From owner-soc-status@freebsd.org Mon Jun 25 19:18:08 2018 Return-Path: Delivered-To: soc-status@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E6EAF101BF23 for ; Mon, 25 Jun 2018 19:18:07 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 357398A201; Mon, 25 Jun 2018 19:18:07 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-lj1-x243.google.com with SMTP id u6-v6so3750611lju.13; Mon, 25 Jun 2018 12:18:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=R6qy28xfibe9D9M54L8vJb3U/wqsORk4weLu/YCIfSc=; b=A5EPRh+yzo/9vS3ILIS+qYeOLs9OPDQk91+yUlP0vhiIzYjMfLCc+eMPm+zjUEO2GR NZOOOeUAOuak8Wip60IoPutFf0iVw63Sg8/mzmUiU5Xg77OmBc6kASC0QqByY4UIhufl J04WwoQRsdVMjTajqouOL9qZ1QrV7t2uXZkcvvfQoCUggCjfdtml67UFwBxvIGNLh/x+ JdTryqQ+2gLgk89XJn9PgAScrpz2Cti6X65OfUVkpb6MUd2+wMgECHuHYfowvg+iJIYw CuedVEp5MdD76zgmhtehqwHYdparK7zT/7GRKMAY6UjPX7aZUQt8dTXMAQfB9WGhg2ca sT4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=R6qy28xfibe9D9M54L8vJb3U/wqsORk4weLu/YCIfSc=; b=aiF/oVCtzRmK1qHuUxzImfP31zj5iCE0QvLSUH48NkxPpjfhAjojWaYt79pf79XeUm La2SlTqrMHBDX+SO3PZGdIRXLyGjS+nWRZWWaV6avLcQ/e9IpD7m3EGI/A7Eyj5xCyKz q7Wg4ApkVERbNCxiGgBFScYJvv0m8jInlSfwvq3pFBgp1Qmy+1kKmdnIZa7/THHRbmF4 RbBZiB/ixqR2KjG/TNd+FJOES2ipT6bNmE0lVv3JpWV0AL/ziEJi/VwPP67UGau2qcJ/ CAr6/VMYGs+AHlb1T8/cL38yYSALVq27P+/ZRexpiNh455UTHQ/924J48fpvT6poRdcm 9pxQ== X-Gm-Message-State: APt69E22RQFnlccLCRffoN5PH9O4YKRA3gXW315BtL1XIplB/j9UHOR6 k9PBtxJZRTWVslECe657doH5kfUSL1y1BKaBLjc= X-Google-Smtp-Source: ADUXVKILapUN0JZBzXgu5isGFzbkClpOYQOK75xjPcGiBnZvgjaE6a57Hdf9avkE50OKbxQg2/Q+KraGmrfIDBlArbA= X-Received: by 2002:a2e:6d11:: with SMTP id i17-v6mr8747745ljc.116.1529954285350; Mon, 25 Jun 2018 12:18:05 -0700 (PDT) MIME-Version: 1.0 Sender: asomers@gmail.com Received: by 2002:ab3:1b91:0:0:0:0:0 with HTTP; Mon, 25 Jun 2018 12:18:04 -0700 (PDT) In-Reply-To: References: From: Alan Somers Date: Mon, 25 Jun 2018 13:18:04 -0600 X-Google-Sender-Auth: twTx4-t26iT2gr4h7-RZ7inakeo Message-ID: Subject: Re: [GSoC-18] Regression Test-Suite for Audit Framework [Week-6] To: Aniket Pandey Cc: soc-status@freebsd.org, George Neville-Neil , Robert Watson Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.26 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jun 2018 19:18:08 -0000 On Mon, Jun 25, 2018 at 12:40 PM, Aniket Pandey wrote: > Hello All, > > This week, I primarily focused on getting the final bit of code merged in > FreeBSD src and resolving the issues revealed therein. I also encountered a > few interesting bugs and had to think out of the box to resolve them. > > 1) In the case of system calls concerned with manipulating SysV semaphore > operations, there is an option to #define _WANT_SEMUN to access the > semun union which is used for various commands of semctl(2). As defined in > "sys/security/audit/audit_klib.c", each of those 'commands' is a unique > audit event so it is recommended to test them all individually. But for > some reason, the import of union semun wasn't working properly and it > resulted in multiple incorrect forward declarations. To resolve the issue, > I had to recompile the kernel from source as this change was introduced > in r330299 [1] by brooks@ and apparently, I did not have the updated > version of 12-CURRENT. > Recompiling the kernel can't have helped. Brooks' change doesn't EXPOSE semun if you DO define _WANT_SEMUN. Rather, it HIDES semun if you DON"T define _WANT_SEMUN. Something else must've been the problem. > > 2) The wait4(2) issue with process control groups of system calls, about > which I had discussed a few emails back, turned out to be a false setback. > Usually, whenever I run my tests, I always have a clone of /dev/auditpipe > open in a separate window to monitor the actual execution of system calls > (Note: dtrace can also be used here). Now the auditpipe(4) device instance > "waits" for syscalls to enter the execution context and thus, this > extraneous wait4(2) tampers with tests by interfering with the syscall in > concern. Although this could lead to a problem if someone has both the > activities ongoing, however, Alan pointed out that these ATF tests would > rarely be run in a production environment so that wouldn't affect the > overall regression testing. > So the problem is that your test was completing or advancing too soon, because it was matching an event generated from outside of Kyua? That sounds like a bug, and a very difficult one to debug. You should add more details to the regex to ensure that it doesn't happen again. BTW, auditpipe(4) can't "wait" for syscalls. Only userland processes can call "wait" or its variants. And wait doesn't wait for syscalls; it waits for processes to change their running state. > > 3) For setpgrp(2), I had to execute the tests from a forked child process > as for some reason, Kyua denied modifying the process group ID of the main > test-case process (with EPERM). > > 4) For some administrative syscalls like auditctl(2) and acct(2), I had to > figure out how to get them to audit successfully without tampering with the > system accounting records and the event auditing at /var/audit. For that, I > followed the approach of confirming whether these utilities are enabled in > the system or not. If so, then we might have to temporarily disrupt the > system auditing/accounting by configuring a different file path to allow > the tests to execute independently. Once done, restart the respective > daemons. For acct(2), I had to use sysctlbyname(3) to get the accounting > status as the normal system(3) utility outputs the exit status of the > command ("ken.acct_configured" in our case) rather than the value in > STDOUT. > sysctlbyname is also far faster than system(3). > > 5) I'm yet to figure out how to get mount(2) and nmount(2) to execute > successfully. I tried mounting some dummy filesystems like nullfs, tmpfs, > and even UFS. But all efforts were in vain. I'll try some workarounds for > this issue. If anybody has any suggestions in this regard, I'll be glad to > give it a try! > > Apart from the issues mentioned above, the week was productive in general. > Almost all of my proposed work is now either in FreeBSD Head or is accepted > and waiting to be landed. Few miscellaneous syscalls' tests remain, and > I'll give them a run this week. > > Also, I've updated the documentation of my project repository [2]. Since > the tests won't be in FreeBSD 11 Stable, I'll try to create a custom > installation script for users who want to run the tests in the older stable > version. > This is probably more work than it's worth. It's likely that some of your tests won't work on 11, because of changes to the syscalls involved. If you really want to run your tests on stable/11, then we should just go through the normal MFC process. I can show you how to do that. > > Thank you, > With best regards, > Aniket Pandey > > [1] https://reviews.freebsd.org/rS330299 > [2] https://github.com/aniketp/AuditTestSuite > Project wiki: > https://wiki.freebsd.org/SummerOfCode2018Projects/ > RegressionTestSuiteForAuditFramework > >