1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2022 Gleb Smirnoff <glebius@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 #include <sys/time.h> 29 #include <sys/event.h> 30 #include <sys/ioctl.h> 31 #include <sys/select.h> 32 #include <sys/socket.h> 33 #include <sys/sysctl.h> 34 #include <sys/un.h> 35 #include <aio.h> 36 #include <errno.h> 37 #include <fcntl.h> 38 #include <signal.h> 39 #include <stdlib.h> 40 41 #include <atf-c.h> 42 43 static struct itimerval itv = { 44 .it_interval = { 0, 0 }, 45 .it_value = { 1, 0 }, /* one second */ 46 }; 47 static sig_atomic_t timer_done = 0; 48 static void 49 sigalarm(int sig __unused) 50 { 51 52 timer_done = 1; 53 } 54 55 static struct sigaction sigact = { 56 .sa_handler = sigalarm, 57 }; 58 59 static struct sockaddr_un sun = { 60 .sun_family = AF_LOCAL, 61 .sun_len = sizeof(sun), 62 .sun_path = "unix_dgram_listener", 63 }; 64 65 /* 66 * Fill socket to a state when next send(len) would fail. 67 * 68 * Note that every datagram is prepended with sender address, 69 * size of struct sockaddr. 70 */ 71 static void 72 fill(int fd, void *buf, ssize_t len) 73 { 74 unsigned long recvspace; 75 size_t llen = sizeof(unsigned long); 76 ssize_t sent; 77 78 ATF_REQUIRE(sysctlbyname("net.local.dgram.recvspace", &recvspace, 79 &llen, NULL, 0) == 0); 80 for (sent = 0; 81 sent + len + sizeof(struct sockaddr) < recvspace; 82 sent += len + sizeof(struct sockaddr)) 83 ATF_REQUIRE(send(fd, buf, len, 0) == len); 84 } 85 86 ATF_TC_WITHOUT_HEAD(basic); 87 ATF_TC_BODY(basic, tc) 88 { 89 struct msghdr msg; 90 struct iovec iov[1]; 91 unsigned long maxdgram; 92 size_t llen = sizeof(unsigned long); 93 int fd[2]; 94 char *buf; 95 96 /* Allocate and initialize: 97 * - fd[0] to send, fd[1] to receive 98 * - buf[maxdgram] for data 99 */ 100 ATF_REQUIRE(sysctlbyname("net.local.dgram.maxdgram", &maxdgram, 101 &llen, NULL, 0) == 0); 102 ATF_REQUIRE(socketpair(PF_UNIX, SOCK_DGRAM, 0, fd) != -1); 103 buf = malloc(maxdgram + 1); 104 ATF_REQUIRE(buf); 105 msg = (struct msghdr ){ 106 .msg_iov = iov, 107 .msg_iovlen = 1, 108 }; 109 iov[0] = (struct iovec ){ 110 .iov_base = buf, 111 }; 112 113 /* Fail to send > maxdgram. */ 114 ATF_REQUIRE(send(fd[0], buf, maxdgram + 1, 0) == -1); 115 ATF_REQUIRE(errno == EMSGSIZE); 116 117 /* Send maxdgram. */ 118 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == (ssize_t)maxdgram); 119 120 /* Exercise MSG_PEEK, full and truncated.. */ 121 ATF_REQUIRE(recv(fd[1], buf, maxdgram, MSG_PEEK) == (ssize_t)maxdgram); 122 iov[0].iov_len = 42; 123 ATF_REQUIRE(recvmsg(fd[1], &msg, MSG_PEEK) == 42); 124 ATF_REQUIRE(msg.msg_flags == (MSG_PEEK | MSG_TRUNC)); 125 126 /* Receive maxdgram. */ 127 iov[0].iov_len = maxdgram; 128 ATF_REQUIRE(recvmsg(fd[1], &msg, 0) == (ssize_t)maxdgram); 129 ATF_REQUIRE(msg.msg_flags == 0); 130 131 /* Receive truncated message. */ 132 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == (ssize_t)maxdgram); 133 iov[0].iov_len = maxdgram / 2; 134 ATF_REQUIRE(recvmsg(fd[1], &msg, 0) == (ssize_t)maxdgram / 2); 135 ATF_REQUIRE(msg.msg_flags == MSG_TRUNC); 136 137 /* Empty: block. */ 138 ATF_REQUIRE(sigaction(SIGALRM, &sigact, NULL) == 0); 139 ATF_REQUIRE(timer_done == 0); 140 ATF_REQUIRE(setitimer(ITIMER_REAL, &itv, NULL) == 0); 141 ATF_REQUIRE(recv(fd[1], buf, maxdgram, 0) == -1); 142 ATF_REQUIRE(errno == EINTR); 143 ATF_REQUIRE(timer_done == 1); 144 145 /* Don't block with MSG_DONTWAIT. */ 146 ATF_REQUIRE(recv(fd[1], buf, maxdgram, MSG_DONTWAIT) == -1); 147 ATF_REQUIRE(errno == EAGAIN); 148 149 /* Don't block with O_NONBLOCK. */ 150 ATF_REQUIRE(fcntl(fd[1], F_SETFL, O_NONBLOCK) != -1); 151 ATF_REQUIRE(recv(fd[1], buf, maxdgram, 0) == -1); 152 ATF_REQUIRE(errno == EAGAIN); 153 154 /* Fail with ENOBUFS on full socket. */ 155 fill(fd[0], buf, maxdgram); 156 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == -1); 157 ATF_REQUIRE(errno == ENOBUFS); 158 159 /* 160 * Fail with ENOBUFS with O_NONBLOCK set, too. See 71e70c25c00 161 * for explanation why this behavior needs to be preserved. 162 */ 163 ATF_REQUIRE(fcntl(fd[0], F_SETFL, O_NONBLOCK) != -1); 164 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == -1); 165 ATF_REQUIRE(errno == ENOBUFS); 166 167 /* Remote side closed -> ECONNRESET. */ 168 close(fd[1]); 169 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == -1); 170 ATF_REQUIRE(errno == ECONNRESET); 171 } 172 173 ATF_TC_WITHOUT_HEAD(one2many); 174 ATF_TC_BODY(one2many, tc) 175 { 176 int one, many[3], two; 177 #define BUFSIZE 1024 178 char buf[BUFSIZE], goodboy[BUFSIZE], flooder[BUFSIZE], notconn[BUFSIZE]; 179 180 /* Establish one to many connection. */ 181 ATF_REQUIRE((one = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 182 ATF_REQUIRE(bind(one, (struct sockaddr *)&sun, sizeof(sun)) == 0); 183 /* listen(2) shall fail. */ 184 ATF_REQUIRE(listen(one, -1) != 0); 185 for (int i = 0; i < 3; i++) { 186 ATF_REQUIRE((many[i] = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 187 ATF_REQUIRE(connect(many[i], (struct sockaddr *)&sun, 188 sizeof(sun)) == 0); 189 } 190 191 /* accept() on UNIX/DGRAM is invalid. */ 192 ATF_REQUIRE(accept(one, NULL, NULL) == -1); 193 ATF_REQUIRE(errno == EINVAL); 194 195 /* 196 * Connecting a bound socket to self: a strange, useless, but 197 * historically existing edge case that is not explicitly described 198 * in SuS, neither is forbidden there. Works on FreeBSD and Linux. 199 */ 200 ATF_REQUIRE(connect(one, (struct sockaddr *)&sun, sizeof(sun)) == 0); 201 ATF_REQUIRE(send(one, buf, 42, 0) == 42); 202 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == 42); 203 204 /* 205 * Interaction between concurrent senders. New feature in FreeBSD 14. 206 * 207 * One sender can not fill the receive side. Other senders can 208 * continue operation. Senders who don't fill their buffers are 209 * prioritized over flooders. Connected senders are prioritized over 210 * unconnected. 211 * 212 * Disconnecting a sender that has queued data optionally preserves 213 * the data. Allow the data to migrate to peers buffer only if the 214 * latter is empty. Otherwise discard it, to prevent against 215 * connect-fill-close attack. 216 */ 217 #define FLOODER 13 /* for connected flooder on many[0] */ 218 #define GOODBOY 42 /* for a good boy on many[1] */ 219 #define NOTCONN 66 /* for sendto(2) via two */ 220 goodboy[0] = GOODBOY; 221 flooder[0] = FLOODER; 222 notconn[0] = NOTCONN; 223 224 /* Connected priority over sendto(2). */ 225 ATF_REQUIRE((two = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 226 ATF_REQUIRE(sendto(two, notconn, BUFSIZE, 0, (struct sockaddr *)&sun, 227 sizeof(sun)) == BUFSIZE); 228 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 229 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 230 ATF_REQUIRE(buf[0] == GOODBOY); /* message from good boy comes first */ 231 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 232 ATF_REQUIRE(buf[0] == NOTCONN); /* only then message from sendto(2) */ 233 234 /* Casual sender priority over a flooder. */ 235 fill(many[0], flooder, sizeof(flooder)); 236 ATF_REQUIRE(send(many[0], flooder, BUFSIZE, 0) == -1); 237 ATF_REQUIRE(errno == ENOBUFS); 238 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 239 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 240 ATF_REQUIRE(buf[0] == GOODBOY); /* message from good boy comes first */ 241 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 242 ATF_REQUIRE(buf[0] == FLOODER); /* only then message from flooder */ 243 244 /* Once seen, a message can't be deprioritized by any other message. */ 245 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_PEEK) == sizeof(buf)); 246 ATF_REQUIRE(buf[0] == FLOODER); /* message from the flooder seen */ 247 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 248 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_PEEK) == sizeof(buf)); 249 ATF_REQUIRE(buf[0] == FLOODER); /* should be the same message */ 250 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 251 ATF_REQUIRE(buf[0] == FLOODER); /* now we read it out... */ 252 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 253 ATF_REQUIRE(buf[0] == GOODBOY); /* ... and next one is the good boy */ 254 255 /* Disconnect in presence of data from not connected. */ 256 ATF_REQUIRE(sendto(two, notconn, BUFSIZE, 0, (struct sockaddr *)&sun, 257 sizeof(sun)) == BUFSIZE); 258 close(many[0]); 259 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 260 ATF_REQUIRE(buf[0] == NOTCONN); /* message from sendto() */ 261 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_DONTWAIT) == -1); 262 ATF_REQUIRE(errno == EAGAIN); /* data from many[0] discarded */ 263 264 /* Disconnect in absence of data from not connected. */ 265 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 266 close(many[1]); 267 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 268 ATF_REQUIRE(buf[0] == GOODBOY); /* message from many[1] preserved */ 269 270 /* Check that nothing leaks on close(2). */ 271 ATF_REQUIRE(send(many[2], buf, 42, 0) == 42); 272 ATF_REQUIRE(send(many[2], buf, 42, 0) == 42); 273 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_PEEK) == 42); 274 ATF_REQUIRE(sendto(two, notconn, 42, 0, (struct sockaddr *)&sun, 275 sizeof(sun)) == 42); 276 close(one); 277 } 278 279 /* 280 * Check that various mechanism report socket as readable and having 281 * 42 bytes of data. 282 */ 283 static void 284 test42(int fd) 285 { 286 287 /* ioctl(FIONREAD) */ 288 int data; 289 290 ATF_REQUIRE(ioctl(fd, FIONREAD, &data) != -1); 291 ATF_REQUIRE(data == 42); 292 293 /* select(2) */ 294 fd_set rfds; 295 296 FD_ZERO(&rfds); 297 FD_SET(fd, &rfds); 298 ATF_REQUIRE(select(fd + 1, &rfds, NULL, NULL, NULL) == 1); 299 ATF_REQUIRE(FD_ISSET(fd, &rfds)); 300 301 /* kevent(2) */ 302 struct kevent ev; 303 int kq; 304 305 ATF_REQUIRE((kq = kqueue()) != -1); 306 EV_SET(&ev, fd, EVFILT_READ, EV_ADD, NOTE_LOWAT, 41, NULL); 307 ATF_REQUIRE(kevent(kq, &ev, 1, NULL, 0, NULL) == 0); 308 ATF_REQUIRE(kevent(kq, NULL, 0, &ev, 1, NULL) == 1); 309 ATF_REQUIRE(ev.filter == EVFILT_READ); 310 ATF_REQUIRE(ev.data == 42); 311 312 /* aio(4) */ 313 char buf[50]; 314 struct aiocb aio = { 315 .aio_nbytes = 50, 316 .aio_fildes = fd, 317 .aio_buf = buf, 318 }, *aiop; 319 320 ATF_REQUIRE(aio_read(&aio) == 0); 321 ATF_REQUIRE(aio_waitcomplete(&aiop, NULL) == 42); 322 ATF_REQUIRE(aiop == &aio); 323 } 324 325 /* 326 * Send data and control in connected & unconnected mode and check that 327 * various event mechanisms see the data, but don't count control bytes. 328 */ 329 ATF_TC_WITHOUT_HEAD(event); 330 ATF_TC_BODY(event, tc) 331 { 332 int fd[2]; 333 char buf[50]; 334 struct iovec iov = { 335 .iov_base = buf, 336 .iov_len = 42, 337 }; 338 struct cmsghdr cmsg = { 339 .cmsg_len = CMSG_LEN(0), 340 .cmsg_level = SOL_SOCKET, 341 .cmsg_type = SCM_TIMESTAMP, 342 }; 343 struct msghdr msghdr = { 344 .msg_iov = &iov, 345 .msg_iovlen = 1, 346 .msg_control = &cmsg, 347 .msg_controllen = CMSG_LEN(0), 348 }; 349 350 /* Connected socket */ 351 ATF_REQUIRE(socketpair(PF_UNIX, SOCK_DGRAM, 0, fd) != -1); 352 ATF_REQUIRE(sendmsg(fd[0], &msghdr, 0) == 42); 353 test42(fd[1]); 354 close(fd[0]); 355 close(fd[1]); 356 357 /* Not-connected send */ 358 ATF_REQUIRE((fd[0] = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 359 ATF_REQUIRE((fd[1] = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 360 ATF_REQUIRE(bind(fd[0], (struct sockaddr *)&sun, sizeof(sun)) == 0); 361 ATF_REQUIRE(sendto(fd[1], buf, 42, 0, (struct sockaddr *)&sun, 362 sizeof(sun)) == 42); 363 test42(fd[0]); 364 } 365 366 ATF_TP_ADD_TCS(tp) 367 { 368 369 ATF_TP_ADD_TC(tp, basic); 370 ATF_TP_ADD_TC(tp, one2many); 371 ATF_TP_ADD_TC(tp, event); 372 373 return (atf_no_error()); 374 } 375