1 /*- 2 * Copyright (c) 2018 Aniket Pandey 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * SUCH DAMAGE. 24 * 25 * $FreeBSD$ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/extattr.h> 30 #include <sys/ucred.h> 31 #include <sys/mount.h> 32 #include <sys/stat.h> 33 #include <sys/syscall.h> 34 35 #include <atf-c.h> 36 #include <fcntl.h> 37 #include <unistd.h> 38 39 #include "utils.h" 40 41 static struct pollfd fds[1]; 42 static mode_t mode = 0777; 43 static pid_t pid; 44 static fhandle_t fht; 45 static int filedesc, fhdesc; 46 static char extregex[80]; 47 static char buff[] = "ezio"; 48 static struct stat statbuff; 49 static struct statfs statfsbuff; 50 static const char *auclass = "fa"; 51 static const char *name = "authorname"; 52 static const char *path = "fileforaudit"; 53 static const char *errpath = "dirdoesnotexist/fileforaudit"; 54 static const char *successreg = "fileforaudit.*return,success"; 55 static const char *failurereg = "fileforaudit.*return,failure"; 56 57 58 ATF_TC_WITH_CLEANUP(stat_success); 59 ATF_TC_HEAD(stat_success, tc) 60 { 61 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 62 "stat(2) call"); 63 } 64 65 ATF_TC_BODY(stat_success, tc) 66 { 67 /* File needs to exist to call stat(2) */ 68 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 69 FILE *pipefd = setup(fds, auclass); 70 ATF_REQUIRE_EQ(0, stat(path, &statbuff)); 71 check_audit(fds, successreg, pipefd); 72 close(filedesc); 73 } 74 75 ATF_TC_CLEANUP(stat_success, tc) 76 { 77 cleanup(); 78 } 79 80 81 ATF_TC_WITH_CLEANUP(stat_failure); 82 ATF_TC_HEAD(stat_failure, tc) 83 { 84 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 85 "stat(2) call"); 86 } 87 88 ATF_TC_BODY(stat_failure, tc) 89 { 90 FILE *pipefd = setup(fds, auclass); 91 /* Failure reason: file does not exist */ 92 ATF_REQUIRE_EQ(-1, stat(errpath, &statbuff)); 93 check_audit(fds, failurereg, pipefd); 94 } 95 96 ATF_TC_CLEANUP(stat_failure, tc) 97 { 98 cleanup(); 99 } 100 101 102 ATF_TC_WITH_CLEANUP(lstat_success); 103 ATF_TC_HEAD(lstat_success, tc) 104 { 105 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 106 "lstat(2) call"); 107 } 108 109 ATF_TC_BODY(lstat_success, tc) 110 { 111 /* Symbolic link needs to exist to call lstat(2) */ 112 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 113 FILE *pipefd = setup(fds, auclass); 114 ATF_REQUIRE_EQ(0, lstat(path, &statbuff)); 115 check_audit(fds, successreg, pipefd); 116 } 117 118 ATF_TC_CLEANUP(lstat_success, tc) 119 { 120 cleanup(); 121 } 122 123 124 ATF_TC_WITH_CLEANUP(lstat_failure); 125 ATF_TC_HEAD(lstat_failure, tc) 126 { 127 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 128 "lstat(2) call"); 129 } 130 131 ATF_TC_BODY(lstat_failure, tc) 132 { 133 FILE *pipefd = setup(fds, auclass); 134 /* Failure reason: symbolic link does not exist */ 135 ATF_REQUIRE_EQ(-1, lstat(errpath, &statbuff)); 136 check_audit(fds, failurereg, pipefd); 137 } 138 139 ATF_TC_CLEANUP(lstat_failure, tc) 140 { 141 cleanup(); 142 } 143 144 145 ATF_TC_WITH_CLEANUP(fstat_success); 146 ATF_TC_HEAD(fstat_success, tc) 147 { 148 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 149 "fstat(2) call"); 150 } 151 152 ATF_TC_BODY(fstat_success, tc) 153 { 154 /* File needs to exist to call fstat(2) */ 155 ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); 156 FILE *pipefd = setup(fds, auclass); 157 ATF_REQUIRE_EQ(0, fstat(filedesc, &statbuff)); 158 159 snprintf(extregex, sizeof(extregex), 160 "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino); 161 check_audit(fds, extregex, pipefd); 162 close(filedesc); 163 } 164 165 ATF_TC_CLEANUP(fstat_success, tc) 166 { 167 cleanup(); 168 } 169 170 171 ATF_TC_WITH_CLEANUP(fstat_failure); 172 ATF_TC_HEAD(fstat_failure, tc) 173 { 174 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 175 "fstat(2) call"); 176 } 177 178 ATF_TC_BODY(fstat_failure, tc) 179 { 180 FILE *pipefd = setup(fds, auclass); 181 const char *regex = "fstat.*return,failure : Bad file descriptor"; 182 /* Failure reason: bad file descriptor */ 183 ATF_REQUIRE_EQ(-1, fstat(-1, &statbuff)); 184 check_audit(fds, regex, pipefd); 185 } 186 187 ATF_TC_CLEANUP(fstat_failure, tc) 188 { 189 cleanup(); 190 } 191 192 193 ATF_TC_WITH_CLEANUP(fstatat_success); 194 ATF_TC_HEAD(fstatat_success, tc) 195 { 196 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 197 "fstatat(2) call"); 198 } 199 200 ATF_TC_BODY(fstatat_success, tc) 201 { 202 /* File or Symbolic link needs to exist to call lstat(2) */ 203 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 204 FILE *pipefd = setup(fds, auclass); 205 ATF_REQUIRE_EQ(0, fstatat(AT_FDCWD, path, &statbuff, 206 AT_SYMLINK_NOFOLLOW)); 207 check_audit(fds, successreg, pipefd); 208 } 209 210 ATF_TC_CLEANUP(fstatat_success, tc) 211 { 212 cleanup(); 213 } 214 215 216 ATF_TC_WITH_CLEANUP(fstatat_failure); 217 ATF_TC_HEAD(fstatat_failure, tc) 218 { 219 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 220 "fstatat(2) call"); 221 } 222 223 ATF_TC_BODY(fstatat_failure, tc) 224 { 225 FILE *pipefd = setup(fds, auclass); 226 /* Failure reason: symbolic link does not exist */ 227 ATF_REQUIRE_EQ(-1, fstatat(AT_FDCWD, path, &statbuff, 228 AT_SYMLINK_NOFOLLOW)); 229 check_audit(fds, failurereg, pipefd); 230 } 231 232 ATF_TC_CLEANUP(fstatat_failure, tc) 233 { 234 cleanup(); 235 } 236 237 238 ATF_TC_WITH_CLEANUP(statfs_success); 239 ATF_TC_HEAD(statfs_success, tc) 240 { 241 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 242 "statfs(2) call"); 243 } 244 245 ATF_TC_BODY(statfs_success, tc) 246 { 247 /* File needs to exist to call statfs(2) */ 248 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 249 FILE *pipefd = setup(fds, auclass); 250 ATF_REQUIRE_EQ(0, statfs(path, &statfsbuff)); 251 check_audit(fds, successreg, pipefd); 252 close(filedesc); 253 } 254 255 ATF_TC_CLEANUP(statfs_success, tc) 256 { 257 cleanup(); 258 } 259 260 261 ATF_TC_WITH_CLEANUP(statfs_failure); 262 ATF_TC_HEAD(statfs_failure, tc) 263 { 264 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 265 "statfs(2) call"); 266 } 267 268 ATF_TC_BODY(statfs_failure, tc) 269 { 270 FILE *pipefd = setup(fds, auclass); 271 /* Failure reason: file does not exist */ 272 ATF_REQUIRE_EQ(-1, statfs(errpath, &statfsbuff)); 273 check_audit(fds, failurereg, pipefd); 274 } 275 276 ATF_TC_CLEANUP(statfs_failure, tc) 277 { 278 cleanup(); 279 } 280 281 282 ATF_TC_WITH_CLEANUP(fstatfs_success); 283 ATF_TC_HEAD(fstatfs_success, tc) 284 { 285 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 286 "fstatfs(2) call"); 287 } 288 289 ATF_TC_BODY(fstatfs_success, tc) 290 { 291 /* File needs to exist to call fstat(2) */ 292 ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1); 293 /* Call stat(2) to store the Inode number of 'path' */ 294 ATF_REQUIRE_EQ(0, stat(path, &statbuff)); 295 FILE *pipefd = setup(fds, auclass); 296 ATF_REQUIRE_EQ(0, fstatfs(filedesc, &statfsbuff)); 297 298 snprintf(extregex, sizeof(extregex), "fstatfs.*%jd.*return,success", 299 (intmax_t)statbuff.st_ino); 300 check_audit(fds, extregex, pipefd); 301 close(filedesc); 302 } 303 304 ATF_TC_CLEANUP(fstatfs_success, tc) 305 { 306 cleanup(); 307 } 308 309 310 ATF_TC_WITH_CLEANUP(fstatfs_failure); 311 ATF_TC_HEAD(fstatfs_failure, tc) 312 { 313 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 314 "fstatfs(2) call"); 315 } 316 317 ATF_TC_BODY(fstatfs_failure, tc) 318 { 319 FILE *pipefd = setup(fds, auclass); 320 const char *regex = "fstatfs.*return,failure : Bad file descriptor"; 321 /* Failure reason: bad file descriptor */ 322 ATF_REQUIRE_EQ(-1, fstatfs(-1, &statfsbuff)); 323 check_audit(fds, regex, pipefd); 324 } 325 326 ATF_TC_CLEANUP(fstatfs_failure, tc) 327 { 328 cleanup(); 329 } 330 331 332 ATF_TC_WITH_CLEANUP(getfsstat_success); 333 ATF_TC_HEAD(getfsstat_success, tc) 334 { 335 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 336 "getfsstat(2) call"); 337 } 338 339 ATF_TC_BODY(getfsstat_success, tc) 340 { 341 pid = getpid(); 342 snprintf(extregex, sizeof(extregex), "getfsstat.*%d.*success", pid); 343 344 FILE *pipefd = setup(fds, auclass); 345 ATF_REQUIRE(getfsstat(NULL, 0, MNT_NOWAIT) != -1); 346 check_audit(fds, extregex, pipefd); 347 } 348 349 ATF_TC_CLEANUP(getfsstat_success, tc) 350 { 351 cleanup(); 352 } 353 354 355 ATF_TC_WITH_CLEANUP(getfsstat_failure); 356 ATF_TC_HEAD(getfsstat_failure, tc) 357 { 358 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 359 "getfsstat(2) call"); 360 } 361 362 ATF_TC_BODY(getfsstat_failure, tc) 363 { 364 const char *regex = "getfsstat.*return,failure : Invalid argument"; 365 FILE *pipefd = setup(fds, auclass); 366 /* Failure reason: Invalid value for mode */ 367 ATF_REQUIRE_EQ(-1, getfsstat(NULL, 0, -1)); 368 check_audit(fds, regex, pipefd); 369 } 370 371 ATF_TC_CLEANUP(getfsstat_failure, tc) 372 { 373 cleanup(); 374 } 375 376 377 ATF_TC_WITH_CLEANUP(lgetfh_success); 378 ATF_TC_HEAD(lgetfh_success, tc) 379 { 380 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 381 "lgetfh(2) call"); 382 } 383 384 ATF_TC_BODY(lgetfh_success, tc) 385 { 386 /* Symbolic link needs to exist to get a file-handle */ 387 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 388 const char *regex = "lgetfh.*return,success"; 389 FILE *pipefd = setup(fds, "fa"); 390 ATF_REQUIRE_EQ(0, lgetfh(path, &fht)); 391 check_audit(fds, regex, pipefd); 392 } 393 394 ATF_TC_CLEANUP(lgetfh_success, tc) 395 { 396 cleanup(); 397 } 398 399 400 ATF_TC_WITH_CLEANUP(lgetfh_failure); 401 ATF_TC_HEAD(lgetfh_failure, tc) 402 { 403 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 404 "lgetfh(2) call"); 405 } 406 407 ATF_TC_BODY(lgetfh_failure, tc) 408 { 409 const char *regex = "lgetfh.*return,failure"; 410 FILE *pipefd = setup(fds, "fa"); 411 /* Failure reason: symbolic link does not exist */ 412 ATF_REQUIRE_EQ(-1, lgetfh(errpath, &fht)); 413 check_audit(fds, regex, pipefd); 414 } 415 416 ATF_TC_CLEANUP(lgetfh_failure, tc) 417 { 418 cleanup(); 419 } 420 421 422 ATF_TC_WITH_CLEANUP(fhopen_success); 423 ATF_TC_HEAD(fhopen_success, tc) 424 { 425 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 426 "fhopen(2) call"); 427 } 428 429 ATF_TC_BODY(fhopen_success, tc) 430 { 431 pid = getpid(); 432 snprintf(extregex, sizeof(extregex), "fhopen.*%d.*return,success", pid); 433 434 /* File needs to exist to get a file-handle */ 435 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 436 /* Get the file handle to be passed to fhopen(2) */ 437 ATF_REQUIRE_EQ(0, getfh(path, &fht)); 438 439 FILE *pipefd = setup(fds, auclass); 440 ATF_REQUIRE((fhdesc = fhopen(&fht, O_RDWR)) != -1); 441 check_audit(fds, extregex, pipefd); 442 443 close(fhdesc); 444 close(filedesc); 445 } 446 447 ATF_TC_CLEANUP(fhopen_success, tc) 448 { 449 cleanup(); 450 } 451 452 453 ATF_TC_WITH_CLEANUP(fhopen_failure); 454 ATF_TC_HEAD(fhopen_failure, tc) 455 { 456 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 457 "fhopen(2) call"); 458 } 459 460 ATF_TC_BODY(fhopen_failure, tc) 461 { 462 const char *regex = "fhopen.*return,failure : Invalid argument"; 463 FILE *pipefd = setup(fds, auclass); 464 /* 465 * Failure reason: NULL does not represent any file handle 466 * and O_CREAT is not allowed as the flag for fhopen(2) 467 */ 468 ATF_REQUIRE_EQ(-1, fhopen(NULL, O_CREAT)); 469 check_audit(fds, regex, pipefd); 470 } 471 472 ATF_TC_CLEANUP(fhopen_failure, tc) 473 { 474 cleanup(); 475 } 476 477 478 ATF_TC_WITH_CLEANUP(fhstat_success); 479 ATF_TC_HEAD(fhstat_success, tc) 480 { 481 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 482 "fstat(2) call"); 483 } 484 485 ATF_TC_BODY(fhstat_success, tc) 486 { 487 pid = getpid(); 488 snprintf(extregex, sizeof(extregex), "fhstat.*%d.*return,success", pid); 489 490 /* File needs to exist to get a file-handle */ 491 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 492 /* Get the file handle to be passed to fhstat(2) */ 493 ATF_REQUIRE_EQ(0, getfh(path, &fht)); 494 495 FILE *pipefd = setup(fds, auclass); 496 ATF_REQUIRE_EQ(0, fhstat(&fht, &statbuff)); 497 check_audit(fds, extregex, pipefd); 498 close(filedesc); 499 } 500 501 ATF_TC_CLEANUP(fhstat_success, tc) 502 { 503 cleanup(); 504 } 505 506 507 ATF_TC_WITH_CLEANUP(fhstat_failure); 508 ATF_TC_HEAD(fhstat_failure, tc) 509 { 510 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 511 "fhstat(2) call"); 512 } 513 514 ATF_TC_BODY(fhstat_failure, tc) 515 { 516 const char *regex = "fhstat.*return,failure : Bad address"; 517 FILE *pipefd = setup(fds, auclass); 518 /* Failure reason: NULL does not represent any file handle */ 519 ATF_REQUIRE_EQ(-1, fhstat(NULL, NULL)); 520 check_audit(fds, regex, pipefd); 521 } 522 523 ATF_TC_CLEANUP(fhstat_failure, tc) 524 { 525 cleanup(); 526 } 527 528 529 ATF_TC_WITH_CLEANUP(fhstatfs_success); 530 ATF_TC_HEAD(fhstatfs_success, tc) 531 { 532 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 533 "fstatfs(2) call"); 534 } 535 536 ATF_TC_BODY(fhstatfs_success, tc) 537 { 538 pid = getpid(); 539 snprintf(extregex, sizeof(extregex), "fhstatfs.*%d.*success", pid); 540 541 /* File needs to exist to get a file-handle */ 542 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 543 /* Get the file handle to be passed to fhstatfs(2) */ 544 ATF_REQUIRE_EQ(0, getfh(path, &fht)); 545 546 FILE *pipefd = setup(fds, auclass); 547 ATF_REQUIRE_EQ(0, fhstatfs(&fht, &statfsbuff)); 548 check_audit(fds, extregex, pipefd); 549 close(filedesc); 550 } 551 552 ATF_TC_CLEANUP(fhstatfs_success, tc) 553 { 554 cleanup(); 555 } 556 557 558 ATF_TC_WITH_CLEANUP(fhstatfs_failure); 559 ATF_TC_HEAD(fhstatfs_failure, tc) 560 { 561 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 562 "fhstatfs(2) call"); 563 } 564 565 ATF_TC_BODY(fhstatfs_failure, tc) 566 { 567 const char *regex = "fhstatfs.*return,failure : Bad address"; 568 FILE *pipefd = setup(fds, auclass); 569 /* Failure reason: NULL does not represent any file handle */ 570 ATF_REQUIRE_EQ(-1, fhstatfs(NULL, NULL)); 571 check_audit(fds, regex, pipefd); 572 } 573 574 ATF_TC_CLEANUP(fhstatfs_failure, tc) 575 { 576 cleanup(); 577 } 578 579 580 ATF_TC_WITH_CLEANUP(access_success); 581 ATF_TC_HEAD(access_success, tc) 582 { 583 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 584 "access(2) call"); 585 } 586 587 ATF_TC_BODY(access_success, tc) 588 { 589 /* File needs to exist to call access(2) */ 590 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 591 FILE *pipefd = setup(fds, auclass); 592 ATF_REQUIRE_EQ(0, access(path, F_OK)); 593 check_audit(fds, successreg, pipefd); 594 close(filedesc); 595 } 596 597 ATF_TC_CLEANUP(access_success, tc) 598 { 599 cleanup(); 600 } 601 602 603 ATF_TC_WITH_CLEANUP(access_failure); 604 ATF_TC_HEAD(access_failure, tc) 605 { 606 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 607 "access(2) call"); 608 } 609 610 ATF_TC_BODY(access_failure, tc) 611 { 612 FILE *pipefd = setup(fds, auclass); 613 /* Failure reason: file does not exist */ 614 ATF_REQUIRE_EQ(-1, access(errpath, F_OK)); 615 check_audit(fds, failurereg, pipefd); 616 } 617 618 ATF_TC_CLEANUP(access_failure, tc) 619 { 620 cleanup(); 621 } 622 623 624 ATF_TC_WITH_CLEANUP(eaccess_success); 625 ATF_TC_HEAD(eaccess_success, tc) 626 { 627 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 628 "eaccess(2) call"); 629 } 630 631 ATF_TC_BODY(eaccess_success, tc) 632 { 633 /* File needs to exist to call eaccess(2) */ 634 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 635 FILE *pipefd = setup(fds, auclass); 636 ATF_REQUIRE_EQ(0, eaccess(path, F_OK)); 637 check_audit(fds, successreg, pipefd); 638 close(filedesc); 639 } 640 641 ATF_TC_CLEANUP(eaccess_success, tc) 642 { 643 cleanup(); 644 } 645 646 647 ATF_TC_WITH_CLEANUP(eaccess_failure); 648 ATF_TC_HEAD(eaccess_failure, tc) 649 { 650 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 651 "eaccess(2) call"); 652 } 653 654 ATF_TC_BODY(eaccess_failure, tc) 655 { 656 FILE *pipefd = setup(fds, auclass); 657 /* Failure reason: file does not exist */ 658 ATF_REQUIRE_EQ(-1, eaccess(errpath, F_OK)); 659 check_audit(fds, failurereg, pipefd); 660 } 661 662 ATF_TC_CLEANUP(eaccess_failure, tc) 663 { 664 cleanup(); 665 } 666 667 668 ATF_TC_WITH_CLEANUP(faccessat_success); 669 ATF_TC_HEAD(faccessat_success, tc) 670 { 671 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 672 "faccessat(2) call"); 673 } 674 675 ATF_TC_BODY(faccessat_success, tc) 676 { 677 /* File needs to exist to call faccessat(2) */ 678 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 679 FILE *pipefd = setup(fds, auclass); 680 ATF_REQUIRE_EQ(0, faccessat(AT_FDCWD, path, F_OK, AT_EACCESS)); 681 check_audit(fds, successreg, pipefd); 682 close(filedesc); 683 } 684 685 ATF_TC_CLEANUP(faccessat_success, tc) 686 { 687 cleanup(); 688 } 689 690 691 ATF_TC_WITH_CLEANUP(faccessat_failure); 692 ATF_TC_HEAD(faccessat_failure, tc) 693 { 694 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 695 "faccessat(2) call"); 696 } 697 698 ATF_TC_BODY(faccessat_failure, tc) 699 { 700 FILE *pipefd = setup(fds, auclass); 701 /* Failure reason: file does not exist */ 702 ATF_REQUIRE_EQ(-1, faccessat(AT_FDCWD, errpath, F_OK, AT_EACCESS)); 703 check_audit(fds, failurereg, pipefd); 704 } 705 706 ATF_TC_CLEANUP(faccessat_failure, tc) 707 { 708 cleanup(); 709 } 710 711 712 ATF_TC_WITH_CLEANUP(pathconf_success); 713 ATF_TC_HEAD(pathconf_success, tc) 714 { 715 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 716 "pathconf(2) call"); 717 } 718 719 ATF_TC_BODY(pathconf_success, tc) 720 { 721 /* File needs to exist to call pathconf(2) */ 722 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 723 FILE *pipefd = setup(fds, auclass); 724 /* Get the maximum number of bytes of filename */ 725 ATF_REQUIRE(pathconf(path, _PC_NAME_MAX) != -1); 726 check_audit(fds, successreg, pipefd); 727 close(filedesc); 728 } 729 730 ATF_TC_CLEANUP(pathconf_success, tc) 731 { 732 cleanup(); 733 } 734 735 736 ATF_TC_WITH_CLEANUP(pathconf_failure); 737 ATF_TC_HEAD(pathconf_failure, tc) 738 { 739 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 740 "pathconf(2) call"); 741 } 742 743 ATF_TC_BODY(pathconf_failure, tc) 744 { 745 FILE *pipefd = setup(fds, auclass); 746 /* Failure reason: file does not exist */ 747 ATF_REQUIRE_EQ(-1, pathconf(errpath, _PC_NAME_MAX)); 748 check_audit(fds, failurereg, pipefd); 749 } 750 751 ATF_TC_CLEANUP(pathconf_failure, tc) 752 { 753 cleanup(); 754 } 755 756 757 ATF_TC_WITH_CLEANUP(lpathconf_success); 758 ATF_TC_HEAD(lpathconf_success, tc) 759 { 760 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 761 "lpathconf(2) call"); 762 } 763 764 ATF_TC_BODY(lpathconf_success, tc) 765 { 766 /* Symbolic link needs to exist to call lpathconf(2) */ 767 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 768 FILE *pipefd = setup(fds, auclass); 769 /* Get the maximum number of bytes of symlink's name */ 770 ATF_REQUIRE(lpathconf(path, _PC_SYMLINK_MAX) != -1); 771 check_audit(fds, successreg, pipefd); 772 } 773 774 ATF_TC_CLEANUP(lpathconf_success, tc) 775 { 776 cleanup(); 777 } 778 779 780 ATF_TC_WITH_CLEANUP(lpathconf_failure); 781 ATF_TC_HEAD(lpathconf_failure, tc) 782 { 783 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 784 "lpathconf(2) call"); 785 } 786 787 ATF_TC_BODY(lpathconf_failure, tc) 788 { 789 FILE *pipefd = setup(fds, auclass); 790 /* Failure reason: symbolic link does not exist */ 791 ATF_REQUIRE_EQ(-1, lpathconf(errpath, _PC_SYMLINK_MAX)); 792 check_audit(fds, failurereg, pipefd); 793 } 794 795 ATF_TC_CLEANUP(lpathconf_failure, tc) 796 { 797 cleanup(); 798 } 799 800 801 ATF_TC_WITH_CLEANUP(fpathconf_success); 802 ATF_TC_HEAD(fpathconf_success, tc) 803 { 804 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 805 "fpathconf(2) call"); 806 } 807 808 ATF_TC_BODY(fpathconf_success, tc) 809 { 810 pid = getpid(); 811 snprintf(extregex, sizeof(extregex), "fpathconf.*%d.*success", pid); 812 813 /* File needs to exist to call fpathconf(2) */ 814 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 815 FILE *pipefd = setup(fds, auclass); 816 /* Get the maximum number of bytes of filename */ 817 ATF_REQUIRE(fpathconf(filedesc, _PC_NAME_MAX) != -1); 818 check_audit(fds, extregex, pipefd); 819 close(filedesc); 820 } 821 822 ATF_TC_CLEANUP(fpathconf_success, tc) 823 { 824 cleanup(); 825 } 826 827 828 ATF_TC_WITH_CLEANUP(fpathconf_failure); 829 ATF_TC_HEAD(fpathconf_failure, tc) 830 { 831 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 832 "fpathconf(2) call"); 833 } 834 835 ATF_TC_BODY(fpathconf_failure, tc) 836 { 837 FILE *pipefd = setup(fds, auclass); 838 const char *regex = "fpathconf.*return,failure : Bad file descriptor"; 839 /* Failure reason: Bad file descriptor */ 840 ATF_REQUIRE_EQ(-1, fpathconf(-1, _PC_NAME_MAX)); 841 check_audit(fds, regex, pipefd); 842 } 843 844 ATF_TC_CLEANUP(fpathconf_failure, tc) 845 { 846 cleanup(); 847 } 848 849 850 ATF_TC_WITH_CLEANUP(extattr_get_file_success); 851 ATF_TC_HEAD(extattr_get_file_success, tc) 852 { 853 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 854 "extattr_get_file(2) call"); 855 } 856 857 ATF_TC_BODY(extattr_get_file_success, tc) 858 { 859 /* File needs to exist to call extattr_get_file(2) */ 860 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 861 /* Set an extended attribute to be retrieved later on */ 862 ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, 863 EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); 864 865 /* Prepare the regex to be checked in the audit record */ 866 snprintf(extregex, sizeof(extregex), 867 "extattr_get_file.*%s.*%s.*return,success", path, name); 868 869 FILE *pipefd = setup(fds, auclass); 870 ATF_REQUIRE_EQ(sizeof(buff), extattr_get_file(path, 871 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 872 check_audit(fds, extregex, pipefd); 873 close(filedesc); 874 } 875 876 ATF_TC_CLEANUP(extattr_get_file_success, tc) 877 { 878 cleanup(); 879 } 880 881 882 ATF_TC_WITH_CLEANUP(extattr_get_file_failure); 883 ATF_TC_HEAD(extattr_get_file_failure, tc) 884 { 885 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 886 "extattr_get_file(2) call"); 887 } 888 889 ATF_TC_BODY(extattr_get_file_failure, tc) 890 { 891 /* Prepare the regex to be checked in the audit record */ 892 snprintf(extregex, sizeof(extregex), 893 "extattr_get_file.*%s.*%s.*failure", path, name); 894 895 FILE *pipefd = setup(fds, auclass); 896 /* Failure reason: file does not exist */ 897 ATF_REQUIRE_EQ(-1, extattr_get_file(path, 898 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 899 check_audit(fds, extregex, pipefd); 900 } 901 902 ATF_TC_CLEANUP(extattr_get_file_failure, tc) 903 { 904 cleanup(); 905 } 906 907 908 ATF_TC_WITH_CLEANUP(extattr_get_fd_success); 909 ATF_TC_HEAD(extattr_get_fd_success, tc) 910 { 911 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 912 "extattr_get_fd(2) call"); 913 } 914 915 ATF_TC_BODY(extattr_get_fd_success, tc) 916 { 917 /* File needs to exist to call extattr_get_fd(2) */ 918 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 919 /* Set an extended attribute to be retrieved later on */ 920 ATF_REQUIRE_EQ(sizeof(buff), extattr_set_file(path, 921 EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); 922 923 /* Prepare the regex to be checked in the audit record */ 924 snprintf(extregex, sizeof(extregex), 925 "extattr_get_fd.*%s.*return,success", name); 926 927 FILE *pipefd = setup(fds, auclass); 928 ATF_REQUIRE_EQ(sizeof(buff), extattr_get_fd(filedesc, 929 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 930 check_audit(fds, extregex, pipefd); 931 close(filedesc); 932 } 933 934 ATF_TC_CLEANUP(extattr_get_fd_success, tc) 935 { 936 cleanup(); 937 } 938 939 940 ATF_TC_WITH_CLEANUP(extattr_get_fd_failure); 941 ATF_TC_HEAD(extattr_get_fd_failure, tc) 942 { 943 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 944 "extattr_get_fd(2) call"); 945 } 946 947 ATF_TC_BODY(extattr_get_fd_failure, tc) 948 { 949 /* Prepare the regex to be checked in the audit record */ 950 snprintf(extregex, sizeof(extregex), 951 "extattr_get_fd.*%s.*return,failure : Bad file descriptor", name); 952 953 FILE *pipefd = setup(fds, auclass); 954 /* Failure reason: Invalid file descriptor */ 955 ATF_REQUIRE_EQ(-1, extattr_get_fd(-1, 956 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 957 check_audit(fds, extregex, pipefd); 958 } 959 960 ATF_TC_CLEANUP(extattr_get_fd_failure, tc) 961 { 962 cleanup(); 963 } 964 965 966 ATF_TC_WITH_CLEANUP(extattr_get_link_success); 967 ATF_TC_HEAD(extattr_get_link_success, tc) 968 { 969 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 970 "extattr_get_link(2) call"); 971 } 972 973 ATF_TC_BODY(extattr_get_link_success, tc) 974 { 975 /* Symbolic link needs to exist to call extattr_get_link(2) */ 976 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 977 /* Set an extended attribute to be retrieved later on */ 978 ATF_REQUIRE_EQ(sizeof(buff), extattr_set_link(path, 979 EXTATTR_NAMESPACE_USER, name, buff, sizeof(buff))); 980 981 /* Prepare the regex to be checked in the audit record */ 982 snprintf(extregex, sizeof(extregex), 983 "extattr_get_link.*%s.*%s.*return,success", path, name); 984 985 FILE *pipefd = setup(fds, auclass); 986 ATF_REQUIRE_EQ(sizeof(buff), extattr_get_link(path, 987 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 988 check_audit(fds, extregex, pipefd); 989 } 990 991 ATF_TC_CLEANUP(extattr_get_link_success, tc) 992 { 993 cleanup(); 994 } 995 996 997 ATF_TC_WITH_CLEANUP(extattr_get_link_failure); 998 ATF_TC_HEAD(extattr_get_link_failure, tc) 999 { 1000 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1001 "extattr_get_link(2) call"); 1002 } 1003 1004 ATF_TC_BODY(extattr_get_link_failure, tc) 1005 { 1006 /* Prepare the regex to be checked in the audit record */ 1007 snprintf(extregex, sizeof(extregex), 1008 "extattr_get_link.*%s.*%s.*failure", path, name); 1009 FILE *pipefd = setup(fds, auclass); 1010 /* Failure reason: symbolic link does not exist */ 1011 ATF_REQUIRE_EQ(-1, extattr_get_link(path, 1012 EXTATTR_NAMESPACE_USER, name, NULL, 0)); 1013 check_audit(fds, extregex, pipefd); 1014 } 1015 1016 ATF_TC_CLEANUP(extattr_get_link_failure, tc) 1017 { 1018 cleanup(); 1019 } 1020 1021 1022 ATF_TC_WITH_CLEANUP(extattr_list_file_success); 1023 ATF_TC_HEAD(extattr_list_file_success, tc) 1024 { 1025 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 1026 "extattr_list_file(2) call"); 1027 } 1028 1029 ATF_TC_BODY(extattr_list_file_success, tc) 1030 { 1031 int readbuff; 1032 /* File needs to exist to call extattr_list_file(2) */ 1033 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 1034 1035 FILE *pipefd = setup(fds, auclass); 1036 ATF_REQUIRE((readbuff = extattr_list_file(path, 1037 EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); 1038 /* Prepare the regex to be checked in the audit record */ 1039 snprintf(extregex, sizeof(extregex), 1040 "extattr_list_file.*%s.*return,success,%d", path, readbuff); 1041 check_audit(fds, extregex, pipefd); 1042 } 1043 1044 ATF_TC_CLEANUP(extattr_list_file_success, tc) 1045 { 1046 cleanup(); 1047 } 1048 1049 1050 ATF_TC_WITH_CLEANUP(extattr_list_file_failure); 1051 ATF_TC_HEAD(extattr_list_file_failure, tc) 1052 { 1053 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1054 "extattr_list_file(2) call"); 1055 } 1056 1057 ATF_TC_BODY(extattr_list_file_failure, tc) 1058 { 1059 /* Prepare the regex to be checked in the audit record */ 1060 snprintf(extregex, sizeof(extregex), 1061 "extattr_list_file.*%s.*return,failure", path); 1062 1063 FILE *pipefd = setup(fds, auclass); 1064 /* Failure reason: file does not exist */ 1065 ATF_REQUIRE_EQ(-1, extattr_list_file(path, 1066 EXTATTR_NAMESPACE_USER, NULL, 0)); 1067 check_audit(fds, extregex, pipefd); 1068 } 1069 1070 ATF_TC_CLEANUP(extattr_list_file_failure, tc) 1071 { 1072 cleanup(); 1073 } 1074 1075 1076 ATF_TC_WITH_CLEANUP(extattr_list_fd_success); 1077 ATF_TC_HEAD(extattr_list_fd_success, tc) 1078 { 1079 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 1080 "extattr_list_fd(2) call"); 1081 } 1082 1083 ATF_TC_BODY(extattr_list_fd_success, tc) 1084 { 1085 int readbuff; 1086 /* File needs to exist to call extattr_list_fd(2) */ 1087 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1); 1088 1089 FILE *pipefd = setup(fds, auclass); 1090 ATF_REQUIRE((readbuff = extattr_list_fd(filedesc, 1091 EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); 1092 /* Prepare the regex to be checked in the audit record */ 1093 snprintf(extregex, sizeof(extregex), 1094 "extattr_list_fd.*return,success,%d", readbuff); 1095 check_audit(fds, extregex, pipefd); 1096 close(filedesc); 1097 } 1098 1099 ATF_TC_CLEANUP(extattr_list_fd_success, tc) 1100 { 1101 cleanup(); 1102 } 1103 1104 1105 ATF_TC_WITH_CLEANUP(extattr_list_fd_failure); 1106 ATF_TC_HEAD(extattr_list_fd_failure, tc) 1107 { 1108 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1109 "extattr_list_fd(2) call"); 1110 } 1111 1112 ATF_TC_BODY(extattr_list_fd_failure, tc) 1113 { 1114 /* Prepare the regex to be checked in the audit record */ 1115 snprintf(extregex, sizeof(extregex), 1116 "extattr_list_fd.*return,failure : Bad file descriptor"); 1117 1118 FILE *pipefd = setup(fds, auclass); 1119 /* Failure reason: Invalid file descriptor */ 1120 ATF_REQUIRE_EQ(-1, 1121 extattr_list_fd(-1, EXTATTR_NAMESPACE_USER, NULL, 0)); 1122 check_audit(fds, extregex, pipefd); 1123 } 1124 1125 ATF_TC_CLEANUP(extattr_list_fd_failure, tc) 1126 { 1127 cleanup(); 1128 } 1129 1130 1131 ATF_TC_WITH_CLEANUP(extattr_list_link_success); 1132 ATF_TC_HEAD(extattr_list_link_success, tc) 1133 { 1134 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " 1135 "extattr_list_link(2) call"); 1136 } 1137 1138 ATF_TC_BODY(extattr_list_link_success, tc) 1139 { 1140 int readbuff; 1141 /* Symbolic link needs to exist to call extattr_list_link(2) */ 1142 ATF_REQUIRE_EQ(0, symlink("symlink", path)); 1143 FILE *pipefd = setup(fds, auclass); 1144 1145 ATF_REQUIRE((readbuff = extattr_list_link(path, 1146 EXTATTR_NAMESPACE_USER, NULL, 0)) != -1); 1147 /* Prepare the regex to be checked in the audit record */ 1148 snprintf(extregex, sizeof(extregex), 1149 "extattr_list_link.*%s.*return,success,%d", path, readbuff); 1150 check_audit(fds, extregex, pipefd); 1151 } 1152 1153 ATF_TC_CLEANUP(extattr_list_link_success, tc) 1154 { 1155 cleanup(); 1156 } 1157 1158 1159 ATF_TC_WITH_CLEANUP(extattr_list_link_failure); 1160 ATF_TC_HEAD(extattr_list_link_failure, tc) 1161 { 1162 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " 1163 "extattr_list_link(2) call"); 1164 } 1165 1166 ATF_TC_BODY(extattr_list_link_failure, tc) 1167 { 1168 /* Prepare the regex to be checked in the audit record */ 1169 snprintf(extregex, sizeof(extregex), 1170 "extattr_list_link.*%s.*failure", path); 1171 FILE *pipefd = setup(fds, auclass); 1172 /* Failure reason: symbolic link does not exist */ 1173 ATF_REQUIRE_EQ(-1, extattr_list_link(path, 1174 EXTATTR_NAMESPACE_USER, NULL, 0)); 1175 check_audit(fds, extregex, pipefd); 1176 } 1177 1178 ATF_TC_CLEANUP(extattr_list_link_failure, tc) 1179 { 1180 cleanup(); 1181 } 1182 1183 1184 ATF_TP_ADD_TCS(tp) 1185 { 1186 ATF_TP_ADD_TC(tp, stat_success); 1187 ATF_TP_ADD_TC(tp, stat_failure); 1188 ATF_TP_ADD_TC(tp, lstat_success); 1189 ATF_TP_ADD_TC(tp, lstat_failure); 1190 ATF_TP_ADD_TC(tp, fstat_success); 1191 ATF_TP_ADD_TC(tp, fstat_failure); 1192 ATF_TP_ADD_TC(tp, fstatat_success); 1193 ATF_TP_ADD_TC(tp, fstatat_failure); 1194 1195 ATF_TP_ADD_TC(tp, statfs_success); 1196 ATF_TP_ADD_TC(tp, statfs_failure); 1197 ATF_TP_ADD_TC(tp, fstatfs_success); 1198 ATF_TP_ADD_TC(tp, fstatfs_failure); 1199 1200 ATF_TP_ADD_TC(tp, getfsstat_success); 1201 ATF_TP_ADD_TC(tp, getfsstat_failure); 1202 1203 ATF_TP_ADD_TC(tp, lgetfh_success); 1204 ATF_TP_ADD_TC(tp, lgetfh_failure); 1205 ATF_TP_ADD_TC(tp, fhopen_success); 1206 ATF_TP_ADD_TC(tp, fhopen_failure); 1207 ATF_TP_ADD_TC(tp, fhstat_success); 1208 ATF_TP_ADD_TC(tp, fhstat_failure); 1209 ATF_TP_ADD_TC(tp, fhstatfs_success); 1210 ATF_TP_ADD_TC(tp, fhstatfs_failure); 1211 1212 ATF_TP_ADD_TC(tp, access_success); 1213 ATF_TP_ADD_TC(tp, access_failure); 1214 ATF_TP_ADD_TC(tp, eaccess_success); 1215 ATF_TP_ADD_TC(tp, eaccess_failure); 1216 ATF_TP_ADD_TC(tp, faccessat_success); 1217 ATF_TP_ADD_TC(tp, faccessat_failure); 1218 1219 ATF_TP_ADD_TC(tp, pathconf_success); 1220 ATF_TP_ADD_TC(tp, pathconf_failure); 1221 ATF_TP_ADD_TC(tp, lpathconf_success); 1222 ATF_TP_ADD_TC(tp, lpathconf_failure); 1223 ATF_TP_ADD_TC(tp, fpathconf_success); 1224 ATF_TP_ADD_TC(tp, fpathconf_failure); 1225 1226 ATF_TP_ADD_TC(tp, extattr_get_file_success); 1227 ATF_TP_ADD_TC(tp, extattr_get_file_failure); 1228 ATF_TP_ADD_TC(tp, extattr_get_fd_success); 1229 ATF_TP_ADD_TC(tp, extattr_get_fd_failure); 1230 ATF_TP_ADD_TC(tp, extattr_get_link_success); 1231 ATF_TP_ADD_TC(tp, extattr_get_link_failure); 1232 1233 ATF_TP_ADD_TC(tp, extattr_list_file_success); 1234 ATF_TP_ADD_TC(tp, extattr_list_file_failure); 1235 ATF_TP_ADD_TC(tp, extattr_list_fd_success); 1236 ATF_TP_ADD_TC(tp, extattr_list_fd_failure); 1237 ATF_TP_ADD_TC(tp, extattr_list_link_success); 1238 ATF_TP_ADD_TC(tp, extattr_list_link_failure); 1239 1240 return (atf_no_error()); 1241 } 1242