Unverified Commit e4aa4461 authored by Matthieu Buffet's avatar Matthieu Buffet Committed by Mickaël Salaün
Browse files

selftests/landlock: NULL-terminate unix pathname addresses 



The size of Unix pathname addresses is computed in selftests using
offsetof(struct sockaddr_un, sun_path) + strlen(xxx). It should have
been that +1, which makes addresses passed to the libc and kernel
non-NULL-terminated. unix_mkname_bsd() fixes that in Linux so there is
no harm, but just using sizeof(the address struct) should improve
readability.

Signed-off-by: default avatarMatthieu Buffet <matthieu@buffet.re>
Reviewed-by: default avatarGünther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20251202215141.689986-1-matthieu@buffet.re


Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
parent e1a57c33

tools/testing/selftests/landlock/fs_test.c

+11 −13
Original line number Diff line number Diff line
@@ -4362,22 +4362,24 @@ TEST_F_FORK(layout1, named_unix_domain_socket_ioctl) 
{

	const char *const path = file1_s1d1;

	int srv_fd, cli_fd, ruleset_fd;

	socklen_t size;

	struct sockaddr_un srv_un, cli_un;

	struct sockaddr_un srv_un = {

		.sun_family = AF_UNIX,

	};

	struct sockaddr_un cli_un = {

		.sun_family = AF_UNIX,

	};

	const struct landlock_ruleset_attr attr = {

		.handled_access_fs = LANDLOCK_ACCESS_FS_IOCTL_DEV,

	};



	/* Sets up a server */

	srv_un.sun_family = AF_UNIX;

	strncpy(srv_un.sun_path, path, sizeof(srv_un.sun_path));



	ASSERT_EQ(0, unlink(path));

	srv_fd = socket(AF_UNIX, SOCK_STREAM, 0);

	ASSERT_LE(0, srv_fd);



	size = offsetof(struct sockaddr_un, sun_path) + strlen(srv_un.sun_path);

	ASSERT_EQ(0, bind(srv_fd, (struct sockaddr *)&srv_un, size));

	strncpy(srv_un.sun_path, path, sizeof(srv_un.sun_path));

	ASSERT_EQ(0, bind(srv_fd, (struct sockaddr *)&srv_un, sizeof(srv_un)));



	ASSERT_EQ(0, listen(srv_fd, 10 /* qlen */));



	/* Enables Landlock. */
@@ -4387,16 +4389,12 @@ TEST_F_FORK(layout1, named_unix_domain_socket_ioctl) 
	ASSERT_EQ(0, close(ruleset_fd));



	/* Sets up a client connection to it */

	cli_un.sun_family = AF_UNIX;

	cli_fd = socket(AF_UNIX, SOCK_STREAM, 0);

	ASSERT_LE(0, cli_fd);



	bzero(&cli_un, sizeof(cli_un));

	cli_un.sun_family = AF_UNIX;

	strncpy(cli_un.sun_path, path, sizeof(cli_un.sun_path));

	size = offsetof(struct sockaddr_un, sun_path) + strlen(cli_un.sun_path);



	ASSERT_EQ(0, connect(cli_fd, (struct sockaddr *)&cli_un, size));

	ASSERT_EQ(0,

		  connect(cli_fd, (struct sockaddr *)&cli_un, sizeof(cli_un)));



	/* FIONREAD and other IOCTLs should not be forbidden. */

	EXPECT_EQ(0, test_fionread_ioctl(cli_fd));

tools/testing/selftests/landlock/scoped_abstract_unix_test.c

+9 −12
Original line number Diff line number Diff line
@@ -779,7 +779,6 @@ FIXTURE_TEARDOWN(various_address_sockets) 


TEST_F(various_address_sockets, scoped_pathname_sockets)

{

	socklen_t size_stream, size_dgram;

	pid_t child;

	int status;

	char buf_child, buf_parent;
@@ -798,12 +797,8 @@ TEST_F(various_address_sockets, scoped_pathname_sockets) 
	/* Pathname address. */

	snprintf(stream_pathname_addr.sun_path,

		 sizeof(stream_pathname_addr.sun_path), "%s", stream_path);

	size_stream = offsetof(struct sockaddr_un, sun_path) +

		      strlen(stream_pathname_addr.sun_path);

	snprintf(dgram_pathname_addr.sun_path,

		 sizeof(dgram_pathname_addr.sun_path), "%s", dgram_path);

	size_dgram = offsetof(struct sockaddr_un, sun_path) +

		     strlen(dgram_pathname_addr.sun_path);



	/* Abstract address. */

	memset(&stream_abstract_addr, 0, sizeof(stream_abstract_addr));
@@ -841,8 +836,9 @@ TEST_F(various_address_sockets, scoped_pathname_sockets) 
		/* Connects with pathname sockets. */

		stream_pathname_socket = socket(AF_UNIX, SOCK_STREAM, 0);

		ASSERT_LE(0, stream_pathname_socket);

		ASSERT_EQ(0, connect(stream_pathname_socket,

				     &stream_pathname_addr, size_stream));

		ASSERT_EQ(0,

			  connect(stream_pathname_socket, &stream_pathname_addr,

				  sizeof(stream_pathname_addr)));

		ASSERT_EQ(1, write(stream_pathname_socket, "b", 1));

		EXPECT_EQ(0, close(stream_pathname_socket));
@@ -850,12 +846,13 @@ TEST_F(various_address_sockets, scoped_pathname_sockets) 
		dgram_pathname_socket = socket(AF_UNIX, SOCK_DGRAM, 0);

		ASSERT_LE(0, dgram_pathname_socket);

		err = sendto(dgram_pathname_socket, "c", 1, 0,

			     &dgram_pathname_addr, size_dgram);

			     &dgram_pathname_addr, sizeof(dgram_pathname_addr));

		EXPECT_EQ(1, err);



		/* Sends with connection. */

		ASSERT_EQ(0, connect(dgram_pathname_socket,

				     &dgram_pathname_addr, size_dgram));

		ASSERT_EQ(0,

			  connect(dgram_pathname_socket, &dgram_pathname_addr,

				  sizeof(dgram_pathname_addr)));

		ASSERT_EQ(1, write(dgram_pathname_socket, "d", 1));

		EXPECT_EQ(0, close(dgram_pathname_socket));
@@ -910,13 +907,13 @@ TEST_F(various_address_sockets, scoped_pathname_sockets) 
	stream_pathname_socket = socket(AF_UNIX, SOCK_STREAM, 0);

	ASSERT_LE(0, stream_pathname_socket);

	ASSERT_EQ(0, bind(stream_pathname_socket, &stream_pathname_addr,

			  size_stream));

			  sizeof(stream_pathname_addr)));

	ASSERT_EQ(0, listen(stream_pathname_socket, backlog));



	dgram_pathname_socket = socket(AF_UNIX, SOCK_DGRAM, 0);

	ASSERT_LE(0, dgram_pathname_socket);

	ASSERT_EQ(0, bind(dgram_pathname_socket, &dgram_pathname_addr,

			  size_dgram));

			  sizeof(dgram_pathname_addr)));



	/* Sets up abstract servers. */

	stream_abstract_socket = socket(AF_UNIX, SOCK_STREAM, 0);