xref: /freebsd-src/contrib/netbsd-tests/lib/libc/sys/t_msgctl.c (revision 63d1fd5970ec814904aa0f4580b10a0d302d08b2) 
1 /* $NetBSD: t_msgctl.c,v 1.5 2017/01/13 20:44:45 christos Exp $ */
2 
3 /*-
4  * Copyright (c) 2011 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This code is derived from software contributed to The NetBSD Foundation
8  * by Jukka Ruohonen.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 #include <sys/cdefs.h>
32 __RCSID("$NetBSD: t_msgctl.c,v 1.5 2017/01/13 20:44:45 christos Exp $");
33 
34 #include <sys/msg.h>
35 #include <sys/stat.h>
36 #include <sys/sysctl.h>
37 #include <sys/wait.h>
38 
39 #include <atf-c.h>
40 #include <errno.h>
41 #include <limits.h>
42 #include <pwd.h>
43 #include <stdio.h>
44 #include <stdlib.h>
45 #include <string.h>
46 #include <sysexits.h>
47 #include <time.h>
48 #include <unistd.h>
49 
50 #ifdef __FreeBSD__
51 #include <limits.h>
52 #endif
53 
54 #define MSG_KEY		12345689
55 #define MSG_MTYPE_1	0x41
56 
57 struct msg {
58 	long		 mtype;
59 	char		 buf[3];
60 };
61 
62 static void		clean(void);
63 
64 static void
65 clean(void)
66 {
67 	int id;
68 
69 	if ((id = msgget(MSG_KEY, 0)) != -1)
70 		(void)msgctl(id, IPC_RMID, 0);
71 }
72 
73 ATF_TC_WITH_CLEANUP(msgctl_err);
74 ATF_TC_HEAD(msgctl_err, tc)
75 {
76 	atf_tc_set_md_var(tc, "descr", "Test errors from msgctl(2)");
77 }
78 
79 ATF_TC_BODY(msgctl_err, tc)
80 {
81 	const int cmd[] = { IPC_STAT, IPC_SET, IPC_RMID };
82 	struct msqid_ds msgds;
83 	size_t i;
84 	int id;
85 
86 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
87 
88 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
89 	ATF_REQUIRE(id != -1);
90 
91 	errno = 0;
92 	ATF_REQUIRE_ERRNO(EINVAL, msgctl(id, INT_MAX, &msgds) == -1);
93 
94 	errno = 0;
95 	ATF_REQUIRE_ERRNO(EFAULT, msgctl(id, IPC_STAT, (void *)-1) == -1);
96 
97 	for (i = 0; i < __arraycount(cmd); i++) {
98 		errno = 0;
99 		ATF_REQUIRE_ERRNO(EINVAL, msgctl(-1, cmd[i], &msgds) == -1);
100 	}
101 
102 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
103 }
104 
105 ATF_TC_CLEANUP(msgctl_err, tc)
106 {
107 	clean();
108 }
109 
110 ATF_TC_WITH_CLEANUP(msgctl_perm);
111 ATF_TC_HEAD(msgctl_perm, tc)
112 {
113 	atf_tc_set_md_var(tc, "descr", "Test permissions with msgctl(2)");
114 	atf_tc_set_md_var(tc, "require.user", "root");
115 }
116 
117 ATF_TC_BODY(msgctl_perm, tc)
118 {
119 	struct msqid_ds msgds;
120 	struct passwd *pw;
121 	pid_t pid;
122 	int sta;
123 	int id;
124 
125 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
126 
127 	pw = getpwnam("nobody");
128 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
129 
130 	ATF_REQUIRE(id != -1);
131 	ATF_REQUIRE(pw != NULL);
132 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
133 
134 	pid = fork();
135 	ATF_REQUIRE(pid >= 0);
136 
137 	if (pid == 0) {
138 
139 		if (setuid(pw->pw_uid) != 0)
140 			_exit(EX_OSERR);
141 
142 		msgds.msg_perm.uid = getuid();
143 		msgds.msg_perm.gid = getgid();
144 
145 		errno = 0;
146 
147 		if (msgctl(id, IPC_SET, &msgds) == 0)
148 			_exit(EXIT_FAILURE);
149 
150 		if (errno != EPERM)
151 			_exit(EXIT_FAILURE);
152 
153 		(void)memset(&msgds, 0, sizeof(struct msqid_ds));
154 
155 		if (msgctl(id, IPC_STAT, &msgds) != 0)
156 			_exit(EX_OSERR);
157 
158 		msgds.msg_qbytes = 1;
159 
160 		if (msgctl(id, IPC_SET, &msgds) == 0)
161 			_exit(EXIT_FAILURE);
162 
163 		if (errno != EPERM)
164 			_exit(EXIT_FAILURE);
165 
166 		_exit(EXIT_SUCCESS);
167 	}
168 
169 	(void)wait(&sta);
170 
171 	if (WIFEXITED(sta) == 0) {
172 
173 		if (WEXITSTATUS(sta) == EX_OSERR)
174 			atf_tc_fail("system call failed");
175 
176 		if (WEXITSTATUS(sta) == EXIT_FAILURE)
177 			atf_tc_fail("UID %u manipulated root's "
178 			    "message queue", pw->pw_uid);
179 	}
180 
181 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
182 }
183 
184 ATF_TC_CLEANUP(msgctl_perm, tc)
185 {
186 	clean();
187 }
188 
189 ATF_TC_WITH_CLEANUP(msgctl_pid);
190 ATF_TC_HEAD(msgctl_pid, tc)
191 {
192 	atf_tc_set_md_var(tc, "descr", "Test that PIDs are updated");
193 }
194 
195 ATF_TC_BODY(msgctl_pid, tc)
196 {
197 	struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } };
198 	struct msqid_ds msgds;
199 	int id, sta;
200 	pid_t pid;
201 
202 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
203 	ATF_REQUIRE(id != -1);
204 
205 	pid = fork();
206 	ATF_REQUIRE(pid >= 0);
207 
208 	if (pid == 0) {
209 
210 		(void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT);
211 
212 		_exit(EXIT_SUCCESS);
213 	}
214 
215 	(void)sleep(1);
216 	(void)wait(&sta);
217 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
218 
219 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
220 
221 	if (pid != msgds.msg_lspid)
222 		atf_tc_fail("the PID of last msgsnd(2) was not updated");
223 
224 	pid = fork();
225 	ATF_REQUIRE(pid >= 0);
226 
227 	if (pid == 0) {
228 
229 		(void)msgrcv(id, &msg,
230 		    sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT);
231 
232 		_exit(EXIT_SUCCESS);
233 	}
234 
235 	(void)sleep(1);
236 	(void)wait(&sta);
237 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
238 
239 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
240 
241 	if (pid != msgds.msg_lrpid)
242 		atf_tc_fail("the PID of last msgrcv(2) was not updated");
243 
244 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
245 }
246 
247 ATF_TC_CLEANUP(msgctl_pid, tc)
248 {
249 	clean();
250 }
251 
252 ATF_TC_WITH_CLEANUP(msgctl_set);
253 ATF_TC_HEAD(msgctl_set, tc)
254 {
255 	atf_tc_set_md_var(tc, "descr", "Test msgctl(2) with IPC_SET");
256 	atf_tc_set_md_var(tc, "require.user", "root");
257 }
258 
259 ATF_TC_BODY(msgctl_set, tc)
260 {
261 	struct msqid_ds msgds;
262 	struct passwd *pw;
263 	int id;
264 
265 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
266 
267 	pw = getpwnam("nobody");
268 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
269 
270 	ATF_REQUIRE(id != -1);
271 	ATF_REQUIRE(pw != NULL);
272 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
273 
274 	msgds.msg_perm.uid = pw->pw_uid;
275 
276 	if (msgctl(id, IPC_SET, &msgds) != 0)
277 		atf_tc_fail("root failed to change the UID of message queue");
278 
279 	msgds.msg_perm.uid = getuid();
280 	msgds.msg_perm.gid = pw->pw_gid;
281 
282 	if (msgctl(id, IPC_SET, &msgds) != 0)
283 		atf_tc_fail("root failed to change the GID of message queue");
284 
285 	/*
286 	 * Note: setting the qbytes to zero fails even as root.
287 	 */
288 	msgds.msg_qbytes = 1;
289 	msgds.msg_perm.gid = getgid();
290 
291 	if (msgctl(id, IPC_SET, &msgds) != 0)
292 		atf_tc_fail("root failed to change qbytes of message queue");
293 
294 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
295 }
296 
297 ATF_TC_CLEANUP(msgctl_set, tc)
298 {
299 	clean();
300 }
301 
302 ATF_TC_WITH_CLEANUP(msgctl_time);
303 ATF_TC_HEAD(msgctl_time, tc)
304 {
305 	atf_tc_set_md_var(tc, "descr", "Test that access times are updated");
306 }
307 
308 ATF_TC_BODY(msgctl_time, tc)
309 {
310 	struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } };
311 	struct msqid_ds msgds;
312 	time_t t;
313 	int id;
314 
315 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
316 	ATF_REQUIRE(id != -1);
317 
318 	t = time(NULL);
319 
320 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
321 	(void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT);
322 	(void)msgctl(id, IPC_STAT, &msgds);
323 
324 	if (llabs(t - msgds.msg_stime) > 1)
325 		atf_tc_fail("time of last msgsnd(2) was not updated");
326 
327 	if (msgds.msg_rtime != 0)
328 		atf_tc_fail("time of last msgrcv(2) was updated incorrectly");
329 
330 	t = time(NULL);
331 
332 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
333 	(void)msgrcv(id, &msg, sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT);
334 	(void)msgctl(id, IPC_STAT, &msgds);
335 
336 	if (llabs(t - msgds.msg_rtime) > 1)
337 		atf_tc_fail("time of last msgrcv(2) was not updated");
338 
339 	/*
340 	 * Note: this is non-zero even after the memset(3).
341 	 */
342 	if (msgds.msg_stime == 0)
343 		atf_tc_fail("time of last msgsnd(2) was updated incorrectly");
344 
345 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
346 }
347 
348 ATF_TC_CLEANUP(msgctl_time, tc)
349 {
350 	clean();
351 }
352 
353 ATF_TP_ADD_TCS(tp)
354 {
355 
356 	ATF_TP_ADD_TC(tp, msgctl_err);
357 	ATF_TP_ADD_TC(tp, msgctl_perm);
358 	ATF_TP_ADD_TC(tp, msgctl_pid);
359 	ATF_TP_ADD_TC(tp, msgctl_set);
360 	ATF_TP_ADD_TC(tp, msgctl_time);
361 
362 	return atf_no_error();
363 }
364