xref: /freebsd/tests/sys/audit/file-attribute-modify.c (revision b3e7694832e81d7a904a10f525f8797b753bf0d3) 
1 /*-
2  * Copyright (c) 2018 Aniket Pandey
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * SUCH DAMAGE.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/extattr.h>
28 #include <sys/file.h>
29 #include <sys/mman.h>
30 #include <sys/stat.h>
31 #include <sys/time.h>
32 
33 #include <atf-c.h>
34 #include <errno.h>
35 #include <fcntl.h>
36 #include <stdint.h>
37 #include <unistd.h>
38 
39 #include "utils.h"
40 
41 static pid_t pid;
42 static uid_t uid = -1;
43 static gid_t gid = -1;
44 static int filedesc, retval;
45 static struct pollfd fds[1];
46 static mode_t mode = 0777;
47 static char extregex[80];
48 static char buff[] = "ezio";
49 static const char *auclass = "fm";
50 static const char *name = "authorname";
51 static const char *path = "fileforaudit";
52 static const char *errpath = "adirhasnoname/fileforaudit";
53 static const char *successreg = "fileforaudit.*return,success";
54 static const char *failurereg = "fileforaudit.*return,failure";
55 
56 
57 ATF_TC_WITH_CLEANUP(flock_success);
ATF_TC_HEAD(flock_success,tc)58 ATF_TC_HEAD(flock_success, tc)
59 {
60 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
61 					"flock(2) call");
62 }
63 
ATF_TC_BODY(flock_success,tc)64 ATF_TC_BODY(flock_success, tc)
65 {
66 	pid = getpid();
67 	snprintf(extregex, sizeof(extregex), "flock.*%d.*return,success", pid);
68 
69 	/* File needs to exist to call flock(2) */
70 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
71 	FILE *pipefd = setup(fds, auclass);
72 	ATF_REQUIRE_EQ(0, flock(filedesc, LOCK_SH));
73 	check_audit(fds, extregex, pipefd);
74 	close(filedesc);
75 }
76 
ATF_TC_CLEANUP(flock_success,tc)77 ATF_TC_CLEANUP(flock_success, tc)
78 {
79 	cleanup();
80 }
81 
82 
83 ATF_TC_WITH_CLEANUP(flock_failure);
ATF_TC_HEAD(flock_failure,tc)84 ATF_TC_HEAD(flock_failure, tc)
85 {
86 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
87 					"flock(2) call");
88 }
89 
ATF_TC_BODY(flock_failure,tc)90 ATF_TC_BODY(flock_failure, tc)
91 {
92 	const char *regex = "flock.*return,failure : Bad file descriptor";
93 	FILE *pipefd = setup(fds, auclass);
94 	ATF_REQUIRE_ERRNO(EBADF, flock(-1, LOCK_SH) == -1);
95 	check_audit(fds, regex, pipefd);
96 }
97 
ATF_TC_CLEANUP(flock_failure,tc)98 ATF_TC_CLEANUP(flock_failure, tc)
99 {
100 	cleanup();
101 }
102 
103 
104 ATF_TC_WITH_CLEANUP(fcntl_success);
ATF_TC_HEAD(fcntl_success,tc)105 ATF_TC_HEAD(fcntl_success, tc)
106 {
107 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
108 					"fcntl(2) call");
109 }
110 
ATF_TC_BODY(fcntl_success,tc)111 ATF_TC_BODY(fcntl_success, tc)
112 {
113 	int flagstatus;
114 	/* File needs to exist to call fcntl(2) */
115 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
116 	FILE *pipefd = setup(fds, auclass);
117 
118 	/* Retrieve the status flags of 'filedesc' and store it in flagstatus */
119 	ATF_REQUIRE((flagstatus = fcntl(filedesc, F_GETFL, 0)) != -1);
120 	snprintf(extregex, sizeof(extregex),
121 			"fcntl.*return,success,%d", flagstatus);
122 	check_audit(fds, extregex, pipefd);
123 	close(filedesc);
124 }
125 
ATF_TC_CLEANUP(fcntl_success,tc)126 ATF_TC_CLEANUP(fcntl_success, tc)
127 {
128 	cleanup();
129 }
130 
131 
132 ATF_TC_WITH_CLEANUP(fcntl_failure);
ATF_TC_HEAD(fcntl_failure,tc)133 ATF_TC_HEAD(fcntl_failure, tc)
134 {
135 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
136 					"fcntl(2) call");
137 }
138 
ATF_TC_BODY(fcntl_failure,tc)139 ATF_TC_BODY(fcntl_failure, tc)
140 {
141 	const char *regex = "fcntl.*return,failure : Bad file descriptor";
142 	FILE *pipefd = setup(fds, auclass);
143 	ATF_REQUIRE_ERRNO(EBADF, fcntl(-1, F_GETFL, 0) == -1);
144 	check_audit(fds, regex, pipefd);
145 }
146 
ATF_TC_CLEANUP(fcntl_failure,tc)147 ATF_TC_CLEANUP(fcntl_failure, tc)
148 {
149 	cleanup();
150 }
151 
152 
153 ATF_TC_WITH_CLEANUP(fsync_success);
ATF_TC_HEAD(fsync_success,tc)154 ATF_TC_HEAD(fsync_success, tc)
155 {
156 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
157 					"fsync(2) call");
158 }
159 
ATF_TC_BODY(fsync_success,tc)160 ATF_TC_BODY(fsync_success, tc)
161 {
162 	pid = getpid();
163 	snprintf(extregex, sizeof(extregex), "fsync.*%d.*return,success", pid);
164 
165 	/* File needs to exist to call fsync(2) */
166 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
167 	FILE *pipefd = setup(fds, auclass);
168 	ATF_REQUIRE_EQ(0, fsync(filedesc));
169 	check_audit(fds, extregex, pipefd);
170 	close(filedesc);
171 }
172 
ATF_TC_CLEANUP(fsync_success,tc)173 ATF_TC_CLEANUP(fsync_success, tc)
174 {
175 	cleanup();
176 }
177 
178 
179 ATF_TC_WITH_CLEANUP(fsync_failure);
ATF_TC_HEAD(fsync_failure,tc)180 ATF_TC_HEAD(fsync_failure, tc)
181 {
182 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
183 					"fsync(2) call");
184 }
185 
ATF_TC_BODY(fsync_failure,tc)186 ATF_TC_BODY(fsync_failure, tc)
187 {
188 	const char *regex = "fsync.*return,failure : Bad file descriptor";
189 	FILE *pipefd = setup(fds, auclass);
190 	/* Failure reason: Invalid file descriptor */
191 	ATF_REQUIRE_ERRNO(EBADF, fsync(-1) == -1);
192 	check_audit(fds, regex, pipefd);
193 }
194 
ATF_TC_CLEANUP(fsync_failure,tc)195 ATF_TC_CLEANUP(fsync_failure, tc)
196 {
197 	cleanup();
198 }
199 
200 
201 ATF_TC_WITH_CLEANUP(chmod_success);
ATF_TC_HEAD(chmod_success,tc)202 ATF_TC_HEAD(chmod_success, tc)
203 {
204 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
205 					"chmod(2) call");
206 }
207 
ATF_TC_BODY(chmod_success,tc)208 ATF_TC_BODY(chmod_success, tc)
209 {
210 	/* File needs to exist to call chmod(2) */
211 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
212 	FILE *pipefd = setup(fds, auclass);
213 	ATF_REQUIRE_EQ(0, chmod(path, mode));
214 	check_audit(fds, successreg, pipefd);
215 	close(filedesc);
216 }
217 
ATF_TC_CLEANUP(chmod_success,tc)218 ATF_TC_CLEANUP(chmod_success, tc)
219 {
220 	cleanup();
221 }
222 
223 
224 ATF_TC_WITH_CLEANUP(chmod_failure);
ATF_TC_HEAD(chmod_failure,tc)225 ATF_TC_HEAD(chmod_failure, tc)
226 {
227 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
228 					"chmod(2) call");
229 }
230 
ATF_TC_BODY(chmod_failure,tc)231 ATF_TC_BODY(chmod_failure, tc)
232 {
233 	FILE *pipefd = setup(fds, auclass);
234 	/* Failure reason: file does not exist */
235 	ATF_REQUIRE_ERRNO(ENOENT, chmod(errpath, mode) == -1);
236 	check_audit(fds, failurereg, pipefd);
237 }
238 
ATF_TC_CLEANUP(chmod_failure,tc)239 ATF_TC_CLEANUP(chmod_failure, tc)
240 {
241 	cleanup();
242 }
243 
244 
245 ATF_TC_WITH_CLEANUP(fchmod_success);
ATF_TC_HEAD(fchmod_success,tc)246 ATF_TC_HEAD(fchmod_success, tc)
247 {
248 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
249 					"fchmod(2) call");
250 }
251 
ATF_TC_BODY(fchmod_success,tc)252 ATF_TC_BODY(fchmod_success, tc)
253 {
254 	pid = getpid();
255 	snprintf(extregex, sizeof(extregex), "fchmod.*%d.*return,success", pid);
256 
257 	/* File needs to exist to call fchmod(2) */
258 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
259 	FILE *pipefd = setup(fds, auclass);
260 	ATF_REQUIRE_EQ(0, fchmod(filedesc, mode));
261 	check_audit(fds, extregex, pipefd);
262 	close(filedesc);
263 }
264 
ATF_TC_CLEANUP(fchmod_success,tc)265 ATF_TC_CLEANUP(fchmod_success, tc)
266 {
267 	cleanup();
268 }
269 
270 
271 ATF_TC_WITH_CLEANUP(fchmod_failure);
ATF_TC_HEAD(fchmod_failure,tc)272 ATF_TC_HEAD(fchmod_failure, tc)
273 {
274 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
275 					"fchmod(2) call");
276 }
277 
ATF_TC_BODY(fchmod_failure,tc)278 ATF_TC_BODY(fchmod_failure, tc)
279 {
280 	const char *regex = "fchmod.*return,failure : Bad file descriptor";
281 	FILE *pipefd = setup(fds, auclass);
282 	/* Failure reason: Invalid file descriptor */
283 	ATF_REQUIRE_ERRNO(EBADF, fchmod(-1, mode) == -1);
284 	check_audit(fds, regex, pipefd);
285 }
286 
ATF_TC_CLEANUP(fchmod_failure,tc)287 ATF_TC_CLEANUP(fchmod_failure, tc)
288 {
289 	cleanup();
290 }
291 
292 
293 ATF_TC_WITH_CLEANUP(lchmod_success);
ATF_TC_HEAD(lchmod_success,tc)294 ATF_TC_HEAD(lchmod_success, tc)
295 {
296 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
297 					"lchmod(2) call");
298 }
299 
ATF_TC_BODY(lchmod_success,tc)300 ATF_TC_BODY(lchmod_success, tc)
301 {
302 	/* Symbolic link needs to exist to call lchmod(2) */
303 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
304 	FILE *pipefd = setup(fds, auclass);
305 	ATF_REQUIRE_EQ(0, lchmod(path, mode));
306 	check_audit(fds, successreg, pipefd);
307 }
308 
ATF_TC_CLEANUP(lchmod_success,tc)309 ATF_TC_CLEANUP(lchmod_success, tc)
310 {
311 	cleanup();
312 }
313 
314 
315 ATF_TC_WITH_CLEANUP(lchmod_failure);
ATF_TC_HEAD(lchmod_failure,tc)316 ATF_TC_HEAD(lchmod_failure, tc)
317 {
318 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
319 					"lchmod(2) call");
320 }
321 
ATF_TC_BODY(lchmod_failure,tc)322 ATF_TC_BODY(lchmod_failure, tc)
323 {
324 	FILE *pipefd = setup(fds, auclass);
325 	/* Failure reason: file does not exist */
326 	ATF_REQUIRE_ERRNO(ENOENT, lchmod(errpath, mode) == -1);
327 	check_audit(fds, failurereg, pipefd);
328 }
329 
ATF_TC_CLEANUP(lchmod_failure,tc)330 ATF_TC_CLEANUP(lchmod_failure, tc)
331 {
332 	cleanup();
333 }
334 
335 
336 ATF_TC_WITH_CLEANUP(fchmodat_success);
ATF_TC_HEAD(fchmodat_success,tc)337 ATF_TC_HEAD(fchmodat_success, tc)
338 {
339 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
340 					"fchmodat(2) call");
341 }
342 
ATF_TC_BODY(fchmodat_success,tc)343 ATF_TC_BODY(fchmodat_success, tc)
344 {
345 	/* File needs to exist to call fchmodat(2) */
346 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
347 	FILE *pipefd = setup(fds, auclass);
348 	ATF_REQUIRE_EQ(0, fchmodat(AT_FDCWD, path, mode, 0));
349 	check_audit(fds, successreg, pipefd);
350 	close(filedesc);
351 }
352 
ATF_TC_CLEANUP(fchmodat_success,tc)353 ATF_TC_CLEANUP(fchmodat_success, tc)
354 {
355 	cleanup();
356 }
357 
358 
359 ATF_TC_WITH_CLEANUP(fchmodat_failure);
ATF_TC_HEAD(fchmodat_failure,tc)360 ATF_TC_HEAD(fchmodat_failure, tc)
361 {
362 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
363 					"fchmodat(2) call");
364 }
365 
ATF_TC_BODY(fchmodat_failure,tc)366 ATF_TC_BODY(fchmodat_failure, tc)
367 {
368 	FILE *pipefd = setup(fds, auclass);
369 	/* Failure reason: file does not exist */
370 	ATF_REQUIRE_ERRNO(ENOENT, fchmodat(AT_FDCWD, errpath, mode, 0) == -1);
371 	check_audit(fds, failurereg, pipefd);
372 }
373 
ATF_TC_CLEANUP(fchmodat_failure,tc)374 ATF_TC_CLEANUP(fchmodat_failure, tc)
375 {
376 	cleanup();
377 }
378 
379 
380 ATF_TC_WITH_CLEANUP(chown_success);
ATF_TC_HEAD(chown_success,tc)381 ATF_TC_HEAD(chown_success, tc)
382 {
383 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
384 					"chown(2) call");
385 }
386 
ATF_TC_BODY(chown_success,tc)387 ATF_TC_BODY(chown_success, tc)
388 {
389 	/* File needs to exist to call chown(2) */
390 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
391 	FILE *pipefd = setup(fds, auclass);
392 	ATF_REQUIRE_EQ(0, chown(path, uid, gid));
393 	check_audit(fds, successreg, pipefd);
394 	close(filedesc);
395 }
396 
ATF_TC_CLEANUP(chown_success,tc)397 ATF_TC_CLEANUP(chown_success, tc)
398 {
399 	cleanup();
400 }
401 
402 
403 ATF_TC_WITH_CLEANUP(chown_failure);
ATF_TC_HEAD(chown_failure,tc)404 ATF_TC_HEAD(chown_failure, tc)
405 {
406 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
407 					"chown(2) call");
408 }
409 
ATF_TC_BODY(chown_failure,tc)410 ATF_TC_BODY(chown_failure, tc)
411 {
412 	FILE *pipefd = setup(fds, auclass);
413 	/* Failure reason: file does not exist */
414 	ATF_REQUIRE_ERRNO(ENOENT, chown(errpath, uid, gid) == -1);
415 	check_audit(fds, failurereg, pipefd);
416 }
417 
ATF_TC_CLEANUP(chown_failure,tc)418 ATF_TC_CLEANUP(chown_failure, tc)
419 {
420 	cleanup();
421 }
422 
423 
424 ATF_TC_WITH_CLEANUP(fchown_success);
ATF_TC_HEAD(fchown_success,tc)425 ATF_TC_HEAD(fchown_success, tc)
426 {
427 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
428 					"fchown(2) call");
429 }
430 
ATF_TC_BODY(fchown_success,tc)431 ATF_TC_BODY(fchown_success, tc)
432 {
433 	pid = getpid();
434 	snprintf(extregex, sizeof(extregex), "fchown.*%d.*return,success", pid);
435 
436 	/* File needs to exist to call fchown(2) */
437 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
438 	FILE *pipefd = setup(fds, auclass);
439 	ATF_REQUIRE_EQ(0, fchown(filedesc, uid, gid));
440 	check_audit(fds, extregex, pipefd);
441 	close(filedesc);
442 }
443 
ATF_TC_CLEANUP(fchown_success,tc)444 ATF_TC_CLEANUP(fchown_success, tc)
445 {
446 	cleanup();
447 }
448 
449 
450 ATF_TC_WITH_CLEANUP(fchown_failure);
ATF_TC_HEAD(fchown_failure,tc)451 ATF_TC_HEAD(fchown_failure, tc)
452 {
453 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
454 					"fchown(2) call");
455 }
456 
ATF_TC_BODY(fchown_failure,tc)457 ATF_TC_BODY(fchown_failure, tc)
458 {
459 	const char *regex = "fchown.*return,failure : Bad file descriptor";
460 	FILE *pipefd = setup(fds, auclass);
461 	/* Failure reason: Invalid file descriptor */
462 	ATF_REQUIRE_ERRNO(EBADF, fchown(-1, uid, gid) == -1);
463 	check_audit(fds, regex, pipefd);
464 }
465 
ATF_TC_CLEANUP(fchown_failure,tc)466 ATF_TC_CLEANUP(fchown_failure, tc)
467 {
468 	cleanup();
469 }
470 
471 
472 ATF_TC_WITH_CLEANUP(lchown_success);
ATF_TC_HEAD(lchown_success,tc)473 ATF_TC_HEAD(lchown_success, tc)
474 {
475 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
476 					"lchown(2) call");
477 }
478 
ATF_TC_BODY(lchown_success,tc)479 ATF_TC_BODY(lchown_success, tc)
480 {
481 	/* Symbolic link needs to exist to call lchown(2) */
482 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
483 	FILE *pipefd = setup(fds, auclass);
484 	ATF_REQUIRE_EQ(0, lchown(path, uid, gid));
485 	check_audit(fds, successreg, pipefd);
486 }
487 
ATF_TC_CLEANUP(lchown_success,tc)488 ATF_TC_CLEANUP(lchown_success, tc)
489 {
490 	cleanup();
491 }
492 
493 
494 ATF_TC_WITH_CLEANUP(lchown_failure);
ATF_TC_HEAD(lchown_failure,tc)495 ATF_TC_HEAD(lchown_failure, tc)
496 {
497 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
498 					"lchown(2) call");
499 }
500 
ATF_TC_BODY(lchown_failure,tc)501 ATF_TC_BODY(lchown_failure, tc)
502 {
503 	FILE *pipefd = setup(fds, auclass);
504 	/* Failure reason: Symbolic link does not exist */
505 	ATF_REQUIRE_ERRNO(ENOENT, lchown(errpath, uid, gid) == -1);
506 	check_audit(fds, failurereg, pipefd);
507 }
508 
ATF_TC_CLEANUP(lchown_failure,tc)509 ATF_TC_CLEANUP(lchown_failure, tc)
510 {
511 	cleanup();
512 }
513 
514 
515 ATF_TC_WITH_CLEANUP(fchownat_success);
ATF_TC_HEAD(fchownat_success,tc)516 ATF_TC_HEAD(fchownat_success, tc)
517 {
518 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
519 					"fchownat(2) call");
520 }
521 
ATF_TC_BODY(fchownat_success,tc)522 ATF_TC_BODY(fchownat_success, tc)
523 {
524 	/* File needs to exist to call fchownat(2) */
525 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
526 	FILE *pipefd = setup(fds, auclass);
527 	ATF_REQUIRE_EQ(0, fchownat(AT_FDCWD, path, uid, gid, 0));
528 	check_audit(fds, successreg, pipefd);
529 	close(filedesc);
530 }
531 
ATF_TC_CLEANUP(fchownat_success,tc)532 ATF_TC_CLEANUP(fchownat_success, tc)
533 {
534 	cleanup();
535 }
536 
537 
538 ATF_TC_WITH_CLEANUP(fchownat_failure);
ATF_TC_HEAD(fchownat_failure,tc)539 ATF_TC_HEAD(fchownat_failure, tc)
540 {
541 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
542 					"fchownat(2) call");
543 }
544 
ATF_TC_BODY(fchownat_failure,tc)545 ATF_TC_BODY(fchownat_failure, tc)
546 {
547 	FILE *pipefd = setup(fds, auclass);
548 	/* Failure reason: file does not exist */
549 	ATF_REQUIRE_ERRNO(ENOENT,
550 	    fchownat(AT_FDCWD, errpath, uid, gid, 0) == -1);
551 	check_audit(fds, failurereg, pipefd);
552 }
553 
ATF_TC_CLEANUP(fchownat_failure,tc)554 ATF_TC_CLEANUP(fchownat_failure, tc)
555 {
556 	cleanup();
557 }
558 
559 
560 ATF_TC_WITH_CLEANUP(chflags_success);
ATF_TC_HEAD(chflags_success,tc)561 ATF_TC_HEAD(chflags_success, tc)
562 {
563 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
564 					"chflags(2) call");
565 }
566 
ATF_TC_BODY(chflags_success,tc)567 ATF_TC_BODY(chflags_success, tc)
568 {
569 	/* File needs to exist to call chflags(2) */
570 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
571 	FILE *pipefd = setup(fds, auclass);
572 	ATF_REQUIRE_EQ(0, chflags(path, UF_OFFLINE));
573 	check_audit(fds, successreg, pipefd);
574 	close(filedesc);
575 }
576 
ATF_TC_CLEANUP(chflags_success,tc)577 ATF_TC_CLEANUP(chflags_success, tc)
578 {
579 	cleanup();
580 }
581 
582 
583 ATF_TC_WITH_CLEANUP(chflags_failure);
ATF_TC_HEAD(chflags_failure,tc)584 ATF_TC_HEAD(chflags_failure, tc)
585 {
586 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
587 					"chflags(2) call");
588 }
589 
ATF_TC_BODY(chflags_failure,tc)590 ATF_TC_BODY(chflags_failure, tc)
591 {
592 	FILE *pipefd = setup(fds, auclass);
593 	/* Failure reason: file does not exist */
594 	ATF_REQUIRE_ERRNO(ENOENT, chflags(errpath, UF_OFFLINE) == -1);
595 	check_audit(fds, failurereg, pipefd);
596 }
597 
ATF_TC_CLEANUP(chflags_failure,tc)598 ATF_TC_CLEANUP(chflags_failure, tc)
599 {
600 	cleanup();
601 }
602 
603 
604 ATF_TC_WITH_CLEANUP(fchflags_success);
ATF_TC_HEAD(fchflags_success,tc)605 ATF_TC_HEAD(fchflags_success, tc)
606 {
607 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
608 					"fchflags(2) call");
609 }
610 
ATF_TC_BODY(fchflags_success,tc)611 ATF_TC_BODY(fchflags_success, tc)
612 {
613 	pid = getpid();
614 	snprintf(extregex, sizeof(extregex), "fchflags.*%d.*ret.*success", pid);
615 	/* File needs to exist to call fchflags(2) */
616 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
617 
618 	FILE *pipefd = setup(fds, auclass);
619 	ATF_REQUIRE_EQ(0, fchflags(filedesc, UF_OFFLINE));
620 	check_audit(fds, extregex, pipefd);
621 	close(filedesc);
622 }
623 
ATF_TC_CLEANUP(fchflags_success,tc)624 ATF_TC_CLEANUP(fchflags_success, tc)
625 {
626 	cleanup();
627 }
628 
629 
630 ATF_TC_WITH_CLEANUP(fchflags_failure);
ATF_TC_HEAD(fchflags_failure,tc)631 ATF_TC_HEAD(fchflags_failure, tc)
632 {
633 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
634 					"fchflags(2) call");
635 }
636 
ATF_TC_BODY(fchflags_failure,tc)637 ATF_TC_BODY(fchflags_failure, tc)
638 {
639 	const char *regex = "fchflags.*return,failure : Bad file descriptor";
640 	FILE *pipefd = setup(fds, auclass);
641 	/* Failure reason: Invalid file descriptor */
642 	ATF_REQUIRE_ERRNO(EBADF, fchflags(-1, UF_OFFLINE) == -1);
643 	check_audit(fds, regex, pipefd);
644 }
645 
ATF_TC_CLEANUP(fchflags_failure,tc)646 ATF_TC_CLEANUP(fchflags_failure, tc)
647 {
648 	cleanup();
649 }
650 
651 
652 ATF_TC_WITH_CLEANUP(lchflags_success);
ATF_TC_HEAD(lchflags_success,tc)653 ATF_TC_HEAD(lchflags_success, tc)
654 {
655 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
656 					"lchflags(2) call");
657 }
658 
ATF_TC_BODY(lchflags_success,tc)659 ATF_TC_BODY(lchflags_success, tc)
660 {
661 	/* Symbolic link needs to exist to call lchflags(2) */
662 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
663 	FILE *pipefd = setup(fds, auclass);
664 	ATF_REQUIRE_EQ(0, lchflags(path, UF_OFFLINE));
665 	check_audit(fds, successreg, pipefd);
666 }
667 
ATF_TC_CLEANUP(lchflags_success,tc)668 ATF_TC_CLEANUP(lchflags_success, tc)
669 {
670 	cleanup();
671 }
672 
673 
674 ATF_TC_WITH_CLEANUP(lchflags_failure);
ATF_TC_HEAD(lchflags_failure,tc)675 ATF_TC_HEAD(lchflags_failure, tc)
676 {
677 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
678 					"lchflags(2) call");
679 }
680 
ATF_TC_BODY(lchflags_failure,tc)681 ATF_TC_BODY(lchflags_failure, tc)
682 {
683 	FILE *pipefd = setup(fds, auclass);
684 	/* Failure reason: Symbolic link does not exist */
685 	ATF_REQUIRE_ERRNO(ENOENT, lchflags(errpath, UF_OFFLINE) == -1);
686 	check_audit(fds, failurereg, pipefd);
687 }
688 
ATF_TC_CLEANUP(lchflags_failure,tc)689 ATF_TC_CLEANUP(lchflags_failure, tc)
690 {
691 	cleanup();
692 }
693 
694 
695 ATF_TC_WITH_CLEANUP(chflagsat_success);
ATF_TC_HEAD(chflagsat_success,tc)696 ATF_TC_HEAD(chflagsat_success, tc)
697 {
698 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
699 					"chflagsat(2) call");
700 }
701 
ATF_TC_BODY(chflagsat_success,tc)702 ATF_TC_BODY(chflagsat_success, tc)
703 {
704 	/* File needs to exist to call chflagsat(2) */
705 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
706 	FILE *pipefd = setup(fds, auclass);
707 	ATF_REQUIRE_EQ(0, chflagsat(AT_FDCWD, path, UF_OFFLINE, 0));
708 	check_audit(fds, successreg, pipefd);
709 	close(filedesc);
710 }
711 
ATF_TC_CLEANUP(chflagsat_success,tc)712 ATF_TC_CLEANUP(chflagsat_success, tc)
713 {
714 	cleanup();
715 }
716 
717 
718 ATF_TC_WITH_CLEANUP(chflagsat_failure);
ATF_TC_HEAD(chflagsat_failure,tc)719 ATF_TC_HEAD(chflagsat_failure, tc)
720 {
721 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
722 					"chflagsat(2) call");
723 }
724 
ATF_TC_BODY(chflagsat_failure,tc)725 ATF_TC_BODY(chflagsat_failure, tc)
726 {
727 	FILE *pipefd = setup(fds, auclass);
728 	/* Failure reason: file does not exist */
729 	ATF_REQUIRE_ERRNO(ENOENT,
730 	    chflagsat(AT_FDCWD, errpath, UF_OFFLINE, 0) == -1);
731 	check_audit(fds, failurereg, pipefd);
732 }
733 
ATF_TC_CLEANUP(chflagsat_failure,tc)734 ATF_TC_CLEANUP(chflagsat_failure, tc)
735 {
736 	cleanup();
737 }
738 
739 
740 ATF_TC_WITH_CLEANUP(utimes_success);
ATF_TC_HEAD(utimes_success,tc)741 ATF_TC_HEAD(utimes_success, tc)
742 {
743 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
744 					"utimes(2) call");
745 }
746 
ATF_TC_BODY(utimes_success,tc)747 ATF_TC_BODY(utimes_success, tc)
748 {
749 	/* File needs to exist to call utimes(2) */
750 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
751 	FILE *pipefd = setup(fds, auclass);
752 	ATF_REQUIRE_EQ(0, utimes(path, NULL));
753 	check_audit(fds, successreg, pipefd);
754 	close(filedesc);
755 }
756 
ATF_TC_CLEANUP(utimes_success,tc)757 ATF_TC_CLEANUP(utimes_success, tc)
758 {
759 	cleanup();
760 }
761 
762 
763 ATF_TC_WITH_CLEANUP(utimes_failure);
ATF_TC_HEAD(utimes_failure,tc)764 ATF_TC_HEAD(utimes_failure, tc)
765 {
766 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
767 					"utimes(2) call");
768 }
769 
ATF_TC_BODY(utimes_failure,tc)770 ATF_TC_BODY(utimes_failure, tc)
771 {
772 	FILE *pipefd = setup(fds, auclass);
773 	/* Failure reason: file does not exist */
774 	ATF_REQUIRE_ERRNO(ENOENT, utimes(errpath, NULL) == -1);
775 	check_audit(fds, failurereg, pipefd);
776 }
777 
ATF_TC_CLEANUP(utimes_failure,tc)778 ATF_TC_CLEANUP(utimes_failure, tc)
779 {
780 	cleanup();
781 }
782 
783 
784 ATF_TC_WITH_CLEANUP(futimes_success);
ATF_TC_HEAD(futimes_success,tc)785 ATF_TC_HEAD(futimes_success, tc)
786 {
787 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
788 					"futimes(2) call");
789 }
790 
ATF_TC_BODY(futimes_success,tc)791 ATF_TC_BODY(futimes_success, tc)
792 {
793 	pid = getpid();
794 	snprintf(extregex, sizeof(extregex), "futimes.*%d.*ret.*success", pid);
795 
796 	/* File needs to exist to call futimes(2) */
797 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
798 	FILE *pipefd = setup(fds, auclass);
799 	ATF_REQUIRE_EQ(0, futimes(filedesc, NULL));
800 	check_audit(fds, extregex, pipefd);
801 	close(filedesc);
802 }
803 
ATF_TC_CLEANUP(futimes_success,tc)804 ATF_TC_CLEANUP(futimes_success, tc)
805 {
806 	cleanup();
807 }
808 
809 
810 ATF_TC_WITH_CLEANUP(futimes_failure);
ATF_TC_HEAD(futimes_failure,tc)811 ATF_TC_HEAD(futimes_failure, tc)
812 {
813 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
814 					"futimes(2) call");
815 }
816 
ATF_TC_BODY(futimes_failure,tc)817 ATF_TC_BODY(futimes_failure, tc)
818 {
819 	const char *regex = "futimes.*return,failure : Bad file descriptor";
820 	FILE *pipefd = setup(fds, auclass);
821 	/* Failure reason: Invalid file descriptor */
822 	ATF_REQUIRE_ERRNO(EBADF, futimes(-1, NULL) == -1);
823 	check_audit(fds, regex, pipefd);
824 }
825 
ATF_TC_CLEANUP(futimes_failure,tc)826 ATF_TC_CLEANUP(futimes_failure, tc)
827 {
828 	cleanup();
829 }
830 
831 
832 ATF_TC_WITH_CLEANUP(lutimes_success);
ATF_TC_HEAD(lutimes_success,tc)833 ATF_TC_HEAD(lutimes_success, tc)
834 {
835 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
836 					"lutimes(2) call");
837 }
838 
ATF_TC_BODY(lutimes_success,tc)839 ATF_TC_BODY(lutimes_success, tc)
840 {
841 	/* Symbolic link needs to exist to call lutimes(2) */
842 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
843 	FILE *pipefd = setup(fds, auclass);
844 	ATF_REQUIRE_EQ(0, lutimes(path, NULL));
845 	check_audit(fds, successreg, pipefd);
846 }
847 
ATF_TC_CLEANUP(lutimes_success,tc)848 ATF_TC_CLEANUP(lutimes_success, tc)
849 {
850 	cleanup();
851 }
852 
853 
854 ATF_TC_WITH_CLEANUP(lutimes_failure);
ATF_TC_HEAD(lutimes_failure,tc)855 ATF_TC_HEAD(lutimes_failure, tc)
856 {
857 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
858 					"lutimes(2) call");
859 }
860 
ATF_TC_BODY(lutimes_failure,tc)861 ATF_TC_BODY(lutimes_failure, tc)
862 {
863 	FILE *pipefd = setup(fds, auclass);
864 	/* Failure reason: symbolic link does not exist */
865 	ATF_REQUIRE_ERRNO(ENOENT, lutimes(errpath, NULL) == -1);
866 	check_audit(fds, failurereg, pipefd);
867 }
868 
ATF_TC_CLEANUP(lutimes_failure,tc)869 ATF_TC_CLEANUP(lutimes_failure, tc)
870 {
871 	cleanup();
872 }
873 
874 
875 ATF_TC_WITH_CLEANUP(futimesat_success);
ATF_TC_HEAD(futimesat_success,tc)876 ATF_TC_HEAD(futimesat_success, tc)
877 {
878 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
879 					"futimesat(2) call");
880 }
881 
ATF_TC_BODY(futimesat_success,tc)882 ATF_TC_BODY(futimesat_success, tc)
883 {
884 	/* File needs to exist to call futimesat(2) */
885 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
886 	FILE *pipefd = setup(fds, auclass);
887 	ATF_REQUIRE_EQ(0, futimesat(AT_FDCWD, path, NULL));
888 	check_audit(fds, successreg, pipefd);
889 	close(filedesc);
890 }
891 
ATF_TC_CLEANUP(futimesat_success,tc)892 ATF_TC_CLEANUP(futimesat_success, tc)
893 {
894 	cleanup();
895 }
896 
897 
898 ATF_TC_WITH_CLEANUP(futimesat_failure);
ATF_TC_HEAD(futimesat_failure,tc)899 ATF_TC_HEAD(futimesat_failure, tc)
900 {
901 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
902 					"futimesat(2) call");
903 }
904 
ATF_TC_BODY(futimesat_failure,tc)905 ATF_TC_BODY(futimesat_failure, tc)
906 {
907 	FILE *pipefd = setup(fds, auclass);
908 	/* Failure reason: file does not exist */
909 	ATF_REQUIRE_ERRNO(ENOENT, futimesat(AT_FDCWD, errpath, NULL) == -1);
910 	check_audit(fds, failurereg, pipefd);
911 }
912 
ATF_TC_CLEANUP(futimesat_failure,tc)913 ATF_TC_CLEANUP(futimesat_failure, tc)
914 {
915 	cleanup();
916 }
917 
918 
919 ATF_TC_WITH_CLEANUP(mprotect_success);
ATF_TC_HEAD(mprotect_success,tc)920 ATF_TC_HEAD(mprotect_success, tc)
921 {
922 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
923 					"mprotect(2) call");
924 }
925 
ATF_TC_BODY(mprotect_success,tc)926 ATF_TC_BODY(mprotect_success, tc)
927 {
928 	pid = getpid();
929 	snprintf(extregex, sizeof(extregex), "mprotect.*%d.*ret.*success", pid);
930 
931 	FILE *pipefd = setup(fds, auclass);
932 	ATF_REQUIRE_EQ(0, mprotect(NULL, 0, PROT_NONE));
933 	check_audit(fds, extregex, pipefd);
934 }
935 
ATF_TC_CLEANUP(mprotect_success,tc)936 ATF_TC_CLEANUP(mprotect_success, tc)
937 {
938 	cleanup();
939 }
940 
941 
942 ATF_TC_WITH_CLEANUP(mprotect_failure);
ATF_TC_HEAD(mprotect_failure,tc)943 ATF_TC_HEAD(mprotect_failure, tc)
944 {
945 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
946 					"mprotect(2) call");
947 }
948 
ATF_TC_BODY(mprotect_failure,tc)949 ATF_TC_BODY(mprotect_failure, tc)
950 {
951 	const char *regex = "mprotect.*return,failure : Invalid argument";
952 	FILE *pipefd = setup(fds, auclass);
953 	ATF_REQUIRE_ERRNO(EINVAL,
954 	    mprotect((void *)SIZE_MAX, -1, PROT_NONE) == -1);
955 	check_audit(fds, regex, pipefd);
956 }
957 
ATF_TC_CLEANUP(mprotect_failure,tc)958 ATF_TC_CLEANUP(mprotect_failure, tc)
959 {
960 	cleanup();
961 }
962 
963 /*
964  * undelete(2) only works on whiteout files in union file system. Hence, no
965  * test case for successful invocation.
966  */
967 
968 ATF_TC_WITH_CLEANUP(undelete_failure);
ATF_TC_HEAD(undelete_failure,tc)969 ATF_TC_HEAD(undelete_failure, tc)
970 {
971 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
972 					"undelete(2) call");
973 }
974 
ATF_TC_BODY(undelete_failure,tc)975 ATF_TC_BODY(undelete_failure, tc)
976 {
977 	pid = getpid();
978 	snprintf(extregex, sizeof(extregex), "undelete.*%d.*ret.*failure", pid);
979 
980 	FILE *pipefd = setup(fds, auclass);
981 	/* Failure reason: File does not exist */
982 	ATF_REQUIRE_ERRNO(ENOENT, undelete(errpath) == -1);
983 	check_audit(fds, extregex, pipefd);
984 }
985 
ATF_TC_CLEANUP(undelete_failure,tc)986 ATF_TC_CLEANUP(undelete_failure, tc)
987 {
988 	cleanup();
989 }
990 
991 
992 ATF_TC_WITH_CLEANUP(extattr_set_file_success);
ATF_TC_HEAD(extattr_set_file_success,tc)993 ATF_TC_HEAD(extattr_set_file_success, tc)
994 {
995 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
996 					"extattr_set_file(2) call");
997 }
998 
ATF_TC_BODY(extattr_set_file_success,tc)999 ATF_TC_BODY(extattr_set_file_success, tc)
1000 {
1001 	/* File needs to exist to call extattr_set_file(2) */
1002 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
1003 	skip_if_extattr_not_supported(path);
1004 
1005 	/* Prepare the regex to be checked in the audit record */
1006 	snprintf(extregex, sizeof(extregex),
1007 		"extattr_set_file.*%s.*%s.*return,success", path, name);
1008 
1009 	FILE *pipefd = setup(fds, auclass);
1010 	REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_file(path,
1011 		EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff)));
1012 	check_audit(fds, extregex, pipefd);
1013 	close(filedesc);
1014 }
1015 
ATF_TC_CLEANUP(extattr_set_file_success,tc)1016 ATF_TC_CLEANUP(extattr_set_file_success, tc)
1017 {
1018 	cleanup();
1019 }
1020 
1021 
1022 ATF_TC_WITH_CLEANUP(extattr_set_file_failure);
ATF_TC_HEAD(extattr_set_file_failure,tc)1023 ATF_TC_HEAD(extattr_set_file_failure, tc)
1024 {
1025 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1026 					"extattr_set_file(2) call");
1027 }
1028 
ATF_TC_BODY(extattr_set_file_failure,tc)1029 ATF_TC_BODY(extattr_set_file_failure, tc)
1030 {
1031 	/* Prepare the regex to be checked in the audit record */
1032 	snprintf(extregex, sizeof(extregex),
1033 		"extattr_set_file.*%s.*%s.*failure", path, name);
1034 
1035 	FILE *pipefd = setup(fds, auclass);
1036 	/* Failure reason: file does not exist */
1037 	ATF_REQUIRE_ERRNO(ENOENT,
1038 	    extattr_set_file(path, EXTATTR_NAMESPACE_USER, name, NULL, 0) ==
1039 		-1);
1040 	check_audit(fds, extregex, pipefd);
1041 }
1042 
ATF_TC_CLEANUP(extattr_set_file_failure,tc)1043 ATF_TC_CLEANUP(extattr_set_file_failure, tc)
1044 {
1045 	cleanup();
1046 }
1047 
1048 
1049 ATF_TC_WITH_CLEANUP(extattr_set_fd_success);
ATF_TC_HEAD(extattr_set_fd_success,tc)1050 ATF_TC_HEAD(extattr_set_fd_success, tc)
1051 {
1052 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1053 					"extattr_set_fd(2) call");
1054 }
1055 
ATF_TC_BODY(extattr_set_fd_success,tc)1056 ATF_TC_BODY(extattr_set_fd_success, tc)
1057 {
1058 	/* File needs to exist to call extattr_set_fd(2) */
1059 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
1060 	skip_if_extattr_not_supported(path);
1061 
1062 	/* Prepare the regex to be checked in the audit record */
1063 	snprintf(extregex, sizeof(extregex),
1064 		"extattr_set_fd.*%s.*return,success", name);
1065 
1066 	FILE *pipefd = setup(fds, auclass);
1067 	REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_fd(filedesc,
1068 		EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff)));
1069 	check_audit(fds, extregex, pipefd);
1070 	close(filedesc);
1071 }
1072 
ATF_TC_CLEANUP(extattr_set_fd_success,tc)1073 ATF_TC_CLEANUP(extattr_set_fd_success, tc)
1074 {
1075 	cleanup();
1076 }
1077 
1078 
1079 ATF_TC_WITH_CLEANUP(extattr_set_fd_failure);
ATF_TC_HEAD(extattr_set_fd_failure,tc)1080 ATF_TC_HEAD(extattr_set_fd_failure, tc)
1081 {
1082 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1083 					"extattr_set_fd(2) call");
1084 }
1085 
ATF_TC_BODY(extattr_set_fd_failure,tc)1086 ATF_TC_BODY(extattr_set_fd_failure, tc)
1087 {
1088 	/* Prepare the regex to be checked in the audit record */
1089 	snprintf(extregex, sizeof(extregex),
1090 	"extattr_set_fd.*%s.*return,failure : Bad file descriptor", name);
1091 
1092 	FILE *pipefd = setup(fds, auclass);
1093 	/* Failure reason: Invalid file descriptor */
1094 	ATF_REQUIRE_ERRNO(EBADF,
1095 	    extattr_set_fd(-1, EXTATTR_NAMESPACE_USER, name, NULL, 0) == -1);
1096 	check_audit(fds, extregex, pipefd);
1097 }
1098 
ATF_TC_CLEANUP(extattr_set_fd_failure,tc)1099 ATF_TC_CLEANUP(extattr_set_fd_failure, tc)
1100 {
1101 	cleanup();
1102 }
1103 
1104 
1105 ATF_TC_WITH_CLEANUP(extattr_set_link_success);
ATF_TC_HEAD(extattr_set_link_success,tc)1106 ATF_TC_HEAD(extattr_set_link_success, tc)
1107 {
1108 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1109 					"extattr_set_link(2) call");
1110 }
1111 
ATF_TC_BODY(extattr_set_link_success,tc)1112 ATF_TC_BODY(extattr_set_link_success, tc)
1113 {
1114 	/* Symbolic link needs to exist to call extattr_set_link(2) */
1115 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
1116 	skip_if_extattr_not_supported(".");
1117 
1118 	/* Prepare the regex to be checked in the audit record */
1119 	snprintf(extregex, sizeof(extregex),
1120 		"extattr_set_link.*%s.*%s.*return,success", path, name);
1121 
1122 	FILE *pipefd = setup(fds, auclass);
1123 	REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_link(path,
1124 		EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff)));
1125 
1126 	check_audit(fds, extregex, pipefd);
1127 }
1128 
ATF_TC_CLEANUP(extattr_set_link_success,tc)1129 ATF_TC_CLEANUP(extattr_set_link_success, tc)
1130 {
1131 	cleanup();
1132 }
1133 
1134 
1135 ATF_TC_WITH_CLEANUP(extattr_set_link_failure);
ATF_TC_HEAD(extattr_set_link_failure,tc)1136 ATF_TC_HEAD(extattr_set_link_failure, tc)
1137 {
1138 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1139 					"extattr_set_link(2) call");
1140 }
1141 
ATF_TC_BODY(extattr_set_link_failure,tc)1142 ATF_TC_BODY(extattr_set_link_failure, tc)
1143 {
1144 	/* Prepare the regex to be checked in the audit record */
1145 	snprintf(extregex, sizeof(extregex),
1146 		"extattr_set_link.*%s.*%s.*failure", path, name);
1147 	FILE *pipefd = setup(fds, auclass);
1148 	/* Failure reason: symbolic link does not exist */
1149 	ATF_REQUIRE_ERRNO(ENOENT,
1150 	    extattr_set_link(path, EXTATTR_NAMESPACE_USER, name, NULL, 0) ==
1151 		-1);
1152 	check_audit(fds, extregex, pipefd);
1153 }
1154 
ATF_TC_CLEANUP(extattr_set_link_failure,tc)1155 ATF_TC_CLEANUP(extattr_set_link_failure, tc)
1156 {
1157 	cleanup();
1158 }
1159 
1160 
1161 ATF_TC_WITH_CLEANUP(extattr_delete_file_success);
ATF_TC_HEAD(extattr_delete_file_success,tc)1162 ATF_TC_HEAD(extattr_delete_file_success, tc)
1163 {
1164 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1165 					"extattr_delete_file(2) call");
1166 }
1167 
ATF_TC_BODY(extattr_delete_file_success,tc)1168 ATF_TC_BODY(extattr_delete_file_success, tc)
1169 {
1170 	/* File needs to exist to call extattr_delete_file(2) */
1171 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
1172 	skip_if_extattr_not_supported(path);
1173 
1174 	REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_file(path,
1175 		EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff)));
1176 
1177 	FILE *pipefd = setup(fds, auclass);
1178 	retval = REQUIRE_EXTATTR_SUCCESS(
1179 	    extattr_delete_file(path, EXTATTR_NAMESPACE_USER, name));
1180 	/* Prepare the regex to be checked in the audit record */
1181 	snprintf(extregex, sizeof(extregex),
1182 	"extattr_delete_file.*%s.*return,success,%d", path, retval);
1183 	check_audit(fds, extregex, pipefd);
1184 	close(filedesc);
1185 }
1186 
ATF_TC_CLEANUP(extattr_delete_file_success,tc)1187 ATF_TC_CLEANUP(extattr_delete_file_success, tc)
1188 {
1189 	cleanup();
1190 }
1191 
1192 
1193 ATF_TC_WITH_CLEANUP(extattr_delete_file_failure);
ATF_TC_HEAD(extattr_delete_file_failure,tc)1194 ATF_TC_HEAD(extattr_delete_file_failure, tc)
1195 {
1196 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1197 					"extattr_delete_file(2) call");
1198 }
1199 
ATF_TC_BODY(extattr_delete_file_failure,tc)1200 ATF_TC_BODY(extattr_delete_file_failure, tc)
1201 {
1202 	/* Prepare the regex to be checked in the audit record */
1203 	snprintf(extregex, sizeof(extregex),
1204 		"extattr_delete_file.*%s.*return,failure", path);
1205 
1206 	FILE *pipefd = setup(fds, auclass);
1207 	/* Failure reason: file does not exist */
1208 	ATF_REQUIRE_ERRNO(ENOENT,
1209 	    extattr_delete_file(path, EXTATTR_NAMESPACE_USER, name) == -1);
1210 	check_audit(fds, extregex, pipefd);
1211 }
1212 
ATF_TC_CLEANUP(extattr_delete_file_failure,tc)1213 ATF_TC_CLEANUP(extattr_delete_file_failure, tc)
1214 {
1215 	cleanup();
1216 }
1217 
1218 
1219 ATF_TC_WITH_CLEANUP(extattr_delete_fd_success);
ATF_TC_HEAD(extattr_delete_fd_success,tc)1220 ATF_TC_HEAD(extattr_delete_fd_success, tc)
1221 {
1222 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1223 					"extattr_delete_fd(2) call");
1224 }
1225 
ATF_TC_BODY(extattr_delete_fd_success,tc)1226 ATF_TC_BODY(extattr_delete_fd_success, tc)
1227 {
1228 	/* File needs to exist to call extattr_delete_fd(2) */
1229 	ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
1230 	skip_if_extattr_not_supported(path);
1231 
1232 	REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_file(path,
1233 		EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff)));
1234 
1235 	FILE *pipefd = setup(fds, auclass);
1236 	retval = REQUIRE_EXTATTR_SUCCESS(extattr_delete_fd(filedesc,
1237 		EXTATTR_NAMESPACE_USER, name));
1238 	/* Prepare the regex to be checked in the audit record */
1239 	snprintf(extregex, sizeof(extregex),
1240 		"extattr_delete_fd.*return,success,%d", retval);
1241 	check_audit(fds, extregex, pipefd);
1242 	close(filedesc);
1243 }
1244 
ATF_TC_CLEANUP(extattr_delete_fd_success,tc)1245 ATF_TC_CLEANUP(extattr_delete_fd_success, tc)
1246 {
1247 	cleanup();
1248 }
1249 
1250 
1251 ATF_TC_WITH_CLEANUP(extattr_delete_fd_failure);
ATF_TC_HEAD(extattr_delete_fd_failure,tc)1252 ATF_TC_HEAD(extattr_delete_fd_failure, tc)
1253 {
1254 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1255 					"extattr_delete_fd(2) call");
1256 }
1257 
ATF_TC_BODY(extattr_delete_fd_failure,tc)1258 ATF_TC_BODY(extattr_delete_fd_failure, tc)
1259 {
1260 	/* Prepare the regex to be checked in the audit record */
1261 	snprintf(extregex, sizeof(extregex),
1262 		"extattr_delete_fd.*return,failure : Bad file descriptor");
1263 
1264 	FILE *pipefd = setup(fds, auclass);
1265 	/* Failure reason: Invalid file descriptor */
1266 	ATF_REQUIRE_ERRNO(EBADF,
1267 	    extattr_delete_fd(-1, EXTATTR_NAMESPACE_USER, name) == -1);
1268 	check_audit(fds, extregex, pipefd);
1269 }
1270 
ATF_TC_CLEANUP(extattr_delete_fd_failure,tc)1271 ATF_TC_CLEANUP(extattr_delete_fd_failure, tc)
1272 {
1273 	cleanup();
1274 }
1275 
1276 
1277 ATF_TC_WITH_CLEANUP(extattr_delete_link_success);
ATF_TC_HEAD(extattr_delete_link_success,tc)1278 ATF_TC_HEAD(extattr_delete_link_success, tc)
1279 {
1280 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1281 					"extattr_delete_link(2) call");
1282 }
1283 
ATF_TC_BODY(extattr_delete_link_success,tc)1284 ATF_TC_BODY(extattr_delete_link_success, tc)
1285 {
1286 	/* Symbolic link needs to exist to call extattr_delete_link(2) */
1287 	ATF_REQUIRE_EQ(0, symlink("symlink", path));
1288 	skip_if_extattr_not_supported(".");
1289 
1290 	REQUIRE_EXTATTR_RESULT(sizeof(buff), extattr_set_link(path,
1291 		EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff)));
1292 
1293 	FILE *pipefd = setup(fds, auclass);
1294 	retval = REQUIRE_EXTATTR_SUCCESS(extattr_delete_link(path,
1295 		EXTATTR_NAMESPACE_USER, name));
1296 	/* Prepare the regex to be checked in the audit record */
1297 	snprintf(extregex, sizeof(extregex),
1298 	"extattr_delete_link.*%s.*return,success,%d", path, retval);
1299 	check_audit(fds, extregex, pipefd);
1300 }
1301 
ATF_TC_CLEANUP(extattr_delete_link_success,tc)1302 ATF_TC_CLEANUP(extattr_delete_link_success, tc)
1303 {
1304 	cleanup();
1305 }
1306 
1307 
1308 ATF_TC_WITH_CLEANUP(extattr_delete_link_failure);
ATF_TC_HEAD(extattr_delete_link_failure,tc)1309 ATF_TC_HEAD(extattr_delete_link_failure, tc)
1310 {
1311 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1312 					"extattr_delete_link(2) call");
1313 }
1314 
ATF_TC_BODY(extattr_delete_link_failure,tc)1315 ATF_TC_BODY(extattr_delete_link_failure, tc)
1316 {
1317 	/* Prepare the regex to be checked in the audit record */
1318 	snprintf(extregex, sizeof(extregex),
1319 		"extattr_delete_link.*%s.*failure", path);
1320 	FILE *pipefd = setup(fds, auclass);
1321 	/* Failure reason: symbolic link does not exist */
1322 	ATF_REQUIRE_ERRNO(ENOENT,
1323 	    extattr_delete_link(path, EXTATTR_NAMESPACE_USER, name) == -1);
1324 	check_audit(fds, extregex, pipefd);
1325 }
1326 
ATF_TC_CLEANUP(extattr_delete_link_failure,tc)1327 ATF_TC_CLEANUP(extattr_delete_link_failure, tc)
1328 {
1329 	cleanup();
1330 }
1331 
1332 
ATF_TP_ADD_TCS(tp)1333 ATF_TP_ADD_TCS(tp)
1334 {
1335 	ATF_TP_ADD_TC(tp, flock_success);
1336 	ATF_TP_ADD_TC(tp, flock_failure);
1337 	ATF_TP_ADD_TC(tp, fcntl_success);
1338 	ATF_TP_ADD_TC(tp, fcntl_failure);
1339 	ATF_TP_ADD_TC(tp, fsync_success);
1340 	ATF_TP_ADD_TC(tp, fsync_failure);
1341 
1342 	ATF_TP_ADD_TC(tp, chmod_success);
1343 	ATF_TP_ADD_TC(tp, chmod_failure);
1344 	ATF_TP_ADD_TC(tp, fchmod_success);
1345 	ATF_TP_ADD_TC(tp, fchmod_failure);
1346 	ATF_TP_ADD_TC(tp, lchmod_success);
1347 	ATF_TP_ADD_TC(tp, lchmod_failure);
1348 	ATF_TP_ADD_TC(tp, fchmodat_success);
1349 	ATF_TP_ADD_TC(tp, fchmodat_failure);
1350 
1351 	ATF_TP_ADD_TC(tp, chown_success);
1352 	ATF_TP_ADD_TC(tp, chown_failure);
1353 	ATF_TP_ADD_TC(tp, fchown_success);
1354 	ATF_TP_ADD_TC(tp, fchown_failure);
1355 	ATF_TP_ADD_TC(tp, lchown_success);
1356 	ATF_TP_ADD_TC(tp, lchown_failure);
1357 	ATF_TP_ADD_TC(tp, fchownat_success);
1358 	ATF_TP_ADD_TC(tp, fchownat_failure);
1359 
1360 	ATF_TP_ADD_TC(tp, chflags_success);
1361 	ATF_TP_ADD_TC(tp, chflags_failure);
1362 	ATF_TP_ADD_TC(tp, fchflags_success);
1363 	ATF_TP_ADD_TC(tp, fchflags_failure);
1364 	ATF_TP_ADD_TC(tp, lchflags_success);
1365 	ATF_TP_ADD_TC(tp, lchflags_failure);
1366 	ATF_TP_ADD_TC(tp, chflagsat_success);
1367 	ATF_TP_ADD_TC(tp, chflagsat_failure);
1368 
1369 	ATF_TP_ADD_TC(tp, utimes_success);
1370 	ATF_TP_ADD_TC(tp, utimes_failure);
1371 	ATF_TP_ADD_TC(tp, futimes_success);
1372 	ATF_TP_ADD_TC(tp, futimes_failure);
1373 	ATF_TP_ADD_TC(tp, lutimes_success);
1374 	ATF_TP_ADD_TC(tp, lutimes_failure);
1375 	ATF_TP_ADD_TC(tp, futimesat_success);
1376 	ATF_TP_ADD_TC(tp, futimesat_failure);
1377 
1378 	ATF_TP_ADD_TC(tp, mprotect_success);
1379 	ATF_TP_ADD_TC(tp, mprotect_failure);
1380 	ATF_TP_ADD_TC(tp, undelete_failure);
1381 
1382 	ATF_TP_ADD_TC(tp, extattr_set_file_success);
1383 	ATF_TP_ADD_TC(tp, extattr_set_file_failure);
1384 	ATF_TP_ADD_TC(tp, extattr_set_fd_success);
1385 	ATF_TP_ADD_TC(tp, extattr_set_fd_failure);
1386 	ATF_TP_ADD_TC(tp, extattr_set_link_success);
1387 	ATF_TP_ADD_TC(tp, extattr_set_link_failure);
1388 
1389 	ATF_TP_ADD_TC(tp, extattr_delete_file_success);
1390 	ATF_TP_ADD_TC(tp, extattr_delete_file_failure);
1391 	ATF_TP_ADD_TC(tp, extattr_delete_fd_success);
1392 	ATF_TP_ADD_TC(tp, extattr_delete_fd_failure);
1393 	ATF_TP_ADD_TC(tp, extattr_delete_link_success);
1394 	ATF_TP_ADD_TC(tp, extattr_delete_link_failure);
1395 
1396 	return (atf_no_error());
1397 }
1398