git: 5d53160823fe - stable/15 - capsicum-test: Move out of contrib
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 06 Feb 2026 18:58:44 UTC
The branch stable/15 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=5d53160823fe2469576e85390bcb1cca0f734ccb
commit 5d53160823fe2469576e85390bcb1cca0f734ccb
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2026-01-27 15:28:39 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2026-02-06 16:15:09 +0000
capsicum-test: Move out of contrib
Google developed the Capsicum unit test suite[1] as part of the
Capsicum-Linux[2] project, based on unit tests that existed in FreeBSD
and unit tests developed as part of the initial Capsicum-Linux port.
Capsicum-Linux was archived as of October 31, 2022 and is no longer
being maintained. FreeBSD is currently the only consumer of and
contributor to the test suite. Move the src into tests/sys/capsicum to
simplify ongoing maintenance.
The makefiles were deleted as we (continue to) use the existing bespoke
FreeBSD Makefile, and CONTRIBUTING.md was removed as the Google CLA is
no longer applicable.
[1] https://github.com/google/capsicum-test
[2] https://github.com/google/capsicum-linux
Reviewed by: asomers, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54917
(cherry picked from commit 5b036b25853349cd3cf26495e628276f79f29c42)
(cherry picked from commit 670b568ec1c36464c6d55e400382c290b0391ccf)
(cherry picked from commit b773da180e02c0c27de48dbba72f3fb7a64656da)
---
.github/CODEOWNERS | 2 +-
MAINTAINERS | 2 +-
contrib/capsicum-test/.gitignore | 19 -----
contrib/capsicum-test/CONTRIBUTING.md | 20 ------
contrib/capsicum-test/GNUmakefile | 82 ----------------------
contrib/capsicum-test/makefile | 36 ----------
.../capsicum-test => tests/sys/capsicum}/LICENSE | 0
tests/sys/capsicum/Makefile | 2 -
.../capsicum-test => tests/sys/capsicum}/README.md | 0
.../sys/capsicum}/capability-fd-pair.cc | 0
.../sys/capsicum}/capability-fd.cc | 0
.../sys/capsicum}/capmode.cc | 0
.../sys/capsicum}/capsicum-freebsd.h | 0
.../sys/capsicum}/capsicum-linux.h | 0
.../sys/capsicum}/capsicum-rights.h | 0
.../sys/capsicum}/capsicum-test-main.cc | 0
.../sys/capsicum}/capsicum-test.cc | 0
.../sys/capsicum}/capsicum-test.h | 0
.../sys/capsicum}/capsicum.h | 0
.../sys/capsicum}/copy_file_range.cc | 0
.../capsicum-test => tests/sys/capsicum}/fcntl.cc | 0
.../sys/capsicum}/fexecve.cc | 0
.../capsicum-test => tests/sys/capsicum}/ioctl.cc | 0
.../capsicum-test => tests/sys/capsicum}/linux.cc | 0
.../capsicum-test => tests/sys/capsicum}/mini-me.c | 0
.../capsicum-test => tests/sys/capsicum}/mqueue.cc | 0
.../capsicum-test => tests/sys/capsicum}/openat.cc | 0
.../sys/capsicum}/overhead.cc | 0
.../sys/capsicum}/procdesc.cc | 0
.../capsicum-test => tests/sys/capsicum}/rename.cc | 0
.../capsicum-test => tests/sys/capsicum}/sctp.cc | 0
.../capsicum-test => tests/sys/capsicum}/select.cc | 0
.../sys/capsicum}/showrights | 0
.../sys/capsicum}/smoketest.c | 0
.../capsicum-test => tests/sys/capsicum}/socket.cc | 0
.../sys/capsicum}/syscalls.h | 0
.../capsicum-test => tests/sys/capsicum}/sysctl.cc | 0
.../sys/capsicum}/waittest.c | 0
38 files changed, 2 insertions(+), 161 deletions(-)
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 98ef1f5db2ce..a70288941d79 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -33,7 +33,6 @@
/bin/sh @jillest
/contrib/atf @ngie-eign
-/contrib/capsicum-test @ngie-eign
/contrib/googletest @ngie-eign
/contrib/libcxxrt @DimitryAndric @emaste
/contrib/llvm-project @DimitryAndric
@@ -102,6 +101,7 @@
/sys/x86/pci @bsdimp @bsdjhb
/tests @ngie-eign
/tests/sys/aio/ @asomers
+/tests/sys/capsicum/ @ngie-eign @emaste
/tests/sys/fs/fusefs/ @asomers
/tests/sys/kqueue/ @jmgurney
/tests/sys/opencrypto/ @jmgurney
diff --git a/MAINTAINERS b/MAINTAINERS
index ea9bb4195aa1..c13290ae5611 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -37,7 +37,6 @@ subsystem login notes
aio(4) asomers Pre-commit review requested.
ath(4) adrian Pre-commit review requested, send to freebsd-wireless@freebsd.org
contrib/atf ngie,#test Pre-commit review requested.
-contrib/capsicum-test ngie,#capsicum,#test Pre-commit review requested.
contrib/googletest ngie,#test Pre-commit review requested.
sbin/ipf cy Pre-commit review requested.
contrib/libcxxrt dim,emaste Pre-commit review preferred.
@@ -109,6 +108,7 @@ sys/netpfil/pf kp,glebius Pre-commit review recommended.
sys/x86/xen royger Pre-commit review recommended.
sys/xen royger Pre-commit review recommended.
tests ngie,#test Pre-commit review requested.
+tests/sys/capsicum ngie,#capsicum,#test Pre-commit review requested.
tools/build imp Pre-commit review requested, especially to fix bootstrap issues.
top(1) eadler Pre-commit review requested.
usr.sbin/bsdconfig dteske Pre-commit phabricator review requested.
diff --git a/contrib/capsicum-test/.gitignore b/contrib/capsicum-test/.gitignore
deleted file mode 100644
index bc8f8f5ce265..000000000000
--- a/contrib/capsicum-test/.gitignore
+++ /dev/null
@@ -1,19 +0,0 @@
-capsicum-test
-mini-me
-mini-me.noexec
-mini-me.setuid
-mini-me.32
-mini-me.x32
-mini-me.64
-libgtest.a
-smoketest
-*.o
-libcap*.deb
-libcap*.dsc
-libcap*.tar.gz
-libcap*.changes
-casper*.deb
-casper*.dsc
-casper*.tar.gz
-casper*.changes
-libcaprights.a
\ No newline at end of file
diff --git a/contrib/capsicum-test/CONTRIBUTING.md b/contrib/capsicum-test/CONTRIBUTING.md
deleted file mode 100644
index 1a054b840c0b..000000000000
--- a/contrib/capsicum-test/CONTRIBUTING.md
+++ /dev/null
@@ -1,20 +0,0 @@
-## Contributor License Agreement ##
-
-Contributions to any Google project must be accompanied by a Contributor
-License Agreement. This is not a copyright **assignment**, it simply gives
-Google permission to use and redistribute your contributions as part of the
-project.
-
- * If you are an individual writing original source code and you're sure you
- own the intellectual property, then you'll need to sign an [individual
- CLA][].
-
- * If you work for a company that wants to allow you to contribute your work,
- then you'll need to sign a [corporate CLA][].
-
-You generally only need to submit a CLA once, so if you've already submitted
-one (even if it was for a different project), you probably don't need to do it
-again.
-
-[individual CLA]: https://developers.google.com/open-source/cla/individual
-[corporate CLA]: https://developers.google.com/open-source/cla/corporate
diff --git a/contrib/capsicum-test/GNUmakefile b/contrib/capsicum-test/GNUmakefile
deleted file mode 100644
index 426eb49cdfa1..000000000000
--- a/contrib/capsicum-test/GNUmakefile
+++ /dev/null
@@ -1,82 +0,0 @@
-OS:=$(shell uname)
-
-# Set ARCH to 32 or x32 for i386/x32 ABIs
-ARCH?=64
-ARCHFLAG=-m$(ARCH)
-
-ifeq ($(OS),FreeBSD)
-EXTRA_LIBS=-lprocstat
-endif
-
-ifeq ($(OS),Linux)
-PROCESSOR:=$(shell uname -p)
-
-ifneq ($(wildcard /usr/lib/$(PROCESSOR)-linux-gnu),)
-# Can use standard Debian location for static libraries.
-PLATFORM_LIBDIR=/usr/lib/$(PROCESSOR)-linux-gnu
-else
-# Attempt to determine library location from gcc configuration.
-PLATFORM_LIBDIR=$(shell gcc -v 2>&1 | grep "Configured with:" | sed 's/.*--libdir=\(\/usr\/[^ ]*\).*/\1/g')
-endif
-
-# Override for explicitly specified ARCHFLAG.
-# Use locally compiled libcaprights in this case, on the
-# assumption that any installed version is 64-bit.
-ifeq ($(ARCHFLAG),-m32)
-PROCESSOR=i386
-PLATFORM_LIBDIR=/usr/lib32
-LIBCAPRIGHTS=./libcaprights.a
-endif
-ifeq ($(ARCHFLAG),-mx32)
-PROCESSOR=x32
-PLATFORM_LIBDIR=/usr/libx32
-LIBCAPRIGHTS=./libcaprights.a
-endif
-
-# Detect presence of libsctp in normal Debian location
-ifneq ($(wildcard $(PLATFORM_LIBDIR)/libsctp.a),)
-LIBSCTP=-lsctp
-CXXFLAGS=-DHAVE_SCTP
-endif
-
-ifneq ($(LIBCAPRIGHTS),)
-# Build local libcaprights.a (assuming ./configure
-# has already been done in libcaprights/)
-LOCAL_LIBS=$(LIBCAPRIGHTS)
-LIBCAPRIGHTS_OBJS=libcaprights/capsicum.o libcaprights/linux-bpf-capmode.o libcaprights/procdesc.o libcaprights/signal.o
-LOCAL_CLEAN=$(LOCAL_LIBS) $(LIBCAPRIGHTS_OBJS)
-else
-# Detect installed libcaprights static library.
-ifneq ($(wildcard $(PLATFORM_LIBDIR)/libcaprights.a),)
-LIBCAPRIGHTS=$(PLATFORM_LIBDIR)/libcaprights.a
-else
-ifneq ($(wildcard /usr/lib/libcaprights.a),)
-LIBCAPRIGHTS=/usr/lib/libcaprights.a
-endif
-endif
-endif
-
-endif
-
-# Extra test programs for arch-transition tests
-EXTRA_PROGS = mini-me.32 mini-me.64
-ifneq ($(wildcard /usr/include/gnu/stubs-x32.h),)
-EXTRA_PROGS += mini-me.x32
-endif
-
-# Chain on to the master makefile
-include makefile
-
-./libcaprights.a: $(LIBCAPRIGHTS_OBJS)
- ar cr $@ $^
-
-# Small static programs of known architectures
-# These may require additional packages to be installed; for example, for Debian:
-# - libc6-dev-i386 provides 32-bit headers for a 64-bit system
-# - libc6-dev-x32 provides headers for the x32 ABI.
-mini-me.32: mini-me.c
- $(CC) $(CFLAGS) -m32 -static -o $@ $<
-mini-me.x32: mini-me.c
- $(CC) $(CFLAGS) -mx32 -static -o $@ $<
-mini-me.64: mini-me.c
- $(CC) $(CFLAGS) -m64 -static -o $@ $<
diff --git a/contrib/capsicum-test/makefile b/contrib/capsicum-test/makefile
deleted file mode 100644
index e55393bbf131..000000000000
--- a/contrib/capsicum-test/makefile
+++ /dev/null
@@ -1,36 +0,0 @@
-all: capsicum-test smoketest mini-me mini-me.noexec mini-me.setuid $(EXTRA_PROGS)
-OBJECTS=capsicum-test-main.o capsicum-test.o capability-fd.o copy_file_range.o fexecve.o procdesc.o capmode.o fcntl.o ioctl.o openat.o sysctl.o select.o mqueue.o socket.o sctp.o capability-fd-pair.o linux.o overhead.o rename.o
-
-GTEST_DIR=gtest-1.10.0
-GTEST_INCS=-I$(GTEST_DIR)/include -I$(GTEST_DIR)
-GTEST_FLAGS=-DGTEST_USE_OWN_TR1_TUPLE=1 -DGTEST_HAS_TR1_TUPLE=1
-CXXFLAGS+=$(ARCHFLAG) -Wall -g $(GTEST_INCS) $(GTEST_FLAGS) --std=c++11
-CFLAGS+=$(ARCHFLAG) -Wall -g
-
-capsicum-test: $(OBJECTS) libgtest.a $(LOCAL_LIBS)
- $(CXX) $(CXXFLAGS) -g -o $@ $(OBJECTS) libgtest.a -lpthread -lrt $(LIBSCTP) $(LIBCAPRIGHTS) $(EXTRA_LIBS)
-
-# Small statically-linked program for fexecve tests
-# (needs to be statically linked so that execve()ing it
-# doesn't involve ld.so traversing the filesystem).
-mini-me: mini-me.c
- $(CC) $(CFLAGS) -static -o $@ $<
-mini-me.noexec: mini-me
- cp mini-me $@ && chmod -x $@
-mini-me.setuid: mini-me
- rm -f $@ && cp mini-me $@&& sudo chown root $@ && sudo chmod u+s $@
-
-# Simple C test of Capsicum syscalls
-SMOKETEST_OBJECTS=smoketest.o
-smoketest: $(SMOKETEST_OBJECTS) $(LOCAL_LIBS)
- $(CC) $(CFLAGS) -o $@ $(SMOKETEST_OBJECTS) $(LIBCAPRIGHTS)
-
-test: capsicum-test mini-me mini-me.noexec mini-me.setuid $(EXTRA_PROGS)
- ./capsicum-test
-gtest-all.o:
- $(CXX) $(CXXFLAGS) $(ARCHFLAG) -I$(GTEST_DIR)/include -I$(GTEST_DIR) $(GTEST_FLAGS) -c ${GTEST_DIR}/src/gtest-all.cc
-libgtest.a: gtest-all.o
- $(AR) -rv libgtest.a gtest-all.o
-
-clean:
- rm -rf gtest-all.o libgtest.a capsicum-test mini-me mini-me.noexec smoketest $(SMOKETEST_OBJECTS) $(OBJECTS) $(LOCAL_CLEAN) $(EXTRA_PROGS)
diff --git a/contrib/capsicum-test/LICENSE b/tests/sys/capsicum/LICENSE
similarity index 100%
rename from contrib/capsicum-test/LICENSE
rename to tests/sys/capsicum/LICENSE
diff --git a/tests/sys/capsicum/Makefile b/tests/sys/capsicum/Makefile
index fd8dcb29d65c..38c1f8285910 100644
--- a/tests/sys/capsicum/Makefile
+++ b/tests/sys/capsicum/Makefile
@@ -9,8 +9,6 @@ CFLAGS+= -I${SRCTOP}/tests
.if ${MK_GOOGLETEST} != no
-.PATH: ${SRCTOP}/contrib/capsicum-test
-
GTESTS+= capsicum-test
GTESTS_WRAPPER_SH.capsicum-test= functional
# This test script runs the same test suite twice, once as root and once as an
diff --git a/contrib/capsicum-test/README.md b/tests/sys/capsicum/README.md
similarity index 100%
rename from contrib/capsicum-test/README.md
rename to tests/sys/capsicum/README.md
diff --git a/contrib/capsicum-test/capability-fd-pair.cc b/tests/sys/capsicum/capability-fd-pair.cc
similarity index 100%
rename from contrib/capsicum-test/capability-fd-pair.cc
rename to tests/sys/capsicum/capability-fd-pair.cc
diff --git a/contrib/capsicum-test/capability-fd.cc b/tests/sys/capsicum/capability-fd.cc
similarity index 100%
rename from contrib/capsicum-test/capability-fd.cc
rename to tests/sys/capsicum/capability-fd.cc
diff --git a/contrib/capsicum-test/capmode.cc b/tests/sys/capsicum/capmode.cc
similarity index 100%
rename from contrib/capsicum-test/capmode.cc
rename to tests/sys/capsicum/capmode.cc
diff --git a/contrib/capsicum-test/capsicum-freebsd.h b/tests/sys/capsicum/capsicum-freebsd.h
similarity index 100%
rename from contrib/capsicum-test/capsicum-freebsd.h
rename to tests/sys/capsicum/capsicum-freebsd.h
diff --git a/contrib/capsicum-test/capsicum-linux.h b/tests/sys/capsicum/capsicum-linux.h
similarity index 100%
rename from contrib/capsicum-test/capsicum-linux.h
rename to tests/sys/capsicum/capsicum-linux.h
diff --git a/contrib/capsicum-test/capsicum-rights.h b/tests/sys/capsicum/capsicum-rights.h
similarity index 100%
rename from contrib/capsicum-test/capsicum-rights.h
rename to tests/sys/capsicum/capsicum-rights.h
diff --git a/contrib/capsicum-test/capsicum-test-main.cc b/tests/sys/capsicum/capsicum-test-main.cc
similarity index 100%
rename from contrib/capsicum-test/capsicum-test-main.cc
rename to tests/sys/capsicum/capsicum-test-main.cc
diff --git a/contrib/capsicum-test/capsicum-test.cc b/tests/sys/capsicum/capsicum-test.cc
similarity index 100%
rename from contrib/capsicum-test/capsicum-test.cc
rename to tests/sys/capsicum/capsicum-test.cc
diff --git a/contrib/capsicum-test/capsicum-test.h b/tests/sys/capsicum/capsicum-test.h
similarity index 100%
rename from contrib/capsicum-test/capsicum-test.h
rename to tests/sys/capsicum/capsicum-test.h
diff --git a/contrib/capsicum-test/capsicum.h b/tests/sys/capsicum/capsicum.h
similarity index 100%
rename from contrib/capsicum-test/capsicum.h
rename to tests/sys/capsicum/capsicum.h
diff --git a/contrib/capsicum-test/copy_file_range.cc b/tests/sys/capsicum/copy_file_range.cc
similarity index 100%
rename from contrib/capsicum-test/copy_file_range.cc
rename to tests/sys/capsicum/copy_file_range.cc
diff --git a/contrib/capsicum-test/fcntl.cc b/tests/sys/capsicum/fcntl.cc
similarity index 100%
rename from contrib/capsicum-test/fcntl.cc
rename to tests/sys/capsicum/fcntl.cc
diff --git a/contrib/capsicum-test/fexecve.cc b/tests/sys/capsicum/fexecve.cc
similarity index 100%
rename from contrib/capsicum-test/fexecve.cc
rename to tests/sys/capsicum/fexecve.cc
diff --git a/contrib/capsicum-test/ioctl.cc b/tests/sys/capsicum/ioctl.cc
similarity index 100%
rename from contrib/capsicum-test/ioctl.cc
rename to tests/sys/capsicum/ioctl.cc
diff --git a/contrib/capsicum-test/linux.cc b/tests/sys/capsicum/linux.cc
similarity index 100%
rename from contrib/capsicum-test/linux.cc
rename to tests/sys/capsicum/linux.cc
diff --git a/contrib/capsicum-test/mini-me.c b/tests/sys/capsicum/mini-me.c
similarity index 100%
rename from contrib/capsicum-test/mini-me.c
rename to tests/sys/capsicum/mini-me.c
diff --git a/contrib/capsicum-test/mqueue.cc b/tests/sys/capsicum/mqueue.cc
similarity index 100%
rename from contrib/capsicum-test/mqueue.cc
rename to tests/sys/capsicum/mqueue.cc
diff --git a/contrib/capsicum-test/openat.cc b/tests/sys/capsicum/openat.cc
similarity index 100%
rename from contrib/capsicum-test/openat.cc
rename to tests/sys/capsicum/openat.cc
diff --git a/contrib/capsicum-test/overhead.cc b/tests/sys/capsicum/overhead.cc
similarity index 100%
rename from contrib/capsicum-test/overhead.cc
rename to tests/sys/capsicum/overhead.cc
diff --git a/contrib/capsicum-test/procdesc.cc b/tests/sys/capsicum/procdesc.cc
similarity index 100%
rename from contrib/capsicum-test/procdesc.cc
rename to tests/sys/capsicum/procdesc.cc
diff --git a/contrib/capsicum-test/rename.cc b/tests/sys/capsicum/rename.cc
similarity index 100%
rename from contrib/capsicum-test/rename.cc
rename to tests/sys/capsicum/rename.cc
diff --git a/contrib/capsicum-test/sctp.cc b/tests/sys/capsicum/sctp.cc
similarity index 100%
rename from contrib/capsicum-test/sctp.cc
rename to tests/sys/capsicum/sctp.cc
diff --git a/contrib/capsicum-test/select.cc b/tests/sys/capsicum/select.cc
similarity index 100%
rename from contrib/capsicum-test/select.cc
rename to tests/sys/capsicum/select.cc
diff --git a/contrib/capsicum-test/showrights b/tests/sys/capsicum/showrights
similarity index 100%
rename from contrib/capsicum-test/showrights
rename to tests/sys/capsicum/showrights
diff --git a/contrib/capsicum-test/smoketest.c b/tests/sys/capsicum/smoketest.c
similarity index 100%
rename from contrib/capsicum-test/smoketest.c
rename to tests/sys/capsicum/smoketest.c
diff --git a/contrib/capsicum-test/socket.cc b/tests/sys/capsicum/socket.cc
similarity index 100%
rename from contrib/capsicum-test/socket.cc
rename to tests/sys/capsicum/socket.cc
diff --git a/contrib/capsicum-test/syscalls.h b/tests/sys/capsicum/syscalls.h
similarity index 100%
rename from contrib/capsicum-test/syscalls.h
rename to tests/sys/capsicum/syscalls.h
diff --git a/contrib/capsicum-test/sysctl.cc b/tests/sys/capsicum/sysctl.cc
similarity index 100%
rename from contrib/capsicum-test/sysctl.cc
rename to tests/sys/capsicum/sysctl.cc
diff --git a/contrib/capsicum-test/waittest.c b/tests/sys/capsicum/waittest.c
similarity index 100%
rename from contrib/capsicum-test/waittest.c
rename to tests/sys/capsicum/waittest.c