/*-1* Copyright (c) 2018 John Baldwin <[email protected]>2*3* Redistribution and use in source and binary forms, with or without4* modification, are permitted provided that the following conditions5* are met:6* 1. Redistributions of source code must retain the above copyright7* notice, this list of conditions and the following disclaimer.8* 2. Redistributions in binary form must reproduce the above copyright9* notice, this list of conditions and the following disclaimer in the10* documentation and/or other materials provided with the distribution.11*12* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND13* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE14* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE15* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE16* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL17* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS18* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)19* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT20* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY21* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF22* SUCH DAMAGE.23*/2425#include <sys/capsicum.h>26#include <sys/filio.h>27#include <sys/socket.h>28#include <sys/wait.h>29#include <netinet/in.h>30#include <stdio.h>31#include <stdlib.h>32#include <unistd.h>3334#include <atf-c.h>3536#include "freebsd_test_suite/macros.h"3738/*39* A variant of ATF_REQUIRE that is suitable for use in child40* processes. This only works if the parent process is tripped up by41* the early exit and fails some requirement itself.42*/43#define CHILD_REQUIRE(exp) do { \44if (!(exp)) \45child_fail_require(__FILE__, __LINE__, \46#exp " not met"); \47} while (0)4849static __dead2 void50child_fail_require(const char *file, int line, const char *str)51{52char buf[128];5354snprintf(buf, sizeof(buf), "%s:%d: %s\n", file, line, str);55write(2, buf, strlen(buf));56_exit(32);57}5859/*60* Exercise the edge case of a custom ioctl list being copied from a61* listen socket to an accepted socket.62*/63ATF_TC_WITHOUT_HEAD(cap_ioctls__listen_copy);64ATF_TC_BODY(cap_ioctls__listen_copy, tc)65{66struct sockaddr_in sin;67cap_rights_t rights;68u_long cmds[] = { FIONREAD };69socklen_t len;70pid_t pid;71char dummy;72int s[2], status;7374ATF_REQUIRE_FEATURE("security_capabilities");7576s[0] = socket(AF_INET, SOCK_STREAM, 0);77ATF_REQUIRE(s[0] > 0);7879/* Bind to an arbitrary unused port. */80memset(&sin, 0, sizeof(sin));81sin.sin_len = sizeof(sin);82sin.sin_family = AF_INET;83sin.sin_port = 0;84sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);85ATF_REQUIRE(bind(s[0], (struct sockaddr *)&sin, sizeof(sin)) == 0);8687CHILD_REQUIRE(listen(s[0], 1) == 0);8889len = sizeof(sin);90ATF_REQUIRE(getsockname(s[0], (struct sockaddr *)&sin, &len) == 0);91ATF_REQUIRE(len == sizeof(sin));9293cap_rights_init(&rights, CAP_ACCEPT, CAP_IOCTL);94ATF_REQUIRE(cap_rights_limit(s[0], &rights) == 0);95ATF_REQUIRE(cap_ioctls_limit(s[0], cmds, nitems(cmds)) == 0);9697pid = fork();98if (pid == 0) {99s[1] = accept(s[0], NULL, NULL);100CHILD_REQUIRE(s[1] > 0);101102/* Close both sockets during exit(). */103exit(0);104}105106ATF_REQUIRE(pid > 0);107108ATF_REQUIRE(close(s[0]) == 0);109s[1] = socket(AF_INET, SOCK_STREAM, 0);110ATF_REQUIRE(s[1] > 0);111ATF_REQUIRE(connect(s[1], (struct sockaddr *)&sin, sizeof(sin)) == 0);112ATF_REQUIRE(read(s[1], &dummy, sizeof(dummy)) == 0);113ATF_REQUIRE(close(s[1]) == 0);114115ATF_REQUIRE(wait(&status) == pid);116ATF_REQUIRE(WIFEXITED(status));117ATF_REQUIRE(WEXITSTATUS(status) == 0);118}119120ATF_TP_ADD_TCS(tp)121{122123ATF_TP_ADD_TC(tp, cap_ioctls__listen_copy);124125return (atf_no_error());126}127128129