pf tests: Basic ioctl validation for DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and DIOCRSETTFLAGS

Validate the DIOCRGETTABLES, DIOCRGETTSTATS, DIOCRCLRTSTATS and
DIOCRSETTFLAGS ioctls with invalid values. These may succeed (because
the kernel uses the minimally required size, not the specified size),
but should not trigger kernel panics.

MFC after:	1 week

tests/sys/netpfil/pf/ioctl/validation.c

@@ -51,6 +51,16 @@ static int dev;
 #define COMMON_CLEANUP() \
 	close(dev);
 
+void
+common_init_tbl(struct pfr_table *tbl)
+{
+	bzero(tbl, sizeof(struct pfr_table));
+	strcpy(tbl->pfrt_anchor, "anchor");
+	strcpy(tbl->pfrt_name, "name");
+	tbl->pfrt_flags = 0;
+	tbl->pfrt_fback = 0;
+}
+
 ATF_TC_WITHOUT_HEAD(addtables);
 ATF_TC_BODY(addtables, tc)
 {
@@ -121,10 +131,138 @@ ATF_TC_BODY(deltables, tc)
 	COMMON_CLEANUP();
 }
 
+ATF_TC_WITHOUT_HEAD(gettables);
+ATF_TC_BODY(gettables, tc)
+{
+	struct pfioc_table io;
+	struct pfr_table tbl;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &tbl;
+	io.pfrio_esize = sizeof(tbl);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRGETTABLES, &io) != 0)
+		atf_tc_fail("Request with size -1 failed");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 24;
+	if (ioctl(dev, DIOCRGETTABLES, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
+ATF_TC_WITHOUT_HEAD(gettstats);
+ATF_TC_BODY(gettstats, tc)
+{
+	struct pfioc_table io;
+	struct pfr_tstats stats;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &stats;
+	io.pfrio_esize = sizeof(stats);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRGETTSTATS, &io) != 0)
+		atf_tc_fail("Request with size -1 failed");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 24;
+	if (ioctl(dev, DIOCRGETTSTATS, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
+ATF_TC_WITHOUT_HEAD(clrtstats);
+ATF_TC_BODY(clrtstats, tc)
+{
+	struct pfioc_table io;
+	struct pfr_table tbl;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	common_init_tbl(&tbl);
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &tbl;
+	io.pfrio_esize = sizeof(tbl);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRCLRTSTATS, &io) != 0)
+		atf_tc_fail("Request with size -1 failed ");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 24;
+	if (ioctl(dev, DIOCRCLRTSTATS, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
+ATF_TC_WITHOUT_HEAD(settflags);
+ATF_TC_BODY(settflags, tc)
+{
+	struct pfioc_table io;
+	struct pfr_table tbl;
+	int flags;
+
+	COMMON_HEAD();
+
+	flags = 0;
+
+	common_init_tbl(&tbl);
+
+	bzero(&io, sizeof(io));
+	io.pfrio_flags = flags;
+	io.pfrio_buffer = &tbl;
+	io.pfrio_esize = sizeof(tbl);
+
+	/* Negative size. This will succeed, because the kernel will not copy
+	 * tables than it has. */
+	io.pfrio_size = -1;
+	if (ioctl(dev, DIOCRSETTFLAGS, &io) != 0)
+		atf_tc_fail("Request with size -1 failed");
+
+	/* Overly large size. See above. */
+	io.pfrio_size = 1 << 28;
+	if (ioctl(dev, DIOCRSETTFLAGS, &io) != 0)
+		atf_tc_fail("Request with size 1 << 24 failed");
+
+	COMMON_CLEANUP();
+}
+
 ATF_TP_ADD_TCS(tp)
 {
 	ATF_TP_ADD_TC(tp, addtables);
 	ATF_TP_ADD_TC(tp, deltables);
+	ATF_TP_ADD_TC(tp, gettables);
+	ATF_TP_ADD_TC(tp, gettstats);
+	ATF_TP_ADD_TC(tp, clrtstats);
+	ATF_TP_ADD_TC(tp, settflags);
 
 	return (atf_no_error());
 }