Bug 236863

Summary:

Add a REQUIRE_FEATURE(security_capability) for sys/capsicum/ioctls_test

Product:

Base System

Reporter:

Olivier Cochard <olivier>

Component:

tests

Assignee:

Olivier Cochard <olivier>

Status:

Closed FIXED

Severity:

Affects Only Me

CC:

asomers, emaste, ngie

Priority:

---

Version:

12.0-RELEASE

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
patch to require capsicum feature for a test	none
patch v2 to require capsicum feature for a test	none

Description Olivier Cochard freebsd_committer

2019-03-28 21:32:58 UTC

Created attachment 203225 [details]
patch to require capsicum feature for a test

On a system without capsicum, ioctls_test:cap_ioctls__listen_copy test failed and should be skipped:

Before the patch:

# kyua test sys/capsicum/ioctls_test
sys/capsicum/ioctls_test:cap_ioctls__listen_copy  ->  failed: /var/jenkins/workspace/ocafirmware_build-master/FreeBSD/tests/sys/capsicum/io$
tls_test.c:94: cap_rights_limit(s[0], &rights) == 0 not met  [0.003s]

Results file id is usr_tests.20190328-212133-379353
Results saved to /root/.kyua/store/results.usr_tests.20190328-212133-379353.db

0/1 passed (1 failed)


After the patch:
# kyua test sys/capsicum/ioctls_test
sys/capsicum/ioctls_test:cap_ioctls__listen_copy  ->  skipped: kernel feature (security_capability) not present  [0.003s]

Results file id is usr_tests.20190328-213129-974398
Results saved to /root/.kyua/store/results.usr_tests.20190328-213129-974398.db

1/1 passed (0 failed)

Comment 1 Alan Somers freebsd_committer

2019-03-28 22:07:13 UTC

Check the spelling on that feature.  I think it should be either "security_capabilities" or "security_capability_mode".

Comment 2 Olivier Cochard freebsd_committer

2019-03-28 23:14:21 UTC

Created attachment 203227 [details]
patch v2 to require capsicum feature for a test

Ouch, good catch! I need to add tests to tests my tests ;-)

Comment 3 Alan Somers freebsd_committer

2019-03-29 01:06:38 UTC

Approved.

Comment 4 commit-hook freebsd_committer

2019-03-29 08:43:58 UTC

A commit references this bug:

Author: olivier
Date: Fri Mar 29 08:43:22 UTC 2019
New revision: 345681
URL: https://svnweb.freebsd.org/changeset/base/345681

Log:
  Skip test if feature security_capabilities is not available

  PR:		236863
  Approved by:	asomers
  MFC after:	1 month
  Sponsored by:	Netflix

Changes:
  head/tests/sys/capsicum/Makefile
  head/tests/sys/capsicum/ioctls_test.c

Comment 5 Olivier Cochard freebsd_committer

2019-03-29 08:46:18 UTC

Thanks for your advice.

Comment 6 Olivier Cochard freebsd_committer

2019-03-29 15:07:07 UTC

Switched it back to "in progress" until all MFC done.

Comment 7 Ed Maste freebsd_committer

2019-06-09 10:50:31 UTC

MFC expected soon?

Comment 8 Ed Maste freebsd_committer

2019-08-12 17:51:47 UTC

Ping

Comment 9 commit-hook freebsd_committer

2020-01-15 21:06:18 UTC

A commit references this bug:

Author: emaste
Date: Wed Jan 15 21:05:43 UTC 2020
New revision: 356768
URL: https://svnweb.freebsd.org/changeset/base/356768

Log:
  MFC r345681: Skip test if feature security_capabilities is not available

  PR:		236863
  Sponsored by:	The FreeBSD Foundation

Changes:
_U  stable/12/
  stable/12/tests/sys/capsicum/Makefile
  stable/12/tests/sys/capsicum/ioctls_test.c