src/test/test-cap-list.c

2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering/***
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  This file is part of systemd.
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  Copyright 2014 Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  systemd is free software; you can redistribute it and/or modify it
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  under the terms of the GNU Lesser General Public License as published by
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  the Free Software Foundation; either version 2.1 of the License, or
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  (at your option) any later version.
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  systemd is distributed in the hope that it will be useful, but
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  WITHOUT ANY WARRANTY; without even the implied warranty of
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  Lesser General Public License for more details.
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  You should have received a copy of the GNU Lesser General Public License
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering  along with systemd; If not, see <http://www.gnu.org/licenses/>.
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering***/
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
6bedfcbb2970e06a4d3280c8fb62083d252ede73Lennart Poettering#include <sys/prctl.h>
6bedfcbb2970e06a4d3280c8fb62083d252ede73Lennart Poettering
b5efdb8af40ea759a1ea584c1bc44ecc81dd00ceLennart Poettering#include "alloc-util.h"
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering#include "cap-list.h"
430f0182b72373145c839dbfe99d2382855cb8f8Lennart Poettering#include "capability-util.h"
6bedfcbb2970e06a4d3280c8fb62083d252ede73Lennart Poettering#include "fileio.h"
6bedfcbb2970e06a4d3280c8fb62083d252ede73Lennart Poettering#include "parse-util.h"
6bedfcbb2970e06a4d3280c8fb62083d252ede73Lennart Poettering#include "util.h"
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann/* verify the capability parser */
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmannstatic void test_cap_list(void) {
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        int i;
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        assert_se(!capability_to_name(-1));
097df453dab149f6b45f1b30510363acd8f11593Filipe Brandenburger        assert_se(!capability_to_name(capability_list_length()));
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
097df453dab149f6b45f1b30510363acd8f11593Filipe Brandenburger        for (i = 0; i < capability_list_length(); i++) {
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering                const char *n;
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering                assert_se(n = capability_to_name(i));
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering                assert_se(capability_from_name(n) == i);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering                printf("%s = %i\n", n, i);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        }
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        assert_se(capability_from_name("asdfbsd") == -EINVAL);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        assert_se(capability_from_name("CAP_AUDIT_READ") == CAP_AUDIT_READ);
34a3e4ecad5fd2042eb83ffcbf30379a536cc3eeLennart Poettering        assert_se(capability_from_name("cap_audit_read") == CAP_AUDIT_READ);
34a3e4ecad5fd2042eb83ffcbf30379a536cc3eeLennart Poettering        assert_se(capability_from_name("cAp_aUdIt_rEAd") == CAP_AUDIT_READ);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        assert_se(capability_from_name("0") == 0);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        assert_se(capability_from_name("15") == 15);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        assert_se(capability_from_name("-1") == -EINVAL);
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering
097df453dab149f6b45f1b30510363acd8f11593Filipe Brandenburger        for (i = 0; i < capability_list_length(); i++) {
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                _cleanup_cap_free_charp_ char *a = NULL;
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                const char *b;
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                unsigned u;
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                assert_se(a = cap_to_name(i));
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering
dbf1f77bf727f7566f25553232b33843ecc172f0Zbigniew Jędrzejewski-Szmek                /* quit the loop as soon as libcap starts returning
dbf1f77bf727f7566f25553232b33843ecc172f0Zbigniew Jędrzejewski-Szmek                 * numeric ids, formatted as strings */
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                if (safe_atou(a, &u) >= 0)
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                        break;
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                assert_se(b = capability_to_name(i));
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering                printf("%s vs. %s\n", a, b);
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering
dbf1f77bf727f7566f25553232b33843ecc172f0Zbigniew Jędrzejewski-Szmek                assert_se(strcasecmp(a, b) == 0);
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering        }
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann}
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann/* verify cap_last_cap() against /proc/sys/kernel/cap_last_cap */
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmannstatic void test_last_cap_file(void) {
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        _cleanup_free_ char *content = NULL;
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        unsigned long val = 0;
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        int r;
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content);
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        assert_se(r >= 0);
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        r = safe_atolu(content, &val);
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        assert_se(r >= 0);
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        assert_se(val != 0);
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        assert_se(val == cap_last_cap());
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann}
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann/* verify cap_last_cap() against syscall probing */
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmannstatic void test_last_cap_probe(void) {
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        unsigned long p = (unsigned long)CAP_LAST_CAP;
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        if (prctl(PR_CAPBSET_READ, p) < 0) {
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann                for (p--; p > 0; p --)
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann                        if (prctl(PR_CAPBSET_READ, p) >= 0)
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann                                break;
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        } else {
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann                for (;; p++)
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann                        if (prctl(PR_CAPBSET_READ, p+1) < 0)
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann                                break;
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        }
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        assert_se(p != 0);
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        assert_se(p == cap_last_cap());
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann}
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmannint main(int argc, char *argv[]) {
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        test_cap_list();
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        test_last_cap_file();
80b4378314cf62148fd053e97018cc5c78dd6af6David Herrmann        test_last_cap_probe();
4b7c1d5d6a006088910bac42ab3b777be9cf3cc1Lennart Poettering
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering        return 0;
2822da4fb7f891e5320f02f1d00f64b72221ced4Lennart Poettering}