未验证 提交 f51bac84 编写于 作者: O openharmony_ci 提交者: Gitee

!2813 OpenHarmony3.1.5.5 Hi3516DV300 L1 LiteOS 内源代码修改

Merge pull request !2813 from 胡吉翔/lite_20220323_02
......@@ -35,12 +35,13 @@ int CapInit()
{
// Init capabilities
struct __user_cap_header_struct capheader;
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
(void)memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM];
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
(void)memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
capdata[0].permitted = LINUX_FULL_CAP;
capdata[0].effective = LINUX_FULL_CAP;
capdata[0].inheritable = LINUX_FULL_CAP;
......@@ -55,12 +56,21 @@ int CapInit()
int DropCAPCHOWN()
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPCHOWN memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPCHOWN memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_CHOWN
capdata[CAP_TO_INDEX(CAP_CHOWN)].permitted &= ~CAP_TO_MASK(CAP_CHOWN);
capdata[CAP_TO_INDEX(CAP_CHOWN)].effective &= ~CAP_TO_MASK(CAP_CHOWN);
......@@ -75,12 +85,21 @@ int DropCAPCHOWN()
int DropCAPDACOVERRIDE()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPDACOVERRIDE memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPDACOVERRIDE memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_DAC_OVERRIDE
capdata[CAP_TO_INDEX(CAP_DAC_OVERRIDE)].permitted &= ~CAP_TO_MASK(CAP_DAC_OVERRIDE);
capdata[CAP_TO_INDEX(CAP_DAC_OVERRIDE)].effective &= ~CAP_TO_MASK(CAP_DAC_OVERRIDE);
......@@ -95,12 +114,21 @@ int DropCAPDACOVERRIDE()
int DropCAPDACREADSEARCH()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPDACREADSEARCH memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPDACREADSEARCH memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_DAC_READ_SEARCH
capdata[CAP_TO_INDEX(CAP_DAC_READ_SEARCH)].permitted &= ~CAP_TO_MASK(CAP_DAC_READ_SEARCH);
capdata[CAP_TO_INDEX(CAP_DAC_READ_SEARCH)].effective &= ~CAP_TO_MASK(CAP_DAC_READ_SEARCH);
......@@ -115,12 +143,21 @@ int DropCAPDACREADSEARCH()
int DropCAPDACOVERRIDEAndREADSEARCH()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPDACOVERRIDEAndREADSEARCH memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPDACOVERRIDEAndREADSEARCH memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH
capdata[CAP_TO_INDEX(CAP_DAC_READ_SEARCH)].permitted &= ~CAP_TO_MASK(CAP_DAC_READ_SEARCH);
capdata[CAP_TO_INDEX(CAP_DAC_READ_SEARCH)].effective &= ~CAP_TO_MASK(CAP_DAC_READ_SEARCH);
......@@ -138,12 +175,21 @@ int DropCAPDACOVERRIDEAndREADSEARCH()
int DropCAPFOWNER()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPFOWNER memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPFOWNER memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_FOWNER
capdata[CAP_TO_INDEX(CAP_FOWNER)].permitted &= ~CAP_TO_MASK(CAP_FOWNER);
capdata[CAP_TO_INDEX(CAP_FOWNER)].effective &= ~CAP_TO_MASK(CAP_FOWNER);
......@@ -158,12 +204,21 @@ int DropCAPFOWNER()
int DropCAPKILL()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPKILL memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPKILL memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_KILL
capdata[CAP_TO_INDEX(CAP_KILL)].permitted &= ~CAP_TO_MASK(CAP_KILL);
capdata[CAP_TO_INDEX(CAP_KILL)].effective &= ~CAP_TO_MASK(CAP_KILL);
......@@ -178,12 +233,21 @@ int DropCAPKILL()
int DropCAPSETGID()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPSETGID memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct);
if (result != EOK) {
LOG("DropCAPSETGID memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_SETGID
capdata[CAP_TO_INDEX(CAP_SETGID)].permitted &= ~CAP_TO_MASK(CAP_SETGID);
capdata[CAP_TO_INDEX(CAP_SETGID)].effective &= ~CAP_TO_MASK(CAP_SETGID);
......@@ -198,12 +262,21 @@ int DropCAPSETGID()
int DropCAPSETUID()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPSETUID memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPSETUID memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_SETUID
capdata[CAP_TO_INDEX(CAP_SETUID)].permitted &= ~CAP_TO_MASK(CAP_SETUID);
capdata[CAP_TO_INDEX(CAP_SETUID)].effective &= ~CAP_TO_MASK(CAP_SETUID);
......@@ -218,12 +291,21 @@ int DropCAPSETUID()
int DropCAPSETPCAP()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPSETPCAP memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPSETPCAP memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_SETPCAP
capdata[CAP_TO_INDEX(CAP_SETPCAP)].permitted &= ~CAP_TO_MASK(CAP_SETPCAP);
capdata[CAP_TO_INDEX(CAP_SETPCAP)].effective &= ~CAP_TO_MASK(CAP_SETPCAP);
......@@ -238,12 +320,21 @@ int DropCAPSETPCAP()
int DropCAPSYSNICE()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPSYSNICE memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPSYSNICE memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_SYS_NICE
capdata[CAP_TO_INDEX(CAP_SYS_NICE)].permitted &= ~CAP_TO_MASK(CAP_SYS_NICE);
capdata[CAP_TO_INDEX(CAP_SYS_NICE)].effective &= ~CAP_TO_MASK(CAP_SYS_NICE);
......@@ -258,12 +349,21 @@ int DropCAPSYSNICE()
int DropCAPSYSTIME()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropCAPSYSTIME memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropCAPSYSTIME memset_s failed");
return FALSE;
};
// Drop the capabilities of CAP_SYS_TIME
capdata[CAP_TO_INDEX(CAP_SYS_TIME)].permitted &= ~CAP_TO_MASK(CAP_SYS_TIME);
capdata[CAP_TO_INDEX(CAP_SYS_TIME)].effective &= ~CAP_TO_MASK(CAP_SYS_TIME);
......@@ -278,12 +378,21 @@ int DropCAPSYSTIME()
int DropAllCAP()
{
struct __user_cap_header_struct capheader = { 0, 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("DropAllCAP memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("DropAllCAP memset_s failed");
return FALSE;
};
// Drop all the capabilities
capdata[0].permitted = NO_CAP;
capdata[0].effective = NO_CAP;
......
......@@ -214,12 +214,13 @@ static void CreateTxt()
static int CapsetOnlySETPCAP(int num)
{
struct __user_cap_header_struct capheader;
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
(void)memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM];
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
(void)memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
capdata[CAP_TO_INDEX(CAP_SETPCAP)].permitted |= CAP_TO_MASK(CAP_SETPCAP);
capdata[CAP_TO_INDEX(CAP_SETPCAP)].effective |= CAP_TO_MASK(CAP_SETPCAP);
capdata[CAP_TO_INDEX(CAP_SETPCAP)].inheritable |= CAP_TO_MASK(CAP_SETPCAP);
......@@ -235,12 +236,13 @@ static int CapsetOnlySETPCAP(int num)
static int AddCapUnauthorized(int num)
{
struct __user_cap_header_struct capheader;
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
(void)memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM];
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
(void)memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
capdata[0].permitted = LINUX_FULL_CAP;
capdata[0].effective = LINUX_FULL_CAP;
capdata[0].inheritable = LINUX_FULL_CAP;
......@@ -256,12 +258,21 @@ static int AddCapUnauthorized(int num)
static int CapgetWithAllCap(int num)
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdataget[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
int ret = capget(&capheader, &capdataget[0]);
if (ret != 0) {
EXPECT_EQ(ret, 0) << "ErrInfo: Failed to get CAPs";
......@@ -280,12 +291,21 @@ static int CapgetWithAllCap(int num)
static int CapgetWithNoCap(int num)
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdataget[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
int ret = capget(&capheader, &capdataget[0]);
if (ret != 0) {
EXPECT_EQ(ret, 0) << "ErrInfo: Failed to get CAPs";
......@@ -304,12 +324,21 @@ static int CapgetWithNoCap(int num)
static int CapgetOnlySETPCAP(int num)
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdataget[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
int ret = capget(&capheader, &capdataget[0]);
if (ret != 0) {
EXPECT_EQ(ret, 0) << "ErrInfo: Failed to get CAPs";
......@@ -372,12 +401,21 @@ static int CapsetWithoutSETPCAP()
static int CapsetWithVersion(pid_t pid, unsigned int version)
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
capheader.pid = pid;
capheader.version = version;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
// Capget based on input parameters
int ret = capset(&capheader, &capdata[0]);
if (ret != 0) {
......@@ -390,12 +428,21 @@ static int CapsetWithVersion(pid_t pid, unsigned int version)
static int CapgetWithVersion(pid_t pid, unsigned int version)
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
capheader.pid = pid;
capheader.version = version;
struct __user_cap_data_struct capdataget[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
// Capget based on input parameters
int ret = capget(&capheader, &capdataget[0]);
if (ret != 0) {
......@@ -408,12 +455,21 @@ static int CapgetWithVersion(pid_t pid, unsigned int version)
static int CapgetWithCaps(pid_t pid, unsigned int caps)
{
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
error_t result = memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
capheader.pid = pid;
capheader.version = _LINUX_CAPABILITY_VERSION_3;
struct __user_cap_data_struct capdataget[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
result = memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0xff, CAP_NUM * sizeof(struct __user_cap_data_struct));
if (result != EOK) {
LOG("CapgetWithAllCap memset_s failed");
return FALSE;
};
// Capget based on input parameters and check whether the capability is the same as the input parameter
int ret = capget(&capheader, &capdataget[0]);
if (ret != 0 || capdataget[0].effective != caps) {
......@@ -1179,12 +1235,13 @@ HWTEST_F(CapabilityTestSuite, CapabilityTest1500, Reliability | MediumTest | Lev
if (pid == 0) {
int exitCode = 0;
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
(void)memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
struct __user_cap_data_struct capdata[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
LINUX_FULL_CAP, CAP_NUM * sizeof(struct __user_cap_data_struct));
(void)memset_s(capdata, CAP_NUM * sizeof(struct __user_cap_data_struct),
LINUX_FULL_CAP, CAP_NUM * sizeof(struct __user_cap_data_struct));
capdata[CAP_TO_INDEX(INVALID_CAP_TO_INDEX)].permitted &= ~CAP_TO_MASK(INVALID_CAP_TO_INDEX);
capdata[CAP_TO_INDEX(INVALID_CAP_TO_INDEX)].effective &= ~CAP_TO_MASK(INVALID_CAP_TO_INDEX);
capdata[CAP_TO_INDEX(INVALID_CAP_TO_INDEX)].inheritable &= ~CAP_TO_MASK(INVALID_CAP_TO_INDEX);
......@@ -1583,10 +1640,11 @@ HWTEST_F(CapabilityTestSuite, CapabilityTest2300, Security | MediumTest | Level1
{
int ret;
struct __user_cap_header_struct capheader = { 0 };
memset_s(&capheader, sizeof(struct __user_cap_header_struct), 0, sizeof(struct __user_cap_header_struct));
(void)memset_s(&capheader, sizeof(struct __user_cap_header_struct),
0, sizeof(struct __user_cap_header_struct));
capheader.version = _LINUX_CAPABILITY_VERSION_3;
struct __user_cap_data_struct capdataget[CAP_NUM] = { { 0 }, { 0 } };
memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
(void)memset_s(capdataget, CAP_NUM * sizeof(struct __user_cap_data_struct),
0, CAP_NUM * sizeof(struct __user_cap_data_struct));
pid_t pid = getpid();
for (int num = OTHER_PID; num <= pid; num++) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册