xref: /freebsd/contrib/capsicum-test/select.cc (revision 9a696dc6bb0e8e783dfd169c8299e1f33aac2935) 
1*8ac5aef8SEnji Cooper #include <sys/select.h>
2*8ac5aef8SEnji Cooper #include <sys/types.h>
3*8ac5aef8SEnji Cooper #include <sys/stat.h>
4*8ac5aef8SEnji Cooper #include <fcntl.h>
5*8ac5aef8SEnji Cooper #include <poll.h>
6*8ac5aef8SEnji Cooper 
7*8ac5aef8SEnji Cooper #include "capsicum.h"
8*8ac5aef8SEnji Cooper #include "syscalls.h"
9*8ac5aef8SEnji Cooper #include "capsicum-test.h"
10*8ac5aef8SEnji Cooper 
11*8ac5aef8SEnji Cooper namespace {
12*8ac5aef8SEnji Cooper 
AddFDToSet(fd_set * fset,int fd,int maxfd)13*8ac5aef8SEnji Cooper int AddFDToSet(fd_set* fset, int fd, int maxfd) {
14*8ac5aef8SEnji Cooper   FD_SET(fd, fset);
15*8ac5aef8SEnji Cooper   if (fd > maxfd) maxfd = fd;
16*8ac5aef8SEnji Cooper   return maxfd;
17*8ac5aef8SEnji Cooper }
18*8ac5aef8SEnji Cooper 
InitFDSet(fd_set * fset,int * fds,int fdcount)19*8ac5aef8SEnji Cooper int InitFDSet(fd_set* fset, int *fds, int fdcount) {
20*8ac5aef8SEnji Cooper   FD_ZERO(fset);
21*8ac5aef8SEnji Cooper   int maxfd = -1;
22*8ac5aef8SEnji Cooper   for (int ii = 0; ii < fdcount; ii++) {
23*8ac5aef8SEnji Cooper     maxfd = AddFDToSet(fset, fds[ii], maxfd);
24*8ac5aef8SEnji Cooper   }
25*8ac5aef8SEnji Cooper   return maxfd;
26*8ac5aef8SEnji Cooper }
27*8ac5aef8SEnji Cooper 
28*8ac5aef8SEnji Cooper }  // namespace
29*8ac5aef8SEnji Cooper 
30*8ac5aef8SEnji Cooper FORK_TEST_ON(Select, LotsOFileDescriptors, TmpFile("cap_select")) {
31*8ac5aef8SEnji Cooper   int fd = open(TmpFile("cap_select"), O_RDWR | O_CREAT, 0644);
32*8ac5aef8SEnji Cooper   EXPECT_OK(fd);
33*8ac5aef8SEnji Cooper   if (fd < 0) return;
34*8ac5aef8SEnji Cooper 
35*8ac5aef8SEnji Cooper   // Create many POLL_EVENT capabilities.
36*8ac5aef8SEnji Cooper   const int kCapCount = 64;
37*8ac5aef8SEnji Cooper   int cap_fd[kCapCount];
38*8ac5aef8SEnji Cooper   cap_rights_t r_poll;
39*8ac5aef8SEnji Cooper   cap_rights_init(&r_poll, CAP_EVENT);
40*8ac5aef8SEnji Cooper   for (int ii = 0; ii < kCapCount; ii++) {
41*8ac5aef8SEnji Cooper     cap_fd[ii] = dup(fd);
42*8ac5aef8SEnji Cooper     EXPECT_OK(cap_fd[ii]);
43*8ac5aef8SEnji Cooper     EXPECT_OK(cap_rights_limit(cap_fd[ii], &r_poll));
44*8ac5aef8SEnji Cooper   }
45*8ac5aef8SEnji Cooper   cap_rights_t r_rw;
46*8ac5aef8SEnji Cooper   cap_rights_init(&r_rw, CAP_READ, CAP_WRITE, CAP_SEEK);
47*8ac5aef8SEnji Cooper   int cap_rw = dup(fd);
48*8ac5aef8SEnji Cooper   EXPECT_OK(cap_rw);
49*8ac5aef8SEnji Cooper   EXPECT_OK(cap_rights_limit(cap_rw, &r_rw));
50*8ac5aef8SEnji Cooper 
51*8ac5aef8SEnji Cooper   EXPECT_OK(cap_enter());  // Enter capability mode
52*8ac5aef8SEnji Cooper 
53*8ac5aef8SEnji Cooper   struct timeval tv;
54*8ac5aef8SEnji Cooper   tv.tv_sec = 0;
55*8ac5aef8SEnji Cooper   tv.tv_usec = 100;
56*8ac5aef8SEnji Cooper   // Add normal file descriptor and all CAP_EVENT capabilities
57*8ac5aef8SEnji Cooper   fd_set rset;
58*8ac5aef8SEnji Cooper   fd_set wset;
59*8ac5aef8SEnji Cooper   int maxfd = InitFDSet(&rset, cap_fd, kCapCount);
60*8ac5aef8SEnji Cooper   maxfd = AddFDToSet(&rset, fd, maxfd);
61*8ac5aef8SEnji Cooper   InitFDSet(&wset, cap_fd, kCapCount);
62*8ac5aef8SEnji Cooper   AddFDToSet(&rset, fd, 0);
63*8ac5aef8SEnji Cooper   int ret = select(maxfd+1, &rset, &wset, NULL, &tv);
64*8ac5aef8SEnji Cooper   EXPECT_OK(ret);
65*8ac5aef8SEnji Cooper 
66*8ac5aef8SEnji Cooper   // Now also include the capability with no CAP_EVENT.
67*8ac5aef8SEnji Cooper   InitFDSet(&rset, cap_fd, kCapCount);
68*8ac5aef8SEnji Cooper   AddFDToSet(&rset, fd, maxfd);
69*8ac5aef8SEnji Cooper   maxfd = AddFDToSet(&rset, cap_rw, maxfd);
70*8ac5aef8SEnji Cooper   InitFDSet(&wset, cap_fd, kCapCount);
71*8ac5aef8SEnji Cooper   AddFDToSet(&wset, fd, maxfd);
72*8ac5aef8SEnji Cooper   AddFDToSet(&wset, cap_rw, maxfd);
73*8ac5aef8SEnji Cooper   ret = select(maxfd+1, &rset, &wset, NULL, &tv);
74*8ac5aef8SEnji Cooper   EXPECT_NOTCAPABLE(ret);
75*8ac5aef8SEnji Cooper 
76*8ac5aef8SEnji Cooper #ifdef HAVE_PSELECT
77*8ac5aef8SEnji Cooper   // And again with pselect
78*8ac5aef8SEnji Cooper   struct timespec ts;
79*8ac5aef8SEnji Cooper   ts.tv_sec = 0;
80*8ac5aef8SEnji Cooper   ts.tv_nsec = 100000;
81*8ac5aef8SEnji Cooper   maxfd = InitFDSet(&rset, cap_fd, kCapCount);
82*8ac5aef8SEnji Cooper   maxfd = AddFDToSet(&rset, fd, maxfd);
83*8ac5aef8SEnji Cooper   InitFDSet(&wset, cap_fd, kCapCount);
84*8ac5aef8SEnji Cooper   AddFDToSet(&rset, fd, 0);
85*8ac5aef8SEnji Cooper   ret = pselect(maxfd+1, &rset, &wset, NULL, &ts, NULL);
86*8ac5aef8SEnji Cooper   EXPECT_OK(ret);
87*8ac5aef8SEnji Cooper 
88*8ac5aef8SEnji Cooper   InitFDSet(&rset, cap_fd, kCapCount);
89*8ac5aef8SEnji Cooper   AddFDToSet(&rset, fd, maxfd);
90*8ac5aef8SEnji Cooper   maxfd = AddFDToSet(&rset, cap_rw, maxfd);
91*8ac5aef8SEnji Cooper   InitFDSet(&wset, cap_fd, kCapCount);
92*8ac5aef8SEnji Cooper   AddFDToSet(&wset, fd, maxfd);
93*8ac5aef8SEnji Cooper   AddFDToSet(&wset, cap_rw, maxfd);
94*8ac5aef8SEnji Cooper   ret = pselect(maxfd+1, &rset, &wset, NULL, &ts, NULL);
95*8ac5aef8SEnji Cooper   EXPECT_NOTCAPABLE(ret);
96*8ac5aef8SEnji Cooper #endif
97*8ac5aef8SEnji Cooper }
98*8ac5aef8SEnji Cooper 
99*8ac5aef8SEnji Cooper FORK_TEST_ON(Poll, LotsOFileDescriptors, TmpFile("cap_poll")) {
100*8ac5aef8SEnji Cooper   int fd = open(TmpFile("cap_poll"), O_RDWR | O_CREAT, 0644);
101*8ac5aef8SEnji Cooper   EXPECT_OK(fd);
102*8ac5aef8SEnji Cooper   if (fd < 0) return;
103*8ac5aef8SEnji Cooper 
104*8ac5aef8SEnji Cooper   // Create many POLL_EVENT capabilities.
105*8ac5aef8SEnji Cooper   const int kCapCount = 64;
106*8ac5aef8SEnji Cooper   struct pollfd cap_fd[kCapCount + 2];
107*8ac5aef8SEnji Cooper   cap_rights_t r_poll;
108*8ac5aef8SEnji Cooper   cap_rights_init(&r_poll, CAP_EVENT);
109*8ac5aef8SEnji Cooper   for (int ii = 0; ii < kCapCount; ii++) {
110*8ac5aef8SEnji Cooper     cap_fd[ii].fd = dup(fd);
111*8ac5aef8SEnji Cooper     EXPECT_OK(cap_fd[ii].fd);
112*8ac5aef8SEnji Cooper     EXPECT_OK(cap_rights_limit(cap_fd[ii].fd, &r_poll));
113*8ac5aef8SEnji Cooper     cap_fd[ii].events = POLLIN|POLLOUT;
114*8ac5aef8SEnji Cooper   }
115*8ac5aef8SEnji Cooper   cap_fd[kCapCount].fd = fd;
116*8ac5aef8SEnji Cooper   cap_fd[kCapCount].events = POLLIN|POLLOUT;
117*8ac5aef8SEnji Cooper   cap_rights_t r_rw;
118*8ac5aef8SEnji Cooper   cap_rights_init(&r_rw, CAP_READ, CAP_WRITE, CAP_SEEK);
119*8ac5aef8SEnji Cooper   int cap_rw = dup(fd);
120*8ac5aef8SEnji Cooper   EXPECT_OK(cap_rw);
121*8ac5aef8SEnji Cooper   EXPECT_OK(cap_rights_limit(cap_rw, &r_rw));
122*8ac5aef8SEnji Cooper   cap_fd[kCapCount + 1].fd = cap_rw;
123*8ac5aef8SEnji Cooper   cap_fd[kCapCount + 1].events = POLLIN|POLLOUT;
124*8ac5aef8SEnji Cooper 
125*8ac5aef8SEnji Cooper   EXPECT_OK(cap_enter());  // Enter capability mode
126*8ac5aef8SEnji Cooper 
127*8ac5aef8SEnji Cooper   EXPECT_OK(poll(cap_fd, kCapCount + 1, 10));
128*8ac5aef8SEnji Cooper   // Now also include the capability with no CAP_EVENT.
129*8ac5aef8SEnji Cooper   EXPECT_OK(poll(cap_fd, kCapCount + 2, 10));
130*8ac5aef8SEnji Cooper   EXPECT_NE(0, (cap_fd[kCapCount + 1].revents & POLLNVAL));
131*8ac5aef8SEnji Cooper 
132*8ac5aef8SEnji Cooper #ifdef HAVE_PPOLL
133*8ac5aef8SEnji Cooper   // And again with ppoll
134*8ac5aef8SEnji Cooper   struct timespec ts;
135*8ac5aef8SEnji Cooper   ts.tv_sec = 0;
136*8ac5aef8SEnji Cooper   ts.tv_nsec = 100000;
137*8ac5aef8SEnji Cooper   EXPECT_OK(ppoll(cap_fd, kCapCount + 1, &ts, NULL));
138*8ac5aef8SEnji Cooper   // Now also include the capability with no CAP_EVENT.
139*8ac5aef8SEnji Cooper   EXPECT_OK(ppoll(cap_fd, kCapCount + 2, &ts, NULL));
140*8ac5aef8SEnji Cooper   EXPECT_NE(0, (cap_fd[kCapCount + 1].revents & POLLNVAL));
141*8ac5aef8SEnji Cooper #endif
142*8ac5aef8SEnji Cooper }
143