Attachment #248468 for bug #277057

View | Details | Raw Unified | Return to bug 277057
Collapse All | Expand All

Lines 5-10 TESTSDIR= ${TESTSBASE}/sys/capsicum Link Here

(-)b/tests/sys/capsicum/Makefile (+1 lines)
5		5
6	ATF_TESTS_C+= bindat_connectat	6	ATF_TESTS_C+= bindat_connectat
7	ATF_TESTS_C+= ioctls_test	7	ATF_TESTS_C+= ioctls_test
		8	ATF_TESTS_C+= rights
8		9
9	CFLAGS+= -I${SRCTOP}/tests	10	CFLAGS+= -I${SRCTOP}/tests
10		11




#include <sys/capsicum.h>
#include <sys/filio.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

#include <atf-c.h>

#include "freebsd_test_suite/macros.h"

const static uint64_t idx0_rights[] = {
	CAP_READ,
	CAP_WRITE,
	CAP_SEEK_TELL,
	CAP_MMAP,
	CAP_CREATE,
	CAP_FEXECVE,
	CAP_FSYNC,
	CAP_FTRUNCATE,
	CAP_LOOKUP,
	CAP_FCHDIR,
	CAP_FCHFLAGS,
	CAP_FCHMOD,
	CAP_FCHOWN,
	CAP_FCNTL,
	CAP_FLOCK,
	CAP_FPATHCONF,
	CAP_FSCK,
	CAP_FSTAT,
	CAP_FSTATFS,
	CAP_FUTIMES,
	CAP_ACCEPT,
	CAP_BIND,
	CAP_CONNECT,
	CAP_GETPEERNAME,
	CAP_GETSOCKNAME,
	CAP_GETSOCKOPT,
	CAP_LISTEN,
	CAP_PEELOFF,
	CAP_SETSOCKOPT,
	CAP_SHUTDOWN,
	CAP_ALL0,
	// The "unused" rights will fail cap_rights_is_valid
	//CAP_UNUSED0_44,
	//CAP_UNUSED0_57,
};

const static uint64_t idx1_rights[] = {
	CAP_MAC_GET,
	CAP_MAC_SET,
	CAP_SEM_GETVALUE,
	CAP_SEM_POST,
	CAP_SEM_WAIT,
	CAP_EVENT,
	CAP_KQUEUE_EVENT,
	CAP_IOCTL,
	CAP_TTYHOOK,
	CAP_PDGETPID,
	CAP_PDWAIT,
	CAP_PDKILL,
	CAP_EXTATTR_DELETE,
	CAP_EXTATTR_GET,
	CAP_EXTATTR_LIST,
	CAP_EXTATTR_SET,
	CAP_ACL_CHECK,
	CAP_ACL_DELETE,
	CAP_ACL_GET,
	CAP_ACL_SET,
	CAP_KQUEUE_CHANGE,
	CAP_ALL1,
	// The "unused" rights will fail cap_rights_is_valid
	//CAP_UNUSED1_22,
	//CAP_UNUSED1_57,
};

// Verify that rights with index 0 can be ORed
ATF_TC_WITHOUT_HEAD(orable_0);
ATF_TC_BODY(orable_0, tc)
{
	cap_rights_t r1, r2;
	unsigned long i, j;

	for (i = 0; i < nitems(idx0_rights) - 1; i++) {
		for (j = i + 1; j < nitems(idx0_rights); j++) {
			fprintf(stderr, "%lu | %lu\n", i, j);
			bzero(&r1, sizeof(r1));
			bzero(&r2, sizeof(r2));

			cap_rights_init(&r1, idx0_rights[i] | idx0_rights[j]);
			ATF_CHECK(cap_rights_is_valid(&r1));

			cap_rights_init(&r2, idx0_rights[i]);
			cap_rights_set(&r2, idx0_rights[j]);
			ATF_CHECK(cap_rights_is_valid(&r2));

			ATF_CHECK_EQ(r1.cr_rights[0], r2.cr_rights[0]);
			ATF_CHECK_EQ(r1.cr_rights[1], r2.cr_rights[1]);
		}
	}
}

// Verify that rights with index 1 can be ORed
ATF_TC_WITHOUT_HEAD(orable_1);
ATF_TC_BODY(orable_1, tc)
{
	cap_rights_t r1, r2;
	unsigned long i, j;

	for (i = 0; i < nitems(idx1_rights) - 1; i++) {
		for (j = i + 1; j < nitems(idx1_rights); j++) {
			fprintf(stderr, "%lu | %lu\n", i, j);
			bzero(&r1, sizeof(r1));
			bzero(&r2, sizeof(r2));

			cap_rights_init(&r1, idx1_rights[i] | idx1_rights[j]);
			ATF_CHECK(cap_rights_is_valid(&r1));

			cap_rights_init(&r2, idx1_rights[i]);
			cap_rights_set(&r2, idx1_rights[j]);
			ATF_CHECK(cap_rights_is_valid(&r2));

			ATF_CHECK_EQ(r1.cr_rights[0], r2.cr_rights[0]);
			ATF_CHECK_EQ(r1.cr_rights[1], r2.cr_rights[1]);
		}
	}
}

// Verify that rights with index 0 can be ORed with rights with index 1
ATF_TC_WITHOUT_HEAD(orable_01);
ATF_TC_BODY(orable_01, tc)
{
	cap_rights_t r1, r2;
	unsigned long i, j;

	for (i = 0; i < nitems(idx0_rights); i++) {
		for (j = 0; j < nitems(idx1_rights); j++) {
			fprintf(stderr, "%lu | %lu\n", i, j);
			bzero(&r1, sizeof(r1));
			bzero(&r2, sizeof(r2));

			cap_rights_init(&r1, idx0_rights[i] | idx1_rights[j]);
			ATF_CHECK(cap_rights_is_valid(&r1));

			cap_rights_init(&r2, idx0_rights[i]);
			cap_rights_set(&r2, idx1_rights[j]);
			ATF_CHECK(cap_rights_is_valid(&r2));

			ATF_CHECK_EQ(r1.cr_rights[0], r2.cr_rights[0]);
			ATF_CHECK_EQ(r1.cr_rights[1], r2.cr_rights[1]);
		}
	}
}

ATF_TP_ADD_TCS(tp)
{

	ATF_TP_ADD_TC(tp, orable_0);
	ATF_TP_ADD_TC(tp, orable_1);
	ATF_TP_ADD_TC(tp, orable_01);

	return (atf_no_error());
}

Return to bug 277057

Added Link Here

(-)b/tests/sys/capsicum/rights.c (-1 / +165 lines)
0	-	1	#include <sys/capsicum.h>
		2	#include <sys/filio.h>
		3	#include <sys/socket.h>
		4	#include <sys/wait.h>
		5	#include <netinet/in.h>
		6	#include <stdio.h>
		7	#include <stdlib.h>
		8	#include <unistd.h>
		9
		10	#include <atf-c.h>
		11
		12	#include "freebsd_test_suite/macros.h"
		13
		14	const static uint64_t idx0_rights[] = {
		15	CAP_READ,
		16	CAP_WRITE,
		17	CAP_SEEK_TELL,
		18	CAP_MMAP,
		19	CAP_CREATE,
		20	CAP_FEXECVE,
		21	CAP_FSYNC,
		22	CAP_FTRUNCATE,
		23	CAP_LOOKUP,
		24	CAP_FCHDIR,
		25	CAP_FCHFLAGS,
		26	CAP_FCHMOD,
		27	CAP_FCHOWN,
		28	CAP_FCNTL,
		29	CAP_FLOCK,
		30	CAP_FPATHCONF,
		31	CAP_FSCK,
		32	CAP_FSTAT,
		33	CAP_FSTATFS,
		34	CAP_FUTIMES,
		35	CAP_ACCEPT,
		36	CAP_BIND,
		37	CAP_CONNECT,
		38	CAP_GETPEERNAME,
		39	CAP_GETSOCKNAME,
		40	CAP_GETSOCKOPT,
		41	CAP_LISTEN,
		42	CAP_PEELOFF,
		43	CAP_SETSOCKOPT,
		44	CAP_SHUTDOWN,
		45	CAP_ALL0,
		46	// The "unused" rights will fail cap_rights_is_valid
		47	//CAP_UNUSED0_44,
		48	//CAP_UNUSED0_57,
		49	};
		50
		51	const static uint64_t idx1_rights[] = {
		52	CAP_MAC_GET,
		53	CAP_MAC_SET,
		54	CAP_SEM_GETVALUE,
		55	CAP_SEM_POST,
		56	CAP_SEM_WAIT,
		57	CAP_EVENT,
		58	CAP_KQUEUE_EVENT,
		59	CAP_IOCTL,
		60	CAP_TTYHOOK,
		61	CAP_PDGETPID,
		62	CAP_PDWAIT,
		63	CAP_PDKILL,
		64	CAP_EXTATTR_DELETE,
		65	CAP_EXTATTR_GET,
66	CAP_EXTATTR_LIST,
67	CAP_EXTATTR_SET,
68	CAP_ACL_CHECK,
69	CAP_ACL_DELETE,
70	CAP_ACL_GET,
71	CAP_ACL_SET,
72	CAP_KQUEUE_CHANGE,
73	CAP_ALL1,
74	// The "unused" rights will fail cap_rights_is_valid
75	//CAP_UNUSED1_22,
76	//CAP_UNUSED1_57,
77	};
78
79	// Verify that rights with index 0 can be ORed
80	ATF_TC_WITHOUT_HEAD(orable_0);
81	ATF_TC_BODY(orable_0, tc)
82	{
83	cap_rights_t r1, r2;
84	unsigned long i, j;
85
86	for (i = 0; i < nitems(idx0_rights) - 1; i++) {
87	for (j = i + 1; j < nitems(idx0_rights); j++) {
88	fprintf(stderr, "%lu \| %lu\n", i, j);
89	bzero(&r1, sizeof(r1));
90	bzero(&r2, sizeof(r2));
91
92	cap_rights_init(&r1, idx0_rights[i] \| idx0_rights[j]);
93	ATF_CHECK(cap_rights_is_valid(&r1));
94
95	cap_rights_init(&r2, idx0_rights[i]);
96	cap_rights_set(&r2, idx0_rights[j]);
97	ATF_CHECK(cap_rights_is_valid(&r2));
98
99	ATF_CHECK_EQ(r1.cr_rights[0], r2.cr_rights[0]);
100	ATF_CHECK_EQ(r1.cr_rights[1], r2.cr_rights[1]);
101	}
102	}
103	}
104
105	// Verify that rights with index 1 can be ORed
106	ATF_TC_WITHOUT_HEAD(orable_1);
107	ATF_TC_BODY(orable_1, tc)
108	{
109	cap_rights_t r1, r2;
110	unsigned long i, j;
111
112	for (i = 0; i < nitems(idx1_rights) - 1; i++) {
113	for (j = i + 1; j < nitems(idx1_rights); j++) {
114	fprintf(stderr, "%lu \| %lu\n", i, j);
115	bzero(&r1, sizeof(r1));
116	bzero(&r2, sizeof(r2));
117
118	cap_rights_init(&r1, idx1_rights[i] \| idx1_rights[j]);
119	ATF_CHECK(cap_rights_is_valid(&r1));
120
121	cap_rights_init(&r2, idx1_rights[i]);
122	cap_rights_set(&r2, idx1_rights[j]);
123	ATF_CHECK(cap_rights_is_valid(&r2));
124
125	ATF_CHECK_EQ(r1.cr_rights[0], r2.cr_rights[0]);
126	ATF_CHECK_EQ(r1.cr_rights[1], r2.cr_rights[1]);
127	}
128	}
129	}
130
131	// Verify that rights with index 0 can be ORed with rights with index 1
132	ATF_TC_WITHOUT_HEAD(orable_01);
133	ATF_TC_BODY(orable_01, tc)
134	{
135	cap_rights_t r1, r2;
136	unsigned long i, j;
137
138	for (i = 0; i < nitems(idx0_rights); i++) {
139	for (j = 0; j < nitems(idx1_rights); j++) {
140	fprintf(stderr, "%lu \| %lu\n", i, j);
141	bzero(&r1, sizeof(r1));
142	bzero(&r2, sizeof(r2));
143
144	cap_rights_init(&r1, idx0_rights[i] \| idx1_rights[j]);
145	ATF_CHECK(cap_rights_is_valid(&r1));
146
147	cap_rights_init(&r2, idx0_rights[i]);
148	cap_rights_set(&r2, idx1_rights[j]);
149	ATF_CHECK(cap_rights_is_valid(&r2));
150
151	ATF_CHECK_EQ(r1.cr_rights[0], r2.cr_rights[0]);
152	ATF_CHECK_EQ(r1.cr_rights[1], r2.cr_rights[1]);
153	}
154	}
155	}
156
157	ATF_TP_ADD_TCS(tp)
158	{
159
160	ATF_TP_ADD_TC(tp, orable_0);
161	ATF_TP_ADD_TC(tp, orable_1);
162	ATF_TP_ADD_TC(tp, orable_01);
163
164	return (atf_no_error());
165	}