| 1 | // RUN: %clangxx -O0 -g %s -o %t && %run %t 2>&1 | FileCheck %s |
|---|
| 2 | |
|---|
| 3 | #include <sys/capsicum.h> |
|---|
| 4 | #include <sys/ioctl.h> |
|---|
| 5 | |
|---|
| 6 | #include <assert.h> |
|---|
| 7 | #include <errno.h> |
|---|
| 8 | #include <stdio.h> |
|---|
| 9 | #include <string.h> |
|---|
| 10 | #include <termios.h> |
|---|
| 11 | #include <unistd.h> |
|---|
| 12 | |
|---|
| 13 | void test_cap_ioctls() { |
|---|
| 14 | cap_rights_t rights; |
|---|
| 15 | unsigned long ncmds[] = {TIOCGETA, TIOCGWINSZ, FIODTYPE}; |
|---|
| 16 | unsigned long rcmds = 0; |
|---|
| 17 | cap_rights_t *rptr = cap_rights_init(&rights, CAP_IOCTL, CAP_READ); |
|---|
| 18 | assert(rptr); |
|---|
| 19 | |
|---|
| 20 | int rv = cap_rights_limit(STDIN_FILENO, &rights); |
|---|
| 21 | assert(rv == 0); |
|---|
| 22 | rv = cap_ioctls_limit(STDIN_FILENO, ncmds, 3); |
|---|
| 23 | assert(rv == 0); |
|---|
| 24 | ssize_t rz = cap_ioctls_get(STDIN_FILENO, &rcmds, 3); |
|---|
| 25 | assert(rz == 3); |
|---|
| 26 | printf(format: "ioctls test: %ld commands authorized\n" , rz); |
|---|
| 27 | } |
|---|
| 28 | |
|---|
| 29 | void test_cap_rights() { |
|---|
| 30 | cap_rights_t rights, little, remove, grights; |
|---|
| 31 | cap_rights_t *rptr = cap_rights_init(&rights, CAP_IOCTL, CAP_READ); |
|---|
| 32 | assert(rptr); |
|---|
| 33 | cap_rights_t *gptr = cap_rights_init(&remove, CAP_IOCTL); |
|---|
| 34 | assert(gptr); |
|---|
| 35 | cap_rights_t *sptr = cap_rights_init(&little, CAP_READ); |
|---|
| 36 | assert(sptr); |
|---|
| 37 | bool hasit = cap_rights_contains(rptr, sptr); |
|---|
| 38 | assert(hasit == true); |
|---|
| 39 | cap_rights_t *pptr = cap_rights_remove(&rights, gptr); |
|---|
| 40 | hasit = cap_rights_contains(pptr, sptr); |
|---|
| 41 | assert(hasit == true); |
|---|
| 42 | cap_rights_t *aptr = cap_rights_merge(&rights, gptr); |
|---|
| 43 | assert(aptr); |
|---|
| 44 | bool correct = cap_rights_is_valid(&rights); |
|---|
| 45 | assert(correct == true); |
|---|
| 46 | |
|---|
| 47 | int rv = cap_rights_limit(STDIN_FILENO, &rights); |
|---|
| 48 | assert(rv == 0); |
|---|
| 49 | rv = cap_rights_get(STDIN_FILENO, &grights); |
|---|
| 50 | assert(rv == 0); |
|---|
| 51 | assert(memcmp(&grights, &rights, sizeof(grights)) == 0); |
|---|
| 52 | cap_rights_t *iptr = cap_rights_set(&rights, CAP_IOCTL); |
|---|
| 53 | assert(iptr); |
|---|
| 54 | cap_rights_t *eptr = cap_rights_clear(&rights, CAP_READ); |
|---|
| 55 | assert(eptr); |
|---|
| 56 | hasit = cap_rights_is_set(&rights, CAP_IOCTL); |
|---|
| 57 | assert(hasit == true); |
|---|
| 58 | printf(format: "rights test: %d\n" , rv); |
|---|
| 59 | } |
|---|
| 60 | |
|---|
| 61 | int main(void) { |
|---|
| 62 | test_cap_ioctls(); |
|---|
| 63 | |
|---|
| 64 | test_cap_rights(); |
|---|
| 65 | |
|---|
| 66 | // CHECK: ioctls test: {{.*}} commands authorized |
|---|
| 67 | // CHECK: rights test: {{.*}} |
|---|
| 68 | } |
|---|
| 69 | |
|---|
