POLLIN) { if (get_records(auditregex, pipestream)) return; } else { atf_tc_fail("Auditpipe returned an " "unknown event %#x", fd[0].revents); } break; /* poll(2) timed out */ case 0: atf_tc_fail("%s not found in auditpipe within the " "time limit", auditregex); break; /* poll(2) standard error */ case -1: atf_tc_fail("Poll: %s", strerror(errno)); break; default: atf_tc_fail("Poll returned too many file descriptors"); } } } /* * Wrapper functions around static "check_auditpipe" */ static void check_audit_startup(struct pollfd fd[], const char *auditrgx, FILE *pipestream){ check_auditpipe(fd, auditrgx, pipestream); } void check_audit(struct pollfd fd[], const char *auditrgx, FILE *pipestream) { check_auditpipe(fd, auditrgx, pipestream); - /* Cleanup */ - fclose(pipestream); - close(fd[0].fd); + /* Teardown: /dev/auditpipe's instance opened for this test-suite */ + ATF_REQUIRE_EQ(0, fclose(pipestream)); } FILE *setup(struct pollfd fd[], const char *name) { au_mask_t fmask, nomask; fmask = get_audit_mask(name); nomask = get_audit_mask("no"); FILE *pipestream; - fd[0].fd = open("/dev/auditpipe", O_RDONLY); + ATF_REQUIRE((fd[0].fd = open("/dev/auditpipe", O_RDONLY)) != -1); + ATF_REQUIRE((pipestream = fdopen(fd[0].fd, "r")) != NULL); fd[0].events = POLLIN; - pipestream = fdopen(fd[0].fd, "r"); /* Set local preselection audit_class as "no" for audit startup */ set_preselect_mode(fd[0].fd, &nomask); ATF_REQUIRE_EQ(0, system("service auditd onestatus || \ { service auditd onestart && touch started_auditd ; }")); /* If 'started_auditd' exists, that means we started auditd(8) */ if (atf_utils_file_exists("started_auditd")) check_audit_startup(fd, "audit startup", pipestream); /* Set local preselection parameters specific to "name" audit_class */ set_preselect_mode(fd[0].fd, &fmask); return (pipestream); } void cleanup(void) { if (atf_utils_file_exists("started_auditd")) system("service auditd onestop > /dev/null 2>&1"); } Index: stable/11/tests/sys/audit/utils.h =================================================================== --- stable/11/tests/sys/audit/utils.h (revision 339086) +++ stable/11/tests/sys/audit/utils.h (revision 339087) @@ -1,42 +1,41 @@ /*- * Copyright 2018 Aniket Pandey - * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * SUCH DAMAGE. * * $FreeBSD$ */ #ifndef _UTILS_H_ #define _UTILS_H_ #include #include #include #include void check_audit(struct pollfd [], const char *, FILE *); FILE *setup(struct pollfd [], const char *); void cleanup(void); #endif /* _SETUP_H_ */ Index: stable/11 =================================================================== --- stable/11 (revision 339086) +++ stable/11 (revision 339087) Property changes on: stable/11 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r334471,334487,334496,334592,334668,334933,335067,335105,335136,335140,335145,335207-335208,335215,335255-335256