After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
Although POSIX literally permits failing with [EINVAL] if IPC_CREAT and
IPC_EXCL were both passed, the semaphore set already exists and has fewer
semaphores than nsems, this does not allow an application to retry safely:
if the [EINVAL] is actually because of the semmsl limit, an infinite loop
would result.
PR: 206927
the second set (increment the original ports by 10)
This avoids issues where the first listening socket might not be torn
down by the time it makes it to the second set of testcases.
The sockets should likely only be setup once, but this keeps in the
spirit of the original testcases, so this will be easier to backport
to ^/stable/9
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
It always fails when trying to send through the sendit(9) private KPI in the
kernel due to a size mismatch between the msghdr and data being sent [*], which
suspiciously seems like it's related to sizeof pointers instead of scalars, or
something of that ilk
MFC after: 1 week
PR: 206543, 206544 [*]
Sponsored by: EMC / Isilon Storage Division
check_scm_creds_sockcred after initial != NULL checks have been done for
debugging purposes
- Use more terse names for bintime (bt), cmesgcred (cmcred),
sockcred (sc), and timeval (tv) [*]
- Add some debug messages to better understand some of the flow of the test
program
MFC after: 1 week
Requested by: bde [*]
Use of the word "terse" (^.^) corrected by: jhb, rpokala [*]
Sponsored by: EMC / Isilon Storage Division
This bug could be reproduced easily by calling sem_open() with O_CREAT |
O_EXCL on a semaphore that is already open in the process. The struct
sem_nameinfo would be freed while still in sem_list and later calls to
sem_open() or sem_close() could access freed memory.
PR: 206396
MFC after: 5 days
- Get rid of unused argc/argv variables in main
- Exit on failure with a return code of 1 instead of -1 with err/errx as a
return code of -1 is implementation dependent
- Bump WARNS to 6
MFC after: 5 days
Sponsored by: EMC / Isilon Storage Division
reconnect.c:
- Convert the K&R prototype of main to an ANSI prototype to mute a
warning from gcc 4.2.1
- Close s_sock2 after finishing off the last test to plug a leak and
mute a warning from gcc 5.0 about a -Wunused-but-set variable
sendfile.c:
- Fix a -Wunused-but-set warning with gcc 5.0 with pagesize in main(..)
MFC after: 5 days
Sponsored by: EMC / Isilon Storage Division
- `SOCK_RAW` is the implied supported type parameter for socket(2) per route(4)
- localsw in `sys/kern/uipc_usrreq.c` doesn't have an entry for `SOCK_RAW`, so
the prototype is invalid (this isn't explicitly documented anywhere I could
find)
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
This will help ensure that scripts/parsers don't get confused when the message
is printed out
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
tools/regression/geom_{concat,eli,gate,mirror,nop,raid3,shsec,stripe,uzip}
in to the FreeBSD test suite as
tests/sys/geom/class/{concat,eli,gate,mirror,nop,raid3,shsec,stripe,uzip}
The tools/regression/geom and tools/regression/geom_part testcases are being
left alone because both test sets are both currently broken.
The majority of this work was done on ^/user/ngie/more-tests2 . The differences
are as follows:
- tests/sys/geom/class/Makefile.inc is not present; it was
inlined into the class's Makefiles for explicitness.
- The testcases officially require root via kyua
- The geom_gate(4) tests don't use the pidfile changes proposed in
https://reviews.freebsd.org/D4836 .
MFC after: 1 month
Sponsored by: EMC / Isilon Storage Division
- Add a conf.sh file for executing common functions with geom_gate
- Use attach_md for attaching md(4) devices
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
- Add/increase sleeps to try and improve synchronization
- Add debug output for when checksums fail
test-1.t:
- Use pkill for killing ggated
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
(geom_test_cleanup, etc) down so the testcases don't emit noise when
bailing
- Conform to the TAP protocol better when dealing with classes that can't
be loaded and with temporary files that can't be allocated for tracking
md(4) devices.
MFC after: 2 weeks
X-MFC with: r293028, r293029, r293048
Sponsored by: EMC / Isilon Storage Division
- Delete test-2.sh as it was an incomplete testcase, and the contents were
basically a subset of test-1.sh
- Add a conf.sh file for executing common functions with geom_uzip
- Use attach_md for attaching md(4) devices
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
exit so things are cleaned up properly
- Use attach_md for attaching md(4) devices
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
exit so things are cleaned up properly
- Use attach_md for attaching md(4) devices
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
exit so things are cleaned up properly
- Use attach_md for attaching md(4) devices
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
-- Use linear probing to find the first unique md(4) device, unlike the other
code which uses attach_md, as geli(8) allocates the md(4) devices itself
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
- Add a geom_concat specific cleanup function and trap on that function at
exit so things are cleaned up properly
- Don't hardcode /tmp for temporary files, which violates the kyua sandbox
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
- Implement a gmirror_test_cleanup function, which in turn calls
geom_test_cleanup to clean up all md(4) providers allocated in the test
run.
- Remove duplicate logic in test scripts for removing md(4) providers.
- Don't create files in /tmp (outside the kyua sandbox); use the current
directory instead
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
for all geom classes, e.g. geom_uzip(4)
- These tests require root. Skip all of the tests if they're run as non-root
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
suite as tests/sys/kern/unix_passfd_test
- Convert testcases to ATF
- Fix an alignment issues
- Mark rights_creds_payload(..) as an expected failure (see PR # 181741)
Based [in part] on the following Differential Revision:
https://reviews.freebsd.org/D689
MFC after: 1 week
Submitted by: markj
Sponsored by: EMC / Isilon Storage Division
- Delete some spurious whitespace
- Use calloc instead of malloc in the last test to ensure that
sendspace is properly zero'ed out
Differential Revision: https://reviews.freebsd.org/D689 (part of a larger diff)
MFC after: 1 week
Reviewed by: asomers, ngie
Submitted by: markj
Sponsored by: EMC / Isilon Storage Division
tools/regression/mac/mac_portacl into the FreeBSD test suite as
tests/sys/mac/bsdextended and tests/sys/mac/portacl, respectively
MFC after: 1 month
Sponsored by: EMC / Isilon Storage Division
- A trap(1) call has been added to the test scripts to better
ensure that the tests do a better job at trying to restore the
test host state at the end of the tests (if the test was
interrupted before it would leave the system in an odd state,
potentially making the test results for subsequent runs
non-deterministic).
- Add root user checks
- Fix nc(1) usage:
-- -o is deprecated
-- Using `-w 10` will make the call timeout after 10 seconds so it
doesn't block indefinitely
- Use local variables
- Be more terse in the error messages
- Parameterize out "127.0.0.1"
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
- Use nitems(x) instead of handrolled sizeof(x) / sizeof(*x) macro
- Do not mark count != 0 case with bsde_get_rule_count as a failure; this
generates false positives on systems with ugidfw rules set on it
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
Use temporary filesystems / memory disks instead of a hardcoded path
which doesn't exist on test systems
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
Also, don't compile the ldexpl(3) testcases on platforms that don't support
the libcall (technically only x86 right now). This makes this test buildable on
arm*/mips*/powerpc*
PR: 205449 [*]
MFC after: 1 week
Tested on: stable/10 (amd64/i386), head (amd64/i386)
Sponsored by: EMC / Isilon Storage Division
It completely fails all assertions on i386 on both stable/9 and stable/10
PR: 205448
MFC after: 1 week
X-MFC to: stable/10
Sponsored by: EMC / Isilon Storage Division
- Use a separate variable for tracking the testcase count instead
of hardcoding the offset for the testcases
MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
Also, don't compile the exp2l(3) testcases on platforms that don't support the
libcall (technically only x86 right now). This makes this test buildable on
arm*/mips*/powerpc*
Tested on: stable/10 (amd64/i386), head (amd64/i386)
PR: 205446 [*]
MFC after: 1 week
X-MFC to: stable/10
Sponsored by: EMC / Isilon Storage Division