1 /*-
2 * Copyright (c) 2005 Robert N. M. Watson
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD$
27 */
28
29 #include <sys/types.h>
30 #include <sys/socket.h>
31 #include <sys/stat.h>
32 #include <sys/sysctl.h>
33 #include <sys/un.h>
34
35 #include <err.h>
36 #include <fcntl.h>
37 #include <limits.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42
43 /*
44 * UNIX domain sockets allow file descriptors to be passed via "ancillary
45 * data", or control messages. This regression test is intended to exercise
46 * this facility, both performing some basic tests that it operates, and also
47 * causing some kernel edge cases to execute, such as garbage collection when
48 * there are cyclic file descriptor references. Right now we test only with
49 * stream sockets, but ideally we'd also test with datagram sockets.
50 */
51
52 static void
domainsocketpair(const char * test,int * fdp)53 domainsocketpair(const char *test, int *fdp)
54 {
55
56 if (socketpair(PF_UNIX, SOCK_STREAM, 0, fdp) < 0)
57 err(-1, "%s: socketpair(PF_UNIX, SOCK_STREAM)", test);
58 }
59
60 static void
closesocketpair(int * fdp)61 closesocketpair(int *fdp)
62 {
63
64 close(fdp[0]);
65 close(fdp[1]);
66 }
67
68 static void
devnull(const char * test,int * fdp)69 devnull(const char *test, int *fdp)
70 {
71 int fd;
72
73 fd = open("/dev/null", O_RDONLY);
74 if (fd < 0)
75 err(-1, "%s: open(/dev/null)", test);
76 *fdp = fd;
77 }
78
79 static void
tempfile(const char * test,int * fdp)80 tempfile(const char *test, int *fdp)
81 {
82 char path[PATH_MAX];
83 int fd;
84
85 snprintf(path, PATH_MAX, "/tmp/unix_passfd.XXXXXXXXXXXXXXX");
86 fd = mkstemp(path);
87 if (fd < 0)
88 err(-1, "%s: mkstemp(%s)", test, path);
89 (void)unlink(path);
90 *fdp = fd;
91 }
92
93 static void
dofstat(const char * test,int fd,struct stat * sb)94 dofstat(const char *test, int fd, struct stat *sb)
95 {
96
97 if (fstat(fd, sb) < 0)
98 err(-1, "%s: fstat", test);
99 }
100
101 static void
samefile(const char * test,struct stat * sb1,struct stat * sb2)102 samefile(const char *test, struct stat *sb1, struct stat *sb2)
103 {
104
105 if (sb1->st_dev != sb2->st_dev)
106 errx(-1, "%s: samefile: different device", test);
107 if (sb1->st_ino != sb2->st_ino)
108 errx(-1, "%s: samefile: different inode", test);
109 }
110
111 static void
sendfd_payload(const char * test,int sockfd,int sendfd,void * payload,size_t paylen)112 sendfd_payload(const char *test, int sockfd, int sendfd,
113 void *payload, size_t paylen)
114 {
115 struct iovec iovec;
116 char message[CMSG_SPACE(sizeof(int))];
117 struct cmsghdr *cmsghdr;
118 struct msghdr msghdr;
119 ssize_t len;
120
121 bzero(&msghdr, sizeof(msghdr));
122 bzero(&message, sizeof(message));
123
124 msghdr.msg_control = message;
125 msghdr.msg_controllen = sizeof(message);
126
127 iovec.iov_base = payload;
128 iovec.iov_len = paylen;
129
130 msghdr.msg_iov = &iovec;
131 msghdr.msg_iovlen = 1;
132
133 cmsghdr = (struct cmsghdr *)message;
134 cmsghdr->cmsg_len = CMSG_LEN(sizeof(int));
135 cmsghdr->cmsg_level = SOL_SOCKET;
136 cmsghdr->cmsg_type = SCM_RIGHTS;
137 *(int *)CMSG_DATA(cmsghdr) = sendfd;
138
139 len = sendmsg(sockfd, &msghdr, 0);
140 if (len < 0)
141 err(-1, "%s: sendmsg", test);
142 if ((size_t)len != paylen)
143 errx(-1, "%s: sendmsg: %zd bytes sent", test, len);
144 }
145
146 static void
sendfd(const char * test,int sockfd,int sendfd)147 sendfd(const char *test, int sockfd, int sendfd)
148 {
149 char ch;
150
151 return (sendfd_payload(test, sockfd, sendfd, &ch, sizeof(ch)));
152 }
153
154 static void
recvfd_payload(const char * test,int sockfd,int * recvfd,void * buf,size_t buflen)155 recvfd_payload(const char *test, int sockfd, int *recvfd,
156 void *buf, size_t buflen)
157 {
158 struct cmsghdr *cmsghdr;
159 char message[CMSG_SPACE(SOCKCREDSIZE(CMGROUP_MAX)) + sizeof(int)];
160 struct msghdr msghdr;
161 struct iovec iovec;
162 ssize_t len;
163
164 bzero(&msghdr, sizeof(msghdr));
165
166 msghdr.msg_control = message;
167 msghdr.msg_controllen = sizeof(message);
168
169 iovec.iov_base = buf;
170 iovec.iov_len = buflen;
171
172 msghdr.msg_iov = &iovec;
173 msghdr.msg_iovlen = 1;
174
175 len = recvmsg(sockfd, &msghdr, 0);
176 if (len < 0)
177 err(-1, "%s: recvmsg", test);
178 if ((size_t)len != buflen)
179 errx(-1, "%s: recvmsg: %zd bytes received", test, len);
180
181 cmsghdr = CMSG_FIRSTHDR(&msghdr);
182 if (cmsghdr == NULL)
183 errx(-1, "%s: recvmsg: did not receive control message", test);
184 *recvfd = -1;
185 for (; cmsghdr != NULL; cmsghdr = CMSG_NXTHDR(&msghdr, cmsghdr)) {
186 if (cmsghdr->cmsg_level == SOL_SOCKET &&
187 cmsghdr->cmsg_type == SCM_RIGHTS &&
188 cmsghdr->cmsg_len == CMSG_LEN(sizeof(int))) {
189 *recvfd = *(int *)CMSG_DATA(cmsghdr);
190 if (*recvfd == -1)
191 errx(-1, "%s: recvmsg: received fd -1", test);
192 }
193 }
194 if (*recvfd == -1)
195 errx(-1, "%s: recvmsg: did not receive single-fd message",
196 test);
197 }
198
199 static void
recvfd(const char * test,int sockfd,int * recvfd)200 recvfd(const char *test, int sockfd, int *recvfd)
201 {
202 char ch;
203
204 return (recvfd_payload(test, sockfd, recvfd, &ch, sizeof(ch)));
205 }
206
207 int
main(void)208 main(void)
209 {
210 struct stat putfd_1_stat, putfd_2_stat, getfd_1_stat, getfd_2_stat;
211 int fd[2], putfd_1, putfd_2, getfd_1, getfd_2;
212 const char *test;
213
214 /*
215 * First test: put a temporary file into a UNIX domain socket, then
216 * take it out and make sure it's the same file. First time around,
217 * don't close the reference after sending.
218 */
219 test = "test1-simplesendfd";
220 printf("beginning %s\n", test);
221
222 domainsocketpair(test, fd);
223 tempfile(test, &putfd_1);
224 dofstat(test, putfd_1, &putfd_1_stat);
225 sendfd(test, fd[0], putfd_1);
226 recvfd(test, fd[1], &getfd_1);
227 dofstat(test, getfd_1, &getfd_1_stat);
228 samefile(test, &putfd_1_stat, &getfd_1_stat);
229 close(putfd_1);
230 close(getfd_1);
231 closesocketpair(fd);
232
233 printf("%s passed\n", test);
234
235 /*
236 * Second test: same as first, only close the file reference after
237 * sending, so that the only reference is the descriptor in the UNIX
238 * domain socket buffer.
239 */
240 test = "test2-sendandclose";
241 printf("beginning %s\n", test);
242
243 domainsocketpair(test, fd);
244 tempfile(test, &putfd_1);
245 dofstat(test, putfd_1, &putfd_1_stat);
246 sendfd(test, fd[0], putfd_1);
247 close(putfd_1);
248 recvfd(test, fd[1], &getfd_1);
249 dofstat(test, getfd_1, &getfd_1_stat);
250 samefile(test, &putfd_1_stat, &getfd_1_stat);
251 close(getfd_1);
252 closesocketpair(fd);
253
254 printf("%s passed\n", test);
255
256 /*
257 * Third test: put a temporary file into a UNIX domain socket, then
258 * close both endpoints causing garbage collection to kick off.
259 */
260 test = "test3-sendandcancel";
261 printf("beginning %s\n", test);
262
263 domainsocketpair(test, fd);
264 tempfile(test, &putfd_1);
265 sendfd(test, fd[0], putfd_1);
266 close(putfd_1);
267 closesocketpair(fd);
268
269 printf("%s passed\n", test);
270
271 /*
272 * Send two files. Then receive them. Make sure they are returned
273 * in the right order, and both get there.
274 */
275
276 test = "test4-twofile";
277 printf("beginning %s\n", test);
278
279 domainsocketpair(test, fd);
280 tempfile(test, &putfd_1);
281 tempfile(test, &putfd_2);
282 dofstat(test, putfd_1, &putfd_1_stat);
283 dofstat(test, putfd_2, &putfd_2_stat);
284 sendfd(test, fd[0], putfd_1);
285 sendfd(test, fd[0], putfd_2);
286 close(putfd_1);
287 close(putfd_2);
288 recvfd(test, fd[1], &getfd_1);
289 recvfd(test, fd[1], &getfd_2);
290 dofstat(test, getfd_1, &getfd_1_stat);
291 dofstat(test, getfd_2, &getfd_2_stat);
292 samefile(test, &putfd_1_stat, &getfd_1_stat);
293 samefile(test, &putfd_2_stat, &getfd_2_stat);
294 close(getfd_1);
295 close(getfd_2);
296 closesocketpair(fd);
297
298 printf("%s passed\n", test);
299
300 /*
301 * Big bundling test. Send an endpoint of the UNIX domain socket
302 * over itself, closing the door behind it.
303 */
304
305 test = "test5-bundle";
306 printf("beginning %s\n", test);
307
308 domainsocketpair(test, fd);
309
310 sendfd(test, fd[0], fd[0]);
311 close(fd[0]);
312 recvfd(test, fd[1], &getfd_1);
313 close(getfd_1);
314 close(fd[1]);
315
316 printf("%s passed\n", test);
317
318 /*
319 * Big bundling test part two: Send an endpoint of the UNIX domain
320 * socket over itself, close the door behind it, and never remove it
321 * from the other end.
322 */
323
324 test = "test6-bundlecancel";
325 printf("beginning %s\n", test);
326
327 domainsocketpair(test, fd);
328 sendfd(test, fd[0], fd[0]);
329 sendfd(test, fd[1], fd[0]);
330 closesocketpair(fd);
331
332 printf("%s passed\n", test);
333
334 /*
335 * Test for PR 151758: Send an character device over the UNIX
336 * domain socket and then close both sockets to orphan the
337 * device.
338 */
339
340 test = "test7-devfsorphan";
341 printf("beginning %s\n", test);
342
343 domainsocketpair(test, fd);
344 devnull(test, &putfd_1);
345 sendfd(test, fd[0], putfd_1);
346 close(putfd_1);
347 closesocketpair(fd);
348
349 printf("%s passed\n", test);
350
351 /*
352 * Test for PR 181741. Receiver sets LOCAL_CREDS, and kernel
353 * prepends a control message to the data. Sender sends large
354 * payload. Payload + SCM_RIGHTS + LOCAL_CREDS hit socket buffer
355 * limit, and receiver receives truncated data.
356 */
357 test = "test8-rights+creds+payload";
358 printf("beginning %s\n", test);
359
360 {
361 const int on = 1;
362 u_long sendspace;
363 size_t len;
364 void *buf;
365
366 len = sizeof(sendspace);
367 if (sysctlbyname("net.local.stream.sendspace", &sendspace,
368 &len, NULL, 0) < 0)
369 err(-1, "%s: sysctlbyname(net.local.stream.sendspace)",
370 test);
371
372 if ((buf = malloc(sendspace)) == NULL)
373 err(-1, "%s: malloc", test);
374
375 domainsocketpair(test, fd);
376 if (setsockopt(fd[1], 0, LOCAL_CREDS, &on, sizeof(on)) < 0)
377 err(-1, "%s: setsockopt(LOCAL_CREDS)", test);
378 tempfile(test, &putfd_1);
379 sendfd_payload(test, fd[0], putfd_1, buf, sendspace);
380 recvfd_payload(test, fd[1], &getfd_1, buf, sendspace);
381 close(putfd_1);
382 close(getfd_1);
383 closesocketpair(fd);
384 }
385
386 printf("%s passed\n", test);
387
388 return (0);
389 }
390