1 1.1 kre /* $NetBSD: t_clofork.c,v 1.1 2025/07/17 19:50:40 kre Exp $ */ 2 1.1 kre 3 1.1 kre /*- 4 1.1 kre * Copyright (c) 2024 The NetBSD Foundation, Inc. 5 1.1 kre * All rights reserved. 6 1.1 kre * 7 1.1 kre * Redistribution and use in source and binary forms, with or without 8 1.1 kre * modification, are permitted provided that the following conditions 9 1.1 kre * are met: 10 1.1 kre * 1. Redistributions of source code must retain the above copyright 11 1.1 kre * notice, this list of conditions and the following disclaimer. 12 1.1 kre * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 kre * notice, this list of conditions and the following disclaimer in the 14 1.1 kre * documentation and/or other materials provided with the distribution. 15 1.1 kre * 16 1.1 kre * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 1.1 kre * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 1.1 kre * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 1.1 kre * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 1.1 kre * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 1.1 kre * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 1.1 kre * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 1.1 kre * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 1.1 kre * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 1.1 kre * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 1.1 kre * POSSIBILITY OF SUCH DAMAGE. 27 1.1 kre */ 28 1.1 kre 29 1.1 kre /* Adapted from t_cloexec.c */ 30 1.1 kre 31 1.1 kre #include <sys/cdefs.h> 32 1.1 kre 33 1.1 kre #include <sys/types.h> 34 1.1 kre 35 1.1 kre #include <sys/bitops.h> 36 1.1 kre #include <sys/event.h> 37 1.1 kre #include <sys/socket.h> 38 1.1 kre #include <sys/un.h> 39 1.1 kre #include <sys/wait.h> 40 1.1 kre 41 1.1 kre #include <atf-c.h> 42 1.1 kre #include <fcntl.h> 43 1.1 kre #include <limits.h> 44 1.1 kre #include <spawn.h> 45 1.1 kre #include <stdio.h> 46 1.1 kre #include <unistd.h> 47 1.1 kre 48 1.1 kre #include "h_macros.h" 49 1.1 kre 50 1.1 kre #if defined(O_CLOFORK) && O_CLOFORK != 0 51 1.1 kre /* 52 1.1 kre * Test close-on-fork as set in various ways 53 1.1 kre */ 54 1.1 kre 55 1.1 kre static int 56 1.1 kre open_via_accept4(void) 57 1.1 kre { 58 1.1 kre static const union { 59 1.1 kre struct sockaddr sa; 60 1.1 kre struct sockaddr_un sun; 61 1.1 kre } name = { .sun = { 62 1.1 kre .sun_family = AF_LOCAL, 63 1.1 kre .sun_path = "socket", 64 1.1 kre } }; 65 1.1 kre int slisten, saccept, c; 66 1.1 kre 67 1.1 kre /* 68 1.1 kre * Create a listening server socket and bind it to the path. 69 1.1 kre */ 70 1.1 kre RL(slisten = socket(PF_LOCAL, SOCK_STREAM, 0)); 71 1.1 kre RL(bind(slisten, &name.sa, sizeof(name))); 72 1.1 kre RL(listen(slisten, SOMAXCONN)); 73 1.1 kre 74 1.1 kre /* 75 1.1 kre * Create an active client socket and connect it to the path -- 76 1.1 kre * nonblocking, so we don't deadlock here. If connect doesn't 77 1.1 kre * succeed immediately, it had better fail immediately with 78 1.1 kre * EINPROGRESS. 79 1.1 kre */ 80 1.1 kre RL(c = socket(PF_LOCAL, SOCK_STREAM|SOCK_NONBLOCK, 0)); 81 1.1 kre if (connect(c, &name.sa, sizeof(name)) == -1) { 82 1.1 kre ATF_CHECK_EQ_MSG(errno, EINPROGRESS, "connect failed %d: %s", 83 1.1 kre errno, strerror(errno)); 84 1.1 kre } 85 1.1 kre 86 1.1 kre /* 87 1.1 kre * Accept a socket on the server side with SOCK_CLOFORK. 88 1.1 kre */ 89 1.1 kre RL(saccept = accept4(slisten, /*addr*/NULL, /*addrlen*/NULL, 90 1.1 kre SOCK_CLOFORK)); 91 1.1 kre return saccept; 92 1.1 kre } 93 1.1 kre 94 1.1 kre static int 95 1.1 kre open_via_clonedev(void) 96 1.1 kre { 97 1.1 kre int fd; 98 1.1 kre 99 1.1 kre RL(fd = open("/dev/drvctl", O_RDONLY|O_CLOFORK)); 100 1.1 kre 101 1.1 kre return fd; 102 1.1 kre } 103 1.1 kre 104 1.1 kre static int 105 1.1 kre open_via_dup3(void) 106 1.1 kre { 107 1.1 kre int fd3; 108 1.1 kre 109 1.1 kre RL(fd3 = dup3(STDIN_FILENO, 3, O_CLOFORK)); 110 1.1 kre ATF_REQUIRE_EQ_MSG(fd3, 3, "dup3(STDIN_FILENO, 3, ...)" 111 1.1 kre " failed to return 3: %d", fd3); 112 1.1 kre 113 1.1 kre return fd3; 114 1.1 kre } 115 1.1 kre 116 1.1 kre static int 117 1.1 kre open_via_fcntldupfd(void) 118 1.1 kre { 119 1.1 kre int fd; 120 1.1 kre 121 1.1 kre RL(fd = fcntl(STDIN_FILENO, F_DUPFD_CLOFORK, 0)); 122 1.1 kre 123 1.1 kre return fd; 124 1.1 kre } 125 1.1 kre 126 1.1 kre static int 127 1.1 kre open_via_kqueue(void) 128 1.1 kre { 129 1.1 kre int fd; 130 1.1 kre 131 1.1 kre RL(fd = kqueue1(O_CLOFORK)); 132 1.1 kre 133 1.1 kre return fd; 134 1.1 kre } 135 1.1 kre 136 1.1 kre static int 137 1.1 kre open_via_openclofork(void) 138 1.1 kre { 139 1.1 kre int fd; 140 1.1 kre 141 1.1 kre RL(fd = open("file", O_RDWR|O_CREAT|O_CLOFORK, 0644)); 142 1.1 kre 143 1.1 kre return fd; 144 1.1 kre } 145 1.1 kre 146 1.1 kre static int 147 1.1 kre open_via_openfcntlclofork(void) 148 1.1 kre { 149 1.1 kre int fd; 150 1.1 kre 151 1.1 kre RL(fd = open("file", O_RDWR|O_CREAT, 0644)); 152 1.1 kre RL(fcntl(fd, F_SETFD, FD_CLOFORK)); 153 1.1 kre 154 1.1 kre return fd; 155 1.1 kre } 156 1.1 kre 157 1.1 kre static int 158 1.1 kre open_via_pipe2rd(void) 159 1.1 kre { 160 1.1 kre int fd[2]; 161 1.1 kre 162 1.1 kre RL(pipe2(fd, O_CLOFORK)); 163 1.1 kre 164 1.1 kre return fd[0]; 165 1.1 kre } 166 1.1 kre 167 1.1 kre static int 168 1.1 kre open_via_pipe2wr(void) 169 1.1 kre { 170 1.1 kre int fd[2]; 171 1.1 kre 172 1.1 kre RL(pipe2(fd, O_CLOFORK)); 173 1.1 kre 174 1.1 kre return fd[1]; 175 1.1 kre } 176 1.1 kre 177 1.1 kre static int 178 1.1 kre open_via_paccept(void) 179 1.1 kre { 180 1.1 kre static const union { 181 1.1 kre struct sockaddr sa; 182 1.1 kre struct sockaddr_un sun; 183 1.1 kre } name = { .sun = { 184 1.1 kre .sun_family = AF_LOCAL, 185 1.1 kre .sun_path = "socket", 186 1.1 kre } }; 187 1.1 kre int slisten, saccept, c; 188 1.1 kre 189 1.1 kre /* 190 1.1 kre * Create a listening server socket and bind it to the path. 191 1.1 kre */ 192 1.1 kre RL(slisten = socket(PF_LOCAL, SOCK_STREAM, 0)); 193 1.1 kre RL(bind(slisten, &name.sa, sizeof(name))); 194 1.1 kre RL(listen(slisten, SOMAXCONN)); 195 1.1 kre 196 1.1 kre /* 197 1.1 kre * Create an active client socket and connect it to the path -- 198 1.1 kre * nonblocking, so we don't deadlock here. If connect doesn't 199 1.1 kre * succeed immediately, it had better fail immediately with 200 1.1 kre * EINPROGRESS. 201 1.1 kre */ 202 1.1 kre RL(c = socket(PF_LOCAL, SOCK_STREAM|SOCK_NONBLOCK, 0)); 203 1.1 kre if (connect(c, &name.sa, sizeof(name)) == -1) { 204 1.1 kre ATF_CHECK_EQ_MSG(errno, EINPROGRESS, "connect failed %d: %s", 205 1.1 kre errno, strerror(errno)); 206 1.1 kre } 207 1.1 kre 208 1.1 kre /* 209 1.1 kre * Accept a socket on the server side with SOCK_CLOFORK. 210 1.1 kre */ 211 1.1 kre RL(saccept = paccept(slisten, /*addr*/NULL, /*addrlen*/NULL, 212 1.1 kre /*sigmask*/NULL, SOCK_CLOFORK)); 213 1.1 kre return saccept; 214 1.1 kre } 215 1.1 kre 216 1.1 kre static int 217 1.1 kre open_via_socket(void) 218 1.1 kre { 219 1.1 kre int fd; 220 1.1 kre 221 1.1 kre RL(fd = socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOFORK, 0)); 222 1.1 kre 223 1.1 kre return fd; 224 1.1 kre } 225 1.1 kre 226 1.1 kre static int 227 1.1 kre open_via_socketpair0(void) 228 1.1 kre { 229 1.1 kre int fd[2]; 230 1.1 kre 231 1.1 kre RL(socketpair(PF_LOCAL, SOCK_STREAM|SOCK_CLOFORK, 0, fd)); 232 1.1 kre 233 1.1 kre return fd[0]; 234 1.1 kre } 235 1.1 kre 236 1.1 kre static int 237 1.1 kre open_via_socketpair1(void) 238 1.1 kre { 239 1.1 kre int fd[2]; 240 1.1 kre 241 1.1 kre RL(socketpair(PF_LOCAL, SOCK_STREAM|SOCK_CLOFORK, 0, fd)); 242 1.1 kre 243 1.1 kre return fd[1]; 244 1.1 kre } 245 1.1 kre 246 1.1 kre static void 247 1.1 kre check_clofork(const struct atf_tc *tc, int fd, 248 1.1 kre pid_t (*execfn)(char *, char *const[])) 249 1.1 kre { 250 1.1 kre char h_clofork[PATH_MAX]; 251 1.1 kre char fdstr[(ilog2(INT_MAX) + 1)/(ilog2(10) - 1) + 1]; 252 1.1 kre char *const argv[] = {__UNCONST("h_cloexec"), fdstr, NULL}; 253 1.1 kre pid_t child, waitedpid; 254 1.1 kre int status; 255 1.1 kre 256 1.1 kre /* 257 1.1 kre * Format the h_clofork helper executable path, which lives in 258 1.1 kre * the test's directory (typically /usr/tests/kernel), and the 259 1.1 kre * argument of a file descriptor in decimal. 260 1.1 kre */ 261 1.1 kre snprintf(h_clofork, sizeof(h_clofork), "%s/h_cloexec", 262 1.1 kre atf_tc_get_config_var(tc, "srcdir")); 263 1.1 kre snprintf(fdstr, sizeof(fdstr), "%d", fd); 264 1.1 kre 265 1.1 kre /* 266 1.1 kre * Execute h_clofork as a subprocess. 267 1.1 kre */ 268 1.1 kre child = (*execfn)(h_clofork, argv); 269 1.1 kre 270 1.1 kre /* 271 1.1 kre * Wait for the child to complete. 272 1.1 kre */ 273 1.1 kre RL(waitedpid = waitpid(child, &status, 0)); 274 1.1 kre ATF_CHECK_EQ_MSG(child, waitedpid, "waited for %jd, got %jd", 275 1.1 kre (intmax_t)child, (intmax_t)waitedpid); 276 1.1 kre 277 1.1 kre /* 278 1.1 kre * Verify the child exited normally. 279 1.1 kre */ 280 1.1 kre if (WIFSIGNALED(status)) { 281 1.1 kre atf_tc_fail("subprocess terminated on signal %d", 282 1.1 kre WTERMSIG(status)); 283 1.1 kre return; 284 1.1 kre } else if (!WIFEXITED(status)) { 285 1.1 kre atf_tc_fail("subprocess failed to exit normally: status=0x%x", 286 1.1 kre status); 287 1.1 kre return; 288 1.1 kre } 289 1.1 kre 290 1.1 kre /* 291 1.1 kre * h_clofork is supposed to exit status 0 if an operation on 292 1.1 kre * the fd failed with EBADFD, 1 if it unexpectedly succeeded, 293 1.1 kre * 127 if exec returned, or something else if anything else 294 1.1 kre * happened. 295 1.1 kre */ 296 1.1 kre switch (WEXITSTATUS(status)) { 297 1.1 kre case 0: /* success -- closed on exec */ 298 1.1 kre return; 299 1.1 kre case 1: /* fail -- not closed on exec */ 300 1.1 kre atf_tc_fail("fd was not closed on exec"); 301 1.1 kre return; 302 1.1 kre case 127: /* exec failed */ 303 1.1 kre atf_tc_fail("failed to exec h_cloexec"); 304 1.1 kre return; 305 1.1 kre default: /* something else went wong */ 306 1.1 kre atf_tc_fail("h_cloexec failed unexpectedly: %d", 307 1.1 kre WEXITSTATUS(status)); 308 1.1 kre return; 309 1.1 kre } 310 1.1 kre } 311 1.1 kre 312 1.1 kre static pid_t 313 1.1 kre exec_via_forkexecve(char *prog, char *const argv[]) 314 1.1 kre { 315 1.1 kre pid_t pid; 316 1.1 kre 317 1.1 kre RL(pid = fork()); 318 1.1 kre if (pid == 0) { /* child */ 319 1.1 kre if (execve(prog, argv, /*envp*/NULL) == -1) 320 1.1 kre _exit(127); 321 1.1 kre abort(); 322 1.1 kre } 323 1.1 kre 324 1.1 kre /* parent */ 325 1.1 kre return pid; 326 1.1 kre } 327 1.1 kre 328 1.1 kre static pid_t 329 1.1 kre exec_via_vforkexecve(char *prog, char *const argv[]) 330 1.1 kre { 331 1.1 kre pid_t pid; 332 1.1 kre 333 1.1 kre RL(pid = vfork()); 334 1.1 kre if (pid == 0) { /* child */ 335 1.1 kre if (execve(prog, argv, /*envp*/NULL) == -1) 336 1.1 kre _exit(127); 337 1.1 kre abort(); 338 1.1 kre } 339 1.1 kre 340 1.1 kre /* parent */ 341 1.1 kre return pid; 342 1.1 kre } 343 1.1 kre 344 1.1 kre static pid_t 345 1.1 kre exec_via_posixspawn(char *prog, char *const argv[]) 346 1.1 kre { 347 1.1 kre pid_t pid; 348 1.1 kre 349 1.1 kre RZ(posix_spawn(&pid, prog, /*file_actions*/NULL, /*attrp*/NULL, argv, 350 1.1 kre /*envp*/NULL)); 351 1.1 kre 352 1.1 kre return pid; 353 1.1 kre } 354 1.1 kre 355 1.1 kre /* 356 1.1 kre * Full cartesian product is not really important here -- the paths for 357 1.1 kre * open and the paths for exec are independent. So we try 358 1.1 kre * pipe2(O_CLOFORK) with each exec path, and we try each open path with 359 1.1 kre * posix_spawn. 360 1.1 kre */ 361 1.1 kre 362 1.1 kre #define CLOFORK_TEST(test, openvia, execvia, descr) \ 363 1.1 kre ATF_TC(test); \ 364 1.1 kre ATF_TC_HEAD(test, tc) \ 365 1.1 kre { \ 366 1.1 kre atf_tc_set_md_var(tc, "descr", descr); \ 367 1.1 kre } \ 368 1.1 kre ATF_TC_BODY(test, tc) \ 369 1.1 kre { \ 370 1.1 kre check_clofork(tc, openvia(), &execvia); \ 371 1.1 kre } 372 1.1 kre 373 1.1 kre CLOFORK_TEST(pipe2rd_forkexecve, open_via_pipe2rd, exec_via_forkexecve, 374 1.1 kre "pipe2(O_CLOFORK) reader is closed in child on fork/exec") 375 1.1 kre CLOFORK_TEST(pipe2rd_vforkexecve, open_via_pipe2rd, exec_via_vforkexecve, 376 1.1 kre "pipe2(O_CLOFORK) reader is closed in child on vfork/exec") 377 1.1 kre CLOFORK_TEST(pipe2rd_posixspawn, open_via_pipe2rd, exec_via_posixspawn, 378 1.1 kre "pipe2(O_CLOFORK) reader is closed in child on posix_spawn") 379 1.1 kre 380 1.1 kre CLOFORK_TEST(accept4_posixspawn, open_via_accept4, exec_via_posixspawn, 381 1.1 kre "accept4(SOCK_CLOFORK) is closed in child on posix_spawn"); 382 1.1 kre CLOFORK_TEST(clonedev_posixspawn, open_via_clonedev, exec_via_posixspawn, 383 1.1 kre "open(\"/dev/drvctl\") is closed in child on posix_spawn"); 384 1.1 kre CLOFORK_TEST(dup3_posixspawn, open_via_dup3, exec_via_posixspawn, 385 1.1 kre "dup3(..., O_CLOFORK) is closed in child on posix_spawn"); 386 1.1 kre CLOFORK_TEST(fcntldupfd_posixspawn, open_via_fcntldupfd, exec_via_posixspawn, 387 1.1 kre "fcntl(STDIN_FILENO, F_DUPFD_CLOFORK) is closed in child on posix_spawn"); 388 1.1 kre CLOFORK_TEST(kqueue_posixspawn, open_via_kqueue, exec_via_posixspawn, 389 1.1 kre "kqueue1(O_CLOFORK) is closed in child on posix_spawn"); 390 1.1 kre CLOFORK_TEST(openclofork_posixspawn, open_via_openclofork, exec_via_posixspawn, 391 1.1 kre "open(O_CLOFORK) is closed in child on posix_spawn"); 392 1.1 kre CLOFORK_TEST(openfcntlclofork_posixspawn, open_via_openfcntlclofork, 393 1.1 kre exec_via_posixspawn, 394 1.1 kre "fcntl(open(...), F_SETFD, O_CLOFORK) is closed in child on posix_spawn"); 395 1.1 kre CLOFORK_TEST(pipe2wr_posixspawn, open_via_pipe2wr, exec_via_posixspawn, 396 1.1 kre "pipe2(O_CLOFORK) writer is closed in child on posix_spawn") 397 1.1 kre CLOFORK_TEST(paccept_posixspawn, open_via_paccept, exec_via_posixspawn, 398 1.1 kre "paccept(..., SOCK_CLOFORK) is closed in child on posix_spawn") 399 1.1 kre CLOFORK_TEST(socket_posixspawn, open_via_socket, exec_via_posixspawn, 400 1.1 kre "socket(SOCK_CLOFORK) is closed in child on posix_spawn") 401 1.1 kre CLOFORK_TEST(socketpair0_posixspawn, open_via_socketpair0, exec_via_posixspawn, 402 1.1 kre "socketpair(SOCK_CLOFORK) side 0 is closed in child on posix_spawn") 403 1.1 kre CLOFORK_TEST(socketpair1_posixspawn, open_via_socketpair1, exec_via_posixspawn, 404 1.1 kre "socketpair(SOCK_CLOFORK) side 1 is closed in child on posix_spawn") 405 1.1 kre 406 1.1 kre ATF_TP_ADD_TCS(tp) 407 1.1 kre { 408 1.1 kre 409 1.1 kre ATF_TP_ADD_TC(tp, accept4_posixspawn); 410 1.1 kre ATF_TP_ADD_TC(tp, clonedev_posixspawn); 411 1.1 kre ATF_TP_ADD_TC(tp, dup3_posixspawn); 412 1.1 kre ATF_TP_ADD_TC(tp, fcntldupfd_posixspawn); 413 1.1 kre ATF_TP_ADD_TC(tp, kqueue_posixspawn); 414 1.1 kre ATF_TP_ADD_TC(tp, openclofork_posixspawn); 415 1.1 kre ATF_TP_ADD_TC(tp, openfcntlclofork_posixspawn); 416 1.1 kre ATF_TP_ADD_TC(tp, paccept_posixspawn); 417 1.1 kre ATF_TP_ADD_TC(tp, pipe2rd_forkexecve); 418 1.1 kre ATF_TP_ADD_TC(tp, pipe2rd_posixspawn); 419 1.1 kre ATF_TP_ADD_TC(tp, pipe2rd_vforkexecve); 420 1.1 kre ATF_TP_ADD_TC(tp, pipe2wr_posixspawn); 421 1.1 kre ATF_TP_ADD_TC(tp, socket_posixspawn); 422 1.1 kre ATF_TP_ADD_TC(tp, socketpair0_posixspawn); 423 1.1 kre ATF_TP_ADD_TC(tp, socketpair1_posixspawn); 424 1.1 kre 425 1.1 kre return atf_no_error(); 426 1.1 kre } 427 1.1 kre 428 1.1 kre #else /* No O_CLOFORK */ 429 1.1 kre 430 1.1 kre ATF_TC(not_implemented); 431 1.1 kre ATF_TC_HEAD(not_implemented, tc) 432 1.1 kre { 433 1.1 kre atf_tc_set_md_var(tc, "descr", "Unimplemented O_CLOFORK"); 434 1.1 kre } 435 1.1 kre ATF_TC_BODY(not_implemented, tc) 436 1.1 kre { 437 1.1 kre atf_tc_skip("close-on-fork not yet available"); 438 1.1 kre } 439 1.1 kre ATF_TP_ADD_TCS(tp) 440 1.1 kre { 441 1.1 kre ATF_TP_ADD_TC(tp, not_implemented); 442 1.1 kre 443 1.1 kre return atf_no_error(); 444 1.1 kre } 445 1.1 kre #endif 446
Indexes created Sat Sep 20 22:09:52 GMT 2025