xref: /freebsd/contrib/netbsd-tests/lib/libc/sys/t_msgctl.c (revision 401ab69cff8fa2320a9f8ea4baa114a6da6c952b)
1 /* $NetBSD: t_msgctl.c,v 1.5 2017/01/13 20:44:45 christos Exp $ */
2 
3 /*-
4  * Copyright (c) 2011 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This code is derived from software contributed to The NetBSD Foundation
8  * by Jukka Ruohonen.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 #include <sys/cdefs.h>
32 __RCSID("$NetBSD: t_msgctl.c,v 1.5 2017/01/13 20:44:45 christos Exp $");
33 
34 #include <sys/msg.h>
35 #include <sys/stat.h>
36 #include <sys/sysctl.h>
37 #include <sys/wait.h>
38 
39 #include <atf-c.h>
40 #include <errno.h>
41 #include <limits.h>
42 #include <pwd.h>
43 #include <stdio.h>
44 #include <stdlib.h>
45 #include <string.h>
46 #include <sysexits.h>
47 #include <time.h>
48 #include <unistd.h>
49 
50 #define MSG_KEY		12345689
51 #define MSG_MTYPE_1	0x41
52 
53 struct msg {
54 	long		 mtype;
55 	char		 buf[3];
56 };
57 
58 static void		clean(void);
59 
60 static void
61 clean(void)
62 {
63 	int id;
64 
65 	if ((id = msgget(MSG_KEY, 0)) != -1)
66 		(void)msgctl(id, IPC_RMID, 0);
67 }
68 
69 ATF_TC_WITH_CLEANUP(msgctl_err);
70 ATF_TC_HEAD(msgctl_err, tc)
71 {
72 	atf_tc_set_md_var(tc, "descr", "Test errors from msgctl(2)");
73 }
74 
75 ATF_TC_BODY(msgctl_err, tc)
76 {
77 	const int cmd[] = { IPC_STAT, IPC_SET, IPC_RMID };
78 	struct msqid_ds msgds;
79 	size_t i;
80 	int id;
81 
82 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
83 
84 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
85 	ATF_REQUIRE(id != -1);
86 
87 	errno = 0;
88 	ATF_REQUIRE_ERRNO(EINVAL, msgctl(id, INT_MAX, &msgds) == -1);
89 
90 	errno = 0;
91 	ATF_REQUIRE_ERRNO(EFAULT, msgctl(id, IPC_STAT, (void *)-1) == -1);
92 
93 	for (i = 0; i < __arraycount(cmd); i++) {
94 		errno = 0;
95 		ATF_REQUIRE_ERRNO(EINVAL, msgctl(-1, cmd[i], &msgds) == -1);
96 	}
97 
98 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
99 }
100 
101 ATF_TC_CLEANUP(msgctl_err, tc)
102 {
103 	clean();
104 }
105 
106 ATF_TC_WITH_CLEANUP(msgctl_perm);
107 ATF_TC_HEAD(msgctl_perm, tc)
108 {
109 	atf_tc_set_md_var(tc, "descr", "Test permissions with msgctl(2)");
110 	atf_tc_set_md_var(tc, "require.user", "root");
111 }
112 
113 ATF_TC_BODY(msgctl_perm, tc)
114 {
115 	struct msqid_ds msgds;
116 	struct passwd *pw;
117 	pid_t pid;
118 	int sta;
119 	int id;
120 
121 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
122 
123 	pw = getpwnam("nobody");
124 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
125 
126 	ATF_REQUIRE(id != -1);
127 	ATF_REQUIRE(pw != NULL);
128 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
129 
130 	pid = fork();
131 	ATF_REQUIRE(pid >= 0);
132 
133 	if (pid == 0) {
134 
135 		if (setuid(pw->pw_uid) != 0)
136 			_exit(EX_OSERR);
137 
138 		msgds.msg_perm.uid = getuid();
139 		msgds.msg_perm.gid = getgid();
140 
141 		errno = 0;
142 
143 		if (msgctl(id, IPC_SET, &msgds) == 0)
144 			_exit(EXIT_FAILURE);
145 
146 		if (errno != EPERM)
147 			_exit(EXIT_FAILURE);
148 
149 		(void)memset(&msgds, 0, sizeof(struct msqid_ds));
150 
151 		if (msgctl(id, IPC_STAT, &msgds) != 0)
152 			_exit(EX_OSERR);
153 
154 		msgds.msg_qbytes = 1;
155 
156 		if (msgctl(id, IPC_SET, &msgds) == 0)
157 			_exit(EXIT_FAILURE);
158 
159 		if (errno != EPERM)
160 			_exit(EXIT_FAILURE);
161 
162 		_exit(EXIT_SUCCESS);
163 	}
164 
165 	(void)wait(&sta);
166 
167 	if (WIFEXITED(sta) == 0) {
168 
169 		if (WEXITSTATUS(sta) == EX_OSERR)
170 			atf_tc_fail("system call failed");
171 
172 		if (WEXITSTATUS(sta) == EXIT_FAILURE)
173 			atf_tc_fail("UID %u manipulated root's "
174 			    "message queue", pw->pw_uid);
175 	}
176 
177 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
178 }
179 
180 ATF_TC_CLEANUP(msgctl_perm, tc)
181 {
182 	clean();
183 }
184 
185 ATF_TC_WITH_CLEANUP(msgctl_pid);
186 ATF_TC_HEAD(msgctl_pid, tc)
187 {
188 	atf_tc_set_md_var(tc, "descr", "Test that PIDs are updated");
189 }
190 
191 ATF_TC_BODY(msgctl_pid, tc)
192 {
193 	struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } };
194 	struct msqid_ds msgds;
195 	int id, sta;
196 	pid_t pid;
197 
198 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
199 	ATF_REQUIRE(id != -1);
200 
201 	pid = fork();
202 	ATF_REQUIRE(pid >= 0);
203 
204 	if (pid == 0) {
205 
206 #ifdef	__FreeBSD__
207 		(void)msgsnd(id, &msg, sizeof(msg.buf), IPC_NOWAIT);
208 #else
209 		(void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT);
210 #endif
211 
212 		_exit(EXIT_SUCCESS);
213 	}
214 
215 	(void)wait(&sta);
216 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
217 
218 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
219 
220 	if (pid != msgds.msg_lspid)
221 		atf_tc_fail("the PID of last msgsnd(2) was not updated");
222 
223 	pid = fork();
224 	ATF_REQUIRE(pid >= 0);
225 
226 	if (pid == 0) {
227 
228 		(void)msgrcv(id, &msg,
229 		    sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT);
230 
231 		_exit(EXIT_SUCCESS);
232 	}
233 
234 	(void)wait(&sta);
235 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
236 
237 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
238 
239 	if (pid != msgds.msg_lrpid)
240 		atf_tc_fail("the PID of last msgrcv(2) was not updated");
241 
242 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
243 }
244 
245 ATF_TC_CLEANUP(msgctl_pid, tc)
246 {
247 	clean();
248 }
249 
250 ATF_TC_WITH_CLEANUP(msgctl_set);
251 ATF_TC_HEAD(msgctl_set, tc)
252 {
253 	atf_tc_set_md_var(tc, "descr", "Test msgctl(2) with IPC_SET");
254 	atf_tc_set_md_var(tc, "require.user", "root");
255 }
256 
257 ATF_TC_BODY(msgctl_set, tc)
258 {
259 	struct msqid_ds msgds;
260 	struct passwd *pw;
261 	int id;
262 
263 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
264 
265 	pw = getpwnam("nobody");
266 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
267 
268 	ATF_REQUIRE(id != -1);
269 	ATF_REQUIRE(pw != NULL);
270 	ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0);
271 
272 	msgds.msg_perm.uid = pw->pw_uid;
273 
274 	if (msgctl(id, IPC_SET, &msgds) != 0)
275 		atf_tc_fail("root failed to change the UID of message queue");
276 
277 	msgds.msg_perm.uid = getuid();
278 	msgds.msg_perm.gid = pw->pw_gid;
279 
280 	if (msgctl(id, IPC_SET, &msgds) != 0)
281 		atf_tc_fail("root failed to change the GID of message queue");
282 
283 	/*
284 	 * Note: setting the qbytes to zero fails even as root.
285 	 */
286 	msgds.msg_qbytes = 1;
287 	msgds.msg_perm.gid = getgid();
288 
289 	if (msgctl(id, IPC_SET, &msgds) != 0)
290 		atf_tc_fail("root failed to change qbytes of message queue");
291 
292 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
293 }
294 
295 ATF_TC_CLEANUP(msgctl_set, tc)
296 {
297 	clean();
298 }
299 
300 ATF_TC_WITH_CLEANUP(msgctl_time);
301 ATF_TC_HEAD(msgctl_time, tc)
302 {
303 	atf_tc_set_md_var(tc, "descr", "Test that access times are updated");
304 }
305 
306 ATF_TC_BODY(msgctl_time, tc)
307 {
308 	struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } };
309 	struct msqid_ds msgds;
310 	time_t t;
311 	int id;
312 
313 	id = msgget(MSG_KEY, IPC_CREAT | 0600);
314 	ATF_REQUIRE(id != -1);
315 
316 	t = time(NULL);
317 
318 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
319 #ifdef	__FreeBSD__
320 	(void)msgsnd(id, &msg, sizeof(msg.buf), IPC_NOWAIT);
321 #else
322 	(void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT);
323 #endif
324 	(void)msgctl(id, IPC_STAT, &msgds);
325 
326 	if (llabs(t - msgds.msg_stime) > 1)
327 		atf_tc_fail("time of last msgsnd(2) was not updated");
328 
329 	if (msgds.msg_rtime != 0)
330 		atf_tc_fail("time of last msgrcv(2) was updated incorrectly");
331 
332 	t = time(NULL);
333 
334 	(void)memset(&msgds, 0, sizeof(struct msqid_ds));
335 	(void)msgrcv(id, &msg, sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT);
336 	(void)msgctl(id, IPC_STAT, &msgds);
337 
338 	if (llabs(t - msgds.msg_rtime) > 1)
339 		atf_tc_fail("time of last msgrcv(2) was not updated");
340 
341 	/*
342 	 * Note: this is non-zero even after the memset(3).
343 	 */
344 	if (msgds.msg_stime == 0)
345 		atf_tc_fail("time of last msgsnd(2) was updated incorrectly");
346 
347 	ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0);
348 }
349 
350 ATF_TC_CLEANUP(msgctl_time, tc)
351 {
352 	clean();
353 }
354 
355 ATF_TP_ADD_TCS(tp)
356 {
357 
358 	ATF_TP_ADD_TC(tp, msgctl_err);
359 	ATF_TP_ADD_TC(tp, msgctl_perm);
360 	ATF_TP_ADD_TC(tp, msgctl_pid);
361 	ATF_TP_ADD_TC(tp, msgctl_set);
362 	ATF_TP_ADD_TC(tp, msgctl_time);
363 
364 	return atf_no_error();
365 }
366