1 /* $OpenBSD: main.c,v 1.11 2021/10/24 21:24:20 deraadt Exp $ */
2 /*
3 * Copyright (c) 2015 Sebastien Marie <semarie@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 #include <sys/mman.h>
19 #include <sys/resource.h>
20 #include <sys/socket.h>
21 #include <sys/stat.h>
22 #include <sys/time.h>
23 #include <sys/types.h>
24 #include <sys/wait.h>
25
26 #include <err.h>
27 #include <errno.h>
28 #include <fcntl.h>
29 #include <limits.h>
30 #include <signal.h>
31 #include <stdarg.h>
32 #include <stdlib.h>
33 #include <stdio.h>
34 #include <string.h>
35 #include <time.h>
36 #include <unistd.h>
37
38 #include "manager.h"
39
40 void test_request_stdio(void);
41 void test_request_tty(void);
42
43 static void
test_nop()44 test_nop()
45 {
46 /* nop */
47 }
48
49 static void
test_inet()50 test_inet()
51 {
52 int fd = socket(AF_INET, SOCK_STREAM, 0);
53 int saved_errno = errno;
54 close(fd);
55 errno = saved_errno ? saved_errno : errno;
56 }
57
58 static void
test_kill()59 test_kill()
60 {
61 kill(0, SIGINT);
62 }
63
64 static void
test_pledge()65 test_pledge()
66 {
67 if (pledge("stdio rpath", NULL) != 0)
68 _exit(errno);
69 }
70
71 static void
test_rpath()72 test_rpath()
73 {
74 int fd;
75 char data[512];
76
77 if ((fd = open("/dev/zero", O_RDONLY)) == -1)
78 _exit(errno);
79
80 if (read(fd, data, sizeof(data)) == -1)
81 _exit(errno);
82
83 close(fd);
84 }
85
86 static void
test_wpath()87 test_wpath()
88 {
89 int fd;
90 char data[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
91
92 if ((fd = open("/dev/null", O_WRONLY)) == -1)
93 _exit(errno);
94
95 if (write(fd, data, sizeof(data)) == -1)
96 _exit(errno);
97
98 close(fd);
99 }
100
101 static void
test_cpath()102 test_cpath()
103 {
104 const char filename[] = "/tmp/generic-test-cpath";
105
106 if (mkdir(filename, S_IRWXU) == -1)
107 _exit(errno);
108
109 if (rmdir(filename) == -1)
110 _exit(errno);
111 }
112
113 int
main(int argc,char * argv[])114 main(int argc, char *argv[])
115 {
116 int ret = EXIT_SUCCESS;
117
118 if (argc != 1)
119 errx(1, "usage: %s", argv[0]);
120
121 /*
122 * testsuite
123 */
124
125 /* _exit is always allowed, and nothing else under flags=0 */
126 start_test(&ret, "", test_nop);
127 start_test(&ret, "", test_inet);
128
129 /* test coredump */
130 start_test(&ret, "abort", test_inet);
131
132 /* inet under inet is ok (stdio is needed of close(2)) */
133 start_test(&ret, "stdio", test_inet);
134 start_test(&ret, "inet", test_inet);
135 start_test(&ret, "stdio inet", test_inet);
136
137 /* kill under fattr is forbidden */
138 start_test(&ret, "fattr", test_kill);
139
140 /* kill under stdio is allowed */
141 start_test(&ret, "stdio", test_kill);
142
143 /* stdio for open(2) */
144 start_test(&ret, "stdio rpath", test_rpath);
145 start_test(&ret, "stdio wpath", test_wpath);
146 start_test(&ret, "cpath", test_cpath);
147
148 /*
149 * test pledge(2) arguments
150 */
151 /* same request */
152 start_test(&ret, "stdio rpath", test_pledge);
153 /* reduce request */
154 start_test(&ret, "stdio rpath wpath", test_pledge);
155 /* add request */
156 start_test(&ret, "stdio", test_pledge);
157 /* change request */
158 start_test(&ret, "stdio unix", test_pledge);
159
160 /* stdio */
161 start_test(&ret, NULL, test_request_stdio);
162
163 /* tty */
164 start_test(&ret, NULL, test_request_tty);
165
166 return (ret);
167 }
168