selftests/namespaces: first active reference count tests

Test that initial namespaces can be reopened via file handle. Initial
namespaces should always have a ref count of one from boot.

Link: https://patch.msgid.link/20251029-work-namespace-nstree-listns-v4-23-2e6f823ebdc0@kernel.org
Tested-by: syzbot@syzkaller.appspotmail.com
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/tools/testing/selftests/namespaces/.gitignore b/tools/testing/selftests/namespaces/.gitignore
index ccfb40837a7333feb6717381f34759261a3c61ad..100cc5bfef0491ea450457bacd44915706ada520 100644 (file)
--- a/tools/testing/selftests/namespaces/.gitignore
+++ b/tools/testing/selftests/namespaces/.gitignore
@@ -1,3 +1,4 @@
 nsid_test
 file_handle_test
 init_ino_test
+ns_active_ref_test

diff --git a/tools/testing/selftests/namespaces/Makefile b/tools/testing/selftests/namespaces/Makefile
index 5fe4b3dc07d3edfa0bdacdc4378a04f0559be9f8..5cea938cdde8b90017fe1a673c5616f4f433182e 100644 (file)
--- a/tools/testing/selftests/namespaces/Makefile
+++ b/tools/testing/selftests/namespaces/Makefile
@@ -1,7 +1,10 @@
 # SPDX-License-Identifier: GPL-2.0-only
 CFLAGS += -Wall -O0 -g $(KHDR_INCLUDES) $(TOOLS_INCLUDES)
+LDLIBS += -lcap
 
-TEST_GEN_PROGS := nsid_test file_handle_test init_ino_test
+TEST_GEN_PROGS := nsid_test file_handle_test init_ino_test ns_active_ref_test
 
 include ../lib.mk
 
+$(OUTPUT)/ns_active_ref_test: ../filesystems/utils.c
+

diff --git a/tools/testing/selftests/namespaces/ns_active_ref_test.c b/tools/testing/selftests/namespaces/ns_active_ref_test.c
new file mode 100644 (file)
index 0000000..21514a5
--- /dev/null
+++ b/tools/testing/selftests/namespaces/ns_active_ref_test.c
@@ -0,0 +1,74 @@
+// SPDX-License-Identifier: GPL-2.0
+#define _GNU_SOURCE
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <sched.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <linux/nsfs.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include "../kselftest_harness.h"
+#include "../filesystems/utils.h"
+
+#ifndef FD_NSFS_ROOT
+#define FD_NSFS_ROOT -10003 /* Root of the nsfs filesystem */
+#endif
+
+/*
+ * Test that initial namespaces can be reopened via file handle.
+ * Initial namespaces should have active ref count of 1 from boot.
+ */
+TEST(init_ns_always_active)
+{
+       struct file_handle *handle;
+       int mount_id;
+       int ret;
+       int fd1, fd2;
+       struct stat st1, st2;
+
+       handle = malloc(sizeof(*handle) + MAX_HANDLE_SZ);
+       ASSERT_NE(handle, NULL);
+
+       /* Open initial network namespace */
+       fd1 = open("/proc/1/ns/net", O_RDONLY);
+       ASSERT_GE(fd1, 0);
+
+       /* Get file handle for initial namespace */
+       handle->handle_bytes = MAX_HANDLE_SZ;
+       ret = name_to_handle_at(fd1, "", handle, &mount_id, AT_EMPTY_PATH);
+       if (ret < 0 && errno == EOPNOTSUPP) {
+               SKIP(free(handle); close(fd1);
+                    return, "nsfs doesn't support file handles");
+       }
+       ASSERT_EQ(ret, 0);
+
+       /* Close the namespace fd */
+       close(fd1);
+
+       /* Try to reopen via file handle - should succeed since init ns is always active */
+       fd2 = open_by_handle_at(FD_NSFS_ROOT, handle, O_RDONLY);
+       if (fd2 < 0 && (errno == EINVAL || errno == EOPNOTSUPP)) {
+               SKIP(free(handle);
+                    return, "open_by_handle_at with FD_NSFS_ROOT not supported");
+       }
+       ASSERT_GE(fd2, 0);
+
+       /* Verify we opened the same namespace */
+       fd1 = open("/proc/1/ns/net", O_RDONLY);
+       ASSERT_GE(fd1, 0);
+       ASSERT_EQ(fstat(fd1, &st1), 0);
+       ASSERT_EQ(fstat(fd2, &st2), 0);
+       ASSERT_EQ(st1.st_ino, st2.st_ino);
+
+       close(fd1);
+       close(fd2);
+       free(handle);
+}
+
+TEST_HARNESS_MAIN