Date: Mon, 28 May 2018 14:21:01 GMT From: aniketp@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r337256 - soc2018/aniketp/head/tests/sys/audit Message-ID: <201805281421.w4SEL1D2034609@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: aniketp Date: Mon May 28 14:21:00 2018 New Revision: 337256 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=337256 Log: Add tests for syscalls for semaphores, shared memory and message queues Modified: soc2018/aniketp/head/tests/sys/audit/Makefile soc2018/aniketp/head/tests/sys/audit/file-attribute-modify.c soc2018/aniketp/head/tests/sys/audit/inter-process.c Modified: soc2018/aniketp/head/tests/sys/audit/Makefile ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/Makefile Sun May 27 16:28:08 2018 (r337255) +++ soc2018/aniketp/head/tests/sys/audit/Makefile Mon May 28 14:21:00 2018 (r337256) @@ -37,28 +37,8 @@ SRCS.inter-process+= inter-process.c SRCS.inter-process+= utils.c -TEST_METADATA.file-create+= timeout="30" -TEST_METADATA.file-create+= required_user="root" -TEST_METADATA.file-delete+= timeout="30" -TEST_METADATA.file-delete+= required_user="root" -TEST_METADATA.file-read+= timeout="30" -TEST_METADATA.file-read+= required_user="root" -TEST_METADATA.file-write+= timeout="30" -TEST_METADATA.file-write+= required_user="root" -TEST_METADATA.file-close+= timeout="30" -TEST_METADATA.file-close+= required_user="root" -TEST_METADATA.file-attribute-access+= timeout="30" -TEST_METADATA.file-attribute-access+= required_user="root" -TEST_METADATA.file-attribute-modify+= timeout="30" -TEST_METADATA.file-attribute-modify+= required_user="root" -TEST_METADATA.exec+= timeout="30" -TEST_METADATA.exec+= required_user="root" -TEST_METADATA.ioctl+= timeout="30" -TEST_METADATA.ioctl+= required_user="root" -TEST_METADATA.network+= timeout="30" -TEST_METADATA.network+= required_user="root" -TEST_METADATA.inter-process+= timeout="30" -TEST_METADATA.inter-process+= required_user="root" +TEST_METADATA+= timeout="30" +TEST_METADATA+= required_user="root" WARNS?= 6 Modified: soc2018/aniketp/head/tests/sys/audit/file-attribute-modify.c ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/file-attribute-modify.c Sun May 27 16:28:08 2018 (r337255) +++ soc2018/aniketp/head/tests/sys/audit/file-attribute-modify.c Mon May 28 14:21:00 2018 (r337256) @@ -701,7 +701,9 @@ ATF_TC_BODY(chflagsat_success, tc) { - atf_tc_expect_fail("chflagsat(2) does not get audited"); + /* BSM conversion requested for unknown event 43209 */ + atf_tc_expect_fail("chflagsat(2) does not get audited in success mode"); + /* File needs to exist to call chflagsat(2) */ ATF_REQUIRE(open(path, O_CREAT, mode) != -1); FILE *pipefd = setup(fds, "fm"); @@ -724,7 +726,9 @@ ATF_TC_BODY(chflagsat_failure, tc) { - atf_tc_expect_fail("chflagsat(2) does not get audited"); + /* BSM conversion requested for unknown event 43209 */ + atf_tc_expect_fail("chflagsat(2) does not get audited in failure mode"); + FILE *pipefd = setup(fds, "fm"); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, chflagsat(AT_FDCWD, errpath, SF_IMMUTABLE, 0)); Modified: soc2018/aniketp/head/tests/sys/audit/inter-process.c ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/inter-process.c Sun May 27 16:28:08 2018 (r337255) +++ soc2018/aniketp/head/tests/sys/audit/inter-process.c Mon May 28 14:21:00 2018 (r337256) @@ -29,6 +29,8 @@ #include <sys/types.h> #include <sys/ipc.h> #include <sys/msg.h> +#include <sys/shm.h> +#include <sys/sem.h> #include <sys/stat.h> #include <atf-c.h> @@ -36,15 +38,24 @@ #include "utils.h" struct msgstr { - long int mtype; - char mtext[128]; + long int mtype; + char mtext[128]; }; typedef struct msgstr msgstr_t; +static union semun { + int val; + struct semid_ds *buf; + unsigned short *array; +} arg; + static struct pollfd fds[1]; static struct msqid_ds msgbuff; -static int msqid; +static struct shmid_ds shmbuff; +static struct semid_ds sembuff; +static int msqid, shmid, semid; static char ipcregex[60]; +static unsigned short semvals[40]; static ssize_t msgsize; @@ -62,6 +73,9 @@ /* Check the presence of message queue ID in audit record */ snprintf(ipcregex, 60, "msgget.*return,success,%d", msqid); check_audit(fds, ipcregex, pipefd); + + /* Destroy the message queue with ID = msqid */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); } ATF_TC_CLEANUP(msgget_success, tc) @@ -91,51 +105,6 @@ } -ATF_TC_WITH_CLEANUP(msgctl_success); -ATF_TC_HEAD(msgctl_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "msgctl(2) call"); -} - -ATF_TC_BODY(msgctl_success, tc) -{ - msqid = msgget(IPC_PRIVATE, IPC_CREAT | S_IRUSR); - - FILE *pipefd = setup(fds, "ip"); - ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_STAT, &msgbuff)); - /* Check the presence of message queue ID in audit record */ - snprintf(ipcregex, 60, "msgctl.*IPC_STAT.*%d.*return,success", msqid); - check_audit(fds, ipcregex, pipefd); -} - -ATF_TC_CLEANUP(msgctl_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(msgctl_failure); -ATF_TC_HEAD(msgctl_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "msgctl(2) call"); -} - -ATF_TC_BODY(msgctl_failure, tc) -{ - const char *regex = "msgctl.*return,failure : Invalid argument"; - FILE *pipefd = setup(fds, "ip"); - ATF_REQUIRE_EQ(-1, msgctl(-1, IPC_STAT, &msgbuff)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(msgctl_failure, tc) -{ - cleanup(); -} - - ATF_TC_WITH_CLEANUP(msgsnd_success); ATF_TC_HEAD(msgsnd_success, tc) { @@ -156,6 +125,9 @@ FILE *pipefd = setup(fds, "ip"); ATF_REQUIRE_EQ(0, msgsnd(msqid, &msg1, msgsize, IPC_NOWAIT)); check_audit(fds, ipcregex, pipefd); + + /* Destroy the message queue with ID = msqid */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); } ATF_TC_CLEANUP(msgsnd_success, tc) @@ -212,6 +184,9 @@ snprintf(ipcregex, 60, \ "msgrcv.*Message IPC,*%d.*return,success,%zd", msqid, recv_bytes); check_audit(fds, ipcregex, pipefd); + + /* Destroy the message queue with ID = msqid */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); } ATF_TC_CLEANUP(msgrcv_success, tc) @@ -241,16 +216,1166 @@ } -ATF_TP_ADD_TCS(tp) +ATF_TC_WITH_CLEANUP(msgctl_rmid_success); +ATF_TC_HEAD(msgctl_rmid_success, tc) { - ATF_TP_ADD_TC(tp, msgget_success); - ATF_TP_ADD_TC(tp, msgget_failure); - ATF_TP_ADD_TC(tp, msgctl_success); - ATF_TP_ADD_TC(tp, msgctl_failure); - ATF_TP_ADD_TC(tp, msgsnd_success); - ATF_TP_ADD_TC(tp, msgsnd_failure); - ATF_TP_ADD_TC(tp, msgrcv_success); - ATF_TP_ADD_TC(tp, msgrcv_failure); + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "msgctl(2) call for IPC_RMID command"); +} + +ATF_TC_BODY(msgctl_rmid_success, tc) +{ + msqid = msgget(IPC_PRIVATE, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); + /* Check the presence of queue ID and IPC_RMID in audit record */ + snprintf(ipcregex, 60, "msgctl.*IPC_RMID.*%d.*return,success", msqid); + check_audit(fds, ipcregex, pipefd); +} + +ATF_TC_CLEANUP(msgctl_rmid_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(msgctl_rmid_failure); +ATF_TC_HEAD(msgctl_rmid_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "msgctl(2) call for IPC_RMID command"); +} + +ATF_TC_BODY(msgctl_rmid_failure, tc) +{ + const char *regex = "msgctl.*IPC_RMID.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, msgctl(-1, IPC_RMID, NULL)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(msgctl_rmid_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(msgctl_stat_success); +ATF_TC_HEAD(msgctl_stat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "msgctl(2) call for IPC_STAT command"); +} + +ATF_TC_BODY(msgctl_stat_success, tc) +{ + msqid = msgget(IPC_PRIVATE, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_STAT, &msgbuff)); + /* Check the presence of queue ID and IPC_STAT in audit record */ + snprintf(ipcregex, 60, "msgctl.*IPC_STAT.*%d.*return,success", msqid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the message queue with ID = msqid */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(msgctl_stat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(msgctl_stat_failure); +ATF_TC_HEAD(msgctl_stat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "msgctl(2) call for IPC_STAT command"); +} + +ATF_TC_BODY(msgctl_stat_failure, tc) +{ + const char *regex = "msgctl.*IPC_STAT.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, msgctl(-1, IPC_STAT, &msgbuff)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(msgctl_stat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(msgctl_set_success); +ATF_TC_HEAD(msgctl_set_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "msgctl(2) call for IPC_SET command"); +} + +ATF_TC_BODY(msgctl_set_success, tc) +{ + msqid = msgget(IPC_PRIVATE, IPC_CREAT | S_IRUSR); + /* Fill up the msgbuff structure to be used with IPC_SET */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_STAT, &msgbuff)); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_SET, &msgbuff)); + /* Check the presence of message queue ID in audit record */ + snprintf(ipcregex, 60, "msgctl.*IPC_SET.*%d.*return,success", msqid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the message queue with ID = msqid */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(msgctl_set_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(msgctl_set_failure); +ATF_TC_HEAD(msgctl_set_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "msgctl(2) call for IPC_SET command"); +} + +ATF_TC_BODY(msgctl_set_failure, tc) +{ + const char *regex = "msgctl.*IPC_SET.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, msgctl(-1, IPC_SET, &msgbuff)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(msgctl_set_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(msgctl_illegal_command); +ATF_TC_HEAD(msgctl_illegal_command, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "msgctl(2) call for illegal cmd value"); +} + +ATF_TC_BODY(msgctl_illegal_command, tc) +{ + msqid = msgget(IPC_PRIVATE, IPC_CREAT | S_IRUSR); + + const char *regex = "msgctl.*illegal command.*failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, msgctl(msqid, -1, &msgbuff)); + check_audit(fds, regex, pipefd); + + /* Destroy the message queue with ID = msqid */ + ATF_REQUIRE_EQ(0, msgctl(msqid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(msgctl_illegal_command, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmget_success); +ATF_TC_HEAD(shmget_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "shmget(2) call"); +} + +ATF_TC_BODY(shmget_success, tc) +{ + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE((shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR)) != -1); + /* Check the presence of message queue ID in audit record */ + snprintf(ipcregex, 60, "shmget.*return,success,%d", shmid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the shared memory with ID = shmid */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(shmget_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmget_failure); +ATF_TC_HEAD(shmget_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmget(2) call"); +} + +ATF_TC_BODY(shmget_failure, tc) +{ + const char *regex = "shmget.*return,failure : No such file or directory"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, shmget((key_t)(-1), 0, 0)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(shmget_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmat_success); +ATF_TC_HEAD(shmat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "shmat(2) call"); +} + +ATF_TC_BODY(shmat_success, tc) +{ + void *addr; + shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE((int)(addr = shmat(shmid, NULL, 0)) != -1); + /* Check the presence of shared memory ID and process address in record */ + snprintf(ipcregex, 60, "shmat.*Shared Memory " + "IPC.*%d.*return,success,%d", shmid, (int)addr); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the shared memory with ID = shmid */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(shmat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmat_failure); +ATF_TC_HEAD(shmat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmat(2) call"); +} + +ATF_TC_BODY(shmat_failure, tc) +{ + const char *regex = "shmat.*Shared Memory IPC.*return,failure"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, (int)shmat(-1, NULL, 0)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(shmat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmdt_success); +ATF_TC_HEAD(shmdt_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "shmdt(2) call"); +} + +ATF_TC_BODY(shmdt_success, tc) +{ + void *addr; + const char *regex = "shmdt.*return,success"; + shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR); + + /* Attach the shared memory to calling process's address space */ + ATF_REQUIRE((int)(addr = shmat(shmid, NULL, 0)) != -1); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, shmdt(addr)); + check_audit(fds, regex, pipefd); + + /* Destroy the shared memory with ID = shmid */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(shmdt_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmdt_failure); +ATF_TC_HEAD(shmdt_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmdt(2) call"); +} + +ATF_TC_BODY(shmdt_failure, tc) +{ + const char *regex = "shmdt.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, shmdt(NULL)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(shmdt_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_rmid_success); +ATF_TC_HEAD(shmctl_rmid_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "shmctl(2) call for IPC_RMID command"); +} + +ATF_TC_BODY(shmctl_rmid_success, tc) +{ + shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); + /* Check the presence of shmid and IPC_RMID in audit record */ + snprintf(ipcregex, 60, "shmctl.*IPC_RMID.*%d.*return,success", shmid); + check_audit(fds, ipcregex, pipefd); +} + +ATF_TC_CLEANUP(shmctl_rmid_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_rmid_failure); +ATF_TC_HEAD(shmctl_rmid_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmctl(2) call for IPC_RMID command"); +} + +ATF_TC_BODY(shmctl_rmid_failure, tc) +{ + const char *regex = "shmctl.*IPC_RMID.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, shmctl(-1, IPC_RMID, NULL)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(shmctl_rmid_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_stat_success); +ATF_TC_HEAD(shmctl_stat_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "shmctl(2) call for IPC_STAT command"); +} + +ATF_TC_BODY(shmctl_stat_success, tc) +{ + shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_STAT, &shmbuff)); + /* Check the presence of shared memory ID and IPC_STAT in audit record */ + snprintf(ipcregex, 60, "shmctl.*IPC_STAT.*%d.*return,success", shmid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the shared memory with ID = shmid */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(shmctl_stat_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_stat_failure); +ATF_TC_HEAD(shmctl_stat_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmctl(2) call for IPC_STAT command"); +} + +ATF_TC_BODY(shmctl_stat_failure, tc) +{ + const char *regex = "shmctl.*IPC_STAT.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, shmctl(-1, IPC_STAT, &shmbuff)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(shmctl_stat_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_set_success); +ATF_TC_HEAD(shmctl_set_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "shmctl(2) call for IPC_SET command"); +} + +ATF_TC_BODY(shmctl_set_success, tc) +{ + shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR); + /* Fill up the shmbuff structure to be used with IPC_SET */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_STAT, &shmbuff)); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_SET, &shmbuff)); + /* Check the presence of shared memory ID in audit record */ + snprintf(ipcregex, 60, "shmctl.*IPC_SET.*%d.*return,success", msqid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the shared memory with ID = shmid */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(shmctl_set_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_set_failure); +ATF_TC_HEAD(shmctl_set_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmctl(2) call for IPC_SET command"); +} + +ATF_TC_BODY(shmctl_set_failure, tc) +{ + const char *regex = "shmctl.*IPC_SET.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, shmctl(-1, IPC_SET, &shmbuff)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(shmctl_set_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(shmctl_illegal_command); +ATF_TC_HEAD(shmctl_illegal_command, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "shmctl(2) call for illegal cmd value"); +} + +ATF_TC_BODY(shmctl_illegal_command, tc) +{ + shmid = shmget(IPC_PRIVATE, 10, IPC_CREAT | S_IRUSR); + + const char *regex = "shmctl.*illegal command.*failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, shmctl(shmid, -1, &shmbuff)); + check_audit(fds, regex, pipefd); + + /* Destroy the shared memory with ID = shmid */ + ATF_REQUIRE_EQ(0, shmctl(shmid, IPC_RMID, NULL)); +} + +ATF_TC_CLEANUP(shmctl_illegal_command, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semget_success); +ATF_TC_HEAD(semget_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semget(2) call"); +} + +ATF_TC_BODY(semget_success, tc) +{ + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE((semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR)) != -1); + /* Check the presence of semaphore set ID in audit record */ + snprintf(ipcregex, 60, "semget.*return,success,%d", semid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semget_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semget_failure); +ATF_TC_HEAD(semget_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semget(2) call"); +} + +ATF_TC_BODY(semget_failure, tc) +{ + const char *regex = "semget.*return,failure : No such file or directory"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, semget((key_t)(-1), 0, 0)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(semget_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semop_success); +ATF_TC_HEAD(semop_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semop(2) call"); +} + +ATF_TC_BODY(semop_success, tc) +{ + semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR); + + /* Initialize a sembuf structure to operate on semaphore set */ + struct sembuf sop[1] = {{0, 1, 0}}; + /* Check the presence of semaphore set ID in audit record */ + snprintf(ipcregex, 60, "semop.*Semaphore IPC.*%d.*return,success", semid); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, semop(semid, sop, 1)); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semop_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semop_failure); +ATF_TC_HEAD(semop_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semop(2) call"); +} + +ATF_TC_BODY(semop_failure, tc) +{ + const char *regex = "semop.*0xffff.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, semop(-1, NULL, 0)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(semop_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getval_success); +ATF_TC_HEAD(semctl_getval_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semctl(2) call for GETVAL command"); +} + +ATF_TC_BODY(semctl_getval_success, tc) +{ + semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, semctl(semid, 0, GETVAL, arg)); + /* Check the presence of semaphore ID and GETVAL in audit record */ + snprintf(ipcregex, 60, "semctl.*GETVAL.*%d.*return,success", semid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semctl_getval_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getval_failure); +ATF_TC_HEAD(semctl_getval_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semctl(2) call for GETVAL command"); +} + +ATF_TC_BODY(semctl_getval_failure, tc) +{ + const char *regex = "semctl.*GETVAL.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, semctl(-1, 0, GETVAL, arg)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(semctl_getval_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_setval_success); +ATF_TC_HEAD(semctl_setval_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semctl(2) call for SETVAL command"); +} + +ATF_TC_BODY(semctl_setval_success, tc) +{ + semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR | S_IWUSR); + arg.val = 1; + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, semctl(semid, 0, SETVAL, arg)); + /* Check the presence of semaphore ID and SETVAL in audit record */ + snprintf(ipcregex, 60, "semctl.*SETVAL.*%d.*return,success", semid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semctl_setval_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_setval_failure); +ATF_TC_HEAD(semctl_setval_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semctl(2) call for SETVAL command"); +} + +ATF_TC_BODY(semctl_setval_failure, tc) +{ + const char *regex = "semctl.*SETVAL.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, semctl(-1, 0, SETVAL, arg)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(semctl_setval_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getpid_success); +ATF_TC_HEAD(semctl_getpid_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semctl(2) call for GETPID command"); +} + +ATF_TC_BODY(semctl_getpid_success, tc) +{ + semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, semctl(semid, 0, GETPID, arg)); + /* Check the presence of semaphore ID and GETVAL in audit record */ + snprintf(ipcregex, 60, "semctl.*GETPID.*%d.*return,success", semid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semctl_getpid_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getpid_failure); +ATF_TC_HEAD(semctl_getpid_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semctl(2) call for GETPID command"); +} + +ATF_TC_BODY(semctl_getpid_failure, tc) +{ + const char *regex = "semctl.*GETPID.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, semctl(-1, 0, GETPID, arg)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(semctl_getpid_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getncnt_success); +ATF_TC_HEAD(semctl_getncnt_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semctl(2) call for GETNCNT command"); +} + +ATF_TC_BODY(semctl_getncnt_success, tc) +{ + semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, semctl(semid, 0, GETNCNT, arg)); + /* Check the presence of semaphore ID and GETNCNT in audit record */ + snprintf(ipcregex, 60, "semctl.*GETNCNT.*%d.*return,success", semid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semctl_getncnt_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getncnt_failure); +ATF_TC_HEAD(semctl_getncnt_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semctl(2) call for GETNCNT command"); +} + +ATF_TC_BODY(semctl_getncnt_failure, tc) +{ + const char *regex = "semctl.*GETNCNT.*return,failure : Invalid argument"; + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(-1, semctl(-1, 0, GETNCNT, arg)); + check_audit(fds, regex, pipefd); +} + +ATF_TC_CLEANUP(semctl_getncnt_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getzcnt_success); +ATF_TC_HEAD(semctl_getzcnt_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "semctl(2) call for GETZCNT command"); +} + +ATF_TC_BODY(semctl_getzcnt_success, tc) +{ + semid = semget(IPC_PRIVATE, 1, IPC_CREAT | S_IRUSR); + + FILE *pipefd = setup(fds, "ip"); + ATF_REQUIRE_EQ(0, semctl(semid, 0, GETZCNT, arg)); + /* Check the presence of semaphore ID and GETZCNT in audit record */ + snprintf(ipcregex, 60, "semctl.*GETZCNT.*%d.*return,success", semid); + check_audit(fds, ipcregex, pipefd); + + /* Destroy the semaphore set with ID = semid */ + ATF_REQUIRE_EQ(0, semctl(semid, 0, IPC_RMID)); +} + +ATF_TC_CLEANUP(semctl_getzcnt_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(semctl_getzcnt_failure); +ATF_TC_HEAD(semctl_getzcnt_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "semctl(2) call for GETZCNT command"); +} + *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201805281421.w4SEL1D2034609>