svn commit: r248396 - head/tools/regression/security/cap_test

Pawel Jakub Dawidek pjd at FreeBSD.org
Sat Mar 16 23:13:49 UTC 2013 

Author: pjd
Date: Sat Mar 16 23:13:49 2013
New Revision: 248396
URL: http://svnweb.freebsd.org/changeset/base/248396

Log:
  Update the tests now that absence of the O_APPEND flag requires CAP_SEEK
  capability. Add some more tests.
  
  Sponsored by:	The FreeBSD Foundation

Modified:
  head/tools/regression/security/cap_test/cap_test_capabilities.c

Modified: head/tools/regression/security/cap_test/cap_test_capabilities.c
==============================================================================
--- head/tools/regression/security/cap_test/cap_test_capabilities.c	Sat Mar 16 23:11:55 2013	(r248395)
+++ head/tools/regression/security/cap_test/cap_test_capabilities.c	Sat Mar 16 23:13:49 2013	(r248396)
@@ -184,19 +184,19 @@ try_file_ops(int filefd, int dirfd, cap_
 	    MAP_SHARED, fd_cap, 0);
 	CHECK_MMAP_RESULT(CAP_MMAP_RWX);
 
-	/* TODO: openat(O_APPEND) */
 	ret = openat(dfd_cap, "cap_create", O_CREAT | O_RDONLY, 0600);
 	CHECK_RESULT(openat(O_CREATE | O_RDONLY),
 	    CAP_CREATE | CAP_READ | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
 	CHECK(ret == -1 || unlinkat(dirfd, "cap_create", 0) == 0);
-	ret = openat(dfd_cap, "cap_create", O_CREAT | O_WRONLY, 0600);
-	CHECK_RESULT(openat(O_CREATE | O_WRONLY),
+	ret = openat(dfd_cap, "cap_create", O_CREAT | O_WRONLY | O_APPEND,
+	    0600);
+	CHECK_RESULT(openat(O_CREATE | O_WRONLY | O_APPEND),
 	    CAP_CREATE | CAP_WRITE | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
 	CHECK(ret == -1 || unlinkat(dirfd, "cap_create", 0) == 0);
-	ret = openat(dfd_cap, "cap_create", O_CREAT | O_RDWR, 0600);
-	CHECK_RESULT(openat(O_CREATE | O_RDWR),
+	ret = openat(dfd_cap, "cap_create", O_CREAT | O_RDWR | O_APPEND, 0600);
+	CHECK_RESULT(openat(O_CREATE | O_RDWR | O_APPEND),
 	    CAP_CREATE | CAP_READ | CAP_WRITE | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
 	CHECK(ret == -1 || unlinkat(dirfd, "cap_create", 0) == 0);
@@ -211,24 +211,24 @@ try_file_ops(int filefd, int dirfd, cap_
 	CHECK_RESULT(openat(O_FSYNC | O_RDONLY),
 	    CAP_FSYNC | CAP_READ | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
-	ret = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY);
-	CHECK_RESULT(openat(O_FSYNC | O_WRONLY),
+	ret = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY | O_APPEND);
+	CHECK_RESULT(openat(O_FSYNC | O_WRONLY | O_APPEND),
 	    CAP_FSYNC | CAP_WRITE | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
-	ret = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR);
-	CHECK_RESULT(openat(O_FSYNC | O_RDWR),
+	ret = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR | O_APPEND);
+	CHECK_RESULT(openat(O_FSYNC | O_RDWR | O_APPEND),
 	    CAP_FSYNC | CAP_READ | CAP_WRITE | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
 	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDONLY);
 	CHECK_RESULT(openat(O_SYNC | O_RDONLY),
 	    CAP_FSYNC | CAP_READ | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
-	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY);
-	CHECK_RESULT(openat(O_SYNC | O_WRONLY),
+	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY | O_APPEND);
+	CHECK_RESULT(openat(O_SYNC | O_WRONLY | O_APPEND),
 	    CAP_FSYNC | CAP_WRITE | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
-	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR);
-	CHECK_RESULT(openat(O_SYNC | O_RDWR),
+	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR | O_APPEND);
+	CHECK_RESULT(openat(O_SYNC | O_RDWR | O_APPEND),
 	    CAP_FSYNC | CAP_READ | CAP_WRITE | CAP_LOOKUP, ret >= 0);
 	CHECK(ret == -1 || close(ret) == 0);
 	CHECK(unlinkat(dirfd, "cap_fsync", 0) == 0);
@@ -253,6 +253,39 @@ try_file_ops(int filefd, int dirfd, cap_
 	CHECK(ret == -1 || close(ret) == 0);
 	CHECK(unlinkat(dirfd, "cap_ftruncate", 0) == 0);
 
+	ret = openat(dfd_cap, "cap_create", O_CREAT | O_WRONLY, 0600);
+	CHECK_RESULT(openat(O_CREATE | O_WRONLY),
+	    CAP_CREATE | CAP_WRITE | CAP_SEEK | CAP_LOOKUP, ret >= 0);
+	CHECK(ret == -1 || close(ret) == 0);
+	CHECK(ret == -1 || unlinkat(dirfd, "cap_create", 0) == 0);
+	ret = openat(dfd_cap, "cap_create", O_CREAT | O_RDWR, 0600);
+	CHECK_RESULT(openat(O_CREATE | O_RDWR),
+	    CAP_CREATE | CAP_READ | CAP_WRITE | CAP_SEEK | CAP_LOOKUP,
+	    ret >= 0);
+	CHECK(ret == -1 || close(ret) == 0);
+	CHECK(ret == -1 || unlinkat(dirfd, "cap_create", 0) == 0);
+
+	ret = openat(dirfd, "cap_fsync", O_CREAT, 0600);
+	CHECK(ret >= 0);
+	CHECK(close(ret) == 0);
+	ret = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY);
+	CHECK_RESULT(openat(O_FSYNC | O_WRONLY),
+	    CAP_FSYNC | CAP_WRITE | CAP_SEEK | CAP_LOOKUP, ret >= 0);
+	CHECK(ret == -1 || close(ret) == 0);
+	ret = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR);
+	CHECK_RESULT(openat(O_FSYNC | O_RDWR),
+	    CAP_FSYNC | CAP_READ | CAP_WRITE | CAP_SEEK | CAP_LOOKUP, ret >= 0);
+	CHECK(ret == -1 || close(ret) == 0);
+	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY);
+	CHECK_RESULT(openat(O_SYNC | O_WRONLY),
+	    CAP_FSYNC | CAP_WRITE | CAP_SEEK | CAP_LOOKUP, ret >= 0);
+	CHECK(ret == -1 || close(ret) == 0);
+	ret = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR);
+	CHECK_RESULT(openat(O_SYNC | O_RDWR),
+	    CAP_FSYNC | CAP_READ | CAP_WRITE | CAP_SEEK | CAP_LOOKUP, ret >= 0);
+	CHECK(ret == -1 || close(ret) == 0);
+	CHECK(unlinkat(dirfd, "cap_fsync", 0) == 0);
+
 	/*
 	 * Note: this is not expected to work over NFS.
 	 */

More information about the svn-src-all mailing list