2 * Copyright (c) 2018 Aniket Pandey
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 #include <sys/types.h>
29 #include <sys/sysctl.h>
31 #include <bsm/audit.h>
32 #include <machine/sysarch.h>
40 static char miscreg[80];
41 static struct pollfd fds[1];
42 static const char *auclass = "ot";
46 * Success case of audit(2) is skipped for now as the behaviour is quite
47 * undeterministic. It will be added when the intermittency is resolved.
51 ATF_TC_WITH_CLEANUP(audit_failure);
52 ATF_TC_HEAD(audit_failure, tc)
54 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
58 ATF_TC_BODY(audit_failure, tc)
61 snprintf(miscreg, sizeof(miscreg), "audit.*%d.*return,failure", pid);
63 FILE *pipefd = setup(fds, auclass);
64 /* Failure reason: Invalid argument */
65 ATF_REQUIRE_EQ(-1, audit(NULL, -1));
66 check_audit(fds, miscreg, pipefd);
69 ATF_TC_CLEANUP(audit_failure, tc)
75 ATF_TC_WITH_CLEANUP(sysarch_success);
76 ATF_TC_HEAD(sysarch_success, tc)
78 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
82 ATF_TC_BODY(sysarch_success, tc)
85 snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,success", pid);
87 /* Set sysnum to the syscall corresponding to the system architecture */
88 #if defined(I386_GET_IOPERM) /* i386 */
89 struct i386_ioperm_args i3sysarg;
90 bzero(&i3sysarg, sizeof(i3sysarg));
92 #elif defined(AMD64_GET_FSBASE) /* amd64 */
95 #elif defined(MIPS_GET_TLS) /* MIPS */
98 #elif defined(ARM_SYNC_ICACHE) /* ARM */
99 struct arm_sync_icache_args armsysarg;
100 bzero(&armsysarg, sizeof(armsysarg));
102 #elif defined(SPARC_UTRAP_INSTALL) /* Sparc64 */
103 struct sparc_utrap_args handler = {
104 .type = UT_DIVISION_BY_ZERO,
105 /* We don't want to change the previous handlers */
106 .new_precise = (void *)UTH_NOCHANGE,
107 .new_deferred = (void *)UTH_NOCHANGE,
112 struct sparc_utrap_install_args sparc64arg = {
113 .num = ST_DIVISION_BY_ZERO,
117 /* For PowerPC, ARM64, RISCV archs, sysarch(2) is not supported */
118 atf_tc_skip("sysarch(2) is not supported for the system architecture");
121 FILE *pipefd = setup(fds, auclass);
122 #if defined(I386_GET_IOPERM)
123 ATF_REQUIRE_EQ(0, sysarch(I386_GET_IOPERM, &i3sysarg));
124 #elif defined(AMD64_GET_FSBASE)
125 ATF_REQUIRE_EQ(0, sysarch(AMD64_GET_FSBASE, &amd64arg));
126 #elif defined(MIPS_GET_TLS)
127 ATF_REQUIRE_EQ(0, sysarch(MIPS_GET_TLS, &mipsarg));
128 #elif defined(ARM_SYNC_ICACHE)
129 ATF_REQUIRE_EQ(0, sysarch(ARM_SYNC_ICACHE, &armsysarg));
130 #elif defined(SPARC_UTRAP_INSTALL)
131 ATF_REQUIRE_EQ(0, sysarch(SPARC_UTRAP_INSTALL, &sparc64arg));
133 check_audit(fds, miscreg, pipefd);
136 ATF_TC_CLEANUP(sysarch_success, tc)
142 ATF_TC_WITH_CLEANUP(sysarch_failure);
143 ATF_TC_HEAD(sysarch_failure, tc)
145 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
146 "sysarch(2) call for any architecture");
149 ATF_TC_BODY(sysarch_failure, tc)
152 snprintf(miscreg, sizeof(miscreg), "sysarch.*%d.*return,failure", pid);
154 FILE *pipefd = setup(fds, auclass);
155 /* Failure reason: Invalid argument and Bad address */
156 ATF_REQUIRE_EQ(-1, sysarch(-1, NULL));
157 check_audit(fds, miscreg, pipefd);
160 ATF_TC_CLEANUP(sysarch_failure, tc)
166 ATF_TC_WITH_CLEANUP(sysctl_success);
167 ATF_TC_HEAD(sysctl_success, tc)
169 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
173 ATF_TC_BODY(sysctl_success, tc)
178 /* Set mib to retrieve the maximum number of allowed processes */
180 mib[1] = KERN_MAXPROC;
181 proclen = sizeof(maxproc);
184 snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,success", pid);
186 FILE *pipefd = setup(fds, auclass);
187 ATF_REQUIRE_EQ(0, sysctl(mib, 2, &maxproc, &proclen, NULL, 0));
188 check_audit(fds, miscreg, pipefd);
191 ATF_TC_CLEANUP(sysctl_success, tc)
197 ATF_TC_WITH_CLEANUP(sysctl_failure);
198 ATF_TC_HEAD(sysctl_failure, tc)
200 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
204 ATF_TC_BODY(sysctl_failure, tc)
207 snprintf(miscreg, sizeof(miscreg), "sysctl.*%d.*return,failure", pid);
209 FILE *pipefd = setup(fds, auclass);
210 /* Failure reason: Invalid arguments */
211 ATF_REQUIRE_EQ(-1, sysctl(NULL, 0, NULL, NULL, NULL, 0));
212 check_audit(fds, miscreg, pipefd);
215 ATF_TC_CLEANUP(sysctl_failure, tc)
223 ATF_TP_ADD_TC(tp, audit_failure);
225 ATF_TP_ADD_TC(tp, sysarch_success);
226 ATF_TP_ADD_TC(tp, sysarch_failure);
228 ATF_TP_ADD_TC(tp, sysctl_success);
229 ATF_TP_ADD_TC(tp, sysctl_failure);
231 return (atf_no_error());