Date: Wed, 16 Jul 2008 07:56:34 GMT From: Vincenzo Iozzo <snagg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 145304 for review Message-ID: <200807160756.m6G7uYJP006198@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=145304 Change 145304 by snagg@snagg_macosx on 2008/07/16 07:56:24 The code as been revised in order to ease the life of testing module coders. That is as much code as possible has been moved into the framework Affected files ... .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#4 edit .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#3 edit .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_open.c#2 edit Differences ... ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#4 (text+ko) ==== @@ -183,6 +183,57 @@ return 0; } + +struct audit_record *dump(char *path) +{ + int i, ret, reclen, bytesread, to_parse; + struct audit_record *p; + u_char *buf; + u_char type = 0; + FILE *fp; + + to_parse = NOT; + + fp = fopen(path, "r"); + if(fp == NULL) + return; + + p = malloc(sizeof(struct audit_record)); + if (p == NULL) + err(-1, "MALLOC"); + + p->count = 0; + + while(1) { + + /* Record must begin with a header token. */ + do { + type = fgetc(fp); + } while(type != AU_HEADER_32_TOKEN); + ungetc(type, fp); + + while ((reclen = au_read_rec(fp, &buf)) != -1) { + bytesread = 0; + while (bytesread < reclen) { + + /* Is this an incomplete record? */ + if (au_fetch_tok(&(p->toks[p->count]), buf + bytesread, + reclen - bytesread) == -1) + break; + + + bytesread += p->toks[p->count].len; + + } + p->count++; + } + if (p->count >= 20) + break; + } + + return p; +} + /* * Init log file for evaluation */ @@ -276,3 +327,67 @@ return 0; } + +int setup_auditpipe(int pid) +{ + int fd; + int value; + struct auditpipe_ioctl_preselect_proc *entry; + + fd = open("/dev/auditpipe", O_RDONLY); + if (fd < 0) + err(-1, "/dev/auditpipe"); + + entry = malloc(sizeof(struct auditpipe_ioctl_preselect_proc)); + if(entry == NULL) + err(-1, "MALLOC"); + + value = 3; + if (ioctl(fd, AUDITPIPE_SET_PRESELECT_MODE, &value) < 0) + err(-1, "AUDITPIPE_SET_PRESELECT_MODE"); + + entry->aipp_pid = pid; + + if (ioctl(fd, AUDITPIPE_SET_PRESELECT_PROC, entry) < 0) + err(-1, "AUDITPIPE_SET_PRESELECT_EVENTS"); + return fd; +} + +void close_auditpipe(int fd, int fdout) +{ + close(fd); + close(fdout); +} + +void read_auditpipe(int fd, int fdout) +{ + int len, count; + char buffer[AUDIT_BUFFER_LEN]; + struct pollfd pollfd; + + pollfd.fd = fd; + pollfd.events = POLLIN; + pollfd.revents = 0; + count = poll(&pollfd, 1, 0); + if (count < 0) { + switch (errno) { + case EINTR: + return; + default: + err(-1, "poll"); + } + } + + if (pollfd.revents & POLLIN) { + len = read(fd, buffer, AUDIT_BUFFER_LEN); + if (len < 0) + err(-1, "auditpipe read"); + if (len == 0) + return; + + /* Audit pipe input. */ + if(write(fdout, buffer, len) == -1) + err(-1, "WRITE"); + } +} + ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#3 (text+ko) ==== @@ -80,7 +80,6 @@ { tokenstr_t toks[20]; int count; - int index; }; void init_channel(); ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_open.c#2 (text+ko) ==== @@ -204,16 +204,13 @@ int main(int argc, char *argv[]) { - int i, quit, fd, count, value, len, index, fdout; - struct auditpipe_ioctl_preselect *entry; - char *shared_string, *descr, path[512], path1[512]; - char buffer[AUDIT_BUFFER_LEN]; - struct pollfd pollfd; + int i, quit, fd, value, index, fdout, count; + char *shared_string, *descr, path[512]; pid_t pid; char **arg; + struct open_record *head, *elem; FILE *f; - struct open_record *head, *elem; - + index = 0; head = NULL; @@ -222,19 +219,6 @@ init_channel(); - fd = open("/dev/auditpipe", O_RDONLY); - if (fd < 0) - err(-1, "/dev/auditpipe"); - - entry = malloc(sizeof(struct auditpipe_ioctl_preselect)); - if(entry == NULL) - err(-1, "MALLOC"); - - entry->app_event_len = 0; - value = 4; - if (ioctl(fd, AUDITPIPE_SET_PRESELECT_MODE, &value) < 0) - err(-1, "AUDITPIPE_SET_PRESELECT_MODE"); - arg = malloc(argc); if(arg == NULL) err(-1, "MALLOC"); @@ -248,53 +232,19 @@ sleep(15); execve(argv[1], arg, NULL); } else { - entry->app_pid = pid; - snprintf(path, 512, "/tmp/audit-%d.xml", pid); - snprintf(path1, 512, "/tmp/audit-%d", pid); + fd = setup_auditpipe(pid); + snprintf(path, 512, "/tmp/audit-%d", pid); - fdout = open(path1, O_RDWR | O_CREAT); + fdout = open(path, O_RDWR | O_CREAT); if(fdout == -1) err(-1, "OPEN"); - f = fopen(path, "w+"); - if(f == NULL) - err(-1, "FOPEN"); - - if (ioctl(fd, AUDITPIPE_SET_PRESELECT_EVENTS, entry) < 0) - err(-1, "AUDITPIPE_SET_PRESELECT_EVENTS"); - - au_print_xml_header(f); quit = 0; while (!waitpid(pid, &quit, WNOHANG)) { - pollfd.fd = fd; - pollfd.events = POLLIN; - pollfd.revents = 0; - count = poll(&pollfd, 1, 0); - if (count < 0) { - switch (errno) { - case EINTR: - continue; - - default: - err(-1, "poll"); - } - } - + /* Audit pipe input. */ - if (pollfd.revents & POLLIN) { - - len = read(fd, buffer, AUDIT_BUFFER_LEN); - if (len < 0) - err(-1, "auditpipe read"); - if (len == 0) - continue; - - /* Audit pipe input. */ - if(write(fdout, buffer, len) == -1) - err(-1, "WRITE"); - - } - + read_auditpipe(fd, fdout); + /* * See whether is there anything on the shared-memory, * if so build a structure @@ -342,15 +292,12 @@ } } } - au_print_xml_footer(f); - close(fd); - close(fdout); - fclose(f); - free(entry); + close_auditpipe(fd, fdout); free(arg); end_channel(); + dump(path) f = init_log(pid); - validate(f, head, path1, pid); + validate(f, head, path, pid); fclose(f); return (0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200807160756.m6G7uYJP006198>