PERFORCE change 146812 for review

Thu Aug 7 01:38:10 UTC 2008

http://perforce.freebsd.org/chv.cgi?CH=146812

Change 146812 by snagg at snagg_macosx on 2008/08/07 01:37:29

	added check_priv_child for tests which change process privileges. 	Added tests for fork(2) waitpid(2) setauid(2)

Affected files ...

.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#10 edit
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#8 edit
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_fork.c#1 add
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_kill.c#2 edit
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_setauid.c#1 add
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_setgid.c#4 edit
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_setuid.c#4 edit
.. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_waitpid.c#1 add

Differences ...

==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#10 (text+ko) ====


==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#8 (text+ko) ====


==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_kill.c#2 (text+ko) ====

@@ -34,7 +34,7 @@
 	char err_val[256];
 	int ret;
 	int index;
-	struct ext_priv p;
+	struct priv p;
 	struct kill_record *next;
 };
 
@@ -45,8 +45,7 @@
 	tmp = head;
 	if(tmp == NULL)
 		return (NULL);
-	for(; tmp->next != NULL; tmp = tmp->next)
-	{
+	for(; tmp->next != NULL; tmp = tmp->next) {
 		if(tmp->next->index == index) {
 			p = tmp->next;
 			tmp->next = tmp->next->next;
@@ -83,11 +82,14 @@
 {
 	int ret;
   	int pid;
+	int auid;
+	
 	init_channel_primary();
 	
 	pid = fork();
-	if(!pid)
-	{
+	if(!pid) {
+		getauid(&auid);
+		write_int(auid, "ext_auid");
 		write_int(geteuid(), "ext_euid");
 		write_int(getuid(), "ext_ruid");
 		write_int(getgid(), "ext_rgid");
@@ -107,9 +109,10 @@
 	}
 	
 	pid = fork();
-	if(!pid)
-	{
+	if(!pid) {
 		signal(15, NULL);
+		getauid(&auid);
+		write_int(auid, "ext_auid");
 		write_int(geteuid(), "ext_euid");
 		write_int(getuid(), "ext_ruid");
 		write_int(getgid(), "ext_rgid");
@@ -130,8 +133,9 @@
 	}
 	
 	pid = fork();
-	if(!pid)
-	{
+	if(!pid) {
+		getauid(&auid);
+		write_int(auid, "ext_auid");
 		write_int(geteuid(), "ext_euid");
 		write_int(getuid(), "ext_ruid");
 		write_int(getgid(), "ext_rgid");
@@ -306,8 +310,7 @@
 				if(elem == NULL)
 						err(-1, "MALLOC");
 
-				while((count = parse_string(shared_string)) != -1)
-				{
+				while((count = parse_string(shared_string)) != -1) {
 					descr = get_descr(shared_string);
 					if(count == INT_TYPE) {
 						if(!strncmp(descr, "sig", 3))
@@ -318,6 +321,8 @@
 							elem->pid = get_int(shared_string);
 						else if (!strncmp(descr, "ext_euid", 8))
 							elem->p.euid = get_int(shared_string);
+						else if (!strncmp(descr, "ext_auid", 8))
+							elem->p.auid = get_int(shared_string);	
 						else if (!strncmp(descr, "ext_pid", 7))
 							elem->p.pid = get_int(shared_string);	
 						else if (!strncmp(descr, "ext_ruid", 8))
@@ -327,8 +332,7 @@
 						else 
 							elem->p.egid = get_int(shared_string);
 					}		
-					else if ( count == STRING_TYPE)
-					{
+					else if ( count == STRING_TYPE) {
 						snprintf(elem->err_val, sizeof(elem->err_val) > 
 								strlen(shared_string) +1 ? 
 								strlen(shared_string) +1 : 

==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_setgid.c#4 (text+ko) ====

@@ -33,19 +33,18 @@
 	char err_val[256];
 	int ret;
 	int index;
+	struct priv p;
 	struct setgid_record *next;
 };
 
 struct setgid_record *del_record(struct setgid_record *head, int index)
 {
-	struct setgid_record *tmp;
-	struct setgid_record *p;
+	struct setgid_record *tmp, *p;
 
 	tmp = head;
 	if(tmp == NULL)
 		return NULL;
-	for(; tmp->next != NULL; tmp = tmp->next)
-	{
+	for(; tmp->next != NULL; tmp = tmp->next) {
 		if(tmp->next->index == index) {
 			p = tmp->next;
 			tmp->next = tmp->next->next;
@@ -80,11 +79,19 @@
 
 void test_setgid()
 {
-	int ret;
+	int ret, auid;
   	
 	init_channel_primary();
 	
 	ret = setgid(0);
+	
+	getauid(&auid);
+
+	write_int(auid, "child_auid");
+	write_int(geteuid(), "child_euid");
+	write_int(getuid(), "child_ruid");
+	write_int(getgid(), "child_rgid");
+	write_int(getegid(), "child_egid");
   	write_int(0, "gid");
   	write_int(ret, "ret");
 	if (ret == -1)
@@ -94,7 +101,15 @@
 	write_end();
 	
 	ret = setgid(1000);
-  	write_int(1000, "gid");
+	
+	getauid(&auid);
+
+  	write_int(auid, "child_auid");
+	write_int(geteuid(), "child_euid");
+	write_int(getuid(), "child_ruid");
+	write_int(getgid(), "child_rgid");
+	write_int(getegid(), "child_egid");
+	write_int(1000, "gid");
   	write_int(ret, "ret");
 	if (ret == -1)
 		write_string(strerror(errno), "ret_val");
@@ -153,14 +168,14 @@
 					}	
 				bytesread += tok.len;
 
-				/* Check only setgid syscals */
+				/* Check only setgid syscalls */
 				if(tok.tt.hdr32.e_type == 205)
 					to_parse = VALID;
 					
 				if(to_parse == VALID) {
 					switch(tok.id) {
 					case AUT_SUBJECT32:
-						ret = check_priv(tok.tt.proc32_ex, pid);
+						ret = check_priv_child(tok.tt.proc32_ex, tmp->p);
 						if(!ret)
 							report_error(tok, f);
 						break;
@@ -244,11 +259,20 @@
 					if(count == INT_TYPE) {
 						if(!strncmp(descr, "gid", 3))
 							elem->gid = get_int(shared_string);
+						else if (!strncmp(descr, "child_euid", 8))
+							elem->p.euid = get_int(shared_string);
+						else if (!strncmp(descr, "child_auid", 8))
+							elem->p.auid = get_int(shared_string);	
+						else if (!strncmp(descr, "child_ruid", 8))
+							elem->p.ruid = get_int(shared_string);
+						else if (!strncmp(descr, "child_rgid", 8))
+							elem->p.rgid = get_int(shared_string);
+						else if (!strncmp(descr, "child_egid", 8))
+							elem->p.egid = get_int(shared_string);
 						else
 							elem->ret = get_int(shared_string);
 					}		
-					else if ( count == STRING_TYPE)
-					{
+					else if ( count == STRING_TYPE) {
 						snprintf(elem->err_val, sizeof(elem->err_val) > 
 								strlen(shared_string) +1 ? 
 								strlen(shared_string) +1 : 
@@ -256,7 +280,8 @@
 								shared_string);
 					}
 					shared_string = read_string();
-				}		
+				}
+				elem->p.pid = pid;	
 				head = add_field(head, elem);
 				if(head == NULL)
 					err(-1, "List error");

==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_setuid.c#4 (text+ko) ====

@@ -33,6 +33,7 @@
 	char err_val[256];
 	int ret;
 	int index;
+	struct priv p;
 	struct setuid_record *next;
 };
 
@@ -44,8 +45,7 @@
 	tmp = head;
 	if(tmp == NULL)
 		return NULL;
-	for(; tmp->next != NULL; tmp = tmp->next)
-	{
+	for(; tmp->next != NULL; tmp = tmp->next) {
 		if(tmp->next->index == index) {
 			p = tmp->next;
 			tmp->next = tmp->next->next;
@@ -80,11 +80,18 @@
 
 void test_setuid()
 {
-	int ret;
-  	
+	int ret, auid;
+	
 	init_channel_primary();
 	
 	ret = setuid(1001);
+	getauid(&auid);
+	
+	write_int(auid, "child_auid");
+	write_int(geteuid(), "child_euid");
+	write_int(getuid(), "child_ruid");
+	write_int(getgid(), "child_rgid");
+	write_int(getegid(), "child_egid");
   	write_int(1001, "uid");
   	write_int(ret, "ret");
 	if (ret == -1)
@@ -94,6 +101,13 @@
 	write_end();
 
 	ret = setuid(0);
+	getauid(&auid);
+	
+	write_int(auid, "child_auid");
+	write_int(geteuid(), "child_euid");
+	write_int(getuid(), "child_ruid");
+	write_int(getgid(), "child_rgid");
+	write_int(getegid(), "child_egid");
   	write_int(0, "uid");
   	write_int(ret, "ret");
 	if (ret == -1)
@@ -154,14 +168,14 @@
 					}	
 				bytesread += tok.len;
 
-				/* Check only setuid syscals */
+				/* Check only setuid syscalls */
 				if(tok.tt.hdr32.e_type == 200)
 					to_parse = VALID;
 					
 				if(to_parse == VALID) {
 					switch(tok.id) {
 					case AUT_SUBJECT32:
-						ret = check_priv(tok.tt.proc32_ex, pid);
+						ret = check_priv_child(tok.tt.proc32_ex, tmp->p);
 						if(!ret)
 							report_error(tok, f);
 						break;
@@ -239,17 +253,25 @@
 				if(elem == NULL)
 						err(-1, "MALLOC");
 
-				while((count = parse_string(shared_string)) != -1)
-				{
+				while((count = parse_string(shared_string)) != -1) {
 					descr = get_descr(shared_string);
 					if(count == INT_TYPE) {
 						if(!strncmp(descr, "uid", 3))
 							elem->uid = get_int(shared_string);
+						else if (!strncmp(descr, "child_euid", 8))
+							elem->p.euid = get_int(shared_string);
+						else if (!strncmp(descr, "child_auid", 8))
+							elem->p.auid = get_int(shared_string);	
+						else if (!strncmp(descr, "child_ruid", 8))
+							elem->p.ruid = get_int(shared_string);
+						else if (!strncmp(descr, "child_rgid", 8))
+							elem->p.rgid = get_int(shared_string);
+						else if (!strncmp(descr, "child_egid", 8))
+							elem->p.egid = get_int(shared_string);	
 						else 
 							elem->ret = get_int(shared_string);
 					}		
-					else if ( count == STRING_TYPE)
-					{
+					else if ( count == STRING_TYPE) {
 						snprintf(elem->err_val, sizeof(elem->err_val) > 
 								strlen(shared_string) +1 ? 
 								strlen(shared_string) +1 : 
@@ -257,7 +279,8 @@
 								shared_string);
 					}
 					shared_string = read_string();
-				}		
+				}
+				elem->p.pid = pid;
 				head = add_field(head, elem);
 				if(head == NULL)
 					err(-1, "List error");
