Date: Fri, 24 Aug 2007 06:24:14 GMT From: Zhouyi ZHOU <zhouzhouyi@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 125607 for review Message-ID: <200708240624.l7O6OETU037791@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=125607 Change 125607 by zhouzhouyi@zhouzhouyi_mactest on 2007/08/24 06:23:15 add test cases for shmctl for IPC_STAT and IPC_SET respectively Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/shmtest.c#4 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/sysvshm/00.t#3 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/shmtest.c#4 (text+ko) ==== @@ -80,6 +80,7 @@ char *shm_buf; int logfd; const char *macconf_file = NULL; +const char *creator_label = NULL; int main(argc, argv) @@ -87,16 +88,17 @@ char *argv[]; { int ch; - const char *creator_label = NULL; const char *sender_label = NULL; const char *receiver_label = NULL; + const char *ipcstat_label = NULL; + const char *ipcset_label = NULL; struct sigaction sa; struct shmid_ds s_ds; sigset_t sigmask; int error; - while ((ch = getopt(argc, argv, "c:f:r:s:")) != -1) { + while ((ch = getopt(argc, argv, "c:f:r:s:t:e:")) != -1) { switch (ch) { case 'c': creator_label = optarg; @@ -110,6 +112,12 @@ case 'r': receiver_label = optarg; break; + case 't': + ipcstat_label = optarg; + break; + case 'e': + ipcset_label = optarg; + break; default: usage(); } @@ -182,34 +190,8 @@ if (waitpid(child_pid, 0, 0) == -1) err(1, "error create"); - /* - * Install and SIGCHLD handler to deal with all possible exit - * conditions of the receiver. - */ - sa.sa_handler = sigchld_handler; - sigemptyset(&sa.sa_mask); - sa.sa_flags = 0; - if (sigaction(SIGCHLD, &sa, NULL) == -1) - err(1, "sigaction SIGCHLD"); - if (sender_label) { - mac_t label; - - if (mac_from_text(&label, sender_label) == -1) { - exit(-1); - } - if (mac_set_proc(label) == -1) - error = errno; - else - error = 0; - if (error){ - printf("error relabelling proc!\n"); - close(logfd); - exit(1); - } - mac_free(label); - } - +/* if ((sender_shmid = shmget(shmkey, pgsize, SHM_W)) == -1){ close(logfd); err(1, "shmget"); @@ -243,10 +225,154 @@ if ((shm_buf = shmat(sender_shmid, NULL, 0)) == (void *) -1) err(1, "sender: shmat"); +*/ + /* * Write the test pattern into the shared memory buffer. */ - strcpy(shm_buf, m_str); + switch ((child_pid = fork())) { + case -1: + err(1, "fork"); + /* NOTREACHED */ + + case 0: + if (sender_label) { + mac_t label; + + if (mac_from_text(&label, sender_label) == -1) { + exit(-1); + } + if (mac_set_proc(label) == -1) + error = errno; + else + error = 0; + if (error){ + printf("error relabelling proc!\n"); + close(logfd); + exit(1); + } + mac_free(label); + } + if ((sender_shmid = shmget(shmkey, pgsize, SHM_W)) == -1){ + close(logfd); + err(1, "shmget"); + exit(1); + } + if ((shm_buf = shmat(sender_shmid, NULL, 0)) == (void *) -1) + err(1, "sender: shmat"); + + strcpy(shm_buf, m_str); + + exit(0); + default: + break; + } + + + if (waitpid(child_pid, 0, 0) == -1) + err(1, "error send"); + + + + /*check for ipcstat */ + switch ((child_pid = fork())) { + case -1: + err(1, "fork"); + /* NOTREACHED */ + + case 0: + if (ipcstat_label) { + mac_t label; + + if (mac_from_text(&label, ipcstat_label) == -1) { + exit(-1); + } + if (mac_set_proc(label) == -1) + error = errno; + else + error = 0; + if (error){ + printf("error relabelling proc!\n"); + close(logfd); + exit(1); + } + mac_free(label); + } + if ((sender_shmid = shmget(shmkey, pgsize, SHM_R)) == -1){ + err(1, "shmget"); + exit(1); + } + + if (shmctl(sender_shmid, IPC_STAT, &s_ds) == -1) { + err(1, "shmctl IPC_STAT"); + exit(1); + } + print_shmid_ds(&s_ds, 0640); + exit(0); + default: + break; + } + + + if (waitpid(child_pid, 0, 0) == -1) + err(1, "error send"); + +/*check for ipc_set */ + switch ((child_pid = fork())) { + case -1: + err(1, "fork"); + /* NOTREACHED */ + + case 0: + if (ipcset_label) { + mac_t label; + + if (mac_from_text(&label, ipcset_label) == -1) { + exit(-1); + } + if (mac_set_proc(label) == -1) + error = errno; + else + error = 0; + if (error){ + printf("error relabelling proc!\n"); + close(logfd); + exit(1); + } + mac_free(label); + } + if ((sender_shmid = shmget(shmkey, pgsize, SHM_R)) == -1){ + err(1, "shmget"); + exit(1); + } + + memset(&s_ds, 0, sizeof(s_ds)); + + if (shmctl(sender_shmid, IPC_SET, &s_ds) == -1) { + err(1, "shmctl IPC_SET"); + exit(1); + } + exit(0); + default: + break; + } + + + if (waitpid(child_pid, 0, 0) == -1) + err(1, "error send"); + + + /* + * Install and SIGCHLD handler to deal with all possible exit + * conditions of the receiver. + */ + sa.sa_handler = sigchld_handler; + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; + if (sigaction(SIGCHLD, &sa, NULL) == -1) + err(1, "sigaction SIGCHLD"); + + switch ((child_pid = fork())) { case -1: @@ -266,7 +392,6 @@ error = 0; if (error){ printf("error relabelling proc!\n"); - close(logfd); exit(1); } mac_free(label); @@ -324,11 +449,12 @@ * the final stats for the message queue. */ - +/* if (shmctl(sender_shmid, IPC_STAT, &s_ds) == -1) err(1, "shmctl IPC_STAT"); print_shmid_ds(&s_ds, 0600); +*/ exit(0); } @@ -339,7 +465,28 @@ /* * If we're the sender, and it exists, remove the shared memory area. */ - if (child_pid != 0 && sender_shmid != -1) { + int error; + + if (child_pid != 0 /*&& sender_shmid != -1*/) { + if (creator_label) { + mac_t label; + + if (mac_from_text(&label, creator_label) == -1) { + exit(-1); + } + if (mac_set_proc(label) == -1) + error = errno; + else + error = 0; + if (error){ + printf("error relabelling proc!\n"); + close(logfd); + exit(1); + } + mac_free(label); + } + if ((sender_shmid = shmget(shmkey, pgsize, 0)) == -1) + err(1, "shmget"); if (shmctl(sender_shmid, IPC_RMID, NULL) == -1) warn("shmctl IPC_RMID"); close(logfd); @@ -361,7 +508,7 @@ { fprintf(stderr, "usage: -s sender_label -r receiver_label" - " -f macconf_file -c creator_label\n"); + " -f macconf_file -c creator_label -t IPC_STAT label -e IPC_SET label\n"); exit(1); } ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/sysvshm/00.t#3 (text+ko) ==== @@ -7,7 +7,7 @@ dir=`dirname $0` . ${dir}/../misc.sh -echo "1..2" +echo "1..4" #turn off all the switches @@ -39,14 +39,29 @@ t=`sysctl security.mac.mls.revocation_enabled=1` t=`sysctl security.mac.biba.revocation_enabled=1` echo "enabling revoking" +#option -c creator's label, option -s sender's label +#option -r receiver's label, option -t ipc stat label +#options -e ipc set label #case 1: check mls no read high + echo -n "pid = -2 mac_test_check_sysv_shmget:" > ${mactest_conf} + echo "biba/high(low-high),mls/9(low-high) biba/high,mls/5" >> ${mactest_conf} bizarretestexpect ${shmtest} "" "" -c "mls/5" -s "mls/5" \ - -r "mls/9" -f ${mactest_conf} + -r "mls/9" -t "mls/5" -e "mls/5" -f ${mactest_conf} #case 2: check biba no read low + echo -n "pid = -2 mac_test_check_sysv_shmat#SHM_RDONLY:" > ${mactest_conf} + echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf} bizarretestexpect ${shmtest} "" "" -c "biba/5" -s "biba/5" \ - -r "biba/3" -f ${mactest_conf} - - + -r "biba/3" -t "biba/5" -e "biba/5" -f ${mactest_conf} +#case 3: ipc stat biba no stat low + echo -n "pid = -2 mac_test_check_sysv_shmctl#IPC_STAT:" > ${mactest_conf} + echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf} + bizarretestexpect ${shmtest} "" "" -c "biba/5" -s "biba/5" \ + -r "biba/5" -t "biba/3" -e "biba/5" -f ${mactest_conf} +#case 4: ipc set biba no set high + echo -n "pid = -2 mac_test_check_sysv_shmctl#IPC_SET:" > ${mactest_conf} + echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf} + bizarretestexpect ${shmtest} "*shmctl.IPC_SET:.Permission.denied" "" -c "biba/5" -s "biba/5" \ + -r "biba/5" -t "biba/5" -e "biba/3" -f ${mactest_conf} #cleanup: t=`sysctl security.mac.mls.enabled=0` echo "disabling mac/mls!"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200708240624.l7O6OETU037791>