#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# SPDX-License-Identifier: GPLv2
# Copyright (c) 2022 Red Hat, Inc.
# Author: Ondrej Mosnacek <omosnace@redhat.com>

# Include Beakerlib environment
. /usr/share/beakerlib/beakerlib.sh || exit 1

function check_avc_begin() {
    sleep 1.1
    date +'%x %T'
    sleep 1.1
}

function check_avc_end() {
    marker="marker-$RANDOM"

    auditctl -m "$marker"

    for (( i = 0; i < 100; i++ )); do
        if ausearch -i -m user -ts $1 2>/dev/null </dev/null | \
            grep -q "$marker"
        then
            echo $i
            break
        fi
        sleep 0.1
    done

    ausearch -i -m avc -ts $1 </dev/null
}

rlJournalStart
    rlPhaseStartSetup
        rlRun "uname -r" 0 "Print kernel version"

        for prog in sctp_bz2048251_client sctp_bz2048251_server; do
            rlRun "gcc -O2 -Wall -o $prog sctp_common.c $prog.c -lsctp" 0 \
                "Compile $prog"
        done
        rlRun "modprobe sctp" 0 "Ensure SCTP module is loaded"
        rlRun "mkfifo flag" 0 "Create a fifo file for test"
    rlPhaseEnd

    rlPhaseStartTest
        rlRun "audit_ts=\"\$(check_avc_begin)\""

        rlRun "timeout 30 ./sctp_bz2048251_server -f flag -4 9999 &" 0 "Start the server"
        rlRun "read -t 5 <>flag" 0 "Wait for the server to start listening"
        rlRun "./sctp_bz2048251_client 127.0.0.1 9999" 0 "Run the client"
        rlRun "wait" 0 "Wait for the server to exit"

        rlRun "check_avc_end \"\$audit_ts\"" 1 "Check if there are AVC denials"
    rlPhaseEnd

    rlPhaseStartCleanup
        rlRun "rm -f sctp_bz2048251_client sctp_bz2048251_server flag"
    rlPhaseEnd
rlJournalPrintText
rlJournalEnd