Unverified Commit 861bdc63 authored by Alexander Mikhalitsyn's avatar Alexander Mikhalitsyn Committed by Christian Brauner
Browse files

selftests: net: extend SCM_PIDFD test to cover stale pidfds 



Extend SCM_PIDFD test scenarios to also cover dead task's
pidfd retrieval and reading its exit info.

Cc: linux-kselftest@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: netdev@vger.kernel.org
Cc: Shuah Khan <shuah@kernel.org>
Cc: David S. Miller <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Simon Horman <horms@kernel.org>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Kuniyuki Iwashima <kuniyu@google.com>
Cc: Lennart Poettering <mzxreary@0pointer.de>
Cc: Luca Boccassi <bluca@debian.org>
Cc: David Rheinsberg <david@readahead.eu>
Signed-off-by: default avatarAlexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Link: https://lore.kernel.org/20250703222314.309967-8-aleksandr.mikhalitsyn@canonical.com


Reviewed-by: default avatarChristian Brauner <brauner@kernel.org>
Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
parent c679d17d

tools/testing/selftests/net/af_unix/scm_pidfd.c

+173 −44
Original line number Diff line number Diff line
@@ -15,6 +15,7 @@ 
#include <sys/types.h>

#include <sys/wait.h>



#include "../../pidfd/pidfd.h"

#include "../../kselftest_harness.h"



#define clean_errno() (errno == 0 ? "None" : strerror(errno))
@@ -26,6 +27,8 @@ 
#define SCM_PIDFD 0x04

#endif



#define CHILD_EXIT_CODE_OK 123



static void child_die()

{

	exit(1);
@@ -126,16 +129,65 @@ static pid_t get_pid_from_fdinfo_file(int pidfd, const char *key, size_t keylen) 
	return result;

}



struct cmsg_data {

	struct ucred *ucred;

	int *pidfd;

};



static int parse_cmsg(struct msghdr *msg, struct cmsg_data *res)

{

	struct cmsghdr *cmsg;

	int data = 0;



	if (msg->msg_flags & (MSG_TRUNC | MSG_CTRUNC)) {

		log_err("recvmsg: truncated");

		return 1;

	}



	for (cmsg = CMSG_FIRSTHDR(msg); cmsg != NULL;

	     cmsg = CMSG_NXTHDR(msg, cmsg)) {

		if (cmsg->cmsg_level == SOL_SOCKET &&

		    cmsg->cmsg_type == SCM_PIDFD) {

			if (cmsg->cmsg_len < sizeof(*res->pidfd)) {

				log_err("CMSG parse: SCM_PIDFD wrong len");

				return 1;

			}



			res->pidfd = (void *)CMSG_DATA(cmsg);

		}



		if (cmsg->cmsg_level == SOL_SOCKET &&

		    cmsg->cmsg_type == SCM_CREDENTIALS) {

			if (cmsg->cmsg_len < sizeof(*res->ucred)) {

				log_err("CMSG parse: SCM_CREDENTIALS wrong len");

				return 1;

			}



			res->ucred = (void *)CMSG_DATA(cmsg);

		}

	}



	if (!res->pidfd) {

		log_err("CMSG parse: SCM_PIDFD not found");

		return 1;

	}



	if (!res->ucred) {

		log_err("CMSG parse: SCM_CREDENTIALS not found");

		return 1;

	}



	return 0;

}



static int cmsg_check(int fd)

{

	struct msghdr msg = { 0 };

	struct cmsghdr *cmsg;

	struct cmsg_data res;

	struct iovec iov;

	struct ucred *ucred = NULL;

	int data = 0;

	char control[CMSG_SPACE(sizeof(struct ucred)) +

		     CMSG_SPACE(sizeof(int))] = { 0 };

	int *pidfd = NULL;

	pid_t parent_pid;

	int err;
@@ -158,53 +210,99 @@ static int cmsg_check(int fd) 
		return 1;

	}



	for (cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL;

	     cmsg = CMSG_NXTHDR(&msg, cmsg)) {

		if (cmsg->cmsg_level == SOL_SOCKET &&

		    cmsg->cmsg_type == SCM_PIDFD) {

			if (cmsg->cmsg_len < sizeof(*pidfd)) {

				log_err("CMSG parse: SCM_PIDFD wrong len");

	/* send(pfd, "x", sizeof(char), 0) */

	if (data != 'x') {

		log_err("recvmsg: data corruption");

		return 1;

	}



			pidfd = (void *)CMSG_DATA(cmsg);

	if (parse_cmsg(&msg, &res)) {

		log_err("CMSG parse: parse_cmsg() failed");

		return 1;

	}



		if (cmsg->cmsg_level == SOL_SOCKET &&

		    cmsg->cmsg_type == SCM_CREDENTIALS) {

			if (cmsg->cmsg_len < sizeof(*ucred)) {

				log_err("CMSG parse: SCM_CREDENTIALS wrong len");

	/* pidfd from SCM_PIDFD should point to the parent process PID */

	parent_pid =

		get_pid_from_fdinfo_file(*res.pidfd, "Pid:", sizeof("Pid:") - 1);

	if (parent_pid != getppid()) {

		log_err("wrong SCM_PIDFD %d != %d", parent_pid, getppid());

		close(*res.pidfd);

		return 1;

	}



			ucred = (void *)CMSG_DATA(cmsg);

	close(*res.pidfd);

	return 0;

}



static int cmsg_check_dead(int fd, int expected_pid)

{

	int err;

	struct msghdr msg = { 0 };

	struct cmsg_data res;

	struct iovec iov;

	int data = 0;

	char control[CMSG_SPACE(sizeof(struct ucred)) +

		     CMSG_SPACE(sizeof(int))] = { 0 };

	pid_t client_pid;

	struct pidfd_info info = {

		.mask = PIDFD_INFO_EXIT,

	};



	iov.iov_base = &data;

	iov.iov_len = sizeof(data);



	msg.msg_iov = &iov;

	msg.msg_iovlen = 1;

	msg.msg_control = control;

	msg.msg_controllen = sizeof(control);



	err = recvmsg(fd, &msg, 0);

	if (err < 0) {

		log_err("recvmsg");

		return 1;

	}



	/* send(pfd, "x", sizeof(char), 0) */

	if (data != 'x') {

	if (msg.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) {

		log_err("recvmsg: truncated");

		return 1;

	}



	/* send(cfd, "y", sizeof(char), 0) */

	if (data != 'y') {

		log_err("recvmsg: data corruption");

		return 1;

	}



	if (!pidfd) {

		log_err("CMSG parse: SCM_PIDFD not found");

	if (parse_cmsg(&msg, &res)) {

		log_err("CMSG parse: parse_cmsg() failed");

		return 1;

	}



	if (!ucred) {

		log_err("CMSG parse: SCM_CREDENTIALS not found");

	/*

	 * pidfd from SCM_PIDFD should point to the client_pid.

	 * Let's read exit information and check if it's what

	 * we expect to see.

	 */

	if (ioctl(*res.pidfd, PIDFD_GET_INFO, &info)) {

		log_err("%s: ioctl(PIDFD_GET_INFO) failed", __func__);

		close(*res.pidfd);

		return 1;

	}



	/* pidfd from SCM_PIDFD should point to the parent process PID */

	parent_pid =

		get_pid_from_fdinfo_file(*pidfd, "Pid:", sizeof("Pid:") - 1);

	if (parent_pid != getppid()) {

		log_err("wrong SCM_PIDFD %d != %d", parent_pid, getppid());

	if (!(info.mask & PIDFD_INFO_EXIT)) {

		log_err("%s: No exit information from ioctl(PIDFD_GET_INFO)", __func__);

		close(*res.pidfd);

		return 1;

	}



	err = WIFEXITED(info.exit_code) ? WEXITSTATUS(info.exit_code) : 1;

	if (err != CHILD_EXIT_CODE_OK) {

		log_err("%s: wrong exit_code %d != %d", __func__, err, CHILD_EXIT_CODE_OK);

		close(*res.pidfd);

		return 1;

	}



	close(*res.pidfd);

	return 0;

}
@@ -291,6 +389,24 @@ static void fill_sockaddr(struct sock_addr *addr, bool abstract) 
	memcpy(sun_path_buf, addr->sock_name, strlen(addr->sock_name));

}



static int sk_enable_cred_pass(int sk)

{

	int on = 0;



	on = 1;

	if (setsockopt(sk, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) {

		log_err("Failed to set SO_PASSCRED");

		return 1;

	}



	if (setsockopt(sk, SOL_SOCKET, SO_PASSPIDFD, &on, sizeof(on))) {

		log_err("Failed to set SO_PASSPIDFD");

		return 1;

	}



	return 0;

}



static void client(FIXTURE_DATA(scm_pidfd) *self,

		   const FIXTURE_VARIANT(scm_pidfd) *variant)

{
@@ -299,7 +415,6 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, 
	struct ucred peer_cred;

	int peer_pidfd;

	pid_t peer_pid;

	int on = 0;



	cfd = socket(AF_UNIX, variant->type, 0);

	if (cfd < 0) {
@@ -322,14 +437,8 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, 
		child_die();

	}



	on = 1;

	if (setsockopt(cfd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) {

		log_err("Failed to set SO_PASSCRED");

		child_die();

	}



	if (setsockopt(cfd, SOL_SOCKET, SO_PASSPIDFD, &on, sizeof(on))) {

		log_err("Failed to set SO_PASSPIDFD");

	if (sk_enable_cred_pass(cfd)) {

		log_err("sk_enable_cred_pass() failed");

		child_die();

	}
@@ -340,6 +449,12 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, 
		child_die();

	}



	/* send something to the parent so it can receive SCM_PIDFD too and validate it */

	if (send(cfd, "y", sizeof(char), 0) == -1) {

		log_err("Failed to send(cfd, \"y\", sizeof(char), 0)");

		child_die();

	}



	/* skip further for SOCK_DGRAM as it's not applicable */

	if (variant->type == SOCK_DGRAM)

		return;
@@ -398,7 +513,13 @@ TEST_F(scm_pidfd, test) 
		close(self->server);

		close(self->startup_pipe[0]);

		client(self, variant);

		exit(0);



		/*

		 * It's a bit unusual, but in case of success we return non-zero

		 * exit code (CHILD_EXIT_CODE_OK) and then we expect to read it

		 * from ioctl(PIDFD_GET_INFO) in cmsg_check_dead().

		 */

		exit(CHILD_EXIT_CODE_OK);

	}

	close(self->startup_pipe[1]);
@@ -421,9 +542,17 @@ TEST_F(scm_pidfd, test) 
		ASSERT_NE(-1, err);

	}



	close(pfd);

	waitpid(self->client_pid, &child_status, 0);

	ASSERT_EQ(0, WIFEXITED(child_status) ? WEXITSTATUS(child_status) : 1);

	/* see comment before exit(CHILD_EXIT_CODE_OK) */

	ASSERT_EQ(CHILD_EXIT_CODE_OK, WIFEXITED(child_status) ? WEXITSTATUS(child_status) : 1);



	err = sk_enable_cred_pass(pfd);

	ASSERT_EQ(0, err);



	err = cmsg_check_dead(pfd, self->client_pid);

	ASSERT_EQ(0, err);



	close(pfd);

}



TEST_HARNESS_MAIN