From 67ed663fef0b3cc6229e723cdb0347750afbe62b Mon Sep 17 00:00:00 2001 From: Alan Somers Date: Thu, 19 Sep 2019 16:51:34 -0600 Subject: [PATCH] guard more tests with CAP_SYS_PTRACE --- test/sys/test_ptrace.rs | 7 +++++++ test/test.rs | 32 +++++++++++++++++++++----------- 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/test/sys/test_ptrace.rs b/test/sys/test_ptrace.rs index a56309235b..b875e32389 100644 --- a/test/sys/test_ptrace.rs +++ b/test/sys/test_ptrace.rs @@ -12,6 +12,7 @@ use std::mem; fn test_ptrace() { // Just make sure ptrace can be called at all, for now. // FIXME: qemu-user doesn't implement ptrace on all arches, so permit ENOSYS + require_capability!(CAP_SYS_PTRACE); let err = ptrace::attach(getpid()).unwrap_err(); assert!(err == Error::Sys(Errno::EPERM) || err == Error::Sys(Errno::EINVAL) || err == Error::Sys(Errno::ENOSYS)); @@ -21,6 +22,7 @@ fn test_ptrace() { #[test] #[cfg(any(target_os = "android", target_os = "linux"))] fn test_ptrace_setoptions() { + require_capability!(CAP_SYS_PTRACE); let err = ptrace::setoptions(getpid(), Options::PTRACE_O_TRACESYSGOOD).unwrap_err(); assert!(err != Error::UnsupportedOperation); } @@ -29,6 +31,7 @@ fn test_ptrace_setoptions() { #[test] #[cfg(any(target_os = "android", target_os = "linux"))] fn test_ptrace_getevent() { + require_capability!(CAP_SYS_PTRACE); let err = ptrace::getevent(getpid()).unwrap_err(); assert!(err != Error::UnsupportedOperation); } @@ -37,6 +40,7 @@ fn test_ptrace_getevent() { #[test] #[cfg(any(target_os = "android", target_os = "linux"))] fn test_ptrace_getsiginfo() { + require_capability!(CAP_SYS_PTRACE); if let Err(Error::UnsupportedOperation) = ptrace::getsiginfo(getpid()) { panic!("ptrace_getsiginfo returns Error::UnsupportedOperation!"); } @@ -46,6 +50,7 @@ fn test_ptrace_getsiginfo() { #[test] #[cfg(any(target_os = "android", target_os = "linux"))] fn test_ptrace_setsiginfo() { + require_capability!(CAP_SYS_PTRACE); let siginfo = unsafe { mem::zeroed() }; if let Err(Error::UnsupportedOperation) = ptrace::setsiginfo(getpid(), &siginfo) { panic!("ptrace_setsiginfo returns Error::UnsupportedOperation!"); @@ -61,6 +66,8 @@ fn test_ptrace_cont() { use nix::unistd::fork; use nix::unistd::ForkResult::*; + require_capability!(CAP_SYS_PTRACE); + let _m = ::FORK_MTX.lock().expect("Mutex got poisoned by another test"); // FIXME: qemu-user doesn't implement ptrace on all architectures diff --git a/test/test.rs b/test/test.rs index 6f6135c56b..f51832e743 100644 --- a/test/test.rs +++ b/test/test.rs @@ -15,18 +15,28 @@ extern crate rand; extern crate sysctl; extern crate tempfile; -#[cfg(any(target_os = "android", target_os = "linux"))] -macro_rules! require_capability { - ($capname:ident) => { - use ::caps::{Capability, CapSet, has_cap}; - use ::std::io::{self, Write}; +cfg_if! { + if #[cfg(any(target_os = "android", target_os = "linux"))] { + macro_rules! require_capability { + ($capname:ident) => { + use ::caps::{Capability, CapSet, has_cap}; + use ::std::io::{self, Write}; - if !has_cap(None, CapSet::Effective, Capability::$capname).unwrap() { - let stderr = io::stderr(); - let mut handle = stderr.lock(); - writeln!(handle, "Insufficient capabilities. Skipping test.") - .unwrap(); - return; + if !has_cap(None, CapSet::Effective, Capability::$capname) + .unwrap() + { + let stderr = io::stderr(); + let mut handle = stderr.lock(); + writeln!(handle, + "Insufficient capabilities. Skipping test.") + .unwrap(); + return; + } + } + } + } else { + macro_rules! require_capability { + ($capname:ident) => {} } } }