CoCalc -- process-control.c

GitHub Repository: freebsd/freebsd-src
Path: blob/main/tests/sys/audit/process-control.c
¹⁰²⁸⁷⁹ views
1
/*-
2
 * Copyright (c) 2018 Aniket Pandey
3
 *
4
 * Redistribution and use in source and binary forms, with or without
5
 * modification, are permitted provided that the following conditions
6
 * are met:
7
 * 1. Redistributions of source code must retain the above copyright
8
 *    notice, this list of conditions and the following disclaimer.
9
 * 2. Redistributions in binary form must reproduce the above copyright
10
 *    notice, this list of conditions and the following disclaimer in the
11
 *    documentation and/or other materials provided with the distribution.
12
 *
13
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23
 * SUCH DAMAGE.
24
 */
25

26
#include <sys/param.h>
27
#include <sys/capsicum.h>
28
#include <sys/uio.h>
29
#include <sys/ktrace.h>
30
#include <sys/mman.h>
31
#include <sys/procctl.h>
32
#include <sys/ptrace.h>
33
#include <sys/resource.h>
34
#include <sys/rtprio.h>
35
#include <sys/stat.h>
36
#include <sys/sysctl.h>
37
#include <sys/time.h>
38
#include <sys/wait.h>
39

40
#include <atf-c.h>
41
#include <fcntl.h>
42
#include <signal.h>
43
#include <stdint.h>
44
#include <stdlib.h>
45
#include <unistd.h>
46

47
#include "utils.h"
48

49
#include "freebsd_test_suite/macros.h"
50

51
static pid_t pid;
52
static int filedesc, status;
53
static struct pollfd fds[1];
54
static char pcregex[80];
55
static const char *auclass = "pc";
56

57

58
ATF_TC_WITH_CLEANUP(fork_success);
59
ATF_TC_HEAD(fork_success, tc)
60
{
61
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
62
					"fork(2) call");
63
}
64

65
ATF_TC_BODY(fork_success, tc)
66
{
67
	pid = getpid();
68
	snprintf(pcregex, sizeof(pcregex), "fork.*%d.*return,success", pid);
69

70
	FILE *pipefd = setup(fds, auclass);
71
	/* Check if fork(2) succeded. If so, exit from the child process */
72
	ATF_REQUIRE((pid = fork()) != -1);
73
	if (pid)
74
		check_audit(fds, pcregex, pipefd);
75
	else
76
		_exit(0);
77
}
78

79
ATF_TC_CLEANUP(fork_success, tc)
80
{
81
	cleanup();
82
}
83

84
/*
85
 * No fork(2) in failure mode since possibilities for failure are only when
86
 * user is not privileged or when the number of processes exceed KERN_MAXPROC.
87
 */
88

89

90
ATF_TC_WITH_CLEANUP(_exit_success);
91
ATF_TC_HEAD(_exit_success, tc)
92
{
93
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
94
					"_exit(2) call");
95
}
96

97
ATF_TC_BODY(_exit_success, tc)
98
{
99
	FILE *pipefd = setup(fds, auclass);
100
	ATF_REQUIRE((pid = fork()) != -1);
101
	if (pid) {
102
		snprintf(pcregex, sizeof(pcregex), "exit.*%d.*success", pid);
103
		check_audit(fds, pcregex, pipefd);
104
	}
105
	else
106
		_exit(0);
107
}
108

109
ATF_TC_CLEANUP(_exit_success, tc)
110
{
111
	cleanup();
112
}
113

114
/*
115
 * _exit(2) never returns, hence the auditing by default is always successful
116
 */
117

118

119
ATF_TC_WITH_CLEANUP(rfork_success);
120
ATF_TC_HEAD(rfork_success, tc)
121
{
122
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
123
					"rfork(2) call");
124
}
125

126
ATF_TC_BODY(rfork_success, tc)
127
{
128
	pid = getpid();
129
	snprintf(pcregex, sizeof(pcregex), "rfork.*%d.*return,success", pid);
130

131
	FILE *pipefd = setup(fds, auclass);
132
	ATF_REQUIRE((pid = rfork(RFPROC)) != -1);
133
	if (pid)
134
		check_audit(fds, pcregex, pipefd);
135
	else
136
		_exit(0);
137
}
138

139
ATF_TC_CLEANUP(rfork_success, tc)
140
{
141
	cleanup();
142
}
143

144

145
ATF_TC_WITH_CLEANUP(rfork_failure);
146
ATF_TC_HEAD(rfork_failure, tc)
147
{
148
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
149
					"rfork(2) call");
150
}
151

152
ATF_TC_BODY(rfork_failure, tc)
153
{
154
	pid = getpid();
155
	snprintf(pcregex, sizeof(pcregex), "rfork.*%d.*return,failure", pid);
156

157
	FILE *pipefd = setup(fds, auclass);
158
	/* Failure reason: Invalid argument */
159
	ATF_REQUIRE_EQ(-1, rfork(-1));
160
	check_audit(fds, pcregex, pipefd);
161
}
162

163
ATF_TC_CLEANUP(rfork_failure, tc)
164
{
165
	cleanup();
166
}
167

168

169
ATF_TC_WITH_CLEANUP(wait4_success);
170
ATF_TC_HEAD(wait4_success, tc)
171
{
172
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
173
					"wait4(2) call");
174
}
175

176
ATF_TC_BODY(wait4_success, tc)
177
{
178
	pid = getpid();
179
	snprintf(pcregex, sizeof(pcregex), "wait4.*%d.*return,success", pid);
180

181
	ATF_REQUIRE((pid = fork()) != -1);
182
	if (pid) {
183
		FILE *pipefd = setup(fds, auclass);
184
		/* wpid = -1 : Wait for any child process */
185
		ATF_REQUIRE(wait4(-1, &status, 0, NULL) != -1);
186
		check_audit(fds, pcregex, pipefd);
187
	}
188
	else
189
		_exit(0);
190
}
191

192
ATF_TC_CLEANUP(wait4_success, tc)
193
{
194
	cleanup();
195
}
196

197

198
ATF_TC_WITH_CLEANUP(wait4_failure);
199
ATF_TC_HEAD(wait4_failure, tc)
200
{
201
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
202
					"wait4(2) call");
203
}
204

205
ATF_TC_BODY(wait4_failure, tc)
206
{
207
	pid = getpid();
208
	snprintf(pcregex, sizeof(pcregex), "wait4.*%d.*return,failure", pid);
209

210
	FILE *pipefd = setup(fds, auclass);
211
	/* Failure reason: No child process to wait for */
212
	ATF_REQUIRE_EQ(-1, wait4(-1, NULL, 0, NULL));
213
	check_audit(fds, pcregex, pipefd);
214
}
215

216
ATF_TC_CLEANUP(wait4_failure, tc)
217
{
218
	cleanup();
219
}
220

221

222
ATF_TC_WITH_CLEANUP(wait6_success);
223
ATF_TC_HEAD(wait6_success, tc)
224
{
225
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
226
					"wait6(2) call");
227
}
228

229
ATF_TC_BODY(wait6_success, tc)
230
{
231
	pid = getpid();
232
	snprintf(pcregex, sizeof(pcregex), "wait6.*%d.*return,success", pid);
233

234
	ATF_REQUIRE((pid = fork()) != -1);
235
	if (pid) {
236
		FILE *pipefd = setup(fds, auclass);
237
		ATF_REQUIRE(wait6(P_ALL, 0, &status, WEXITED, NULL,NULL) != -1);
238
		check_audit(fds, pcregex, pipefd);
239
	}
240
	else
241
		_exit(0);
242
}
243

244
ATF_TC_CLEANUP(wait6_success, tc)
245
{
246
	cleanup();
247
}
248

249

250
ATF_TC_WITH_CLEANUP(wait6_failure);
251
ATF_TC_HEAD(wait6_failure, tc)
252
{
253
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
254
					"wait6(2) call");
255
}
256

257
ATF_TC_BODY(wait6_failure, tc)
258
{
259
	pid = getpid();
260
	snprintf(pcregex, sizeof(pcregex), "wait6.*%d.*return,failure", pid);
261

262
	FILE *pipefd = setup(fds, auclass);
263
	/* Failure reason: Invalid argument */
264
	ATF_REQUIRE_EQ(-1, wait6(0, 0, NULL, 0, NULL, NULL));
265
	check_audit(fds, pcregex, pipefd);
266
}
267

268
ATF_TC_CLEANUP(wait6_failure, tc)
269
{
270
	cleanup();
271
}
272

273

274
ATF_TC_WITH_CLEANUP(kill_success);
275
ATF_TC_HEAD(kill_success, tc)
276
{
277
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
278
					"kill(2) call");
279
}
280

281
ATF_TC_BODY(kill_success, tc)
282
{
283
	pid = getpid();
284
	snprintf(pcregex, sizeof(pcregex), "kill.*%d.*return,success", pid);
285

286
	FILE *pipefd = setup(fds, auclass);
287
	/* Don't send any signal to anyone, live in peace! */
288
	ATF_REQUIRE_EQ(0, kill(0, 0));
289
	check_audit(fds, pcregex, pipefd);
290
}
291

292
ATF_TC_CLEANUP(kill_success, tc)
293
{
294
	cleanup();
295
}
296

297

298
ATF_TC_WITH_CLEANUP(kill_failure);
299
ATF_TC_HEAD(kill_failure, tc)
300
{
301
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
302
					"kill(2) call");
303
}
304

305
ATF_TC_BODY(kill_failure, tc)
306
{
307
	pid = getpid();
308
	snprintf(pcregex, sizeof(pcregex), "kill.*%d.*return,failure", pid);
309

310
	FILE *pipefd = setup(fds, auclass);
311
	/*
312
	 * Failure reason: Non existent process with PID '-2'
313
	 * Note: '-1' is not used as it means sending no signal to
314
	 * all non-system processes: A successful invocation
315
	 */
316
	ATF_REQUIRE_EQ(-1, kill(0, -2));
317
	check_audit(fds, pcregex, pipefd);
318
}
319

320
ATF_TC_CLEANUP(kill_failure, tc)
321
{
322
	cleanup();
323
}
324

325

326
ATF_TC_WITH_CLEANUP(chdir_success);
327
ATF_TC_HEAD(chdir_success, tc)
328
{
329
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
330
					"chdir(2) call");
331
}
332

333
ATF_TC_BODY(chdir_success, tc)
334
{
335
	pid = getpid();
336
	snprintf(pcregex, sizeof(pcregex), "chdir.*/.*%d.*return,success", pid);
337

338
	FILE *pipefd = setup(fds, auclass);
339
	ATF_REQUIRE_EQ(0, chdir("/"));
340
	check_audit(fds, pcregex, pipefd);
341
}
342

343
ATF_TC_CLEANUP(chdir_success, tc)
344
{
345
	cleanup();
346
}
347

348

349
ATF_TC_WITH_CLEANUP(chdir_failure);
350
ATF_TC_HEAD(chdir_failure, tc)
351
{
352
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
353
					"chdir(2) call");
354
}
355

356
ATF_TC_BODY(chdir_failure, tc)
357
{
358
	pid = getpid();
359
	snprintf(pcregex, sizeof(pcregex), "chdir.*%d.*return,failure", pid);
360

361
	FILE *pipefd = setup(fds, auclass);
362
	/* Failure reason: Bad address */
363
	ATF_REQUIRE_EQ(-1, chdir(NULL));
364
	check_audit(fds, pcregex, pipefd);
365
}
366

367
ATF_TC_CLEANUP(chdir_failure, tc)
368
{
369
	cleanup();
370
}
371

372

373
ATF_TC_WITH_CLEANUP(fchdir_success);
374
ATF_TC_HEAD(fchdir_success, tc)
375
{
376
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
377
					"fchdir(2) call");
378
}
379

380
ATF_TC_BODY(fchdir_success, tc)
381
{
382
	/* Build an absolute path to the test-case directory */
383
	char dirpath[50];
384
	ATF_REQUIRE(getcwd(dirpath, sizeof(dirpath)) != NULL);
385
	ATF_REQUIRE((filedesc = open(dirpath, O_RDONLY)) != -1);
386

387
	/* Audit record generated by fchdir(2) does not contain filedesc */
388
	pid = getpid();
389
	snprintf(pcregex, sizeof(pcregex), "fchdir.*%d.*return,success", pid);
390

391
	FILE *pipefd = setup(fds, auclass);
392
	ATF_REQUIRE_EQ(0, fchdir(filedesc));
393
	check_audit(fds, pcregex, pipefd);
394
	close(filedesc);
395
}
396

397
ATF_TC_CLEANUP(fchdir_success, tc)
398
{
399
	cleanup();
400
}
401

402

403
ATF_TC_WITH_CLEANUP(fchdir_failure);
404
ATF_TC_HEAD(fchdir_failure, tc)
405
{
406
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
407
					"fchdir(2) call");
408
}
409

410
ATF_TC_BODY(fchdir_failure, tc)
411
{
412
	pid = getpid();
413
	snprintf(pcregex, sizeof(pcregex), "fchdir.*%d.*return,failure", pid);
414

415
	FILE *pipefd = setup(fds, auclass);
416
	/* Failure reason: Bad directory address */
417
	ATF_REQUIRE_EQ(-1, fchdir(-1));
418
	check_audit(fds, pcregex, pipefd);
419
}
420

421
ATF_TC_CLEANUP(fchdir_failure, tc)
422
{
423
	cleanup();
424
}
425

426

427
ATF_TC_WITH_CLEANUP(chroot_success);
428
ATF_TC_HEAD(chroot_success, tc)
429
{
430
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
431
					"chroot(2) call");
432
}
433

434
ATF_TC_BODY(chroot_success, tc)
435
{
436
	pid = getpid();
437
	snprintf(pcregex, sizeof(pcregex), "chroot.*%d.*return,success", pid);
438

439
	FILE *pipefd = setup(fds, auclass);
440
	/* We don't want to change the root directory, hence '/' */
441
	ATF_REQUIRE_EQ(0, chroot("/"));
442
	check_audit(fds, pcregex, pipefd);
443
}
444

445
ATF_TC_CLEANUP(chroot_success, tc)
446
{
447
	cleanup();
448
}
449

450

451
ATF_TC_WITH_CLEANUP(chroot_failure);
452
ATF_TC_HEAD(chroot_failure, tc)
453
{
454
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
455
					"chroot(2) call");
456
}
457

458
ATF_TC_BODY(chroot_failure, tc)
459
{
460
	pid = getpid();
461
	snprintf(pcregex, sizeof(pcregex), "chroot.*%d.*return,failure", pid);
462

463
	FILE *pipefd = setup(fds, auclass);
464
	ATF_REQUIRE_EQ(-1, chroot(NULL));
465
	check_audit(fds, pcregex, pipefd);
466
}
467

468
ATF_TC_CLEANUP(chroot_failure, tc)
469
{
470
	cleanup();
471
}
472

473

474
ATF_TC_WITH_CLEANUP(umask_success);
475
ATF_TC_HEAD(umask_success, tc)
476
{
477
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
478
					"umask(2) call");
479
}
480

481
ATF_TC_BODY(umask_success, tc)
482
{
483
	pid = getpid();
484
	snprintf(pcregex, sizeof(pcregex), "umask.*%d.*return,success", pid);
485

486
	FILE *pipefd = setup(fds, auclass);
487
	umask(0);
488
	check_audit(fds, pcregex, pipefd);
489
}
490

491
ATF_TC_CLEANUP(umask_success, tc)
492
{
493
	cleanup();
494
}
495

496
/*
497
 * umask(2) system call never fails. Hence, no test case for failure mode
498
 */
499

500

501
ATF_TC_WITH_CLEANUP(setuid_success);
502
ATF_TC_HEAD(setuid_success, tc)
503
{
504
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
505
					"setuid(2) call");
506
}
507

508
ATF_TC_BODY(setuid_success, tc)
509
{
510
	pid = getpid();
511
	snprintf(pcregex, sizeof(pcregex), "setuid.*%d.*return,success", pid);
512

513
	FILE *pipefd = setup(fds, auclass);
514
	/* Since we're privileged, we'll let ourselves be privileged! */
515
	ATF_REQUIRE_EQ(0, setuid(0));
516
	check_audit(fds, pcregex, pipefd);
517
}
518

519
ATF_TC_CLEANUP(setuid_success, tc)
520
{
521
	cleanup();
522
}
523

524
/*
525
 * setuid(2) fails only when the current user is not root. So no test case for
526
 * failure mode since the required_user="root"
527
 */
528

529

530
ATF_TC_WITH_CLEANUP(seteuid_success);
531
ATF_TC_HEAD(seteuid_success, tc)
532
{
533
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
534
					"seteuid(2) call");
535
}
536

537
ATF_TC_BODY(seteuid_success, tc)
538
{
539
	pid = getpid();
540
	snprintf(pcregex, sizeof(pcregex), "seteuid.*%d.*return,success", pid);
541

542
	FILE *pipefd = setup(fds, auclass);
543
	/* This time, we'll let ourselves be 'effectively' privileged! */
544
	ATF_REQUIRE_EQ(0, seteuid(0));
545
	check_audit(fds, pcregex, pipefd);
546
}
547

548
ATF_TC_CLEANUP(seteuid_success, tc)
549
{
550
	cleanup();
551
}
552

553
/*
554
 * seteuid(2) fails only when the current user is not root. So no test case for
555
 * failure mode since the required_user="root"
556
 */
557

558

559
ATF_TC_WITH_CLEANUP(setgid_success);
560
ATF_TC_HEAD(setgid_success, tc)
561
{
562
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
563
					"setgid(2) call");
564
}
565

566
ATF_TC_BODY(setgid_success, tc)
567
{
568
	pid = getpid();
569
	snprintf(pcregex, sizeof(pcregex), "setgid.*%d.*return,success", pid);
570

571
	FILE *pipefd = setup(fds, auclass);
572
	ATF_REQUIRE_EQ(0, setgid(0));
573
	check_audit(fds, pcregex, pipefd);
574
}
575

576
ATF_TC_CLEANUP(setgid_success, tc)
577
{
578
	cleanup();
579
}
580

581
/*
582
 * setgid(2) fails only when the current user is not root. So no test case for
583
 * failure mode since the required_user="root"
584
 */
585

586

587
ATF_TC_WITH_CLEANUP(setegid_success);
588
ATF_TC_HEAD(setegid_success, tc)
589
{
590
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
591
					"setegid(2) call");
592
}
593

594
ATF_TC_BODY(setegid_success, tc)
595
{
596
	pid = getpid();
597
	snprintf(pcregex, sizeof(pcregex), "setegid.*%d.*return,success", pid);
598

599
	FILE *pipefd = setup(fds, auclass);
600
	ATF_REQUIRE_EQ(0, setegid(0));
601
	check_audit(fds, pcregex, pipefd);
602
}
603

604
ATF_TC_CLEANUP(setegid_success, tc)
605
{
606
	cleanup();
607
}
608

609
/*
610
 * setegid(2) fails only when the current user is not root. So no test case for
611
 * failure mode since the required_user="root"
612
 */
613

614

615
ATF_TC_WITH_CLEANUP(setregid_success);
616
ATF_TC_HEAD(setregid_success, tc)
617
{
618
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
619
					"setregid(2) call");
620
}
621

622
ATF_TC_BODY(setregid_success, tc)
623
{
624
	pid = getpid();
625
	snprintf(pcregex, sizeof(pcregex), "setregid.*%d.*return,success", pid);
626

627
	FILE *pipefd = setup(fds, auclass);
628
	/* setregid(-1, -1) does not change any real or effective GIDs */
629
	ATF_REQUIRE_EQ(0, setregid(-1, -1));
630
	check_audit(fds, pcregex, pipefd);
631
}
632

633
ATF_TC_CLEANUP(setregid_success, tc)
634
{
635
	cleanup();
636
}
637

638
/*
639
 * setregid(2) fails only when the current user is not root. So no test case for
640
 * failure mode since the required_user="root"
641
 */
642

643

644
ATF_TC_WITH_CLEANUP(setreuid_success);
645
ATF_TC_HEAD(setreuid_success, tc)
646
{
647
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
648
					"setreuid(2) call");
649
}
650

651
ATF_TC_BODY(setreuid_success, tc)
652
{
653
	pid = getpid();
654
	snprintf(pcregex, sizeof(pcregex), "setreuid.*%d.*return,success", pid);
655

656
	FILE *pipefd = setup(fds, auclass);
657
	/* setreuid(-1, -1) does not change any real or effective UIDs */
658
	ATF_REQUIRE_EQ(0, setreuid(-1, -1));
659
	check_audit(fds, pcregex, pipefd);
660
}
661

662
ATF_TC_CLEANUP(setreuid_success, tc)
663
{
664
	cleanup();
665
}
666

667
/*
668
 * setregid(2) fails only when the current user is not root. So no test case for
669
 * failure mode since the required_user="root"
670
 */
671

672

673
ATF_TC_WITH_CLEANUP(setresuid_success);
674
ATF_TC_HEAD(setresuid_success, tc)
675
{
676
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
677
					"setresuid(2) call");
678
}
679

680
ATF_TC_BODY(setresuid_success, tc)
681
{
682
	pid = getpid();
683
	snprintf(pcregex, sizeof(pcregex), "setresuid.*%d.*return,success", pid);
684

685
	FILE *pipefd = setup(fds, auclass);
686
	/* setresuid(-1, -1, -1) does not change real, effective & saved UIDs */
687
	ATF_REQUIRE_EQ(0, setresuid(-1, -1, -1));
688
	check_audit(fds, pcregex, pipefd);
689
}
690

691
ATF_TC_CLEANUP(setresuid_success, tc)
692
{
693
	cleanup();
694
}
695

696
/*
697
 * setresuid(2) fails only when the current user is not root. So no test case
698
 * for failure mode since the required_user="root"
699
 */
700

701

702
ATF_TC_WITH_CLEANUP(setresgid_success);
703
ATF_TC_HEAD(setresgid_success, tc)
704
{
705
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
706
					"setresgid(2) call");
707
}
708

709
ATF_TC_BODY(setresgid_success, tc)
710
{
711
	pid = getpid();
712
	snprintf(pcregex, sizeof(pcregex), "setresgid.*%d.*ret.*success", pid);
713

714
	FILE *pipefd = setup(fds, auclass);
715
	/* setresgid(-1, -1, -1) does not change real, effective & saved GIDs */
716
	ATF_REQUIRE_EQ(0, setresgid(-1, -1, -1));
717
	check_audit(fds, pcregex, pipefd);
718
}
719

720
ATF_TC_CLEANUP(setresgid_success, tc)
721
{
722
	cleanup();
723
}
724

725
/*
726
 * setresgid(2) fails only when the current user is not root. So no test case
727
 * for failure mode since the required_user="root"
728
 */
729

730

731
ATF_TC_WITH_CLEANUP(getresuid_success);
732
ATF_TC_HEAD(getresuid_success, tc)
733
{
734
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
735
					"getresuid(2) call");
736
}
737

738
ATF_TC_BODY(getresuid_success, tc)
739
{
740
	pid = getpid();
741
	snprintf(pcregex, sizeof(pcregex), "getresuid.*%d.*ret.*success", pid);
742

743
	FILE *pipefd = setup(fds, auclass);
744
	ATF_REQUIRE_EQ(0, getresuid(NULL, NULL, NULL));
745
	check_audit(fds, pcregex, pipefd);
746
}
747

748
ATF_TC_CLEANUP(getresuid_success, tc)
749
{
750
	cleanup();
751
}
752

753

754
ATF_TC_WITH_CLEANUP(getresuid_failure);
755
ATF_TC_HEAD(getresuid_failure, tc)
756
{
757
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
758
					"getresuid(2) call");
759
}
760

761
ATF_TC_BODY(getresuid_failure, tc)
762
{
763
	pid = getpid();
764
	snprintf(pcregex, sizeof(pcregex), "getresuid.*%d.*ret.*failure", pid);
765

766
	FILE *pipefd = setup(fds, auclass);
767
	/* Failure reason: Invalid address "-1" */
768
	ATF_REQUIRE_EQ(-1, getresuid((uid_t *)-1, NULL, NULL));
769
	check_audit(fds, pcregex, pipefd);
770
}
771

772
ATF_TC_CLEANUP(getresuid_failure, tc)
773
{
774
	cleanup();
775
}
776

777

778
ATF_TC_WITH_CLEANUP(getresgid_success);
779
ATF_TC_HEAD(getresgid_success, tc)
780
{
781
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
782
					"getresgid(2) call");
783
}
784

785
ATF_TC_BODY(getresgid_success, tc)
786
{
787
	pid = getpid();
788
	snprintf(pcregex, sizeof(pcregex), "getresgid.*%d.*ret.*success", pid);
789

790
	FILE *pipefd = setup(fds, auclass);
791
	ATF_REQUIRE_EQ(0, getresgid(NULL, NULL, NULL));
792
	check_audit(fds, pcregex, pipefd);
793
}
794

795
ATF_TC_CLEANUP(getresgid_success, tc)
796
{
797
	cleanup();
798
}
799

800

801
ATF_TC_WITH_CLEANUP(getresgid_failure);
802
ATF_TC_HEAD(getresgid_failure, tc)
803
{
804
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
805
					"getresgid(2) call");
806
}
807

808
ATF_TC_BODY(getresgid_failure, tc)
809
{
810
	pid = getpid();
811
	snprintf(pcregex, sizeof(pcregex), "getresgid.*%d.*ret.*failure", pid);
812

813
	FILE *pipefd = setup(fds, auclass);
814
	/* Failure reason: Invalid address "-1" */
815
	ATF_REQUIRE_EQ(-1, getresgid((gid_t *)-1, NULL, NULL));
816
	check_audit(fds, pcregex, pipefd);
817
}
818

819
ATF_TC_CLEANUP(getresgid_failure, tc)
820
{
821
	cleanup();
822
}
823

824

825
ATF_TC_WITH_CLEANUP(setpriority_success);
826
ATF_TC_HEAD(setpriority_success, tc)
827
{
828
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
829
					"setpriority(2) call");
830
}
831

832
ATF_TC_BODY(setpriority_success, tc)
833
{
834
	pid = getpid();
835
	snprintf(pcregex, sizeof(pcregex), "setpriority.*%d.*success", pid);
836

837
	FILE *pipefd = setup(fds, auclass);
838
	ATF_REQUIRE_EQ(0, setpriority(PRIO_PROCESS, 0, 0));
839
	check_audit(fds, pcregex, pipefd);
840
}
841

842
ATF_TC_CLEANUP(setpriority_success, tc)
843
{
844
	cleanup();
845
}
846

847

848
ATF_TC_WITH_CLEANUP(setpriority_failure);
849
ATF_TC_HEAD(setpriority_failure, tc)
850
{
851
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
852
					"setpriority(2) call");
853
}
854

855
ATF_TC_BODY(setpriority_failure, tc)
856
{
857
	pid = getpid();
858
	snprintf(pcregex, sizeof(pcregex), "setpriority.*%d.*failure", pid);
859

860
	FILE *pipefd = setup(fds, auclass);
861
	ATF_REQUIRE_EQ(-1, setpriority(-1, -1, -1));
862
	check_audit(fds, pcregex, pipefd);
863
}
864

865
ATF_TC_CLEANUP(setpriority_failure, tc)
866
{
867
	cleanup();
868
}
869

870

871
ATF_TC_WITH_CLEANUP(setgroups_success);
872
ATF_TC_HEAD(setgroups_success, tc)
873
{
874
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
875
					"setgroups(2) call");
876
}
877

878
ATF_TC_BODY(setgroups_success, tc)
879
{
880
	gid_t gids[5];
881
	pid = getpid();
882
	snprintf(pcregex, sizeof(pcregex), "setgroups.*%d.*ret.*success", pid);
883
	/* Retrieve the current group access list to be used with setgroups */
884
	ATF_REQUIRE(getgroups(sizeof(gids)/sizeof(gids[0]), gids) != -1);
885

886
	FILE *pipefd = setup(fds, auclass);
887
	ATF_REQUIRE_EQ(0, setgroups(sizeof(gids)/sizeof(gids[0]), gids));
888
	check_audit(fds, pcregex, pipefd);
889
}
890

891
ATF_TC_CLEANUP(setgroups_success, tc)
892
{
893
	cleanup();
894
}
895

896

897
ATF_TC_WITH_CLEANUP(setgroups_failure);
898
ATF_TC_HEAD(setgroups_failure, tc)
899
{
900
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
901
					"setgroups(2) call");
902
}
903

904
ATF_TC_BODY(setgroups_failure, tc)
905
{
906
	pid = getpid();
907
	snprintf(pcregex, sizeof(pcregex), "setgroups.*%d.*ret.*failure", pid);
908

909
	FILE *pipefd = setup(fds, auclass);
910
	ATF_REQUIRE_EQ(-1, setgroups(-1, NULL));
911
	check_audit(fds, pcregex, pipefd);
912
}
913

914
ATF_TC_CLEANUP(setgroups_failure, tc)
915
{
916
	cleanup();
917
}
918

919

920
ATF_TC_WITH_CLEANUP(setpgrp_success);
921
ATF_TC_HEAD(setpgrp_success, tc)
922
{
923
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
924
					"setpgrp(2) call");
925
}
926

927
ATF_TC_BODY(setpgrp_success, tc)
928
{
929
	/* Main procedure is carried out from within the child process */
930
	ATF_REQUIRE((pid = fork()) != -1);
931
	if (pid) {
932
		ATF_REQUIRE(wait(&status) != -1);
933
	} else {
934
		pid = getpid();
935
		snprintf(pcregex, sizeof(pcregex), "setpgrp.*%d.*success", pid);
936

937
		FILE *pipefd = setup(fds, auclass);
938
		ATF_REQUIRE_EQ(0, setpgrp(0, 0));
939
		check_audit(fds, pcregex, pipefd);
940
	}
941
}
942

943
ATF_TC_CLEANUP(setpgrp_success, tc)
944
{
945
	cleanup();
946
}
947

948

949
ATF_TC_WITH_CLEANUP(setpgrp_failure);
950
ATF_TC_HEAD(setpgrp_failure, tc)
951
{
952
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
953
					"setpgrp(2) call");
954
}
955

956
ATF_TC_BODY(setpgrp_failure, tc)
957
{
958
	pid = getpid();
959
	snprintf(pcregex, sizeof(pcregex), "setpgrp.*%d.*return,failure", pid);
960

961
	FILE *pipefd = setup(fds, auclass);
962
	ATF_REQUIRE_EQ(-1, setpgrp(-1, -1));
963
	check_audit(fds, pcregex, pipefd);
964
}
965

966
ATF_TC_CLEANUP(setpgrp_failure, tc)
967
{
968
	cleanup();
969
}
970

971

972
ATF_TC_WITH_CLEANUP(setsid_success);
973
ATF_TC_HEAD(setsid_success, tc)
974
{
975
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
976
					"setsid(2) call");
977
}
978

979
ATF_TC_BODY(setsid_success, tc)
980
{
981
	/* Main procedure is carried out from within the child process */
982
	ATF_REQUIRE((pid = fork()) != -1);
983
	if (pid) {
984
		ATF_REQUIRE(wait(&status) != -1);
985
	} else {
986
		pid = getpid();
987
		snprintf(pcregex, sizeof(pcregex), "setsid.*%d.*success", pid);
988

989
		FILE *pipefd = setup(fds, auclass);
990
		ATF_REQUIRE(setsid() != -1);
991
		check_audit(fds, pcregex, pipefd);
992
	}
993
}
994

995
ATF_TC_CLEANUP(setsid_success, tc)
996
{
997
	cleanup();
998
}
999

1000

1001
ATF_TC_WITH_CLEANUP(setsid_failure);
1002
ATF_TC_HEAD(setsid_failure, tc)
1003
{
1004
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1005
					"setsid(2) call");
1006
}
1007

1008
ATF_TC_BODY(setsid_failure, tc)
1009
{
1010
	pid = getpid();
1011
	snprintf(pcregex, sizeof(pcregex), "setsid.*%d.*return,failure", pid);
1012

1013
	/*
1014
	 * Here, we are intentionally ignoring the output of the setsid()
1015
	 * call because it may or may not be a process leader already. But it
1016
	 * ensures that the next invocation of setsid() will definitely fail.
1017
	 */
1018
	setsid();
1019
	FILE *pipefd = setup(fds, auclass);
1020
	/*
1021
	 * Failure reason: [EPERM] Creating a new session is not permitted
1022
	 * as the PID of calling process matches the PGID of a process group
1023
	 * created by premature setsid() call.
1024
	 */
1025
	ATF_REQUIRE_EQ(-1, setsid());
1026
	check_audit(fds, pcregex, pipefd);
1027
}
1028

1029
ATF_TC_CLEANUP(setsid_failure, tc)
1030
{
1031
	cleanup();
1032
}
1033

1034

1035
ATF_TC_WITH_CLEANUP(setrlimit_success);
1036
ATF_TC_HEAD(setrlimit_success, tc)
1037
{
1038
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1039
					"setrlimit(2) call");
1040
}
1041

1042
ATF_TC_BODY(setrlimit_success, tc)
1043
{
1044
	struct rlimit rlp;
1045
	pid = getpid();
1046
	snprintf(pcregex, sizeof(pcregex), "setrlimit.*%d.*ret.*success", pid);
1047
	/* Retrieve the system resource consumption limit to be used later on */
1048
	ATF_REQUIRE_EQ(0, getrlimit(RLIMIT_FSIZE, &rlp));
1049

1050
	FILE *pipefd = setup(fds, auclass);
1051
	ATF_REQUIRE_EQ(0, setrlimit(RLIMIT_FSIZE, &rlp));
1052
	check_audit(fds, pcregex, pipefd);
1053
}
1054

1055
ATF_TC_CLEANUP(setrlimit_success, tc)
1056
{
1057
	cleanup();
1058
}
1059

1060

1061
ATF_TC_WITH_CLEANUP(setrlimit_failure);
1062
ATF_TC_HEAD(setrlimit_failure, tc)
1063
{
1064
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1065
					"setrlimit(2) call");
1066
}
1067

1068
ATF_TC_BODY(setrlimit_failure, tc)
1069
{
1070
	pid = getpid();
1071
	snprintf(pcregex, sizeof(pcregex), "setrlimit.*%d.*ret.*failure", pid);
1072

1073
	FILE *pipefd = setup(fds, auclass);
1074
	ATF_REQUIRE_EQ(-1, setrlimit(RLIMIT_FSIZE, NULL));
1075
	check_audit(fds, pcregex, pipefd);
1076
}
1077

1078
ATF_TC_CLEANUP(setrlimit_failure, tc)
1079
{
1080
	cleanup();
1081
}
1082

1083

1084
ATF_TC_WITH_CLEANUP(mlock_success);
1085
ATF_TC_HEAD(mlock_success, tc)
1086
{
1087
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1088
					"mlock(2) call");
1089
}
1090

1091
ATF_TC_BODY(mlock_success, tc)
1092
{
1093
	pid = getpid();
1094
	snprintf(pcregex, sizeof(pcregex), "mlock.*%d.*return,success", pid);
1095

1096
	FILE *pipefd = setup(fds, auclass);
1097
	ATF_REQUIRE_EQ(0, mlock(NULL, 0));
1098
	check_audit(fds, pcregex, pipefd);
1099
}
1100

1101
ATF_TC_CLEANUP(mlock_success, tc)
1102
{
1103
	cleanup();
1104
}
1105

1106

1107
ATF_TC_WITH_CLEANUP(mlock_failure);
1108
ATF_TC_HEAD(mlock_failure, tc)
1109
{
1110
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1111
					"mlock(2) call");
1112
}
1113

1114
ATF_TC_BODY(mlock_failure, tc)
1115
{
1116
	pid = getpid();
1117
	snprintf(pcregex, sizeof(pcregex), "mlock.*%d.*return,failure", pid);
1118

1119
	FILE *pipefd = setup(fds, auclass);
1120
	ATF_REQUIRE_EQ(-1, mlock((void *)(-1), -1));
1121
	check_audit(fds, pcregex, pipefd);
1122
}
1123

1124
ATF_TC_CLEANUP(mlock_failure, tc)
1125
{
1126
	cleanup();
1127
}
1128

1129

1130
ATF_TC_WITH_CLEANUP(munlock_success);
1131
ATF_TC_HEAD(munlock_success, tc)
1132
{
1133
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1134
					"munlock(2) call");
1135
}
1136

1137
ATF_TC_BODY(munlock_success, tc)
1138
{
1139
	pid = getpid();
1140
	snprintf(pcregex, sizeof(pcregex), "munlock.*%d.*return,success", pid);
1141

1142
	FILE *pipefd = setup(fds, auclass);
1143
	ATF_REQUIRE_EQ(0, munlock(NULL, 0));
1144
	check_audit(fds, pcregex, pipefd);
1145
}
1146

1147
ATF_TC_CLEANUP(munlock_success, tc)
1148
{
1149
	cleanup();
1150
}
1151

1152

1153
ATF_TC_WITH_CLEANUP(munlock_failure);
1154
ATF_TC_HEAD(munlock_failure, tc)
1155
{
1156
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1157
					"munlock(2) call");
1158
}
1159

1160
ATF_TC_BODY(munlock_failure, tc)
1161
{
1162
	pid = getpid();
1163
	snprintf(pcregex, sizeof(pcregex), "munlock.*%d.*return,failure", pid);
1164

1165
	FILE *pipefd = setup(fds, auclass);
1166
	ATF_REQUIRE_EQ(-1, munlock((void *)(-1), -1));
1167
	check_audit(fds, pcregex, pipefd);
1168
}
1169

1170
ATF_TC_CLEANUP(munlock_failure, tc)
1171
{
1172
	cleanup();
1173
}
1174

1175

1176
ATF_TC_WITH_CLEANUP(minherit_success);
1177
ATF_TC_HEAD(minherit_success, tc)
1178
{
1179
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1180
					"minherit(2) call");
1181
}
1182

1183
ATF_TC_BODY(minherit_success, tc)
1184
{
1185
	pid = getpid();
1186
	snprintf(pcregex, sizeof(pcregex), "minherit.*%d.*return,success", pid);
1187

1188
	FILE *pipefd = setup(fds, auclass);
1189
	ATF_REQUIRE_EQ(0, minherit(NULL, 0, INHERIT_ZERO));
1190
	check_audit(fds, pcregex, pipefd);
1191
}
1192

1193
ATF_TC_CLEANUP(minherit_success, tc)
1194
{
1195
	cleanup();
1196
}
1197

1198

1199
ATF_TC_WITH_CLEANUP(minherit_failure);
1200
ATF_TC_HEAD(minherit_failure, tc)
1201
{
1202
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1203
					"minherit(2) call");
1204
}
1205

1206
ATF_TC_BODY(minherit_failure, tc)
1207
{
1208
	pid = getpid();
1209
	snprintf(pcregex, sizeof(pcregex), "minherit.*%d.*return,failure", pid);
1210

1211
	FILE *pipefd = setup(fds, auclass);
1212
	ATF_REQUIRE_EQ(-1, minherit((void *)(-1), -1, 0));
1213
	check_audit(fds, pcregex, pipefd);
1214
}
1215

1216
ATF_TC_CLEANUP(minherit_failure, tc)
1217
{
1218
	cleanup();
1219
}
1220

1221

1222
ATF_TC_WITH_CLEANUP(setlogin_success);
1223
ATF_TC_HEAD(setlogin_success, tc)
1224
{
1225
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1226
					"setlogin(2) call");
1227
}
1228

1229
ATF_TC_BODY(setlogin_success, tc)
1230
{
1231
	char *name;
1232
	pid = getpid();
1233
	snprintf(pcregex, sizeof(pcregex), "setlogin.*%d.*return,success", pid);
1234

1235
	/* Retrieve the current user's login name to be used with setlogin(2) */
1236
	ATF_REQUIRE((name = getlogin()) != NULL);
1237
	FILE *pipefd = setup(fds, auclass);
1238
	ATF_REQUIRE_EQ(0, setlogin(name));
1239
	check_audit(fds, pcregex, pipefd);
1240
}
1241

1242
ATF_TC_CLEANUP(setlogin_success, tc)
1243
{
1244
	cleanup();
1245
}
1246

1247

1248
ATF_TC_WITH_CLEANUP(setlogin_failure);
1249
ATF_TC_HEAD(setlogin_failure, tc)
1250
{
1251
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1252
					"setlogin(2) call");
1253
}
1254

1255
ATF_TC_BODY(setlogin_failure, tc)
1256
{
1257
	pid = getpid();
1258
	snprintf(pcregex, sizeof(pcregex), "setlogin.*%d.*return,failure", pid);
1259

1260
	FILE *pipefd = setup(fds, auclass);
1261
	ATF_REQUIRE_EQ(-1, setlogin(NULL));
1262
	check_audit(fds, pcregex, pipefd);
1263
}
1264

1265
ATF_TC_CLEANUP(setlogin_failure, tc)
1266
{
1267
	cleanup();
1268
}
1269

1270

1271
ATF_TC_WITH_CLEANUP(rtprio_success);
1272
ATF_TC_HEAD(rtprio_success, tc)
1273
{
1274
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1275
					"rtprio(2) call");
1276
}
1277

1278
ATF_TC_BODY(rtprio_success, tc)
1279
{
1280
	struct rtprio rtp;
1281
	pid = getpid();
1282
	snprintf(pcregex, sizeof(pcregex), "rtprio.*%d.*return,success", pid);
1283

1284
	FILE *pipefd = setup(fds, auclass);
1285
	ATF_REQUIRE_EQ(0, rtprio(RTP_LOOKUP, 0, &rtp));
1286
	check_audit(fds, pcregex, pipefd);
1287
}
1288

1289
ATF_TC_CLEANUP(rtprio_success, tc)
1290
{
1291
	cleanup();
1292
}
1293

1294

1295
ATF_TC_WITH_CLEANUP(rtprio_failure);
1296
ATF_TC_HEAD(rtprio_failure, tc)
1297
{
1298
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1299
					"rtprio(2) call");
1300
}
1301

1302
ATF_TC_BODY(rtprio_failure, tc)
1303
{
1304
	pid = getpid();
1305
	snprintf(pcregex, sizeof(pcregex), "rtprio.*%d.*return,failure", pid);
1306

1307
	FILE *pipefd = setup(fds, auclass);
1308
	ATF_REQUIRE_EQ(-1, rtprio(-1, -1, NULL));
1309
	check_audit(fds, pcregex, pipefd);
1310
}
1311

1312
ATF_TC_CLEANUP(rtprio_failure, tc)
1313
{
1314
	cleanup();
1315
}
1316

1317

1318
ATF_TC_WITH_CLEANUP(profil_success);
1319
ATF_TC_HEAD(profil_success, tc)
1320
{
1321
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1322
					"profil(2) call");
1323
}
1324

1325
ATF_TC_BODY(profil_success, tc)
1326
{
1327
	pid = getpid();
1328
	snprintf(pcregex, sizeof(pcregex), "profil.*%d.*return,success", pid);
1329

1330
	char samples[20];
1331
	FILE *pipefd = setup(fds, auclass);
1332
	/* Set scale argument as 0 to disable profiling of current process */
1333
	ATF_REQUIRE_EQ(0, profil(samples, sizeof(samples), 0, 0));
1334
	check_audit(fds, pcregex, pipefd);
1335
}
1336

1337
ATF_TC_CLEANUP(profil_success, tc)
1338
{
1339
	cleanup();
1340
}
1341

1342

1343
ATF_TC_WITH_CLEANUP(profil_failure);
1344
ATF_TC_HEAD(profil_failure, tc)
1345
{
1346
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1347
					"profil(2) call");
1348
}
1349

1350
ATF_TC_BODY(profil_failure, tc)
1351
{
1352
	pid = getpid();
1353
	snprintf(pcregex, sizeof(pcregex), "profil.*%d.*return,failure", pid);
1354

1355
	FILE *pipefd = setup(fds, auclass);
1356
	ATF_REQUIRE_EQ(-1, profil((char *)(SIZE_MAX), -1, -1, -1));
1357
	check_audit(fds, pcregex, pipefd);
1358
}
1359

1360
ATF_TC_CLEANUP(profil_failure, tc)
1361
{
1362
	cleanup();
1363
}
1364

1365

1366
ATF_TC_WITH_CLEANUP(ptrace_success);
1367
ATF_TC_HEAD(ptrace_success, tc)
1368
{
1369
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1370
					"ptrace(2) call");
1371
}
1372

1373
ATF_TC_BODY(ptrace_success, tc)
1374
{
1375
	pid = getpid();
1376
	snprintf(pcregex, sizeof(pcregex), "ptrace.*%d.*return,success", pid);
1377

1378
	FILE *pipefd = setup(fds, auclass);
1379
	ATF_REQUIRE_EQ(0, ptrace(PT_TRACE_ME, 0, NULL, 0));
1380
	check_audit(fds, pcregex, pipefd);
1381
}
1382

1383
ATF_TC_CLEANUP(ptrace_success, tc)
1384
{
1385
	cleanup();
1386
}
1387

1388

1389
ATF_TC_WITH_CLEANUP(ptrace_failure);
1390
ATF_TC_HEAD(ptrace_failure, tc)
1391
{
1392
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1393
					"ptrace(2) call");
1394
}
1395

1396
ATF_TC_BODY(ptrace_failure, tc)
1397
{
1398
	pid = getpid();
1399
	snprintf(pcregex, sizeof(pcregex), "ptrace.*%d.*return,failure", pid);
1400

1401
	FILE *pipefd = setup(fds, auclass);
1402
	ATF_REQUIRE_EQ(-1, ptrace(-1, 0, NULL, 0));
1403
	check_audit(fds, pcregex, pipefd);
1404
}
1405

1406
ATF_TC_CLEANUP(ptrace_failure, tc)
1407
{
1408
	cleanup();
1409
}
1410

1411

1412
ATF_TC_WITH_CLEANUP(ktrace_success);
1413
ATF_TC_HEAD(ktrace_success, tc)
1414
{
1415
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1416
					"ktrace(2) call");
1417
}
1418

1419
ATF_TC_BODY(ktrace_success, tc)
1420
{
1421
	pid = getpid();
1422
	snprintf(pcregex, sizeof(pcregex), "ktrace.*%d.*return,success", pid);
1423

1424
	FILE *pipefd = setup(fds, auclass);
1425
	ATF_REQUIRE_EQ(0, ktrace(NULL, KTROP_CLEAR, KTRFAC_SYSCALL, pid));
1426
	check_audit(fds, pcregex, pipefd);
1427
}
1428

1429
ATF_TC_CLEANUP(ktrace_success, tc)
1430
{
1431
	cleanup();
1432
}
1433

1434

1435
ATF_TC_WITH_CLEANUP(ktrace_failure);
1436
ATF_TC_HEAD(ktrace_failure, tc)
1437
{
1438
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1439
					"ktrace(2) call");
1440
}
1441

1442
ATF_TC_BODY(ktrace_failure, tc)
1443
{
1444
	pid = getpid();
1445
	snprintf(pcregex, sizeof(pcregex), "ktrace.*%d.*return,failure", pid);
1446

1447
	FILE *pipefd = setup(fds, auclass);
1448
	ATF_REQUIRE_EQ(-1, ktrace(NULL, -1, -1, 0));
1449
	check_audit(fds, pcregex, pipefd);
1450
}
1451

1452
ATF_TC_CLEANUP(ktrace_failure, tc)
1453
{
1454
	cleanup();
1455
}
1456

1457

1458
ATF_TC_WITH_CLEANUP(procctl_success);
1459
ATF_TC_HEAD(procctl_success, tc)
1460
{
1461
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1462
					"procctl(2) call");
1463
}
1464

1465
ATF_TC_BODY(procctl_success, tc)
1466
{
1467
	pid = getpid();
1468
	snprintf(pcregex, sizeof(pcregex), "procctl.*%d.*return,success", pid);
1469

1470
	struct procctl_reaper_status reapstat;
1471
	FILE *pipefd = setup(fds, auclass);
1472
	/* Retrieve information about the reaper of current process (pid) */
1473
	ATF_REQUIRE_EQ(0, procctl(P_PID, pid, PROC_REAP_STATUS, &reapstat));
1474
	check_audit(fds, pcregex, pipefd);
1475
}
1476

1477
ATF_TC_CLEANUP(procctl_success, tc)
1478
{
1479
	cleanup();
1480
}
1481

1482

1483
ATF_TC_WITH_CLEANUP(procctl_failure);
1484
ATF_TC_HEAD(procctl_failure, tc)
1485
{
1486
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1487
					"procctl(2) call");
1488
}
1489

1490
ATF_TC_BODY(procctl_failure, tc)
1491
{
1492
	pid = getpid();
1493
	snprintf(pcregex, sizeof(pcregex), "procctl.*%d.*return,failure", pid);
1494

1495
	FILE *pipefd = setup(fds, auclass);
1496
	ATF_REQUIRE_EQ(-1, procctl(-1, -1, -1, NULL));
1497
	check_audit(fds, pcregex, pipefd);
1498
}
1499

1500
ATF_TC_CLEANUP(procctl_failure, tc)
1501
{
1502
	cleanup();
1503
}
1504

1505

1506
ATF_TC_WITH_CLEANUP(cap_enter_success);
1507
ATF_TC_HEAD(cap_enter_success, tc)
1508
{
1509
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1510
					"cap_enter(2) call");
1511
}
1512

1513
ATF_TC_BODY(cap_enter_success, tc)
1514
{
1515
	ATF_REQUIRE_FEATURE("security_capability_mode");
1516

1517
	FILE *pipefd = setup(fds, auclass);
1518
	ATF_REQUIRE((pid = fork()) != -1);
1519
	if (pid) {
1520
		snprintf(pcregex, sizeof(pcregex),
1521
			"cap_enter.*%d.*return,success", pid);
1522
		ATF_REQUIRE(wait(&status) != -1);
1523
		check_audit(fds, pcregex, pipefd);
1524
	}
1525
	else {
1526
		ATF_REQUIRE_EQ(0, cap_enter());
1527
		_exit(0);
1528
	}
1529
}
1530

1531
ATF_TC_CLEANUP(cap_enter_success, tc)
1532
{
1533
	cleanup();
1534
}
1535

1536

1537
ATF_TC_WITH_CLEANUP(cap_getmode_success);
1538
ATF_TC_HEAD(cap_getmode_success, tc)
1539
{
1540
	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1541
					"cap_getmode(2) call");
1542
}
1543

1544
ATF_TC_BODY(cap_getmode_success, tc)
1545
{
1546
	int modep;
1547

1548
	ATF_REQUIRE_FEATURE("security_capability_mode");
1549

1550
	pid = getpid();
1551
	snprintf(pcregex, sizeof(pcregex), "cap_getmode.*%d.*success", pid);
1552

1553
	FILE *pipefd = setup(fds, auclass);
1554
	ATF_REQUIRE_EQ(0, cap_getmode(&modep));
1555
	check_audit(fds, pcregex, pipefd);
1556
}
1557

1558
ATF_TC_CLEANUP(cap_getmode_success, tc)
1559
{
1560
	cleanup();
1561
}
1562

1563

1564
ATF_TC_WITH_CLEANUP(cap_getmode_failure);
1565
ATF_TC_HEAD(cap_getmode_failure, tc)
1566
{
1567
	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1568
					"cap_getmode(2) call");
1569
}
1570

1571
ATF_TC_BODY(cap_getmode_failure, tc)
1572
{
1573
	pid = getpid();
1574
	snprintf(pcregex, sizeof(pcregex), "cap_getmode.*%d.*failure", pid);
1575

1576
	FILE *pipefd = setup(fds, auclass);
1577
	/* cap_getmode(2) can either fail with EFAULT or ENOSYS */
1578
	ATF_REQUIRE_EQ(-1, cap_getmode(NULL));
1579
	check_audit(fds, pcregex, pipefd);
1580
}
1581

1582
ATF_TC_CLEANUP(cap_getmode_failure, tc)
1583
{
1584
	cleanup();
1585
}
1586

1587

1588
ATF_TP_ADD_TCS(tp)
1589
{
1590
	ATF_TP_ADD_TC(tp, fork_success);
1591
	ATF_TP_ADD_TC(tp, _exit_success);
1592
	ATF_TP_ADD_TC(tp, rfork_success);
1593
	ATF_TP_ADD_TC(tp, rfork_failure);
1594

1595
	ATF_TP_ADD_TC(tp, wait4_success);
1596
	ATF_TP_ADD_TC(tp, wait4_failure);
1597
	ATF_TP_ADD_TC(tp, wait6_success);
1598
	ATF_TP_ADD_TC(tp, wait6_failure);
1599
	ATF_TP_ADD_TC(tp, kill_success);
1600
	ATF_TP_ADD_TC(tp, kill_failure);
1601

1602
	ATF_TP_ADD_TC(tp, chdir_success);
1603
	ATF_TP_ADD_TC(tp, chdir_failure);
1604
	ATF_TP_ADD_TC(tp, fchdir_success);
1605
	ATF_TP_ADD_TC(tp, fchdir_failure);
1606
	ATF_TP_ADD_TC(tp, chroot_success);
1607
	ATF_TP_ADD_TC(tp, chroot_failure);
1608

1609
	ATF_TP_ADD_TC(tp, umask_success);
1610
	ATF_TP_ADD_TC(tp, setuid_success);
1611
	ATF_TP_ADD_TC(tp, seteuid_success);
1612
	ATF_TP_ADD_TC(tp, setgid_success);
1613
	ATF_TP_ADD_TC(tp, setegid_success);
1614

1615
	ATF_TP_ADD_TC(tp, setreuid_success);
1616
	ATF_TP_ADD_TC(tp, setregid_success);
1617
	ATF_TP_ADD_TC(tp, setresuid_success);
1618
	ATF_TP_ADD_TC(tp, setresgid_success);
1619

1620
	ATF_TP_ADD_TC(tp, getresuid_success);
1621
	ATF_TP_ADD_TC(tp, getresuid_failure);
1622
	ATF_TP_ADD_TC(tp, getresgid_success);
1623
	ATF_TP_ADD_TC(tp, getresgid_failure);
1624

1625
	ATF_TP_ADD_TC(tp, setpriority_success);
1626
	ATF_TP_ADD_TC(tp, setpriority_failure);
1627
	ATF_TP_ADD_TC(tp, setgroups_success);
1628
	ATF_TP_ADD_TC(tp, setgroups_failure);
1629
	ATF_TP_ADD_TC(tp, setpgrp_success);
1630
	ATF_TP_ADD_TC(tp, setpgrp_failure);
1631
	ATF_TP_ADD_TC(tp, setsid_success);
1632
	ATF_TP_ADD_TC(tp, setsid_failure);
1633
	ATF_TP_ADD_TC(tp, setrlimit_success);
1634
	ATF_TP_ADD_TC(tp, setrlimit_failure);
1635

1636
	ATF_TP_ADD_TC(tp, mlock_success);
1637
	ATF_TP_ADD_TC(tp, mlock_failure);
1638
	ATF_TP_ADD_TC(tp, munlock_success);
1639
	ATF_TP_ADD_TC(tp, munlock_failure);
1640
	ATF_TP_ADD_TC(tp, minherit_success);
1641
	ATF_TP_ADD_TC(tp, minherit_failure);
1642

1643
	ATF_TP_ADD_TC(tp, setlogin_success);
1644
	ATF_TP_ADD_TC(tp, setlogin_failure);
1645
	ATF_TP_ADD_TC(tp, rtprio_success);
1646
	ATF_TP_ADD_TC(tp, rtprio_failure);
1647

1648
	ATF_TP_ADD_TC(tp, profil_success);
1649
	ATF_TP_ADD_TC(tp, profil_failure);
1650
	ATF_TP_ADD_TC(tp, ptrace_success);
1651
	ATF_TP_ADD_TC(tp, ptrace_failure);
1652
	ATF_TP_ADD_TC(tp, ktrace_success);
1653
	ATF_TP_ADD_TC(tp, ktrace_failure);
1654
	ATF_TP_ADD_TC(tp, procctl_success);
1655
	ATF_TP_ADD_TC(tp, procctl_failure);
1656

1657
	ATF_TP_ADD_TC(tp, cap_enter_success);
1658
	ATF_TP_ADD_TC(tp, cap_getmode_success);
1659
	ATF_TP_ADD_TC(tp, cap_getmode_failure);
1660

1661
	return (atf_no_error());
1662
}
1663

1664
Product

Resources

Company
