From owner-svn-src-all@freebsd.org Sun Jul 29 20:34:45 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 660961062754; Sun, 29 Jul 2018 20:34:45 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 13DD2784BE; Sun, 29 Jul 2018 20:34:45 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E4C611AAFD; Sun, 29 Jul 2018 20:34:44 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w6TKYixn099377; Sun, 29 Jul 2018 20:34:44 GMT (envelope-from asomers@FreeBSD.org) Received: (from asomers@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w6TKYitl099375; Sun, 29 Jul 2018 20:34:44 GMT (envelope-from asomers@FreeBSD.org) Message-Id: <201807292034.w6TKYitl099375@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: asomers set sender to asomers@FreeBSD.org using -f From: Alan Somers Date: Sun, 29 Jul 2018 20:34:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r336875 - head/tests/sys/audit X-SVN-Group: head X-SVN-Commit-Author: asomers X-SVN-Commit-Paths: head/tests/sys/audit X-SVN-Commit-Revision: 336875 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jul 2018 20:34:45 -0000 Author: asomers Date: Sun Jul 29 20:34:44 2018 New Revision: 336875 URL: https://svnweb.freebsd.org/changeset/base/336875 Log: audit(4): add tests for sysctl(3) and sysarch(2) Submitted by: aniketp MFC after: 2 weeks Sponsored by: Google, Inc. (GSoC 2018) Differential Revision: https://reviews.freebsd.org/D16116 Added: head/tests/sys/audit/miscellaneous.c (contents, props changed) Modified: head/tests/sys/audit/Makefile Modified: head/tests/sys/audit/Makefile ============================================================================== --- head/tests/sys/audit/Makefile Sun Jul 29 19:20:13 2018 (r336874) +++ head/tests/sys/audit/Makefile Sun Jul 29 20:34:44 2018 (r336875) @@ -15,6 +15,7 @@ ATF_TESTS_C+= network ATF_TESTS_C+= inter-process ATF_TESTS_C+= administrative ATF_TESTS_C+= process-control +ATF_TESTS_C+= miscellaneous SRCS.file-attribute-access+= file-attribute-access.c SRCS.file-attribute-access+= utils.c @@ -42,6 +43,8 @@ SRCS.administrative+= administrative.c SRCS.administrative+= utils.c SRCS.process-control+= process-control.c SRCS.process-control+= utils.c +SRCS.miscellaneous+= miscellaneous.c +SRCS.miscellaneous+= utils.c TEST_METADATA+= timeout="30" TEST_METADATA+= required_user="root" Added: head/tests/sys/audit/miscellaneous.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/audit/miscellaneous.c Sun Jul 29 20:34:44 2018 (r336875) @@ -0,0 +1,232 @@ +/*- + * Copyright (c) 2018 Aniket Pandey + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include + +#include +#include + +#include +#include + +#include "utils.h" + +static pid_t pid; +static char miscreg[80]; +static struct pollfd fds[1]; +static const char *auclass = "ot"; + + +/* + * Success case of audit(2) is skipped for now as the behaviour is quite + * undeterministic. It will be added when the intermittency is resolved. + */ + + +ATF_TC_WITH_CLEANUP(audit_failure); +ATF_TC_HEAD(audit_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "audit(2) call"); +} + +ATF_TC_BODY(audit_failure, tc) +{ + pid = getpid(); + snprintf(miscreg, sizeof(miscreg), "audit.*%d.*return,failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument */ + ATF_REQUIRE_EQ(-1, audit(NULL, -1)); + check_audit(fds, miscreg, pipefd); +} + +ATF_TC_CLEANUP(audit_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(sysarch_success); +ATF_TC_HEAD(sysarch_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "sysarch(2) call"); +} + +ATF_TC_BODY(sysarch_success, tc) +{ + pid = getpid(); + snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,success", pid); + + /* Set sysnum to the syscall corresponding to the system architecture */ +#if defined(I386_GET_IOPERM) /* i386 */ + struct i386_ioperm_args i3sysarg; + bzero(&i3sysarg, sizeof(i3sysarg)); + +#elif defined(AMD64_GET_FSBASE) /* amd64 */ + register_t amd64arg; + +#elif defined(MIPS_GET_TLS) /* MIPS */ + char *mipsarg; + +#elif defined(ARM_SYNC_ICACHE) /* ARM */ + struct arm_sync_icache_args armsysarg; + bzero(&armsysarg, sizeof(armsysarg)); + +#elif defined(SPARC_UTRAP_INSTALL) /* Sparc64 */ + struct sparc_utrap_args handler = { + .type = UT_DIVISION_BY_ZERO, + /* We don't want to change the previous handlers */ + .new_precise = (void *)UTH_NOCHANGE, + .new_deferred = (void *)UTH_NOCHANGE, + .old_precise = NULL, + .old_deferred = NULL + }; + + struct sparc_utrap_install_args sparc64arg = { + .num = ST_DIVISION_BY_ZERO, + .handlers = &handler + }; +#else + /* For PowerPC, ARM64, RISCV archs, sysarch(2) is not supported */ + atf_tc_skip("sysarch(2) is not supported for the system architecture"); +#endif + + FILE *pipefd = setup(fds, auclass); +#if defined(I386_GET_IOPERM) + ATF_REQUIRE_EQ(0, sysarch(I386_GET_IOPERM, &i3sysarg)); +#elif defined(AMD64_GET_FSBASE) + ATF_REQUIRE_EQ(0, sysarch(AMD64_GET_FSBASE, &amd64arg)); +#elif defined(MIPS_GET_TLS) + ATF_REQUIRE_EQ(0, sysarch(MIPS_GET_TLS, &mipsarg)); +#elif defined(ARM_SYNC_ICACHE) + ATF_REQUIRE_EQ(0, sysarch(ARM_SYNC_ICACHE, &armsysarg)); +#elif defined(SPARC_UTRAP_INSTALL) + ATF_REQUIRE_EQ(0, sysarch(SPARC_UTRAP_INSTALL, &sparc64arg)); +#endif + check_audit(fds, miscreg, pipefd); +} + +ATF_TC_CLEANUP(sysarch_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(sysarch_failure); +ATF_TC_HEAD(sysarch_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "sysarch(2) call for any architecture"); +} + +ATF_TC_BODY(sysarch_failure, tc) +{ + pid = getpid(); + snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument and Bad address */ + ATF_REQUIRE_EQ(-1, sysarch(-1, NULL)); + check_audit(fds, miscreg, pipefd); +} + +ATF_TC_CLEANUP(sysarch_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(sysctl_success); +ATF_TC_HEAD(sysctl_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "sysctl(3) call"); +} + +ATF_TC_BODY(sysctl_success, tc) +{ + int mib[2], maxproc; + size_t proclen; + + /* Set mib to retrieve the maximum number of allowed processes */ + mib[0] = CTL_KERN; + mib[1] = KERN_MAXPROC; + proclen = sizeof(maxproc); + + pid = getpid(); + snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,success", pid); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, sysctl(mib, 2, &maxproc, &proclen, NULL, 0)); + check_audit(fds, miscreg, pipefd); +} + +ATF_TC_CLEANUP(sysctl_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(sysctl_failure); +ATF_TC_HEAD(sysctl_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "sysctl(3) call"); +} + +ATF_TC_BODY(sysctl_failure, tc) +{ + pid = getpid(); + snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid arguments */ + ATF_REQUIRE_EQ(-1, sysctl(NULL, 0, NULL, NULL, NULL, 0)); + check_audit(fds, miscreg, pipefd); +} + +ATF_TC_CLEANUP(sysctl_failure, tc) +{ + cleanup(); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, audit_failure); + + ATF_TP_ADD_TC(tp, sysarch_success); + ATF_TP_ADD_TC(tp, sysarch_failure); + + ATF_TP_ADD_TC(tp, sysctl_success); + ATF_TP_ADD_TC(tp, sysctl_failure); + + return (atf_no_error()); +}