From owner-soc-status@freebsd.org Mon Jul 2 17:16:27 2018 Return-Path: Delivered-To: soc-status@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6917810303B0 for ; Mon, 2 Jul 2018 17:16:27 +0000 (UTC) (envelope-from aniket.ezio41@gmail.com) Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D471671778; Mon, 2 Jul 2018 17:16:26 +0000 (UTC) (envelope-from aniket.ezio41@gmail.com) Received: by mail-ed1-f47.google.com with SMTP id u11-v6so3178039eds.10; Mon, 02 Jul 2018 10:16:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=k+jgqU1bR0MZq4lpx3PdTalRElkI1oJnTixExiV25Ak=; b=OW0niIr4CDE6Xa7tH3pWQ7onEBXkUbYcmR+5za5XsCj7Pi4j0u9Oni1OJ31kXFPsuO oc+wkEDzQ+Q6dCcOZ2IwqsJIAbSw91H3qBf0OGbuT0ow0puzRZ4up53OZJz0/cVGshXR 7kPvlKjlOU3c0DDl+YnRZh8TYKNkmwO7y26mv5U51lbbSYfsnTyKR6mioeX9mpWOi2XE qGDEvxFwaS/j3Iasz5sa2Ha9DI3ATwYIu+L9ukqXxRSMhGg6fvLHUjBCUXQXImBqrbIk ytjol0+7P64GYwEdrFt0KjzxVL3eWEW7XndoIHD1v8RuwX2youVC6S0YNnIu1j9j73Hj V9cA== X-Gm-Message-State: APt69E0cruyUT3ce+geXFPQWttM6w4SIjuAIXfpmfo7e5piU89AWmHpx udpvVrKkcYGcn9EALsml7xk3fyTZ X-Google-Smtp-Source: AAOMgpc5yG3hk2wb0vwwZutZGd5Eno4onaj9sptjGb8OyQmFtRtbi2PuM7R/gOfz4+UgSdFsvDpivg== X-Received: by 2002:a50:9aa4:: with SMTP id p33-v6mr10121767edb.218.1530551779950; Mon, 02 Jul 2018 10:16:19 -0700 (PDT) Received: from mail-wm0-f41.google.com (mail-wm0-f41.google.com. [74.125.82.41]) by smtp.gmail.com with ESMTPSA id j24-v6sm4584733edr.90.2018.07.02.10.16.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Jul 2018 10:16:19 -0700 (PDT) Received: by mail-wm0-f41.google.com with SMTP id n17-v6so9506017wmh.2; Mon, 02 Jul 2018 10:16:19 -0700 (PDT) X-Received: by 2002:a1c:815:: with SMTP id 21-v6mr1108161wmi.151.1530551779275; Mon, 02 Jul 2018 10:16:19 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a5d:4151:0:0:0:0:0 with HTTP; Mon, 2 Jul 2018 10:16:18 -0700 (PDT) From: Aniket Pandey Date: Mon, 2 Jul 2018 22:46:18 +0530 X-Gmail-Original-Message-ID: Message-ID: Subject: [GSoC-18] Regression Test-Suite for Audit Framework [Week-7] To: soc-status@freebsd.org Cc: George Neville-Neil , robert.watson@cl.cam.ac.uk, Alan Somers Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jul 2018 17:16:27 -0000 Hello All, This week, I primarily worked on getting the process-control system calls merged. Here is the source file for "pc" test-cases in Head [1]. There were a total of 37 auditable syscalls in this audit class out of which 34 have been merged. Out of the three, two are responsible for enforcing capability mode on the process and retrieving the capability status of the process, i.e cap_enter(2) and cap_getmode(2), while the other one is jail(2). I've developed the test-cases for cap_getmode(2) and will soon create a revision for it, however with cap_enter(2), I had trouble in the case when auditd(8) is already running. I'm currently looking into this matter and would try to resolve it as soon as possible. Also, I had somehow overlooked the "miscellaneous" (ot) audit class. This class contains audit(2), setpriority(2), sysctl(3) and sysarch(2). I'll work on testing their auditability too. I was able to get swap{on/off}(2) to work with my System Swap device, which is listed as an entry in /etc/fstab. The block device name can be obtained from the "fs_spec" member of "struct fstab" using getfsent(3) available in . However, tampering with main swap device while running Atf tests is not recommended. Thus, I'll try to replicate the device's behavior and see if it is possible to test swap{on/off}(2) that way. Overall, a total of 389 atf-c(3) and atf-sh(3) test-cases for 174 system calls and praudit(1) utility have been merged in Head. If anyone is interested, please do give these tests a run and if you notice any issues, please do inform me about it. The tests can be found here [2] (audit.4) and here [3] (praudit.1) Thank you, With best regards, Aniket Pandey Project Wiki: https://wiki.freebsd.org/SummerOfCode2018Projects/RegressionTestSuiteForAuditFramework [1] https://github.com/freebsd/freebsd/blob/master/tests/sys/audit/process-control.c [2] https://github.com/freebsd/freebsd/blob/master/tests/sys/audit/ [3] https://github.com/freebsd/freebsd/tree/master/usr.sbin/praudit