git: fba81b33aabf - main - capsicum-tests: remove Linux support
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 17 Feb 2026 00:31:15 UTC
The branch main has been updated by asomers:
URL: https://cgit.FreeBSD.org/src/commit/?id=fba81b33aabff74ad03d5f9f9663c176cf060fa6
commit fba81b33aabff74ad03d5f9f9663c176cf060fa6
Author: Alan Somers <asomers@FreeBSD.org>
AuthorDate: 2026-01-29 20:39:20 +0000
Commit: Alan Somers <asomers@FreeBSD.org>
CommitDate: 2026-02-17 00:29:32 +0000
capsicum-tests: remove Linux support
Now that this project is part of freebsd-src, it no longer needs to be
portable. Remove Linux-only tests, cross-os compatibility code, and
compatibility with older FreeBSD versions. Leave in place some
originally Linux-only tests that could now be ported to FreeBSD, like the
pipe2 tests.
Sponsored by: ConnectWise
Reviewed by: oshogbo
Differential Revision: https://reviews.freebsd.org/D54985
---
tests/sys/capsicum/README.md | 48 ++--------
tests/sys/capsicum/capability-fd-pair.cc | 140 -----------------------------
tests/sys/capsicum/capability-fd.cc | 70 ++-------------
tests/sys/capsicum/capmode.cc | 51 +----------
tests/sys/capsicum/capsicum-freebsd.h | 18 ----
tests/sys/capsicum/capsicum-linux.h | 40 ---------
tests/sys/capsicum/capsicum-rights.h | 103 ---------------------
tests/sys/capsicum/capsicum-test-main.cc | 19 ----
tests/sys/capsicum/capsicum-test.cc | 23 -----
tests/sys/capsicum/capsicum.h | 148 +------------------------------
tests/sys/capsicum/fcntl.cc | 11 +--
tests/sys/capsicum/ioctl.cc | 29 +-----
tests/sys/capsicum/linux.cc | 2 +-
tests/sys/capsicum/openat.cc | 16 ----
tests/sys/capsicum/procdesc.cc | 66 ++++----------
tests/sys/capsicum/sctp.cc | 4 -
tests/sys/capsicum/select.cc | 4 -
tests/sys/capsicum/smoketest.c | 41 ++++-----
tests/sys/capsicum/socket.cc | 4 -
tests/sys/capsicum/syscalls.h | 144 ------------------------------
tests/sys/capsicum/sysctl.cc | 2 -
tests/sys/capsicum/waittest.c | 9 --
22 files changed, 55 insertions(+), 937 deletions(-)
diff --git a/tests/sys/capsicum/README.md b/tests/sys/capsicum/README.md
index a8c8c6686759..8dea65d8d198 100644
--- a/tests/sys/capsicum/README.md
+++ b/tests/sys/capsicum/README.md
@@ -1,9 +1,8 @@
# Capsicum User Space Tests
-This directory holds unit tests for [Capsicum](http://www.cl.cam.ac.uk/research/security/capsicum/)
+This directory holds unit tests for [Capsicum](https://man.freebsd.org/cgi/man.cgi?query=capsicum)
object-capabilities. The tests exercise the syscall interface to a Capsicum-enabled operating system,
-currently either [FreeBSD >=10.x](http://www.freebsd.org) or a modified Linux kernel (the
-[capsicum-linux](http://github.com/google/capsicum-linux) project).
+Currently, [FreeBSD >=10.x](http://www.freebsd.org) is the only such operating system.
The tests are written in C++11 and use the [Google Test](https://code.google.com/p/googletest/)
framework, with some additions to fork off particular tests (because a process that enters capability
@@ -17,46 +16,15 @@ The original basis for these tests was:
written by Robert Watson and Jonathan Anderson for the original FreeBSD 9.x Capsicum implementation
- [unit tests](http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel-capsicum.git;a=tree;f=tools/testing/capsicum_tests;hb=refs/heads/capsicum) written by Meredydd Luff for the original Capsicum-Linux port.
-These tests were coalesced and moved into an independent repository to enable
-comparative testing across multiple OSes, and then substantially extended.
+These tests were coalesced and moved into an [independent repository](https://github.com/google/capsicum-test)
+to enable comparative testing across multiple OSes, and then substantially extended.
-## OS Configuration
+Subsequently, the [capsicum-linux port](https://github.com/google/capsicum-linux) was abandoned by
+its maintainers, rendering the independent repository obsolete. So the tests were copied back into
+the FreeBSD source tree in time for 16.0-RELEASE.
-### Linux
-
-The following kernel configuration options are needed to run the tests:
-
- - `CONFIG_SECURITY_CAPSICUM`: enable the Capsicum framework
- - `CONFIG_PROCDESC`: enable Capsicum process-descriptor functionality
- - `CONFIG_DEBUG_FS`: enable debug filesystem
- - `CONFIG_IP_SCTP`: enable SCTP support
-
-### FreeBSD (>= 10.x)
+## Configuration
The following kernel configuration options are needed so that all tests can run:
- `options P1003_1B_MQUEUE`: Enable POSIX message queues (or `kldload mqueuefs`)
-
-## Other Dependencies
-
-### Linux
-
-The following additional development packages are needed to build the full test suite on Linux.
-
- - `libcaprights`: See below
- - `libcap-dev`: Provides headers for POSIX.1e capabilities.
- - `libsctp1`: Provides SCTP library functions.
- - `libsctp-dev`: Provides headers for SCTP library functions.
-
-
-## Linux libcaprights
-
-The Capsicum userspace library is held in the `libcaprights/` subdirectory. Ideally, this
-library should be built (with `./configure; make` or `dpkg-buildpackage -uc -us`) and
-installed (with `make install` or `dpkg -i libcaprights*.deb`) so that the tests will
-use behave like a normal Capsicum-aware application.
-
-However, if no installed copy of the library is found, the `GNUmakefile` will attempt
-to use the local `libcaprights/*.c` source; this requires `./configure` to have been
-performed in the `libcaprights` subdirectory. The local code is also used for
-cross-compiled builds of the test suite (e.g. `make ARCH=32` or `make ARCH=x32`).
diff --git a/tests/sys/capsicum/capability-fd-pair.cc b/tests/sys/capsicum/capability-fd-pair.cc
index d56dac049805..63522b960d1e 100644
--- a/tests/sys/capsicum/capability-fd-pair.cc
+++ b/tests/sys/capsicum/capability-fd-pair.cc
@@ -46,143 +46,3 @@ TEST(CapabilityPair, sendfile) {
close(sock_fds[1]);
unlink(TmpFile("cap_sendfile_in"));
}
-
-#ifdef HAVE_TEE
-TEST(CapabilityPair, tee) {
- int pipe1_fds[2];
- EXPECT_OK(pipe2(pipe1_fds, O_NONBLOCK));
- int pipe2_fds[2];
- EXPECT_OK(pipe2(pipe2_fds, O_NONBLOCK));
-
- // Put some data into pipe1.
- unsigned char buffer[4] = {1, 2, 3, 4};
- EXPECT_OK(write(pipe1_fds[1], buffer, 4));
-
- cap_rights_t r_ro;
- cap_rights_init(&r_ro, CAP_READ);
- cap_rights_t r_wo;
- cap_rights_init(&r_wo, CAP_WRITE);
- cap_rights_t r_rw;
- cap_rights_init(&r_rw, CAP_READ, CAP_WRITE);
-
- // Various attempts to tee into pipe2.
- int cap_in_wo = dup(pipe1_fds[0]);
- EXPECT_OK(cap_in_wo);
- EXPECT_OK(cap_rights_limit(cap_in_wo, &r_wo));
- int cap_in_rw = dup(pipe1_fds[0]);
- EXPECT_OK(cap_in_rw);
- EXPECT_OK(cap_rights_limit(cap_in_rw, &r_rw));
- int cap_out_ro = dup(pipe2_fds[1]);
- EXPECT_OK(cap_out_ro);
- EXPECT_OK(cap_rights_limit(cap_out_ro, &r_ro));
- int cap_out_rw = dup(pipe2_fds[1]);
- EXPECT_OK(cap_out_rw);
- EXPECT_OK(cap_rights_limit(cap_out_rw, &r_rw));
-
- EXPECT_NOTCAPABLE(tee(cap_in_wo, cap_out_rw, 4, SPLICE_F_NONBLOCK));
- EXPECT_NOTCAPABLE(tee(cap_in_rw, cap_out_ro, 4, SPLICE_F_NONBLOCK));
- EXPECT_OK(tee(cap_in_rw, cap_out_rw, 4, SPLICE_F_NONBLOCK));
-
- close(cap_in_wo);
- close(cap_in_rw);
- close(cap_out_ro);
- close(cap_out_rw);
- close(pipe1_fds[0]);
- close(pipe1_fds[1]);
- close(pipe2_fds[0]);
- close(pipe2_fds[1]);
-}
-#endif
-
-#ifdef HAVE_SPLICE
-TEST(CapabilityPair, splice) {
- int pipe1_fds[2];
- EXPECT_OK(pipe2(pipe1_fds, O_NONBLOCK));
- int pipe2_fds[2];
- EXPECT_OK(pipe2(pipe2_fds, O_NONBLOCK));
-
- // Put some data into pipe1.
- unsigned char buffer[4] = {1, 2, 3, 4};
- EXPECT_OK(write(pipe1_fds[1], buffer, 4));
-
- cap_rights_t r_ro;
- cap_rights_init(&r_ro, CAP_READ);
- cap_rights_t r_wo;
- cap_rights_init(&r_wo, CAP_WRITE);
- cap_rights_t r_rs;
- cap_rights_init(&r_rs, CAP_READ, CAP_SEEK);
- cap_rights_t r_ws;
- cap_rights_init(&r_ws, CAP_WRITE, CAP_SEEK);
-
- // Various attempts to splice.
- int cap_in_wo = dup(pipe1_fds[0]);
- EXPECT_OK(cap_in_wo);
- EXPECT_OK(cap_rights_limit(cap_in_wo, &r_wo));
- int cap_in_ro = dup(pipe1_fds[0]);
- EXPECT_OK(cap_in_ro);
- EXPECT_OK(cap_rights_limit(cap_in_ro, &r_ro));
- int cap_in_ro_seek = dup(pipe1_fds[0]);
- EXPECT_OK(cap_in_ro_seek);
- EXPECT_OK(cap_rights_limit(cap_in_ro_seek, &r_rs));
- int cap_out_wo = dup(pipe2_fds[1]);
- EXPECT_OK(cap_out_wo);
- EXPECT_OK(cap_rights_limit(cap_out_wo, &r_wo));
- int cap_out_ro = dup(pipe2_fds[1]);
- EXPECT_OK(cap_out_ro);
- EXPECT_OK(cap_rights_limit(cap_out_ro, &r_ro));
- int cap_out_wo_seek = dup(pipe2_fds[1]);
- EXPECT_OK(cap_out_wo_seek);
- EXPECT_OK(cap_rights_limit(cap_out_wo_seek, &r_ws));
-
- EXPECT_NOTCAPABLE(splice(cap_in_ro, NULL, cap_out_wo_seek, NULL, 4, SPLICE_F_NONBLOCK));
- EXPECT_NOTCAPABLE(splice(cap_in_wo, NULL, cap_out_wo_seek, NULL, 4, SPLICE_F_NONBLOCK));
- EXPECT_NOTCAPABLE(splice(cap_in_ro_seek, NULL, cap_out_ro, NULL, 4, SPLICE_F_NONBLOCK));
- EXPECT_NOTCAPABLE(splice(cap_in_ro_seek, NULL, cap_out_wo, NULL, 4, SPLICE_F_NONBLOCK));
- EXPECT_OK(splice(cap_in_ro_seek, NULL, cap_out_wo_seek, NULL, 4, SPLICE_F_NONBLOCK));
-
- close(cap_in_wo);
- close(cap_in_ro);
- close(cap_in_ro_seek);
- close(cap_out_wo);
- close(cap_out_ro);
- close(cap_out_wo_seek);
- close(pipe1_fds[0]);
- close(pipe1_fds[1]);
- close(pipe2_fds[0]);
- close(pipe2_fds[1]);
-}
-#endif
-
-#ifdef HAVE_VMSPLICE
-// Although it only involves a single file descriptor, test vmsplice(2) here too.
-TEST(CapabilityPair, vmsplice) {
- int pipe_fds[2];
- EXPECT_OK(pipe2(pipe_fds, O_NONBLOCK));
-
- cap_rights_t r_ro;
- cap_rights_init(&r_ro, CAP_READ);
- cap_rights_t r_rw;
- cap_rights_init(&r_rw, CAP_READ, CAP_WRITE);
-
- int cap_ro = dup(pipe_fds[1]);
- EXPECT_OK(cap_ro);
- EXPECT_OK(cap_rights_limit(cap_ro, &r_ro));
- int cap_rw = dup(pipe_fds[1]);
- EXPECT_OK(cap_rw);
- EXPECT_OK(cap_rights_limit(cap_rw, &r_rw));
-
- unsigned char buffer[4] = {1, 2, 3, 4};
- struct iovec iov;
- memset(&iov, 0, sizeof(iov));
- iov.iov_base = buffer;
- iov.iov_len = sizeof(buffer);
-
- EXPECT_NOTCAPABLE(vmsplice(cap_ro, &iov, 1, SPLICE_F_NONBLOCK));
- EXPECT_OK(vmsplice(cap_rw, &iov, 1, SPLICE_F_NONBLOCK));
-
- close(cap_ro);
- close(cap_rw);
- close(pipe_fds[0]);
- close(pipe_fds[1]);
-}
-#endif
diff --git a/tests/sys/capsicum/capability-fd.cc b/tests/sys/capsicum/capability-fd.cc
index 0551d9bd81ef..a9e4d30ac4b9 100644
--- a/tests/sys/capsicum/capability-fd.cc
+++ b/tests/sys/capsicum/capability-fd.cc
@@ -110,40 +110,11 @@ static right_info known_rights[] = {
RIGHTS_INFO(CAP_KQUEUE),
/* Rights that are only present in some version or some OS, and so are #ifdef'ed */
/* LINKAT got split */
-#ifdef CAP_LINKAT
- RIGHTS_INFO(CAP_LINKAT),
-#endif
-#ifdef CAP_LINKAT_SOURCE
RIGHTS_INFO(CAP_LINKAT_SOURCE),
-#endif
-#ifdef CAP_LINKAT_TARGET
RIGHTS_INFO(CAP_LINKAT_TARGET),
-#endif
- /* Linux aliased some FD operations for pdgetpid/pdkill */
-#ifdef CAP_PDGETPID_FREEBSD
- RIGHTS_INFO(CAP_PDGETPID_FREEBSD),
-#endif
-#ifdef CAP_PDKILL_FREEBSD
- RIGHTS_INFO(CAP_PDKILL_FREEBSD),
-#endif
/* Linux-specific rights */
-#ifdef CAP_FSIGNAL
- RIGHTS_INFO(CAP_FSIGNAL),
-#endif
-#ifdef CAP_EPOLL_CTL
- RIGHTS_INFO(CAP_EPOLL_CTL),
-#endif
#ifdef CAP_NOTIFY
RIGHTS_INFO(CAP_NOTIFY),
-#endif
-#ifdef CAP_SETNS
- RIGHTS_INFO(CAP_SETNS),
-#endif
-#ifdef CAP_PERFMON
- RIGHTS_INFO(CAP_PERFMON),
-#endif
-#ifdef CAP_BPF
- RIGHTS_INFO(CAP_BPF),
#endif
/* Rights in later versions of FreeBSD (>10.0) */
};
@@ -152,7 +123,7 @@ void ShowCapRights(FILE *out, int fd) {
size_t ii;
bool first = true;
cap_rights_t rights;
- CAP_SET_NONE(&rights);
+ CAP_NONE(&rights);
if (cap_rights_get(fd, &rights) < 0) {
fprintf(out, "Failed to get rights for fd %d: errno %d\n", fd, errno);
return;
@@ -210,11 +181,11 @@ FORK_TEST(Capability, CapNew) {
cap_rights_t r_rws;
cap_rights_init(&r_rws, CAP_READ, CAP_WRITE, CAP_SEEK);
cap_rights_t r_all;
- CAP_SET_ALL(&r_all);
+ CAP_ALL(&r_all);
int cap_fd = dup(STDOUT_FILENO);
cap_rights_t rights;
- CAP_SET_NONE(&rights);
+ CAP_NONE(&rights);
EXPECT_OK(cap_rights_get(cap_fd, &rights));
EXPECT_RIGHTS_EQ(&r_all, &rights);
@@ -511,7 +482,7 @@ static void TryFileOps(int fd, cap_rights_t rights) {
close(cap_cap_fd);
char ch;
- CHECK_RIGHT_RESULT(read(cap_fd, &ch, sizeof(ch)), rights, CAP_READ, CAP_SEEK_ASWAS);
+ CHECK_RIGHT_RESULT(read(cap_fd, &ch, sizeof(ch)), rights, CAP_READ, 0);
ssize_t len1 = pread(cap_fd, &ch, sizeof(ch), 0);
CHECK_RIGHT_RESULT(len1, rights, CAP_PREAD);
@@ -519,11 +490,10 @@ static void TryFileOps(int fd, cap_rights_t rights) {
CHECK_RIGHT_RESULT(len2, rights, CAP_PREAD);
EXPECT_EQ(len1, len2);
- CHECK_RIGHT_RESULT(write(cap_fd, &ch, sizeof(ch)), rights, CAP_WRITE, CAP_SEEK_ASWAS);
+ CHECK_RIGHT_RESULT(write(cap_fd, &ch, sizeof(ch)), rights, CAP_WRITE, 0);
CHECK_RIGHT_RESULT(pwrite(cap_fd, &ch, sizeof(ch), 0), rights, CAP_PWRITE);
CHECK_RIGHT_RESULT(lseek(cap_fd, 0, SEEK_SET), rights, CAP_SEEK);
-#ifdef HAVE_CHFLAGS
// Note: this is not expected to work over NFS.
struct statfs sf;
EXPECT_OK(fstatfs(fd, &sf));
@@ -531,7 +501,6 @@ static void TryFileOps(int fd, cap_rights_t rights) {
if (!is_nfs) {
CHECK_RIGHT_RESULT(fchflags(cap_fd, UF_NODUMP), rights, CAP_FCHFLAGS);
}
-#endif
CHECK_RIGHT_MMAP_RESULT(mmap(NULL, getpagesize(), PROT_NONE, MAP_SHARED, cap_fd, 0),
rights, CAP_MMAP);
@@ -551,9 +520,6 @@ static void TryFileOps(int fd, cap_rights_t rights) {
rights, CAP_MMAP_RWX);
CHECK_RIGHT_RESULT(fsync(cap_fd), rights, CAP_FSYNC);
-#ifdef HAVE_SYNC_FILE_RANGE
- CHECK_RIGHT_RESULT(sync_file_range(cap_fd, 0, 1, 0), rights, CAP_FSYNC, CAP_SEEK);
-#endif
int rc = fcntl(cap_fd, F_GETFL);
CHECK_RIGHT_RESULT(rc, rights, CAP_FCNTL);
@@ -575,10 +541,6 @@ static void TryFileOps(int fd, cap_rights_t rights) {
struct statfs cap_sf;
CHECK_RIGHT_RESULT(fstatfs(cap_fd, &cap_sf), rights, CAP_FSTATFS);
-#ifdef HAVE_FPATHCONF
- CHECK_RIGHT_RESULT(fpathconf(cap_fd, _PC_NAME_MAX), rights, CAP_FPATHCONF);
-#endif
-
CHECK_RIGHT_RESULT(futimes(cap_fd, NULL), rights, CAP_FUTIMES);
struct pollfd pollfd;
@@ -806,14 +768,12 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
}
EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0));
-#ifdef HAVE_CHFLAGSAT
rc = openat(dirfd, "cap_chflagsat", O_CREAT, 0600);
EXPECT_OK(rc);
EXPECT_OK(close(rc));
rc = chflagsat(dfd_cap, "cap_chflagsat", UF_NODUMP, 0);
CHECK_RIGHT_RESULT(rc, rights, CAP_CHFLAGSAT, CAP_LOOKUP);
EXPECT_OK(unlinkat(dirfd, "cap_chflagsat", 0));
-#endif
rc = openat(dirfd, "cap_fchownat", O_CREAT, 0600);
EXPECT_OK(rc);
@@ -871,13 +831,11 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR));
}
-#ifdef HAVE_MKFIFOAT
rc = mkfifoat(dfd_cap, "cap_mkfifoat", 0600);
CHECK_RIGHT_RESULT(rc, rights, CAP_MKFIFOAT, CAP_LOOKUP);
if (rc >= 0) {
EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0));
}
-#endif
if (getuid() == 0) {
rc = mknodat(dfd_cap, "cap_mknodat", S_IFCHR | 0600, 0);
@@ -980,12 +938,10 @@ FORK_TEST(Capability, DirOperations) {
DirOperationsTest(0);
}
-#ifdef O_PATH
FORK_TEST(Capability, PathDirOperations) {
// Make the dfd in the test a path-only file descriptor.
DirOperationsTest(O_PATH);
}
-#endif
static void TryReadWrite(int cap_fd) {
char buffer[64];
@@ -1136,22 +1092,6 @@ TEST(Capability, SyscallAt) {
EXPECT_OK(mkfifoat(cap_dfd_all, "cap_fifo", 0755));
unlink(TmpFile("cap_at_topdir/cap_fifo"));
-#ifdef HAVE_MKNOD_REG
- // Need CAP_CREATE to create a regular file with mknodat(2).
- EXPECT_NOTCAPABLE(mknodat(cap_dfd_all, "cap_regular", S_IFREG|0755, 0));
- unlink(TmpFile("cap_at_topdir/cap_regular"));
- EXPECT_OK(mknodat(cap_dfd_create, "cap_regular", S_IFREG|0755, 0));
- unlink(TmpFile("cap_at_topdir/cap_regular"));
-#endif
-
-#ifdef HAVE_MKNOD_SOCKET
- // Need CAP_BIND to create a UNIX domain socket with mknodat(2).
- EXPECT_NOTCAPABLE(mknodat(cap_dfd_all, "cap_socket", S_IFSOCK|0755, 0));
- unlink(TmpFile("cap_at_topdir/cap_socket"));
- EXPECT_OK(mknodat(cap_dfd_bind, "cap_socket", S_IFSOCK|0755, 0));
- unlink(TmpFile("cap_at_topdir/cap_socket"));
-#endif
-
close(cap_dfd_all);
close(cap_dfd_no_mkfifo);
close(cap_dfd_no_mkdir);
diff --git a/tests/sys/capsicum/capmode.cc b/tests/sys/capsicum/capmode.cc
index 5ff025290211..c6eef19b350f 100644
--- a/tests/sys/capsicum/capmode.cc
+++ b/tests/sys/capsicum/capmode.cc
@@ -3,9 +3,7 @@
// whether or not they return the expected ECAPMODE.
#include <sys/types.h>
#include <sys/socket.h>
-#ifdef __FreeBSD__
#include <sys/sockio.h>
-#endif
#include <sys/stat.h>
#include <sys/mount.h>
#include <sys/mman.h>
@@ -69,18 +67,14 @@ FORK_TEST_F(WithFiles, DisallowedFileSyscalls) {
EXPECT_CAPMODE(access(TmpFile("cap_capmode_access"), F_OK));
EXPECT_CAPMODE(acct(TmpFile("cap_capmode_acct")));
EXPECT_CAPMODE(chdir(TmpFile("cap_capmode_chdir")));
-#ifdef HAVE_CHFLAGS
EXPECT_CAPMODE(chflags(TmpFile("cap_capmode_chflags"), UF_NODUMP));
-#endif
EXPECT_CAPMODE(chmod(TmpFile("cap_capmode_chmod"), 0644));
EXPECT_CAPMODE(chown(TmpFile("cap_capmode_chown"), -1, -1));
EXPECT_CAPMODE(chroot(TmpFile("cap_capmode_chroot")));
EXPECT_CAPMODE(creat(TmpFile("cap_capmode_creat"), 0644));
EXPECT_CAPMODE(fchdir(fd_dir_));
-#ifdef HAVE_GETFSSTAT
struct statfs statfs;
EXPECT_CAPMODE(getfsstat(&statfs, sizeof(statfs), MNT_NOWAIT));
-#endif
EXPECT_CAPMODE(link(TmpFile("foo"), TmpFile("bar")));
struct stat sb;
EXPECT_CAPMODE(lstat(TmpFile("cap_capmode_lstat"), &sb));
@@ -89,9 +83,7 @@ FORK_TEST_F(WithFiles, DisallowedFileSyscalls) {
EXPECT_CAPMODE(open("/dev/null", O_RDWR));
char buf[64];
EXPECT_CAPMODE(readlink(TmpFile("cap_capmode_readlink"), buf, sizeof(buf)));
-#ifdef HAVE_REVOKE
EXPECT_CAPMODE(revoke(TmpFile("cap_capmode_revoke")));
-#endif
EXPECT_CAPMODE(stat(TmpFile("cap_capmode_stat"), &sb));
EXPECT_CAPMODE(symlink(TmpFile("cap_capmode_symlink_from"), TmpFile("cap_capmode_symlink_to")));
EXPECT_CAPMODE(unlink(TmpFile("cap_capmode_unlink")));
@@ -122,9 +114,7 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) {
int fd_dup = dup(fd_file_);
EXPECT_OK(fd_dup);
EXPECT_OK(dup2(fd_file_, fd_dup));
-#ifdef HAVE_DUP3
EXPECT_OK(dup3(fd_file_, fd_dup, 0));
-#endif
if (fd_dup >= 0) close(fd_dup);
struct stat sb;
@@ -134,12 +124,10 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) {
EXPECT_OK(read(fd_file_, &ch, sizeof(ch)));
EXPECT_OK(write(fd_file_, &ch, sizeof(ch)));
-#ifdef HAVE_CHFLAGS
rc = fchflags(fd_file_, UF_NODUMP);
if (rc < 0) {
EXPECT_NE(ECAPMODE, errno);
}
-#endif
char buf[1024];
rc = getdents_(fd_dir_, (void*)buf, sizeof(buf));
@@ -152,7 +140,7 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) {
struct iovec io;
io.iov_base = data;
io.iov_len = 2;
-#if !defined(__i386__) && !defined(__linux__)
+#if !defined(__i386__)
// TODO(drysdale): reinstate these tests for 32-bit runs when possible
// libc bug is fixed.
EXPECT_OK(pwritev(fd_file_, &io, 1, 0));
@@ -160,18 +148,6 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) {
#endif
EXPECT_OK(writev(fd_file_, &io, 1));
EXPECT_OK(readv(fd_file_, &io, 1));
-
-#ifdef HAVE_SYNCFS
- EXPECT_OK(syncfs(fd_file_));
-#endif
-#ifdef HAVE_SYNC_FILE_RANGE
- EXPECT_OK(sync_file_range(fd_file_, 0, 1, 0));
-#endif
-#ifdef HAVE_READAHEAD
- if (!tmpdir_on_tmpfs) { // tmpfs doesn't support readahead(2)
- EXPECT_OK(readahead(fd_file_, 0, 1));
- }
-#endif
}
FORK_TEST_F(WithFiles, AllowedSocketSyscalls) {
@@ -301,19 +277,10 @@ FORK_TEST(Capmode, AllowedIdentifierSyscalls) {
gid_t egid;
gid_t sgid;
EXPECT_OK(getresgid(&rgid, &egid, &sgid));
-#ifdef HAVE_GETLOGIN
EXPECT_TRUE(getlogin() != NULL);
-#endif
// Set various identifiers (to their existing values).
EXPECT_OK(setgid(my_gid));
-#ifdef HAVE_SETFSGID
- EXPECT_OK(setfsgid(my_gid));
-#endif
- EXPECT_OK(setuid(my_uid));
-#ifdef HAVE_SETFSUID
- EXPECT_OK(setfsuid(my_uid));
-#endif
EXPECT_OK(setregid(my_gid, my_gid));
EXPECT_OK(setresgid(my_gid, my_gid, my_gid));
EXPECT_OK(setreuid(my_uid, my_uid));
@@ -410,14 +377,6 @@ FORK_TEST(Capmode, AllowedPipeSyscalls) {
int rc = pipe(fd2);
EXPECT_EQ(0, rc);
-#ifdef HAVE_VMSPLICE
- char buf[11] = "0123456789";
- struct iovec iov;
- iov.iov_base = buf;
- iov.iov_len = sizeof(buf);
- EXPECT_FAIL_NOT_CAPMODE(vmsplice(fd2[0], &iov, 1, SPLICE_F_NONBLOCK));
-#endif
-
if (rc == 0) {
close(fd2[0]);
close(fd2[1]);
@@ -605,7 +564,6 @@ FORK_TEST_F(WithFiles, AllowedMiscSyscalls) {
// TODO(FreeBSD): ktrace
-#ifdef HAVE_SYSARCH
// sysarch() is, by definition, architecture-dependent
#if defined (__amd64__) || defined (__i386__)
long sysarch_arg = 0;
@@ -613,14 +571,13 @@ FORK_TEST_F(WithFiles, AllowedMiscSyscalls) {
#else
// TOOD(jra): write a test for other architectures, like arm
#endif
-#endif
}
void *thread_fn(void *p) {
int fd = (int)(intptr_t)p;
if (verbose) fprintf(stderr, " thread waiting to run\n");
AWAIT_INT_MESSAGE(fd, MSG_PARENT_CHILD_SHOULD_RUN);
- EXPECT_OK(getpid_());
+ EXPECT_OK(getpid());
EXPECT_CAPMODE(open("/dev/null", O_RDWR));
// Return whether there have been any failures to the main thread.
void *rval = (void *)(intptr_t)testing::Test::HasFailure();
@@ -670,7 +627,7 @@ FORK_TEST(Capmode, NewThread) {
SEND_INT_MESSAGE(proc_pipe[0], MSG_PARENT_CHILD_SHOULD_RUN);
// Do an allowed syscall.
- EXPECT_OK(getpid_());
+ EXPECT_OK(getpid());
// Wait for the first child to exit (should get a zero exit code message).
AWAIT_INT_MESSAGE(proc_pipe[0], 0);
@@ -686,7 +643,7 @@ FORK_TEST(Capmode, NewThread) {
if (verbose) fprintf(stderr, " second child started\n");
EXPECT_OK(close(proc_pipe[0]));
// Child: do an allowed and a disallowed syscall.
- EXPECT_OK(getpid_());
+ EXPECT_OK(getpid());
EXPECT_CAPMODE(open("/dev/null", O_RDWR));
// Notify the parent of success/failure.
int rval = (int)testing::Test::HasFailure();
diff --git a/tests/sys/capsicum/capsicum-freebsd.h b/tests/sys/capsicum/capsicum-freebsd.h
index 13fa24a0f722..9cb3149a05a4 100644
--- a/tests/sys/capsicum/capsicum-freebsd.h
+++ b/tests/sys/capsicum/capsicum-freebsd.h
@@ -1,6 +1,5 @@
#ifndef __CAPSICUM_FREEBSD_H__
#define __CAPSICUM_FREEBSD_H__
-#ifdef __FreeBSD__
/************************************************************
* FreeBSD Capsicum Functionality.
************************************************************/
@@ -12,15 +11,9 @@ extern "C" {
/* FreeBSD definitions. */
#include <errno.h>
#include <sys/param.h>
-#if __FreeBSD_version >= 1100014 || \
- (__FreeBSD_version >= 1001511 && __FreeBSD_version < 1100000)
#include <sys/capsicum.h>
-#else
-#include <sys/capability.h>
-#endif
#include <sys/procdesc.h>
-#if __FreeBSD_version >= 1000000
#define AT_SYSCALLS_IN_CAPMODE
#define HAVE_CAP_RIGHTS_GET
#define HAVE_CAP_RIGHTS_LIMIT
@@ -32,11 +25,7 @@ typedef uint32_t cap_fcntl_t;
// ioctl(2) and cap_ioctls_limit(2) take unsigned long.
typedef unsigned long cap_ioctl_t;
-#if __FreeBSD_version >= 1101000
#define HAVE_OPENAT_INTERMEDIATE_DOTDOT
-#endif
-
-#endif
#ifdef __cplusplus
}
@@ -45,13 +34,8 @@ typedef unsigned long cap_ioctl_t;
// Use fexecve_() in tests to allow Linux variant to bypass glibc version.
#define fexecve_(F, A, E) fexecve(F, A, E)
-#ifdef ENOTBENEATH
-#define E_NO_TRAVERSE_CAPABILITY ENOTBENEATH
-#define E_NO_TRAVERSE_O_BENEATH ENOTBENEATH
-#else
#define E_NO_TRAVERSE_CAPABILITY ENOTCAPABLE
#define E_NO_TRAVERSE_O_BENEATH ENOTCAPABLE
-#endif
// FreeBSD limits the number of ioctls in cap_ioctls_limit to 256
#define CAP_IOCTLS_LIMIT_MAX 256
@@ -66,6 +50,4 @@ typedef unsigned long cap_ioctl_t;
// FreeBSD generates a capability from sctp_peeloff(cap_fd,...).
#define CAP_FROM_PEELOFF
-#endif /* __FreeBSD__ */
-
#endif /*__CAPSICUM_FREEBSD_H__*/
diff --git a/tests/sys/capsicum/capsicum-linux.h b/tests/sys/capsicum/capsicum-linux.h
deleted file mode 100644
index 5bea418a2bc7..000000000000
--- a/tests/sys/capsicum/capsicum-linux.h
+++ /dev/null
@@ -1,40 +0,0 @@
-#ifndef __CAPSICUM_LINUX_H__
-#define __CAPSICUM_LINUX_H__
-
-#ifdef __linux__
-/************************************************************
- * Linux Capsicum Functionality.
- ************************************************************/
-#include <errno.h>
-#include <sys/procdesc.h>
-#include <sys/capsicum.h>
-
-#define HAVE_CAP_RIGHTS_LIMIT
-#define HAVE_CAP_RIGHTS_GET
-#define HAVE_CAP_FCNTLS_LIMIT
-#define HAVE_CAP_IOCTLS_LIMIT
-#define HAVE_PROC_FDINFO
-#define HAVE_PDWAIT4
-#define CAP_FROM_ACCEPT
-// TODO(drysdale): uncomment if/when Linux propagates rights on sctp_peeloff.
-// Linux does not generate a capability from sctp_peeloff(cap_fd,...).
-// #define CAP_FROM_PEELOFF
-// TODO(drysdale): uncomment if/when Linux allows intermediate .. path segments
-// for openat()-like operations.
-// #define HAVE_OPENAT_INTERMEDIATE_DOTDOT
-
-// Failure to open file due to path traversal generates EPERM
-#ifdef ENOTBENEATH
-#define E_NO_TRAVERSE_CAPABILITY ENOTBENEATH
-#define E_NO_TRAVERSE_O_BENEATH ENOTBENEATH
-#else
-#define E_NO_TRAVERSE_CAPABILITY EPERM
-#define E_NO_TRAVERSE_O_BENEATH EPERM
-#endif
-
-// Too many links
-#define E_TOO_MANY_LINKS ELOOP
-
-#endif /* __linux__ */
-
-#endif /*__CAPSICUM_LINUX_H__*/
diff --git a/tests/sys/capsicum/capsicum-rights.h b/tests/sys/capsicum/capsicum-rights.h
index 73c445434404..751781fd2628 100644
--- a/tests/sys/capsicum/capsicum-rights.h
+++ b/tests/sys/capsicum/capsicum-rights.h
@@ -5,114 +5,11 @@
extern "C" {
#endif
-#ifdef __FreeBSD__
#include <sys/param.h>
-#if __FreeBSD_version >= 1100014 || \
- (__FreeBSD_version >= 1001511 && __FreeBSD_version < 1100000)
#include <sys/capsicum.h>
-#else
-#include <sys/capability.h>
-#endif
-#endif
-
-#ifdef __linux__
-#include <linux/capsicum.h>
-#endif
#ifdef __cplusplus
}
#endif
-#ifndef CAP_RIGHTS_VERSION
-/************************************************************
- * Capsicum compatibility layer: implement new (FreeBSD10.x)
- * rights manipulation API in terms of original (FreeBSD9.x)
- * functionality.
- ************************************************************/
-#include <stdarg.h>
-#include <stdbool.h>
-
-/* Rights manipulation macros/functions.
- * Note that these use variadic macros, available in C99 / C++11 (and
- * also in earlier gcc versions).
- */
-#define cap_rights_init(rights, ...) _cap_rights_init((rights), __VA_ARGS__, 0ULL)
-#define cap_rights_set(rights, ...) _cap_rights_set((rights), __VA_ARGS__, 0ULL)
-#define cap_rights_clear(rights, ...) _cap_rights_clear((rights), __VA_ARGS__, 0ULL)
-#define cap_rights_is_set(rights, ...) _cap_rights_is_set((rights), __VA_ARGS__, 0ULL)
-
-inline cap_rights_t* _cap_rights_init(cap_rights_t *rights, ...) {
- va_list ap;
- cap_rights_t right;
- *rights = 0;
- va_start(ap, rights);
- while (true) {
- right = va_arg(ap, cap_rights_t);
- *rights |= right;
- if (right == 0) break;
- }
- va_end(ap);
- return rights;
-}
-
-inline cap_rights_t* _cap_rights_set(cap_rights_t *rights, ...) {
- va_list ap;
- cap_rights_t right;
- va_start(ap, rights);
- while (true) {
- right = va_arg(ap, cap_rights_t);
- *rights |= right;
- if (right == 0) break;
- }
- va_end(ap);
- return rights;
-}
-
-inline cap_rights_t* _cap_rights_clear(cap_rights_t *rights, ...) {
- va_list ap;
- cap_rights_t right;
- va_start(ap, rights);
- while (true) {
- right = va_arg(ap, cap_rights_t);
- *rights &= ~right;
- if (right == 0) break;
- }
- va_end(ap);
- return rights;
-}
-
-inline bool _cap_rights_is_set(const cap_rights_t *rights, ...) {
- va_list ap;
- cap_rights_t right;
- cap_rights_t accumulated = 0;
- va_start(ap, rights);
- while (true) {
- right = va_arg(ap, cap_rights_t);
- accumulated |= right;
- if (right == 0) break;
- }
- va_end(ap);
- return (accumulated & *rights) == accumulated;
-}
-
-inline bool _cap_rights_is_valid(const cap_rights_t *rights) {
- return true;
-}
-
-inline cap_rights_t* cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src) {
- *dst |= *src;
- return dst;
-}
-
-inline cap_rights_t* cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src) {
- *dst &= ~(*src);
- return dst;
-}
-
-inline bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little) {
- return ((*big) & (*little)) == (*little);
-}
-
-#endif /* old/new style rights manipulation */
-
#endif /*__CAPSICUM_RIGHTS_H__*/
diff --git a/tests/sys/capsicum/capsicum-test-main.cc b/tests/sys/capsicum/capsicum-test-main.cc
index d0f955270fd4..2a2c75000039 100644
--- a/tests/sys/capsicum/capsicum-test-main.cc
+++ b/tests/sys/capsicum/capsicum-test-main.cc
@@ -1,10 +1,5 @@
#include <sys/types.h>
-#ifdef __linux__
-#include <sys/vfs.h>
-#include <linux/magic.h>
-#elif defined(__FreeBSD__)
#include <sys/sysctl.h>
-#endif
#include <ctype.h>
#include <errno.h>
#include <libgen.h>
@@ -16,11 +11,6 @@
#include "gtest/gtest.h"
#include "capsicum-test.h"
-// For versions of googletest that lack GTEST_SKIP.
-#ifndef GTEST_SKIP
-#define GTEST_SKIP GTEST_FAIL
-#endif
-
std::string tmpdir;
class SetupEnvironment : public ::testing::Environment
@@ -38,7 +28,6 @@ public:
std::cerr << tmpdir << std::endl;
}
void CheckCapsicumSupport() {
-#ifdef __FreeBSD__
int rc;
bool trap_enotcap_enabled;
size_t trap_enotcap_enabled_len = sizeof(trap_enotcap_enabled);
@@ -60,7 +49,6 @@ public:
<< "Skipping tests because its enablement invalidates the "
<< "test results.";
}
-#endif /* FreeBSD */
}
void CreateTemporaryRoot() {
char *tmpdir_name = tempnam(nullptr, "cptst");
@@ -148,13 +136,6 @@ int main(int argc, char* argv[]) {
}
}
-#ifdef __linux__
- // Check whether our temporary directory is on a tmpfs volume.
- struct statfs fsinfo;
- statfs(tmpdir.c_str(), &fsinfo);
- tmpdir_on_tmpfs = (fsinfo.f_type == TMPFS_MAGIC);
-#endif
-
testing::AddGlobalTestEnvironment(new SetupEnvironment());
return RUN_ALL_TESTS();
}
diff --git a/tests/sys/capsicum/capsicum-test.cc b/tests/sys/capsicum/capsicum-test.cc
index 1e722089761f..d221aca9e4a8 100644
--- a/tests/sys/capsicum/capsicum-test.cc
+++ b/tests/sys/capsicum/capsicum-test.cc
@@ -1,6 +1,5 @@
#include "capsicum-test.h"
-#ifdef __FreeBSD__
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/queue.h>
@@ -8,7 +7,6 @@
#include <sys/sysctl.h>
#include <sys/user.h>
#include <libprocstat.h>
-#endif
#include <stdio.h>
#include <string.h>
@@ -38,26 +36,6 @@ const char *TmpFile(const char *p) {
}
char ProcessState(int pid) {
-#ifdef __linux__
- // Open the process status file.
- char s[1024];
- snprintf(s, sizeof(s), "/proc/%d/status", pid);
- FILE *f = fopen(s, "r");
- if (f == NULL) return '\0';
-
- // Read the file line by line looking for the state line.
- const char *prompt = "State:\t";
- while (!feof(f)) {
- fgets(s, sizeof(s), f);
- if (!strncmp(s, prompt, strlen(prompt))) {
- fclose(f);
- return s[strlen(prompt)];
- }
- }
- fclose(f);
- return '?';
-#endif
-#ifdef __FreeBSD__
// First check if the process exists/we have permission to see it. This
// Avoids warning messages being printed to stderr by libprocstat.
size_t len = 0;
@@ -115,5 +93,4 @@ char ProcessState(int pid) {
procstat_close(prstat);
if (verbose) fprintf(stderr, "Process %d in state '%c'\n", pid, result);
return result;
-#endif
}
diff --git a/tests/sys/capsicum/capsicum.h b/tests/sys/capsicum/capsicum.h
index 0005e7884673..5880bbc8b882 100644
--- a/tests/sys/capsicum/capsicum.h
+++ b/tests/sys/capsicum/capsicum.h
@@ -4,141 +4,11 @@
#ifndef __CAPSICUM_H__
#define __CAPSICUM_H__
-#ifdef __FreeBSD__
-#include "capsicum-freebsd.h"
-#endif
-
-#ifdef __linux__
-#include "capsicum-linux.h"
-#endif
-
-/*
- * CAP_ALL/CAP_NONE is a value in FreeBSD9.x Capsicum, but a functional macro
- * in FreeBSD10.x Capsicum. Always use CAP_SET_ALL/CAP_SET_NONE instead.
- */
-#ifndef CAP_SET_ALL
-#ifdef CAP_RIGHTS_VERSION
-#define CAP_SET_ALL(rights) CAP_ALL(rights)
-#else
-#define CAP_SET_ALL(rights) *(rights) = CAP_MASK_VALID
-#endif
-#endif
-
-#ifndef CAP_SET_NONE
-#ifdef CAP_RIGHTS_VERSION
-#define CAP_SET_NONE(rights) CAP_NONE(rights)
-#else
-#define CAP_SET_NONE(rights) *(rights) = 0
-#endif
-#endif
*** 1001 LINES SKIPPED ***