Page MenuHomeFreeBSD
Differential D40682

tests: Add ktrace capability violation test cases
ClosedPublic
Actions

Authored by jfree on Jun 20 2023, 10:10 PM.
Tags
Referenced Files
Unknown Object (File)
Wed, Nov 13, 11:52 PM
Unknown Object (File)
Fri, Nov 8, 11:32 AM
Unknown Object (File)
Sat, Nov 2, 2:06 PM
Unknown Object (File)
Sat, Nov 2, 2:06 PM
Unknown Object (File)
Sun, Oct 27, 4:44 PM
Unknown Object (File)
Sun, Oct 27, 12:26 PM
Unknown Object (File)
Oct 18 2024, 9:09 AM
Unknown Object (File)
Oct 17 2024, 8:49 AM
View All Files
Subscribers
guest-patmaddox
imp
jonathan

Details

Reviewers
markj
Commits
rG44952722a00b: tests: Add ktrace capability violation test cases
rG2f39a986641e: tests: Add ktrace capability violation test cases
Summary
tests: Add ktrace capability violation test cases

Introduce regression tests for ktrace(2) that target capability
violations.

These test cases ensure that ktrace(2) records these violations:
- CAPFAIL_NOTCAPABLE
- CAPFAIL_INCREASE
- CAPFAIL_SYSCALL
- CAPFAIL_SIGNAL
- CAPFAIL_PROTO
- CAPFAIL_SOCKADDR
- CAPFAIL_NAMEI
- CAPFAIL_CPUSET

A portion of these test cases create processes that do NOT enter
capability mode, but raise violations. This is intended behavior.
Users may run `ktrace -t p` on non-Capsicumized programs to detect
violations that would occur if the process were in capability mode.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

jfree created this revision.Jun 20 2023, 10:10 PM
Herald added subscribers: jonathan, imp. · View Herald TranscriptJun 20 2023, 10:10 PM
jfree requested review of this revision.Jun 20 2023, 10:10 PM
jfree added a parent revision: D40676: ktrace: Record detailed ECAPMODE violations.Jun 20 2023, 10:21 PM
jfree updated this revision to Diff 123578.Jun 20 2023, 10:40 PM

Use cap_svflags instead of cap_flags when determining kernel ABI with syscallabi().

jfree updated this revision to Diff 125299.Jul 28 2023, 4:07 PM

Fix formatting issue in license text

guest-patmaddox added a subscriber: guest-patmaddox.Jul 29 2023, 5:23 AM
markj accepted this revision.Jan 18 2024, 3:46 PM
This revision is now accepted and ready to land.Jan 18 2024, 3:46 PM
jfree updated this revision to Diff 135579.Mar 10 2024, 4:20 AM
  • Rename all instances of CAPFAIL_VFS to CAPFAIL_NAMEI
  • Rebase on main after several months
This revision now requires review to proceed.Mar 10 2024, 4:20 AM
Harbormaster completed remote builds in B56528: Diff 135579.Mar 10 2024, 4:21 AM
jfree edited the summary of this revision. (Show Details)Mar 10 2024, 4:21 AM
This revision was not accepted when it landed; it landed in state Needs Review.Apr 7 2024, 11:58 PM
Closed by commit rG2f39a986641e: tests: Add ktrace capability violation test cases (authored by jfree). · Explain Why
This revision was automatically updated to reflect the committed changes.
jfree added a commit: rG2f39a986641e: tests: Add ktrace capability violation test cases.
jfree added a commit: rG44952722a00b: tests: Add ktrace capability violation test cases.May 12 2024, 12:09 AM

Revision Contents
Changeset List

PathSize
tests/
sys/
kern/
2 lines
488 lines

Diff 123578

View Options

tests/sys/kern/Makefile

Loading...
View Options

tests/sys/kern/ktrace_test.c

Loading...