t_msgctl.c revision 1.4
1 /* $NetBSD: t_msgctl.c,v 1.4 2014/02/27 00:59:50 joerg Exp $ */ 2 3 /*- 4 * Copyright (c) 2011 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jukka Ruohonen. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 #include <sys/cdefs.h> 32 __RCSID("$NetBSD: t_msgctl.c,v 1.4 2014/02/27 00:59:50 joerg Exp $"); 33 34 #include <sys/msg.h> 35 #include <sys/stat.h> 36 #include <sys/sysctl.h> 37 #include <sys/wait.h> 38 39 #include <atf-c.h> 40 #include <errno.h> 41 #include <pwd.h> 42 #include <stdio.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #include <sysexits.h> 46 #include <time.h> 47 #include <unistd.h> 48 49 #define MSG_KEY 12345689 50 #define MSG_MTYPE_1 0x41 51 52 struct msg { 53 long mtype; 54 char buf[3]; 55 }; 56 57 static void clean(void); 58 59 static void 60 clean(void) 61 { 62 int id; 63 64 if ((id = msgget(MSG_KEY, 0)) != -1) 65 (void)msgctl(id, IPC_RMID, 0); 66 } 67 68 ATF_TC_WITH_CLEANUP(msgctl_err); 69 ATF_TC_HEAD(msgctl_err, tc) 70 { 71 atf_tc_set_md_var(tc, "descr", "Test errors from msgctl(2)"); 72 } 73 74 ATF_TC_BODY(msgctl_err, tc) 75 { 76 const int cmd[] = { IPC_STAT, IPC_SET, IPC_RMID }; 77 struct msqid_ds msgds; 78 size_t i; 79 int id; 80 81 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 82 83 id = msgget(MSG_KEY, IPC_CREAT | 0600); 84 ATF_REQUIRE(id != -1); 85 86 errno = 0; 87 ATF_REQUIRE_ERRNO(EINVAL, msgctl(id, INT_MAX, &msgds) == -1); 88 89 errno = 0; 90 ATF_REQUIRE_ERRNO(EFAULT, msgctl(id, IPC_STAT, (void *)-1) == -1); 91 92 for (i = 0; i < __arraycount(cmd); i++) { 93 errno = 0; 94 ATF_REQUIRE_ERRNO(EINVAL, msgctl(-1, cmd[i], &msgds) == -1); 95 } 96 97 ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 98 } 99 100 ATF_TC_CLEANUP(msgctl_err, tc) 101 { 102 clean(); 103 } 104 105 ATF_TC_WITH_CLEANUP(msgctl_perm); 106 ATF_TC_HEAD(msgctl_perm, tc) 107 { 108 atf_tc_set_md_var(tc, "descr", "Test permissions with msgctl(2)"); 109 atf_tc_set_md_var(tc, "require.user", "root"); 110 } 111 112 ATF_TC_BODY(msgctl_perm, tc) 113 { 114 struct msqid_ds msgds; 115 struct passwd *pw; 116 pid_t pid; 117 int sta; 118 int id; 119 120 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 121 122 pw = getpwnam("nobody"); 123 id = msgget(MSG_KEY, IPC_CREAT | 0600); 124 125 ATF_REQUIRE(id != -1); 126 ATF_REQUIRE(pw != NULL); 127 ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 128 129 pid = fork(); 130 ATF_REQUIRE(pid >= 0); 131 132 if (pid == 0) { 133 134 if (setuid(pw->pw_uid) != 0) 135 _exit(EX_OSERR); 136 137 msgds.msg_perm.uid = getuid(); 138 msgds.msg_perm.gid = getgid(); 139 140 errno = 0; 141 142 if (msgctl(id, IPC_SET, &msgds) == 0) 143 _exit(EXIT_FAILURE); 144 145 if (errno != EPERM) 146 _exit(EXIT_FAILURE); 147 148 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 149 150 if (msgctl(id, IPC_STAT, &msgds) != 0) 151 _exit(EX_OSERR); 152 153 msgds.msg_qbytes = 1; 154 155 if (msgctl(id, IPC_SET, &msgds) == 0) 156 _exit(EXIT_FAILURE); 157 158 if (errno != EPERM) 159 _exit(EXIT_FAILURE); 160 161 _exit(EXIT_SUCCESS); 162 } 163 164 (void)wait(&sta); 165 166 if (WIFEXITED(sta) == 0) { 167 168 if (WEXITSTATUS(sta) == EX_OSERR) 169 atf_tc_fail("system call failed"); 170 171 if (WEXITSTATUS(sta) == EXIT_FAILURE) 172 atf_tc_fail("UID %u manipulated root's " 173 "message queue", pw->pw_uid); 174 } 175 176 ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 177 } 178 179 ATF_TC_CLEANUP(msgctl_perm, tc) 180 { 181 clean(); 182 } 183 184 ATF_TC_WITH_CLEANUP(msgctl_pid); 185 ATF_TC_HEAD(msgctl_pid, tc) 186 { 187 atf_tc_set_md_var(tc, "descr", "Test that PIDs are updated"); 188 } 189 190 ATF_TC_BODY(msgctl_pid, tc) 191 { 192 struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } }; 193 struct msqid_ds msgds; 194 int id, sta; 195 pid_t pid; 196 197 id = msgget(MSG_KEY, IPC_CREAT | 0600); 198 ATF_REQUIRE(id != -1); 199 200 pid = fork(); 201 ATF_REQUIRE(pid >= 0); 202 203 if (pid == 0) { 204 205 (void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); 206 207 _exit(EXIT_SUCCESS); 208 } 209 210 (void)sleep(1); 211 (void)wait(&sta); 212 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 213 214 ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 215 216 if (pid != msgds.msg_lspid) 217 atf_tc_fail("the PID of last msgsnd(2) was not updated"); 218 219 pid = fork(); 220 ATF_REQUIRE(pid >= 0); 221 222 if (pid == 0) { 223 224 (void)msgrcv(id, &msg, 225 sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT); 226 227 _exit(EXIT_SUCCESS); 228 } 229 230 (void)sleep(1); 231 (void)wait(&sta); 232 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 233 234 ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 235 236 if (pid != msgds.msg_lrpid) 237 atf_tc_fail("the PID of last msgrcv(2) was not updated"); 238 239 ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 240 } 241 242 ATF_TC_CLEANUP(msgctl_pid, tc) 243 { 244 clean(); 245 } 246 247 ATF_TC_WITH_CLEANUP(msgctl_set); 248 ATF_TC_HEAD(msgctl_set, tc) 249 { 250 atf_tc_set_md_var(tc, "descr", "Test msgctl(2) with IPC_SET"); 251 atf_tc_set_md_var(tc, "require.user", "root"); 252 } 253 254 ATF_TC_BODY(msgctl_set, tc) 255 { 256 struct msqid_ds msgds; 257 struct passwd *pw; 258 int id; 259 260 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 261 262 pw = getpwnam("nobody"); 263 id = msgget(MSG_KEY, IPC_CREAT | 0600); 264 265 ATF_REQUIRE(id != -1); 266 ATF_REQUIRE(pw != NULL); 267 ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 268 269 msgds.msg_perm.uid = pw->pw_uid; 270 271 if (msgctl(id, IPC_SET, &msgds) != 0) 272 atf_tc_fail("root failed to change the UID of message queue"); 273 274 msgds.msg_perm.uid = getuid(); 275 msgds.msg_perm.gid = pw->pw_gid; 276 277 if (msgctl(id, IPC_SET, &msgds) != 0) 278 atf_tc_fail("root failed to change the GID of message queue"); 279 280 /* 281 * Note: setting the qbytes to zero fails even as root. 282 */ 283 msgds.msg_qbytes = 1; 284 msgds.msg_perm.gid = getgid(); 285 286 if (msgctl(id, IPC_SET, &msgds) != 0) 287 atf_tc_fail("root failed to change qbytes of message queue"); 288 289 ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 290 } 291 292 ATF_TC_CLEANUP(msgctl_set, tc) 293 { 294 clean(); 295 } 296 297 ATF_TC_WITH_CLEANUP(msgctl_time); 298 ATF_TC_HEAD(msgctl_time, tc) 299 { 300 atf_tc_set_md_var(tc, "descr", "Test that access times are updated"); 301 } 302 303 ATF_TC_BODY(msgctl_time, tc) 304 { 305 struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } }; 306 struct msqid_ds msgds; 307 time_t t; 308 int id; 309 310 id = msgget(MSG_KEY, IPC_CREAT | 0600); 311 ATF_REQUIRE(id != -1); 312 313 t = time(NULL); 314 315 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 316 (void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); 317 (void)msgctl(id, IPC_STAT, &msgds); 318 319 if (llabs(t - msgds.msg_stime) > 1) 320 atf_tc_fail("time of last msgsnd(2) was not updated"); 321 322 if (msgds.msg_rtime != 0) 323 atf_tc_fail("time of last msgrcv(2) was updated incorrectly"); 324 325 t = time(NULL); 326 327 (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 328 (void)msgrcv(id, &msg, sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT); 329 (void)msgctl(id, IPC_STAT, &msgds); 330 331 if (llabs(t - msgds.msg_rtime) > 1) 332 atf_tc_fail("time of last msgrcv(2) was not updated"); 333 334 /* 335 * Note: this is non-zero even after the memset(3). 336 */ 337 if (msgds.msg_stime == 0) 338 atf_tc_fail("time of last msgsnd(2) was updated incorrectly"); 339 340 ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 341 } 342 343 ATF_TC_CLEANUP(msgctl_time, tc) 344 { 345 clean(); 346 } 347 348 ATF_TP_ADD_TCS(tp) 349 { 350 351 ATF_TP_ADD_TC(tp, msgctl_err); 352 ATF_TP_ADD_TC(tp, msgctl_perm); 353 ATF_TP_ADD_TC(tp, msgctl_pid); 354 ATF_TP_ADD_TC(tp, msgctl_set); 355 ATF_TP_ADD_TC(tp, msgctl_time); 356 357 return atf_no_error(); 358 } 359
Indexes created Thu Sep 25 16:09:42 GMT 2025