> On Jan 31, 2025, at 11:22 PM, Mark Johnston <ma...@freebsd.org> wrote:
>
> The branch main has been updated by markj:
>
> URL:
> https://cgit.FreeBSD.org/src/commit/?id=afc38f1f23ac3b579144d0d1d0c3fadf735d57bd
>
> commit afc38f1f23ac3b579144d0d1d0c3fadf735d57bd
> Author: Mark Johnston <ma...@freebsd.org>
> AuthorDate: 2025-01-31 15:20:04 +0000
> Commit: Mark Johnston <ma...@freebsd.org>
> CommitDate: 2025-01-31 15:22:24 +0000
>
> sysctl: Add a regression test which runs sysctl -a
>
> Run sysctl -a during the test suite so that KASAN/KMSAN have a chance to
> catch something.
>
> Inspired by https://jprx.io/cve-2024-54507/
That's a damn good example !
>
> Reviewed by: jhb, emaste
> MFC after: 2 weeks
> Sponsored by: Klara, Inc.
> Differential Revision: https://reviews.freebsd.org/D48659
> ---
> sbin/sysctl/tests/sysctl_test.sh | 57 ++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 57 insertions(+)
>
> diff --git a/sbin/sysctl/tests/sysctl_test.sh
> b/sbin/sysctl/tests/sysctl_test.sh
> index e932626a9f14..dfc32a87b212 100644
> --- a/sbin/sysctl/tests/sysctl_test.sh
> +++ b/sbin/sysctl/tests/sysctl_test.sh
> @@ -1,3 +1,6 @@
> +#
> +# SPDX-License-Identifier: BSD-2-Clause
> +#
> # Copyright (c) 2022 Yoshihiro Ota <o...@j.email.ne.jp>
> #
> # Redistribution and use in source and binary forms, with or without
> @@ -20,12 +23,64 @@
> # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
> # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
> # SUCH DAMAGE.
> +#
>
> sysctl_name="kern.ostype"
> sysctl_value="FreeBSD"
> sysctl_type="string"
> sysctl_description="Operating system type"
>
> +atf_test_case sysctl_aflag
> +sysctl_aflag_head()
> +{
> + atf_set "descr" "Exercise all sysctl handlers"
> +}
> +sysctl_aflag_body()
> +{
> + # Avoid using atf_check here since sysctl -ao generates tons of
> + # output and it would all otherwise be saved.
> + sysctl -ao >/dev/null 2>stderr
> + if [ $? -ne 0 ]; then
> + atf_fail "sysctl -ao failed"
> + elif [ -s stderr ]; then
> + cat stderr
> + atf_fail "sysctl -ao printed to stderr"
> + fi
> +}
> +
> +
> +atf_test_case sysctl_aflag_jail
> +sysctl_aflag_jail_head()
> +{
> + atf_set "descr" "Exercise all sysctl handlers in a jail"
> + atf_set "require.user" "root"
> +}
> +sysctl_aflag_jail_body()
> +{
> + local jail
> +
> + jail=sysctl_test_aflag_jail
> +
> + # Avoid using atf_check here since sysctl -ao generates tons of
> + # output and it would all otherwise be saved.
> + jail -c name=$jail command=sysctl -ao >/dev/null 2>stderr
> + if [ $? -ne 0 ]; then
> + atf_fail "sysctl -ao failed"
> + elif [ -s stderr ]; then
> + cat stderr
> + atf_fail "sysctl -ao printed to stderr"
> + fi
> +
> + jail -c name=$jail vnet command=sysctl -ao >/dev/null 2>stderr
> + if [ $? -ne 0 ]; then
> + atf_fail "sysctl -ao failed"
> + elif [ -s stderr ]; then
> + cat stderr
> + atf_fail "sysctl -ao printed to stderr"
> + fi
> +}
> +
> +
> atf_test_case sysctl_by_name
> sysctl_by_name_head()
> {
> @@ -106,6 +161,8 @@ sysctl_nflag_tflag_dflag_body()
>
> atf_init_test_cases()
> {
> + atf_add_test_case sysctl_aflag
> + atf_add_test_case sysctl_aflag_jail
> atf_add_test_case sysctl_by_name
> atf_add_test_case sysctl_nflag
> atf_add_test_case sysctl_eflag