[GSoC-18] Regression Test-Suite for Audit Framework [Week-7]

Aniket Pandey aniketp at freebsd.org
Mon Jul 2 17:16:27 UTC 2018 

Hello All,

This week, I primarily worked on getting the process-control system calls
merged. Here is the source file for "pc" test-cases in Head [1]. There were
a total of 37 auditable syscalls in this audit class out of which 34 have
been merged. Out of the three, two are responsible for enforcing capability
mode on the process and retrieving the capability status of the process,
i.e cap_enter(2) and cap_getmode(2), while the other one is jail(2). I've
developed the test-cases for cap_getmode(2) and will soon create a revision
for it, however with cap_enter(2), I had trouble in the case when auditd(8)
is already running. I'm currently looking into this matter and would try to
resolve it as soon as possible.

Also, I had somehow overlooked the "miscellaneous" (ot) audit class. This
class contains audit(2), setpriority(2), sysctl(3) and sysarch(2). I'll
work on testing their auditability too.

I was able to get swap{on/off}(2) to work with my System Swap device, which
is listed as an entry in /etc/fstab. The block device name can be obtained
from the "fs_spec" member of "struct fstab" using getfsent(3) available in
<fstab.h>. However, tampering with main swap device while running Atf tests
is not recommended. Thus, I'll try to replicate the device's behavior and
see if it is possible to test swap{on/off}(2) that way.

Overall, a total of 389 atf-c(3) and atf-sh(3) test-cases for 174 system
calls and praudit(1) utility have been merged in Head. If anyone is
interested, please do give these tests a run and if you notice any issues,
please do inform me about it. The tests can be found here [2] (audit.4) and
here [3] (praudit.1)

Thank you,
With best regards,
Aniket Pandey

Project Wiki:
https://wiki.freebsd.org/SummerOfCode2018Projects/RegressionTestSuiteForAuditFramework

[1]
https://github.com/freebsd/freebsd/blob/master/tests/sys/audit/process-control.c

[2] https://github.com/freebsd/freebsd/blob/master/tests/sys/audit/

[3] https://github.com/freebsd/freebsd/tree/master/usr.sbin/praudit

More information about the soc-status mailing list