]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
0999c8ad RC |
2 | |
3 | #include <fcntl.h> | |
a70877d8 | 4 | #include <sys/eventfd.h> |
58dfcc57 | 5 | #include <sys/mount.h> |
0999c8ad RC |
6 | #include <unistd.h> |
7 | ||
8 | #include "alloc-util.h" | |
6a818c3c | 9 | #include "data-fd-util.h" |
0999c8ad RC |
10 | #include "fd-util.h" |
11 | #include "fileio.h" | |
8067fe86 | 12 | #include "fs-util.h" |
0999c8ad | 13 | #include "macro.h" |
0a970718 | 14 | #include "memory-util.h" |
b6891972 | 15 | #include "missing_syscall.h" |
58dfcc57 | 16 | #include "mkdir.h" |
b6891972 | 17 | #include "mount-util.h" |
58dfcc57 | 18 | #include "namespace-util.h" |
aa11e28b LP |
19 | #include "path-util.h" |
20 | #include "process-util.h" | |
a548e14d | 21 | #include "random-util.h" |
59c4bbfb | 22 | #include "rlimit-util.h" |
58dfcc57 | 23 | #include "rm-rf.h" |
b6891972 | 24 | #include "seccomp-util.h" |
0a2152f0 | 25 | #include "serialize.h" |
fdb583e6 | 26 | #include "stat-util.h" |
a548e14d | 27 | #include "string-util.h" |
6d7c4033 | 28 | #include "tests.h" |
e4de7287 | 29 | #include "tmpfile-util.h" |
0999c8ad | 30 | |
4f7452a8 | 31 | TEST(close_many) { |
0999c8ad | 32 | int fds[3]; |
596b44b1 DT |
33 | _cleanup_(unlink_tempfilep) char name0[] = "/tmp/test-close-many.XXXXXX"; |
34 | _cleanup_(unlink_tempfilep) char name1[] = "/tmp/test-close-many.XXXXXX"; | |
35 | _cleanup_(unlink_tempfilep) char name2[] = "/tmp/test-close-many.XXXXXX"; | |
0999c8ad | 36 | |
646853bd TM |
37 | fds[0] = mkostemp_safe(name0); |
38 | fds[1] = mkostemp_safe(name1); | |
39 | fds[2] = mkostemp_safe(name2); | |
0999c8ad RC |
40 | |
41 | close_many(fds, 2); | |
42 | ||
43 | assert_se(fcntl(fds[0], F_GETFD) == -1); | |
44 | assert_se(fcntl(fds[1], F_GETFD) == -1); | |
45 | assert_se(fcntl(fds[2], F_GETFD) >= 0); | |
46 | ||
47 | safe_close(fds[2]); | |
0999c8ad RC |
48 | } |
49 | ||
4f7452a8 | 50 | TEST(close_nointr) { |
596b44b1 | 51 | _cleanup_(unlink_tempfilep) char name[] = "/tmp/test-test-close_nointr.XXXXXX"; |
0999c8ad RC |
52 | int fd; |
53 | ||
646853bd | 54 | fd = mkostemp_safe(name); |
0999c8ad RC |
55 | assert_se(fd >= 0); |
56 | assert_se(close_nointr(fd) >= 0); | |
57 | assert_se(close_nointr(fd) < 0); | |
0999c8ad RC |
58 | } |
59 | ||
4f7452a8 | 60 | TEST(same_fd) { |
34014779 | 61 | _cleanup_close_pair_ int p[2]; |
254d1313 | 62 | _cleanup_close_ int a, b, c; |
0999c8ad RC |
63 | |
64 | assert_se(pipe2(p, O_CLOEXEC) >= 0); | |
43dc7aa2 | 65 | assert_se((a = fcntl(p[0], F_DUPFD, 3)) >= 0); |
0999c8ad | 66 | assert_se((b = open("/dev/null", O_RDONLY|O_CLOEXEC)) >= 0); |
43dc7aa2 | 67 | assert_se((c = fcntl(a, F_DUPFD, 3)) >= 0); |
0999c8ad RC |
68 | |
69 | assert_se(same_fd(p[0], p[0]) > 0); | |
70 | assert_se(same_fd(p[1], p[1]) > 0); | |
71 | assert_se(same_fd(a, a) > 0); | |
72 | assert_se(same_fd(b, b) > 0); | |
73 | ||
74 | assert_se(same_fd(a, p[0]) > 0); | |
75 | assert_se(same_fd(p[0], a) > 0); | |
76 | assert_se(same_fd(c, p[0]) > 0); | |
77 | assert_se(same_fd(p[0], c) > 0); | |
78 | assert_se(same_fd(a, c) > 0); | |
79 | assert_se(same_fd(c, a) > 0); | |
80 | ||
81 | assert_se(same_fd(p[0], p[1]) == 0); | |
82 | assert_se(same_fd(p[1], p[0]) == 0); | |
83 | assert_se(same_fd(p[0], b) == 0); | |
84 | assert_se(same_fd(b, p[0]) == 0); | |
85 | assert_se(same_fd(p[1], a) == 0); | |
86 | assert_se(same_fd(a, p[1]) == 0); | |
87 | assert_se(same_fd(p[1], b) == 0); | |
88 | assert_se(same_fd(b, p[1]) == 0); | |
89 | ||
90 | assert_se(same_fd(a, b) == 0); | |
91 | assert_se(same_fd(b, a) == 0); | |
92 | } | |
93 | ||
4f7452a8 | 94 | TEST(open_serialization_fd) { |
254d1313 | 95 | _cleanup_close_ int fd = -EBADF; |
504afd7c ZJS |
96 | |
97 | fd = open_serialization_fd("test"); | |
98 | assert_se(fd >= 0); | |
99 | ||
ca9b2b4d | 100 | assert_se(write(fd, "test\n", 5) == 5); |
504afd7c ZJS |
101 | } |
102 | ||
81b913f0 LB |
103 | TEST(open_serialization_file) { |
104 | _cleanup_fclose_ FILE *f = NULL; | |
105 | int r; | |
106 | ||
107 | r = open_serialization_file("test", &f); | |
108 | assert_se(r >= 0); | |
109 | assert_se(f); | |
110 | ||
111 | assert_se(fwrite("test\n", 1, 5, f) == 5); | |
112 | } | |
113 | ||
4f7452a8 | 114 | TEST(fd_move_above_stdio) { |
7fe2903c LP |
115 | int original_stdin, new_fd; |
116 | ||
117 | original_stdin = fcntl(0, F_DUPFD, 3); | |
118 | assert_se(original_stdin >= 3); | |
119 | assert_se(close_nointr(0) != EBADF); | |
120 | ||
121 | new_fd = open("/dev/null", O_RDONLY); | |
122 | assert_se(new_fd == 0); | |
123 | ||
124 | new_fd = fd_move_above_stdio(new_fd); | |
125 | assert_se(new_fd >= 3); | |
126 | ||
127 | assert_se(dup(original_stdin) == 0); | |
128 | assert_se(close_nointr(original_stdin) != EBADF); | |
129 | assert_se(close_nointr(new_fd) != EBADF); | |
130 | } | |
131 | ||
4f7452a8 | 132 | TEST(rearrange_stdio) { |
aa11e28b LP |
133 | pid_t pid; |
134 | int r; | |
135 | ||
136 | r = safe_fork("rearrange", FORK_WAIT|FORK_LOG, &pid); | |
137 | assert_se(r >= 0); | |
138 | ||
139 | if (r == 0) { | |
140 | _cleanup_free_ char *path = NULL; | |
141 | char buffer[10]; | |
142 | ||
143 | /* Child */ | |
144 | ||
145 | safe_close(STDERR_FILENO); /* Let's close an fd < 2, to make it more interesting */ | |
146 | ||
5bb1d7fb | 147 | assert_se(rearrange_stdio(-EBADF, -EBADF, -EBADF) >= 0); |
aa11e28b LP |
148 | |
149 | assert_se(fd_get_path(STDIN_FILENO, &path) >= 0); | |
150 | assert_se(path_equal(path, "/dev/null")); | |
151 | path = mfree(path); | |
152 | ||
153 | assert_se(fd_get_path(STDOUT_FILENO, &path) >= 0); | |
154 | assert_se(path_equal(path, "/dev/null")); | |
155 | path = mfree(path); | |
156 | ||
157 | assert_se(fd_get_path(STDOUT_FILENO, &path) >= 0); | |
158 | assert_se(path_equal(path, "/dev/null")); | |
159 | path = mfree(path); | |
160 | ||
161 | safe_close(STDIN_FILENO); | |
162 | safe_close(STDOUT_FILENO); | |
163 | safe_close(STDERR_FILENO); | |
164 | ||
165 | { | |
166 | int pair[2]; | |
167 | assert_se(pipe(pair) >= 0); | |
168 | assert_se(pair[0] == 0); | |
169 | assert_se(pair[1] == 1); | |
170 | assert_se(fd_move_above_stdio(0) == 3); | |
171 | } | |
172 | assert_se(open("/dev/full", O_WRONLY|O_CLOEXEC) == 0); | |
173 | assert_se(acquire_data_fd("foobar", 6, 0) == 2); | |
174 | ||
175 | assert_se(rearrange_stdio(2, 0, 1) >= 0); | |
176 | ||
177 | assert_se(write(1, "x", 1) < 0 && errno == ENOSPC); | |
178 | assert_se(write(2, "z", 1) == 1); | |
179 | assert_se(read(3, buffer, sizeof(buffer)) == 1); | |
180 | assert_se(buffer[0] == 'z'); | |
181 | assert_se(read(0, buffer, sizeof(buffer)) == 6); | |
182 | assert_se(memcmp(buffer, "foobar", 6) == 0); | |
183 | ||
5bb1d7fb | 184 | assert_se(rearrange_stdio(-EBADF, 1, 2) >= 0); |
aa11e28b LP |
185 | assert_se(write(1, "a", 1) < 0 && errno == ENOSPC); |
186 | assert_se(write(2, "y", 1) == 1); | |
187 | assert_se(read(3, buffer, sizeof(buffer)) == 1); | |
188 | assert_se(buffer[0] == 'y'); | |
189 | ||
190 | assert_se(fd_get_path(0, &path) >= 0); | |
191 | assert_se(path_equal(path, "/dev/null")); | |
192 | path = mfree(path); | |
193 | ||
194 | _exit(EXIT_SUCCESS); | |
195 | } | |
196 | } | |
197 | ||
4f7452a8 | 198 | TEST(read_nr_open) { |
9264cc39 LP |
199 | log_info("nr-open: %i", read_nr_open()); |
200 | } | |
201 | ||
59c4bbfb LP |
202 | static size_t validate_fds( |
203 | bool opened, | |
204 | const int *fds, | |
205 | size_t n_fds) { | |
206 | ||
207 | size_t c = 0; | |
208 | ||
209 | /* Validates that fds in the specified array are one of the following three: | |
210 | * | |
211 | * 1. < 0 (test is skipped) or | |
212 | * 2. opened (if 'opened' param is true) or | |
213 | * 3. closed (if 'opened' param is false) | |
214 | */ | |
215 | ||
216 | for (size_t i = 0; i < n_fds; i++) { | |
217 | if (fds[i] < 0) | |
218 | continue; | |
219 | ||
220 | if (opened) | |
221 | assert_se(fcntl(fds[i], F_GETFD) >= 0); | |
222 | else | |
223 | assert_se(fcntl(fds[i], F_GETFD) < 0 && errno == EBADF); | |
224 | ||
225 | c++; | |
226 | } | |
227 | ||
228 | return c; /* Return number of fds >= 0 in the array */ | |
229 | } | |
230 | ||
b6891972 | 231 | static void test_close_all_fds_inner(void) { |
59c4bbfb | 232 | _cleanup_free_ int *fds = NULL, *keep = NULL; |
59c4bbfb | 233 | size_t n_fds, n_keep; |
73fc0cbc | 234 | int max_fd; |
59c4bbfb LP |
235 | |
236 | log_info("/* %s */", __func__); | |
237 | ||
238 | rlimit_nofile_bump(-1); | |
239 | ||
73fc0cbc LP |
240 | max_fd = get_max_fd(); |
241 | assert_se(max_fd > 10); | |
59c4bbfb | 242 | |
b6891972 LP |
243 | if (max_fd > 7000) { |
244 | /* If the worst fallback is activated we need to iterate through all possible fds, hence, | |
245 | * let's lower the limit a small bit, so that we don't run for too long. Yes, this undoes the | |
246 | * rlimit_nofile_bump() call above partially. */ | |
247 | ||
248 | (void) setrlimit_closest(RLIMIT_NOFILE, &(struct rlimit) { 7000, 7000 }); | |
249 | max_fd = 7000; | |
250 | } | |
251 | ||
59c4bbfb | 252 | /* Try to use 5000 fds, but when we can't bump the rlimit to make that happen use the whole limit minus 10 */ |
73fc0cbc | 253 | n_fds = MIN(((size_t) max_fd & ~1U) - 10U, 5000U); |
59c4bbfb LP |
254 | assert_se((n_fds & 1U) == 0U); /* make sure even number of fds */ |
255 | ||
256 | /* Allocate the determined number of fds, always two at a time */ | |
257 | assert_se(fds = new(int, n_fds)); | |
258 | for (size_t i = 0; i < n_fds; i += 2) | |
259 | assert_se(pipe2(fds + i, O_CLOEXEC) >= 0); | |
260 | ||
261 | /* Validate this worked */ | |
262 | assert_se(validate_fds(true, fds, n_fds) == n_fds); | |
263 | ||
264 | /* Randomized number of fds to keep, but at most every second */ | |
265 | n_keep = (random_u64() % (n_fds / 2)); | |
266 | ||
267 | /* Now randomly select a number of fds from the array above to keep */ | |
268 | assert_se(keep = new(int, n_keep)); | |
269 | for (size_t k = 0; k < n_keep; k++) { | |
270 | for (;;) { | |
271 | size_t p; | |
272 | ||
273 | p = random_u64() % n_fds; | |
274 | if (fds[p] >= 0) { | |
275 | keep[k] = TAKE_FD(fds[p]); | |
276 | break; | |
277 | } | |
278 | } | |
279 | } | |
280 | ||
281 | /* Check that all fds from both arrays are still open, and test how many in each are >= 0 */ | |
282 | assert_se(validate_fds(true, fds, n_fds) == n_fds - n_keep); | |
283 | assert_se(validate_fds(true, keep, n_keep) == n_keep); | |
284 | ||
285 | /* Close logging fd first, so that we don't confuse it by closing its fd */ | |
286 | log_close(); | |
287 | log_set_open_when_needed(true); | |
a3b00f91 | 288 | log_settle_target(); |
59c4bbfb LP |
289 | |
290 | /* Close all but the ones to keep */ | |
291 | assert_se(close_all_fds(keep, n_keep) >= 0); | |
292 | ||
293 | assert_se(validate_fds(false, fds, n_fds) == n_fds - n_keep); | |
294 | assert_se(validate_fds(true, keep, n_keep) == n_keep); | |
295 | ||
296 | /* Close everything else too! */ | |
297 | assert_se(close_all_fds(NULL, 0) >= 0); | |
298 | ||
299 | assert_se(validate_fds(false, fds, n_fds) == n_fds - n_keep); | |
300 | assert_se(validate_fds(false, keep, n_keep) == n_keep); | |
301 | ||
302 | log_set_open_when_needed(false); | |
303 | log_open(); | |
304 | } | |
305 | ||
b6891972 | 306 | static int seccomp_prohibit_close_range(void) { |
7a8288f6 | 307 | #if HAVE_SECCOMP && defined(__SNR_close_range) |
b6891972 LP |
308 | _cleanup_(seccomp_releasep) scmp_filter_ctx seccomp = NULL; |
309 | int r; | |
310 | ||
311 | r = seccomp_init_for_arch(&seccomp, SCMP_ARCH_NATIVE, SCMP_ACT_ALLOW); | |
312 | if (r < 0) | |
313 | return log_warning_errno(r, "Failed to acquire seccomp context, ignoring: %m"); | |
314 | ||
315 | r = seccomp_rule_add_exact( | |
316 | seccomp, | |
317 | SCMP_ACT_ERRNO(EPERM), | |
318 | SCMP_SYS(close_range), | |
319 | 0); | |
320 | if (r < 0) | |
321 | return log_warning_errno(r, "Failed to add close_range() rule, ignoring: %m"); | |
322 | ||
323 | r = seccomp_load(seccomp); | |
324 | if (r < 0) | |
325 | return log_warning_errno(r, "Failed to apply close_range() restrictions, ignoring: %m"); | |
326 | ||
327 | return 0; | |
328 | #else | |
a6f44d61 | 329 | return log_warning_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Seccomp support or close_range() syscall definition not available."); |
b6891972 LP |
330 | #endif |
331 | } | |
332 | ||
4f7452a8 | 333 | TEST(close_all_fds) { |
b6891972 LP |
334 | int r; |
335 | ||
336 | /* Runs the test four times. Once as is. Once with close_range() syscall blocked via seccomp, once | |
3ed332e7 ZJS |
337 | * with /proc/ overmounted, and once with the combination of both. This should trigger all fallbacks |
338 | * in the close_range_all() function. */ | |
b6891972 LP |
339 | |
340 | r = safe_fork("(caf-plain)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); | |
341 | if (r == 0) { | |
342 | test_close_all_fds_inner(); | |
343 | _exit(EXIT_SUCCESS); | |
344 | } | |
345 | assert_se(r >= 0); | |
346 | ||
3ed332e7 ZJS |
347 | if (geteuid() != 0) |
348 | return (void) log_tests_skipped("Lacking privileges for test with close_range() blocked and /proc/ overmounted"); | |
b6891972 LP |
349 | |
350 | r = safe_fork("(caf-noproc)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); | |
351 | if (r == 0) { | |
352 | r = mount_nofollow_verbose(LOG_WARNING, "tmpfs", "/proc", "tmpfs", 0, NULL); | |
353 | if (r < 0) | |
3ed332e7 | 354 | log_notice("Overmounting /proc/ didn't work, skipping close_all_fds() with masked /proc/."); |
b6891972 LP |
355 | else |
356 | test_close_all_fds_inner(); | |
357 | _exit(EXIT_SUCCESS); | |
358 | } | |
359 | assert_se(r >= 0); | |
360 | ||
3ed332e7 ZJS |
361 | if (!is_seccomp_available()) |
362 | return (void) log_tests_skipped("Seccomp not available"); | |
b6891972 LP |
363 | |
364 | r = safe_fork("(caf-seccomp)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); | |
365 | if (r == 0) { | |
366 | r = seccomp_prohibit_close_range(); | |
367 | if (r < 0) | |
368 | log_notice("Applying seccomp filter didn't work, skipping close_all_fds() test with masked close_range()."); | |
369 | else | |
370 | test_close_all_fds_inner(); | |
371 | ||
372 | _exit(EXIT_SUCCESS); | |
373 | } | |
374 | assert_se(r >= 0); | |
375 | ||
376 | r = safe_fork("(caf-scnp)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); | |
377 | if (r == 0) { | |
378 | r = seccomp_prohibit_close_range(); | |
379 | if (r < 0) | |
380 | log_notice("Applying seccomp filter didn't work, skipping close_all_fds() test with masked close_range()."); | |
381 | else { | |
382 | r = mount_nofollow_verbose(LOG_WARNING, "tmpfs", "/proc", "tmpfs", 0, NULL); | |
383 | if (r < 0) | |
3ed332e7 | 384 | log_notice("Overmounting /proc/ didn't work, skipping close_all_fds() with masked /proc/."); |
b6891972 LP |
385 | else |
386 | test_close_all_fds_inner(); | |
387 | } | |
388 | ||
389 | test_close_all_fds_inner(); | |
390 | _exit(EXIT_SUCCESS); | |
391 | } | |
392 | assert_se(r >= 0); | |
393 | } | |
394 | ||
4f7452a8 | 395 | TEST(format_proc_fd_path) { |
7b9da386 LP |
396 | assert_se(streq_ptr(FORMAT_PROC_FD_PATH(0), "/proc/self/fd/0")); |
397 | assert_se(streq_ptr(FORMAT_PROC_FD_PATH(1), "/proc/self/fd/1")); | |
398 | assert_se(streq_ptr(FORMAT_PROC_FD_PATH(2), "/proc/self/fd/2")); | |
399 | assert_se(streq_ptr(FORMAT_PROC_FD_PATH(3), "/proc/self/fd/3")); | |
400 | assert_se(streq_ptr(FORMAT_PROC_FD_PATH(2147483647), "/proc/self/fd/2147483647")); | |
48a01cd9 LP |
401 | } |
402 | ||
4f7452a8 | 403 | TEST(fd_reopen) { |
254d1313 | 404 | _cleanup_close_ int fd1 = -EBADF, fd2 = -EBADF; |
61fb966c LP |
405 | struct stat st1, st2; |
406 | int fl; | |
407 | ||
408 | /* Test this with a directory */ | |
409 | fd1 = open("/proc", O_DIRECTORY|O_PATH|O_CLOEXEC); | |
410 | assert_se(fd1 >= 0); | |
411 | ||
412 | assert_se(fstat(fd1, &st1) >= 0); | |
413 | assert_se(S_ISDIR(st1.st_mode)); | |
414 | ||
415 | fl = fcntl(fd1, F_GETFL); | |
416 | assert_se(fl >= 0); | |
417 | assert_se(FLAGS_SET(fl, O_DIRECTORY)); | |
418 | assert_se(FLAGS_SET(fl, O_PATH)); | |
419 | ||
fdb583e6 LP |
420 | /* fd_reopen() with O_NOFOLLOW will systematically fail, since it is implemented via a symlink in /proc/self/fd/ */ |
421 | assert_se(fd_reopen(fd1, O_RDONLY|O_CLOEXEC|O_NOFOLLOW) == -ELOOP); | |
422 | assert_se(fd_reopen(fd1, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW) == -ELOOP); | |
423 | ||
61fb966c LP |
424 | fd2 = fd_reopen(fd1, O_RDONLY|O_DIRECTORY|O_CLOEXEC); /* drop the O_PATH */ |
425 | assert_se(fd2 >= 0); | |
426 | ||
427 | assert_se(fstat(fd2, &st2) >= 0); | |
428 | assert_se(S_ISDIR(st2.st_mode)); | |
09a7cef5 | 429 | assert_se(stat_inode_same(&st1, &st2)); |
61fb966c LP |
430 | |
431 | fl = fcntl(fd2, F_GETFL); | |
432 | assert_se(fl >= 0); | |
433 | assert_se(FLAGS_SET(fl, O_DIRECTORY)); | |
434 | assert_se(!FLAGS_SET(fl, O_PATH)); | |
435 | ||
436 | safe_close(fd1); | |
437 | ||
438 | fd1 = fd_reopen(fd2, O_DIRECTORY|O_PATH|O_CLOEXEC); /* reacquire the O_PATH */ | |
439 | assert_se(fd1 >= 0); | |
440 | ||
441 | assert_se(fstat(fd1, &st1) >= 0); | |
442 | assert_se(S_ISDIR(st1.st_mode)); | |
09a7cef5 | 443 | assert_se(stat_inode_same(&st1, &st2)); |
61fb966c LP |
444 | |
445 | fl = fcntl(fd1, F_GETFL); | |
446 | assert_se(fl >= 0); | |
447 | assert_se(FLAGS_SET(fl, O_DIRECTORY)); | |
448 | assert_se(FLAGS_SET(fl, O_PATH)); | |
449 | ||
450 | safe_close(fd1); | |
451 | ||
452 | /* And now, test this with a file. */ | |
453 | fd1 = open("/proc/version", O_PATH|O_CLOEXEC); | |
454 | assert_se(fd1 >= 0); | |
455 | ||
456 | assert_se(fstat(fd1, &st1) >= 0); | |
457 | assert_se(S_ISREG(st1.st_mode)); | |
458 | ||
459 | fl = fcntl(fd1, F_GETFL); | |
460 | assert_se(fl >= 0); | |
461 | assert_se(!FLAGS_SET(fl, O_DIRECTORY)); | |
462 | assert_se(FLAGS_SET(fl, O_PATH)); | |
463 | ||
464 | assert_se(fd_reopen(fd1, O_RDONLY|O_DIRECTORY|O_CLOEXEC) == -ENOTDIR); | |
465 | fd2 = fd_reopen(fd1, O_RDONLY|O_CLOEXEC); /* drop the O_PATH */ | |
466 | assert_se(fd2 >= 0); | |
467 | ||
468 | assert_se(fstat(fd2, &st2) >= 0); | |
469 | assert_se(S_ISREG(st2.st_mode)); | |
09a7cef5 | 470 | assert_se(stat_inode_same(&st1, &st2)); |
61fb966c LP |
471 | |
472 | fl = fcntl(fd2, F_GETFL); | |
473 | assert_se(fl >= 0); | |
474 | assert_se(!FLAGS_SET(fl, O_DIRECTORY)); | |
475 | assert_se(!FLAGS_SET(fl, O_PATH)); | |
476 | ||
477 | safe_close(fd1); | |
478 | ||
479 | assert_se(fd_reopen(fd2, O_DIRECTORY|O_PATH|O_CLOEXEC) == -ENOTDIR); | |
480 | fd1 = fd_reopen(fd2, O_PATH|O_CLOEXEC); /* reacquire the O_PATH */ | |
481 | assert_se(fd1 >= 0); | |
482 | ||
483 | assert_se(fstat(fd1, &st1) >= 0); | |
484 | assert_se(S_ISREG(st1.st_mode)); | |
09a7cef5 | 485 | assert_se(stat_inode_same(&st1, &st2)); |
61fb966c LP |
486 | |
487 | fl = fcntl(fd1, F_GETFL); | |
488 | assert_se(fl >= 0); | |
489 | assert_se(!FLAGS_SET(fl, O_DIRECTORY)); | |
490 | assert_se(FLAGS_SET(fl, O_PATH)); | |
491 | ||
492 | /* Also check the right error is generated if the fd is already closed */ | |
493 | safe_close(fd1); | |
494 | assert_se(fd_reopen(fd1, O_RDONLY|O_CLOEXEC) == -EBADF); | |
254d1313 | 495 | fd1 = -EBADF; |
fdb583e6 LP |
496 | |
497 | /* Validate what happens if we reopen a symlink */ | |
498 | fd1 = open("/proc/self", O_PATH|O_CLOEXEC|O_NOFOLLOW); | |
499 | assert_se(fd1 >= 0); | |
500 | assert_se(fstat(fd1, &st1) >= 0); | |
501 | assert_se(S_ISLNK(st1.st_mode)); | |
502 | ||
503 | fd2 = fd_reopen(fd1, O_PATH|O_CLOEXEC); | |
504 | assert_se(fd2 >= 0); | |
505 | assert_se(fstat(fd2, &st2) >= 0); | |
506 | assert_se(S_ISLNK(st2.st_mode)); | |
507 | assert_se(stat_inode_same(&st1, &st2)); | |
508 | fd2 = safe_close(fd2); | |
509 | ||
510 | /* So here's the thing: if we have an O_PATH fd to a symlink, we *cannot* convert it to a regular fd | |
511 | * with that. i.e. you cannot have the VFS follow a symlink pinned via an O_PATH fd. */ | |
512 | assert_se(fd_reopen(fd1, O_RDONLY|O_CLOEXEC) == -ELOOP); | |
61fb966c LP |
513 | } |
514 | ||
5f5865f0 | 515 | TEST(fd_reopen_condition) { |
254d1313 | 516 | _cleanup_close_ int fd1 = -EBADF, fd3 = -EBADF; |
5f5865f0 LP |
517 | int fd2, fl; |
518 | ||
519 | /* Open without O_PATH */ | |
520 | fd1 = open("/usr/", O_RDONLY|O_DIRECTORY|O_CLOEXEC); | |
521 | assert_se(fd1 >= 0); | |
522 | ||
523 | fl = fcntl(fd1, F_GETFL); | |
524 | assert_se(FLAGS_SET(fl, O_DIRECTORY)); | |
525 | assert_se(!FLAGS_SET(fl, O_PATH)); | |
526 | ||
527 | fd2 = fd_reopen_condition(fd1, O_DIRECTORY, O_DIRECTORY|O_PATH, &fd3); | |
528 | assert_se(fd2 == fd1); | |
529 | assert_se(fd3 < 0); | |
530 | ||
531 | /* Switch on O_PATH */ | |
532 | fd2 = fd_reopen_condition(fd1, O_DIRECTORY|O_PATH, O_DIRECTORY|O_PATH, &fd3); | |
533 | assert_se(fd2 != fd1); | |
534 | assert_se(fd3 == fd2); | |
535 | ||
536 | fl = fcntl(fd2, F_GETFL); | |
537 | assert_se(FLAGS_SET(fl, O_DIRECTORY)); | |
538 | assert_se(FLAGS_SET(fl, O_PATH)); | |
539 | ||
540 | close_and_replace(fd1, fd3); | |
541 | ||
542 | fd2 = fd_reopen_condition(fd1, O_DIRECTORY|O_PATH, O_DIRECTORY|O_PATH, &fd3); | |
543 | assert_se(fd2 == fd1); | |
544 | assert_se(fd3 < 0); | |
545 | ||
546 | /* Switch off O_PATH again */ | |
547 | fd2 = fd_reopen_condition(fd1, O_DIRECTORY, O_DIRECTORY|O_PATH, &fd3); | |
548 | assert_se(fd2 != fd1); | |
549 | assert_se(fd3 == fd2); | |
550 | ||
551 | fl = fcntl(fd2, F_GETFL); | |
552 | assert_se(FLAGS_SET(fl, O_DIRECTORY)); | |
553 | assert_se(!FLAGS_SET(fl, O_PATH)); | |
554 | ||
555 | close_and_replace(fd1, fd3); | |
556 | ||
557 | fd2 = fd_reopen_condition(fd1, O_DIRECTORY, O_DIRECTORY|O_PATH, &fd3); | |
558 | assert_se(fd2 == fd1); | |
559 | assert_se(fd3 < 0); | |
560 | } | |
561 | ||
4f7452a8 | 562 | TEST(take_fd) { |
254d1313 | 563 | _cleanup_close_ int fd1 = -EBADF, fd2 = -EBADF; |
71136404 | 564 | int array[2] = EBADF_PAIR, i = 0; |
a70877d8 | 565 | |
254d1313 ZJS |
566 | assert_se(fd1 == -EBADF); |
567 | assert_se(fd2 == -EBADF); | |
a70877d8 LP |
568 | |
569 | fd1 = eventfd(0, EFD_CLOEXEC); | |
570 | assert_se(fd1 >= 0); | |
571 | ||
572 | fd2 = TAKE_FD(fd1); | |
254d1313 | 573 | assert_se(fd1 == -EBADF); |
a70877d8 LP |
574 | assert_se(fd2 >= 0); |
575 | ||
254d1313 ZJS |
576 | assert_se(array[0] == -EBADF); |
577 | assert_se(array[1] == -EBADF); | |
a70877d8 LP |
578 | |
579 | array[0] = TAKE_FD(fd2); | |
254d1313 ZJS |
580 | assert_se(fd1 == -EBADF); |
581 | assert_se(fd2 == -EBADF); | |
a70877d8 | 582 | assert_se(array[0] >= 0); |
254d1313 | 583 | assert_se(array[1] == -EBADF); |
a70877d8 LP |
584 | |
585 | array[1] = TAKE_FD(array[i]); | |
254d1313 | 586 | assert_se(array[0] == -EBADF); |
a70877d8 LP |
587 | assert_se(array[1] >= 0); |
588 | ||
589 | i = 1 - i; | |
590 | array[0] = TAKE_FD(*(array + i)); | |
591 | assert_se(array[0] >= 0); | |
254d1313 | 592 | assert_se(array[1] == -EBADF); |
a70877d8 LP |
593 | |
594 | i = 1 - i; | |
595 | fd1 = TAKE_FD(array[i]); | |
596 | assert_se(fd1 >= 0); | |
254d1313 ZJS |
597 | assert_se(array[0] == -EBADF); |
598 | assert_se(array[1] == -EBADF); | |
a70877d8 LP |
599 | } |
600 | ||
af423b4b DDM |
601 | TEST(dir_fd_is_root) { |
602 | _cleanup_close_ int fd = -EBADF; | |
58dfcc57 | 603 | int r; |
af423b4b | 604 | |
70650ae3 YW |
605 | assert_se(dir_fd_is_root_or_cwd(AT_FDCWD) > 0); |
606 | ||
af423b4b DDM |
607 | assert_se((fd = open("/", O_CLOEXEC|O_PATH|O_DIRECTORY|O_NOFOLLOW)) >= 0); |
608 | assert_se(dir_fd_is_root(fd) > 0); | |
70650ae3 | 609 | assert_se(dir_fd_is_root_or_cwd(fd) > 0); |
af423b4b DDM |
610 | |
611 | fd = safe_close(fd); | |
612 | ||
613 | assert_se((fd = open("/usr", O_CLOEXEC|O_PATH|O_DIRECTORY|O_NOFOLLOW)) >= 0); | |
614 | assert_se(dir_fd_is_root(fd) == 0); | |
70650ae3 | 615 | assert_se(dir_fd_is_root_or_cwd(fd) == 0); |
58dfcc57 YW |
616 | |
617 | r = detach_mount_namespace(); | |
618 | if (r < 0) | |
619 | return (void) log_tests_skipped_errno(r, "Failed to detach mount namespace"); | |
620 | ||
621 | _cleanup_(rm_rf_physical_and_freep) char *tmp = NULL; | |
622 | _cleanup_free_ char *x = NULL, *y = NULL; | |
623 | ||
624 | assert_se(mkdtemp_malloc("/tmp/test-mkdir-XXXXXX", &tmp) >= 0); | |
625 | assert_se(x = path_join(tmp, "x")); | |
626 | assert_se(y = path_join(tmp, "x/y")); | |
627 | assert_se(mkdir_p(y, 0755) >= 0); | |
628 | assert_se(mount_nofollow_verbose(LOG_DEBUG, x, y, NULL, MS_BIND, NULL) >= 0); | |
629 | ||
630 | fd = safe_close(fd); | |
631 | ||
632 | assert_se((fd = open(tmp, O_CLOEXEC|O_PATH|O_DIRECTORY|O_NOFOLLOW)) >= 0); | |
633 | assert_se(dir_fd_is_root(fd) == 0); | |
70650ae3 | 634 | assert_se(dir_fd_is_root_or_cwd(fd) == 0); |
58dfcc57 YW |
635 | |
636 | fd = safe_close(fd); | |
637 | ||
638 | assert_se((fd = open(x, O_CLOEXEC|O_PATH|O_DIRECTORY|O_NOFOLLOW)) >= 0); | |
639 | assert_se(dir_fd_is_root(fd) == 0); | |
70650ae3 | 640 | assert_se(dir_fd_is_root_or_cwd(fd) == 0); |
58dfcc57 YW |
641 | |
642 | fd = safe_close(fd); | |
643 | ||
644 | assert_se((fd = open(y, O_CLOEXEC|O_PATH|O_DIRECTORY|O_NOFOLLOW)) >= 0); | |
645 | assert_se(dir_fd_is_root(fd) == 0); | |
70650ae3 | 646 | assert_se(dir_fd_is_root_or_cwd(fd) == 0); |
af423b4b DDM |
647 | } |
648 | ||
8067fe86 YW |
649 | TEST(fd_get_path) { |
650 | _cleanup_(rm_rf_physical_and_freep) char *t = NULL; | |
651 | _cleanup_close_ int tfd = -EBADF, fd = -EBADF; | |
652 | _cleanup_free_ char *p = NULL, *q = NULL, *saved_cwd = NULL; | |
653 | ||
654 | tfd = mkdtemp_open(NULL, O_PATH, &t); | |
655 | assert_se(tfd >= 0); | |
656 | assert_se(fd_get_path(tfd, &p) >= 0); | |
657 | assert_se(streq(p, t)); | |
658 | ||
659 | p = mfree(p); | |
660 | ||
661 | assert_se(safe_getcwd(&saved_cwd) >= 0); | |
662 | assert_se(chdir(t) >= 0); | |
663 | ||
46693a79 YW |
664 | assert_se(fd_get_path(AT_FDCWD, &p) >= 0); |
665 | assert_se(streq(p, t)); | |
666 | ||
667 | p = mfree(p); | |
668 | ||
8067fe86 YW |
669 | assert_se(q = path_join(t, "regular")); |
670 | assert_se(touch(q) >= 0); | |
671 | assert_se(mkdirat_parents(tfd, "subdir/symlink", 0755) >= 0); | |
672 | assert_se(symlinkat("../regular", tfd, "subdir/symlink") >= 0); | |
673 | assert_se(symlinkat("subdir", tfd, "symdir") >= 0); | |
674 | ||
675 | fd = openat(tfd, "regular", O_CLOEXEC|O_PATH); | |
676 | assert_se(fd >= 0); | |
677 | assert_se(fd_get_path(fd, &p) >= 0); | |
678 | assert_se(streq(p, q)); | |
679 | ||
680 | p = mfree(p); | |
681 | fd = safe_close(fd); | |
682 | ||
683 | fd = openat(AT_FDCWD, "regular", O_CLOEXEC|O_PATH); | |
684 | assert_se(fd >= 0); | |
685 | assert_se(fd_get_path(fd, &p) >= 0); | |
686 | assert_se(streq(p, q)); | |
687 | ||
688 | p = mfree(p); | |
689 | fd = safe_close(fd); | |
690 | ||
691 | fd = openat(tfd, "subdir/symlink", O_CLOEXEC|O_PATH); | |
692 | assert_se(fd >= 0); | |
693 | assert_se(fd_verify_regular(fd) >= 0); | |
694 | assert_se(fd_get_path(fd, &p) >= 0); | |
695 | assert_se(streq(p, q)); | |
696 | ||
697 | p = mfree(p); | |
698 | fd = safe_close(fd); | |
699 | ||
700 | fd = openat(AT_FDCWD, "subdir/symlink", O_CLOEXEC|O_PATH); | |
701 | assert_se(fd >= 0); | |
702 | assert_se(fd_verify_regular(fd) >= 0); | |
703 | assert_se(fd_get_path(fd, &p) >= 0); | |
704 | assert_se(streq(p, q)); | |
705 | ||
706 | p = mfree(p); | |
707 | fd = safe_close(fd); | |
708 | ||
709 | fd = openat(tfd, "symdir//./symlink", O_CLOEXEC|O_PATH); | |
710 | assert_se(fd >= 0); | |
711 | assert_se(fd_verify_regular(fd) >= 0); | |
712 | assert_se(fd_get_path(fd, &p) >= 0); | |
713 | assert_se(streq(p, q)); | |
714 | ||
715 | p = mfree(p); | |
716 | fd = safe_close(fd); | |
717 | ||
718 | fd = openat(AT_FDCWD, "symdir//./symlink", O_CLOEXEC|O_PATH); | |
719 | assert_se(fd >= 0); | |
720 | assert_se(fd_verify_regular(fd) >= 0); | |
721 | assert_se(fd_get_path(fd, &p) >= 0); | |
722 | assert_se(streq(p, q)); | |
723 | ||
724 | p = mfree(p); | |
725 | q = mfree(q); | |
726 | fd = safe_close(fd); | |
727 | ||
728 | assert_se(q = path_join(t, "subdir/symlink")); | |
729 | fd = openat(tfd, "subdir/symlink", O_CLOEXEC|O_PATH|O_NOFOLLOW); | |
730 | assert_se(fd >= 0); | |
731 | assert_se(fd_verify_regular(fd) == -ELOOP); | |
732 | assert_se(fd_get_path(fd, &p) >= 0); | |
733 | assert_se(streq(p, q)); | |
734 | ||
735 | p = mfree(p); | |
736 | fd = safe_close(fd); | |
737 | ||
738 | fd = openat(AT_FDCWD, "subdir/symlink", O_CLOEXEC|O_PATH|O_NOFOLLOW); | |
739 | assert_se(fd >= 0); | |
740 | assert_se(fd_verify_regular(fd) == -ELOOP); | |
741 | assert_se(fd_get_path(fd, &p) >= 0); | |
742 | assert_se(streq(p, q)); | |
743 | ||
744 | p = mfree(p); | |
745 | fd = safe_close(fd); | |
746 | ||
747 | fd = openat(tfd, "symdir//./symlink", O_CLOEXEC|O_PATH|O_NOFOLLOW); | |
748 | assert_se(fd >= 0); | |
749 | assert_se(fd_verify_regular(fd) == -ELOOP); | |
750 | assert_se(fd_get_path(fd, &p) >= 0); | |
751 | assert_se(streq(p, q)); | |
752 | ||
753 | p = mfree(p); | |
754 | fd = safe_close(fd); | |
755 | ||
756 | fd = openat(AT_FDCWD, "symdir//./symlink", O_CLOEXEC|O_PATH|O_NOFOLLOW); | |
757 | assert_se(fd >= 0); | |
758 | assert_se(fd_verify_regular(fd) == -ELOOP); | |
759 | assert_se(fd_get_path(fd, &p) >= 0); | |
760 | assert_se(streq(p, q)); | |
761 | ||
762 | assert_se(chdir(saved_cwd) >= 0); | |
763 | } | |
764 | ||
4f7452a8 | 765 | DEFINE_TEST_MAIN(LOG_DEBUG); |