1/*- 2 * Copyright (c) 2006 nCircle Network Security, Inc. 3 * Copyright (c) 2007 Robert N. M. Watson 4 * All rights reserved. 5 * 6 * This software was developed by Robert N. M. Watson for the TrustedBSD 7 * Project under contract to nCircle Network Security, Inc. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR, NCIRCLE NETWORK SECURITY, 22 * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 24 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 * 30 * $FreeBSD$ 31 */ 32 33#define UID_ROOT 0 34#define UID_OWNER 100 35#define UID_OTHER 200 36#define UID_THIRD 300 37 38#define GID_WHEEL 0 39#define GID_OWNER 100 40#define GID_OTHER 200 41 42#define KENV_VAR_NAME "test" 43#define KENV_VAR_VALUE "test" 44#define KENV_VAR_LEN sizeof(KENV_VAR_VALUE) 45 46/* 47 * Library routines used by many tests. 48 */ 49void setup_dir(const char *test, char *dpathp, uid_t uid, gid_t gid, 50 mode_t mode); 51void setup_file(const char *test, char *fpathp, uid_t uid, gid_t gid, 52 mode_t mode); 53void expect(const char *test, int error, int expected_error, 54 int expected_errno); 55 56/* 57 * Definition for a particular test, both used to manage the test list in 58 * main.c, and passed to tests so they can be aware of which specific test is 59 * running if particular method implementations are shared across tests. 60 */ 61struct test { 62 const char *t_name; 63 int (*t_setup_func)(int asroot, int injail, 64 struct test *test); 65 void (*t_test_func)(int asroot, int injail, 66 struct test *test); 67 void (*t_cleanup_func)(int asroot, int injail, 68 struct test *test); 69}; 70 71/* 72 * Prototypes for test functions that will be hooked up to the test vector in 73 * main.c. It's possible to imagine more dynamic (convenient?) ways to do 74 * this. 75 */ 76int priv_acct_setup(int, int, struct test *); 77void priv_acct_enable(int, int, struct test *); 78void priv_acct_disable(int, int, struct test *); 79void priv_acct_rotate(int, int, struct test *); 80void priv_acct_noopdisable(int, int, struct test *); 81void priv_acct_cleanup(int, int, struct test *); 82 83int priv_adjtime_setup(int, int, struct test *); 84void priv_adjtime_set(int, int, struct test *); 85void priv_adjtime_cleanup(int, int, struct test *); 86 87int priv_audit_submit_setup(int, int, struct test *); 88void priv_audit_submit(int, int, struct test *); 89void priv_audit_submit_cleanup(int, int, struct test *); 90 91int priv_audit_control_setup(int, int, struct test *); 92void priv_audit_control(int, int, struct test *); 93void priv_audit_control_cleanup(int, int, struct test *); 94 95int priv_audit_getaudit_setup(int, int, struct test *); 96void priv_audit_getaudit(int, int, struct test *); 97void priv_audit_getaudit_addr(int, int, struct test *); 98void priv_audit_getaudit_cleanup(int, int, struct test *); 99 100int priv_audit_setaudit_setup(int, int, struct test *); 101void priv_audit_setaudit(int, int, struct test *); 102void priv_audit_setaudit_addr(int, int, struct test *); 103void priv_audit_setaudit_cleanup(int, int, struct test *); 104 105int priv_clock_settime_setup(int, int, struct test *); 106void priv_clock_settime(int, int, struct test *); 107void priv_clock_settime_cleanup(int, int, struct test *); 108 109int priv_cred_setup(int, int, struct test *); 110void priv_cred_setuid(int, int, struct test *); 111void priv_cred_seteuid(int, int, struct test *); 112void priv_cred_setgid(int, int, struct test *); 113void priv_cred_setegid(int, int, struct test *); 114void priv_cred_setgroups(int, int, struct test *); 115void priv_cred_setreuid(int, int, struct test *); 116void priv_cred_setregid(int, int, struct test *); 117void priv_cred_setresuid(int, int, struct test *); 118void priv_cred_setresgid(int, int, struct test *); 119void priv_cred_cleanup(int, int, struct test *); 120 121int priv_io_setup(int, int, struct test *); 122void priv_io(int, int, struct test *); 123void priv_io_cleanup(int, int, struct test *); 124 125int priv_kenv_set_setup(int, int, struct test *); 126void priv_kenv_set(int, int, struct test *); 127void priv_kenv_set_cleanup(int, int, struct test *); 128 129int priv_kenv_unset_setup(int, int, struct test *); 130void priv_kenv_unset(int, int, struct test *); 131void priv_kenv_unset_cleanup(int, int, struct test *); 132 133int priv_msgbuf_privonly_setup(int, int, struct test *); 134void priv_msgbuf_privonly(int, int, struct test *); 135 136int priv_msgbuf_unprivok_setup(int, int, struct test *); 137void priv_msgbuf_unprivok(int, int, struct test *); 138 139void priv_msgbuf_cleanup(int, int, struct test *); 140 141void priv_netinet_ipsec_pfkey(int, int, struct test *); 142int priv_netinet_ipsec_policy4_bypass_setup(int, int, struct test *); 143void priv_netinet_ipsec_policy4_bypass(int, int, struct test *); 144int priv_netinet_ipsec_policy6_bypass_setup(int, int, struct test *); 145void priv_netinet_ipsec_policy6_bypass(int, int, struct test *); 146void priv_netinet_ipsec_policy_bypass_cleanup(int, int, struct test *); 147int priv_netinet_ipsec_policy4_entrust_setup(int, int, struct test *); 148void priv_netinet_ipsec_policy4_entrust(int, int, struct test *); 149int priv_netinet_ipsec_policy6_entrust_setup(int, int, struct test *); 150void priv_netinet_ipsec_policy6_entrust(int, int, struct test *); 151void priv_netinet_ipsec_policy_entrust_cleanup(int, int, struct test *); 152 153int priv_netinet_raw_setup(int, int, struct test *); 154void priv_netinet_raw(int, int, struct test *); 155void priv_netinet_raw_cleanup(int, int, struct test *); 156 157int priv_proc_setlogin_setup(int, int, struct test *); 158void priv_proc_setlogin(int, int, struct test *); 159void priv_proc_setlogin_cleanup(int, int, struct test *); 160 161int priv_proc_setrlimit_setup(int, int, struct test *); 162void priv_proc_setrlimit_raisemax(int, int, struct test *); 163void priv_proc_setrlimit_raisecur(int, int, struct test *); 164void priv_proc_setrlimit_raisecur_nopriv(int, int, struct test *); 165void priv_proc_setrlimit_cleanup(int, int, struct test *); 166 167int priv_sched_rtprio_setup(int, int, struct test *); 168void priv_sched_rtprio_curproc_normal(int, int, struct test *); 169void priv_sched_rtprio_curproc_idle(int, int, struct test *); 170void priv_sched_rtprio_curproc_realtime(int, int, struct test *); 171 172void priv_sched_rtprio_myproc_normal(int, int, struct test *); 173void priv_sched_rtprio_myproc_idle(int, int, struct test *); 174void priv_sched_rtprio_myproc_realtime(int, int, struct test *); 175 176void priv_sched_rtprio_aproc_normal(int, int, struct test *); 177void priv_sched_rtprio_aproc_idle(int, int, struct test *); 178void priv_sched_rtprio_aproc_realtime(int, int, struct test *); 179void priv_sched_rtprio_cleanup(int, int, struct test *); 180 181int priv_sched_setpriority_setup(int, int, struct test *); 182void priv_sched_setpriority_curproc(int, int, struct test *); 183void priv_sched_setpriority_myproc(int, int, struct test *); 184void priv_sched_setpriority_aproc(int, int, struct test *); 185void priv_sched_setpriority_cleanup(int, int, struct test *); 186 187int priv_settimeofday_setup(int, int, struct test *); 188void priv_settimeofday(int, int, struct test *); 189void priv_settimeofday_cleanup(int, int, struct test *); 190 191int priv_sysctl_write_setup(int, int, struct test *); 192void priv_sysctl_write(int, int, struct test *); 193void priv_sysctl_writejail(int, int, struct test *); 194void priv_sysctl_write_cleanup(int, int, struct test *); 195 196int priv_vfs_chflags_froot_setup(int, int, struct test *); 197void priv_vfs_chflags_froot_uflags(int, int, struct test *); 198void priv_vfs_chflags_froot_sflags(int, int, struct test *); 199 200int priv_vfs_chflags_fowner_setup(int, int, struct test *); 201void priv_vfs_chflags_fowner_uflags(int, int, struct test *); 202void priv_vfs_chflags_fowner_sflags(int, int, struct test *); 203 204int priv_vfs_chflags_fother_setup(int, int, struct test *); 205void priv_vfs_chflags_fother_uflags(int, int, struct test *); 206void priv_vfs_chflags_fother_sflags(int, int, struct test *); 207 208void priv_vfs_chflags_cleanup(int, int, struct test *); 209 210int priv_vfs_chmod_froot_setup(int, int, struct test *); 211void priv_vfs_chmod_froot(int, int, struct test *); 212 213int priv_vfs_chmod_fowner_setup(int, int, struct test *); 214void priv_vfs_chmod_fowner(int, int, struct test *); 215 216int priv_vfs_chmod_fother_setup(int, int, struct test *); 217void priv_vfs_chmod_fother(int, int, struct test *); 218 219void priv_vfs_chmod_cleanup(int, int, struct test *); 220 221int priv_vfs_chown_uid_setup(int, int, struct test *); 222void priv_vfs_chown_uid(int, int, struct test *); 223 224int priv_vfs_chown_mygid_setup(int, int, struct test *); 225void priv_vfs_chown_mygid(int, int, struct test *); 226 227int priv_vfs_chown_othergid_setup(int, int, struct test *); 228void priv_vfs_chown_othergid(int, int, struct test *); 229 230void priv_vfs_chown_cleanup(int, int, struct test *); 231 232int priv_vfs_chroot_setup(int, int, struct test *); 233void priv_vfs_chroot(int, int, struct test *); 234void priv_vfs_chroot_cleanup(int, int, struct test *); 235 236int priv_vfs_clearsugid_setup(int, int, struct test *); 237void priv_vfs_clearsugid_chgrp(int, int, struct test *); 238void priv_vfs_clearsugid_extattr(int, int, struct test *); 239void priv_vfs_clearsugid_write(int, int, struct test *); 240void priv_vfs_clearsugid_cleanup(int, int, struct test *); 241 242int priv_vfs_extattr_system_setup(int, int, struct test *); 243void priv_vfs_extattr_system(int, int, struct test *); 244void priv_vfs_extattr_system_cleanup(int, int, struct test *); 245 246int priv_vfs_fhopen_setup(int, int, struct test *); 247void priv_vfs_fhopen(int, int, struct test *); 248void priv_vfs_fhopen_cleanup(int, int, struct test *); 249 250int priv_vfs_fhstat_setup(int, int, struct test *); 251void priv_vfs_fhstat(int, int, struct test *); 252void priv_vfs_fhstat_cleanup(int, int, struct test *); 253 254int priv_vfs_fhstatfs_setup(int, int, struct test *); 255void priv_vfs_fhstatfs(int, int, struct test *); 256void priv_vfs_fhstatfs_cleanup(int, int, struct test *); 257 258int priv_vfs_generation_setup(int, int, struct test *); 259void priv_vfs_generation(int, int, struct test *); 260void priv_vfs_generation_cleanup(int, int, struct test *); 261 262int priv_vfs_getfh_setup(int, int, struct test *); 263void priv_vfs_getfh(int, int, struct test *); 264void priv_vfs_getfh_cleanup(int, int, struct test *); 265 266int priv_vfs_readwrite_fowner_setup(int, int, struct test *); 267void priv_vfs_readwrite_fowner(int, int, struct test *); 268 269int priv_vfs_readwrite_fgroup_setup(int, int, struct test *); 270void priv_vfs_readwrite_fgroup(int, int, struct test *); 271 272int priv_vfs_readwrite_fother_setup(int, int, struct test *); 273void priv_vfs_readwrite_fother(int, int, struct test *); 274 275void priv_vfs_readwrite_cleanup(int, int, struct test *); 276 277int priv_vfs_setgid_fowner_setup(int, int, struct test *); 278void priv_vfs_setgid_fowner(int, int, struct test *); 279 280int priv_vfs_setgid_fother_setup(int, int, struct test *); 281void priv_vfs_setgid_fother(int, int, struct test *); 282 283void priv_vfs_setgid_cleanup(int, int, struct test *); 284 285int priv_vfs_stickyfile_dir_fowner_setup(int, int, struct test *); 286 287void priv_vfs_stickyfile_dir_fowner(int, int, struct test *); 288int priv_vfs_stickyfile_dir_fother_setup(int, int, struct test *); 289void priv_vfs_stickyfile_dir_fother(int, int, struct test *); 290 291void priv_vfs_stickyfile_dir_cleanup(int, int, struct test *); 292 293int priv_vfs_stickyfile_file_fowner_setup(int, int, struct test *); 294void priv_vfs_stickyfile_file_fowner(int, int, struct test *); 295 296int priv_vfs_stickyfile_file_fother_setup(int, int, struct test *); 297void priv_vfs_stickyfile_file_fother(int, int, struct test *); 298 299void priv_vfs_stickyfile_file_cleanup(int, int, struct test *); 300 301int priv_vfs_utimes_froot_setup(int, int, struct test *); 302void priv_vfs_utimes_froot(int, int, struct test *); 303void priv_vfs_utimes_froot_null(int, int, struct test *); 304 305int priv_vfs_utimes_fowner_setup(int, int, struct test *); 306void priv_vfs_utimes_fowner(int, int, struct test *); 307void priv_vfs_utimes_fowner_null(int, int, struct test *); 308 309int priv_vfs_utimes_fother_setup(int, int, struct test *); 310void priv_vfs_utimes_fother(int, int, struct test *); 311void priv_vfs_utimes_fother_null(int, int, struct test *); 312 313void priv_vfs_utimes_cleanup(int, int, struct test *); 314 315int priv_vm_madv_protect_setup(int, int, struct test *); 316void priv_vm_madv_protect(int, int, struct test *); 317void priv_vm_madv_protect_cleanup(int, int, struct test *); 318 319int priv_vm_mlock_setup(int, int, struct test *); 320void priv_vm_mlock(int, int, struct test *); 321void priv_vm_mlock_cleanup(int, int, struct test *); 322 323int priv_vm_munlock_setup(int, int, struct test *); 324void priv_vm_munlock(int, int, struct test *); 325void priv_vm_munlock_cleanup(int, int, struct test *); 326