Enhance and expand kernel privilege regression tests in support of

work present in FreeBSD 7.0 to refine the kernel privilege model:

- Introduce support for jail as a testing variable, in order to
  confirm that privileges are properly restricted in the jail
  environment.

- Restructure overall testing approach so that privilege and jail
  conditions are set in the testing infrastructure before tests
  are invoked, and done so in a custom-created process to isolate
  the impact of tests from each other in a more consistent way.

- Tests now provide setup and cleanup hooks that occur before and
  after the test runs.

- New privilege tests are now present for several audit
  privileges, several credential management privileges, dmesg
  buffer reading privilege, and netinet raw socket creation.

- Other existing tests are restructured and generally improved as
  a result of better framework structure and jail as a variable.
  For exampe, we now test that certain sysctls are writable only
  outside jail, while others are writable within jail.  On a
  similar note, privileges relating to setting UFS file flags are
  now better exercised, as with the right to chmod and utimes
  files.

Approved by:	re (bmah)
Obtained from:	TrustedBSD Project

1 files changed, 261 insertions, 38 deletions

diff --git a/tools/regression/priv/main.h b/tools/regression/priv/main.h
index 6c5616beb566..d863feb7b7d0 100644
--- a/tools/regression/priv/main.h
+++ b/tools/regression/priv/main.h
@@ -1,5 +1,6 @@
 /*-
  * Copyright (c) 2006 nCircle Network Security, Inc.
+ * Copyright (c) 2007 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed by Robert N. M. Watson for the TrustedBSD
@@ -40,51 +41,273 @@
 
 #define	KENV_VAR_NAME	"test"
 #define	KENV_VAR_VALUE	"test"
+#define	KENV_VAR_LEN	sizeof(KENV_VAR_VALUE)
 
 /*
  * Library routines used by many tests.
  */
-void	assert_root(void);
-void	setup_file(char *fpathp, uid_t uid, gid_t gid, mode_t mode);
-void	set_creds(uid_t uid, gid_t gid);
-void	set_euid(uid_t uid);
-void	restore_creds(void);
+void	setup_dir(const char *test, char *dpathp, uid_t uid, gid_t gid,
+	    mode_t mode);
+void	setup_file(const char *test, char *fpathp, uid_t uid, gid_t gid,
+	    mode_t mode);
+void	expect(const char *test, int error, int expected_error,
+	    int expected_errno);
 
 /*
- * Tests for specific privileges.
+ * Definition for a particular test, both used to manage the test list in
+ * main.c, and passed to tests so they can be aware of which specific test is
+ * running if particular method implementations are shared across tests.
  */
-void	priv_acct(void);
-void	priv_adjtime(void);
-void	priv_clock_settime(void);
-void	priv_io(void);
-void	priv_kenv_set(void);
-void	priv_kenv_unset(void);
-void	priv_proc_setlogin(void);
-void	priv_proc_setrlimit(void);
-void	priv_sched_rtprio(void);
-void	priv_sched_setpriority(void);
-void	priv_settimeofday(void);
-void	priv_sysctl_write(void);
-void	priv_vfs_admin(void);
-void	priv_vfs_chown(void);
-void	priv_vfs_chroot(void);
-void	priv_vfs_clearsugid(void);
-void	priv_vfs_extattr_system(void);
-void	priv_vfs_fhopen(void);
-void	priv_vfs_fhstat(void);
-void	priv_vfs_fhstatfs(void);
-void	priv_vfs_generation(void);
-void	priv_vfs_getfh(void);
-void	priv_vfs_read(void);
-void	priv_vfs_setgid(void);
-void	priv_vfs_stickyfile(void);
-void	priv_vfs_write(void);
-void	priv_vm_madv_protect(void);
-void	priv_vm_mlock(void);
-void	priv_vm_munlock(void);
+struct test {
+	const char	*t_name;
+	int		(*t_setup_func)(int asroot, int injail,
+			    struct test *test);
+	void		(*t_test_func)(int asroot, int injail,
+			    struct test *test);
+	void		(*t_cleanup_func)(int asroot, int injail,
+			    struct test *test);
+};
 
 /*
- * Tests for more complex access control logic involving more than one
- * privilege, or privilege combined with DAC.
+ * Prototypes for test functions that will be hooked up to the test vector in
+ * main.c.  It's possible to imagine more dynamic (convenient?) ways to do
+ * this.
  */
-void	test_utimes(void);
+int	priv_acct_setup(int, int, struct test *);
+void	priv_acct_enable(int, int, struct test *);
+void	priv_acct_disable(int, int, struct test *);
+void	priv_acct_rotate(int, int, struct test *);
+void	priv_acct_noopdisable(int, int, struct test *);
+void	priv_acct_cleanup(int, int, struct test *);
+
+int	priv_adjtime_setup(int, int, struct test *);
+void	priv_adjtime_set(int, int, struct test *);
+void	priv_adjtime_cleanup(int, int, struct test *);
+
+int	priv_audit_submit_setup(int, int, struct test *);
+void	priv_audit_submit(int, int, struct test *);
+void	priv_audit_submit_cleanup(int, int, struct test *);
+
+int	priv_audit_control_setup(int, int, struct test *);
+void	priv_audit_control(int, int, struct test *);
+void	priv_audit_control_cleanup(int, int, struct test *);
+
+int	priv_audit_getaudit_setup(int, int, struct test *);
+void	priv_audit_getaudit(int, int, struct test *);
+void	priv_audit_getaudit_addr(int, int, struct test *);
+void	priv_audit_getaudit_cleanup(int, int, struct test *);
+
+int	priv_audit_setaudit_setup(int, int, struct test *);
+void	priv_audit_setaudit(int, int, struct test *);
+void	priv_audit_setaudit_addr(int, int, struct test *);
+void	priv_audit_setaudit_cleanup(int, int, struct test *);
+
+int	priv_clock_settime_setup(int, int, struct test *);
+void	priv_clock_settime(int, int, struct test *);
+void	priv_clock_settime_cleanup(int, int, struct test *);
+
+int	priv_cred_setup(int, int, struct test *);
+void	priv_cred_setuid(int, int, struct test *);
+void	priv_cred_seteuid(int, int, struct test *);
+void	priv_cred_setgid(int, int, struct test *);
+void	priv_cred_setegid(int, int, struct test *);
+void	priv_cred_setgroups(int, int, struct test *);
+void	priv_cred_setreuid(int, int, struct test *);
+void	priv_cred_setregid(int, int, struct test *);
+void	priv_cred_setresuid(int, int, struct test *);
+void	priv_cred_setresgid(int, int, struct test *);
+void	priv_cred_cleanup(int, int, struct test *);
+
+int	priv_io_setup(int, int, struct test *);
+void	priv_io(int, int, struct test *);
+void	priv_io_cleanup(int, int, struct test *);
+
+int	priv_kenv_set_setup(int, int, struct test *);
+void	priv_kenv_set(int, int, struct test *);
+void	priv_kenv_set_cleanup(int, int, struct test *);
+
+int	priv_kenv_unset_setup(int, int, struct test *);
+void	priv_kenv_unset(int, int, struct test *);
+void	priv_kenv_unset_cleanup(int, int, struct test *);
+
+int	priv_msgbuf_privonly_setup(int, int, struct test *);
+void	priv_msgbuf_privonly(int, int, struct test *);
+
+int	priv_msgbuf_unprivok_setup(int, int, struct test *);
+void	priv_msgbuf_unprivok(int, int, struct test *);
+
+void	priv_msgbuf_cleanup(int, int, struct test *);
+
+int	priv_netinet_raw_setup(int, int, struct test *);
+void	priv_netinet_raw(int, int, struct test *);
+void	priv_netinet_raw_cleanup(int, int, struct test *);
+
+int	priv_proc_setlogin_setup(int, int, struct test *);
+void	priv_proc_setlogin(int, int, struct test *);
+void	priv_proc_setlogin_cleanup(int, int, struct test *);
+
+int	priv_proc_setrlimit_setup(int, int, struct test *);
+void	priv_proc_setrlimit_raisemax(int, int, struct test *);
+void	priv_proc_setrlimit_raisecur(int, int, struct test *);
+void	priv_proc_setrlimit_raisecur_nopriv(int, int, struct test *);
+void	priv_proc_setrlimit_cleanup(int, int, struct test *);
+
+int	priv_sched_rtprio_setup(int, int, struct test *);
+void	priv_sched_rtprio_curproc_normal(int, int, struct test *);
+void	priv_sched_rtprio_curproc_idle(int, int, struct test *);
+void	priv_sched_rtprio_curproc_realtime(int, int, struct test *);
+
+void	priv_sched_rtprio_myproc_normal(int, int, struct test *);
+void	priv_sched_rtprio_myproc_idle(int, int, struct test *);
+void	priv_sched_rtprio_myproc_realtime(int, int, struct test *);
+
+void	priv_sched_rtprio_aproc_normal(int, int, struct test *);
+void	priv_sched_rtprio_aproc_idle(int, int, struct test *);
+void	priv_sched_rtprio_aproc_realtime(int, int, struct test *);
+void	priv_sched_rtprio_cleanup(int, int, struct test *);
+
+int	priv_sched_setpriority_setup(int, int, struct test *);
+void	priv_sched_setpriority_curproc(int, int, struct test *);
+void	priv_sched_setpriority_myproc(int, int, struct test *);
+void	priv_sched_setpriority_aproc(int, int, struct test *);
+void	priv_sched_setpriority_cleanup(int, int, struct test *);
+
+int	priv_settimeofday_setup(int, int, struct test *);
+void	priv_settimeofday(int, int, struct test *);
+void	priv_settimeofday_cleanup(int, int, struct test *);
+
+int	priv_sysctl_write_setup(int, int, struct test *);
+void	priv_sysctl_write(int, int, struct test *);
+void	priv_sysctl_writejail(int, int, struct test *);
+void	priv_sysctl_write_cleanup(int, int, struct test *);
+
+int	priv_vfs_chflags_froot_setup(int, int, struct test *);
+void	priv_vfs_chflags_froot_uflags(int, int, struct test *);
+void	priv_vfs_chflags_froot_sflags(int, int, struct test *);
+
+int	priv_vfs_chflags_fowner_setup(int, int, struct test *);
+void	priv_vfs_chflags_fowner_uflags(int, int, struct test *);
+void	priv_vfs_chflags_fowner_sflags(int, int, struct test *);
+
+int	priv_vfs_chflags_fother_setup(int, int, struct test *);
+void	priv_vfs_chflags_fother_uflags(int, int, struct test *);
+void	priv_vfs_chflags_fother_sflags(int, int, struct test *);
+
+void	priv_vfs_chflags_cleanup(int, int, struct test *);
+
+int	priv_vfs_chmod_froot_setup(int, int, struct test *);
+void	priv_vfs_chmod_froot(int, int, struct test *);
+
+int	priv_vfs_chmod_fowner_setup(int, int, struct test *);
+void	priv_vfs_chmod_fowner(int, int, struct test *);
+
+int	priv_vfs_chmod_fother_setup(int, int, struct test *);
+void	priv_vfs_chmod_fother(int, int, struct test *);
+
+void	priv_vfs_chmod_cleanup(int, int, struct test *);
+
+int	priv_vfs_chown_uid_setup(int, int, struct test *);
+void	priv_vfs_chown_uid(int, int, struct test *);
+
+int	priv_vfs_chown_mygid_setup(int, int, struct test *);
+void	priv_vfs_chown_mygid(int, int, struct test *);
+
+int	priv_vfs_chown_othergid_setup(int, int, struct test *);
+void	priv_vfs_chown_othergid(int, int, struct test *);
+
+void	priv_vfs_chown_cleanup(int, int, struct test *);
+
+int	priv_vfs_chroot_setup(int, int, struct test *);
+void	priv_vfs_chroot(int, int, struct test *);
+void	priv_vfs_chroot_cleanup(int, int, struct test *);
+
+int	priv_vfs_clearsugid_setup(int, int, struct test *);
+void	priv_vfs_clearsugid_chgrp(int, int, struct test *);
+void	priv_vfs_clearsugid_extattr(int, int, struct test *);
+void	priv_vfs_clearsugid_write(int, int, struct test *);
+void	priv_vfs_clearsugid_cleanup(int, int, struct test *);
+
+int	priv_vfs_extattr_system_setup(int, int, struct test *);
+void	priv_vfs_extattr_system(int, int, struct test *);
+void	priv_vfs_extattr_system_cleanup(int, int, struct test *);
+
+int	priv_vfs_fhopen_setup(int, int, struct test *);
+void	priv_vfs_fhopen(int, int, struct test *);
+void	priv_vfs_fhopen_cleanup(int, int, struct test *);
+
+int	priv_vfs_fhstat_setup(int, int, struct test *);
+void	priv_vfs_fhstat(int, int, struct test *);
+void	priv_vfs_fhstat_cleanup(int, int, struct test *);
+
+int	priv_vfs_fhstatfs_setup(int, int, struct test *);
+void	priv_vfs_fhstatfs(int, int, struct test *);
+void	priv_vfs_fhstatfs_cleanup(int, int, struct test *);
+
+int	priv_vfs_generation_setup(int, int, struct test *);
+void	priv_vfs_generation(int, int, struct test *);
+void	priv_vfs_generation_cleanup(int, int, struct test *);
+
+int	priv_vfs_getfh_setup(int, int, struct test *);
+void	priv_vfs_getfh(int, int, struct test *);
+void	priv_vfs_getfh_cleanup(int, int, struct test *);
+
+int	priv_vfs_readwrite_fowner_setup(int, int, struct test *);
+void	priv_vfs_readwrite_fowner(int, int, struct test *);
+
+int	priv_vfs_readwrite_fgroup_setup(int, int, struct test *);
+void	priv_vfs_readwrite_fgroup(int, int, struct test *);
+
+int	priv_vfs_readwrite_fother_setup(int, int, struct test *);
+void	priv_vfs_readwrite_fother(int, int, struct test *);
+
+void	priv_vfs_readwrite_cleanup(int, int, struct test *);
+
+int	priv_vfs_setgid_fowner_setup(int, int, struct test *);
+void	priv_vfs_setgid_fowner(int, int, struct test *);
+
+int	priv_vfs_setgid_fother_setup(int, int, struct test *);
+void	priv_vfs_setgid_fother(int, int, struct test *);
+
+void	priv_vfs_setgid_cleanup(int, int, struct test *);
+
+int	priv_vfs_stickyfile_dir_fowner_setup(int, int, struct test *);
+
+void	priv_vfs_stickyfile_dir_fowner(int, int, struct test *);
+int	priv_vfs_stickyfile_dir_fother_setup(int, int, struct test *);
+void	priv_vfs_stickyfile_dir_fother(int, int, struct test *);
+
+void	priv_vfs_stickyfile_dir_cleanup(int, int, struct test *);
+
+int	priv_vfs_stickyfile_file_fowner_setup(int, int, struct test *);
+void	priv_vfs_stickyfile_file_fowner(int, int, struct test *);
+
+int	priv_vfs_stickyfile_file_fother_setup(int, int, struct test *);
+void	priv_vfs_stickyfile_file_fother(int, int, struct test *);
+
+void	priv_vfs_stickyfile_file_cleanup(int, int, struct test *);
+
+int	priv_vfs_utimes_froot_setup(int, int, struct test *);
+void	priv_vfs_utimes_froot(int, int, struct test *);
+void	priv_vfs_utimes_froot_null(int, int, struct test *);
+
+int	priv_vfs_utimes_fowner_setup(int, int, struct test *);
+void	priv_vfs_utimes_fowner(int, int, struct test *);
+void	priv_vfs_utimes_fowner_null(int, int, struct test *);
+
+int	priv_vfs_utimes_fother_setup(int, int, struct test *);
+void	priv_vfs_utimes_fother(int, int, struct test *);
+void	priv_vfs_utimes_fother_null(int, int, struct test *);
+
+void	priv_vfs_utimes_cleanup(int, int, struct test *);
+
+int	priv_vm_madv_protect_setup(int, int, struct test *);
+void	priv_vm_madv_protect(int, int, struct test *);
+void	priv_vm_madv_protect_cleanup(int, int, struct test *);
+
+int	priv_vm_mlock_setup(int, int, struct test *);
+void	priv_vm_mlock(int, int, struct test *);
+void	priv_vm_mlock_cleanup(int, int, struct test *);
+
+int	priv_vm_munlock_setup(int, int, struct test *);
+void	priv_vm_munlock(int, int, struct test *);
+void	priv_vm_munlock_cleanup(int, int, struct test *);