xref: /freebsd/tests/sys/audit/miscellaneous.c (revision 8ddb146abcdf061be9f2c0db7e391697dafad85c) 
1 /*-
2  * Copyright (c) 2018 Aniket Pandey
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * SUCH DAMAGE.
24  *
25  * $FreeBSD$
26  */
27 
28 #include <sys/types.h>
29 #include <sys/sysctl.h>
30 
31 #include <bsm/audit.h>
32 #include <machine/sysarch.h>
33 
34 #include <atf-c.h>
35 #include <unistd.h>
36 
37 #include "utils.h"
38 
39 static pid_t pid;
40 static char miscreg[80];
41 static struct pollfd fds[1];
42 static const char *auclass = "ot";
43 
44 
45 /*
46  * Success case of audit(2) is skipped for now as the behaviour is quite
47  * undeterministic. It will be added when the intermittency is resolved.
48  */
49 
50 
51 ATF_TC_WITH_CLEANUP(audit_failure);
52 ATF_TC_HEAD(audit_failure, tc)
53 {
54 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
55 					"audit(2) call");
56 }
57 
58 ATF_TC_BODY(audit_failure, tc)
59 {
60 	pid = getpid();
61 	snprintf(miscreg, sizeof(miscreg), "audit.*%d.*return,failure", pid);
62 
63 	FILE *pipefd = setup(fds, auclass);
64 	/* Failure reason: Invalid argument */
65 	ATF_REQUIRE_EQ(-1, audit(NULL, -1));
66 	check_audit(fds, miscreg, pipefd);
67 }
68 
69 ATF_TC_CLEANUP(audit_failure, tc)
70 {
71 	cleanup();
72 }
73 
74 
75 ATF_TC_WITH_CLEANUP(sysarch_success);
76 ATF_TC_HEAD(sysarch_success, tc)
77 {
78 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
79 					"sysarch(2) call");
80 }
81 
82 ATF_TC_BODY(sysarch_success, tc)
83 {
84 	pid = getpid();
85 	snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,success", pid);
86 
87 	/* Set sysnum to the syscall corresponding to the system architecture */
88 #if defined(I386_GET_IOPERM)		/* i386 */
89 	struct i386_ioperm_args i3sysarg;
90 	bzero(&i3sysarg, sizeof(i3sysarg));
91 
92 #elif defined(AMD64_GET_FSBASE)		/* amd64 */
93 	register_t amd64arg;
94 
95 #elif defined(MIPS_GET_TLS)		/* MIPS */
96 	char *mipsarg;
97 
98 #elif defined(ARM_SYNC_ICACHE)		/* ARM */
99 	struct arm_sync_icache_args armsysarg;
100 	bzero(&armsysarg, sizeof(armsysarg));
101 
102 #elif defined(SPARC_UTRAP_INSTALL)	/* Sparc64 */
103 	struct sparc_utrap_args handler = {
104 		.type		= UT_DIVISION_BY_ZERO,
105 		/* We don't want to change the previous handlers */
106 		.new_precise	= (void *)UTH_NOCHANGE,
107 		.new_deferred	= (void *)UTH_NOCHANGE,
108 		.old_precise	= NULL,
109 		.old_deferred	= NULL
110 	};
111 
112 	struct sparc_utrap_install_args sparc64arg = {
113 		.num 		= ST_DIVISION_BY_ZERO,
114 		.handlers	= &handler
115 	};
116 #else
117 	/* For PowerPC, ARM64, RISCV archs, sysarch(2) is not supported */
118 	atf_tc_skip("sysarch(2) is not supported for the system architecture");
119 #endif
120 
121 	FILE *pipefd = setup(fds, auclass);
122 #if defined(I386_GET_IOPERM)
123 	ATF_REQUIRE_EQ(0, sysarch(I386_GET_IOPERM, &i3sysarg));
124 #elif defined(AMD64_GET_FSBASE)
125 	ATF_REQUIRE_EQ(0, sysarch(AMD64_GET_FSBASE, &amd64arg));
126 #elif defined(MIPS_GET_TLS)
127 	ATF_REQUIRE_EQ(0, sysarch(MIPS_GET_TLS, &mipsarg));
128 #elif defined(ARM_SYNC_ICACHE)
129 	ATF_REQUIRE_EQ(0, sysarch(ARM_SYNC_ICACHE, &armsysarg));
130 #elif defined(SPARC_UTRAP_INSTALL)
131 	ATF_REQUIRE_EQ(0, sysarch(SPARC_UTRAP_INSTALL, &sparc64arg));
132 #endif
133 	check_audit(fds, miscreg, pipefd);
134 }
135 
136 ATF_TC_CLEANUP(sysarch_success, tc)
137 {
138 	cleanup();
139 }
140 
141 
142 ATF_TC_WITH_CLEANUP(sysarch_failure);
143 ATF_TC_HEAD(sysarch_failure, tc)
144 {
145 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
146 				       "sysarch(2) call for any architecture");
147 }
148 
149 ATF_TC_BODY(sysarch_failure, tc)
150 {
151 	pid = getpid();
152 	snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,failure", pid);
153 
154 	FILE *pipefd = setup(fds, auclass);
155 	/* Failure reason: Invalid argument and Bad address */
156 	ATF_REQUIRE_EQ(-1, sysarch(-1, NULL));
157 	check_audit(fds, miscreg, pipefd);
158 }
159 
160 ATF_TC_CLEANUP(sysarch_failure, tc)
161 {
162 	cleanup();
163 }
164 
165 
166 ATF_TC_WITH_CLEANUP(sysctl_success);
167 ATF_TC_HEAD(sysctl_success, tc)
168 {
169 	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
170 					"sysctl(3) call");
171 }
172 
173 ATF_TC_BODY(sysctl_success, tc)
174 {
175 	int mib[2], maxproc;
176 	size_t proclen;
177 
178 	/* Set mib to retrieve the maximum number of allowed processes */
179 	mib[0] = CTL_KERN;
180 	mib[1] = KERN_MAXPROC;
181 	proclen = sizeof(maxproc);
182 
183 	pid = getpid();
184 	snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,success", pid);
185 
186 	FILE *pipefd = setup(fds, auclass);
187 	ATF_REQUIRE_EQ(0, sysctl(mib, 2, &maxproc, &proclen, NULL, 0));
188 	check_audit(fds, miscreg, pipefd);
189 }
190 
191 ATF_TC_CLEANUP(sysctl_success, tc)
192 {
193 	cleanup();
194 }
195 
196 
197 ATF_TC_WITH_CLEANUP(sysctl_failure);
198 ATF_TC_HEAD(sysctl_failure, tc)
199 {
200 	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
201 					"sysctl(3) call");
202 }
203 
204 ATF_TC_BODY(sysctl_failure, tc)
205 {
206 	pid = getpid();
207 	snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,failure", pid);
208 
209 	FILE *pipefd = setup(fds, auclass);
210 	/* Failure reason: Invalid arguments */
211 	ATF_REQUIRE_EQ(-1, sysctl(NULL, 0, NULL, NULL, NULL, 0));
212 	check_audit(fds, miscreg, pipefd);
213 }
214 
215 ATF_TC_CLEANUP(sysctl_failure, tc)
216 {
217 	cleanup();
218 }
219 
220 
221 ATF_TP_ADD_TCS(tp)
222 {
223 	ATF_TP_ADD_TC(tp, audit_failure);
224 
225 	ATF_TP_ADD_TC(tp, sysarch_success);
226 	ATF_TP_ADD_TC(tp, sysarch_failure);
227 
228 	ATF_TP_ADD_TC(tp, sysctl_success);
229 	ATF_TP_ADD_TC(tp, sysctl_failure);
230 
231 	return (atf_no_error());
232 }
233