From owner-soc-status@freebsd.org  Mon Jun 25 18:49:02 2018
Return-Path: <owner-soc-status@freebsd.org>
Delivered-To: soc-status@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0413A101AF27
 for <soc-status@mailman.ysv.freebsd.org>; Mon, 25 Jun 2018 18:49:02 +0000 (UTC)
 (envelope-from aniket.ezio41@gmail.com)
Received: from mail-ed1-f46.google.com (mail-ed1-f46.google.com
 [209.85.208.46])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 609018915F;
 Mon, 25 Jun 2018 18:49:01 +0000 (UTC)
 (envelope-from aniket.ezio41@gmail.com)
Received: by mail-ed1-f46.google.com with SMTP id l23-v6so3374436edq.0;
 Mon, 25 Jun 2018 11:49:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=p89HhWtD3jOak5qtenbrWPY+UwJCadebFVBMPT7YGE8=;
 b=NPeH+/vZvBb+3Q1WNkcBfK8shKGYvov1fkCYaahzAsBcFHVS6sq/dz8TjJdJFsaUDF
 P2eZ0F6tc5VFTyHlPdh+y0CfojemWthpkaeAoKJId74OJNLSjwCu0/Zd6NY9KyQ3yjfz
 jqlJ24sGleCXfETZeFIBvRdIDpG9EzPGU9BUxQaA0KmHTbsL31J56/l/e7oRZRzJZNkc
 pg1uocft2x7R/dpUDtalFIS6xqIbyXA6VQI+exMhgnLwKpznPaxzNPuT1ocQQLf5EycR
 otzz3gnuP/o/NInrUhAK+3m4IK2AmZtq0PuwaRpsrJ9FHzJ/F2CS6KJGe9YTby2aoGXA
 p7cw==
X-Gm-Message-State: APt69E3HCUJK4TvCP4LIET5BIJnjPY87yQxHIOKc/GSkroXL67NSA4qD
 EZceE+kH3yfhaLdXHemsnOa1Obg2
X-Google-Smtp-Source: ADUXVKIJK6UwkWCcjKFRuYLHVaHd3/Lb/EGpTAKji3iionkUBfV3odlqbbvUmI+RWk2lqoEhtAU2Ww==
X-Received: by 2002:a50:cb0d:: with SMTP id
 g13-v6mr12232462edi.81.1529952058810; 
 Mon, 25 Jun 2018 11:40:58 -0700 (PDT)
Received: from mail-wr0-f175.google.com (mail-wr0-f175.google.com.
 [209.85.128.175])
 by smtp.gmail.com with ESMTPSA id a12-v6sm5919112edr.89.2018.06.25.11.40.58
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Mon, 25 Jun 2018 11:40:58 -0700 (PDT)
Received: by mail-wr0-f175.google.com with SMTP id a12-v6so14704987wro.1;
 Mon, 25 Jun 2018 11:40:58 -0700 (PDT)
X-Received: by 2002:adf:a6ec:: with SMTP id
 t99-v6mr11013323wrc.51.1529952057888; 
 Mon, 25 Jun 2018 11:40:57 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a5d:4146:0:0:0:0:0 with HTTP; Mon, 25 Jun 2018 11:40:57
 -0700 (PDT)
From: Aniket Pandey <aniketp@freebsd.org>
Date: Tue, 26 Jun 2018 00:10:57 +0530
X-Gmail-Original-Message-ID: <CADsqe1CaRiCu8BJTgcNFpA1JjkhyQxw_vT6GAwpOAhwVC6C5GQ@mail.gmail.com>
Message-ID: <CADsqe1CaRiCu8BJTgcNFpA1JjkhyQxw_vT6GAwpOAhwVC6C5GQ@mail.gmail.com>
Subject: [GSoC-18] Regression Test-Suite for Audit Framework [Week-6]
To: soc-status@freebsd.org
Cc: Alan Somers <asomers@freebsd.org>,
 George Neville-Neil <gnn@neville-neil.com>, robert.watson@cl.cam.ac.uk
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.26
X-BeenThere: soc-status@freebsd.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Summer of Code Status Reports and Discussion <soc-status.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/soc-status/>
List-Post: <mailto:soc-status@freebsd.org>
List-Help: <mailto:soc-status-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jun 2018 18:49:02 -0000

Hello All,

This week, I primarily focused on getting the final bit of code merged in
FreeBSD src and resolving the issues revealed therein. I also encountered a
few interesting bugs and had to think out of the box to resolve them.

1) In the case of system calls concerned with manipulating SysV semaphore
operations, there is an option to #define _WANT_SEMUN to access the
semun union which is used for various commands of semctl(2). As defined in
"sys/security/audit/audit_klib.c", each of those 'commands' is a unique
audit event so it is recommended to test them all individually. But for
some reason, the import of union semun wasn't working properly and it
resulted in multiple incorrect forward declarations. To resolve the issue,
I had to recompile the kernel from source as this change was introduced
in r330299 [1] by brooks@ and apparently, I did not have the updated
version of 12-CURRENT.

2) The wait4(2) issue with process control groups of system calls, about
which I had discussed a few emails back, turned out to be a false setback.
Usually, whenever I run my tests, I always have a clone of /dev/auditpipe
open in a separate window to monitor the actual execution of system calls
(Note: dtrace can also be used here). Now the auditpipe(4) device instance
"waits" for syscalls to enter the execution context and thus, this
extraneous wait4(2) tampers with tests by interfering with the syscall in
concern. Although this could lead to a problem if someone has both the
activities ongoing, however, Alan pointed out that these ATF tests would
rarely be run in a production environment so that wouldn't affect the
overall regression testing.

3) For setpgrp(2), I had to execute the tests from a forked child process
as for some reason, Kyua denied modifying the process group ID of the main
test-case process (with EPERM).

4) For some administrative syscalls like auditctl(2) and acct(2), I had to
figure out how to get them to audit successfully without tampering with the
system accounting records and the event auditing at /var/audit. For that, I
followed the approach of confirming whether these utilities are enabled in
the system or not. If so, then we might have to temporarily disrupt the
system auditing/accounting by configuring a different file path to allow
the tests to execute independently. Once done, restart the respective
daemons. For acct(2), I had to use sysctlbyname(3) to get the accounting
status as the normal system(3) utility outputs the exit status of the
command ("ken.acct_configured" in our case) rather than the value in
STDOUT.

5) I'm yet to figure out how to get mount(2) and nmount(2) to execute
successfully. I tried mounting some dummy filesystems like nullfs, tmpfs,
and even UFS. But all efforts were in vain. I'll try some workarounds for
this issue. If anybody has any suggestions in this regard, I'll be glad to
give it a try!

Apart from the issues mentioned above, the week was productive in general.
Almost all of my proposed work is now either in FreeBSD Head or is accepted
and waiting to be landed. Few miscellaneous syscalls' tests remain, and
I'll give them a run this week.

Also, I've updated the documentation of my project repository [2]. Since
the tests won't be in FreeBSD 11 Stable, I'll try to create a custom
installation script for users who want to run the tests in the older stable
version.

Thank you,
With best regards,
Aniket Pandey

[1] https://reviews.freebsd.org/rS330299
[2] https://github.com/aniketp/AuditTestSuite
Project wiki:
https://wiki.freebsd.org/SummerOfCode2018Projects/RegressionTestSuiteForAuditFramework