git: 3733d82c4deb - main - libcasper: fix cap_rights_init usage

From: Ed Maste <emaste_at_FreeBSD.org>
Date: Thu, 15 Feb 2024 03:33:50 UTC
The branch main has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=3733d82c4deb49035a39e18744085d1e3e9b8dc5

commit 3733d82c4deb49035a39e18744085d1e3e9b8dc5
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-02-15 00:42:48 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-02-15 03:33:24 +0000

    libcasper: fix cap_rights_init usage
    
    Capability rights passed to cap_rights_* are not simple bitmaks and
    cannot be ORed together in general (although it will work for certain
    subsets of rights).
    
    PR:             277057
    Fixes:          faaf43b2a750 ("fileargs: add tests")
    Sponsored by:   The FreeBSD Foundation
---
 .../services/cap_fileargs/tests/fileargs_test.c          | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/lib/libcasper/services/cap_fileargs/tests/fileargs_test.c b/lib/libcasper/services/cap_fileargs/tests/fileargs_test.c
index 7d499542abe9..088edaaa294d 100644
--- a/lib/libcasper/services/cap_fileargs/tests/fileargs_test.c
+++ b/lib/libcasper/services/cap_fileargs/tests/fileargs_test.c
@@ -291,7 +291,7 @@ ATF_TC_BODY(fileargs__open_read, tc)
 
 	prepare_files(MAX_FILES, true);
 
-	cap_rights_init(&rights, CAP_READ | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_READ, CAP_FCNTL);
 	cap_rights_init(&norights, CAP_WRITE);
 	fa = fileargs_init(MAX_FILES, files, O_RDONLY, 0, &rights,
 	    FA_OPEN);
@@ -338,7 +338,7 @@ ATF_TC_BODY(fileargs__open_write, tc)
 
 	prepare_files(MAX_FILES, true);
 
-	cap_rights_init(&rights, CAP_WRITE | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_WRITE, CAP_FCNTL);
 	cap_rights_init(&norights, CAP_READ);
 	fa = fileargs_init(MAX_FILES, files, O_WRONLY, 0, &rights,
 	    FA_OPEN);
@@ -385,7 +385,7 @@ ATF_TC_BODY(fileargs__open_create, tc)
 
 	prepare_files(MAX_FILES, false);
 
-	cap_rights_init(&rights, CAP_WRITE | CAP_FCNTL | CAP_READ);
+	cap_rights_init(&rights, CAP_WRITE, CAP_FCNTL, CAP_READ);
 	cap_rights_init(&norights, CAP_FCHMOD);
 	fa = fileargs_init(MAX_FILES, files, O_RDWR | O_CREAT, 666,
 	    &rights, FA_OPEN);
@@ -466,7 +466,7 @@ ATF_TC_BODY(fileargs__fopen_read, tc)
 
 	prepare_files(MAX_FILES, true);
 
-	cap_rights_init(&rights, CAP_READ | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_READ, CAP_FCNTL);
 	cap_rights_init(&norights, CAP_WRITE);
 	fa = fileargs_init(MAX_FILES, files, O_RDONLY, 0, &rights,
 	    FA_OPEN);
@@ -516,7 +516,7 @@ ATF_TC_BODY(fileargs__fopen_write, tc)
 
 	prepare_files(MAX_FILES, true);
 
-	cap_rights_init(&rights, CAP_WRITE | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_WRITE, CAP_FCNTL);
 	cap_rights_init(&norights, CAP_READ);
 	fa = fileargs_init(MAX_FILES, files, O_WRONLY, 0, &rights,
 	    FA_OPEN);
@@ -566,7 +566,7 @@ ATF_TC_BODY(fileargs__fopen_create, tc)
 
 	prepare_files(MAX_FILES, false);
 
-	cap_rights_init(&rights, CAP_READ | CAP_WRITE | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FCNTL);
 	fa = fileargs_init(MAX_FILES, files, O_RDWR | O_CREAT, 0, &rights,
 	    FA_OPEN);
 	ATF_REQUIRE(fa != NULL);
@@ -672,7 +672,7 @@ ATF_TC_BODY(fileargs__open_lstat, tc)
 
 	prepare_files(MAX_FILES, true);
 
-	cap_rights_init(&rights, CAP_READ | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_READ, CAP_FCNTL);
 	cap_rights_init(&norights, CAP_WRITE);
 	fa = fileargs_init(MAX_FILES, files, O_RDONLY, 0, &rights,
 	    FA_OPEN | FA_LSTAT);
@@ -720,7 +720,7 @@ ATF_TC_BODY(fileargs__open_realpath, tc)
 
 	prepare_files(MAX_FILES, true);
 
-	cap_rights_init(&rights, CAP_READ | CAP_FCNTL);
+	cap_rights_init(&rights, CAP_READ, CAP_FCNTL);
 	cap_rights_init(&norights, CAP_WRITE);
 	fa = fileargs_init(MAX_FILES, files, O_RDONLY, 0, &rights,
 	    FA_OPEN | FA_REALPATH);