PERFORCE change 156886 for review

Thu Jan 29 12:49:09 PST 2009

http://perforce.freebsd.org/chv.cgi?CH=156886

Change 156886 by rwatson at rwatson_freebsd_capabilities on 2009/01/29 20:48:59

	In capability mode system call test:
	
	- Use pdfork(2) instead of fork(2) since we have it.
	- Expect fork(2) not to succeed
	- Expect getlogin(2) to succeed

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/tools/regression/security/cap_test/cap_test_syscalls.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/tools/regression/security/cap_test/cap_test_syscalls.c#3 (text+ko) ====

@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2008 Robert N. M. Watson
+ * Copyright (c) 2008-2009 Robert N. M. Watson
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -31,12 +31,14 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/tools/regression/security/cap_test/cap_test_syscalls.c#2 $");
+__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/tools/regression/security/cap_test/cap_test_syscalls.c#3 $");
 
-#include <sys/types.h>
+#include <sys/param.h>
 #include <sys/capability.h>
 #include <sys/mman.h>
 #include <sys/mount.h>
+#include <sys/poll.h>
+#include <sys/procdesc.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 #include <sys/wait.h>
@@ -45,6 +47,7 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <stdlib.h>
+#include <string.h>
 #include <unistd.h>
 
 #include "cap_test.h"
@@ -53,17 +56,24 @@
 test_syscalls(void)
 {
 	struct statfs statfs;
+	struct pollfd pollfd;
 	struct stat sb;
 	ssize_t len;
-	int fd, fd_close, fd_dir, fd_file, fd_socket, fd2[2], ret;
+	int fd, fd_close, fd_dir, fd_file, fd_socket, fd2[2], pdfd, ret;
 	pid_t pid, wpid;
 	char ch;
 
-	pid = fork();
+	pid = pdfork(&pdfd);
 	if (pid < 0)
 		err(-1, "test_syscalls:prep: fork");
 	if (pid) {
-		while (waitpid(pid, NULL, 0) != pid);
+		bzero(&pollfd, sizeof(pollfd));
+		pollfd.fd = pdfd;
+		pollfd.events = 0;
+		pollfd.revents = 0;
+		if (poll(&pollfd, 1, INFTIM) < 0)
+			err(-1, "poll");
+		close(pdfd);
 		return;
 	}
 
@@ -180,12 +190,8 @@
 			 * Not much to be done except print...
 			 */
 			exit(0);
-			if (errno == ENOSYS)
-				errx(-1, "test_syscalls:exit ENOSYS");
-			else
-				errx(-1, "test_syscalls:exit %d", errno);
-		}
-		if (pid > 0) {
+		} else if (pid > 0) {
+			warnx("test_syscalls:fork succeeded");
 			wpid = waitpid(pid, NULL, 0);
 			if (wpid < 0) {
 				if (errno == ENOSYS)
@@ -195,9 +201,7 @@
 					    errno);
 			}
 		}
-	} else if (errno == ENOSYS)
-		warnx("test_syscalls:fork ENOSYS");
-	else
+	} else if (errno != ENOSYS)
 		warnx("test_syscalls:fork %d", errno);
 
 	if (fstat(fd_file, &sb) < 0) {
@@ -240,11 +244,8 @@
 			warnx("test_syscalls:getpeername ENOSYS");
 	}
 
-	if (getlogin() == NULL) {
-		if (errno != ENOSYS)
-			warnx("test_sycalls:getlogin ENOSYS");
-	} else
-		warnx("test_syscalls:getlogin succeeded");
+	if (getlogin() == NULL)
+		warn("test_sycalls:getlogin %d", errno);
 
 	/*
 	 * getpid() can't return an error but check for it anyway.
@@ -400,5 +401,6 @@
 	if (len < 0 && errno == ENOSYS)
 		warnx("test_syscalls:write ENOSYS");
 
+	close(pdfd);
 	exit(0);
 }
