1*b7041c07Sderaadt /* $OpenBSD: main.c,v 1.11 2021/10/24 21:24:20 deraadt Exp $ */
270bd4cc8Ssemarie /*
370bd4cc8Ssemarie * Copyright (c) 2015 Sebastien Marie <semarie@openbsd.org>
470bd4cc8Ssemarie *
570bd4cc8Ssemarie * Permission to use, copy, modify, and distribute this software for any
670bd4cc8Ssemarie * purpose with or without fee is hereby granted, provided that the above
770bd4cc8Ssemarie * copyright notice and this permission notice appear in all copies.
870bd4cc8Ssemarie *
970bd4cc8Ssemarie * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
1070bd4cc8Ssemarie * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
1170bd4cc8Ssemarie * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
1270bd4cc8Ssemarie * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
1370bd4cc8Ssemarie * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
1470bd4cc8Ssemarie * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1570bd4cc8Ssemarie * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1670bd4cc8Ssemarie */
1770bd4cc8Ssemarie
1870bd4cc8Ssemarie #include <sys/mman.h>
1970bd4cc8Ssemarie #include <sys/resource.h>
2070bd4cc8Ssemarie #include <sys/socket.h>
2170bd4cc8Ssemarie #include <sys/stat.h>
2270bd4cc8Ssemarie #include <sys/time.h>
2370bd4cc8Ssemarie #include <sys/types.h>
2470bd4cc8Ssemarie #include <sys/wait.h>
2570bd4cc8Ssemarie
2670bd4cc8Ssemarie #include <err.h>
2770bd4cc8Ssemarie #include <errno.h>
2870bd4cc8Ssemarie #include <fcntl.h>
2970bd4cc8Ssemarie #include <limits.h>
3070bd4cc8Ssemarie #include <signal.h>
3170bd4cc8Ssemarie #include <stdarg.h>
3270bd4cc8Ssemarie #include <stdlib.h>
3370bd4cc8Ssemarie #include <stdio.h>
3470bd4cc8Ssemarie #include <string.h>
3570bd4cc8Ssemarie #include <time.h>
3670bd4cc8Ssemarie #include <unistd.h>
3770bd4cc8Ssemarie
3870bd4cc8Ssemarie #include "manager.h"
3970bd4cc8Ssemarie
40feae6f75Ssemarie void test_request_stdio(void);
414586e8ffSsemarie void test_request_tty(void);
424586e8ffSsemarie
4370bd4cc8Ssemarie static void
test_nop()4470bd4cc8Ssemarie test_nop()
4570bd4cc8Ssemarie {
4670bd4cc8Ssemarie /* nop */
4770bd4cc8Ssemarie }
4870bd4cc8Ssemarie
4970bd4cc8Ssemarie static void
test_inet()5070bd4cc8Ssemarie test_inet()
5170bd4cc8Ssemarie {
5270bd4cc8Ssemarie int fd = socket(AF_INET, SOCK_STREAM, 0);
5370bd4cc8Ssemarie int saved_errno = errno;
5470bd4cc8Ssemarie close(fd);
5570bd4cc8Ssemarie errno = saved_errno ? saved_errno : errno;
5670bd4cc8Ssemarie }
5770bd4cc8Ssemarie
5870bd4cc8Ssemarie static void
test_kill()5970bd4cc8Ssemarie test_kill()
6070bd4cc8Ssemarie {
6170bd4cc8Ssemarie kill(0, SIGINT);
6270bd4cc8Ssemarie }
6370bd4cc8Ssemarie
6470bd4cc8Ssemarie static void
test_pledge()6570bd4cc8Ssemarie test_pledge()
6670bd4cc8Ssemarie {
67ecbf7dd8Stb if (pledge("stdio rpath", NULL) != 0)
6870bd4cc8Ssemarie _exit(errno);
6970bd4cc8Ssemarie }
7070bd4cc8Ssemarie
7170bd4cc8Ssemarie static void
test_rpath()7270bd4cc8Ssemarie test_rpath()
7370bd4cc8Ssemarie {
7470bd4cc8Ssemarie int fd;
7570bd4cc8Ssemarie char data[512];
7670bd4cc8Ssemarie
77*b7041c07Sderaadt if ((fd = open("/dev/zero", O_RDONLY)) == -1)
7870bd4cc8Ssemarie _exit(errno);
7970bd4cc8Ssemarie
8070bd4cc8Ssemarie if (read(fd, data, sizeof(data)) == -1)
8170bd4cc8Ssemarie _exit(errno);
8270bd4cc8Ssemarie
8370bd4cc8Ssemarie close(fd);
8470bd4cc8Ssemarie }
8570bd4cc8Ssemarie
8670bd4cc8Ssemarie static void
test_wpath()8770bd4cc8Ssemarie test_wpath()
8870bd4cc8Ssemarie {
8970bd4cc8Ssemarie int fd;
9070bd4cc8Ssemarie char data[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
9170bd4cc8Ssemarie
92*b7041c07Sderaadt if ((fd = open("/dev/null", O_WRONLY)) == -1)
9370bd4cc8Ssemarie _exit(errno);
9470bd4cc8Ssemarie
9570bd4cc8Ssemarie if (write(fd, data, sizeof(data)) == -1)
9670bd4cc8Ssemarie _exit(errno);
9770bd4cc8Ssemarie
9870bd4cc8Ssemarie close(fd);
9970bd4cc8Ssemarie }
10070bd4cc8Ssemarie
10170bd4cc8Ssemarie static void
test_cpath()10270bd4cc8Ssemarie test_cpath()
10370bd4cc8Ssemarie {
10470bd4cc8Ssemarie const char filename[] = "/tmp/generic-test-cpath";
10570bd4cc8Ssemarie
10670bd4cc8Ssemarie if (mkdir(filename, S_IRWXU) == -1)
10770bd4cc8Ssemarie _exit(errno);
10870bd4cc8Ssemarie
10970bd4cc8Ssemarie if (rmdir(filename) == -1)
11070bd4cc8Ssemarie _exit(errno);
11170bd4cc8Ssemarie }
11270bd4cc8Ssemarie
11370bd4cc8Ssemarie int
main(int argc,char * argv[])11470bd4cc8Ssemarie main(int argc, char *argv[])
11570bd4cc8Ssemarie {
11670bd4cc8Ssemarie int ret = EXIT_SUCCESS;
11770bd4cc8Ssemarie
11870bd4cc8Ssemarie if (argc != 1)
11970bd4cc8Ssemarie errx(1, "usage: %s", argv[0]);
12070bd4cc8Ssemarie
12170bd4cc8Ssemarie /*
12270bd4cc8Ssemarie * testsuite
12370bd4cc8Ssemarie */
12470bd4cc8Ssemarie
12570bd4cc8Ssemarie /* _exit is always allowed, and nothing else under flags=0 */
1262172cb15Sbluhm start_test(&ret, "", test_nop);
1272172cb15Sbluhm start_test(&ret, "", test_inet);
12870bd4cc8Ssemarie
12970bd4cc8Ssemarie /* test coredump */
1302172cb15Sbluhm start_test(&ret, "abort", test_inet);
13170bd4cc8Ssemarie
132feae6f75Ssemarie /* inet under inet is ok (stdio is needed of close(2)) */
1332172cb15Sbluhm start_test(&ret, "stdio", test_inet);
1342172cb15Sbluhm start_test(&ret, "inet", test_inet);
1352172cb15Sbluhm start_test(&ret, "stdio inet", test_inet);
13670bd4cc8Ssemarie
137feae6f75Ssemarie /* kill under fattr is forbidden */
1382172cb15Sbluhm start_test(&ret, "fattr", test_kill);
13970bd4cc8Ssemarie
1408a3e8671Ssemarie /* kill under stdio is allowed */
1412172cb15Sbluhm start_test(&ret, "stdio", test_kill);
14270bd4cc8Ssemarie
143feae6f75Ssemarie /* stdio for open(2) */
1442172cb15Sbluhm start_test(&ret, "stdio rpath", test_rpath);
1452172cb15Sbluhm start_test(&ret, "stdio wpath", test_wpath);
1462172cb15Sbluhm start_test(&ret, "cpath", test_cpath);
14770bd4cc8Ssemarie
14870bd4cc8Ssemarie /*
14970bd4cc8Ssemarie * test pledge(2) arguments
15070bd4cc8Ssemarie */
15170bd4cc8Ssemarie /* same request */
1522172cb15Sbluhm start_test(&ret, "stdio rpath", test_pledge);
15370bd4cc8Ssemarie /* reduce request */
1542172cb15Sbluhm start_test(&ret, "stdio rpath wpath", test_pledge);
15570bd4cc8Ssemarie /* add request */
1562172cb15Sbluhm start_test(&ret, "stdio", test_pledge);
15770bd4cc8Ssemarie /* change request */
1582172cb15Sbluhm start_test(&ret, "stdio unix", test_pledge);
159feae6f75Ssemarie
160feae6f75Ssemarie /* stdio */
1612172cb15Sbluhm start_test(&ret, NULL, test_request_stdio);
16270bd4cc8Ssemarie
1634586e8ffSsemarie /* tty */
1642172cb15Sbluhm start_test(&ret, NULL, test_request_tty);
1654586e8ffSsemarie
16670bd4cc8Ssemarie return (ret);
16770bd4cc8Ssemarie }
168