Lines Matching +full:addr +full:- +full:mode

2 // available in capability mode.  The goal is not to see if they work, just
27 #include "capsicum-test.h"
61 unsigned int mode = -1; in FORK_TEST_F() local
62 EXPECT_OK(cap_getmode(&mode)); in FORK_TEST_F()
63 EXPECT_EQ(0, (int)mode); in FORK_TEST_F()
64 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST_F()
65 EXPECT_OK(cap_getmode(&mode)); in FORK_TEST_F()
66 EXPECT_EQ(1, (int)mode); in FORK_TEST_F()
68 // System calls that are not permitted in capability mode. in FORK_TEST_F()
76 EXPECT_CAPMODE(chown(TmpFile("cap_capmode_chown"), -1, -1)); in FORK_TEST_F()
102 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST_F()
104 // System calls that are not permitted in capability mode. in FORK_TEST_F()
105 struct sockaddr_in addr; in FORK_TEST_F() local
106 addr.sin_family = AF_INET; in FORK_TEST_F()
107 addr.sin_port = 0; in FORK_TEST_F()
108 addr.sin_addr.s_addr = htonl(INADDR_ANY); in FORK_TEST_F()
109 EXPECT_CAPMODE(bind_(fd_socket_, (sockaddr*)&addr, sizeof(addr))); in FORK_TEST_F()
110 addr.sin_family = AF_INET; in FORK_TEST_F()
111 addr.sin_port = 53; in FORK_TEST_F()
112 addr.sin_addr.s_addr = htonl(0x08080808); in FORK_TEST_F()
113 EXPECT_CAPMODE(connect_(fd_tcp_socket_, (sockaddr*)&addr, sizeof(addr))); in FORK_TEST_F()
118 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST_F()
121 fd_close_ = -1; in FORK_TEST_F()
156 // TODO(drysdale): reinstate these tests for 32-bit runs when possible in FORK_TEST_F()
178 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST_F()
180 // recvfrom() either returns -1 with EAGAIN, or 0. in FORK_TEST_F()
189 // but they are allowed in capability mode, so errno != ECAPMODE. in FORK_TEST_F()
204 int fd_pair[2] = {-1, -1}; in FORK_TEST_F()
213 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST_F()
215 // Creation of raw sockets is not permitted in capability mode. in FORK_TEST_F()
229 // mode. in FORK_TEST_F()
252 struct sockaddr_in addr; in FORK_TEST() local
253 addr.sin_family = AF_INET; in FORK_TEST()
254 addr.sin_port = htons(0); in FORK_TEST()
255 addr.sin_addr.s_addr = htonl(INADDR_ANY); in FORK_TEST()
256 EXPECT_OK(bind(fd_socket, (sockaddr*)&addr, sizeof(addr))); in FORK_TEST()
258 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
285 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
325 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
343 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
360 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
367 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
382 void *mem = mmap(NULL, mem_size, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANONYMOUS, -1, 0); in FORK_TEST()
384 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
397 // mlockall may well fail with ENOMEM for non-root users, as the in FORK_TEST()
408 EXPECT_OK(cap_enter()); // Enter capability mode in FORK_TEST()
449 // Child: enter cap mode and run tests in TEST()
450 EXPECT_OK(cap_enter()); // Enter capability mode in TEST()
473 // Check that invalid requests get a non-Capsicum errno. in TEST()
475 rc = readlinkat(-1, "symlink", buffer, sizeof(buffer)); in TEST()
485 rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
510 // Child: move into temp dir, enter cap mode and run tests in TEST()
512 EXPECT_OK(cap_enter()); // Enter capability mode in TEST()
542 rc = WIFEXITED(status) ? WEXITSTATUS(status) : -1; in TEST()
555 // Check that abort(3) works even in capability mode. in TEST()
558 // Child: enter capability mode and call abort(3). in TEST()
560 cap_enter(); // Enter capability mode. in TEST()
575 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST_F()
578 EXPECT_NE(-ECAPMODE, (int)um); in FORK_TEST_F()
609 // sysarch() is, by definition, architecture-dependent in FORK_TEST_F()
633 // Fire off a new thread before entering capability mode in FORK_TEST()
646 // Fire off a new process before entering capability mode. in FORK_TEST()
647 if (verbose) fprintf(stderr, " starting second child (non-capability mode)\n"); in FORK_TEST()
653 // Child: wait and then confirm this process is unaffected by capability mode in the parent. in FORK_TEST()
665 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()
667 // child thread that were created before entering capability mode. in FORK_TEST()
668 // - The child process is unaffected by capability mode. in FORK_TEST()
669 // - The child thread is affected by capability mode. in FORK_TEST()
679 << "Cannot continue test with pre-existing failures."; in FORK_TEST()
680 // Now that we're in capability mode, if we create a second child process in FORK_TEST()
681 // it will be affected by capability mode. in FORK_TEST()
682 if (verbose) fprintf(stderr, " starting second child (in capability mode)\n"); in FORK_TEST()
698 // be affected by capability mode since it's per-process not per-thread. in FORK_TEST()
701 // of the gtest-internal mutexes, so the child process deadlocks. in FORK_TEST()
703 // Wait for the early-started thread. in FORK_TEST()
710 // Fire off a new (second) child thread, which is also affected by capability mode. in FORK_TEST()
712 << "Cannot continue test with pre-existing failures."; in FORK_TEST()
722 << "Cannot continue test with pre-existing failures."; in FORK_TEST()
723 if (verbose) fprintf(stderr, " starting third child (in capability mode)\n"); in FORK_TEST()
763 EXPECT_OK(cap_enter()); // Enter capability mode. in FORK_TEST()