More aggressive cap_test to ensure the launcher isolates context

Stress test the launcher code a little harder.

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>

2 files changed, 40 insertions, 26 deletions

diff --git a/cap/cap_test.go b/cap/cap_test.go
index db4d61c..71c9618 100644
--- a/cap/cap_test.go
+++ b/cap/cap_test.go
@@ -220,34 +220,45 @@ func TestFuncLaunch(t *testing.T) {
 		t.Fatalf("trivial launcher failed: %v", err)
 	}
 
-	before, err := singlesc.prctlrcall(prGetKeepCaps, 0, 0)
-	if err != nil {
-		t.Fatalf("failed to get PR_KEEP_CAPS: %v", err)
-	}
-
-	if _, err := FuncLauncher(func(data interface{}) error {
-		was, ok := data.(int)
-		if !ok {
-			return fmt.Errorf("data was not an int: %v", data)
+	for i := 0; i < 100; i++ {
+		expect := i & 1
+		before, err := Prctl(prGetKeepCaps)
+		if err != nil {
+			t.Fatalf("failed to get PR_KEEP_CAPS: %v", err)
 		}
-		if _, err := Prctlw(prSetKeepCaps, uintptr(1-was)); err != nil {
-			return err
+		if before != expect {
+			t.Fatalf("invalid initial state: got=%d want=%d", before, expect)
 		}
-		if v, err := Prctl(prGetKeepCaps); err != nil {
-			return err
-		} else if v == was {
-			return fmt.Errorf("PR_KEEP_CAPS unchanged: got=%d, want=%v", v, 1-was)
+
+		if _, err := FuncLauncher(func(data interface{}) error {
+			was, ok := data.(int)
+			if !ok {
+				return fmt.Errorf("data was not an int: %v", data)
+			}
+			if _, err := Prctlw(prSetKeepCaps, uintptr(1-was)); err != nil {
+				return err
+			}
+			if v, err := Prctl(prGetKeepCaps); err != nil {
+				return err
+			} else if v == was {
+				return fmt.Errorf("PR_KEEP_CAPS unchanged: got=%d, want=%v", v, 1-was)
+			}
+			// All good.
+			return nil
+		}).Launch(before); err != nil {
+			t.Fatalf("trivial launcher failed: %v", err)
 		}
-		// All good.
-		return nil
-	}).Launch(before); err != nil {
-		t.Fatalf("trivial launcher failed: %v", err)
-	}
 
-	// Now validate that the main process is still OK.
-	if after, err := singlesc.prctlrcall(prGetKeepCaps, 0, 0); err != nil {
-		t.Fatalf("failed to get PR_KEEP_CAPS: %v", err)
-	} else if before != after {
-		t.Fatalf("FuncLauncher leaked privileged state: got=%v want=%v", after, before)
+		// Now validate that the main process is still OK.
+		if after, err := Prctl(prGetKeepCaps); err != nil {
+			t.Fatalf("failed to get PR_KEEP_CAPS: %v", err)
+		} else if before != after {
+			t.Fatalf("FuncLauncher leaked privileged state: got=%v want=%v", after, before)
+		}
+
+		// Now force the other way
+		if _, err := Prctlw(prSetKeepCaps, uintptr(1-expect)); err != nil {
+			t.Fatalf("[%d] attempt to flip PR_KEEP_CAPS failed: %v", i, err)
+		}
 	}
 }
diff --git a/go/Makefile b/go/Makefile
index 6de5660..d9c9182 100644
--- a/go/Makefile
+++ b/go/Makefile
@@ -78,8 +78,10 @@ endif
 
 psx-signals: psx-signals.go $(PSXGOPACKAGE)
 	CC="$(CC)" GO111MODULE=off CGO_ENABLED="$(CGO_REQUIRED)" CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" GOPATH=$(GOPATH) $(GO) build $<
+
 ifeq ($(CGO_REQUIRED),0)
-	CC="$(CC)" GO111MODULE=off CGO_ENABLED="1" CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" GOPATH=$(GOPATH) $(GO) build -o $@-cgo $<
+psx-signals-cgo: psx-signals.go $(PSXGOPACKAGE)
+	CC="$(CC)" GO111MODULE=off CGO_ENABLED="1" CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" GOPATH=$(GOPATH) $(GO) build -o $@ $<
 endif
 
 b210613: b210613.go $(CAPGOPACKAGE)
@@ -91,6 +93,7 @@ test: all
 	LD_LIBRARY_PATH=../libcap ./compare-cap
 	./psx-signals
 ifeq ($(CGO_REQUIRED),0)
+	$(MAKE) psx-signals-cgo
 	./psx-signals-cgo
 endif
 	./setid --caps=false