2 #ifndef CAPSICUM_TEST_H
3 #define CAPSICUM_TEST_H
8 #include <sys/resource.h>
15 #include "gtest/gtest.h"
18 extern std::string tmpdir;
19 extern bool tmpdir_on_tmpfs;
21 extern bool force_nofork;
22 extern uid_t other_uid;
24 static inline void *WaitingThreadFn(void *) {
25 // Loop until cancelled
33 // If force_mt is set, run another thread in parallel with the test. This forces
34 // the kernel into multi-threaded mode.
35 template <typename T, typename Function>
36 void MaybeRunWithThread(T *self, Function fn) {
39 pthread_create(&subthread, NULL, WaitingThreadFn, NULL);
43 pthread_cancel(subthread);
44 pthread_join(subthread, NULL);
47 template <typename Function>
48 void MaybeRunWithThread(Function fn) {
51 pthread_create(&subthread, NULL, WaitingThreadFn, NULL);
55 pthread_cancel(subthread);
56 pthread_join(subthread, NULL);
60 // Return the absolute path of a filename in the temp directory, `tmpdir`,
61 // with the given pathname, e.g., "/tmp/<pathname>", if `tmpdir` was set to
63 const char *TmpFile(const char *pathname);
65 // Run the given test function in a forked process, so that trapdoor
66 // entry doesn't affect other tests, and watch out for hung processes.
67 // Implemented as a macro to allow access to the test case instance's
68 // HasFailure() method, which is reported as the forked process's
70 #define _RUN_FORKED(INNERCODE, TESTCASENAME, TESTNAME) \
71 pid_t pid = force_nofork ? 0 : fork(); \
74 if (!force_nofork) { \
77 } else if (pid > 0) { \
79 int remaining_us = 30000000; \
80 while (remaining_us > 0) { \
82 rc = waitpid(pid, &status, WNOHANG); \
84 remaining_us -= 10000; \
87 if (remaining_us <= 0) { \
88 fprintf(stderr, "Warning: killing unresponsive test " \
90 TESTCASENAME, TESTNAME, pid); \
92 ADD_FAILURE() << "Test hung"; \
93 } else if (rc < 0) { \
94 fprintf(stderr, "Warning: waitpid error %s (%d)\n", \
95 strerror(errno), errno); \
96 ADD_FAILURE() << "Failed to wait for child"; \
98 int rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; \
102 #define _RUN_FORKED_MEM(THIS, TESTFN, TESTCASENAME, TESTNAME) \
103 _RUN_FORKED(MaybeRunWithThread(THIS, &TESTFN), TESTCASENAME, TESTNAME);
104 #define _RUN_FORKED_FN(TESTFN, TESTCASENAME, TESTNAME) \
105 _RUN_FORKED(MaybeRunWithThread(&TESTFN), TESTCASENAME, TESTNAME);
107 // Run a test case in a forked process, possibly cleaning up a
108 // test file after completion
109 #define FORK_TEST_ON(test_case_name, test_name, test_file) \
110 static void test_case_name##_##test_name##_ForkTest(); \
111 TEST(test_case_name, test_name ## Forked) { \
112 _RUN_FORKED_FN(test_case_name##_##test_name##_ForkTest, \
113 #test_case_name, #test_name); \
114 const char *filename = test_file; \
115 if (filename) unlink(filename); \
117 static void test_case_name##_##test_name##_ForkTest()
119 #define FORK_TEST(test_case_name, test_name) FORK_TEST_ON(test_case_name, test_name, NULL)
121 // Run a test case fixture in a forked process, so that trapdoors don't
122 // affect other tests.
123 #define ICLASS_NAME(test_case_name, test_name) Forked##test_case_name##_##test_name
124 #define FORK_TEST_F(test_case_name, test_name) \
125 class ICLASS_NAME(test_case_name, test_name) : public test_case_name { \
127 ICLASS_NAME(test_case_name, test_name)() {} \
128 void InnerTestBody(); \
130 TEST_F(ICLASS_NAME(test_case_name, test_name), _) { \
131 _RUN_FORKED_MEM(this, \
132 ICLASS_NAME(test_case_name, test_name)::InnerTestBody, \
133 #test_case_name, #test_name); \
135 void ICLASS_NAME(test_case_name, test_name)::InnerTestBody()
137 // Emit errno information on failure
138 #define EXPECT_OK(v) EXPECT_LE(0, v) << " errno " << errno << " " << strerror(errno)
140 // Expect a syscall to fail with the given error.
141 #define EXPECT_SYSCALL_FAIL(E, C) \
145 EXPECT_EQ(E, errno) << "expected '" << strerror(E) \
146 << "' but got '" << strerror(errno) << "'"; \
149 // Expect a syscall to fail with anything other than the given error.
150 #define EXPECT_SYSCALL_FAIL_NOT(E, C) \
153 EXPECT_NE(E, errno) << strerror(E); \
156 // Expect a void syscall to fail with anything other than the given error.
157 #define EXPECT_VOID_SYSCALL_FAIL_NOT(E, C) \
161 EXPECT_NE(E, errno) << #C << " failed with ECAPMODE"; \
164 // Expect a system call to fail due to path traversal; exact error
165 // code is OS-specific.
167 #define EXPECT_OPENAT_FAIL_TRAVERSAL(fd, path, flags) \
169 SCOPED_TRACE(GTEST_STRINGIFY_(openat((fd), (path), (flags)))); \
170 const int result = openat((fd), (path), (flags)); \
171 if (((flags) & O_BENEATH) == O_BENEATH) { \
172 EXPECT_SYSCALL_FAIL(E_NO_TRAVERSE_O_BENEATH, result); \
174 EXPECT_SYSCALL_FAIL(E_NO_TRAVERSE_CAPABILITY, result); \
176 if (result >= 0) { close(result); } \
179 #define EXPECT_OPENAT_FAIL_TRAVERSAL(fd, path, flags) \
181 SCOPED_TRACE(GTEST_STRINGIFY_(openat((fd), (path), (flags)))); \
182 const int result = openat((fd), (path), (flags)); \
183 EXPECT_SYSCALL_FAIL(E_NO_TRAVERSE_CAPABILITY, result); \
184 if (result >= 0) { close(result); } \
188 // Expect a system call to fail with ECAPMODE.
189 #define EXPECT_CAPMODE(C) EXPECT_SYSCALL_FAIL(ECAPMODE, C)
191 // Expect a system call to fail, but not with ECAPMODE.
192 #define EXPECT_FAIL_NOT_CAPMODE(C) EXPECT_SYSCALL_FAIL_NOT(ECAPMODE, C)
193 #define EXPECT_FAIL_VOID_NOT_CAPMODE(C) EXPECT_VOID_SYSCALL_FAIL_NOT(ECAPMODE, C)
195 // Expect a system call to fail with ENOTCAPABLE.
196 #define EXPECT_NOTCAPABLE(C) EXPECT_SYSCALL_FAIL(ENOTCAPABLE, C)
198 // Expect a system call to fail, but not with ENOTCAPABLE.
199 #define EXPECT_FAIL_NOT_NOTCAPABLE(C) EXPECT_SYSCALL_FAIL_NOT(ENOTCAPABLE, C)
201 // Expect a system call to fail with either ENOTCAPABLE or ECAPMODE.
202 #define EXPECT_CAPFAIL(C) \
206 EXPECT_TRUE(errno == ECAPMODE || errno == ENOTCAPABLE) \
207 << #C << " did not fail with ECAPMODE/ENOTCAPABLE but " << errno \
208 << "(" << strerror(errno) << ")"; \
211 // Ensure that 'rights' are a subset of 'max'.
212 #define EXPECT_RIGHTS_IN(rights, max) \
213 EXPECT_TRUE(cap_rights_contains((max), (rights))) \
214 << "rights " << std::hex << *(rights) \
215 << " not a subset of " << std::hex << *(max)
217 // Ensure rights are identical
218 #define EXPECT_RIGHTS_EQ(a, b) \
220 EXPECT_RIGHTS_IN((a), (b)); \
221 EXPECT_RIGHTS_IN((b), (a)); \
224 // Get the state of a process as a single character.
227 // - 'S': sleeping/idle
230 // On error, return either '?' or '\0'.
231 char ProcessState(int pid);
233 // Check process state reaches a particular expected state (or two).
234 // Retries a few times to allow for timing issues.
235 #define EXPECT_PID_REACHES_STATES(pid, expected1, expected2) { \
239 state = ProcessState(pid); \
240 if (state == expected1 || state == expected2) break; \
242 } while (--counter > 0); \
243 EXPECT_TRUE(state == expected1 || state == expected2) \
244 << " pid " << pid << " in state " << state; \
247 #define EXPECT_PID_ALIVE(pid) EXPECT_PID_REACHES_STATES(pid, 'R', 'S')
248 #define EXPECT_PID_DEAD(pid) EXPECT_PID_REACHES_STATES(pid, 'Z', '\0')
249 #define EXPECT_PID_ZOMBIE(pid) EXPECT_PID_REACHES_STATES(pid, 'Z', 'Z');
250 #define EXPECT_PID_GONE(pid) EXPECT_PID_REACHES_STATES(pid, '\0', '\0');
253 // Magic numbers for messages sent by child processes.
254 MSG_CHILD_STARTED = 1234,
255 MSG_CHILD_FD_RECEIVED = 4321,
256 // Magic numbers for messages sent by parent processes.
257 MSG_PARENT_REQUEST_CHILD_EXIT = 9999,
258 MSG_PARENT_CLOSED_FD = 10000,
259 MSG_PARENT_CHILD_SHOULD_RUN = 10001,
262 #define SEND_INT_MESSAGE(fd, message) \
264 int _msg = message; \
265 EXPECT_EQ(sizeof(_msg), (size_t)write(fd, &_msg, sizeof(_msg))); \
268 #define AWAIT_INT_MESSAGE(fd, expected) \
271 EXPECT_EQ(sizeof(_msg), (size_t)read(fd, &_msg, sizeof(_msg))); \
272 EXPECT_EQ(expected, _msg); \
275 // Mark a test that can only be run as root.
276 #define GTEST_SKIP_IF_NOT_ROOT() \
277 if (getuid() != 0) { GTEST_SKIP() << "requires root"; }
279 extern std::string capsicum_test_bindir;
281 #endif // CAPSICUM_TEST_H