From 13e6c35f25a1caa4d6539e47bcff9e18972d991c Mon Sep 17 00:00:00 2001 From: beck Date: Thu, 19 Jul 2018 06:40:22 +0000 Subject: [PATCH] Add regress test for inheritance of unveil's across fork to children --- regress/sys/kern/unveil/syscalls.c | 58 +++++++++++++++++------------- 1 file changed, 33 insertions(+), 25 deletions(-) diff --git a/regress/sys/kern/unveil/syscalls.c b/regress/sys/kern/unveil/syscalls.c index 8d58dc97d97..eeb58e3d7e1 100644 --- a/regress/sys/kern/unveil/syscalls.c +++ b/regress/sys/kern/unveil/syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: syscalls.c,v 1.9 2018/07/13 08:59:02 beck Exp $ */ +/* $OpenBSD: syscalls.c,v 1.10 2018/07/19 06:40:22 beck Exp $ */ /* * Copyright (c) 2017-2018 Bob Beck @@ -83,7 +83,7 @@ do_unveil2(void) } static int -runcompare(int (*func)(int)) +runcompare_internal(int (*func)(int), int fail_ok) { int unveil = 0, nonunveil = 0, status; pid_t pid = fork(); @@ -110,6 +110,10 @@ runcompare(int (*func)(int)) printf("[FAIL] nonunveil exited with signal %d\n", WTERMSIG(status)); goto fail; } + if (!fail_ok && (unveil || nonunveil)) { + printf("[FAIL] unveil = %d, nonunveil = %d\n", unveil, nonunveil); + goto fail; + } if (unveil == nonunveil) { printf("[SUCCESS] unveil = %d, nonunveil = %d\n", unveil, nonunveil); return 0; @@ -119,6 +123,12 @@ runcompare(int (*func)(int)) return 1; } +static int +runcompare(int (*func)(int)) +{ + return runcompare_internal(func, 1); +} + static int test_open(int do_uv) { @@ -666,6 +676,25 @@ test_chmod(int do_uv) return 0; } + + +static int +test_fork_body(int do_uv) +{ + UV_SHOULD_SUCCEED((open(uv_file1, O_RDWR|O_CREAT) == -1), "open after fork"); + UV_SHOULD_SUCCEED((opendir(uv_dir1) == NULL), "opendir after fork"); + UV_SHOULD_ENOENT((opendir(uv_dir2) == NULL), "opendir after fork"); + UV_SHOULD_ENOENT((open(uv_file2, O_RDWR|O_CREAT) == -1), "open after fork"); + return 0; +} +static int +test_fork() +{ + printf("testing fork inhertiance\n"); + do_unveil(); + return runcompare_internal(test_fork_body, 0); +} + static int test_exec(int do_uv) { @@ -680,6 +709,7 @@ test_exec(int do_uv) UV_SHOULD_SUCCEED((execve(argv[0], argv, environ) == -1), "execve"); return 0; } + static int test_exec2(int do_uv) { @@ -708,27 +738,6 @@ test_slash(int do_uv) return 0; } -static int -test_fork(int do_uv) -{ - int status; - if (do_uv) { - if (unveil("/etc/passswd", "r") == -1) - err(1, "%s:%d - unveil", __FILE__, __LINE__); - } - pid_t pid = fork(); - if (pid == 0) { - printf ("testing child\n"); - if (do_uv) { - if (open("/etc/hosts", O_RDONLY) != -1) - err(1, "open /etc/hosts worked"); - if (open("/etc/passwd", O_RDONLY) == -1) - err(1, "open /etc/passwd failed"); - } - exit(0); - } -} - int main (int argc, char *argv[]) { @@ -747,7 +756,6 @@ main (int argc, char *argv[]) UV_SHOULD_SUCCEED((mkdir(filename, 0777) == -1), "mkdir"); close(fd2); - failures += runcompare(test_open); failures += runcompare(test_opendir); failures += runcompare(test_noflags); @@ -770,6 +778,6 @@ main (int argc, char *argv[]) failures += runcompare(test_realpath); failures += runcompare(test_parent_dir); failures += runcompare(test_slash); - failures += runcompare(test_fork); + failures += runcompare_internal(test_fork, 0); exit(failures); } -- 2.20.1