aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEnji Cooper <ngie@FreeBSD.org>2019-03-29 21:41:14 +0000
committerEnji Cooper <ngie@FreeBSD.org>2019-03-29 21:41:14 +0000
commit33d7e3ee781b9ac620b4a49c472c63948e51b08c (patch)
tree06bf5caaf3455a2d6f3dee5149d7143cb541aa5a
parente5a5dd6cc488f19e182ad3f694957389e4a7d40a (diff)
downloadsrc-vendor/google/capsicum-test.tar.gz
src-vendor/google/capsicum-test.zip
Merge the following changes from the capsicum-test project [1]vendor/google/capsicum-test
Log: ``` commit feb47278d7cffa8cf4bc8c8ff78047126fa41e82 (HEAD -> dev, origin/dev, origin/HEAD) Author: ngie-eign <1574099+ngie-eign@users.noreply.github.com> Date: Fri Mar 22 10:51:04 2019 -0700 Remove `FAIL` macro use for non-x86 architectures when testing `sysarch(2)` (#38) `FAIL()` does not support being called in the form noted in the test, which causes a test failure on non-x86 architectures. The alternatives (use `ADD_TEST_FAILURE()` or `GTEST_SKIP()`) would be misleading (in both cases), and in the case of `GTEST_SKIP()` is unavailable on the version of googletest packaged with capsicum-test. Signed-off-by: Enji Cooper <yaneurabeya@gmail.com> commit 32ad0f3e4c11be7f7463d40eef8d4a78ac9f61a5 Author: Enji Cooper <yaneurabeya@gmail.com> Date: Fri Mar 15 20:01:56 2019 -0700 Fix `-Wunused-parameter` issues Remove variable declarations from functions/methods where the variable is not required. Signed-off-by: Enji Cooper <yaneurabeya@gmail.com> commit 9437b4c550110200ef190ac39fb26c1d8fc55d9a Author: Enji Cooper <yaneurabeya@gmail.com> Date: Fri Mar 15 19:59:00 2019 -0700 Fix `-Wshadow` issues with `EXPECT_OPEN_OK(..)` macro * Wrap in do-while(0) block to avoid variable shadowing issue with multiple calls in the same function. * Prefix block local variables with `_` to try and avoid variable name clashes with values local to test methods. Signed-off-by: Enji Cooper <yaneurabeya@gmail.com> commit adf4a21a233b5da5cac440f4006e258ffba09510 Author: Enji Cooper <yaneurabeya@gmail.com> Date: Fri Mar 15 19:55:00 2019 -0700 Fix `-Wmissing-variable-declarations` issue with `known_rights` global Staticize it since it is only used in the file. Signed-off-by: Enji Cooper <yaneurabeya@gmail.com> ``` This merges a number of the outstanding changes made locally to ^/projects/capsicum-test that were accepted into the upstream project. The sync was done like so: ``` curl -L https://github.com/google/capsicum-test/tarball/dd7eac98c0cf | tar --strip-components=1 -xvzf - -C dist/ rm -Rf dist/*/ ``` 1. https://github.com/google/capsicum-test
Notes
Notes: svn path=/vendor/google/capsicum-test/dist/; revision=345715
-rw-r--r--capability-fd.cc78
-rw-r--r--capmode.cc13
-rw-r--r--capsicum-test.h2
-rw-r--r--mqueue.cc2
-rw-r--r--openat.cc14
-rw-r--r--procdesc.cc4
-rw-r--r--syscalls.h2
7 files changed, 80 insertions, 35 deletions
diff --git a/capability-fd.cc b/capability-fd.cc
index 043ca236e3e1..6c470cff3418 100644
--- a/capability-fd.cc
+++ b/capability-fd.cc
@@ -25,7 +25,7 @@ typedef struct {
uint64_t right;
const char* name;
} right_info;
-right_info known_rights[] = {
+static right_info known_rights[] = {
/* Rights that are common to all versions of Capsicum */
RIGHTS_INFO(CAP_READ),
RIGHTS_INFO(CAP_WRITE),
@@ -713,22 +713,34 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
EXPECT_OK(close(rc));
rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDONLY);
CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY | O_APPEND);
CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR | O_APPEND);
CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDONLY);
CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY | O_APPEND);
CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR | O_APPEND);
CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0));
rc = openat(dirfd, "cap_ftruncate", O_CREAT, 0600);
@@ -736,13 +748,19 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
EXPECT_OK(close(rc));
rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_RDONLY);
CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_WRONLY);
CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_WRITE, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_RDWR);
CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_WRITE, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
EXPECT_OK(unlinkat(dirfd, "cap_ftruncate", 0));
rc = openat(dfd_cap, "cap_create", O_CREAT | O_WRONLY, 0600);
@@ -764,19 +782,27 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY);
CHECK_RIGHT_RESULT(rc,
rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR);
CHECK_RIGHT_RESULT(rc,
rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY);
CHECK_RIGHT_RESULT(rc,
rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR);
CHECK_RIGHT_RESULT(rc,
rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(close(rc));
+ if (rc >= 0) {
+ EXPECT_OK(close(rc));
+ }
EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0));
#ifdef HAVE_CHFLAGSAT
@@ -826,28 +852,38 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
rc = linkat(dirfd, "cap_linkat_src", dfd_cap, "cap_linkat_dst", 0);
CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_TARGET);
- if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+ if (rc >= 0) {
+ EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+ }
rc = linkat(dfd_cap, "cap_linkat_src", dirfd, "cap_linkat_dst", 0);
CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_SOURCE);
- if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+ if (rc >= 0) {
+ EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+ }
EXPECT_OK(unlinkat(dirfd, "cap_linkat_src", 0));
rc = mkdirat(dfd_cap, "cap_mkdirat", 0700);
CHECK_RIGHT_RESULT(rc, rights, CAP_MKDIRAT, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR));
+ if (rc >= 0) {
+ EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR));
+ }
#ifdef HAVE_MKFIFOAT
rc = mkfifoat(dfd_cap, "cap_mkfifoat", 0600);
CHECK_RIGHT_RESULT(rc, rights, CAP_MKFIFOAT, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0));
+ if (rc >= 0) {
+ EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0));
+ }
#endif
if (getuid() == 0) {
rc = mknodat(dfd_cap, "cap_mknodat", S_IFCHR | 0600, 0);
CHECK_RIGHT_RESULT(rc, rights, CAP_MKNODAT, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mknodat", 0));
+ if (rc >= 0) {
+ EXPECT_OK(unlinkat(dirfd, "cap_mknodat", 0));
+ }
}
// For renameat(2), need:
@@ -880,7 +916,9 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
rc = symlinkat("test", dfd_cap, "cap_symlinkat");
CHECK_RIGHT_RESULT(rc, rights, CAP_SYMLINKAT, CAP_LOOKUP);
- if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_symlinkat", 0));
+ if (rc >= 0) {
+ EXPECT_OK(unlinkat(dirfd, "cap_symlinkat", 0));
+ }
rc = openat(dirfd, "cap_unlinkat", O_CREAT, 0600);
EXPECT_OK(rc);
diff --git a/capmode.cc b/capmode.cc
index eb4e5c9ff929..567773f319d9 100644
--- a/capmode.cc
+++ b/capmode.cc
@@ -132,7 +132,9 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) {
#ifdef HAVE_CHFLAGS
rc = fchflags(fd_file_, UF_NODUMP);
- if (rc < 0) EXPECT_NE(ECAPMODE, errno);
+ if (rc < 0) {
+ EXPECT_NE(ECAPMODE, errno);
+ }
#endif
char buf[1024];
@@ -173,7 +175,9 @@ FORK_TEST_F(WithFiles, AllowedSocketSyscalls) {
// recvfrom() either returns -1 with EAGAIN, or 0.
int rc = recvfrom(fd_socket_, NULL, 0, MSG_DONTWAIT, NULL, NULL);
- if (rc < 0) EXPECT_EQ(EAGAIN, errno);
+ if (rc < 0) {
+ EXPECT_EQ(EAGAIN, errno);
+ }
char ch;
EXPECT_OK(write(fd_file_, &ch, sizeof(ch)));
@@ -558,8 +562,7 @@ FORK_TEST_F(WithFiles, AllowedMiscSyscalls) {
long sysarch_arg = 0;
EXPECT_CAPMODE(sysarch(I386_SET_IOPERM, &sysarch_arg));
#else
- // TOOD(jra): write a test for arm
- FAIL("capmode:no sysarch() test for current architecture");
+ // TOOD(jra): write a test for other architectures, like arm
#endif
#endif
}
@@ -627,7 +630,7 @@ FORK_TEST(Capmode, NewThread) {
}
static int had_signal = 0;
-static void handle_signal(int x) { had_signal = 1; }
+static void handle_signal(int) { had_signal = 1; }
FORK_TEST(Capmode, SelfKill) {
pid_t me = getpid();
diff --git a/capsicum-test.h b/capsicum-test.h
index 61d95711eec0..4251302e8681 100644
--- a/capsicum-test.h
+++ b/capsicum-test.h
@@ -20,7 +20,7 @@ extern bool force_mt;
extern bool force_nofork;
extern uid_t other_uid;
-static inline void *WaitingThreadFn(void *p) {
+static inline void *WaitingThreadFn(void *) {
// Loop until cancelled
while (true) {
usleep(10000);
diff --git a/mqueue.cc b/mqueue.cc
index b98523121fe0..42478c760020 100644
--- a/mqueue.cc
+++ b/mqueue.cc
@@ -24,7 +24,7 @@
static void test_case_name##_##test_name##_ForkTest()
static bool invoked;
-void seen_it_done_it(int v) {
+void seen_it_done_it(int) {
invoked = true;
}
diff --git a/openat.cc b/openat.cc
index c35630bd60aa..ca7e39772f9a 100644
--- a/openat.cc
+++ b/openat.cc
@@ -11,9 +11,9 @@
// Check an open call works and close the resulting fd.
#define EXPECT_OPEN_OK(f) do { \
- int fd = f; \
- EXPECT_OK(fd); \
- close(fd); \
+ int _fd = f; \
+ EXPECT_OK(_fd); \
+ close(_fd); \
} while (0)
static void CreateFile(const char *filename, const char *contents) {
@@ -176,10 +176,14 @@ class OpenatTest : public ::testing::Test {
// Create a couple of nested directories
int rc = mkdir(TmpFile(TOPDIR), 0755);
EXPECT_OK(rc);
- if (rc < 0) EXPECT_EQ(EEXIST, errno);
+ if (rc < 0) {
+ EXPECT_EQ(EEXIST, errno);
+ }
rc = mkdir(TmpFile(SUBDIR_ABS), 0755);
EXPECT_OK(rc);
- if (rc < 0) EXPECT_EQ(EEXIST, errno);
+ if (rc < 0) {
+ EXPECT_EQ(EEXIST, errno);
+ }
// Figure out a path prefix (like "../..") that gets us to the root
// directory from TmpFile(TOPDIR).
diff --git a/procdesc.cc b/procdesc.cc
index 476dfe01ab71..94c0dc5d774d 100644
--- a/procdesc.cc
+++ b/procdesc.cc
@@ -223,7 +223,7 @@ TEST(Pdfork, NonProcessDescriptor) {
close(fd);
}
-static void *SubThreadMain(void *data) {
+static void *SubThreadMain(void *) {
while (true) {
if (verbose) fprintf(stderr, " subthread: \"I aten't dead\"\n");
usleep(100000);
@@ -231,7 +231,7 @@ static void *SubThreadMain(void *data) {
return NULL;
}
-static void *ThreadMain(void *data) {
+static void *ThreadMain(void *) {
int pd;
pid_t child = pdfork(&pd, 0);
if (child == 0) {
diff --git a/syscalls.h b/syscalls.h
index c78576074ef2..592a1677e1f1 100644
--- a/syscalls.h
+++ b/syscalls.h
@@ -53,7 +53,7 @@ inline ssize_t flistxattr_(int fd, char *list, size_t size) {
inline ssize_t fgetxattr_(int fd, const char *name, void *value, size_t size) {
return extattr_get_fd(fd, EXTATTR_NAMESPACE_USER, name, value, size);
}
-inline int fsetxattr_(int fd, const char *name, const void *value, size_t size, int flags) {
+inline int fsetxattr_(int fd, const char *name, const void *value, size_t size, int) {
return extattr_set_fd(fd, EXTATTR_NAMESPACE_USER, name, value, size);
}
inline int fremovexattr_(int fd, const char *name) {