From owner-soc-status@freebsd.org  Mon Jun  4 03:19:47 2018
Return-Path: <owner-soc-status@freebsd.org>
Delivered-To: soc-status@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 771E4FE58F2
 for <soc-status@mailman.ysv.freebsd.org>; Mon,  4 Jun 2018 03:19:47 +0000 (UTC)
 (envelope-from aniket.ezio41@gmail.com)
Received: from mail-wm0-f47.google.com (mail-wm0-f47.google.com [74.125.82.47])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E63B26D340;
 Mon,  4 Jun 2018 03:19:46 +0000 (UTC)
 (envelope-from aniket.ezio41@gmail.com)
Received: by mail-wm0-f47.google.com with SMTP id z6-v6so12429349wma.0;
 Sun, 03 Jun 2018 20:19:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=Vy0t6311F3oXGTI3eGDAHUCwOvD0re1NoH3mJ3b75PA=;
 b=d1vOone8OnNfwvqE9R+XMxD1/BOcqTW+X6L/F8PKNS0+5ncVadDeSaLb5swohXNyxZ
 Wbv+hqJhDLOj4GkKNl/gMpJqTFI5kextUYLFswz9AUjIzaS4vFY1JdE5XNsy6pbEqDz3
 CZqz/8DAF9PX4e+S1k+TWheqxVp7Ggh083GlMSkDsuDcBX/w21jdnyYajNFtWREy8EiD
 67ejKmmDEOxhiIJGu/Ebyy6V8j/mA8H+kFtbs+O4+TrsyxU6zEBtC+p32v3kUE32Odyl
 6WdhBMuo5TPkJ+nbXmPvkXlgvPbAIvRra4zXLXMnjCeNb9vWXYyGWWOLJ9l4RWZGU68V
 B3uA==
X-Gm-Message-State: ALKqPwc7u5DNjK8G1YgSnXynKi7ree0/LHjogQ0qMApl7OioeNR2u3n8
 HTb+JE0hRE5ZArD68Q7DLDySDDK1
X-Google-Smtp-Source: ADUXVKJuAWmb/FjhaS6ajyAxb4yCusD53K5L+5POs7ZyluYQUrb25B8vI5DBBXO7ZNyi1hyubPL/ow==
X-Received: by 2002:a50:8244:: with SMTP id
 62-v6mr12840101edf.204.1528082380210; 
 Sun, 03 Jun 2018 20:19:40 -0700 (PDT)
Received: from mail-wm0-f52.google.com (mail-wm0-f52.google.com.
 [74.125.82.52])
 by smtp.gmail.com with ESMTPSA id b58-v6sm13473095edb.59.2018.06.03.20.19.39
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 03 Jun 2018 20:19:39 -0700 (PDT)
Received: by mail-wm0-f52.google.com with SMTP id p11-v6so11427045wmc.4;
 Sun, 03 Jun 2018 20:19:39 -0700 (PDT)
X-Received: by 2002:a1c:3607:: with SMTP id d7-v6mr8527356wma.39.1528082379651; 
 Sun, 03 Jun 2018 20:19:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a5d:4146:0:0:0:0:0 with HTTP;
 Sun, 3 Jun 2018 20:19:39 -0700 (PDT)
From: Aniket Pandey <aniketp@freebsd.org>
Date: Mon, 4 Jun 2018 08:49:39 +0530
X-Gmail-Original-Message-ID: <CADsqe1BrGAFckAHVZ8McXQuZn-Y_E7FBf439Ceqs_c0S44q2Uw@mail.gmail.com>
Message-ID: <CADsqe1BrGAFckAHVZ8McXQuZn-Y_E7FBf439Ceqs_c0S44q2Uw@mail.gmail.com>
Subject: [GSoC-18] Regression Test-Suite for Audit Framework [Week-3]
To: soc-status@freebsd.org
Cc: asomers@freebsd.org, George Neville-Neil <gnn@neville-neil.com>,
 robert.watson@cl.cam.ac.uk, gavin@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.26
X-BeenThere: soc-status@freebsd.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Summer of Code Status Reports and Discussion <soc-status.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/soc-status/>
List-Post: <mailto:soc-status@freebsd.org>
List-Help: <mailto:soc-status-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jun 2018 03:19:47 -0000

Hello all,

In the third week, as promised, I was able to finish off my proposed work
of creating ATF-C test cases of all general auditable system calls as
defined in audit_kevents.h header. Currently, a total of 504 test cases for
161 system calls for all 13 audit classes have been developed. However, the
main work isn't done yet. There are a few administrative system calls which
demand some careful analysis while building the test cases, so as not to
mess up any system-wide configurations.

Actually, I had anticipated a total of around 550-600 test cases at the end
of week 3, going by the progress and the behavior of already tested system
calls. But it turns out, that testing either the success or failure modes
of a few process control or administrative system calls is not possible.
For example, I can't reboot(2) the system in the middle of running the
regression tests so the success mode is ruled out. Also, I can't direct the
kernel to start a new audit trail in the middle of running the tests by
invoking auditctl(2). And a lot of process control system calls never fail.
Like setre{u/g}id(2), umask(2). So that essentially resulted in lesser
number of test cases than expected.

Although the base test-suite is done, I haven't yet done any analysis of
the system calls which enforce capability mode on processes and limit
capability rights on certain file descriptors.  Syscalls like cap_enter(2),
cap_rights_limit(2) and cap_ioctls_limit(2) are in fact auditable and need
to be tested accordingly. I'll have a look at their implementation and
would plan out the appropriate testing strategy.

Some system calls in process-control audit class caused intermittent test
failures for reasons I'm not sure of yet. Though this was only recurring
when the system-wide audit mask was set as "pc", i.e same as the test
program. However, on trying to debug a random test case using Kyua(7), I
noticed the occurrence of an extraneous wait4(2) event. wait4(2) evidently
timed out the test and as a result, the system call in question was never
audited. I'm not entirely sure as to why that was happening, that too when
auditpipe(4) showed up the system call in a separate invocation. I'll try
to figure out this issue in the next week.

Most of the week, however, was spent on reviewing and committing the
differentials I had created earlier. The first revision, D15286 broke
builds on multiple architectures as reported by Ed. Though it turned out
that importing "libbsm.h" in my utility program caused the builds to break
with GCC due to some redundant function declarations within the same header
which were added in one of the earlier commits but were never required.
This issue was resolved by my mentor Alan Somers in rS334388
<https://reviews.freebsd.org/rS334388> .

List of differentials merged:

1. D15286: https://reviews.freebsd.org/rS334360
2. D15561: https://reviews.freebsd.org/rS334403
3. D15618: https://reviews.freebsd.org/rS334390
4. D15620: https://reviews.freebsd.org/rS334394
5. D15636: https://reviews.freebsd.org/rS334471
6. D15640: https://reviews.freebsd.org/rS334487
7. D15647: https://reviews.freebsd.org/rS334496
8. D15650: https://reviews.freebsd.org/rS334592

Detailed info about each of these differentials can be found in the Project
Wiki [1].

Differential currently in review:

1. D15657 <https://reviews.freebsd.org/D15657>   [open(2) and openat(2)
audit events]

As a stretch goal, on the suggestion of one of my other mentor Robert
Watson, I'll try to work on the FreeBSD's CADETS version, which has a
number of extensions to capture additional system calls and their arguments
and to ensure that the audit system within CADETS works as expected.

Thank You,
With best regards,
Aniket Pandey

Project Wiki
[1]
https://wiki.freebsd.org/SummerOfCode2018Projects/RegressionTestSuiteForAuditFramework