proc-subset-pid.c 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121
  1. /*
  2. * Copyright (c) 2021 Alexey Dobriyan <adobriyan@gmail.com>
  3. *
  4. * Permission to use, copy, modify, and distribute this software for any
  5. * purpose with or without fee is hereby granted, provided that the above
  6. * copyright notice and this permission notice appear in all copies.
  7. *
  8. * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  9. * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  10. * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  11. * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  12. * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  13. * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  14. * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  15. */
  16. /*
  17. * Test that "mount -t proc -o subset=pid" hides everything but pids,
  18. * /proc/self and /proc/thread-self.
  19. */
  20. #undef NDEBUG
  21. #include <assert.h>
  22. #include <errno.h>
  23. #include <sched.h>
  24. #include <stdbool.h>
  25. #include <stdlib.h>
  26. #include <string.h>
  27. #include <sys/mount.h>
  28. #include <sys/types.h>
  29. #include <sys/stat.h>
  30. #include <fcntl.h>
  31. #include <dirent.h>
  32. #include <unistd.h>
  33. #include <stdio.h>
  34. static inline bool streq(const char *a, const char *b)
  35. {
  36. return strcmp(a, b) == 0;
  37. }
  38. static void make_private_proc(void)
  39. {
  40. if (unshare(CLONE_NEWNS) == -1) {
  41. if (errno == ENOSYS || errno == EPERM) {
  42. exit(4);
  43. }
  44. exit(1);
  45. }
  46. if (mount(NULL, "/", NULL, MS_PRIVATE|MS_REC, NULL) == -1) {
  47. exit(1);
  48. }
  49. if (mount(NULL, "/proc", "proc", 0, "subset=pid") == -1) {
  50. exit(1);
  51. }
  52. }
  53. static bool string_is_pid(const char *s)
  54. {
  55. while (1) {
  56. switch (*s++) {
  57. case '0':case '1':case '2':case '3':case '4':
  58. case '5':case '6':case '7':case '8':case '9':
  59. continue;
  60. case '\0':
  61. return true;
  62. default:
  63. return false;
  64. }
  65. }
  66. }
  67. int main(void)
  68. {
  69. make_private_proc();
  70. DIR *d = opendir("/proc");
  71. assert(d);
  72. struct dirent *de;
  73. bool dot = false;
  74. bool dot_dot = false;
  75. bool self = false;
  76. bool thread_self = false;
  77. while ((de = readdir(d))) {
  78. if (streq(de->d_name, ".")) {
  79. assert(!dot);
  80. dot = true;
  81. assert(de->d_type == DT_DIR);
  82. } else if (streq(de->d_name, "..")) {
  83. assert(!dot_dot);
  84. dot_dot = true;
  85. assert(de->d_type == DT_DIR);
  86. } else if (streq(de->d_name, "self")) {
  87. assert(!self);
  88. self = true;
  89. assert(de->d_type == DT_LNK);
  90. } else if (streq(de->d_name, "thread-self")) {
  91. assert(!thread_self);
  92. thread_self = true;
  93. assert(de->d_type == DT_LNK);
  94. } else {
  95. if (!string_is_pid(de->d_name)) {
  96. fprintf(stderr, "d_name '%s'\n", de->d_name);
  97. assert(0);
  98. }
  99. assert(de->d_type == DT_DIR);
  100. }
  101. }
  102. char c;
  103. int rv = readlink("/proc/cpuinfo", &c, 1);
  104. assert(rv == -1 && errno == ENOENT);
  105. int fd = open("/proc/cpuinfo", O_RDONLY);
  106. assert(fd == -1 && errno == ENOENT);
  107. return 0;
  108. }