2 * Copyright (c) 2008-2011 Robert N. M. Watson
3 * Copyright (c) 2011 Jonathan Anderson
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * Define a file required by a test. The test can't complete without the file,
37 * so if we don't have it, just die.
39 #define REQUIRE(fd) do { \
41 err(-1, "%s:%d: Missing required file '%s'", \
42 __FILE__, __LINE__, #fd); \
45 /* Whether a test passed or failed. */
49 /* A test has failed; print a message and clear the 'success' flag. */
50 #define FAIL(...) do { \
55 /* As above, but do not print the errno message. */
56 #define FAILX(...) do { \
61 /* Like an assertion, but don't kill the test, just fail and keep going. */
62 #define CHECK(condition) do { \
64 FAILX("%s:%d: Assertion '%s' failed", \
65 __func__, __LINE__, #condition); \
68 /* Make sure that a system call's return value is >= 0. */
69 #define CHECK_SYSCALL_SUCCEEDS(syscall, ...) do { \
70 if (syscall(__VA_ARGS__) < 0) \
71 FAIL("%s() at line %d: %s failed", \
72 __func__, __LINE__, #syscall); \
75 /* Make sure that a system call fails with the correct errno. */
76 #define CHECK_SYSCALL_FAILS(expected_errno, syscall, ...) do { \
77 if (syscall(__VA_ARGS__) < 0) { \
78 if (errno != expected_errno) \
79 FAIL("%s() at line %d: %s", \
80 __func__, __LINE__, #syscall); \
82 FAILX("%s() at line %d: %s succeeded; it should've failed", \
83 __func__, __LINE__, #syscall); \
87 /* Make sure that a system call fails, but not with a particular errno. */
88 #define CHECK_SYSCALL_FAILS_BUT_NOT_WITH(bad_errno, syscall, ...) do { \
89 if (syscall(__VA_ARGS__) < 0) { \
90 if (errno == bad_errno) \
91 FAIL("%s() at line %d: %s", \
92 __func__, __LINE__, #syscall); \
94 FAILX("%s() at line %d: %s succeeded; it should've failed", \
95 __func__, __LINE__, #syscall); \
99 /* A system call should fail with ECAPMODE. */
100 #define CHECK_CAPMODE(...) \
101 CHECK_SYSCALL_FAILS(ECAPMODE, __VA_ARGS__)
103 /* A system call should fail, but not with ECAPMODE. */
104 #define CHECK_NOT_CAPMODE(...) \
105 CHECK_SYSCALL_FAILS_BUT_NOT_WITH(ECAPMODE, __VA_ARGS__)
107 /* A system call should fail with ENOTCAPABLE. */
108 #define CHECK_NOTCAPABLE(...) \
109 CHECK_SYSCALL_FAILS(ENOTCAPABLE, __VA_ARGS__)
111 /* Ensure that 'rights' are a subset of 'max'. */
112 #define CHECK_RIGHTS(rights, max) do { \
113 if ((success == PASSED) && (rights != max)) \
114 FAILX("Rights of opened file (%jx) > maximum (%jx)", \
115 (cap_rights_t) rights, (cap_rights_t) max); \
118 /* Create a capability from a file descriptor, make sure it succeeds. */
119 #define MAKE_CAPABILITY(to, from, rights) do { \
120 cap_rights_t _rights; \
121 REQUIRE(to = cap_new(from, rights)); \
122 CHECK_SYSCALL_SUCCEEDS(cap_getrights, to, &_rights); \
123 if ((success == PASSED) && (_rights != (rights))) \
124 FAILX("New capability's rights (%jx) != %jx", \
125 _rights, (cap_rights_t) (rights)); \
129 * A top-level test should take no arguments and return an integer value,
130 * either PASSED or FAILED.
132 * Errors such as SIGSEGV will be caught and interpreted as FAILED.
134 typedef int (*test_function)(void);
136 /* Information about a test. */
144 * Run a test in a child process so that cap_enter(2) doesn't mess up
147 int execute(int id, struct test*);
149 int test_capmode(void);
150 int test_capabilities(void);
151 int test_fcntl(void);
152 int test_pdfork(void);
153 int test_pdkill(void);
154 int test_pdwait(void);
155 int test_relative(void);
156 int test_sysctl(void);
158 #endif /* CAP_TEST_H */