Merge the following changes from the capsicum-test project [1]

Log:
```
commit feb47278d7cffa8cf4bc8c8ff78047126fa41e82 (HEAD -> dev, origin/dev, origin/HEAD)
Author: ngie-eign <1574099+ngie-eign@users.noreply.github.com>
Date:   Fri Mar 22 10:51:04 2019 -0700

    Remove `FAIL` macro use for non-x86 architectures when testing `sysarch(2)` (#38)

    `FAIL()` does not support being called in the form noted in the test,
    which causes a test failure on non-x86 architectures.

    The alternatives (use `ADD_TEST_FAILURE()` or `GTEST_SKIP()`) would be
    misleading (in both cases), and in the case of `GTEST_SKIP()` is unavailable
    on the version of googletest packaged with capsicum-test.

    Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>

commit 32ad0f3e4c11be7f7463d40eef8d4a78ac9f61a5
Author: Enji Cooper <yaneurabeya@gmail.com>
Date:   Fri Mar 15 20:01:56 2019 -0700

    Fix `-Wunused-parameter` issues

    Remove variable declarations from functions/methods where the variable
    is not required.

    Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>

commit 9437b4c550110200ef190ac39fb26c1d8fc55d9a
Author: Enji Cooper <yaneurabeya@gmail.com>
Date:   Fri Mar 15 19:59:00 2019 -0700

    Fix `-Wshadow` issues with `EXPECT_OPEN_OK(..)` macro

    * Wrap in do-while(0) block to avoid variable shadowing issue with
      multiple calls in the same function.
    * Prefix block local variables with `_` to try and avoid variable
      name clashes with values local to test methods.

    Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>

commit adf4a21a233b5da5cac440f4006e258ffba09510
Author: Enji Cooper <yaneurabeya@gmail.com>
Date:   Fri Mar 15 19:55:00 2019 -0700

    Fix `-Wmissing-variable-declarations` issue with `known_rights` global

    Staticize it since it is only used in the file.

    Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>
```

This merges a number of the outstanding changes made locally to
^/projects/capsicum-test that were accepted into the upstream project.

The sync was done like so:
```
curl -L https://github.com/google/capsicum-test/tarball/dd7eac98c0cf | tar --strip-components=1 -xvzf - -C dist/
rm -Rf dist/*/
```

1. https://github.com/google/capsicum-test

capability-fd.cc

@@ -25,7 +25,7 @@ typedef struct {
   uint64_t right;
   const char* name;
 } right_info;
-right_info known_rights[] = {
+static right_info known_rights[] = {
   /* Rights that are common to all versions of Capsicum */
   RIGHTS_INFO(CAP_READ),
   RIGHTS_INFO(CAP_WRITE),
@@ -713,22 +713,34 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
   EXPECT_OK(close(rc));
   rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDONLY);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY | O_APPEND);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR | O_APPEND);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDONLY);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY | O_APPEND);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_WRITE, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR | O_APPEND);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0));
 
   rc = openat(dirfd, "cap_ftruncate", O_CREAT, 0600);
@@ -736,13 +748,19 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
   EXPECT_OK(close(rc));
   rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_RDONLY);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_WRONLY);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_WRITE, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_ftruncate", O_TRUNC | O_RDWR);
   CHECK_RIGHT_RESULT(rc, rights, CAP_FTRUNCATE, CAP_READ, CAP_WRITE, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   EXPECT_OK(unlinkat(dirfd, "cap_ftruncate", 0));
 
   rc = openat(dfd_cap, "cap_create", O_CREAT | O_WRONLY, 0600);
@@ -764,19 +782,27 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
   rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_WRONLY);
   CHECK_RIGHT_RESULT(rc,
                rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_FSYNC | O_RDWR);
   CHECK_RIGHT_RESULT(rc,
                rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_WRONLY);
   CHECK_RIGHT_RESULT(rc,
                rights, CAP_FSYNC, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   rc = openat(dfd_cap, "cap_fsync", O_SYNC | O_RDWR);
   CHECK_RIGHT_RESULT(rc,
                rights, CAP_FSYNC, CAP_READ, CAP_WRITE, CAP_SEEK, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(close(rc));
+  if (rc >= 0) {
+    EXPECT_OK(close(rc));
+  }
   EXPECT_OK(unlinkat(dirfd, "cap_fsync", 0));
 
 #ifdef HAVE_CHFLAGSAT
@@ -826,28 +852,38 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
 
   rc = linkat(dirfd, "cap_linkat_src", dfd_cap, "cap_linkat_dst", 0);
   CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_TARGET);
-  if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+  if (rc >= 0) {
+    EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+  }
 
   rc = linkat(dfd_cap, "cap_linkat_src", dirfd, "cap_linkat_dst", 0);
   CHECK_RIGHT_RESULT(rc, rights, CAP_LINKAT_SOURCE);
-  if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+  if (rc >= 0) {
+    EXPECT_OK(unlinkat(dirfd, "cap_linkat_dst", 0));
+  }
 
   EXPECT_OK(unlinkat(dirfd, "cap_linkat_src", 0));
 
   rc = mkdirat(dfd_cap, "cap_mkdirat", 0700);
   CHECK_RIGHT_RESULT(rc, rights, CAP_MKDIRAT, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR));
+  if (rc >= 0) {
+    EXPECT_OK(unlinkat(dirfd, "cap_mkdirat", AT_REMOVEDIR));
+  }
 
 #ifdef HAVE_MKFIFOAT
   rc = mkfifoat(dfd_cap, "cap_mkfifoat", 0600);
   CHECK_RIGHT_RESULT(rc, rights, CAP_MKFIFOAT, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0));
+  if (rc >= 0) {
+    EXPECT_OK(unlinkat(dirfd, "cap_mkfifoat", 0));
+  }
 #endif
 
   if (getuid() == 0) {
     rc = mknodat(dfd_cap, "cap_mknodat", S_IFCHR | 0600, 0);
     CHECK_RIGHT_RESULT(rc, rights, CAP_MKNODAT, CAP_LOOKUP);
-    if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_mknodat", 0));
+    if (rc >= 0) {
+      EXPECT_OK(unlinkat(dirfd, "cap_mknodat", 0));
+    }
   }
 
   // For renameat(2), need:
@@ -880,7 +916,9 @@ static void TryDirOps(int dirfd, cap_rights_t rights) {
 
   rc = symlinkat("test", dfd_cap, "cap_symlinkat");
   CHECK_RIGHT_RESULT(rc, rights, CAP_SYMLINKAT, CAP_LOOKUP);
-  if (rc >= 0) EXPECT_OK(unlinkat(dirfd, "cap_symlinkat", 0));
+  if (rc >= 0) {
+    EXPECT_OK(unlinkat(dirfd, "cap_symlinkat", 0));
+  }
 
   rc = openat(dirfd, "cap_unlinkat", O_CREAT, 0600);
   EXPECT_OK(rc);

capmode.cc

@@ -132,7 +132,9 @@ FORK_TEST_F(WithFiles, AllowedFileSyscalls) {
 
 #ifdef HAVE_CHFLAGS
   rc = fchflags(fd_file_, UF_NODUMP);
-  if (rc < 0)  EXPECT_NE(ECAPMODE, errno);
+  if (rc < 0) {
+    EXPECT_NE(ECAPMODE, errno);
+  }
 #endif
 
   char buf[1024];
@@ -173,7 +175,9 @@ FORK_TEST_F(WithFiles, AllowedSocketSyscalls) {
 
   // recvfrom() either returns -1 with EAGAIN, or 0.
   int rc = recvfrom(fd_socket_, NULL, 0, MSG_DONTWAIT, NULL, NULL);
-  if (rc < 0) EXPECT_EQ(EAGAIN, errno);
+  if (rc < 0) {
+    EXPECT_EQ(EAGAIN, errno);
+  }
   char ch;
   EXPECT_OK(write(fd_file_, &ch, sizeof(ch)));
 
@@ -558,8 +562,7 @@ FORK_TEST_F(WithFiles, AllowedMiscSyscalls) {
   long sysarch_arg = 0;
   EXPECT_CAPMODE(sysarch(I386_SET_IOPERM, &sysarch_arg));
 #else
-  // TOOD(jra): write a test for arm
-  FAIL("capmode:no sysarch() test for current architecture");
+  // TOOD(jra): write a test for other architectures, like arm
 #endif
 #endif
 }
@@ -627,7 +630,7 @@ FORK_TEST(Capmode, NewThread) {
 }
 
 static int had_signal = 0;
-static void handle_signal(int x) { had_signal = 1; }
+static void handle_signal(int) { had_signal = 1; }
 
 FORK_TEST(Capmode, SelfKill) {
   pid_t me = getpid();

capsicum-test.h

@@ -20,7 +20,7 @@ extern bool force_mt;
 extern bool force_nofork;
 extern uid_t other_uid;
 
-static inline void *WaitingThreadFn(void *p) {
+static inline void *WaitingThreadFn(void *) {
   // Loop until cancelled
   while (true) {
     usleep(10000);

mqueue.cc

@@ -24,7 +24,7 @@
     static void test_case_name##_##test_name##_ForkTest()
 
 static bool invoked;
-void seen_it_done_it(int v) {
+void seen_it_done_it(int) {
   invoked = true;
 }
 

openat.cc

@@ -11,9 +11,9 @@
 
 // Check an open call works and close the resulting fd.
 #define EXPECT_OPEN_OK(f) do { \
-    int fd = f;                \
-    EXPECT_OK(fd);             \
-    close(fd);                 \
+    int _fd = f;               \
+    EXPECT_OK(_fd);            \
+    close(_fd);                \
   } while (0)
 
 static void CreateFile(const char *filename, const char *contents) {
@@ -176,10 +176,14 @@ class OpenatTest : public ::testing::Test {
     // Create a couple of nested directories
     int rc = mkdir(TmpFile(TOPDIR), 0755);
     EXPECT_OK(rc);
-    if (rc < 0) EXPECT_EQ(EEXIST, errno);
+    if (rc < 0) {
+      EXPECT_EQ(EEXIST, errno);
+    }
     rc = mkdir(TmpFile(SUBDIR_ABS), 0755);
     EXPECT_OK(rc);
-    if (rc < 0) EXPECT_EQ(EEXIST, errno);
+    if (rc < 0) {
+      EXPECT_EQ(EEXIST, errno);
+    }
 
     // Figure out a path prefix (like "../..") that gets us to the root
     // directory from TmpFile(TOPDIR).

procdesc.cc

@@ -223,7 +223,7 @@ TEST(Pdfork, NonProcessDescriptor) {
   close(fd);
 }
 
-static void *SubThreadMain(void *data) {
+static void *SubThreadMain(void *) {
   while (true) {
     if (verbose) fprintf(stderr, "      subthread: \"I aten't dead\"\n");
     usleep(100000);
@@ -231,7 +231,7 @@ static void *SubThreadMain(void *data) {
   return NULL;
 }
 
-static void *ThreadMain(void *data) {
+static void *ThreadMain(void *) {
   int pd;
   pid_t child = pdfork(&pd, 0);
   if (child == 0) {

syscalls.h

@@ -53,7 +53,7 @@ inline ssize_t flistxattr_(int fd, char *list, size_t size) {
 inline ssize_t fgetxattr_(int fd, const char *name, void *value, size_t size) {
   return extattr_get_fd(fd, EXTATTR_NAMESPACE_USER, name, value, size);
 }
-inline int fsetxattr_(int fd, const char *name, const void *value, size_t size, int flags) {
+inline int fsetxattr_(int fd, const char *name, const void *value, size_t size, int) {
   return extattr_set_fd(fd, EXTATTR_NAMESPACE_USER, name, value, size);
 }
 inline int fremovexattr_(int fd, const char *name) {