From 0e59fe4a1c718a4933dd9d458a49498ca0590f17 Mon Sep 17 00:00:00 2001 From: bluhm Date: Sat, 26 Feb 2022 20:14:06 +0000 Subject: [PATCH] Allow pledged pf ioctl test to pass also when pf is disabled. --- regress/sys/kern/pledge/ioctl/Makefile | 35 ++++++++---------------- regress/sys/kern/pledge/ioctl/expected | 1 - regress/sys/kern/pledge/ioctl/pfioctl1.c | 6 ++-- regress/sys/kern/pledge/ioctl/pfioctl2.c | 6 ++-- regress/sys/kern/pledge/ioctl/unfdpass.c | 25 ++++++++--------- 5 files changed, 29 insertions(+), 44 deletions(-) delete mode 100644 regress/sys/kern/pledge/ioctl/expected diff --git a/regress/sys/kern/pledge/ioctl/Makefile b/regress/sys/kern/pledge/ioctl/Makefile index e1efdb4b6e0..20f78056e5e 100644 --- a/regress/sys/kern/pledge/ioctl/Makefile +++ b/regress/sys/kern/pledge/ioctl/Makefile @@ -1,29 +1,18 @@ -# $OpenBSD: Makefile,v 1.2 2017/02/21 16:31:58 bluhm Exp $ -TEST_CASES_OK+= pfioctl1 -TEST_CASES_FAILED+= pfioctl2 +# $OpenBSD: Makefile,v 1.3 2022/02/26 20:14:06 bluhm Exp $ -REGRESS_TARGETS= tests_ok tests_failed do-unfdpass1 -WARNINGS= Yes -CFLAGS+= -Wall -Wundef -Werror -CLEANFILES+= ${TEST_CASES_OK} ${TEST_CASES_FAILED} *.core \ - file1 file2 file3 output test-sock unfdpass +PROGS= pfioctl1 pfioctl2 unfdpass +WARNINGS= Yes -tests_ok: ${TEST_CASES_OK} - @for test in $>; do \ - ${SUDO} ./$$test; \ - done +run-regress-pfioctl1: pfioctl1 + ${SUDO} ./pfioctl1 -tests_failed: ${TEST_CASES_FAILED} - @for test in $>; do \ - rm -f ./$$test.core; \ - if ${SUDO} ./$$test; then false; else true; fi; \ - rm -f ./$$test.core; \ - done +run-regress-pfioctl2: pfioctl2 + ${SUDO} rm -f pfioctl2.core + ulimit -c unlimited; ! ${SUDO} ./pfioctl2 + ${SUDO} rm pfioctl2.core -do-unfdpass1: unfdpass - ${SUDO} ./unfdpass > output - cmp -s ${.CURDIR}/expected output -# ${SUDO} ./unfdpass -f > output -# cmp -s ${.CURDIR}/expectedfail output +run-regress-unfdpass: unfdpass + ${SUDO} ./unfdpass + ${SUDO} ./unfdpass -f .include diff --git a/regress/sys/kern/pledge/ioctl/expected b/regress/sys/kern/pledge/ioctl/expected deleted file mode 100644 index 72f1cd115f7..00000000000 --- a/regress/sys/kern/pledge/ioctl/expected +++ /dev/null @@ -1 +0,0 @@ -pf is running diff --git a/regress/sys/kern/pledge/ioctl/pfioctl1.c b/regress/sys/kern/pledge/ioctl/pfioctl1.c index d751255ac0e..733b08310bb 100644 --- a/regress/sys/kern/pledge/ioctl/pfioctl1.c +++ b/regress/sys/kern/pledge/ioctl/pfioctl1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfioctl1.c,v 1.2 2017/03/24 21:18:00 benno Exp $ */ +/* $OpenBSD: pfioctl1.c,v 1.3 2022/02/26 20:14:06 bluhm Exp $ */ /* * Copyright (c) 2016 Sebastian Benoit * @@ -41,7 +41,7 @@ test_pf_status(int s) if (ioctl(s, DIOCGETSTATUS, &status) == -1) err(1, "%s: DIOCGETSTATUS", __func__); if (!status.running) - errx(1, "%s: pf is disabled", __func__); + warnx("%s: pf is disabled", __func__); return (ret); } @@ -60,7 +60,7 @@ main(int argc, char *argv[]) test_pf_status(s); if (pledge("stdio pf", NULL) == -1) - errx(1, "pledge"); + err(1, "pledge"); printf("pf ioctl with file opened before pledge succeeds (2)\n"); test_pf_status(s); diff --git a/regress/sys/kern/pledge/ioctl/pfioctl2.c b/regress/sys/kern/pledge/ioctl/pfioctl2.c index 4abf5d930f4..36d78d1d5f7 100644 --- a/regress/sys/kern/pledge/ioctl/pfioctl2.c +++ b/regress/sys/kern/pledge/ioctl/pfioctl2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfioctl2.c,v 1.2 2017/03/24 21:18:00 benno Exp $ */ +/* $OpenBSD: pfioctl2.c,v 1.3 2022/02/26 20:14:06 bluhm Exp $ */ /* * Copyright (c) 2016 Sebastian Benoit * @@ -41,7 +41,7 @@ test_pf_status(int s) if (ioctl(s, DIOCGETSTATUS, &status) == -1) err(1, "%s: DIOCGETSTATUS", __func__); if (!status.running) - errx(1, "%s: pf is disabled", __func__); + warnx("%s: pf is disabled", __func__); return (ret); } @@ -54,7 +54,7 @@ main(int argc, char *argv[]) printf("pf ioctl with file opened after pledge fails\n"); if (pledge("stdio pf", NULL) == -1) - errx(1, "pledge"); + err(1, "pledge"); /* this fd is not fdpledged, test should fail */ if ((s = open(PF_SOCKET, O_RDWR)) == -1) { diff --git a/regress/sys/kern/pledge/ioctl/unfdpass.c b/regress/sys/kern/pledge/ioctl/unfdpass.c index 143b5dff743..6ff953278c5 100644 --- a/regress/sys/kern/pledge/ioctl/unfdpass.c +++ b/regress/sys/kern/pledge/ioctl/unfdpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: unfdpass.c,v 1.2 2021/12/13 16:56:50 deraadt Exp $ */ +/* $OpenBSD: unfdpass.c,v 1.3 2022/02/26 20:14:06 bluhm Exp $ */ /* $NetBSD: unfdpass.c,v 1.3 1998/06/24 23:51:30 thorpej Exp $ */ /*- @@ -86,7 +86,7 @@ main(int argc, char *argv[]) if (pledge("stdio rpath wpath sendfd recvfd proc pf", NULL) == -1) - errx(1, "pledge"); + err(1, "pledge"); if ((fdpf_postpledge = open("/dev/pf", O_RDWR)) == -1) { err(1, "%s: cannot open pf socket", __func__); @@ -131,7 +131,7 @@ main(int argc, char *argv[]) } if (pledge("stdio recvfd pf", NULL) == -1) - errx(1, "pledge"); + err(1, "pledge"); /* * Give sender a chance to run. We will get going again @@ -182,20 +182,17 @@ main(int argc, char *argv[]) * Read the files and print their contents. */ if (files == NULL) - warnx("didn't get fd control message"); - else { - if (ioctl(files[0], DIOCGETSTATUS, &status) == -1) - err(1, "%s: DIOCGETSTATUS", __func__); - if (!status.running) - errx(1, "%s: pf is disabled", __func__); - else - printf("pf is running\n"); - } + errx(1, "didn't get fd control message"); + + if (ioctl(files[0], DIOCGETSTATUS, &status) == -1) + err(1, "%s: DIOCGETSTATUS", __func__); + if (!status.running) + warnx("%s: pf is disabled", __func__); /* * All done! */ - exit(0); + return 0; } void @@ -241,5 +238,5 @@ child(int sock, int fdpf) /* * All done! */ - exit(0); + _exit(0); } -- 2.20.1