Menu
▾
▴
[Audit-test-developer] [PATCH v3 5/5] audit-test/syscalls: add arm support
|
From: AKASHI T. <tak...@li...> - 2014-07-23 07:38:54
|
This patch selectively executes appropriate test programs for arm. Signed-off-by: AKASHI Takahiro <tak...@li...> --- audit-test/syscalls/cap-run.conf | 15 ++++++++++----- audit-test/syscalls/dac-run.conf | 24 ++++++++++++++++-------- audit-test/syscalls/mac-run.conf | 24 ++++++++++++++++-------- audit-test/utils/bin/Makefile | 4 ++++ 4 files changed, 46 insertions(+), 21 deletions(-) diff --git a/audit-test/syscalls/cap-run.conf b/audit-test/syscalls/cap-run.conf index 93454ef..8d440fc 100644 --- a/audit-test/syscalls/cap-run.conf +++ b/audit-test/syscalls/cap-run.conf @@ -221,7 +221,8 @@ fi ## syscall using the value of flag to determine the control operation; ## verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgctl perm=msg_id_remove expres=success user=super + msgctl perm=msg_id_remove expres=fail user=test + msgctl perm=msg_id_set expres=success user=super @@ -250,7 +251,8 @@ fi ## syscall using the value of flag to determine the control operation; ## verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semctl perm=sem_id_remove expres=success user=super + semctl perm=sem_id_remove expres=fail user=test + semctl perm=sem_id_set expres=success user=super @@ -279,7 +281,8 @@ fi ## syscall using the value of flag to determine the control operation; ## verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + shmctl perm=shm_id_remove expres=success user=super + shmctl perm=shm_id_remove expres=fail user=test + shmctl perm=shm_id_set expres=success user=super @@ -338,7 +341,8 @@ fi ## 1b. If expres=fail, execute the test process as a regular user and ## attempt to set port permission bits, verify the result. ## 2. Check the audit log for the correct syscall result -if [[ $MODE == 32 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ $MODE == 32 && + $ARCH != "PPC" && $ARCH != "s390x" && $ARCH != "arm" ]]; then + ioperm perm=io_perm expres=success user=super + ioperm perm=io_perm expres=fail user=test fi @@ -353,7 +357,8 @@ fi ## 1b. If expres=fail, execute the test process as a regular user and ## attempt to set process's the I/O privilege level, verify the result. ## 2. Check the audit log for the correct syscall result -if [[ $MODE == 32 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ $MODE == 32 && + $ARCH != "PPC" && $ARCH != "s390x" && $ARCH != "arm" ]]; then + iopl perm=io_priv expres=success user=super + iopl perm=io_priv expres=fail user=test fi diff --git a/audit-test/syscalls/dac-run.conf b/audit-test/syscalls/dac-run.conf index d02b7a6..a03c637 100644 --- a/audit-test/syscalls/dac-run.conf +++ b/audit-test/syscalls/dac-run.conf @@ -436,7 +436,8 @@ fi ## syscall using the value of flag to determine whether to open the message ## queue for read or write; verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgget perm=msg_key_read expres=success dacugo=user user=super + msgget perm=msg_key_read expres=fail dacugo=user user=test + msgget perm=msg_key_write expres=success dacugo=user user=super @@ -460,7 +461,8 @@ fi ## 2b. If expres=fail, execute the test process as another user and attempt to ## receive a message, verify the result ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgrcv perm=msg_id_recv expres=success dacugo=user user=super + msgrcv perm=msg_id_recv expres=fail dacugo=user user=test else @@ -480,7 +482,8 @@ fi ## 2b. If expres=fail, execute the test process as another user and attempt to ## send a message, verify the result ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgsnd perm=msg_id_send msg="this is a test" expres=success dacugo=user \ user=super testfunc=test_su_msg_send + msgsnd perm=msg_id_send msg="this is a test" expres=fail dacugo=user \ @@ -512,7 +515,8 @@ fi ## syscall using the value of flag to determine whether to open the ## semaphore set for read or write; verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semget perm=sem_key_read expres=success dacugo=user user=super + semget perm=sem_key_read expres=fail dacugo=user user=test + semget perm=sem_key_write expres=success dacugo=user user=super @@ -537,7 +541,8 @@ fi ## 2b. If expres=fail, execute the test process as another user and attempt a ## read operation, verify the result ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semop perm=sem_id_read expres=success dacugo=user user=super + semop perm=sem_id_read expres=fail dacugo=user user=test else @@ -558,7 +563,8 @@ fi ## 2b. If expres=fail, execute the test process as another user and attempt a ## write operation, verify the result ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semtimedop perm=sem_id_write expres=success dacugo=user user=super + semtimedop perm=sem_id_write expres=fail dacugo=user user=test else @@ -583,7 +589,8 @@ fi ## syscall using the value of perm to determine whether to perform a read or ## write operation; verify the result ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + shmat perm=shm_id_read expres=success dacugo=user user=super + shmat perm=shm_id_read expres=fail dacugo=user user=test + shmat perm=shm_id_write expres=success dacugo=user user=super @@ -618,7 +625,8 @@ fi ## syscall using the value of flag to determine whether to request the ## shared memory segment for read or write; verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + shmget perm=shm_key_read expres=success dacugo=user user=super + shmget perm=shm_key_read expres=fail dacugo=user user=test + shmget perm=shm_key_write expres=success dacugo=user user=super diff --git a/audit-test/syscalls/mac-run.conf b/audit-test/syscalls/mac-run.conf index b7c064b..df7d873 100644 --- a/audit-test/syscalls/mac-run.conf +++ b/audit-test/syscalls/mac-run.conf @@ -702,7 +702,8 @@ fi ## test process requests the message queue for read or write depending on ## the 'perm' value '*_read' or '*_write'. Verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgget perm=msg_key_read expres=success mlsop=eq + msgget perm=msg_key_read expres=success mlsop=dom + msgget perm=msg_key_read expres=fail mlsop=domby @@ -737,7 +738,8 @@ fi ## the ipc() syscall the function is determined by the 'op' variable. ## Verify the result. ## 4. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgrcv perm=msg_id_recv expres=success mlsop=eq + msgrcv perm=msg_id_recv expres=success mlsop=dom + msgrcv perm=msg_id_recv expres=fail mlsop=domby @@ -763,7 +765,8 @@ fi ## the ipc() syscall the function is determined by the 'op' variable. ## Verify the result. ## 4. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + msgsnd perm=msg_id_send msg="this is a test" expres=success mlsop=eq \ testfunc=test_runcon_msg_send + msgsnd perm=msg_id_send msg="this is a test" expres=fail mlsop=dom \ @@ -801,7 +804,8 @@ fi ## test process requests the semaphore set for read or write depending on ## the 'perm' value '*_read' or '*_write'. Verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semget perm=sem_key_read expres=success mlsop=eq + semget perm=sem_key_read expres=success mlsop=dom + semget perm=sem_key_read expres=fail mlsop=domby @@ -835,7 +839,8 @@ fi ## read operation. With the ipc() syscall the function is determined by the ## 'op' variable. Verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semop perm=sem_id_read expres=success mlsop=eq + semop perm=sem_id_read expres=success mlsop=dom + semop perm=sem_id_read expres=fail mlsop=domby @@ -861,7 +866,8 @@ fi ## write operation. With the ipc() syscall the function is determined by the ## 'op' variable. Verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + semtimedop perm=sem_id_write expres=success mlsop=eq + semtimedop perm=sem_id_write expres=fail mlsop=dom + semtimedop perm=sem_id_write expres=fail mlsop=domby @@ -892,7 +898,8 @@ fi ## 'perm' variable. With the ipc() syscall the function is determined by ## the 'op' variable. Verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + shmat perm=shm_id_read expres=success mlsop=eq + shmat perm=shm_id_read expres=success mlsop=dom + shmat perm=shm_id_read expres=fail mlsop=domby @@ -934,7 +941,8 @@ fi ## test process requests the shared memory segment for read or write ## depending on the 'perm' value '*_read' or '*_write'. Verify the result. ## 3. Check the audit log for the correct syscall result -if [[ $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ]]; then +if [[ ( $MODE == 64 && $ARCH != "PPC" && $ARCH != "s390x" ) || + $ARCH == "arm" ]]; then + shmget perm=shm_key_read expres=success mlsop=eq + shmget perm=shm_key_read expres=success mlsop=dom + shmget perm=shm_key_read expres=fail mlsop=domby diff --git a/audit-test/utils/bin/Makefile b/audit-test/utils/bin/Makefile index 62c5538..0f2852f 100644 --- a/audit-test/utils/bin/Makefile +++ b/audit-test/utils/bin/Makefile @@ -187,6 +187,10 @@ ALL_EXE += $(ONLY32_EXE) endif endif endif +ifeq ($(MACHINE), arm) +ALL_EXE += $(ONLY32_EXE) +endif + ifeq ($(MACHINE), ia64) ALL_EXE += $(ONLYIA64_EXE) -- 1.7.9.5 |
