1#!/bin/sh
2################################################################################
3##                                                                            ##
4## Copyright (C) 2009 IBM Corporation                                         ##
5##                                                                            ##
6## This program is free software;  you can redistribute it and#or modify      ##
7## it under the terms of the GNU General Public License as published by       ##
8## the Free Software Foundation; either version 2 of the License, or          ##
9## (at your option) any later version.                                        ##
10##                                                                            ##
11## This program is distributed in the hope that it will be useful, but        ##
12## WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ##
13## or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License   ##
14## for more details.                                                          ##
15##                                                                            ##
16## You should have received a copy of the GNU General Public License          ##
17## along with this program;  if not, write to the Free Software               ##
18## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA    ##
19##                                                                            ##
20################################################################################
21#
22# File :        ima_violations.sh
23#
24# Description:  This file tests ToMToU and open_writer violations invalidate
25#		the PCR and are logged.
26#
27# Author:       Mimi Zohar, zohar@ibm.vnet.ibm.com
28#
29# Return        - zero on success
30#               - non zero on failure. return value from commands ($RC)
31################################################################################
32
33export TST_TOTAL=3
34export TCID="ima_violations"
35
36open_file_read()
37{
38	exec 3< $1
39	if [ $? -ne 0 ]; then
40		exit 1
41	fi
42}
43
44close_file_read()
45{
46	exec 3>&-
47}
48
49open_file_write()
50{
51	exec 4> $1
52	if [ $? -ne 0 ]; then
53		exit 1
54	echo 'testing, testing, ' >&4
55	fi
56}
57
58close_file_write()
59{
60	exec 4>&-
61}
62
63init()
64{
65	service auditd status > /dev/null 2>&1
66	if [ $? -ne 0 ]; then
67		log=/var/log/messages
68	else
69		log=/var/log/audit/audit.log
70		tst_resm TINFO "requires integrity auditd patch"
71	fi
72
73	ima_violations=$SECURITYFS/ima/violations
74}
75
76# Function:     test01
77# Description	- Verify open writers violation
78test01()
79{
80	read num_violations < $ima_violations
81
82	TMPFN=test.txt
83	open_file_write $TMPFN
84	open_file_read $TMPFN
85	close_file_read
86	close_file_write
87	read num_violations_new < $ima_violations
88	num=$(($(expr $num_violations_new - $num_violations)))
89	if [ $num -gt 0 ]; then
90		tail $log | grep test.txt | grep -q 'open_writers'
91		if [ $? -eq 0 ]; then
92			tst_resm TPASS "open_writers violation added(test.txt)"
93		else
94			tst_resm TFAIL "(message ratelimiting?)"
95		fi
96	else
97		tst_resm TFAIL "open_writers violation not added(test.txt)"
98	fi
99}
100
101# Function:     test02
102# Description   - Verify ToMToU violation
103test02()
104{
105	read num_violations < $ima_violations
106
107	TMPFN=test.txt
108	open_file_read $TMPFN
109	open_file_write $TMPFN
110	close_file_write
111	close_file_read
112	read num_violations_new < $ima_violations
113	num=$(($(expr $num_violations_new - $num_violations)))
114	if [ $num -gt 0 ]; then
115		tail $log | grep test.txt | grep -q 'ToMToU'
116		if [ $? -eq 0 ]; then
117			tst_resm TPASS "ToMToU violation added(test.txt)"
118		else
119			tst_resm TFAIL "(message ratelimiting?)"
120		fi
121	else
122		tst_resm TFAIL "ToMToU violation not added(test.txt)"
123	fi
124}
125
126# Function:     test03
127# Description 	- verify open_writers using mmapped files
128test03()
129{
130	read num_violations < $ima_violations
131
132	TMPFN=test.txtb
133	echo 'testing testing ' > $TMPFN
134	ima_mmap $TMPFN & p1=$!
135	sleep 1		# got to wait for ima_mmap to mmap the file
136	open_file_read $TMPFN
137	read num_violations_new < $ima_violations
138	num=$(($(expr $num_violations_new - $num_violations)))
139	if [ $num -gt 0 ]; then
140		tail $log | grep test.txtb | grep -q 'open_writers'
141		if [ $? -eq 0 ]; then
142			tst_resm TPASS "mmapped open_writers violation added(test.txtb)"
143		else
144			tst_resm TFAIL "(message ratelimiting?)"
145		fi
146	else
147		tst_resm TFAIL "mmapped open_writers violation not added(test.txtb)"
148	fi
149	close_file_read
150}
151
152. ima_setup.sh
153
154setup
155TST_CLEANUP=cleanup
156
157init
158test01
159test02
160test03
161
162tst_exit
163