Lines Matching +full:libc6 +full:- +full:dev
1 // Tests of Linux-specific functionality
14 #include <sys/capability.h> // Requires e.g. libcap-dev package for POSIX.1e capabilities headers
29 #include "capsicum-test.h"
109 GTEST_SKIP() << "multi-threaded run clashes with signals"; in FORK_TEST()
118 int fd = signalfd(-1, &mask, 0); in FORK_TEST()
244 int rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
372 // fanotify support may not be available at compile-time
490 // TODO(drysdale): reinstate if/when capsicum-linux propagates rights in TEST()
491 // to fanotify-generated FDs. in TEST()
505 rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
580 const char* prog_candidates[] = {"./mini-me.32", "./mini-me.x32", "./mini-me.64"}; in TEST()
582 char* argv_pass[] = {(char*)"to-come", (char*)"--capmode", NULL}; in TEST()
595 GTEST_SKIP() << "no different-architecture programs available"; in TEST()
599 // Fork-and-exec a binary of this architecture. in TEST()
612 int rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
664 cmptr->cmsg_level = SOL_SOCKET; in SendFD()
665 cmptr->cmsg_type = SCM_RIGHTS; in SendFD()
666 cmptr->cmsg_len = CMSG_LEN(sizeof(int)); in SendFD()
692 EXPECT_EQ(CMSG_LEN(sizeof(int)), cmptr->cmsg_len); in ReceiveFD()
698 static int shared_pd = -1;
710 pid_t shared_child = -1; in ChildFunc()
735 …if (verbose) fprintf(stderr, " ChildFunc: pdfork() -> pd=%d, corresponding pid=%d state='%c'\n", in ChildFunc()
775 if (verbose) fprintf(stderr, "Parent: pre-pdfork()ed pd=%d, pid=%d state='%c'\n", in TEST()
797 …if (verbose) fprintf(stderr, "Parent: check on firstborn: pdgetpid(pd=%d) -> child=%d state='%c'\n… in TEST()
804 // Get the process descriptor of the child-of-child via socket transfer. in TEST()
811 …if (verbose) fprintf(stderr, "Parent: pre-pdkill: pdgetpid(grandchild_pd=%d) -> grandchild=%d sta… in TEST()
818 …if (verbose) fprintf(stderr, "Parent: post-pdkill: pdgetpid(grandchild_pd=%d) -> grandchild=%d sta… in TEST()
826 int rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
855 if (verbose) fprintf(stderr, " NSInit: pdfork() -> pd=%d, corresponding pid=%d state='%c'\n", in NSInit()
886 // Get the process descriptor of the child-of-child via socket transfer. in TEST()
903 int rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
931 // Get the process descriptor of the child-of-child via socket transfer. in TEST()
955 int rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
975 // Set some of the high 32-bits of argument zero. in FORK_TEST()
988 // Set openat-beneath mode in FORK_TEST()
994 // Clear openat-beneath mode in FORK_TEST()
1032 // Can't enter seccomp-bpf mode with no_new_privs == 0 in FORK_TEST()
1040 EXPECT_EQ(-1, rc); in FORK_TEST()
1089 // Set up seccomp-bpf first. in TEST()
1099 // fstat is failed by both BPF and Capsicum; tie-break is on errno in TEST()
1197 if (rc == -1 && errno == ENOSYS) { in TEST()
1198 GTEST_SKIP() << "kcmp(2) gives -ENOSYS"; in TEST()
1217 rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
1278 if (verbose) fprintf(stderr, "[parent: %d] clock_gettime(child=%d->0x%08x) is %ld.%09ld \n", in FORK_TEST()
1284 if (verbose) fprintf(stderr, "[parent: %d] clock_gettime(init=1->0x%08x) is %ld.%09ld \n", in FORK_TEST()
1330 // - Invalid flags in TEST()
1331 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, 0, 0, NULL, 1)); in TEST()
1333 // - Specify an fcntl subright, but no CAP_FCNTL set in TEST()
1334 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, CAP_FCNTL_GETFL, 0, NULL, 0)); in TEST()
1336 // - Specify an ioctl subright, but no CAP_IOCTL set in TEST()
1338 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, 0, 1, &ioctl1, 0)); in TEST()
1340 // - N ioctls, but null pointer passed in TEST()
1341 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, 0, 1, NULL, 0)); in TEST()
1343 // - Invalid nioctls in TEST()
1344 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, 0, -2, NULL, 0)); in TEST()
1346 // - Null primary rights in TEST()
1347 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, NULL, 0, 0, NULL, 0)); in TEST()
1349 // - Invalid index bitmask in TEST()
1351 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, 0, 0, NULL, 0)); in TEST()
1353 // - Invalid version in TEST()
1355 EXPECT_EQ(-1, syscall(__NR_cap_rights_limit, fd, &rights, 0, 0, NULL, 0)); in TEST()
1373 fhandle->handle_bytes = MAX_HANDLE_SZ;
1397 return -1; in getrandom_()
1418 return -1; in memfd_create_()
1425 int memfd = memfd_create_("capsicum-test", MFD_ALLOW_SEALING); in TEST()
1426 if (memfd == -1 && errno == ENOSYS) { in TEST()
1427 GTEST_SKIP() << "memfd_create(2) gives -ENOSYS"; in TEST()
1451 // Hack for when libc6 does not yet include the updated linux/fcntl.h from kernel 3.17 in TEST()
1467 if (verbose) fprintf(stderr, "seals are %08x on read-only fd\n", seals_ro); in TEST()
1472 EXPECT_EQ(-1, fcntl(memfd_rw, F_ADD_SEALS, F_SEAL_WRITE)); in TEST()
1486 if (verbose) fprintf(stderr, "seals are %08x on read-only fd\n", seals_ro); in TEST()