[GSoC-18] Regression Test-Suite for Audit Framework [Week-5]

Aniket Pandey aniketp at freebsd.org
Mon Jun 18 09:32:04 UTC 2018 

Hello All,

This week, I was mostly involved in getting the tests merged with the
FreeBSD src. In total, 18 differential revisions were accepted and
committed by my mentor asomers at . The list would be too exhaustive so I'm
refraining from posting them all here. However, I've compiled the list in
my Project Wiki so if you're interested in the details, please feel free to
check it out. [1]

Apart from code-reviews, I encountered a few bugs and tried to fix them.
Coverity, which is a static analysis tool used by FreeBSD, reported
numerous memory leaks in my previously merged test cases. A brief report
can be found here [2]. The leaks were all from the same origin, to get some
of the system calls to execute successfully, I needed a path to a file
which was created using open(2). Since open(2) returns a file-descriptor,
it is recommended to close them at the end when the work is finished. Not
doing that resulted in a bunch of reports.

While working on creating regression tests for the audit viewer utility
praudit(1), I encountered an unusual behavior. Kyua lets us specify the
assertion for exit status in the atf-sh(3) tests, the default being 0 (for
successful return). For example, the asserted failure for "r", "s"
exclusion:

atf_check -s exit:1 -e match:"usage: praudit" \
	praudit -rs $(atf_get_srcdir)/trail

However, this consistently failed the tests. On further inspection, it
turned out that praudit(1) never returned 0. Although, as 0mp@ later
mentioned, since this behaviour was not documented, it could not be
considered as a bug. But to maintain the consistency with the other
utlilities, (and to pass the tests) it was decided that returning 0
would indeed be a better option. I created a Pull request in OpenBSM
which was merged by rwatson@ after the builds were verified. [3]

I'm currently working on the issue of "-p" flag for praudit. This
synchronises praudit invocation with the next legitimate audit record.
However, with the default option, praudit would simply exit without
doing any conversion. Since, it is expected that whatever record is
present in trail should be considered, it makes sense to make "-p"
option the default behaviour.

The tests for praudit(1) were merged in r335290 [4]. With very few
system calls left for review, I'll try to get them all merged in this
week itself.


Thank you,

With best regards,

Aniket Pandey

[1] Project Wiki:
https://wiki.freebsd.org/SummerOfCode2018Projects/RegressionTestSuiteForAuditFramework

[2] https://github.com/aniketp/AuditTestSuite/issues/3

[3] https://github.com/openbsm/openbsm/pull/32

[4] https://reviews.freebsd.org/rS335290

More information about the soc-status mailing list