From owner-svn-src-all@freebsd.org Fri Jun 29 04:46:16 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 353CA10317EE; Fri, 29 Jun 2018 04:46:16 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D67CE7BC64; Fri, 29 Jun 2018 04:46:15 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B279D1C37F; Fri, 29 Jun 2018 04:46:15 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w5T4kF2h091359; Fri, 29 Jun 2018 04:46:15 GMT (envelope-from asomers@FreeBSD.org) Received: (from asomers@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w5T4kFFW091358; Fri, 29 Jun 2018 04:46:15 GMT (envelope-from asomers@FreeBSD.org) Message-Id: <201806290446.w5T4kFFW091358@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: asomers set sender to asomers@FreeBSD.org using -f From: Alan Somers Date: Fri, 29 Jun 2018 04:46:15 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r335791 - head/tests/sys/audit X-SVN-Group: head X-SVN-Commit-Author: asomers X-SVN-Commit-Paths: head/tests/sys/audit X-SVN-Commit-Revision: 335791 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jun 2018 04:46:16 -0000 Author: asomers Date: Fri Jun 29 04:46:15 2018 New Revision: 335791 URL: https://svnweb.freebsd.org/changeset/base/335791 Log: audit(4): add tests for setsid, wait4, wait6, and kill Submitted by: aniketp MFC after: 2 weeks Sponsored by: Google, Inc. (GSoC 2018) Differential Revision: https://reviews.freebsd.org/D16035 Modified: head/tests/sys/audit/process-control.c Modified: head/tests/sys/audit/process-control.c ============================================================================== --- head/tests/sys/audit/process-control.c Fri Jun 29 04:08:14 2018 (r335790) +++ head/tests/sys/audit/process-control.c Fri Jun 29 04:46:15 2018 (r335791) @@ -38,6 +38,7 @@ #include #include +#include #include #include #include @@ -70,7 +71,6 @@ ATF_TC_BODY(fork_success, tc) check_audit(fds, pcregex, pipefd); else _exit(0); - } ATF_TC_CLEANUP(fork_success, tc) @@ -102,7 +102,6 @@ ATF_TC_BODY(rfork_success, tc) check_audit(fds, pcregex, pipefd); else _exit(0); - } ATF_TC_CLEANUP(rfork_success, tc) @@ -135,6 +134,163 @@ ATF_TC_CLEANUP(rfork_failure, tc) } +ATF_TC_WITH_CLEANUP(wait4_success); +ATF_TC_HEAD(wait4_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "wait4(2) call"); +} + +ATF_TC_BODY(wait4_success, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "wait4.*%d.*return,success", pid); + + ATF_REQUIRE((pid = fork()) != -1); + if (pid) { + FILE *pipefd = setup(fds, auclass); + /* wpid = -1 : Wait for any child process */ + ATF_REQUIRE(wait4(-1, &status, 0, NULL) != -1); + check_audit(fds, pcregex, pipefd); + } + else + _exit(0); +} + +ATF_TC_CLEANUP(wait4_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(wait4_failure); +ATF_TC_HEAD(wait4_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "wait4(2) call"); +} + +ATF_TC_BODY(wait4_failure, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "wait4.*%d.*return,failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: No child process to wait for */ + ATF_REQUIRE_EQ(-1, wait4(-1, NULL, 0, NULL)); + check_audit(fds, pcregex, pipefd); +} + +ATF_TC_CLEANUP(wait4_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(wait6_success); +ATF_TC_HEAD(wait6_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "wait6(2) call"); +} + +ATF_TC_BODY(wait6_success, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "wait6.*%d.*return,success", pid); + + ATF_REQUIRE((pid = fork()) != -1); + if (pid) { + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE(wait6(P_ALL, 0, &status, WEXITED, NULL,NULL) != -1); + check_audit(fds, pcregex, pipefd); + } + else + _exit(0); +} + +ATF_TC_CLEANUP(wait6_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(wait6_failure); +ATF_TC_HEAD(wait6_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "wait6(2) call"); +} + +ATF_TC_BODY(wait6_failure, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "wait6.*%d.*return,failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument */ + ATF_REQUIRE_EQ(-1, wait6(0, 0, NULL, 0, NULL, NULL)); + check_audit(fds, pcregex, pipefd); +} + +ATF_TC_CLEANUP(wait6_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(kill_success); +ATF_TC_HEAD(kill_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "kill(2) call"); +} + +ATF_TC_BODY(kill_success, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "kill.*%d.*return,success", pid); + + FILE *pipefd = setup(fds, auclass); + /* Don't send any signal to anyone, live in peace! */ + ATF_REQUIRE_EQ(0, kill(0, 0)); + check_audit(fds, pcregex, pipefd); +} + +ATF_TC_CLEANUP(kill_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(kill_failure); +ATF_TC_HEAD(kill_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "kill(2) call"); +} + +ATF_TC_BODY(kill_failure, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "kill.*%d.*return,failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* + * Failure reason: Non existent process with PID '-2' + * Note: '-1' is not used as it means sending no signal to + * all non-system processes: A successful invocation + */ + ATF_REQUIRE_EQ(-1, kill(0, -2)); + check_audit(fds, pcregex, pipefd); +} + +ATF_TC_CLEANUP(kill_failure, tc) +{ + cleanup(); +} + + ATF_TC_WITH_CLEANUP(chdir_success); ATF_TC_HEAD(chdir_success, tc) { @@ -781,6 +937,69 @@ ATF_TC_CLEANUP(setpgrp_failure, tc) } +ATF_TC_WITH_CLEANUP(setsid_success); +ATF_TC_HEAD(setsid_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "setsid(2) call"); +} + +ATF_TC_BODY(setsid_success, tc) +{ + /* Main procedure is carried out from within the child process */ + ATF_REQUIRE((pid = fork()) != -1); + if (pid) { + ATF_REQUIRE(wait(&status) != -1); + } else { + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "setsid.*%d.*success", pid); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE(setsid() != -1); + check_audit(fds, pcregex, pipefd); + } +} + +ATF_TC_CLEANUP(setsid_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(setsid_failure); +ATF_TC_HEAD(setsid_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "setsid(2) call"); +} + +ATF_TC_BODY(setsid_failure, tc) +{ + pid = getpid(); + snprintf(pcregex, sizeof(pcregex), "setsid.*%d.*return,failure", pid); + + /* + * Here, we are intentionally ignoring the output of the setsid() + * call because it may or may not be a process leader already. But it + * ensures that the next invocation of setsid() will definitely fail. + */ + setsid(); + FILE *pipefd = setup(fds, auclass); + /* + * Failure reason: [EPERM] Creating a new session is not permitted + * as the PID of calling process matches the PGID of a process group + * created by premature setsid() call. + */ + ATF_REQUIRE_EQ(-1, setsid()); + check_audit(fds, pcregex, pipefd); +} + +ATF_TC_CLEANUP(setsid_failure, tc) +{ + cleanup(); +} + + ATF_TC_WITH_CLEANUP(setrlimit_success); ATF_TC_HEAD(setrlimit_success, tc) { @@ -1210,6 +1429,13 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, rfork_success); ATF_TP_ADD_TC(tp, rfork_failure); + ATF_TP_ADD_TC(tp, wait4_success); + ATF_TP_ADD_TC(tp, wait4_failure); + ATF_TP_ADD_TC(tp, wait6_success); + ATF_TP_ADD_TC(tp, wait6_failure); + ATF_TP_ADD_TC(tp, kill_success); + ATF_TP_ADD_TC(tp, kill_failure); + ATF_TP_ADD_TC(tp, chdir_success); ATF_TP_ADD_TC(tp, chdir_failure); ATF_TP_ADD_TC(tp, fchdir_success); @@ -1239,6 +1465,8 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, setgroups_failure); ATF_TP_ADD_TC(tp, setpgrp_success); ATF_TP_ADD_TC(tp, setpgrp_failure); + ATF_TP_ADD_TC(tp, setsid_success); + ATF_TP_ADD_TC(tp, setsid_failure); ATF_TP_ADD_TC(tp, setrlimit_success); ATF_TP_ADD_TC(tp, setrlimit_failure);