From owner-svn-soc-all@freebsd.org Mon Jun 11 18:08:44 2018 Return-Path: Delivered-To: svn-soc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A04D4100167F for ; Mon, 11 Jun 2018 18:08:44 +0000 (UTC) (envelope-from sduo@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 41060741CE for ; Mon, 11 Jun 2018 18:08:44 +0000 (UTC) (envelope-from sduo@FreeBSD.org) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 852D3C332 for ; Mon, 11 Jun 2018 18:08:43 +0000 (UTC) (envelope-from sduo@FreeBSD.org) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.15.2/8.15.2) with ESMTP id w5BI8hVr024060 for ; Mon, 11 Jun 2018 18:08:43 GMT (envelope-from sduo@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.15.2/8.15.2/Submit) id w5BI8gpU023073 for svn-soc-all@FreeBSD.org; Mon, 11 Jun 2018 18:08:42 GMT (envelope-from sduo@FreeBSD.org) Date: Mon, 11 Jun 2018 18:08:42 GMT Message-Id: <201806111808.w5BI8gpU023073@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to sduo@FreeBSD.org using -f From: sduo@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r337261 - soc2018/sduo/head/sys/dev/vale_vlan MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jun 2018 18:08:44 -0000 Author: sduo Date: Mon Jun 11 18:08:40 2018 New Revision: 337261 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=337261 Log: use strncmp() instead of strcmp() Modified: soc2018/sduo/head/sys/dev/vale_vlan/vale_vlan.c Modified: soc2018/sduo/head/sys/dev/vale_vlan/vale_vlan.c ============================================================================== --- soc2018/sduo/head/sys/dev/vale_vlan/vale_vlan.c Tue Jun 5 00:35:49 2018 (r337260) +++ soc2018/sduo/head/sys/dev/vale_vlan/vale_vlan.c Mon Jun 11 18:08:40 2018 (r337261) @@ -335,7 +335,9 @@ } for (i = 0; i < MAX_VLAN_CONFS; ++i) { - if (strcmp(vlan_confs[i].conf_name, conf_name) == 0) { + if (strncmp(vlan_confs[i].conf_name, + conf_name, + sizeof(vlan_confs[i].conf_name)) == 0) { nm_prinf("vale_vlan: a configuration named" "'%s' alredy exists\n", conf_name); return EEXIST; @@ -359,6 +361,8 @@ conf = &vlan_confs[free_conf]; initialize_conf(conf); strncpy(conf->conf_name, conf_name, sizeof(conf->conf_name)); + /* makes sure the string is null-byte ended */ + conf->conf_name[sizeof(conf->conf_name)-1] = '\0'; conf->mod_bdg_auth_token = auth_token; *conf_index = free_conf; @@ -399,7 +403,9 @@ for (i = 0; i < active_vlan_conf; ++i) { int index = vlan_conf_index[i]; - if (strcmp(vlan_confs[index].conf_name, conf_name) == 0) { + if (strncmp(vlan_confs[index].conf_name, + conf_name, + sizeof(vlan_confs[index].conf_name)) == 0) { *conf_index = index; nm_prinf("vale_vlan: successfully selected " "configuration '%s'\n", conf_name); @@ -429,7 +435,9 @@ for (i = 0; i < active_vlan_conf; ++i) { int index = vlan_conf_index[i]; - if (strcmp(vlan_confs[index].conf_name, conf_name) == 0) { + if (strncmp(vlan_confs[index].conf_name, + conf_name, + sizeof(vlan_confs[index].conf_name)) == 0) { conf = &vlan_confs[index]; conf_index = i; break; @@ -538,6 +546,7 @@ hdr.nr_version = NM_API_VERSION; hdr.nr_reqtype = NETMAP_REQ_VALE_NEWIF; strncpy(hdr.nr_name, name, sizeof(hdr.nr_name)); + hdr.nr_name[sizeof(hdr.nr_name)-1] = '\0'; bzero(&newif, sizeof(newif)); hdr.nr_body = (uint64_t)&newif; @@ -602,7 +611,9 @@ struct port_elem *next = NULL; vv_list_foreach_safe(cursor, &conf->port_list, list, next) { - if (strcmp(cursor->port_desc.port_name, port_name) == 0) { + if (strncmp(cursor->port_desc.port_name, + port_name) == 0 + sizeof(cursor->port_desc.port_name)) { vv_list_remove(cursor, list); vv_free(cursor); return 0; From owner-svn-soc-all@freebsd.org Thu Jun 14 01:36:58 2018 Return-Path: Delivered-To: svn-soc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 24678100E7FE for ; Thu, 14 Jun 2018 01:36:58 +0000 (UTC) (envelope-from aniketp@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8DB72693AB for ; Thu, 14 Jun 2018 01:36:57 +0000 (UTC) (envelope-from aniketp@FreeBSD.org) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id D877E95A7 for ; Thu, 14 Jun 2018 01:36:56 +0000 (UTC) (envelope-from aniketp@FreeBSD.org) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.15.2/8.15.2) with ESMTP id w5E1aumM011778 for ; Thu, 14 Jun 2018 01:36:56 GMT (envelope-from aniketp@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.15.2/8.15.2/Submit) id w5E1arkf011725 for svn-soc-all@FreeBSD.org; Thu, 14 Jun 2018 01:36:53 GMT (envelope-from aniketp@FreeBSD.org) Date: Thu, 14 Jun 2018 01:36:53 GMT Message-Id: <201806140136.w5E1arkf011725@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to aniketp@FreeBSD.org using -f From: aniketp@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r337262 - soc2018/aniketp/head/tests/sys/audit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jun 2018 01:36:58 -0000 Author: aniketp Date: Thu Jun 14 01:36:51 2018 New Revision: 337262 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=337262 Log: Lots of changes: Status after D15782 Added: soc2018/aniketp/head/tests/sys/audit/temp.c Modified: soc2018/aniketp/head/tests/sys/audit/Makefile soc2018/aniketp/head/tests/sys/audit/exec.c soc2018/aniketp/head/tests/sys/audit/file-attribute-access.c soc2018/aniketp/head/tests/sys/audit/file-close.c soc2018/aniketp/head/tests/sys/audit/file-create.c soc2018/aniketp/head/tests/sys/audit/file-delete.c soc2018/aniketp/head/tests/sys/audit/file-read.c soc2018/aniketp/head/tests/sys/audit/file-write.c soc2018/aniketp/head/tests/sys/audit/open.c soc2018/aniketp/head/tests/sys/audit/utils.c soc2018/aniketp/head/tests/sys/audit/utils.h Modified: soc2018/aniketp/head/tests/sys/audit/Makefile ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/Makefile Mon Jun 11 18:08:40 2018 (r337261) +++ soc2018/aniketp/head/tests/sys/audit/Makefile Thu Jun 14 01:36:51 2018 (r337262) @@ -2,56 +2,35 @@ TESTSDIR= ${TESTSBASE}/sys/audit -ATF_TESTS_C= file-create +ATF_TESTS_C= file-attribute-access +ATF_TESTS_C+= file-create ATF_TESTS_C+= file-delete -ATF_TESTS_C+= file-read -ATF_TESTS_C+= file-write ATF_TESTS_C+= file-close -ATF_TESTS_C+= file-attribute-access -ATF_TESTS_C+= file-attribute-modify -ATF_TESTS_C+= exec +ATF_TESTS_C+= file-write +ATF_TESTS_C+= file-read ATF_TESTS_C+= open -ATF_TESTS_C+= ioctl -ATF_TESTS_C+= network -ATF_TESTS_C+= inter-process -ATF_TESTS_C+= process-control -ATF_TESTS_C+= administrative +SRCS.file-attribute-access+= file-attribute-access.c +SRCS.file-attribute-access+= utils.c SRCS.file-create+= file-create.c SRCS.file-create+= utils.c SRCS.file-delete+= file-delete.c SRCS.file-delete+= utils.c -SRCS.file-read+= file-read.c -SRCS.file-read+= utils.c -SRCS.file-write+= file-write.c -SRCS.file-write+= utils.c SRCS.file-close+= file-close.c SRCS.file-close+= utils.c -SRCS.file-attribute-access+= file-attribute-access.c -SRCS.file-attribute-access+= utils.c -SRCS.file-attribute-modify+= file-attribute-modify.c -SRCS.file-attribute-modify+= utils.c -SRCS.exec+= exec.c -SRCS.exec+= utils.c -SRCS.open+= open.c -SRCS.open+= utils.c -SRCS.ioctl+= ioctl.c -SRCS.ioctl+= utils.c -SRCS.network+= network.c -SRCS.network+= utils.c -SRCS.inter-process+= inter-process.c -SRCS.inter-process+= utils.c -SRCS.process-control+= process-control.c -SRCS.process-control+= utils.c -SRCS.administrative+= administrative.c -SRCS.administrative+= utils.c +SRCS.file-write+= file-write.c +SRCS.file-write+= utils.c +SRCS.file-read+= file-read.c +SRCS.file-read+= utils.c +SRCS.open+= open.c +SRCS.open+= utils.c TEST_METADATA+= timeout="30" TEST_METADATA+= required_user="root" +TEST_METADATA+= is_exclusive="true" WARNS?= 6 LDFLAGS+= -lbsm -lutil .include - Modified: soc2018/aniketp/head/tests/sys/audit/exec.c ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/exec.c Mon Jun 11 18:08:40 2018 (r337261) +++ soc2018/aniketp/head/tests/sys/audit/exec.c Thu Jun 14 01:36:51 2018 (r337262) @@ -1,6 +1,5 @@ /*- - * Copyright 2018 Aniket Pandey - * All rights reserved. + * Copyright (c) 2018 Aniket Pandey * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -54,6 +53,13 @@ ATF_TC_BODY(execve_success, tc) { + /* + * execve(2) overlays the calling process in successful invocation. + * Hence, audit(4) does not get any return value in the event token + * for execve(2) due to which, it simply places "BSM_ERRNO_UNKNOWN" + * as the "ar->ar_errno" field. + * Please see: sys/security/audit/bsm_errno.c#L728 + */ const char *regex = "execve.*sample-argument.*Unknown error: 201"; FILE *pipefd = setup(fds, "ex"); @@ -109,6 +115,14 @@ ATF_TC_BODY(fexecve_success, tc) { filedesc = open(bin, O_RDONLY | O_EXEC); + + /* + * fexecve(2) overlays the calling process in successful invocation. + * Hence, audit(4) does not get any return value in the event token + * for fexecve(2) due to which, it simply places "BSM_ERRNO_UNKNOWN" + * as the "ar->ar_errno" field. + * Please see: sys/security/audit/bsm_errno.c#L728 + */ const char *regex = "fexecve.*sample-argument.*Unknown error: 201"; FILE *pipefd = setup(fds, "ex"); @@ -119,6 +133,9 @@ } else ATF_REQUIRE(fexecve(filedesc, arg, NULL) != -1); + + /* Close the file descriptor of the executable */ + ATF_REQUIRE_EQ(0, close(filedesc)); } ATF_TC_CLEANUP(fexecve_success, tc) @@ -147,6 +164,9 @@ } else ATF_REQUIRE_EQ(-1, fexecve(filedesc, arg, (char *const *)(-1))); + + /* Close the file descriptor of the executable */ + ATF_REQUIRE_EQ(0, close(filedesc)); } ATF_TC_CLEANUP(fexecve_failure, tc) Modified: soc2018/aniketp/head/tests/sys/audit/file-attribute-access.c ============================================================================== --- soc2018/aniketp/head/tests/sys/audit/file-attribute-access.c Mon Jun 11 18:08:40 2018 (r337261) +++ soc2018/aniketp/head/tests/sys/audit/file-attribute-access.c Thu Jun 14 01:36:51 2018 (r337262) @@ -1,6 +1,5 @@ /*- - * Copyright 2018 Aniket Pandey - * All rights reserved. + * Copyright (c) 2018 Aniket Pandey * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,29 +25,26 @@ * $FreeBSD$ */ -#include -#include #include #include #include +#include #include -#include #include #include -#include -#include #include #include "utils.h" static struct pollfd fds[1]; -static fhandle_t fht; static mode_t mode = 0777; +static pid_t pid; +static int filedesc; static char extregex[80]; static struct stat statbuff; static struct statfs statfsbuff; -static const char *name = "authorname"; +static const char *auclass = "fa"; static const char *path = "fileforaudit"; static const char *errpath = "dirdoesnotexist/fileforaudit"; static const char *successreg = "fileforaudit.*return,success"; @@ -65,10 +61,11 @@ ATF_TC_BODY(stat_success, tc) { /* File needs to exist to call stat(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - FILE *pipefd = setup(fds, "fa"); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, stat(path, &statbuff)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(stat_success, tc) @@ -86,7 +83,7 @@ ATF_TC_BODY(stat_failure, tc) { - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, stat(errpath, &statbuff)); check_audit(fds, failurereg, pipefd); @@ -109,7 +106,7 @@ { /* Symbolic link needs to exist to call lstat(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, lstat(path, &statbuff)); check_audit(fds, successreg, pipefd); } @@ -129,7 +126,7 @@ ATF_TC_BODY(lstat_failure, tc) { - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ ATF_REQUIRE_EQ(-1, lstat(errpath, &statbuff)); check_audit(fds, failurereg, pipefd); @@ -150,16 +147,15 @@ ATF_TC_BODY(fstat_success, tc) { - int filedesc; - char regex[30]; - /* File needs to exist to call fstat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fstat(filedesc, &statbuff)); - snprintf(regex, 30, "fstat.*%lu.*return,success", statbuff.st_ino); - check_audit(fds, regex, pipefd); + snprintf(extregex, sizeof(extregex), + "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino); + check_audit(fds, extregex, pipefd); + close(filedesc); } ATF_TC_CLEANUP(fstat_success, tc) @@ -177,7 +173,7 @@ ATF_TC_BODY(fstat_failure, tc) { - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); const char *regex = "fstat.*return,failure : Bad file descriptor"; /* Failure reason: bad file descriptor */ ATF_REQUIRE_EQ(-1, fstat(-1, &statbuff)); @@ -201,8 +197,8 @@ { /* File or Symbolic link needs to exist to call lstat(2) */ ATF_REQUIRE_EQ(0, symlink("symlink", path)); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(0, fstatat(AT_FDCWD, path, &statbuff, \ + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, fstatat(AT_FDCWD, path, &statbuff, AT_SYMLINK_NOFOLLOW)); check_audit(fds, successreg, pipefd); } @@ -222,9 +218,9 @@ ATF_TC_BODY(fstatat_failure, tc) { - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, fstatat(AT_FDCWD, path, &statbuff, \ + ATF_REQUIRE_EQ(-1, fstatat(AT_FDCWD, path, &statbuff, AT_SYMLINK_NOFOLLOW)); check_audit(fds, failurereg, pipefd); } @@ -245,10 +241,11 @@ ATF_TC_BODY(statfs_success, tc) { /* File needs to exist to call statfs(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - FILE *pipefd = setup(fds, "fa"); + ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); + FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, statfs(path, &statfsbuff)); check_audit(fds, successreg, pipefd); + close(filedesc); } ATF_TC_CLEANUP(statfs_success, tc) @@ -266,7 +263,7 @@ ATF_TC_BODY(statfs_failure, tc) { - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); /* Failure reason: file does not exist */ ATF_REQUIRE_EQ(-1, statfs(errpath, &statfsbuff)); check_audit(fds, failurereg, pipefd); @@ -287,18 +284,17 @@ ATF_TC_BODY(fstatfs_success, tc) { - int filedesc; - char regex[30]; - /* File needs to exist to call fstat(2) */ ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); /* Call stat(2) to store the Inode number of 'path' */ ATF_REQUIRE_EQ(0, stat(path, &statbuff)); - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); ATF_REQUIRE_EQ(0, fstatfs(filedesc, &statfsbuff)); - snprintf(regex, 30, "fstatfs.*%lu.*return,success", statbuff.st_ino); - check_audit(fds, regex, pipefd); + snprintf(extregex, sizeof(extregex), "fstatfs.*%jd.*return,success", + (intmax_t)statbuff.st_ino); + check_audit(fds, extregex, pipefd); + close(filedesc); } ATF_TC_CLEANUP(fstatfs_success, tc) @@ -316,7 +312,7 @@ ATF_TC_BODY(fstatfs_failure, tc) { - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); const char *regex = "fstatfs.*return,failure : Bad file descriptor"; /* Failure reason: bad file descriptor */ ATF_REQUIRE_EQ(-1, fstatfs(-1, &statfsbuff)); @@ -338,10 +334,12 @@ ATF_TC_BODY(getfsstat_success, tc) { - const char *regex = "getfsstat.*return,success"; - FILE *pipefd = setup(fds, "fa"); + pid = getpid(); + snprintf(extregex, sizeof(extregex), "getfsstat.*%d.*success", pid); + + FILE *pipefd = setup(fds, auclass); ATF_REQUIRE(getfsstat(NULL, 0, MNT_NOWAIT) != -1); - check_audit(fds, regex, pipefd); + check_audit(fds, extregex, pipefd); } ATF_TC_CLEANUP(getfsstat_success, tc) @@ -360,7 +358,7 @@ ATF_TC_BODY(getfsstat_failure, tc) { const char *regex = "getfsstat.*return,failure : Invalid argument"; - FILE *pipefd = setup(fds, "fa"); + FILE *pipefd = setup(fds, auclass); /* Failure reason: Invalid value for mode */ ATF_REQUIRE_EQ(-1, getfsstat(NULL, 0, -1)); check_audit(fds, regex, pipefd); @@ -371,1614 +369,26 @@ cleanup(); } -ATF_TC_WITH_CLEANUP(fhopen_success); -ATF_TC_HEAD(fhopen_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "fhopen(2) call"); -} - -ATF_TC_BODY(fhopen_success, tc) -{ - const char *regex = "fhopen.*return,success"; - /* File needs to exist to get a file-handle */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - /* Get the file handle to be passed to fhopen(2) */ - ATF_REQUIRE_EQ(0, getfh(path, &fht)); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE(fhopen(&fht, O_RDWR) != -1); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fhopen_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(fhopen_failure); -ATF_TC_HEAD(fhopen_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "fhopen(2) call"); -} - -ATF_TC_BODY(fhopen_failure, tc) -{ - const char *regex = "fhopen.*return,failure : Stale NFS file handle"; - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: fht does not represent any file */ - ATF_REQUIRE_EQ(-1, fhopen(&fht, O_RDWR)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fhopen_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(fhstat_success); -ATF_TC_HEAD(fhstat_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "fstat(2) call"); -} - -ATF_TC_BODY(fhstat_success, tc) -{ - const char *regex = "fhstat.*return,success"; - /* File needs to exist to get a file-handle */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - /* Get the file handle to be passed to fhstat(2) */ - ATF_REQUIRE_EQ(0, getfh(path, &fht)); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(0, fhstat(&fht, &statbuff)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fhstat_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(fhstat_failure); -ATF_TC_HEAD(fhstat_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "fhstat(2) call"); -} - -ATF_TC_BODY(fhstat_failure, tc) -{ - const char *regex = "fhstat.*return,failure : Stale NFS file handle"; - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: fht does not represent any file */ - ATF_REQUIRE_EQ(-1, fhstat(&fht, &statbuff)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fhstat_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(fhstatfs_success); -ATF_TC_HEAD(fhstatfs_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "fstatfs(2) call"); -} - -ATF_TC_BODY(fhstatfs_success, tc) -{ - const char *regex = "fhstatfs.*return,success"; - /* File needs to exist to get a file-handle */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - /* Get the file handle to be passed to fhstatfs(2) */ - ATF_REQUIRE_EQ(0, getfh(path, &fht)); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(0, fhstatfs(&fht, &statfsbuff)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fhstatfs_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(fhstatfs_failure); -ATF_TC_HEAD(fhstatfs_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "fhstatfs(2) call"); -} - -ATF_TC_BODY(fhstatfs_failure, tc) -{ - const char *regex = "fhstatfs.*return,failure : Stale NFS file handle"; - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: fht does not represent any file */ - ATF_REQUIRE_EQ(-1, fhstatfs(&fht, &statfsbuff)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fhstatfs_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(access_success); -ATF_TC_HEAD(access_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "access(2) call"); -} - -ATF_TC_BODY(access_success, tc) -{ - /* File needs to exist to call access(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(0, access(path, F_OK)); - check_audit(fds, successreg, pipefd); -} - -ATF_TC_CLEANUP(access_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(access_failure); -ATF_TC_HEAD(access_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "access(2) call"); -} - -ATF_TC_BODY(access_failure, tc) -{ - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, access(errpath, F_OK)); - check_audit(fds, failurereg, pipefd); -} - -ATF_TC_CLEANUP(access_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(eaccess_success); -ATF_TC_HEAD(eaccess_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "eaccess(2) call"); -} - -ATF_TC_BODY(eaccess_success, tc) -{ - /* File needs to exist to call eaccess(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(0, eaccess(path, F_OK)); - check_audit(fds, successreg, pipefd); -} - -ATF_TC_CLEANUP(eaccess_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(eaccess_failure); -ATF_TC_HEAD(eaccess_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "eaccess(2) call"); -} - -ATF_TC_BODY(eaccess_failure, tc) -{ - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, eaccess(errpath, F_OK)); - check_audit(fds, failurereg, pipefd); -} - -ATF_TC_CLEANUP(eaccess_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(faccessat_success); -ATF_TC_HEAD(faccessat_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "faccessat(2) call"); -} - -ATF_TC_BODY(faccessat_success, tc) -{ - /* File needs to exist to call faccessat(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(0, faccessat(AT_FDCWD, path, F_OK, AT_EACCESS)); - check_audit(fds, successreg, pipefd); -} - -ATF_TC_CLEANUP(faccessat_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(faccessat_failure); -ATF_TC_HEAD(faccessat_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "faccessat(2) call"); -} - -ATF_TC_BODY(faccessat_failure, tc) -{ - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, faccessat(AT_FDCWD, errpath, F_OK, AT_EACCESS)); - check_audit(fds, failurereg, pipefd); -} - -ATF_TC_CLEANUP(faccessat_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(pathconf_success); -ATF_TC_HEAD(pathconf_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "pathconf(2) call"); -} - -ATF_TC_BODY(pathconf_success, tc) -{ - /* File needs to exist to call pathconf(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE(pathconf(path, _PC_NAME_MAX) != -1); - check_audit(fds, successreg, pipefd); -} - -ATF_TC_CLEANUP(pathconf_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(pathconf_failure); -ATF_TC_HEAD(pathconf_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "pathconf(2) call"); -} - -ATF_TC_BODY(pathconf_failure, tc) -{ - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, pathconf(errpath, _PC_NAME_MAX)); - check_audit(fds, failurereg, pipefd); -} - -ATF_TC_CLEANUP(pathconf_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(lpathconf_success); -ATF_TC_HEAD(lpathconf_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "lpathconf(2) call"); -} - -ATF_TC_BODY(lpathconf_success, tc) -{ - /* Symbolic link needs to exist to call lpathconf(2) */ - ATF_REQUIRE_EQ(0, symlink("symlink", path)); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE(lpathconf(path, _PC_SYMLINK_MAX) != -1); - check_audit(fds, successreg, pipefd); -} - -ATF_TC_CLEANUP(lpathconf_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(lpathconf_failure); -ATF_TC_HEAD(lpathconf_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "lpathconf(2) call"); -} - -ATF_TC_BODY(lpathconf_failure, tc) -{ - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, lpathconf(errpath, _PC_SYMLINK_MAX)); - check_audit(fds, failurereg, pipefd); -} - -ATF_TC_CLEANUP(lpathconf_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(fpathconf_success); -ATF_TC_HEAD(fpathconf_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "fpathconf(2) call"); -} - -ATF_TC_BODY(fpathconf_success, tc) -{ - int filedesc; - const char *regex = "fpathconf.*return,success"; - /* File needs to exist to call fpathconf(2) */ - ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE(fpathconf(filedesc, _PC_NAME_MAX) != -1); - check_audit(fds, regex, pipefd); -} -ATF_TC_CLEANUP(fpathconf_success, tc) +ATF_TP_ADD_TCS(tp) { - cleanup(); -} + ATF_TP_ADD_TC(tp, stat_success); + ATF_TP_ADD_TC(tp, stat_failure); + ATF_TP_ADD_TC(tp, lstat_success); + ATF_TP_ADD_TC(tp, lstat_failure); + ATF_TP_ADD_TC(tp, fstat_success); + ATF_TP_ADD_TC(tp, fstat_failure); + ATF_TP_ADD_TC(tp, fstatat_success); + ATF_TP_ADD_TC(tp, fstatat_failure); - -ATF_TC_WITH_CLEANUP(fpathconf_failure); -ATF_TC_HEAD(fpathconf_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "fpathconf(2) call"); -} - -ATF_TC_BODY(fpathconf_failure, tc) -{ - FILE *pipefd = setup(fds, "fa"); - const char *regex = "fpathconf.*return,failure : Bad file descriptor"; - /* Failure reason: Bad file descriptor */ - ATF_REQUIRE_EQ(-1, fpathconf(-1, _PC_NAME_MAX)); - check_audit(fds, regex, pipefd); -} - -ATF_TC_CLEANUP(fpathconf_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_get_file_success); -ATF_TC_HEAD(extattr_get_file_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "extattr_get_file(2) call"); -} - -ATF_TC_BODY(extattr_get_file_success, tc) -{ - const char *buff = "ezio"; - /* File needs to exist to call extattr_get_file(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, \ - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); - - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_get_file.*%s.*%s.*return,success,%lu", \ - path, name, sizeof(buff)); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(sizeof(buff), extattr_get_file(path, \ - EXTATTR_NAMESPACE_USER, name, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_get_file_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_get_file_failure); -ATF_TC_HEAD(extattr_get_file_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "extattr_get_file(2) call"); -} - -ATF_TC_BODY(extattr_get_file_failure, tc) -{ - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_get_file.*%s.*%s.*failure", path, name); - - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, extattr_get_file(path, \ - EXTATTR_NAMESPACE_USER, name, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_get_file_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_get_fd_success); -ATF_TC_HEAD(extattr_get_fd_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "extattr_get_fd(2) call"); -} - -ATF_TC_BODY(extattr_get_fd_success, tc) -{ - int filedesc; - const char *buff = "ezio"; - /* File needs to exist to call extattr_get_fd(2) */ - ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, \ - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); - - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_get_fd.*%s.*return,success", name); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(sizeof(buff), extattr_get_fd(filedesc, \ - EXTATTR_NAMESPACE_USER, name, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_get_fd_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_get_fd_failure); -ATF_TC_HEAD(extattr_get_fd_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "extattr_get_fd(2) call"); -} - -ATF_TC_BODY(extattr_get_fd_failure, tc) -{ - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_get_fd.*%s.*return,failure : " - "Bad file descriptor", name); - - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: Invalid file descriptor */ - ATF_REQUIRE_EQ(-1, extattr_get_fd(-1, \ - EXTATTR_NAMESPACE_USER, name, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_get_fd_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_get_link_success); -ATF_TC_HEAD(extattr_get_link_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "extattr_get_link(2) call"); -} - -ATF_TC_BODY(extattr_get_link_success, tc) -{ - const char *buff = "ezio"; - /* Symbolic link needs to exist to call extattr_get_link(2) */ - ATF_REQUIRE_EQ(0, symlink("symlink", path)); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_link(path, \ - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); - - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_get_link.*%s.*%s.*return,success,%lu", \ - path, name, sizeof(buff)); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE_EQ(sizeof(buff), extattr_get_link(path, \ - EXTATTR_NAMESPACE_USER, name, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_get_link_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_get_link_failure); -ATF_TC_HEAD(extattr_get_link_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "extattr_get_link(2) call"); -} - -ATF_TC_BODY(extattr_get_link_failure, tc) -{ - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_get_link.*%s.*%s.*failure", path, name); - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: symbolic link does not exist */ - ATF_REQUIRE_EQ(-1, extattr_get_link(path, \ - EXTATTR_NAMESPACE_USER, name, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_get_link_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_list_file_success); -ATF_TC_HEAD(extattr_list_file_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "extattr_list_file(2) call"); -} - -ATF_TC_BODY(extattr_list_file_success, tc) -{ - int readbuff; - const char *buff = "ezio"; - /* File needs to exist to call extattr_list_file(2) */ - ATF_REQUIRE(open(path, O_CREAT, mode) != -1); - ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, \ - EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); - - FILE *pipefd = setup(fds, "fa"); - ATF_REQUIRE((readbuff = extattr_list_file(path, \ - EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_list_file.*%s.*return,success,%d", \ - path, readbuff); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_list_file_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_list_file_failure); -ATF_TC_HEAD(extattr_list_file_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "extattr_list_file(2) call"); -} - -ATF_TC_BODY(extattr_list_file_failure, tc) -{ - /* Prepare the regex to be checked in the audit record */ - snprintf(extregex, 80, "extattr_list_file.*%s.*return,failure", path); - - FILE *pipefd = setup(fds, "fa"); - /* Failure reason: file does not exist */ - ATF_REQUIRE_EQ(-1, extattr_list_file(path, \ - EXTATTR_NAMESPACE_USER, NULL, 0)); - check_audit(fds, extregex, pipefd); -} - -ATF_TC_CLEANUP(extattr_list_file_failure, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(extattr_list_fd_success); -ATF_TC_HEAD(extattr_list_fd_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "extattr_list_fd(2) call"); -} - *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***