xref: /freebsd/tests/sys/fs/fusefs/utils.cc (revision fef464546c387300a1f24f0109750d797a01f3b9) 
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2019 The FreeBSD Foundation
5  *
6  * This software was developed by BFF Storage Systems, LLC under sponsorship
7  * from the FreeBSD Foundation.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28  * SUCH DAMAGE.
29  */
30 
31 extern "C" {
32 #include <sys/param.h>
33 #include <sys/mman.h>
34 #include <sys/module.h>
35 #include <sys/sysctl.h>
36 #include <sys/wait.h>
37 
38 #include <dirent.h>
39 #include <fcntl.h>
40 #include <grp.h>
41 #include <pwd.h>
42 #include <semaphore.h>
43 #include <unistd.h>
44 }
45 
46 #include <gtest/gtest.h>
47 
48 #include "mockfs.hh"
49 #include "utils.hh"
50 
51 using namespace testing;
52 
53 /*
54  * The default max_write is set to this formula in libfuse, though
55  * individual filesystems can lower it.  The "- 4096" was added in
56  * commit 154ffe2, with the commit message "fix".
57  */
58 const uint32_t libfuse_max_write = 32 * getpagesize() + 0x1000 - 4096;
59 
60 /*
61  * Set the default max_write to a distinct value from MAXPHYS to catch bugs
62  * that confuse the two.
63  */
64 const uint32_t default_max_write = MIN(libfuse_max_write, MAXPHYS / 2);
65 
66 
67 /* Check that fusefs(4) is accessible and the current user can mount(2) */
68 void check_environment()
69 {
70 	const char *devnode = "/dev/fuse";
71 	const char *usermount_node = "vfs.usermount";
72 	int usermount_val = 0;
73 	size_t usermount_size = sizeof(usermount_val);
74 	if (eaccess(devnode, R_OK | W_OK)) {
75 		if (errno == ENOENT) {
76 			GTEST_SKIP() << devnode << " does not exist";
77 		} else if (errno == EACCES) {
78 			GTEST_SKIP() << devnode <<
79 			    " is not accessible by the current user";
80 		} else {
81 			GTEST_SKIP() << strerror(errno);
82 		}
83 	}
84 	sysctlbyname(usermount_node, &usermount_val, &usermount_size,
85 		     NULL, 0);
86 	if (geteuid() != 0 && !usermount_val)
87 		GTEST_SKIP() << "current user is not allowed to mount";
88 }
89 
90 class FuseEnv: public Environment {
91 	virtual void SetUp() {
92 	}
93 };
94 
95 void FuseTest::SetUp() {
96 	const char *maxbcachebuf_node = "vfs.maxbcachebuf";
97 	const char *maxphys_node = "kern.maxphys";
98 	int val = 0;
99 	size_t size = sizeof(val);
100 
101 	/*
102 	 * XXX check_environment should be called from FuseEnv::SetUp, but
103 	 * can't due to https://github.com/google/googletest/issues/2189
104 	 */
105 	check_environment();
106 	if (IsSkipped())
107 		return;
108 
109 	ASSERT_EQ(0, sysctlbyname(maxbcachebuf_node, &val, &size, NULL, 0))
110 		<< strerror(errno);
111 	m_maxbcachebuf = val;
112 	ASSERT_EQ(0, sysctlbyname(maxphys_node, &val, &size, NULL, 0))
113 		<< strerror(errno);
114 	m_maxphys = val;
115 
116 	try {
117 		m_mock = new MockFS(m_maxreadahead, m_allow_other,
118 			m_default_permissions, m_push_symlinks_in, m_ro,
119 			m_pm, m_init_flags, m_kernel_minor_version,
120 			m_maxwrite, m_async, m_noclusterr, m_time_gran);
121 		/*
122 		 * FUSE_ACCESS is called almost universally.  Expecting it in
123 		 * each test case would be super-annoying.  Instead, set a
124 		 * default expectation for FUSE_ACCESS and return ENOSYS.
125 		 *
126 		 * Individual test cases can override this expectation since
127 		 * googlemock evaluates expectations in LIFO order.
128 		 */
129 		EXPECT_CALL(*m_mock, process(
130 			ResultOf([=](auto in) {
131 				return (in.header.opcode == FUSE_ACCESS);
132 			}, Eq(true)),
133 			_)
134 		).Times(AnyNumber())
135 		.WillRepeatedly(Invoke(ReturnErrno(ENOSYS)));
136 		/*
137 		 * FUSE_BMAP is called for most test cases that read data.  Set
138 		 * a default expectation and return ENOSYS.
139 		 *
140 		 * Individual test cases can override this expectation since
141 		 * googlemock evaluates expectations in LIFO order.
142 		 */
143 		EXPECT_CALL(*m_mock, process(
144 			ResultOf([=](auto in) {
145 				return (in.header.opcode == FUSE_BMAP);
146 			}, Eq(true)),
147 			_)
148 		).Times(AnyNumber())
149 		.WillRepeatedly(Invoke(ReturnErrno(ENOSYS)));
150 	} catch (std::system_error err) {
151 		FAIL() << err.what();
152 	}
153 }
154 
155 void
156 FuseTest::expect_access(uint64_t ino, mode_t access_mode, int error)
157 {
158 	EXPECT_CALL(*m_mock, process(
159 		ResultOf([=](auto in) {
160 			return (in.header.opcode == FUSE_ACCESS &&
161 				in.header.nodeid == ino &&
162 				in.body.access.mask == access_mode);
163 		}, Eq(true)),
164 		_)
165 	).WillOnce(Invoke(ReturnErrno(error)));
166 }
167 
168 void
169 FuseTest::expect_destroy(int error)
170 {
171 	EXPECT_CALL(*m_mock, process(
172 		ResultOf([=](auto in) {
173 			return (in.header.opcode == FUSE_DESTROY);
174 		}, Eq(true)),
175 		_)
176 	).WillOnce(Invoke( ReturnImmediate([&](auto in, auto& out) {
177 		m_mock->m_quit = true;
178 		out.header.len = sizeof(out.header);
179 		out.header.unique = in.header.unique;
180 		out.header.error = -error;
181 	})));
182 }
183 
184 void
185 FuseTest::expect_flush(uint64_t ino, int times, ProcessMockerT r)
186 {
187 	EXPECT_CALL(*m_mock, process(
188 		ResultOf([=](auto in) {
189 			return (in.header.opcode == FUSE_FLUSH &&
190 				in.header.nodeid == ino);
191 		}, Eq(true)),
192 		_)
193 	).Times(times)
194 	.WillRepeatedly(Invoke(r));
195 }
196 
197 void
198 FuseTest::expect_forget(uint64_t ino, uint64_t nlookup, sem_t *sem)
199 {
200 	EXPECT_CALL(*m_mock, process(
201 		ResultOf([=](auto in) {
202 			return (in.header.opcode == FUSE_FORGET &&
203 				in.header.nodeid == ino &&
204 				in.body.forget.nlookup == nlookup);
205 		}, Eq(true)),
206 		_)
207 	).WillOnce(Invoke([=](auto in __unused, auto &out __unused) {
208 		if (sem != NULL)
209 			sem_post(sem);
210 		/* FUSE_FORGET has no response! */
211 	}));
212 }
213 
214 void FuseTest::expect_getattr(uint64_t ino, uint64_t size)
215 {
216 	EXPECT_CALL(*m_mock, process(
217 		ResultOf([=](auto in) {
218 			return (in.header.opcode == FUSE_GETATTR &&
219 				in.header.nodeid == ino);
220 		}, Eq(true)),
221 		_)
222 	).WillOnce(Invoke(ReturnImmediate([=](auto i __unused, auto& out) {
223 		SET_OUT_HEADER_LEN(out, attr);
224 		out.body.attr.attr.ino = ino;	// Must match nodeid
225 		out.body.attr.attr.mode = S_IFREG | 0644;
226 		out.body.attr.attr.size = size;
227 		out.body.attr.attr_valid = UINT64_MAX;
228 	})));
229 }
230 
231 void FuseTest::expect_lookup(const char *relpath, uint64_t ino, mode_t mode,
232 	uint64_t size, int times, uint64_t attr_valid, uid_t uid, gid_t gid)
233 {
234 	EXPECT_LOOKUP(FUSE_ROOT_ID, relpath)
235 	.Times(times)
236 	.WillRepeatedly(Invoke(
237 		ReturnImmediate([=](auto in __unused, auto& out) {
238 		SET_OUT_HEADER_LEN(out, entry);
239 		out.body.entry.attr.mode = mode;
240 		out.body.entry.nodeid = ino;
241 		out.body.entry.attr.nlink = 1;
242 		out.body.entry.attr_valid = attr_valid;
243 		out.body.entry.attr.size = size;
244 		out.body.entry.attr.uid = uid;
245 		out.body.entry.attr.gid = gid;
246 	})));
247 }
248 
249 void FuseTest::expect_lookup_7_8(const char *relpath, uint64_t ino, mode_t mode,
250 	uint64_t size, int times, uint64_t attr_valid, uid_t uid, gid_t gid)
251 {
252 	EXPECT_LOOKUP(FUSE_ROOT_ID, relpath)
253 	.Times(times)
254 	.WillRepeatedly(Invoke(
255 		ReturnImmediate([=](auto in __unused, auto& out) {
256 		SET_OUT_HEADER_LEN(out, entry_7_8);
257 		out.body.entry.attr.mode = mode;
258 		out.body.entry.nodeid = ino;
259 		out.body.entry.attr.nlink = 1;
260 		out.body.entry.attr_valid = attr_valid;
261 		out.body.entry.attr.size = size;
262 		out.body.entry.attr.uid = uid;
263 		out.body.entry.attr.gid = gid;
264 	})));
265 }
266 
267 void FuseTest::expect_open(uint64_t ino, uint32_t flags, int times)
268 {
269 	EXPECT_CALL(*m_mock, process(
270 		ResultOf([=](auto in) {
271 			return (in.header.opcode == FUSE_OPEN &&
272 				in.header.nodeid == ino);
273 		}, Eq(true)),
274 		_)
275 	).Times(times)
276 	.WillRepeatedly(Invoke(
277 		ReturnImmediate([=](auto in __unused, auto& out) {
278 		out.header.len = sizeof(out.header);
279 		SET_OUT_HEADER_LEN(out, open);
280 		out.body.open.fh = FH;
281 		out.body.open.open_flags = flags;
282 	})));
283 }
284 
285 void FuseTest::expect_opendir(uint64_t ino)
286 {
287 	/* opendir(3) calls fstatfs */
288 	EXPECT_CALL(*m_mock, process(
289 		ResultOf([](auto in) {
290 			return (in.header.opcode == FUSE_STATFS);
291 		}, Eq(true)),
292 		_)
293 	).WillRepeatedly(Invoke(
294 	ReturnImmediate([=](auto i __unused, auto& out) {
295 		SET_OUT_HEADER_LEN(out, statfs);
296 	})));
297 
298 	EXPECT_CALL(*m_mock, process(
299 		ResultOf([=](auto in) {
300 			return (in.header.opcode == FUSE_OPENDIR &&
301 				in.header.nodeid == ino);
302 		}, Eq(true)),
303 		_)
304 	).WillOnce(Invoke(ReturnImmediate([=](auto in __unused, auto& out) {
305 		out.header.len = sizeof(out.header);
306 		SET_OUT_HEADER_LEN(out, open);
307 		out.body.open.fh = FH;
308 	})));
309 }
310 
311 void FuseTest::expect_read(uint64_t ino, uint64_t offset, uint64_t isize,
312 	uint64_t osize, const void *contents, int flags)
313 {
314 	EXPECT_CALL(*m_mock, process(
315 		ResultOf([=](auto in) {
316 			return (in.header.opcode == FUSE_READ &&
317 				in.header.nodeid == ino &&
318 				in.body.read.fh == FH &&
319 				in.body.read.offset == offset &&
320 				in.body.read.size == isize &&
321 				flags == -1 ?
322 					(in.body.read.flags == O_RDONLY ||
323 					 in.body.read.flags == O_RDWR)
324 				: in.body.read.flags == (uint32_t)flags);
325 		}, Eq(true)),
326 		_)
327 	).WillOnce(Invoke(ReturnImmediate([=](auto in __unused, auto& out) {
328 		out.header.len = sizeof(struct fuse_out_header) + osize;
329 		memmove(out.body.bytes, contents, osize);
330 	}))).RetiresOnSaturation();
331 }
332 
333 void FuseTest::expect_readdir(uint64_t ino, uint64_t off,
334 	std::vector<struct dirent> &ents)
335 {
336 	EXPECT_CALL(*m_mock, process(
337 		ResultOf([=](auto in) {
338 			return (in.header.opcode == FUSE_READDIR &&
339 				in.header.nodeid == ino &&
340 				in.body.readdir.fh == FH &&
341 				in.body.readdir.offset == off);
342 		}, Eq(true)),
343 		_)
344 	).WillRepeatedly(Invoke(ReturnImmediate([=](auto in, auto& out) {
345 		struct fuse_dirent *fde = (struct fuse_dirent*)&(out.body);
346 		int i = 0;
347 
348 		out.header.error = 0;
349 		out.header.len = 0;
350 
351 		for (const auto& it: ents) {
352 			size_t entlen, entsize;
353 
354 			fde->ino = it.d_fileno;
355 			fde->off = it.d_off;
356 			fde->type = it.d_type;
357 			fde->namelen = it.d_namlen;
358 			strncpy(fde->name, it.d_name, it.d_namlen);
359 			entlen = FUSE_NAME_OFFSET + fde->namelen;
360 			entsize = FUSE_DIRENT_SIZE(fde);
361 			/*
362 			 * The FUSE protocol does not require zeroing out the
363 			 * unused portion of the name.  But it's a good
364 			 * practice to prevent information disclosure to the
365 			 * FUSE client, even though the client is usually the
366 			 * kernel
367 			 */
368 			memset(fde->name + fde->namelen, 0, entsize - entlen);
369 			if (out.header.len + entsize > in.body.read.size) {
370 				printf("Overflow in readdir expectation: i=%d\n"
371 					, i);
372 				break;
373 			}
374 			out.header.len += entsize;
375 			fde = (struct fuse_dirent*)
376 				((intmax_t*)fde + entsize / sizeof(intmax_t));
377 			i++;
378 		}
379 		out.header.len += sizeof(out.header);
380 	})));
381 
382 }
383 void FuseTest::expect_release(uint64_t ino, uint64_t fh)
384 {
385 	EXPECT_CALL(*m_mock, process(
386 		ResultOf([=](auto in) {
387 			return (in.header.opcode == FUSE_RELEASE &&
388 				in.header.nodeid == ino &&
389 				in.body.release.fh == fh);
390 		}, Eq(true)),
391 		_)
392 	).WillOnce(Invoke(ReturnErrno(0)));
393 }
394 
395 void FuseTest::expect_releasedir(uint64_t ino, ProcessMockerT r)
396 {
397 	EXPECT_CALL(*m_mock, process(
398 		ResultOf([=](auto in) {
399 			return (in.header.opcode == FUSE_RELEASEDIR &&
400 				in.header.nodeid == ino &&
401 				in.body.release.fh == FH);
402 		}, Eq(true)),
403 		_)
404 	).WillOnce(Invoke(r));
405 }
406 
407 void FuseTest::expect_unlink(uint64_t parent, const char *path, int error)
408 {
409 	EXPECT_CALL(*m_mock, process(
410 		ResultOf([=](auto in) {
411 			return (in.header.opcode == FUSE_UNLINK &&
412 				0 == strcmp(path, in.body.unlink) &&
413 				in.header.nodeid == parent);
414 		}, Eq(true)),
415 		_)
416 	).WillOnce(Invoke(ReturnErrno(error)));
417 }
418 
419 void FuseTest::expect_write(uint64_t ino, uint64_t offset, uint64_t isize,
420 	uint64_t osize, uint32_t flags_set, uint32_t flags_unset,
421 	const void *contents)
422 {
423 	EXPECT_CALL(*m_mock, process(
424 		ResultOf([=](auto in) {
425 			const char *buf = (const char*)in.body.bytes +
426 				sizeof(struct fuse_write_in);
427 			bool pid_ok;
428 			uint32_t wf = in.body.write.write_flags;
429 
430 			if (wf & FUSE_WRITE_CACHE)
431 				pid_ok = true;
432 			else
433 				pid_ok = (pid_t)in.header.pid == getpid();
434 
435 			return (in.header.opcode == FUSE_WRITE &&
436 				in.header.nodeid == ino &&
437 				in.body.write.fh == FH &&
438 				in.body.write.offset == offset  &&
439 				in.body.write.size == isize &&
440 				pid_ok &&
441 				(wf & flags_set) == flags_set &&
442 				(wf & flags_unset) == 0 &&
443 				(in.body.write.flags == O_WRONLY ||
444 				 in.body.write.flags == O_RDWR) &&
445 				0 == bcmp(buf, contents, isize));
446 		}, Eq(true)),
447 		_)
448 	).WillOnce(Invoke(ReturnImmediate([=](auto in __unused, auto& out) {
449 		SET_OUT_HEADER_LEN(out, write);
450 		out.body.write.size = osize;
451 	})));
452 }
453 
454 void FuseTest::expect_write_7_8(uint64_t ino, uint64_t offset, uint64_t isize,
455 	uint64_t osize, const void *contents)
456 {
457 	EXPECT_CALL(*m_mock, process(
458 		ResultOf([=](auto in) {
459 			const char *buf = (const char*)in.body.bytes +
460 				FUSE_COMPAT_WRITE_IN_SIZE;
461 			bool pid_ok = (pid_t)in.header.pid == getpid();
462 			return (in.header.opcode == FUSE_WRITE &&
463 				in.header.nodeid == ino &&
464 				in.body.write.fh == FH &&
465 				in.body.write.offset == offset  &&
466 				in.body.write.size == isize &&
467 				pid_ok &&
468 				0 == bcmp(buf, contents, isize));
469 		}, Eq(true)),
470 		_)
471 	).WillOnce(Invoke(ReturnImmediate([=](auto in __unused, auto& out) {
472 		SET_OUT_HEADER_LEN(out, write);
473 		out.body.write.size = osize;
474 	})));
475 }
476 
477 void
478 get_unprivileged_id(uid_t *uid, gid_t *gid)
479 {
480 	struct passwd *pw;
481 	struct group *gr;
482 
483 	/*
484 	 * First try "tests", Kyua's default unprivileged user.  XXX after
485 	 * GoogleTest gains a proper Kyua wrapper, get this with the Kyua API
486 	 */
487 	pw = getpwnam("tests");
488 	if (pw == NULL) {
489 		/* Fall back to "nobody" */
490 		pw = getpwnam("nobody");
491 	}
492 	if (pw == NULL)
493 		GTEST_SKIP() << "Test requires an unprivileged user";
494 	/* Use group "nobody", which is Kyua's default unprivileged group */
495 	gr = getgrnam("nobody");
496 	if (gr == NULL)
497 		GTEST_SKIP() << "Test requires an unprivileged group";
498 	*uid = pw->pw_uid;
499 	*gid = gr->gr_gid;
500 }
501 
502 void
503 FuseTest::fork(bool drop_privs, int *child_status,
504 	std::function<void()> parent_func,
505 	std::function<int()> child_func)
506 {
507 	sem_t *sem;
508 	int mprot = PROT_READ | PROT_WRITE;
509 	int mflags = MAP_ANON | MAP_SHARED;
510 	pid_t child;
511 	uid_t uid;
512 	gid_t gid;
513 
514 	if (drop_privs) {
515 		get_unprivileged_id(&uid, &gid);
516 		if (IsSkipped())
517 			return;
518 	}
519 
520 	sem = (sem_t*)mmap(NULL, sizeof(*sem), mprot, mflags, -1, 0);
521 	ASSERT_NE(MAP_FAILED, sem) << strerror(errno);
522 	ASSERT_EQ(0, sem_init(sem, 1, 0)) << strerror(errno);
523 
524 	if ((child = ::fork()) == 0) {
525 		/* In child */
526 		int err = 0;
527 
528 		if (sem_wait(sem)) {
529 			perror("sem_wait");
530 			err = 1;
531 			goto out;
532 		}
533 
534 		if (drop_privs && 0 != setegid(gid)) {
535 			perror("setegid");
536 			err = 1;
537 			goto out;
538 		}
539 		if (drop_privs && 0 != setreuid(-1, uid)) {
540 			perror("setreuid");
541 			err = 1;
542 			goto out;
543 		}
544 		err = child_func();
545 
546 out:
547 		sem_destroy(sem);
548 		_exit(err);
549 	} else if (child > 0) {
550 		/*
551 		 * In parent.  Cleanup must happen here, because it's still
552 		 * privileged.
553 		 */
554 		m_mock->m_child_pid = child;
555 		ASSERT_NO_FATAL_FAILURE(parent_func());
556 
557 		/* Signal the child process to go */
558 		ASSERT_EQ(0, sem_post(sem)) << strerror(errno);
559 
560 		ASSERT_LE(0, wait(child_status)) << strerror(errno);
561 	} else {
562 		FAIL() << strerror(errno);
563 	}
564 	munmap(sem, sizeof(*sem));
565 	return;
566 }
567 
568 static void usage(char* progname) {
569 	fprintf(stderr, "Usage: %s [-v]\n\t-v increase verbosity\n", progname);
570 	exit(2);
571 }
572 
573 int main(int argc, char **argv) {
574 	int ch;
575 	FuseEnv *fuse_env = new FuseEnv;
576 
577 	InitGoogleTest(&argc, argv);
578 	AddGlobalTestEnvironment(fuse_env);
579 
580 	while ((ch = getopt(argc, argv, "v")) != -1) {
581 		switch (ch) {
582 			case 'v':
583 				verbosity++;
584 				break;
585 			default:
586 				usage(argv[0]);
587 				break;
588 		}
589 	}
590 
591 	return (RUN_ALL_TESTS());
592 }
593