xref: /freebsd/tests/sys/audit/file-create.c (revision e52d92164754cbfff84767d4c6eb3cc93e8c21ae) 
1 /*-
2  * Copyright 2018 Aniket Pandey
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * SUCH DAMAGE.
24  *
25  * $FreeBSD$
26  */
27 
28 #include <sys/types.h>
29 #include <sys/stat.h>
30 
31 #include <atf-c.h>
32 #include <fcntl.h>
33 #include <stdlib.h>
34 #include <unistd.h>
35 
36 #include "utils.h"
37 
38 static struct pollfd fds[1];
39 static mode_t mode = 0777;
40 static dev_t dev =  0;
41 static const char *auclass = "fc";
42 static const char *path = "fileforaudit";
43 static const char *successreg = "fileforaudit.*return,success";
44 static const char *failurereg = "fileforaudit.*return,failure";
45 
46 
47 ATF_TC_WITH_CLEANUP(mkdir_success);
48 ATF_TC_HEAD(mkdir_success, tc)
49 {
50 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
51 					"mkdir(2) call");
52 }
53 
54 ATF_TC_BODY(mkdir_success, tc)
55 {
56 	FILE *pipefd = setup(fds, auclass);
57 	ATF_REQUIRE_EQ(0, mkdir(path, mode));
58 	check_audit(fds, successreg, pipefd);
59 }
60 
61 ATF_TC_CLEANUP(mkdir_success, tc)
62 {
63 	cleanup();
64 }
65 
66 
67 ATF_TC_WITH_CLEANUP(mkdir_failure);
68 ATF_TC_HEAD(mkdir_failure, tc)
69 {
70 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
71 					"mkdir(2) call");
72 }
73 
74 ATF_TC_BODY(mkdir_failure, tc)
75 {
76 	ATF_REQUIRE_EQ(0, mkdir(path, mode));
77 	FILE *pipefd = setup(fds, auclass);
78 	/* Failure reason: directory already exists */
79 	ATF_REQUIRE_EQ(-1, mkdir(path, mode));
80 	check_audit(fds, failurereg, pipefd);
81 }
82 
83 ATF_TC_CLEANUP(mkdir_failure, tc)
84 {
85 	cleanup();
86 }
87 
88 
89 ATF_TC_WITH_CLEANUP(mkdirat_success);
90 ATF_TC_HEAD(mkdirat_success, tc)
91 {
92 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
93 					"mkdirat(2) call");
94 }
95 
96 ATF_TC_BODY(mkdirat_success, tc)
97 {
98 	FILE *pipefd = setup(fds, auclass);
99 	ATF_REQUIRE_EQ(0, mkdirat(AT_FDCWD, path, mode));
100 	check_audit(fds, successreg, pipefd);
101 }
102 
103 ATF_TC_CLEANUP(mkdirat_success, tc)
104 {
105 	cleanup();
106 }
107 
108 
109 ATF_TC_WITH_CLEANUP(mkdirat_failure);
110 ATF_TC_HEAD(mkdirat_failure, tc)
111 {
112 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
113 					"mkdirat(2) call");
114 }
115 
116 ATF_TC_BODY(mkdirat_failure, tc)
117 {
118 	ATF_REQUIRE_EQ(0, mkdirat(AT_FDCWD, path, mode));
119 	FILE *pipefd = setup(fds, auclass);
120 	/* Failure reason: directory already exists */
121 	ATF_REQUIRE_EQ(-1, mkdirat(AT_FDCWD, path, mode));
122 	check_audit(fds, failurereg, pipefd);
123 }
124 
125 ATF_TC_CLEANUP(mkdirat_failure, tc)
126 {
127 	cleanup();
128 }
129 
130 
131 ATF_TC_WITH_CLEANUP(mkfifo_success);
132 ATF_TC_HEAD(mkfifo_success, tc)
133 {
134 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
135 					"mkfifo(2) call");
136 }
137 
138 ATF_TC_BODY(mkfifo_success, tc)
139 {
140 	FILE *pipefd = setup(fds, auclass);
141 	ATF_REQUIRE_EQ(0, mkfifo(path, mode));
142 	check_audit(fds, successreg, pipefd);
143 }
144 
145 ATF_TC_CLEANUP(mkfifo_success, tc)
146 {
147 	cleanup();
148 }
149 
150 
151 ATF_TC_WITH_CLEANUP(mkfifo_failure);
152 ATF_TC_HEAD(mkfifo_failure, tc)
153 {
154 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
155 					"mkfifo(2) call");
156 }
157 
158 ATF_TC_BODY(mkfifo_failure, tc)
159 {
160 	ATF_REQUIRE_EQ(0, mkfifo(path, mode));
161 	FILE *pipefd = setup(fds, auclass);
162 	/* Failure reason: FIFO already exists */
163 	ATF_REQUIRE_EQ(-1, mkfifo(path, mode));
164 	check_audit(fds, failurereg, pipefd);
165 }
166 
167 ATF_TC_CLEANUP(mkfifo_failure, tc)
168 {
169 	cleanup();
170 }
171 
172 
173 ATF_TC_WITH_CLEANUP(mkfifoat_success);
174 ATF_TC_HEAD(mkfifoat_success, tc)
175 {
176 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
177 					"mkfifoat(2) call");
178 }
179 
180 ATF_TC_BODY(mkfifoat_success, tc)
181 {
182 	FILE *pipefd = setup(fds, auclass);
183 	ATF_REQUIRE_EQ(0, mkfifoat(AT_FDCWD, path, mode));
184 	check_audit(fds, successreg, pipefd);
185 }
186 
187 ATF_TC_CLEANUP(mkfifoat_success, tc)
188 {
189 	cleanup();
190 }
191 
192 
193 ATF_TC_WITH_CLEANUP(mkfifoat_failure);
194 ATF_TC_HEAD(mkfifoat_failure, tc)
195 {
196 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
197 					"mkfifoat(2) call");
198 }
199 
200 ATF_TC_BODY(mkfifoat_failure, tc)
201 {
202 	ATF_REQUIRE_EQ(0, mkfifoat(AT_FDCWD, path, mode));
203 	FILE *pipefd = setup(fds, auclass);
204 	/* Failure reason: FIFO already exists */
205 	ATF_REQUIRE_EQ(-1, mkfifoat(AT_FDCWD, path, mode));
206 	check_audit(fds, failurereg, pipefd);
207 }
208 
209 ATF_TC_CLEANUP(mkfifoat_failure, tc)
210 {
211 	cleanup();
212 }
213 
214 
215 ATF_TC_WITH_CLEANUP(mknod_success);
216 ATF_TC_HEAD(mknod_success, tc)
217 {
218 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
219 					"mknod(2) call");
220 }
221 
222 ATF_TC_BODY(mknod_success, tc)
223 {
224 	FILE *pipefd = setup(fds, auclass);
225 	ATF_REQUIRE_EQ(0, mknod(path, S_IFIFO | S_IRWXO, dev));
226 	check_audit(fds, successreg, pipefd);
227 }
228 
229 ATF_TC_CLEANUP(mknod_success, tc)
230 {
231 	cleanup();
232 }
233 
234 
235 ATF_TC_WITH_CLEANUP(mknod_failure);
236 ATF_TC_HEAD(mknod_failure, tc)
237 {
238 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
239 					"mknod(2) call");
240 }
241 
242 ATF_TC_BODY(mknod_failure, tc)
243 {
244 	ATF_REQUIRE_EQ(0, mknod(path, S_IFIFO | S_IRWXO, dev));
245 	FILE *pipefd = setup(fds, auclass);
246 	/* Failure reason: FIFO node already exists */
247 	ATF_REQUIRE_EQ(-1, mknod(path, S_IFIFO | S_IRWXO, dev));
248 	check_audit(fds, failurereg, pipefd);
249 }
250 
251 ATF_TC_CLEANUP(mknod_failure, tc)
252 {
253 	cleanup();
254 }
255 
256 
257 ATF_TC_WITH_CLEANUP(mknodat_success);
258 ATF_TC_HEAD(mknodat_success, tc)
259 {
260 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
261 					"mknodat(2) call");
262 }
263 
264 ATF_TC_BODY(mknodat_success, tc)
265 {
266 	FILE *pipefd = setup(fds, auclass);
267 	ATF_REQUIRE_EQ(0, mknodat(AT_FDCWD, path, S_IFIFO | S_IRWXO, dev));
268 	check_audit(fds, successreg, pipefd);
269 }
270 
271 ATF_TC_CLEANUP(mknodat_success, tc)
272 {
273 	cleanup();
274 }
275 
276 
277 ATF_TC_WITH_CLEANUP(mknodat_failure);
278 ATF_TC_HEAD(mknodat_failure, tc)
279 {
280 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
281 					"mknodat(2) call");
282 }
283 
284 ATF_TC_BODY(mknodat_failure, tc)
285 {
286 	ATF_REQUIRE_EQ(0, mknodat(AT_FDCWD, path, S_IFIFO | S_IRWXO, dev));
287 	FILE *pipefd = setup(fds, auclass);
288 	/* Failure reason: FIFO node already exists */
289 	ATF_REQUIRE_EQ(-1, mknodat(AT_FDCWD, path, S_IFIFO | S_IRWXO, dev));
290 	check_audit(fds, failurereg, pipefd);
291 }
292 
293 ATF_TC_CLEANUP(mknodat_failure, tc)
294 {
295 	cleanup();
296 }
297 
298 
299 ATF_TC_WITH_CLEANUP(rename_success);
300 ATF_TC_HEAD(rename_success, tc)
301 {
302 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
303 					"rename(2) call");
304 }
305 
306 ATF_TC_BODY(rename_success, tc)
307 {
308 	ATF_REQUIRE(open(path, O_CREAT, mode) != -1);
309 	FILE *pipefd = setup(fds, auclass);
310 	ATF_REQUIRE_EQ(0, rename(path, "renamed"));
311 	check_audit(fds, successreg, pipefd);
312 }
313 
314 ATF_TC_CLEANUP(rename_success, tc)
315 {
316 	cleanup();
317 }
318 
319 
320 ATF_TC_WITH_CLEANUP(rename_failure);
321 ATF_TC_HEAD(rename_failure, tc)
322 {
323 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
324 					"rename(2) call");
325 }
326 
327 ATF_TC_BODY(rename_failure, tc)
328 {
329 	FILE *pipefd = setup(fds, auclass);
330 	/* Failure reason: file does not exist */
331 	ATF_REQUIRE_EQ(-1, rename(path, "renamed"));
332 	check_audit(fds, failurereg, pipefd);
333 }
334 
335 ATF_TC_CLEANUP(rename_failure, tc)
336 {
337 	cleanup();
338 }
339 
340 
341 ATF_TC_WITH_CLEANUP(renameat_success);
342 ATF_TC_HEAD(renameat_success, tc)
343 {
344 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
345 					"renameat(2) call");
346 }
347 
348 ATF_TC_BODY(renameat_success, tc)
349 {
350 	ATF_REQUIRE(open(path, O_CREAT, mode) != -1);
351 	FILE *pipefd = setup(fds, auclass);
352 	ATF_REQUIRE_EQ(0, renameat(AT_FDCWD, path, AT_FDCWD, "renamed"));
353 	check_audit(fds, successreg, pipefd);
354 }
355 
356 ATF_TC_CLEANUP(renameat_success, tc)
357 {
358 	cleanup();
359 }
360 
361 
362 ATF_TC_WITH_CLEANUP(renameat_failure);
363 ATF_TC_HEAD(renameat_failure, tc)
364 {
365 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
366 					"renameat(2) call");
367 }
368 
369 ATF_TC_BODY(renameat_failure, tc)
370 {
371 	FILE *pipefd = setup(fds, auclass);
372 	/* Failure reason: file does not exist */
373 	ATF_REQUIRE_EQ(-1, renameat(AT_FDCWD, path, AT_FDCWD, "renamed"));
374 	check_audit(fds, failurereg, pipefd);
375 }
376 
377 ATF_TC_CLEANUP(renameat_failure, tc)
378 {
379 	cleanup();
380 }
381 
382 
383 ATF_TC_WITH_CLEANUP(link_success);
384 ATF_TC_HEAD(link_success, tc)
385 {
386 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
387 					"link(2) call");
388 }
389 
390 ATF_TC_BODY(link_success, tc)
391 {
392 	ATF_REQUIRE(open(path, O_CREAT, mode) != -1);
393 	FILE *pipefd = setup(fds, auclass);
394 	ATF_REQUIRE_EQ(0, link(path, "hardlink"));
395 	check_audit(fds, successreg, pipefd);
396 }
397 
398 ATF_TC_CLEANUP(link_success, tc)
399 {
400 	cleanup();
401 }
402 
403 
404 ATF_TC_WITH_CLEANUP(link_failure);
405 ATF_TC_HEAD(link_failure, tc)
406 {
407 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
408 					"link(2) call");
409 }
410 
411 ATF_TC_BODY(link_failure, tc)
412 {
413 	FILE *pipefd = setup(fds, auclass);
414 	/* Failure reason: file does not exist */
415 	ATF_REQUIRE_EQ(-1, link(path, "hardlink"));
416 	check_audit(fds, failurereg, pipefd);
417 }
418 
419 ATF_TC_CLEANUP(link_failure, tc)
420 {
421 	cleanup();
422 }
423 
424 
425 ATF_TC_WITH_CLEANUP(linkat_success);
426 ATF_TC_HEAD(linkat_success, tc)
427 {
428 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
429 					"linkat(2) call");
430 }
431 
432 ATF_TC_BODY(linkat_success, tc)
433 {
434 	ATF_REQUIRE(open(path, O_CREAT, mode) != -1);
435 	FILE *pipefd = setup(fds, auclass);
436 	ATF_REQUIRE_EQ(0, linkat(AT_FDCWD, path, AT_FDCWD, "hardlink", 0));
437 	check_audit(fds, successreg, pipefd);
438 }
439 
440 ATF_TC_CLEANUP(linkat_success, tc)
441 {
442 	cleanup();
443 }
444 
445 
446 ATF_TC_WITH_CLEANUP(linkat_failure);
447 ATF_TC_HEAD(linkat_failure, tc)
448 {
449 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
450 					"linkat(2) call");
451 }
452 
453 ATF_TC_BODY(linkat_failure, tc)
454 {
455 	FILE *pipefd = setup(fds, auclass);
456 	/* Failure reason: file does not exist */
457 	ATF_REQUIRE_EQ(-1, linkat(AT_FDCWD, path, AT_FDCWD, "hardlink", 0));
458 	check_audit(fds, failurereg, pipefd);
459 }
460 
461 ATF_TC_CLEANUP(linkat_failure, tc)
462 {
463 	cleanup();
464 }
465 
466 
467 ATF_TC_WITH_CLEANUP(symlink_success);
468 ATF_TC_HEAD(symlink_success, tc)
469 {
470 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
471 					"symlink(2) call");
472 }
473 
474 ATF_TC_BODY(symlink_success, tc)
475 {
476 	FILE *pipefd = setup(fds, auclass);
477 	ATF_REQUIRE_EQ(0, symlink(path, "symlink"));
478 	check_audit(fds, successreg, pipefd);
479 }
480 
481 ATF_TC_CLEANUP(symlink_success, tc)
482 {
483 	cleanup();
484 }
485 
486 
487 ATF_TC_WITH_CLEANUP(symlink_failure);
488 ATF_TC_HEAD(symlink_failure, tc)
489 {
490 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
491 					"symlink(2) call");
492 }
493 
494 ATF_TC_BODY(symlink_failure, tc)
495 {
496 	ATF_REQUIRE_EQ(0, symlink(path, "symlink"));
497 	FILE *pipefd = setup(fds, auclass);
498 	/* Failure reason: symbolic link already exists */
499 	ATF_REQUIRE_EQ(-1, symlink(path, "symlink"));
500 	check_audit(fds, failurereg, pipefd);
501 }
502 
503 ATF_TC_CLEANUP(symlink_failure, tc)
504 {
505 	cleanup();
506 }
507 
508 
509 ATF_TC_WITH_CLEANUP(symlinkat_success);
510 ATF_TC_HEAD(symlinkat_success, tc)
511 {
512 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
513 					"symlinkat(2) call");
514 }
515 
516 ATF_TC_BODY(symlinkat_success, tc)
517 {
518 	FILE *pipefd = setup(fds, auclass);
519 	ATF_REQUIRE_EQ(0, symlinkat(path, AT_FDCWD, "symlink"));
520 	check_audit(fds, successreg, pipefd);
521 }
522 
523 ATF_TC_CLEANUP(symlinkat_success, tc)
524 {
525 	cleanup();
526 }
527 
528 
529 ATF_TC_WITH_CLEANUP(symlinkat_failure);
530 ATF_TC_HEAD(symlinkat_failure, tc)
531 {
532 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
533 					"symlinkat(2) call");
534 }
535 
536 ATF_TC_BODY(symlinkat_failure, tc)
537 {
538 	ATF_REQUIRE_EQ(0, symlinkat(path, AT_FDCWD, "symlink"));
539 	FILE *pipefd = setup(fds, auclass);
540 	/* Failure reason: symbolic link already exists */
541 	ATF_REQUIRE_EQ(-1, symlinkat(path, AT_FDCWD, "symlink"));
542 	check_audit(fds, failurereg, pipefd);
543 }
544 
545 ATF_TC_CLEANUP(symlinkat_failure, tc)
546 {
547 	cleanup();
548 }
549 
550 
551 ATF_TP_ADD_TCS(tp)
552 {
553 	ATF_TP_ADD_TC(tp, mkdir_success);
554 	ATF_TP_ADD_TC(tp, mkdir_failure);
555 	ATF_TP_ADD_TC(tp, mkdirat_success);
556 	ATF_TP_ADD_TC(tp, mkdirat_failure);
557 
558 	ATF_TP_ADD_TC(tp, mkfifo_success);
559 	ATF_TP_ADD_TC(tp, mkfifo_failure);
560 	ATF_TP_ADD_TC(tp, mkfifoat_success);
561 	ATF_TP_ADD_TC(tp, mkfifoat_failure);
562 
563 	ATF_TP_ADD_TC(tp, mknod_success);
564 	ATF_TP_ADD_TC(tp, mknod_failure);
565 	ATF_TP_ADD_TC(tp, mknodat_success);
566 	ATF_TP_ADD_TC(tp, mknodat_failure);
567 
568 	ATF_TP_ADD_TC(tp, rename_success);
569 	ATF_TP_ADD_TC(tp, rename_failure);
570 	ATF_TP_ADD_TC(tp, renameat_success);
571 	ATF_TP_ADD_TC(tp, renameat_failure);
572 
573 	ATF_TP_ADD_TC(tp, link_success);
574 	ATF_TP_ADD_TC(tp, link_failure);
575 	ATF_TP_ADD_TC(tp, linkat_success);
576 	ATF_TP_ADD_TC(tp, linkat_failure);
577 
578 	ATF_TP_ADD_TC(tp, symlink_success);
579 	ATF_TP_ADD_TC(tp, symlink_failure);
580 	ATF_TP_ADD_TC(tp, symlinkat_success);
581 	ATF_TP_ADD_TC(tp, symlinkat_failure);
582 
583 	return (atf_no_error());
584 }
585