scm_rights.c 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381
  1. // SPDX-License-Identifier: GPL-2.0
  2. /* Copyright Amazon.com Inc. or its affiliates. */
  3. #define _GNU_SOURCE
  4. #include <sched.h>
  5. #include <stdio.h>
  6. #include <string.h>
  7. #include <unistd.h>
  8. #include <sys/types.h>
  9. #include <sys/socket.h>
  10. #include <sys/un.h>
  11. #include "kselftest_harness.h"
  12. FIXTURE(scm_rights)
  13. {
  14. int fd[32];
  15. };
  16. FIXTURE_VARIANT(scm_rights)
  17. {
  18. char name[32];
  19. int type;
  20. int flags;
  21. bool test_listener;
  22. bool disabled;
  23. };
  24. FIXTURE_VARIANT_ADD(scm_rights, dgram)
  25. {
  26. .name = "UNIX ",
  27. .type = SOCK_DGRAM,
  28. .flags = 0,
  29. .test_listener = false,
  30. .disabled = false,
  31. };
  32. FIXTURE_VARIANT_ADD(scm_rights, dgram_disabled)
  33. {
  34. .name = "UNIX ",
  35. .type = SOCK_DGRAM,
  36. .flags = 0,
  37. .test_listener = false,
  38. .disabled = true,
  39. };
  40. FIXTURE_VARIANT_ADD(scm_rights, stream)
  41. {
  42. .name = "UNIX-STREAM ",
  43. .type = SOCK_STREAM,
  44. .flags = 0,
  45. .test_listener = false,
  46. .disabled = false,
  47. };
  48. FIXTURE_VARIANT_ADD(scm_rights, stream_disabled)
  49. {
  50. .name = "UNIX-STREAM ",
  51. .type = SOCK_STREAM,
  52. .flags = 0,
  53. .test_listener = false,
  54. .disabled = true,
  55. };
  56. FIXTURE_VARIANT_ADD(scm_rights, stream_oob)
  57. {
  58. .name = "UNIX-STREAM ",
  59. .type = SOCK_STREAM,
  60. .flags = MSG_OOB,
  61. .test_listener = false,
  62. .disabled = false,
  63. };
  64. FIXTURE_VARIANT_ADD(scm_rights, stream_oob_disabled)
  65. {
  66. .name = "UNIX-STREAM ",
  67. .type = SOCK_STREAM,
  68. .flags = MSG_OOB,
  69. .test_listener = false,
  70. .disabled = true,
  71. };
  72. FIXTURE_VARIANT_ADD(scm_rights, stream_listener)
  73. {
  74. .name = "UNIX-STREAM ",
  75. .type = SOCK_STREAM,
  76. .flags = 0,
  77. .test_listener = true,
  78. .disabled = false,
  79. };
  80. FIXTURE_VARIANT_ADD(scm_rights, stream_listener_disabled)
  81. {
  82. .name = "UNIX-STREAM ",
  83. .type = SOCK_STREAM,
  84. .flags = 0,
  85. .test_listener = true,
  86. .disabled = true,
  87. };
  88. FIXTURE_VARIANT_ADD(scm_rights, stream_listener_oob)
  89. {
  90. .name = "UNIX-STREAM ",
  91. .type = SOCK_STREAM,
  92. .flags = MSG_OOB,
  93. .test_listener = true,
  94. .disabled = false,
  95. };
  96. FIXTURE_VARIANT_ADD(scm_rights, stream_listener_oob_disabled)
  97. {
  98. .name = "UNIX-STREAM ",
  99. .type = SOCK_STREAM,
  100. .flags = MSG_OOB,
  101. .test_listener = true,
  102. .disabled = true,
  103. };
  104. static int count_sockets(struct __test_metadata *_metadata,
  105. const FIXTURE_VARIANT(scm_rights) *variant)
  106. {
  107. int sockets = -1, len, ret;
  108. char *line = NULL;
  109. size_t unused;
  110. FILE *f;
  111. f = fopen("/proc/net/protocols", "r");
  112. ASSERT_NE(NULL, f);
  113. len = strlen(variant->name);
  114. while (getline(&line, &unused, f) != -1) {
  115. int unused2;
  116. if (strncmp(line, variant->name, len))
  117. continue;
  118. ret = sscanf(line + len, "%d %d", &unused2, &sockets);
  119. ASSERT_EQ(2, ret);
  120. break;
  121. }
  122. free(line);
  123. ret = fclose(f);
  124. ASSERT_EQ(0, ret);
  125. return sockets;
  126. }
  127. FIXTURE_SETUP(scm_rights)
  128. {
  129. int ret;
  130. ret = unshare(CLONE_NEWNET);
  131. ASSERT_EQ(0, ret);
  132. if (variant->disabled)
  133. return;
  134. ret = count_sockets(_metadata, variant);
  135. ASSERT_EQ(0, ret);
  136. }
  137. FIXTURE_TEARDOWN(scm_rights)
  138. {
  139. int ret;
  140. if (variant->disabled)
  141. return;
  142. sleep(1);
  143. ret = count_sockets(_metadata, variant);
  144. ASSERT_EQ(0, ret);
  145. }
  146. static void create_listeners(struct __test_metadata *_metadata,
  147. FIXTURE_DATA(scm_rights) *self,
  148. const FIXTURE_VARIANT(scm_rights) *variant,
  149. int n)
  150. {
  151. struct sockaddr_un addr = {
  152. .sun_family = AF_UNIX,
  153. };
  154. socklen_t addrlen;
  155. int i, ret;
  156. for (i = 0; i < n * 2; i += 2) {
  157. self->fd[i] = socket(AF_UNIX, SOCK_STREAM, 0);
  158. ASSERT_LE(0, self->fd[i]);
  159. addrlen = sizeof(addr.sun_family);
  160. ret = bind(self->fd[i], (struct sockaddr *)&addr, addrlen);
  161. ASSERT_EQ(0, ret);
  162. ret = listen(self->fd[i], -1);
  163. ASSERT_EQ(0, ret);
  164. if (variant->disabled) {
  165. ret = setsockopt(self->fd[i], SOL_SOCKET, SO_PASSRIGHTS,
  166. &(int){0}, sizeof(int));
  167. ASSERT_EQ(0, ret);
  168. }
  169. addrlen = sizeof(addr);
  170. ret = getsockname(self->fd[i], (struct sockaddr *)&addr, &addrlen);
  171. ASSERT_EQ(0, ret);
  172. self->fd[i + 1] = socket(AF_UNIX, SOCK_STREAM, 0);
  173. ASSERT_LE(0, self->fd[i + 1]);
  174. ret = connect(self->fd[i + 1], (struct sockaddr *)&addr, addrlen);
  175. ASSERT_EQ(0, ret);
  176. }
  177. }
  178. static void create_socketpairs(struct __test_metadata *_metadata,
  179. FIXTURE_DATA(scm_rights) *self,
  180. const FIXTURE_VARIANT(scm_rights) *variant,
  181. int n)
  182. {
  183. int i, ret;
  184. ASSERT_GE(sizeof(self->fd) / sizeof(int), n);
  185. for (i = 0; i < n * 2; i += 2) {
  186. ret = socketpair(AF_UNIX, variant->type, 0, self->fd + i);
  187. ASSERT_EQ(0, ret);
  188. if (variant->disabled) {
  189. ret = setsockopt(self->fd[i], SOL_SOCKET, SO_PASSRIGHTS,
  190. &(int){0}, sizeof(int));
  191. ASSERT_EQ(0, ret);
  192. }
  193. }
  194. }
  195. static void __create_sockets(struct __test_metadata *_metadata,
  196. FIXTURE_DATA(scm_rights) *self,
  197. const FIXTURE_VARIANT(scm_rights) *variant,
  198. int n)
  199. {
  200. ASSERT_LE(n * 2, sizeof(self->fd) / sizeof(self->fd[0]));
  201. if (variant->test_listener)
  202. create_listeners(_metadata, self, variant, n);
  203. else
  204. create_socketpairs(_metadata, self, variant, n);
  205. }
  206. static void __close_sockets(struct __test_metadata *_metadata,
  207. FIXTURE_DATA(scm_rights) *self,
  208. int n)
  209. {
  210. int i, ret;
  211. ASSERT_GE(sizeof(self->fd) / sizeof(int), n);
  212. for (i = 0; i < n * 2; i++) {
  213. ret = close(self->fd[i]);
  214. ASSERT_EQ(0, ret);
  215. }
  216. }
  217. void __send_fd(struct __test_metadata *_metadata,
  218. const FIXTURE_DATA(scm_rights) *self,
  219. const FIXTURE_VARIANT(scm_rights) *variant,
  220. int inflight, int receiver)
  221. {
  222. #define MSG "x"
  223. #define MSGLEN 1
  224. int fds[2] = {
  225. self->fd[inflight * 2],
  226. self->fd[inflight * 2],
  227. };
  228. char cmsg_buf[CMSG_SPACE(sizeof(fds))];
  229. struct iovec iov = {
  230. .iov_base = MSG,
  231. .iov_len = MSGLEN,
  232. };
  233. struct msghdr msg = {
  234. .msg_name = NULL,
  235. .msg_namelen = 0,
  236. .msg_iov = &iov,
  237. .msg_iovlen = 1,
  238. .msg_control = cmsg_buf,
  239. .msg_controllen = sizeof(cmsg_buf),
  240. };
  241. struct cmsghdr *cmsg;
  242. int ret;
  243. cmsg = CMSG_FIRSTHDR(&msg);
  244. cmsg->cmsg_level = SOL_SOCKET;
  245. cmsg->cmsg_type = SCM_RIGHTS;
  246. cmsg->cmsg_len = CMSG_LEN(sizeof(fds));
  247. memcpy(CMSG_DATA(cmsg), fds, sizeof(fds));
  248. ret = sendmsg(self->fd[receiver * 2 + 1], &msg, variant->flags);
  249. if (variant->disabled) {
  250. ASSERT_EQ(-1, ret);
  251. ASSERT_EQ(-EPERM, -errno);
  252. } else {
  253. ASSERT_EQ(MSGLEN, ret);
  254. }
  255. }
  256. #define create_sockets(n) \
  257. __create_sockets(_metadata, self, variant, n)
  258. #define close_sockets(n) \
  259. __close_sockets(_metadata, self, n)
  260. #define send_fd(inflight, receiver) \
  261. __send_fd(_metadata, self, variant, inflight, receiver)
  262. TEST_F(scm_rights, self_ref)
  263. {
  264. create_sockets(2);
  265. send_fd(0, 0);
  266. send_fd(1, 1);
  267. close_sockets(2);
  268. }
  269. TEST_F(scm_rights, triangle)
  270. {
  271. create_sockets(6);
  272. send_fd(0, 1);
  273. send_fd(1, 2);
  274. send_fd(2, 0);
  275. send_fd(3, 4);
  276. send_fd(4, 5);
  277. send_fd(5, 3);
  278. close_sockets(6);
  279. }
  280. TEST_F(scm_rights, cross_edge)
  281. {
  282. create_sockets(8);
  283. send_fd(0, 1);
  284. send_fd(1, 2);
  285. send_fd(2, 0);
  286. send_fd(1, 3);
  287. send_fd(3, 2);
  288. send_fd(4, 5);
  289. send_fd(5, 6);
  290. send_fd(6, 4);
  291. send_fd(5, 7);
  292. send_fd(7, 6);
  293. close_sockets(8);
  294. }
  295. TEST_F(scm_rights, backtrack_from_scc)
  296. {
  297. create_sockets(10);
  298. send_fd(0, 1);
  299. send_fd(0, 4);
  300. send_fd(1, 2);
  301. send_fd(2, 3);
  302. send_fd(3, 1);
  303. send_fd(5, 6);
  304. send_fd(5, 9);
  305. send_fd(6, 7);
  306. send_fd(7, 8);
  307. send_fd(8, 6);
  308. close_sockets(10);
  309. }
  310. TEST_HARNESS_MAIN