1 /*- 2 * Copyright (c) 2018 Aniket Pandey 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * SUCH DAMAGE. 24 * 25 * $FreeBSD$ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/extattr.h> 30 #include <sys/ucred.h> 31 #include <sys/mount.h> 32 #include <sys/stat.h> 33 #include <sys/syscall.h> 34 35 #include <atf-c.h> 36 #include <fcntl.h> 37 #include <unistd.h> 38 39 #include "utils.h" 40 41 static struct pollfd fds[1]; 42 static mode_t mode = 0777; 43 static pid_t pid; 44 static fhandle_t fht; 45 static int filedesc, fhdesc; 46 static char extregex[80]; 47 static char buff[] = "ezio"; 48 static struct stat statbuff; 49 static struct statfs statfsbuff; 50 static const char *auclass = "fa"; 51 static const char *name = "authorname"; 52 static const char *path = "fileforaudit"; 53 static const char *errpath = "dirdoesnotexist/fileforaudit"; 54 static const char *successreg = "fileforaudit.*return,success"; 55 static const char *failurereg = "fileforaudit.*return,failure"; 56 57 58 ATF_TC_WITH_CLEANUP(stat_success); 59 ATF_TC_HEAD(stat_success, tc) 60 { 61 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 62 "stat(2) call"); 63 } 64 65 ATF_TC_BODY(stat_success, tc) 66 { 67 /* File needs to exist to call stat(2) */ 68 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 69 FILE *pipefd = setup(fds, auclass); 70 ATF_REQUIRE_EQ(0, stat(path, &statbuff)); 71 check_audit(fds, successreg, pipefd); 72 close(filedesc); 73 } 74 75 ATF_TC_CLEANUP(stat_success, tc) 76 { 77 cleanup(); 78 } 79 80 81 ATF_TC_WITH_CLEANUP(stat_failure); 82 ATF_TC_HEAD(stat_failure, tc) 83 { 84 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 85 "stat(2) call"); 86 } 87 88 ATF_TC_BODY(stat_failure, tc) 89 { 90 FILE *pipefd = setup(fds, auclass); 91 /* Failure reason: file does not exist */ 92 ATF_REQUIRE_EQ(-1, stat(errpath, &statbuff)); 93 check_audit(fds, failurereg, pipefd); 94 } 95 96 ATF_TC_CLEANUP(stat_failure, tc) 97 { 98 cleanup(); 99 } 100 101 102 ATF_TC_WITH_CLEANUP(lstat_success); 103 ATF_TC_HEAD(lstat_success, tc) 104 { 105 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 106 "lstat(2) call"); 107 } 108 109 ATF_TC_BODY(lstat_success, tc) 110 { 111 /* Symbolic link needs to exist to call lstat(2) */ 112 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 113 FILE *pipefd = setup(fds, auclass); 114 ATF_REQUIRE_EQ(0, lstat(path, &statbuff)); 115 check_audit(fds, successreg, pipefd); 116 } 117 118 ATF_TC_CLEANUP(lstat_success, tc) 119 { 120 cleanup(); 121 } 122 123 124 ATF_TC_WITH_CLEANUP(lstat_failure); 125 ATF_TC_HEAD(lstat_failure, tc) 126 { 127 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 128 "lstat(2) call"); 129 } 130 131 ATF_TC_BODY(lstat_failure, tc) 132 { 133 FILE *pipefd = setup(fds, auclass); 134 /* Failure reason: symbolic link does not exist */ 135 ATF_REQUIRE_EQ(-1, lstat(errpath, &statbuff)); 136 check_audit(fds, failurereg, pipefd); 137 } 138 139 ATF_TC_CLEANUP(lstat_failure, tc) 140 { 141 cleanup(); 142 } 143 144 145 ATF_TC_WITH_CLEANUP(fstat_success); 146 ATF_TC_HEAD(fstat_success, tc) 147 { 148 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 149 "fstat(2) call"); 150 } 151 152 ATF_TC_BODY(fstat_success, tc) 153 { 154 /* File needs to exist to call fstat(2) */ 155 ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); 156 FILE *pipefd = setup(fds, auclass); 157 ATF_REQUIRE_EQ(0, fstat(filedesc, &statbuff)); 158 159 snprintf(extregex, sizeof(extregex), 160 "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino); 161 check_audit(fds, extregex, pipefd); 162 close(filedesc); 163 } 164 165 ATF_TC_CLEANUP(fstat_success, tc) 166 { 167 cleanup(); 168 } 169 170 171 ATF_TC_WITH_CLEANUP(fstat_failure); 172 ATF_TC_HEAD(fstat_failure, tc) 173 { 174 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 175 "fstat(2) call"); 176 } 177 178 ATF_TC_BODY(fstat_failure, tc) 179 { 180 FILE *pipefd = setup(fds, auclass); 181 const char *regex = "fstat.*return,failure : Bad file descriptor"; 182 /* Failure reason: bad file descriptor */ 183 ATF_REQUIRE_EQ(-1, fstat(-1, &statbuff)); 184 check_audit(fds, regex, pipefd); 185 } 186 187 ATF_TC_CLEANUP(fstat_failure, tc) 188 { 189 cleanup(); 190 } 191 192 193 ATF_TC_WITH_CLEANUP(fstatat_success); 194 ATF_TC_HEAD(fstatat_success, tc) 195 { 196 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 197 "fstatat(2) call"); 198 } 199 200 ATF_TC_BODY(fstatat_success, tc) 201 { 202 /* File or Symbolic link needs to exist to call lstat(2) */ 203 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 204 FILE *pipefd = setup(fds, auclass); 205 ATF_REQUIRE_EQ(0, fstatat(AT_FDCWD, path, &statbuff, 206 AT_SYMLINK_NOFOLLOW)); 207 check_audit(fds, successreg, pipefd); 208 } 209 210 ATF_TC_CLEANUP(fstatat_success, tc) 211 { 212 cleanup(); 213 } 214 215 216 ATF_TC_WITH_CLEANUP(fstatat_failure); 217 ATF_TC_HEAD(fstatat_failure, tc) 218 { 219 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 220 "fstatat(2) call"); 221 } 222 223 ATF_TC_BODY(fstatat_failure, tc) 224 { 225 FILE *pipefd = setup(fds, auclass); 226 /* Failure reason: symbolic link does not exist */ 227 ATF_REQUIRE_EQ(-1, fstatat(AT_FDCWD, path, &statbuff, 228 AT_SYMLINK_NOFOLLOW)); 229 check_audit(fds, failurereg, pipefd); 230 } 231 232 ATF_TC_CLEANUP(fstatat_failure, tc) 233 { 234 cleanup(); 235 } 236 237 238 ATF_TC_WITH_CLEANUP(statfs_success); 239 ATF_TC_HEAD(statfs_success, tc) 240 { 241 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 242 "statfs(2) call"); 243 } 244 245 ATF_TC_BODY(statfs_success, tc) 246 { 247 /* File needs to exist to call statfs(2) */ 248 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 249 FILE *pipefd = setup(fds, auclass); 250 ATF_REQUIRE_EQ(0, statfs(path, &statfsbuff)); 251 check_audit(fds, successreg, pipefd); 252 close(filedesc); 253 } 254 255 ATF_TC_CLEANUP(statfs_success, tc) 256 { 257 cleanup(); 258 } 259 260 261 ATF_TC_WITH_CLEANUP(statfs_failure); 262 ATF_TC_HEAD(statfs_failure, tc) 263 { 264 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 265 "statfs(2) call"); 266 } 267 268 ATF_TC_BODY(statfs_failure, tc) 269 { 270 FILE *pipefd = setup(fds, auclass); 271 /* Failure reason: file does not exist */ 272 ATF_REQUIRE_EQ(-1, statfs(errpath, &statfsbuff)); 273 check_audit(fds, failurereg, pipefd); 274 } 275 276 ATF_TC_CLEANUP(statfs_failure, tc) 277 { 278 cleanup(); 279 } 280 281 282 ATF_TC_WITH_CLEANUP(fstatfs_success); 283 ATF_TC_HEAD(fstatfs_success, tc) 284 { 285 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 286 "fstatfs(2) call"); 287 } 288 289 ATF_TC_BODY(fstatfs_success, tc) 290 { 291 /* File needs to exist to call fstat(2) */ 292 ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); 293 /* Call stat(2) to store the Inode number of 'path' */ 294 ATF_REQUIRE_EQ(0, stat(path, &statbuff)); 295 FILE *pipefd = setup(fds, auclass); 296 ATF_REQUIRE_EQ(0, fstatfs(filedesc, &statfsbuff)); 297 298 snprintf(extregex, sizeof(extregex), "fstatfs.*%jd.*return,success", 299 (intmax_t)statbuff.st_ino); 300 check_audit(fds, extregex, pipefd); 301 close(filedesc); 302 } 303 304 ATF_TC_CLEANUP(fstatfs_success, tc) 305 { 306 cleanup(); 307 } 308 309 310 ATF_TC_WITH_CLEANUP(fstatfs_failure); 311 ATF_TC_HEAD(fstatfs_failure, tc) 312 { 313 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 314 "fstatfs(2) call"); 315 } 316 317 ATF_TC_BODY(fstatfs_failure, tc) 318 { 319 FILE *pipefd = setup(fds, auclass); 320 const char *regex = "fstatfs.*return,failure : Bad file descriptor"; 321 /* Failure reason: bad file descriptor */ 322 ATF_REQUIRE_EQ(-1, fstatfs(-1, &statfsbuff)); 323 check_audit(fds, regex, pipefd); 324 } 325 326 ATF_TC_CLEANUP(fstatfs_failure, tc) 327 { 328 cleanup(); 329 } 330 331 332 ATF_TC_WITH_CLEANUP(getfsstat_success); 333 ATF_TC_HEAD(getfsstat_success, tc) 334 { 335 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 336 "getfsstat(2) call"); 337 } 338 339 ATF_TC_BODY(getfsstat_success, tc) 340 { 341 pid = getpid(); 342 snprintf(extregex, sizeof(extregex), "getfsstat.*%d.*success", pid); 343 344 FILE *pipefd = setup(fds, auclass); 345 ATF_REQUIRE(getfsstat(NULL, 0, MNT_NOWAIT) != -1); 346 check_audit(fds, extregex, pipefd); 347 } 348 349 ATF_TC_CLEANUP(getfsstat_success, tc) 350 { 351 cleanup(); 352 } 353 354 355 ATF_TC_WITH_CLEANUP(getfsstat_failure); 356 ATF_TC_HEAD(getfsstat_failure, tc) 357 { 358 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 359 "getfsstat(2) call"); 360 } 361 362 ATF_TC_BODY(getfsstat_failure, tc) 363 { 364 const char *regex = "getfsstat.*return,failure : Invalid argument"; 365 FILE *pipefd = setup(fds, auclass); 366 /* Failure reason: Invalid value for mode */ 367 ATF_REQUIRE_EQ(-1, getfsstat(NULL, 0, -1)); 368 check_audit(fds, regex, pipefd); 369 } 370 371 ATF_TC_CLEANUP(getfsstat_failure, tc) 372 { 373 cleanup(); 374 } 375 376 377 ATF_TC_WITH_CLEANUP(lgetfh_success); 378 ATF_TC_HEAD(lgetfh_success, tc) 379 { 380 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 381 "lgetfh(2) call"); 382 } 383 384 ATF_TC_BODY(lgetfh_success, tc) 385 { 386 /* BSM conversion requested for unknown event 43061 */ 387 atf_tc_expect_fail("PR 228374: lgetfh(2) does not get audited in success mode"); 388 389 /* Symbolic link needs to exist to get a file-handle */ 390 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 391 const char *regex = "lgetfh.*return,success"; 392 FILE *pipefd = setup(fds, "fa"); 393 ATF_REQUIRE_EQ(0, lgetfh(path, &fht)); 394 check_audit(fds, regex, pipefd); 395 } 396 397 ATF_TC_CLEANUP(lgetfh_success, tc) 398 { 399 cleanup(); 400 } 401 402 403 ATF_TC_WITH_CLEANUP(lgetfh_failure); 404 ATF_TC_HEAD(lgetfh_failure, tc) 405 { 406 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 407 "lgetfh(2) call"); 408 } 409 410 ATF_TC_BODY(lgetfh_failure, tc) 411 { 412 /* BSM conversion requested for unknown event 43061 */ 413 atf_tc_expect_fail("PR 228374: lgetfh(2) does not get audited in failure mode"); 414 415 const char *regex = "lgetfh.*return,failure"; 416 FILE *pipefd = setup(fds, "fa"); 417 /* Failure reason: symbolic link does not exist */ 418 ATF_REQUIRE_EQ(-1, lgetfh(errpath, &fht)); 419 check_audit(fds, regex, pipefd); 420 } 421 422 ATF_TC_CLEANUP(lgetfh_failure, tc) 423 { 424 cleanup(); 425 } 426 427 428 ATF_TC_WITH_CLEANUP(fhopen_success); 429 ATF_TC_HEAD(fhopen_success, tc) 430 { 431 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 432 "fhopen(2) call"); 433 } 434 435 ATF_TC_BODY(fhopen_success, tc) 436 { 437 pid = getpid(); 438 snprintf(extregex, sizeof(extregex), "fhopen.*%d.*return,success", pid); 439 440 /* File needs to exist to get a file-handle */ 441 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 442 /* Get the file handle to be passed to fhopen(2) */ 443 ATF_REQUIRE_EQ(0, getfh(path, &fht)); 444 445 FILE *pipefd = setup(fds, auclass); 446 ATF_REQUIRE((fhdesc = fhopen(&fht, O_RDWR)) != -1); 447 check_audit(fds, extregex, pipefd); 448 449 close(fhdesc); 450 close(filedesc); 451 } 452 453 ATF_TC_CLEANUP(fhopen_success, tc) 454 { 455 cleanup(); 456 } 457 458 459 ATF_TC_WITH_CLEANUP(fhopen_failure); 460 ATF_TC_HEAD(fhopen_failure, tc) 461 { 462 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 463 "fhopen(2) call"); 464 } 465 466 ATF_TC_BODY(fhopen_failure, tc) 467 { 468 const char *regex = "fhopen.*return,failure : Invalid argument"; 469 FILE *pipefd = setup(fds, auclass); 470 /* 471 * Failure reason: NULL does not represent any file handle 472 * and O_CREAT is not allowed as the flag for fhopen(2) 473 */ 474 ATF_REQUIRE_EQ(-1, fhopen(NULL, O_CREAT)); 475 check_audit(fds, regex, pipefd); 476 } 477 478 ATF_TC_CLEANUP(fhopen_failure, tc) 479 { 480 cleanup(); 481 } 482 483 484 ATF_TC_WITH_CLEANUP(fhstat_success); 485 ATF_TC_HEAD(fhstat_success, tc) 486 { 487 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 488 "fstat(2) call"); 489 } 490 491 ATF_TC_BODY(fhstat_success, tc) 492 { 493 pid = getpid(); 494 snprintf(extregex, sizeof(extregex), "fhstat.*%d.*return,success", pid); 495 496 /* File needs to exist to get a file-handle */ 497 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 498 /* Get the file handle to be passed to fhstat(2) */ 499 ATF_REQUIRE_EQ(0, getfh(path, &fht)); 500 501 FILE *pipefd = setup(fds, auclass); 502 ATF_REQUIRE_EQ(0, fhstat(&fht, &statbuff)); 503 check_audit(fds, extregex, pipefd); 504 close(filedesc); 505 } 506 507 ATF_TC_CLEANUP(fhstat_success, tc) 508 { 509 cleanup(); 510 } 511 512 513 ATF_TC_WITH_CLEANUP(fhstat_failure); 514 ATF_TC_HEAD(fhstat_failure, tc) 515 { 516 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 517 "fhstat(2) call"); 518 } 519 520 ATF_TC_BODY(fhstat_failure, tc) 521 { 522 const char *regex = "fhstat.*return,failure : Bad address"; 523 FILE *pipefd = setup(fds, auclass); 524 /* Failure reason: NULL does not represent any file handle */ 525 ATF_REQUIRE_EQ(-1, fhstat(NULL, NULL)); 526 check_audit(fds, regex, pipefd); 527 } 528 529 ATF_TC_CLEANUP(fhstat_failure, tc) 530 { 531 cleanup(); 532 } 533 534 535 ATF_TC_WITH_CLEANUP(fhstatfs_success); 536 ATF_TC_HEAD(fhstatfs_success, tc) 537 { 538 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 539 "fstatfs(2) call"); 540 } 541 542 ATF_TC_BODY(fhstatfs_success, tc) 543 { 544 pid = getpid(); 545 snprintf(extregex, sizeof(extregex), "fhstatfs.*%d.*success", pid); 546 547 /* File needs to exist to get a file-handle */ 548 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 549 /* Get the file handle to be passed to fhstatfs(2) */ 550 ATF_REQUIRE_EQ(0, getfh(path, &fht)); 551 552 FILE *pipefd = setup(fds, auclass); 553 ATF_REQUIRE_EQ(0, fhstatfs(&fht, &statfsbuff)); 554 check_audit(fds, extregex, pipefd); 555 close(filedesc); 556 } 557 558 ATF_TC_CLEANUP(fhstatfs_success, tc) 559 { 560 cleanup(); 561 } 562 563 564 ATF_TC_WITH_CLEANUP(fhstatfs_failure); 565 ATF_TC_HEAD(fhstatfs_failure, tc) 566 { 567 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 568 "fhstatfs(2) call"); 569 } 570 571 ATF_TC_BODY(fhstatfs_failure, tc) 572 { 573 const char *regex = "fhstatfs.*return,failure : Bad address"; 574 FILE *pipefd = setup(fds, auclass); 575 /* Failure reason: NULL does not represent any file handle */ 576 ATF_REQUIRE_EQ(-1, fhstatfs(NULL, NULL)); 577 check_audit(fds, regex, pipefd); 578 } 579 580 ATF_TC_CLEANUP(fhstatfs_failure, tc) 581 { 582 cleanup(); 583 } 584 585 586 ATF_TC_WITH_CLEANUP(access_success); 587 ATF_TC_HEAD(access_success, tc) 588 { 589 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 590 "access(2) call"); 591 } 592 593 ATF_TC_BODY(access_success, tc) 594 { 595 /* File needs to exist to call access(2) */ 596 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 597 FILE *pipefd = setup(fds, auclass); 598 ATF_REQUIRE_EQ(0, access(path, F_OK)); 599 check_audit(fds, successreg, pipefd); 600 close(filedesc); 601 } 602 603 ATF_TC_CLEANUP(access_success, tc) 604 { 605 cleanup(); 606 } 607 608 609 ATF_TC_WITH_CLEANUP(access_failure); 610 ATF_TC_HEAD(access_failure, tc) 611 { 612 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 613 "access(2) call"); 614 } 615 616 ATF_TC_BODY(access_failure, tc) 617 { 618 FILE *pipefd = setup(fds, auclass); 619 /* Failure reason: file does not exist */ 620 ATF_REQUIRE_EQ(-1, access(errpath, F_OK)); 621 check_audit(fds, failurereg, pipefd); 622 } 623 624 ATF_TC_CLEANUP(access_failure, tc) 625 { 626 cleanup(); 627 } 628 629 630 ATF_TC_WITH_CLEANUP(eaccess_success); 631 ATF_TC_HEAD(eaccess_success, tc) 632 { 633 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 634 "eaccess(2) call"); 635 } 636 637 ATF_TC_BODY(eaccess_success, tc) 638 { 639 /* File needs to exist to call eaccess(2) */ 640 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 641 FILE *pipefd = setup(fds, auclass); 642 ATF_REQUIRE_EQ(0, eaccess(path, F_OK)); 643 check_audit(fds, successreg, pipefd); 644 close(filedesc); 645 } 646 647 ATF_TC_CLEANUP(eaccess_success, tc) 648 { 649 cleanup(); 650 } 651 652 653 ATF_TC_WITH_CLEANUP(eaccess_failure); 654 ATF_TC_HEAD(eaccess_failure, tc) 655 { 656 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 657 "eaccess(2) call"); 658 } 659 660 ATF_TC_BODY(eaccess_failure, tc) 661 { 662 FILE *pipefd = setup(fds, auclass); 663 /* Failure reason: file does not exist */ 664 ATF_REQUIRE_EQ(-1, eaccess(errpath, F_OK)); 665 check_audit(fds, failurereg, pipefd); 666 } 667 668 ATF_TC_CLEANUP(eaccess_failure, tc) 669 { 670 cleanup(); 671 } 672 673 674 ATF_TC_WITH_CLEANUP(faccessat_success); 675 ATF_TC_HEAD(faccessat_success, tc) 676 { 677 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 678 "faccessat(2) call"); 679 } 680 681 ATF_TC_BODY(faccessat_success, tc) 682 { 683 /* File needs to exist to call faccessat(2) */ 684 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 685 FILE *pipefd = setup(fds, auclass); 686 ATF_REQUIRE_EQ(0, faccessat(AT_FDCWD, path, F_OK, AT_EACCESS)); 687 check_audit(fds, successreg, pipefd); 688 close(filedesc); 689 } 690 691 ATF_TC_CLEANUP(faccessat_success, tc) 692 { 693 cleanup(); 694 } 695 696 697 ATF_TC_WITH_CLEANUP(faccessat_failure); 698 ATF_TC_HEAD(faccessat_failure, tc) 699 { 700 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 701 "faccessat(2) call"); 702 } 703 704 ATF_TC_BODY(faccessat_failure, tc) 705 { 706 FILE *pipefd = setup(fds, auclass); 707 /* Failure reason: file does not exist */ 708 ATF_REQUIRE_EQ(-1, faccessat(AT_FDCWD, errpath, F_OK, AT_EACCESS)); 709 check_audit(fds, failurereg, pipefd); 710 } 711 712 ATF_TC_CLEANUP(faccessat_failure, tc) 713 { 714 cleanup(); 715 } 716 717 718 ATF_TC_WITH_CLEANUP(pathconf_success); 719 ATF_TC_HEAD(pathconf_success, tc) 720 { 721 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 722 "pathconf(2) call"); 723 } 724 725 ATF_TC_BODY(pathconf_success, tc) 726 { 727 /* File needs to exist to call pathconf(2) */ 728 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 729 FILE *pipefd = setup(fds, auclass); 730 /* Get the maximum number of bytes of filename */ 731 ATF_REQUIRE(pathconf(path, _PC_NAME_MAX) != -1); 732 check_audit(fds, successreg, pipefd); 733 close(filedesc); 734 } 735 736 ATF_TC_CLEANUP(pathconf_success, tc) 737 { 738 cleanup(); 739 } 740 741 742 ATF_TC_WITH_CLEANUP(pathconf_failure); 743 ATF_TC_HEAD(pathconf_failure, tc) 744 { 745 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 746 "pathconf(2) call"); 747 } 748 749 ATF_TC_BODY(pathconf_failure, tc) 750 { 751 FILE *pipefd = setup(fds, auclass); 752 /* Failure reason: file does not exist */ 753 ATF_REQUIRE_EQ(-1, pathconf(errpath, _PC_NAME_MAX)); 754 check_audit(fds, failurereg, pipefd); 755 } 756 757 ATF_TC_CLEANUP(pathconf_failure, tc) 758 { 759 cleanup(); 760 } 761 762 763 ATF_TC_WITH_CLEANUP(lpathconf_success); 764 ATF_TC_HEAD(lpathconf_success, tc) 765 { 766 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 767 "lpathconf(2) call"); 768 } 769 770 ATF_TC_BODY(lpathconf_success, tc) 771 { 772 /* Symbolic link needs to exist to call lpathconf(2) */ 773 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 774 FILE *pipefd = setup(fds, auclass); 775 /* Get the maximum number of bytes of symlink's name */ 776 ATF_REQUIRE(lpathconf(path, _PC_SYMLINK_MAX) != -1); 777 check_audit(fds, successreg, pipefd); 778 } 779 780 ATF_TC_CLEANUP(lpathconf_success, tc) 781 { 782 cleanup(); 783 } 784 785 786 ATF_TC_WITH_CLEANUP(lpathconf_failure); 787 ATF_TC_HEAD(lpathconf_failure, tc) 788 { 789 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 790 "lpathconf(2) call"); 791 } 792 793 ATF_TC_BODY(lpathconf_failure, tc) 794 { 795 FILE *pipefd = setup(fds, auclass); 796 /* Failure reason: symbolic link does not exist */ 797 ATF_REQUIRE_EQ(-1, lpathconf(errpath, _PC_SYMLINK_MAX)); 798 check_audit(fds, failurereg, pipefd); 799 } 800 801 ATF_TC_CLEANUP(lpathconf_failure, tc) 802 { 803 cleanup(); 804 } 805 806 807 ATF_TC_WITH_CLEANUP(fpathconf_success); 808 ATF_TC_HEAD(fpathconf_success, tc) 809 { 810 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 811 "fpathconf(2) call"); 812 } 813 814 ATF_TC_BODY(fpathconf_success, tc) 815 { 816 pid = getpid(); 817 snprintf(extregex, sizeof(extregex), "fpathconf.*%d.*success", pid); 818 819 /* File needs to exist to call fpathconf(2) */ 820 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 821 FILE *pipefd = setup(fds, auclass); 822 /* Get the maximum number of bytes of filename */ 823 ATF_REQUIRE(fpathconf(filedesc, _PC_NAME_MAX) != -1); 824 check_audit(fds, extregex, pipefd); 825 close(filedesc); 826 } 827 828 ATF_TC_CLEANUP(fpathconf_success, tc) 829 { 830 cleanup(); 831 } 832 833 834 ATF_TC_WITH_CLEANUP(fpathconf_failure); 835 ATF_TC_HEAD(fpathconf_failure, tc) 836 { 837 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 838 "fpathconf(2) call"); 839 } 840 841 ATF_TC_BODY(fpathconf_failure, tc) 842 { 843 FILE *pipefd = setup(fds, auclass); 844 const char *regex = "fpathconf.*return,failure : Bad file descriptor"; 845 /* Failure reason: Bad file descriptor */ 846 ATF_REQUIRE_EQ(-1, fpathconf(-1, _PC_NAME_MAX)); 847 check_audit(fds, regex, pipefd); 848 } 849 850 ATF_TC_CLEANUP(fpathconf_failure, tc) 851 { 852 cleanup(); 853 } 854 855 856 ATF_TC_WITH_CLEANUP(extattr_get_file_success); 857 ATF_TC_HEAD(extattr_get_file_success, tc) 858 { 859 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 860 "extattr_get_file(2) call"); 861 } 862 863 ATF_TC_BODY(extattr_get_file_success, tc) 864 { 865 /* File needs to exist to call extattr_get_file(2) */ 866 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 867 /* Set an extended attribute to be retrieved later on */ 868 ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, 869 EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); 870 871 /* Prepare the regex to be checked in the audit record */ 872 snprintf(extregex, sizeof(extregex), 873 "extattr_get_file.*%s.*%s.*return,success", path, name); 874 875 FILE *pipefd = setup(fds, auclass); 876 ATF_REQUIRE_EQ(sizeof(buff), extattr_get_file(path, 877 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 878 check_audit(fds, extregex, pipefd); 879 close(filedesc); 880 } 881 882 ATF_TC_CLEANUP(extattr_get_file_success, tc) 883 { 884 cleanup(); 885 } 886 887 888 ATF_TC_WITH_CLEANUP(extattr_get_file_failure); 889 ATF_TC_HEAD(extattr_get_file_failure, tc) 890 { 891 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 892 "extattr_get_file(2) call"); 893 } 894 895 ATF_TC_BODY(extattr_get_file_failure, tc) 896 { 897 /* Prepare the regex to be checked in the audit record */ 898 snprintf(extregex, sizeof(extregex), 899 "extattr_get_file.*%s.*%s.*failure", path, name); 900 901 FILE *pipefd = setup(fds, auclass); 902 /* Failure reason: file does not exist */ 903 ATF_REQUIRE_EQ(-1, extattr_get_file(path, 904 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 905 check_audit(fds, extregex, pipefd); 906 } 907 908 ATF_TC_CLEANUP(extattr_get_file_failure, tc) 909 { 910 cleanup(); 911 } 912 913 914 ATF_TC_WITH_CLEANUP(extattr_get_fd_success); 915 ATF_TC_HEAD(extattr_get_fd_success, tc) 916 { 917 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 918 "extattr_get_fd(2) call"); 919 } 920 921 ATF_TC_BODY(extattr_get_fd_success, tc) 922 { 923 /* File needs to exist to call extattr_get_fd(2) */ 924 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 925 /* Set an extended attribute to be retrieved later on */ 926 ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, 927 EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); 928 929 /* Prepare the regex to be checked in the audit record */ 930 snprintf(extregex, sizeof(extregex), 931 "extattr_get_fd.*%s.*return,success", name); 932 933 FILE *pipefd = setup(fds, auclass); 934 ATF_REQUIRE_EQ(sizeof(buff), extattr_get_fd(filedesc, 935 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 936 check_audit(fds, extregex, pipefd); 937 close(filedesc); 938 } 939 940 ATF_TC_CLEANUP(extattr_get_fd_success, tc) 941 { 942 cleanup(); 943 } 944 945 946 ATF_TC_WITH_CLEANUP(extattr_get_fd_failure); 947 ATF_TC_HEAD(extattr_get_fd_failure, tc) 948 { 949 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 950 "extattr_get_fd(2) call"); 951 } 952 953 ATF_TC_BODY(extattr_get_fd_failure, tc) 954 { 955 /* Prepare the regex to be checked in the audit record */ 956 snprintf(extregex, sizeof(extregex), 957 "extattr_get_fd.*%s.*return,failure : Bad file descriptor", name); 958 959 FILE *pipefd = setup(fds, auclass); 960 /* Failure reason: Invalid file descriptor */ 961 ATF_REQUIRE_EQ(-1, extattr_get_fd(-1, 962 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 963 check_audit(fds, extregex, pipefd); 964 } 965 966 ATF_TC_CLEANUP(extattr_get_fd_failure, tc) 967 { 968 cleanup(); 969 } 970 971 972 ATF_TC_WITH_CLEANUP(extattr_get_link_success); 973 ATF_TC_HEAD(extattr_get_link_success, tc) 974 { 975 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 976 "extattr_get_link(2) call"); 977 } 978 979 ATF_TC_BODY(extattr_get_link_success, tc) 980 { 981 /* Symbolic link needs to exist to call extattr_get_link(2) */ 982 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 983 /* Set an extended attribute to be retrieved later on */ 984 ATF_REQUIRE_EQ(sizeof(buff), extattr_set_link(path, 985 EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); 986 987 /* Prepare the regex to be checked in the audit record */ 988 snprintf(extregex, sizeof(extregex), 989 "extattr_get_link.*%s.*%s.*return,success", path, name); 990 991 FILE *pipefd = setup(fds, auclass); 992 ATF_REQUIRE_EQ(sizeof(buff), extattr_get_link(path, 993 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 994 check_audit(fds, extregex, pipefd); 995 } 996 997 ATF_TC_CLEANUP(extattr_get_link_success, tc) 998 { 999 cleanup(); 1000 } 1001 1002 1003 ATF_TC_WITH_CLEANUP(extattr_get_link_failure); 1004 ATF_TC_HEAD(extattr_get_link_failure, tc) 1005 { 1006 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1007 "extattr_get_link(2) call"); 1008 } 1009 1010 ATF_TC_BODY(extattr_get_link_failure, tc) 1011 { 1012 /* Prepare the regex to be checked in the audit record */ 1013 snprintf(extregex, sizeof(extregex), 1014 "extattr_get_link.*%s.*%s.*failure", path, name); 1015 FILE *pipefd = setup(fds, auclass); 1016 /* Failure reason: symbolic link does not exist */ 1017 ATF_REQUIRE_EQ(-1, extattr_get_link(path, 1018 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 1019 check_audit(fds, extregex, pipefd); 1020 } 1021 1022 ATF_TC_CLEANUP(extattr_get_link_failure, tc) 1023 { 1024 cleanup(); 1025 } 1026 1027 1028 ATF_TC_WITH_CLEANUP(extattr_list_file_success); 1029 ATF_TC_HEAD(extattr_list_file_success, tc) 1030 { 1031 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 1032 "extattr_list_file(2) call"); 1033 } 1034 1035 ATF_TC_BODY(extattr_list_file_success, tc) 1036 { 1037 int readbuff; 1038 /* File needs to exist to call extattr_list_file(2) */ 1039 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 1040 1041 FILE *pipefd = setup(fds, auclass); 1042 ATF_REQUIRE((readbuff = extattr_list_file(path, 1043 EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); 1044 /* Prepare the regex to be checked in the audit record */ 1045 snprintf(extregex, sizeof(extregex), 1046 "extattr_list_file.*%s.*return,success,%d", path, readbuff); 1047 check_audit(fds, extregex, pipefd); 1048 } 1049 1050 ATF_TC_CLEANUP(extattr_list_file_success, tc) 1051 { 1052 cleanup(); 1053 } 1054 1055 1056 ATF_TC_WITH_CLEANUP(extattr_list_file_failure); 1057 ATF_TC_HEAD(extattr_list_file_failure, tc) 1058 { 1059 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1060 "extattr_list_file(2) call"); 1061 } 1062 1063 ATF_TC_BODY(extattr_list_file_failure, tc) 1064 { 1065 /* Prepare the regex to be checked in the audit record */ 1066 snprintf(extregex, sizeof(extregex), 1067 "extattr_list_file.*%s.*return,failure", path); 1068 1069 FILE *pipefd = setup(fds, auclass); 1070 /* Failure reason: file does not exist */ 1071 ATF_REQUIRE_EQ(-1, extattr_list_file(path, 1072 EXTATTR_NAMESPACE_USER, NULL, 0)); 1073 check_audit(fds, extregex, pipefd); 1074 } 1075 1076 ATF_TC_CLEANUP(extattr_list_file_failure, tc) 1077 { 1078 cleanup(); 1079 } 1080 1081 1082 ATF_TC_WITH_CLEANUP(extattr_list_fd_success); 1083 ATF_TC_HEAD(extattr_list_fd_success, tc) 1084 { 1085 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 1086 "extattr_list_fd(2) call"); 1087 } 1088 1089 ATF_TC_BODY(extattr_list_fd_success, tc) 1090 { 1091 int readbuff; 1092 /* File needs to exist to call extattr_list_fd(2) */ 1093 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 1094 1095 FILE *pipefd = setup(fds, auclass); 1096 ATF_REQUIRE((readbuff = extattr_list_fd(filedesc, 1097 EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); 1098 /* Prepare the regex to be checked in the audit record */ 1099 snprintf(extregex, sizeof(extregex), 1100 "extattr_list_fd.*return,success,%d", readbuff); 1101 check_audit(fds, extregex, pipefd); 1102 close(filedesc); 1103 } 1104 1105 ATF_TC_CLEANUP(extattr_list_fd_success, tc) 1106 { 1107 cleanup(); 1108 } 1109 1110 1111 ATF_TC_WITH_CLEANUP(extattr_list_fd_failure); 1112 ATF_TC_HEAD(extattr_list_fd_failure, tc) 1113 { 1114 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1115 "extattr_list_fd(2) call"); 1116 } 1117 1118 ATF_TC_BODY(extattr_list_fd_failure, tc) 1119 { 1120 /* Prepare the regex to be checked in the audit record */ 1121 snprintf(extregex, sizeof(extregex), 1122 "extattr_list_fd.*return,failure : Bad file descriptor"); 1123 1124 FILE *pipefd = setup(fds, auclass); 1125 /* Failure reason: Invalid file descriptor */ 1126 ATF_REQUIRE_EQ(-1, 1127 extattr_list_fd(-1, EXTATTR_NAMESPACE_USER, NULL, 0)); 1128 check_audit(fds, extregex, pipefd); 1129 } 1130 1131 ATF_TC_CLEANUP(extattr_list_fd_failure, tc) 1132 { 1133 cleanup(); 1134 } 1135 1136 1137 ATF_TC_WITH_CLEANUP(extattr_list_link_success); 1138 ATF_TC_HEAD(extattr_list_link_success, tc) 1139 { 1140 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 1141 "extattr_list_link(2) call"); 1142 } 1143 1144 ATF_TC_BODY(extattr_list_link_success, tc) 1145 { 1146 int readbuff; 1147 /* Symbolic link needs to exist to call extattr_list_link(2) */ 1148 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 1149 FILE *pipefd = setup(fds, auclass); 1150 1151 ATF_REQUIRE((readbuff = extattr_list_link(path, 1152 EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); 1153 /* Prepare the regex to be checked in the audit record */ 1154 snprintf(extregex, sizeof(extregex), 1155 "extattr_list_link.*%s.*return,success,%d", path, readbuff); 1156 check_audit(fds, extregex, pipefd); 1157 } 1158 1159 ATF_TC_CLEANUP(extattr_list_link_success, tc) 1160 { 1161 cleanup(); 1162 } 1163 1164 1165 ATF_TC_WITH_CLEANUP(extattr_list_link_failure); 1166 ATF_TC_HEAD(extattr_list_link_failure, tc) 1167 { 1168 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1169 "extattr_list_link(2) call"); 1170 } 1171 1172 ATF_TC_BODY(extattr_list_link_failure, tc) 1173 { 1174 /* Prepare the regex to be checked in the audit record */ 1175 snprintf(extregex, sizeof(extregex), 1176 "extattr_list_link.*%s.*failure", path); 1177 FILE *pipefd = setup(fds, auclass); 1178 /* Failure reason: symbolic link does not exist */ 1179 ATF_REQUIRE_EQ(-1, extattr_list_link(path, 1180 EXTATTR_NAMESPACE_USER, NULL, 0)); 1181 check_audit(fds, extregex, pipefd); 1182 } 1183 1184 ATF_TC_CLEANUP(extattr_list_link_failure, tc) 1185 { 1186 cleanup(); 1187 } 1188 1189 1190 ATF_TP_ADD_TCS(tp) 1191 { 1192 ATF_TP_ADD_TC(tp, stat_success); 1193 ATF_TP_ADD_TC(tp, stat_failure); 1194 ATF_TP_ADD_TC(tp, lstat_success); 1195 ATF_TP_ADD_TC(tp, lstat_failure); 1196 ATF_TP_ADD_TC(tp, fstat_success); 1197 ATF_TP_ADD_TC(tp, fstat_failure); 1198 ATF_TP_ADD_TC(tp, fstatat_success); 1199 ATF_TP_ADD_TC(tp, fstatat_failure); 1200 1201 ATF_TP_ADD_TC(tp, statfs_success); 1202 ATF_TP_ADD_TC(tp, statfs_failure); 1203 ATF_TP_ADD_TC(tp, fstatfs_success); 1204 ATF_TP_ADD_TC(tp, fstatfs_failure); 1205 1206 ATF_TP_ADD_TC(tp, getfsstat_success); 1207 ATF_TP_ADD_TC(tp, getfsstat_failure); 1208 1209 ATF_TP_ADD_TC(tp, lgetfh_success); 1210 ATF_TP_ADD_TC(tp, lgetfh_failure); 1211 ATF_TP_ADD_TC(tp, fhopen_success); 1212 ATF_TP_ADD_TC(tp, fhopen_failure); 1213 ATF_TP_ADD_TC(tp, fhstat_success); 1214 ATF_TP_ADD_TC(tp, fhstat_failure); 1215 ATF_TP_ADD_TC(tp, fhstatfs_success); 1216 ATF_TP_ADD_TC(tp, fhstatfs_failure); 1217 1218 ATF_TP_ADD_TC(tp, access_success); 1219 ATF_TP_ADD_TC(tp, access_failure); 1220 ATF_TP_ADD_TC(tp, eaccess_success); 1221 ATF_TP_ADD_TC(tp, eaccess_failure); 1222 ATF_TP_ADD_TC(tp, faccessat_success); 1223 ATF_TP_ADD_TC(tp, faccessat_failure); 1224 1225 ATF_TP_ADD_TC(tp, pathconf_success); 1226 ATF_TP_ADD_TC(tp, pathconf_failure); 1227 ATF_TP_ADD_TC(tp, lpathconf_success); 1228 ATF_TP_ADD_TC(tp, lpathconf_failure); 1229 ATF_TP_ADD_TC(tp, fpathconf_success); 1230 ATF_TP_ADD_TC(tp, fpathconf_failure); 1231 1232 ATF_TP_ADD_TC(tp, extattr_get_file_success); 1233 ATF_TP_ADD_TC(tp, extattr_get_file_failure); 1234 ATF_TP_ADD_TC(tp, extattr_get_fd_success); 1235 ATF_TP_ADD_TC(tp, extattr_get_fd_failure); 1236 ATF_TP_ADD_TC(tp, extattr_get_link_success); 1237 ATF_TP_ADD_TC(tp, extattr_get_link_failure); 1238 1239 ATF_TP_ADD_TC(tp, extattr_list_file_success); 1240 ATF_TP_ADD_TC(tp, extattr_list_file_failure); 1241 ATF_TP_ADD_TC(tp, extattr_list_fd_success); 1242 ATF_TP_ADD_TC(tp, extattr_list_fd_failure); 1243 ATF_TP_ADD_TC(tp, extattr_list_link_success); 1244 ATF_TP_ADD_TC(tp, extattr_list_link_failure); 1245 1246 return (atf_no_error()); 1247 } 1248