From owner-svn-src-head@freebsd.org  Fri Apr  6 15:57:22 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id BBC95F90B49;
 Fri,  6 Apr 2018 15:57:21 +0000 (UTC) (envelope-from kp@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 6A186832E9;
 Fri,  6 Apr 2018 15:57:21 +0000 (UTC) (envelope-from kp@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 60D7513E72;
 Fri,  6 Apr 2018 15:57:21 +0000 (UTC) (envelope-from kp@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w36FvLOJ017551;
 Fri, 6 Apr 2018 15:57:21 GMT (envelope-from kp@FreeBSD.org)
Received: (from kp@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w36FvLRZ017550;
 Fri, 6 Apr 2018 15:57:21 GMT (envelope-from kp@FreeBSD.org)
Message-Id: <201804061557.w36FvLRZ017550@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: kp set sender to kp@FreeBSD.org
 using -f
From: Kristof Provost <kp@FreeBSD.org>
Date: Fri, 6 Apr 2018 15:57:21 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r332108 - head/tests/sys/netpfil/pf/ioctl
X-SVN-Group: head
X-SVN-Commit-Author: kp
X-SVN-Commit-Paths: head/tests/sys/netpfil/pf/ioctl
X-SVN-Commit-Revision: 332108
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Apr 2018 15:57:22 -0000

Author: kp
Date: Fri Apr  6 15:57:20 2018
New Revision: 332108
URL: https://svnweb.freebsd.org/changeset/base/332108

Log:
  pf tests: Basic ioctl validation for DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and DIOCRSETTFLAGS
  
  Validate the DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and
  DIOCRSETTFLAGS ioctls with invalid values. These may succeed (because
  the kernel uses the minimally required size, not the specified size),
  but should not trigger kernel panics.
  
  MFC after:	1 week

Modified:
  head/tests/sys/netpfil/pf/ioctl/validation.c

Modified: head/tests/sys/netpfil/pf/ioctl/validation.c
==============================================================================
--- head/tests/sys/netpfil/pf/ioctl/validation.c	Fri Apr  6 15:54:30 2018	(r332107)
+++ head/tests/sys/netpfil/pf/ioctl/validation.c	Fri Apr  6 15:57:20 2018	(r332108)
@@ -51,6 +51,16 @@ static int dev;
 #define COMMON_CLEANUP() \
 	close(dev);
 
+void
+common_init_tbl(struct pfr_table *tbl)
+{
+	bzero(tbl, sizeof(struct pfr_table));
+	strcpy(tbl->pfrt_anchor, "anchor");
+	strcpy(tbl->pfrt_name, "name");
+	tbl->pfrt_flags = 0;
+	tbl->pfrt_fback = 0;
+}
+
 ATF_TC_WITHOUT_HEAD(addtables);
 ATF_TC_BODY(addtables, tc)
 {
@@ -121,10 +131,138 @@ ATF_TC_BODY(deltables, tc)
 	COMMON_CLEANUP();
 }
 
+ATF_TC_WITHOUT_HEAD(gettables);
+ATF_TC_BODY(gettables, tc)
+{
+	struct pfioc_table io;
+	struct pfr_table tbl;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &tbl;
+	io.pfrio_esize = sizeof(tbl);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRGETTABLES, &io) != 0)
+		atf_tc_fail("Request with size -1 failed");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 24;
+	if (ioctl(dev, DIOCRGETTABLES, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
+ATF_TC_WITHOUT_HEAD(gettstats);
+ATF_TC_BODY(gettstats, tc)
+{
+	struct pfioc_table io;
+	struct pfr_tstats stats;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &stats;
+	io.pfrio_esize = sizeof(stats);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRGETTSTATS, &io) != 0)
+		atf_tc_fail("Request with size -1 failed");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 24;
+	if (ioctl(dev, DIOCRGETTSTATS, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
+ATF_TC_WITHOUT_HEAD(clrtstats);
+ATF_TC_BODY(clrtstats, tc)
+{
+	struct pfioc_table io;
+	struct pfr_table tbl;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	common_init_tbl(&tbl);
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &tbl;
+	io.pfrio_esize = sizeof(tbl);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRCLRTSTATS, &io) != 0)
+		atf_tc_fail("Request with size -1 failed ");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 24;
+	if (ioctl(dev, DIOCRCLRTSTATS, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
+ATF_TC_WITHOUT_HEAD(settflags);
+ATF_TC_BODY(settflags, tc)
+{
+	struct pfioc_table io;
+	struct pfr_table tbl;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	common_init_tbl(&tbl);
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &tbl;
+	io.pfrio_esize = sizeof(tbl);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRSETTFLAGS, &io) != 0)
+		atf_tc_fail("Request with size -1 failed");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 28;
+	if (ioctl(dev, DIOCRSETTFLAGS, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
 ATF_TP_ADD_TCS(tp)
 {
 	ATF_TP_ADD_TC(tp, addtables);
 	ATF_TP_ADD_TC(tp, deltables);
+	ATF_TP_ADD_TC(tp, gettables);
+	ATF_TP_ADD_TC(tp, gettstats);
+	ATF_TP_ADD_TC(tp, clrtstats);
+	ATF_TP_ADD_TC(tp, settflags);
 
 	return (atf_no_error());
 }