xref: /freebsd/tests/sys/audit/miscellaneous.c (revision 035dd78d30ba28a3dc15c05ec85ad10127165677)
1 /*-
2  * Copyright (c) 2018 Aniket Pandey
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * SUCH DAMAGE.
24  *
25  * $FreeBSD$
26  */
27 
28 #include <sys/types.h>
29 #include <sys/sysctl.h>
30 
31 #include <bsm/audit.h>
32 #include <machine/sysarch.h>
33 
34 #include <atf-c.h>
35 #include <unistd.h>
36 
37 #include "utils.h"
38 
39 static pid_t pid;
40 static char miscreg[80];
41 static struct pollfd fds[1];
42 static const char *auclass = "ot";
43 
44 
45 /*
46  * Success case of audit(2) is skipped for now as the behaviour is quite
47  * undeterministic. It will be added when the intermittency is resolved.
48  */
49 
50 
51 ATF_TC_WITH_CLEANUP(audit_failure);
52 ATF_TC_HEAD(audit_failure, tc)
53 {
54 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
55 					"audit(2) call");
56 }
57 
58 ATF_TC_BODY(audit_failure, tc)
59 {
60 	pid = getpid();
61 	snprintf(miscreg, sizeof(miscreg), "audit.*%d.*return,failure", pid);
62 
63 	FILE *pipefd = setup(fds, auclass);
64 	/* Failure reason: Invalid argument */
65 	ATF_REQUIRE_EQ(-1, audit(NULL, -1));
66 	check_audit(fds, miscreg, pipefd);
67 }
68 
69 ATF_TC_CLEANUP(audit_failure, tc)
70 {
71 	cleanup();
72 }
73 
74 
75 ATF_TC_WITH_CLEANUP(sysarch_success);
76 ATF_TC_HEAD(sysarch_success, tc)
77 {
78 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
79 					"sysarch(2) call");
80 }
81 
82 ATF_TC_BODY(sysarch_success, tc)
83 {
84 	pid = getpid();
85 	snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,success", pid);
86 
87 	/* Set sysnum to the syscall corresponding to the system architecture */
88 #if defined(I386_GET_IOPERM)		/* i386 */
89 	struct i386_ioperm_args i3sysarg;
90 	bzero(&i3sysarg, sizeof(i3sysarg));
91 
92 #elif defined(AMD64_GET_FSBASE)		/* amd64 */
93 	register_t amd64arg;
94 
95 #elif defined(ARM_SYNC_ICACHE)		/* ARM */
96 	struct arm_sync_icache_args armsysarg;
97 	bzero(&armsysarg, sizeof(armsysarg));
98 
99 #elif defined(SPARC_UTRAP_INSTALL)	/* Sparc64 */
100 	struct sparc_utrap_args handler = {
101 		.type		= UT_DIVISION_BY_ZERO,
102 		/* We don't want to change the previous handlers */
103 		.new_precise	= (void *)UTH_NOCHANGE,
104 		.new_deferred	= (void *)UTH_NOCHANGE,
105 		.old_precise	= NULL,
106 		.old_deferred	= NULL
107 	};
108 
109 	struct sparc_utrap_install_args sparc64arg = {
110 		.num 		= ST_DIVISION_BY_ZERO,
111 		.handlers	= &handler
112 	};
113 #else
114 	/* For PowerPC, ARM64, RISCV archs, sysarch(2) is not supported */
115 	atf_tc_skip("sysarch(2) is not supported for the system architecture");
116 #endif
117 
118 	FILE *pipefd = setup(fds, auclass);
119 #if defined(I386_GET_IOPERM)
120 	ATF_REQUIRE_EQ(0, sysarch(I386_GET_IOPERM, &i3sysarg));
121 #elif defined(AMD64_GET_FSBASE)
122 	ATF_REQUIRE_EQ(0, sysarch(AMD64_GET_FSBASE, &amd64arg));
123 #elif defined(ARM_SYNC_ICACHE)
124 	ATF_REQUIRE_EQ(0, sysarch(ARM_SYNC_ICACHE, &armsysarg));
125 #elif defined(SPARC_UTRAP_INSTALL)
126 	ATF_REQUIRE_EQ(0, sysarch(SPARC_UTRAP_INSTALL, &sparc64arg));
127 #endif
128 	check_audit(fds, miscreg, pipefd);
129 }
130 
131 ATF_TC_CLEANUP(sysarch_success, tc)
132 {
133 	cleanup();
134 }
135 
136 
137 ATF_TC_WITH_CLEANUP(sysarch_failure);
138 ATF_TC_HEAD(sysarch_failure, tc)
139 {
140 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
141 				       "sysarch(2) call for any architecture");
142 }
143 
144 ATF_TC_BODY(sysarch_failure, tc)
145 {
146 	pid = getpid();
147 	snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,failure", pid);
148 
149 	FILE *pipefd = setup(fds, auclass);
150 	/* Failure reason: Invalid argument and Bad address */
151 	ATF_REQUIRE_EQ(-1, sysarch(-1, NULL));
152 	check_audit(fds, miscreg, pipefd);
153 }
154 
155 ATF_TC_CLEANUP(sysarch_failure, tc)
156 {
157 	cleanup();
158 }
159 
160 
161 ATF_TC_WITH_CLEANUP(sysctl_success);
162 ATF_TC_HEAD(sysctl_success, tc)
163 {
164 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
165 					"sysctl(3) call");
166 }
167 
168 ATF_TC_BODY(sysctl_success, tc)
169 {
170 	int mib[2], maxproc;
171 	size_t proclen;
172 
173 	/* Set mib to retrieve the maximum number of allowed processes */
174 	mib[0] = CTL_KERN;
175 	mib[1] = KERN_MAXPROC;
176 	proclen = sizeof(maxproc);
177 
178 	pid = getpid();
179 	snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,success", pid);
180 
181 	FILE *pipefd = setup(fds, auclass);
182 	ATF_REQUIRE_EQ(0, sysctl(mib, 2, &maxproc, &proclen, NULL, 0));
183 	check_audit(fds, miscreg, pipefd);
184 }
185 
186 ATF_TC_CLEANUP(sysctl_success, tc)
187 {
188 	cleanup();
189 }
190 
191 
192 ATF_TC_WITH_CLEANUP(sysctl_failure);
193 ATF_TC_HEAD(sysctl_failure, tc)
194 {
195 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
196 					"sysctl(3) call");
197 }
198 
199 ATF_TC_BODY(sysctl_failure, tc)
200 {
201 	pid = getpid();
202 	snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,failure", pid);
203 
204 	FILE *pipefd = setup(fds, auclass);
205 	/* Failure reason: Invalid arguments */
206 	ATF_REQUIRE_EQ(-1, sysctl(NULL, 0, NULL, NULL, NULL, 0));
207 	check_audit(fds, miscreg, pipefd);
208 }
209 
210 ATF_TC_CLEANUP(sysctl_failure, tc)
211 {
212 	cleanup();
213 }
214 
215 
216 ATF_TP_ADD_TCS(tp)
217 {
218 	ATF_TP_ADD_TC(tp, audit_failure);
219 
220 	ATF_TP_ADD_TC(tp, sysarch_success);
221 	ATF_TP_ADD_TC(tp, sysarch_failure);
222 
223 	ATF_TP_ADD_TC(tp, sysctl_success);
224 	ATF_TP_ADD_TC(tp, sysctl_failure);
225 
226 	return (atf_no_error());
227 }
228