187569f75SRobert Watson /*-
287569f75SRobert Watson * Copyright (c) 2006 Robert N. M. Watson
387569f75SRobert Watson * All rights reserved.
487569f75SRobert Watson *
587569f75SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project.
687569f75SRobert Watson *
787569f75SRobert Watson * Redistribution and use in source and binary forms, with or without
887569f75SRobert Watson * modification, are permitted provided that the following conditions
987569f75SRobert Watson * are met:
1087569f75SRobert Watson * 1. Redistributions of source code must retain the above copyright
1187569f75SRobert Watson * notice, this list of conditions and the following disclaimer.
1287569f75SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright
1387569f75SRobert Watson * notice, this list of conditions and the following disclaimer in the
1487569f75SRobert Watson * documentation and/or other materials provided with the distribution.
1587569f75SRobert Watson *
1687569f75SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
1787569f75SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1887569f75SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1987569f75SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
2087569f75SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2187569f75SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2287569f75SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2387569f75SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2487569f75SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2587569f75SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2687569f75SRobert Watson * SUCH DAMAGE.
2787569f75SRobert Watson */
2887569f75SRobert Watson
2987569f75SRobert Watson /*
3087569f75SRobert Watson * Simple audit pipe regression test to confirm that the ioctls for queue
3187569f75SRobert Watson * limit information basically work. No attempt is made to validate the
3287569f75SRobert Watson * queue length returned, however.
3387569f75SRobert Watson */
3487569f75SRobert Watson
3587569f75SRobert Watson #include <sys/types.h>
3687569f75SRobert Watson #include <sys/ioctl.h>
3787569f75SRobert Watson
3887569f75SRobert Watson #include <security/audit/audit_ioctl.h>
3987569f75SRobert Watson
4087569f75SRobert Watson #include <err.h>
4187569f75SRobert Watson #include <fcntl.h>
4287569f75SRobert Watson
4387569f75SRobert Watson int
main(int argc,char * argv[])4487569f75SRobert Watson main(int argc, char *argv[])
4587569f75SRobert Watson {
4687569f75SRobert Watson u_int len, minlen, maxlen;
4787569f75SRobert Watson u_int64_t astat;
4887569f75SRobert Watson int fd;
4987569f75SRobert Watson
5087569f75SRobert Watson fd = open("/dev/auditpipe", O_RDONLY);
5187569f75SRobert Watson if (fd < 0)
5287569f75SRobert Watson err(-1, "/dev/auditpipe");
5387569f75SRobert Watson
5487569f75SRobert Watson /*
5587569f75SRobert Watson * First, test that we can read the queue length, queue limit, and
5687569f75SRobert Watson * bounds on queue length limits.
5787569f75SRobert Watson */
5887569f75SRobert Watson len = (u_int)(-1);
5987569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_QLEN, &len) < 0)
6087569f75SRobert Watson err(-1, "AUDITPIPE_GET_QLEN");
6187569f75SRobert Watson if (len == (u_int)(-1))
6287569f75SRobert Watson errx(-1, "AUDITPIPE_GET_QLEN: unchanged");
6387569f75SRobert Watson
6487569f75SRobert Watson minlen = (u_int)(-1);
6587569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_QLIMIT_MIN, &minlen) < 0)
6687569f75SRobert Watson err(-1, "AUDITPIPE_GET_QLIMIT_MIN");
6787569f75SRobert Watson if (minlen == (u_int)(-1))
6887569f75SRobert Watson errx(-1, "AUDITPIPE_GET_QLIMIT_MIN: unchanged");
6987569f75SRobert Watson
7087569f75SRobert Watson maxlen = (u_int)(-1);
7187569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_QLIMIT_MAX, &maxlen) < 0)
7287569f75SRobert Watson err(-1, "AUDITPIPE_GET_QLIMIT_MAX");
7387569f75SRobert Watson if (maxlen == (u_int)(-1))
7487569f75SRobert Watson errx(-1, "AUDITPIPE_GET_QLIMIT_MAX: unchanged");
7587569f75SRobert Watson
7687569f75SRobert Watson len = (u_int)(-1);
7787569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_QLIMIT, &len) < 0)
7887569f75SRobert Watson err(-1, "AUDITPIPE_GET_QLIMIT");
7987569f75SRobert Watson if (len == (u_int)(-1))
8087569f75SRobert Watson errx(-1, "AUDITPIPE_GET_QLIMIT: unchanged");
8187569f75SRobert Watson
8287569f75SRobert Watson if (!(len >= minlen))
8387569f75SRobert Watson errx(-1, "queue length < minlen");
8487569f75SRobert Watson
8587569f75SRobert Watson if (!(len <= maxlen))
8687569f75SRobert Watson errx(-1, "queue length > maxlen");
8787569f75SRobert Watson
8887569f75SRobert Watson /*
8987569f75SRobert Watson * Try setting the queue length to first minimum, then maximum
9087569f75SRobert Watson * lengths. Query after each to make sure it changed.
9187569f75SRobert Watson */
9287569f75SRobert Watson len = minlen;
9387569f75SRobert Watson if (ioctl(fd, AUDITPIPE_SET_QLIMIT, &len) < 0)
9487569f75SRobert Watson err(-1, "AUDITPIPE_SET_QLIMIT(min)");
9587569f75SRobert Watson
9687569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_QLIMIT, &len) < 0)
9787569f75SRobert Watson err(-1, "AUDITPIPE_GET_QLIMIT");
9887569f75SRobert Watson
9987569f75SRobert Watson if (len != minlen)
10087569f75SRobert Watson errx(-1, "set to minlen didn't work");
10187569f75SRobert Watson
10287569f75SRobert Watson len = maxlen;
10387569f75SRobert Watson if (ioctl(fd, AUDITPIPE_SET_QLIMIT, &len) < 0)
10487569f75SRobert Watson err(-1, "AUDITPIPE_SET_QLIMIT(max)");
10587569f75SRobert Watson
10687569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_QLIMIT, &len) < 0)
10787569f75SRobert Watson err(-1, "AUDITPIPE_GETQLIMIT");
10887569f75SRobert Watson
10987569f75SRobert Watson if (len != maxlen)
11087569f75SRobert Watson errx(-1, "set to maxlen didn't work");
11187569f75SRobert Watson
11287569f75SRobert Watson /*
11387569f75SRobert Watson * Check that we can query the defined stats. No attempt to
11487569f75SRobert Watson * validate.
11587569f75SRobert Watson */
11687569f75SRobert Watson astat = (u_int64_t)(int64_t)(-1);
11787569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_INSERTS, &astat) < 0)
11887569f75SRobert Watson err(-1, "AUDITPIPE_GET_INSERTS");
11987569f75SRobert Watson if (astat == (u_int64_t)(int64_t)(-1))
12087569f75SRobert Watson errx(-1, "AUDITPIPE_GET_INSERTS: unchanged");
12187569f75SRobert Watson
12287569f75SRobert Watson astat = (u_int64_t)(int64_t)(-1);
12387569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_READS, &astat) < 0)
12487569f75SRobert Watson err(-1, "AUDITPIPE_GET_READS");
12587569f75SRobert Watson if (astat == (u_int64_t)(int64_t)(-1))
12687569f75SRobert Watson errx(-1, "AUDITPIPE_GET_READS: unchanged");
12787569f75SRobert Watson
12887569f75SRobert Watson astat = (u_int64_t)(int64_t)(-1);
12987569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_DROPS, &astat) < 0)
13087569f75SRobert Watson err(-1, "AUDITPIPE_GET_DROPS");
13187569f75SRobert Watson if (astat == (u_int64_t)(int64_t)(-1))
13287569f75SRobert Watson errx(-1, "AUDITPIPE_GET_DROPS: unchanged");
13387569f75SRobert Watson
13487569f75SRobert Watson astat = (u_int64_t)(int64_t)(-1);
13587569f75SRobert Watson if (ioctl(fd, AUDITPIPE_GET_TRUNCATES, &astat) < 0)
13687569f75SRobert Watson err(-1, "AUDITPIPE_GET_TRUNCATES");
13787569f75SRobert Watson if (astat == (u_int64_t)(int64_t)(-1))
13887569f75SRobert Watson errx(-1, "AUDITPIPE_GET_TRUNCATES: unchanged");
13987569f75SRobert Watson
14087569f75SRobert Watson return (0);
14187569f75SRobert Watson }
142