From owner-svn-soc-all@freebsd.org Fri May 25 19:54:04 2018 Return-Path: Delivered-To: svn-soc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5213EEF2C1B for ; Fri, 25 May 2018 19:54:04 +0000 (UTC) (envelope-from aniketp@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DE3D97181B for ; Fri, 25 May 2018 19:54:03 +0000 (UTC) (envelope-from aniketp@FreeBSD.org) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 332951A574 for ; Fri, 25 May 2018 19:54:03 +0000 (UTC) (envelope-from aniketp@FreeBSD.org) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.15.2/8.15.2) with ESMTP id w4PJs3c4074688 for ; Fri, 25 May 2018 19:54:03 GMT (envelope-from aniketp@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.15.2/8.15.2/Submit) id w4PJs1qh074669 for svn-soc-all@FreeBSD.org; Fri, 25 May 2018 19:54:01 GMT (envelope-from aniketp@FreeBSD.org) Date: Fri, 25 May 2018 19:54:01 GMT Message-Id: <201805251954.w4PJs1qh074669@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to aniketp@FreeBSD.org using -f From: aniketp@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r337252 - soc2018/aniketp/head/tests/sys/audit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 May 2018 19:54:04 -0000 Author: aniketp Date: Fri May 25 19:53:58 2018 New Revision: 337252 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=337252 Log: Add tests for all preliminary socket syscalls Modified: soc2018/aniketp/head/tests/sys/audit/network.c soc2018/aniketp/head/tests/sys/audit/utils.c Modified: soc2018/aniketp/head/tests/sys/audit/network.c ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/network.c Thu May 24 23:53:18 2018 (r337251) +++ soc2018/aniketp/head/tests/sys/audit/network.c Fri May 25 19:53:58 2018 (r337252) @@ -26,19 +26,39 @@ * $FreeBSD$ */ +#include #include +#include +#include + #include +#include #include #include "utils.h" #define ERROR (-1) -static int sockfd; +static int sockfd, sockfd2; static int tr = 1; +static socklen_t len; static struct pollfd fds[1]; static char regex[40]; +/* + * Assign local address to a server's socket + */ +static void +assign_address(struct sockaddr_in *server) +{ + /* Assigning addresses */ + server->sin_family = AF_INET; /* IPv4 */ + server->sin_port = htons(9000); /* Port in network bytes */ + server->sin_addr.s_addr = inet_addr("127.0.0.1"); + bzero(&(server)->sin_zero, 8); /* Zero padding */ +} + + ATF_TC_WITH_CLEANUP(socket_success); ATF_TC_HEAD(socket_success, tc) { @@ -49,7 +69,7 @@ ATF_TC_BODY(socket_success, tc) { FILE *pipefd = setup(fds, "nt"); - ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, 0)) != -1); + ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); /* Check the presence of sockfd in audit record */ snprintf(regex, 30, "socket.*return,success,%d", sockfd); check_audit(fds, regex, pipefd); @@ -72,7 +92,7 @@ ATF_TC_BODY(socket_failure, tc) { FILE *pipefd = setup(fds, "nt"); - ATF_REQUIRE_EQ(-1, socket(ERROR, SOCK_STREAM, 0)); + ATF_REQUIRE_EQ(-1, socket(ERROR, SOCK_STREAM, IPPROTO_TCP)); /* Check the presence of hex(-1) in audit record */ snprintf(regex, 40, "socket.*0x%x.*return,failure", ERROR); check_audit(fds, regex, pipefd); @@ -84,6 +104,54 @@ } +ATF_TC_WITH_CLEANUP(socketpair_success); +ATF_TC_HEAD(socketpair_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "socketpair(2) call"); +} + +ATF_TC_BODY(socketpair_success, tc) +{ + int sv[2]; + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(0, socketpair(PF_UNIX, SOCK_STREAM, 0, sv)); + /* Check the presence of hex(-1) in audit record */ + snprintf(regex, 40, "socketpair.*0x0.*return,success"); + check_audit(fds, regex, pipefd); + close(sv[0]); + close(sv[1]); +} + +ATF_TC_CLEANUP(socketpair_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(socketpair_failure); +ATF_TC_HEAD(socketpair_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "socketpair(2) call"); +} + +ATF_TC_BODY(socketpair_failure, tc) +{ + int sv; + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(-1, socketpair(ERROR, SOCK_STREAM, IPPROTO_TCP, &sv)); + /* Check the presence of hex(-1) in audit record */ + snprintf(regex, 40, "socketpair.*0x%x.*return,failure", ERROR); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(socketpair_failure, tc) +{ + cleanup(); +} + + ATF_TC_WITH_CLEANUP(setsockopt_success); ATF_TC_HEAD(setsockopt_success, tc) { @@ -93,7 +161,7 @@ ATF_TC_BODY(setsockopt_success, tc) { - ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, 0)) != -1); + ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); /* Check the presence of sockfd in audit record */ snprintf(regex, 30, "setsockopt.*0x%x.*return,success", sockfd); @@ -133,13 +201,233 @@ } +ATF_TC_WITH_CLEANUP(bind_success); +ATF_TC_HEAD(bind_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "bind(2) call"); +} + +ATF_TC_BODY(bind_success, tc) +{ + /* Preliminary socket setup */ + struct sockaddr_in server; + len = sizeof(struct sockaddr_in); + ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); + ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \ + sizeof(int))); + assign_address(&server); + + /* Check the presence of localhost address and port in audit record */ + snprintf(regex, 30, "bind.*9000,127.0.0.1.*return,success"); + + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); + check_audit(fds, regex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(bind_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bind_failure); +ATF_TC_HEAD(bind_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "bind(2) call"); +} + +ATF_TC_BODY(bind_failure, tc) +{ + /* Preliminary socket setup */ + struct sockaddr_in server; + len = sizeof(struct sockaddr_in); + assign_address(&server); + + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(-1, bind(-1, (struct sockaddr *)&server, len)); + /* Check the presence of hex(-1) in audit record */ + snprintf(regex, 40, "bind.*0x%x.*9000,127.0.0.1.*return,failure", ERROR); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(bind_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bindat_success); +ATF_TC_HEAD(bindat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "bindat(2) call"); +} + +ATF_TC_BODY(bindat_success, tc) +{ + /* Preliminary socket setup */ + struct sockaddr_in server; + len = sizeof(struct sockaddr_in); + ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); + ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \ + sizeof(int))); + assign_address(&server); + + /* Check the presence of localhost address and port in audit record */ + snprintf(regex, 30, "bindat.*0x%x.*return,success", sockfd); + + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(0, bindat(AT_FDCWD, sockfd, \ + (struct sockaddr *)&server, len)); + check_audit(fds, regex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(bindat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(bindat_failure); +ATF_TC_HEAD(bindat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "bindat(2) call"); +} + +ATF_TC_BODY(bindat_failure, tc) +{ + /* Preliminary socket setup */ + struct sockaddr_in server; + len = sizeof(struct sockaddr_in); + assign_address(&server); + + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(-1, bindat(AT_FDCWD, -1, (struct sockaddr *)&server, len)); + /* Check the presence of hex(-1) in audit record */ + snprintf(regex, 40, "bindat.*0x%x.*return,failure", ERROR); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(bindat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(listen_success); +ATF_TC_HEAD(listen_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "listen(2) call"); +} + +ATF_TC_BODY(listen_success, tc) +{ + ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); + /* Check the presence of sockfd in audit record */ + snprintf(regex, 30, "listen.*0x%x.*return,success", sockfd); + + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(0, listen(sockfd, 1)); + check_audit(fds, regex, pipefd); + close(sockfd); +} + +ATF_TC_CLEANUP(listen_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(listen_failure); +ATF_TC_HEAD(listen_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "listen(2) call"); +} + +ATF_TC_BODY(listen_failure, tc) +{ + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(-1, listen(ERROR, 1)); + /* Check the presence of hex(-1) in audit record */ + snprintf(regex, 40, "listen.*0x%x.*return,failure", ERROR); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(listen_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(connect_success); +ATF_TC_HEAD(connect_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "connect(2) call"); +} + +ATF_TC_BODY(connect_success, tc) +{ + struct sockaddr_in server; + len = sizeof(struct sockaddr_in); + + /* Server Socket: Assign address and listen for connection */ + ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); + /* Non-blocking server socket */ + ATF_REQUIRE(fcntl(sockfd, F_SETFL, O_NONBLOCK) != -1); + ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \ + sizeof(int))); + assign_address(&server); + ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); + ATF_REQUIRE_EQ(0, listen(sockfd, 1)); + + /* Set up "blocking" client socket */ + ATF_REQUIRE((sockfd2 = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1); + + /* Audit record must contain, address, port & sockfd2 */ + snprintf(regex, 30, "connect.*0x%x.*9000,127.0.0.1.*success", sockfd2); + + FILE *pipefd = setup(fds, "nt"); + ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len)); + check_audit(fds, regex, pipefd); + + /* Close all socket descriptors */ + close(sockfd); + close(sockfd2); +} + +ATF_TC_CLEANUP(connect_success, tc) +{ + cleanup(); +} + + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, socket_success); ATF_TP_ADD_TC(tp, socket_failure); + ATF_TP_ADD_TC(tp, socketpair_success); + ATF_TP_ADD_TC(tp, socketpair_failure); ATF_TP_ADD_TC(tp, setsockopt_success); ATF_TP_ADD_TC(tp, setsockopt_failure); + ATF_TP_ADD_TC(tp, bind_success); + ATF_TP_ADD_TC(tp, bind_failure); + ATF_TP_ADD_TC(tp, bindat_success); + ATF_TP_ADD_TC(tp, bindat_failure); + ATF_TP_ADD_TC(tp, listen_success); + ATF_TP_ADD_TC(tp, listen_failure); + + ATF_TP_ADD_TC(tp, connect_success); + return (atf_no_error()); } Modified: soc2018/aniketp/head/tests/sys/audit/utils.c ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/utils.c Thu May 24 23:53:18 2018 (r337251) +++ soc2018/aniketp/head/tests/sys/audit/utils.c Fri May 25 19:53:58 2018 (r337252) @@ -157,7 +157,7 @@ /* poll(2) timed out */ case 0: atf_tc_fail("%s not found in auditpipe within the " - "time limit", auditregex); + "time limit", auditregex); break; /* poll(2) standard error */