From 5e200ffe39ad8d7adade5eae1092e7a10c8992ad Mon Sep 17 00:00:00 2001 From: Yoann Ghigoff Date: Mon, 18 Dec 2023 19:41:31 +0100 Subject: [PATCH] [SEC-11866] cws-instrumentation: add selftests command (#21445) [SEC-11866] cws-instrumentation: add selftests command --- .../subcommands/selftestscmd/selftests.go | 81 +++++++++++++++++++ .../subcommands/tracecmd/trace.go | 3 + 2 files changed, 84 insertions(+) create mode 100644 cmd/cws-instrumentation/subcommands/selftestscmd/selftests.go diff --git a/cmd/cws-instrumentation/subcommands/selftestscmd/selftests.go b/cmd/cws-instrumentation/subcommands/selftestscmd/selftests.go new file mode 100644 index 0000000000000..4908862b7fbf6 --- /dev/null +++ b/cmd/cws-instrumentation/subcommands/selftestscmd/selftests.go @@ -0,0 +1,81 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +//go:build linux + +// Package selftestscmd holds the selftests command of CWS injector +package selftestscmd + +import ( + "errors" + "os" + "os/exec" + "strings" + + "github.com/spf13/cobra" +) + +type execParams struct { + enabled bool + path string + args string +} + +type openParams struct { + enabled bool + path string +} + +type selftestsCliParams struct { + exec execParams + open openParams +} + +// Command returns the commands for the selftests subcommand +func Command() []*cobra.Command { + var params selftestsCliParams + + selftestsCmd := &cobra.Command{ + Use: "selftests", + Short: "run selftests against the tracer", + RunE: func(cmd *cobra.Command, args []string) error { + var err error + if params.exec.enabled { + err = errors.Join(err, selftestExec(¶ms.exec)) + } + if params.open.enabled { + err = errors.Join(err, selftestOpen(¶ms.open)) + } + return err + }, + } + + selftestsCmd.Flags().BoolVar(¶ms.exec.enabled, "exec", false, "run the exec selftest") + selftestsCmd.Flags().StringVar(¶ms.exec.path, "exec.path", "/usr/bin/date", "path to the file to execute") + selftestsCmd.Flags().StringVar(¶ms.exec.args, "exec.args", "", "arguments to pass to the executable") + selftestsCmd.Flags().BoolVar(¶ms.open.enabled, "open", false, "run the open selftest") + selftestsCmd.Flags().StringVar(¶ms.open.path, "open.path", "/tmp/open.test", "path to the file to open") + + return []*cobra.Command{selftestsCmd} +} + +func selftestExec(params *execParams) error { + if params.args != "" { + return exec.Command(params.path, strings.Split(params.args, " ")...).Run() + } + return exec.Command(params.path).Run() +} + +func selftestOpen(params *openParams) error { + f, createErr := os.OpenFile(params.path, os.O_CREATE|os.O_EXCL, 0400) + if createErr != nil { + f, openErr := os.Open(params.path) + if openErr != nil { + return errors.Join(createErr, openErr) + } + return f.Close() + } + return errors.Join(f.Close(), os.Remove(params.path)) +} diff --git a/cmd/cws-instrumentation/subcommands/tracecmd/trace.go b/cmd/cws-instrumentation/subcommands/tracecmd/trace.go index 379573e97d4f4..29db0e7d7cb29 100644 --- a/cmd/cws-instrumentation/subcommands/tracecmd/trace.go +++ b/cmd/cws-instrumentation/subcommands/tracecmd/trace.go @@ -11,6 +11,7 @@ package tracecmd import ( "github.com/spf13/cobra" + "github.com/DataDog/datadog-agent/cmd/cws-instrumentation/subcommands/selftestscmd" "github.com/DataDog/datadog-agent/pkg/security/ptracer" ) @@ -58,5 +59,7 @@ func Command() []*cobra.Command { traceCmd.Flags().Int32Var(¶ms.UID, uid, -1, "uid used to start the tracee") traceCmd.Flags().Int32Var(¶ms.GID, gid, -1, "gid used to start the tracee") + traceCmd.AddCommand(selftestscmd.Command()...) + return []*cobra.Command{traceCmd} }