PERFORCE change 132681 for review
Zhouyi ZHOU
zhouzhouyi at FreeBSD.org
Sun Jan 6 23:27:33 PST 2008
http://perforce.freebsd.org/chv.cgi?CH=132681
Change 132681 by zhouzhouyi at zhouzhouyi_mactest on 2008/01/07 07:27:20
style modification
Affected files ...
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/LICENSE#2 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/Makefile#15 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/README#2 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/fifo_io.c#3 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/macping.c#5 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/macproc.c#3 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mdconfig.c#2 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mmaptest.c#2 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/msgtest.c#3 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/ptrace.c#2 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/semtest.c#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/shmtest.c#7 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/conf#2 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/misc.sh#26 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/sysvshm/00.t#4 edit
.. //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#19 edit
Differences ...
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/LICENSE#2 (text+ko) ====
@@ -1,4 +1,4 @@
-$FreeBSD: src/tools/regression/mactest/LICENSE,v 1.1 2007/01/17 01:42:07 pjd Exp $
+$FreeBSD$
License for all regression tests available with fstest:
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/Makefile#15 (text+ko) ====
@@ -1,4 +1,4 @@
-# $FreeBSD: src/tools/regression/mactest/Makefile,v 1.1 2007/01/17 01:42:07 zhouzhouyi Exp $
+# $FreeBSD$
CFLAGS+=-DHAS_LCHMOD
CFLAGS+=-DHAS_CHFLAGS
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/README#2 (text+ko) ====
@@ -1,4 +1,4 @@
-$FreeBSD: src/tools/regression/mactest/README,v 1.1 2007/01/28 00:10:28 zhouzhouyi Exp $
+$FreeBSD$
Few notes on how to use fstest in short steps:
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/fifo_io.c#3 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/tools/regression/mactest/fifo_io.c,v 1.6 2006/11/07 23:28:30 jkim Exp $
+ * $FreeBSD$
*/
#include <sys/types.h>
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/macping.c#5 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/tools/regression/mactest/macping.c,v 1.6 2006/11/07 23:28:30 jkim Exp $
+ * $FreeBSD$
*/
#include <sys/param.h> /* NB: we rely on this for <sys/types.h> */
#include <sys/uio.h>
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/macproc.c#3 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/tools/regression/mactest/macproc.c,v 1.1 2007/05/17 01:42:07 zhouzhouyi Exp $
+ * $FreeBSD$
*/
#include <sys/param.h>
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mdconfig.c#2 (text+ko) ====
@@ -6,7 +6,7 @@
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
* ----------------------------------------------------------------------------
*
- * $FreeBSD: src/sbin/mdconfig/mdconfig.c,v 1.54 2007/02/20 22:04:23 n_hibma Exp $
+ * $FreeBSD$
*
*/
#include <sys/param.h>
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mmaptest.c#2 (text+ko) ====
@@ -34,7 +34,7 @@
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/tools/regression/mactest/mmaptest.c,v 1.1 2007/09/02 06:34:37 zhouzhouyi Exp $
+ * $FreeBSD$
*/
/*
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/msgtest.c#3 (text+ko) ====
@@ -36,7 +36,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*
* Obtained from: $NetBSD: msgtest.c,v 1.7 2002/07/20 08:36:25 grant Exp $
- * $FreeBSD: src/tools/regression/sysvmsg/msgtest.c,v 1.2 2006/11/16 19:51:10 jkim Exp $
+ * $FreeBSD$
*/
/*
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/ptrace.c#2 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/tools/regression/mactest/macproc.c,v 1.1 2007/05/17 01:42:07 zhouzhouyi Exp $
+ * $FreeBSD$
*/
#include <sys/param.h>
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/semtest.c#4 (text+ko) ====
@@ -36,7 +36,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*
* Obtained from: $NetBSD: semtest.c,v 1.4 2002/07/20 08:36:25 grant Exp $
- * $FreeBSD: src/tools/regression/mactest/semtest.c,v 1.1 2002/08/15 06:34:37 zhouzhouyi Exp $
+ * $FreeBSD$
*/
/*
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/shmtest.c#7 (text+ko) ====
@@ -36,7 +36,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*
* Obtained from: $NetBSD: shmtest.c,v 1.3 2002/07/20 08:36:26 grant Exp $
- * $FreeBSD: src/tools/regression/mactest/shmtest.c,v 1.1 2002/08/15 06:34:37 alfred Exp $
+ * $FreeBSD$
*/
/*
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/conf#2 (text+ko) ====
@@ -1,4 +1,4 @@
-# $FreeBSD: src/tools/regression/fstest/tests/conf,v 1.1 2007/01/17 01:42:08 pjd Exp $
+# $FreeBSD$
# fstest configuration file
# Known operating systems: FreeBSD, SunOS, Linux
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/misc.sh#26 (text+ko) ====
@@ -1,4 +1,4 @@
-# $FreeBSD: src/tools/regression/mactest/tests/misc.sh,v 1.1 2007/06/04 01:42:08 zhouzhouyi Exp $
+# $FreeBSD$
ntest=1
pid=0
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/sysvshm/00.t#4 (text+ko) ====
@@ -1,5 +1,5 @@
#!/bin/sh
-# $FreeBSD: src/tools/regression/mactest/tests/sysvshm/00.t,v 1.2 2007/01/25 20:50:02 zhouzhouyi Exp $
+# $FreeBSD$
desc="manipulate sysv share memory"
@@ -7,67 +7,76 @@
dir=`dirname $0`
. ${dir}/../misc.sh
-echo "1..4"
+case "${os}" in
+FreeBSD)
+
+ mac_mls_support=`sysctl -n security.mac.mls.enabled 2>/dev/null`
+ mac_biba_support=`sysctl -n security.mac.biba.enabled 2>/dev/null`
+ mac_test_support=`sysctl -n security.mac.test.pseudoinit 2>/dev/null`
+ if [ "${mac_mls_support}" != "" ] && [ "${mac_biba_support}" != "" ] &&
+ [ "${mac_test_support}" != "" ]; then
#turn off all the switches
-for i in `sysctl security.mac | grep "\.enabled"|
- sed 's/\([a-z\.]*\.enabled\)\(:\ \)\([01]\)/\1/`; do
-sysctl ${i}=0
-done
+ for i in `sysctl security.mac | grep "\.enabled"|
+ sed 's/\([a-z\.]*\.enabled\)\(:\ \)\([01]\)/\1/`; do
+ sysctl ${i}=0 >/dev/null
+ done
-mac_mls_support=`sysctl -n security.mac.mls.enabled 2>/dev/null`
-mac_biba_support=`sysctl -n security.mac.biba.enabled 2>/dev/null`
-mac_test_support=`sysctl -n security.mac.test.pseudoinit 2>/dev/null`
+ if [ -f ${mactest_conf} ]; then
+ rm ${mactest_conf}
+ fi
+ touch ${mactest_conf}
+ setfmac "mls/equal,biba/equal" ${mactest_conf}
+
+ echo "1..4"
-if [ "${mac_mls_support}" != "" ] && [ "${mac_biba_support}" != "" ] &&
- [ "${mac_test_support}" != "" ] ; then
-
+ sysctl security.mac.mls.enabled=1 > /dev/null
+ sysctl security.mac.biba.enabled=1 > /dev/null
+ sysctl security.mac.mls.revocation_enabled=1 > /dev/null
+ sysctl security.mac.biba.revocation_enabled=1 > /dev/null
-
- if [ -f ${mactest_conf} ]; then
- rm ${mactest_conf}
- fi
- touch ${mactest_conf}
-
-#############################################################
- t=`sysctl security.mac.mls.enabled=1`
- echo "enforcing mac/mls!"
- t=`sysctl security.mac.biba.enabled=1`
- echo "enforcing mac/biba!"
- t=`sysctl security.mac.mls.revocation_enabled=1`
- t=`sysctl security.mac.biba.revocation_enabled=1`
- echo "enabling revoking"
#option -c creator's label, option -s sender's label
#option -r receiver's label, option -t ipc stat label
#options -e ipc set label
#case 1: check mls no read high
- echo -n "pid = -2 mac_test_check_sysv_shmget:" > ${mactest_conf}
- echo "biba/high(low-high),mls/9(low-high) biba/high,mls/5" >> ${mactest_conf}
- bizarretestexpect ${shmtest} "" "" -c "mls/5" -s "mls/5" \
- -r "mls/9" -t "mls/5" -e "mls/5" -f ${mactest_conf}
+ echo -n "pid = -2 sysvshm_check_shmget:" > ${mactest_conf}
+ echo "biba/high(low-high),mls/9(low-high) biba/high,mls/5" >> ${mactest_conf}
+ bizarretestexpect ${shmtest} "*Permission.denied*" "" -c "mls/5" -s "mls/5" \
+ -r "mls/9" -t "mls/5" -e "mls/5" -f ${mactest_conf}
+
#case 2: check biba no read low
- echo -n "pid = -2 mac_test_check_sysv_shmat#SHM_RDONLY:" > ${mactest_conf}
- echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
- bizarretestexpect ${shmtest} "" "" -c "biba/5" -s "biba/5" \
- -r "biba/3" -t "biba/5" -e "biba/5" -f ${mactest_conf}
+ echo -n "pid = -2 sysvshm_check_shmat#SHM_RDONLY:" > ${mactest_conf}
+ echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
+ bizarretestexpect ${shmtest} "" "" -c "biba/5" -s "biba/5" \
+ -r "biba/3" -t "biba/5" -e "biba/5" -f ${mactest_conf}
+
#case 3: ipc stat biba no stat low
- echo -n "pid = -2 mac_test_check_sysv_shmctl#IPC_STAT:" > ${mactest_conf}
- echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
- bizarretestexpect ${shmtest} "" "" -c "biba/5" -s "biba/5" \
- -r "biba/5" -t "biba/3" -e "biba/5" -f ${mactest_conf}
+ echo -n "pid = -2 sysvshm_check_shmctl#IPC_STAT:" > ${mactest_conf}
+ echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
+ bizarretestexpect ${shmtest} "" "" -c "biba/5" -s "biba/5" \
+ -r "biba/5" -t "biba/3" -e "biba/5" -f ${mactest_conf}
+
#case 4: ipc set biba no set high
- echo -n "pid = -2 mac_test_check_sysv_shmctl#IPC_SET:" > ${mactest_conf}
- echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
- bizarretestexpect ${shmtest} "*shmctl.IPC_SET:.Permission.denied" "" -c "biba/5" -s "biba/5" \
- -r "biba/5" -t "biba/5" -e "biba/3" -f ${mactest_conf}
-#cleanup:
- t=`sysctl security.mac.mls.enabled=0`
- echo "disabling mac/mls!"
- t=`sysctl security.mac.biba.enabled=0`
- echo "disabling mac/biba!"
+ echo -n "pid = -2 sysvshm_check_shmctl#IPC_SET:" > ${mactest_conf}
+ echo "biba/3(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
+ echo -n "pid = -2 sysvshm_check_shmctl#IPC_RMID:" >> ${mactest_conf}
+ echo "biba/5(low-high),mls/low(low-high) biba/5,mls/low" >> ${mactest_conf}
+ echo "pid = -2 sysvshm_cleanup:*" >> ${mactest_conf}
+ bizarretestexpect ${shmtest} "*shmctl.IPC_SET:.Permission.denied" "" \
+ -c "biba/5" -s "biba/5" \
+ -r "biba/5" -t "biba/5" -e "biba/3" -f ${mactest_conf}
- rm ${mactest_conf}
-fi
+#cleanup:
+ sysctl security.mac.mls.enabled=0 >/dev/null
+ sysctl security.mac.biba.enabled=0 > /dev/null
+ rm ${mactest_conf}
+#mac_mls mac_biba and mac_test support
+ fi
+ ;;
+*)
+ quick_exit
+ ;;
+esac
==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/sys/security/mac_test/mac_test.c#19 (text+ko) ====
@@ -2281,6 +2281,7 @@
LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM);
+ APPEND_FLAG((shmflg & SHM_RDONLY)? "SHM_RDONLY" : "SHM_RND");
COUNTER_INC(sysvshm_check_shmat);
return (0);
@@ -2295,6 +2296,24 @@
LOG_DECL
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(shmseglabel, MAGIC_SYSV_SHM);
+
+ switch(cmd) {
+ case IPC_RMID:
+ APPEND_FLAG("IPC_RMID");
+ break;
+ case IPC_SET:
+ APPEND_FLAG("IPC_SET");
+ break;
+ case IPC_STAT:
+ APPEND_FLAG("IPC_STAT");
+ break;
+ case SHM_STAT:
+ APPEND_FLAG("SHM_STAT");
+ break;
+ default:
+ break;
+ }
+
COUNTER_INC(sysvshm_check_shmctl);
return (0);
More information about the p4-projects
mailing list