12def297eSChristian Kellner // SPDX-License-Identifier: GPL-2.0
22def297eSChristian Kellner
32def297eSChristian Kellner #define _GNU_SOURCE
42def297eSChristian Kellner #include <assert.h>
52def297eSChristian Kellner #include <errno.h>
62def297eSChristian Kellner #include <fcntl.h>
72def297eSChristian Kellner #include <linux/types.h>
82def297eSChristian Kellner #include <sched.h>
92def297eSChristian Kellner #include <signal.h>
102def297eSChristian Kellner #include <stdio.h>
112def297eSChristian Kellner #include <stdlib.h>
122def297eSChristian Kellner #include <string.h>
132def297eSChristian Kellner #include <syscall.h>
142def297eSChristian Kellner #include <sys/wait.h>
154cbd93c3SAxel Rasmussen #include <sys/mman.h>
162def297eSChristian Kellner
172def297eSChristian Kellner #include "pidfd.h"
182def297eSChristian Kellner #include "../kselftest.h"
192def297eSChristian Kellner
202def297eSChristian Kellner struct error {
212def297eSChristian Kellner int code;
222def297eSChristian Kellner char msg[512];
232def297eSChristian Kellner };
242def297eSChristian Kellner
error_set(struct error * err,int code,const char * fmt,...)252def297eSChristian Kellner static int error_set(struct error *err, int code, const char *fmt, ...)
262def297eSChristian Kellner {
272def297eSChristian Kellner va_list args;
282def297eSChristian Kellner int r;
292def297eSChristian Kellner
302def297eSChristian Kellner if (code == PIDFD_PASS || !err || err->code != PIDFD_PASS)
312def297eSChristian Kellner return code;
322def297eSChristian Kellner
332def297eSChristian Kellner err->code = code;
342def297eSChristian Kellner va_start(args, fmt);
352def297eSChristian Kellner r = vsnprintf(err->msg, sizeof(err->msg), fmt, args);
362def297eSChristian Kellner assert((size_t)r < sizeof(err->msg));
372def297eSChristian Kellner va_end(args);
382def297eSChristian Kellner
392def297eSChristian Kellner return code;
402def297eSChristian Kellner }
412def297eSChristian Kellner
error_report(struct error * err,const char * test_name)422def297eSChristian Kellner static void error_report(struct error *err, const char *test_name)
432def297eSChristian Kellner {
442def297eSChristian Kellner switch (err->code) {
452def297eSChristian Kellner case PIDFD_ERROR:
462def297eSChristian Kellner ksft_exit_fail_msg("%s test: Fatal: %s\n", test_name, err->msg);
472def297eSChristian Kellner break;
482def297eSChristian Kellner
492def297eSChristian Kellner case PIDFD_FAIL:
502def297eSChristian Kellner /* will be: not ok %d # error %s test: %s */
512def297eSChristian Kellner ksft_test_result_error("%s test: %s\n", test_name, err->msg);
522def297eSChristian Kellner break;
532def297eSChristian Kellner
542def297eSChristian Kellner case PIDFD_SKIP:
552def297eSChristian Kellner /* will be: not ok %d # SKIP %s test: %s */
562def297eSChristian Kellner ksft_test_result_skip("%s test: %s\n", test_name, err->msg);
572def297eSChristian Kellner break;
582def297eSChristian Kellner
592def297eSChristian Kellner case PIDFD_XFAIL:
602def297eSChristian Kellner ksft_test_result_pass("%s test: Expected failure: %s\n",
612def297eSChristian Kellner test_name, err->msg);
622def297eSChristian Kellner break;
632def297eSChristian Kellner
642def297eSChristian Kellner case PIDFD_PASS:
65*dd5f5d1eSMaciej Wieczor-Retman ksft_test_result_pass("%s test: Passed\n", test_name);
662def297eSChristian Kellner break;
672def297eSChristian Kellner
682def297eSChristian Kellner default:
692def297eSChristian Kellner ksft_exit_fail_msg("%s test: Unknown code: %d %s\n",
702def297eSChristian Kellner test_name, err->code, err->msg);
712def297eSChristian Kellner break;
722def297eSChristian Kellner }
732def297eSChristian Kellner }
742def297eSChristian Kellner
error_check(struct error * err,const char * test_name)752def297eSChristian Kellner static inline int error_check(struct error *err, const char *test_name)
762def297eSChristian Kellner {
772def297eSChristian Kellner /* In case of error we bail out and terminate the test program */
782def297eSChristian Kellner if (err->code == PIDFD_ERROR)
792def297eSChristian Kellner error_report(err, test_name);
802def297eSChristian Kellner
812def297eSChristian Kellner return err->code;
822def297eSChristian Kellner }
832def297eSChristian Kellner
844cbd93c3SAxel Rasmussen #define CHILD_STACK_SIZE 8192
854cbd93c3SAxel Rasmussen
862def297eSChristian Kellner struct child {
874cbd93c3SAxel Rasmussen char *stack;
882def297eSChristian Kellner pid_t pid;
892def297eSChristian Kellner int fd;
902def297eSChristian Kellner };
912def297eSChristian Kellner
clone_newns(int (* fn)(void *),void * args,struct error * err)922def297eSChristian Kellner static struct child clone_newns(int (*fn)(void *), void *args,
932def297eSChristian Kellner struct error *err)
942def297eSChristian Kellner {
952def297eSChristian Kellner static int flags = CLONE_PIDFD | CLONE_NEWPID | CLONE_NEWNS | SIGCHLD;
962def297eSChristian Kellner struct child ret;
972def297eSChristian Kellner
982def297eSChristian Kellner if (!(flags & CLONE_NEWUSER) && geteuid() != 0)
992def297eSChristian Kellner flags |= CLONE_NEWUSER;
1002def297eSChristian Kellner
1014cbd93c3SAxel Rasmussen ret.stack = mmap(NULL, CHILD_STACK_SIZE, PROT_READ | PROT_WRITE,
1024cbd93c3SAxel Rasmussen MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0);
1034cbd93c3SAxel Rasmussen if (ret.stack == MAP_FAILED) {
1044cbd93c3SAxel Rasmussen error_set(err, -1, "mmap of stack failed (errno %d)", errno);
1054cbd93c3SAxel Rasmussen return ret;
1064cbd93c3SAxel Rasmussen }
1074cbd93c3SAxel Rasmussen
1082def297eSChristian Kellner #ifdef __ia64__
1094cbd93c3SAxel Rasmussen ret.pid = __clone2(fn, ret.stack, CHILD_STACK_SIZE, flags, args, &ret.fd);
1102def297eSChristian Kellner #else
1114cbd93c3SAxel Rasmussen ret.pid = clone(fn, ret.stack + CHILD_STACK_SIZE, flags, args, &ret.fd);
1122def297eSChristian Kellner #endif
1132def297eSChristian Kellner
1142def297eSChristian Kellner if (ret.pid < 0) {
1152def297eSChristian Kellner error_set(err, PIDFD_ERROR, "clone failed (ret %d, errno %d)",
1162def297eSChristian Kellner ret.fd, errno);
1172def297eSChristian Kellner return ret;
1182def297eSChristian Kellner }
1192def297eSChristian Kellner
1202def297eSChristian Kellner ksft_print_msg("New child: %d, fd: %d\n", ret.pid, ret.fd);
1212def297eSChristian Kellner
1222def297eSChristian Kellner return ret;
1232def297eSChristian Kellner }
1242def297eSChristian Kellner
child_close(struct child * child)12567fc7000SChristian Brauner static inline void child_close(struct child *child)
12667fc7000SChristian Brauner {
12767fc7000SChristian Brauner close(child->fd);
12867fc7000SChristian Brauner }
12967fc7000SChristian Brauner
child_join(struct child * child,struct error * err)1302def297eSChristian Kellner static inline int child_join(struct child *child, struct error *err)
1312def297eSChristian Kellner {
1322def297eSChristian Kellner int r;
1332def297eSChristian Kellner
1342def297eSChristian Kellner r = wait_for_pid(child->pid);
1352def297eSChristian Kellner if (r < 0)
1362def297eSChristian Kellner error_set(err, PIDFD_ERROR, "waitpid failed (ret %d, errno %d)",
1372def297eSChristian Kellner r, errno);
1382def297eSChristian Kellner else if (r > 0)
1392def297eSChristian Kellner error_set(err, r, "child %d reported: %d", child->pid, r);
1402def297eSChristian Kellner
1414cbd93c3SAxel Rasmussen if (munmap(child->stack, CHILD_STACK_SIZE)) {
1424cbd93c3SAxel Rasmussen error_set(err, -1, "munmap of child stack failed (errno %d)", errno);
1434cbd93c3SAxel Rasmussen r = -1;
1444cbd93c3SAxel Rasmussen }
1454cbd93c3SAxel Rasmussen
146bcda4c86SZiqi Zhao ksft_print_msg("waitpid WEXITSTATUS=%d\n", r);
1472def297eSChristian Kellner return r;
1482def297eSChristian Kellner }
1492def297eSChristian Kellner
child_join_close(struct child * child,struct error * err)15067fc7000SChristian Brauner static inline int child_join_close(struct child *child, struct error *err)
15167fc7000SChristian Brauner {
15267fc7000SChristian Brauner child_close(child);
15367fc7000SChristian Brauner return child_join(child, err);
15467fc7000SChristian Brauner }
15567fc7000SChristian Brauner
trim_newline(char * str)1562def297eSChristian Kellner static inline void trim_newline(char *str)
1572def297eSChristian Kellner {
1582def297eSChristian Kellner char *pos = strrchr(str, '\n');
1592def297eSChristian Kellner
1602def297eSChristian Kellner if (pos)
1612def297eSChristian Kellner *pos = '\0';
1622def297eSChristian Kellner }
1632def297eSChristian Kellner
verify_fdinfo(int pidfd,struct error * err,const char * prefix,size_t prefix_len,const char * expect,...)16467fc7000SChristian Brauner static int verify_fdinfo(int pidfd, struct error *err, const char *prefix,
16567fc7000SChristian Brauner size_t prefix_len, const char *expect, ...)
1662def297eSChristian Kellner {
1672def297eSChristian Kellner char buffer[512] = {0, };
1682def297eSChristian Kellner char path[512] = {0, };
1692def297eSChristian Kellner va_list args;
1702def297eSChristian Kellner FILE *f;
1712def297eSChristian Kellner char *line = NULL;
1722def297eSChristian Kellner size_t n = 0;
1732def297eSChristian Kellner int found = 0;
1742def297eSChristian Kellner int r;
1752def297eSChristian Kellner
1762def297eSChristian Kellner va_start(args, expect);
1772def297eSChristian Kellner r = vsnprintf(buffer, sizeof(buffer), expect, args);
1782def297eSChristian Kellner assert((size_t)r < sizeof(buffer));
1792def297eSChristian Kellner va_end(args);
1802def297eSChristian Kellner
1812def297eSChristian Kellner snprintf(path, sizeof(path), "/proc/self/fdinfo/%d", pidfd);
1822def297eSChristian Kellner f = fopen(path, "re");
1832def297eSChristian Kellner if (!f)
1842def297eSChristian Kellner return error_set(err, PIDFD_ERROR, "fdinfo open failed for %d",
1852def297eSChristian Kellner pidfd);
1862def297eSChristian Kellner
1872def297eSChristian Kellner while (getline(&line, &n, f) != -1) {
18867fc7000SChristian Brauner char *val;
18967fc7000SChristian Brauner
19067fc7000SChristian Brauner if (strncmp(line, prefix, prefix_len))
1912def297eSChristian Kellner continue;
1922def297eSChristian Kellner
1932def297eSChristian Kellner found = 1;
1942def297eSChristian Kellner
19567fc7000SChristian Brauner val = line + prefix_len;
19667fc7000SChristian Brauner r = strcmp(val, buffer);
1972def297eSChristian Kellner if (r != 0) {
1982def297eSChristian Kellner trim_newline(line);
1992def297eSChristian Kellner trim_newline(buffer);
20067fc7000SChristian Brauner error_set(err, PIDFD_FAIL, "%s '%s' != '%s'",
20167fc7000SChristian Brauner prefix, val, buffer);
2022def297eSChristian Kellner }
2032def297eSChristian Kellner break;
2042def297eSChristian Kellner }
2052def297eSChristian Kellner
2062def297eSChristian Kellner free(line);
2072def297eSChristian Kellner fclose(f);
2082def297eSChristian Kellner
2092def297eSChristian Kellner if (found == 0)
21067fc7000SChristian Brauner return error_set(err, PIDFD_FAIL, "%s not found for fd %d",
21167fc7000SChristian Brauner prefix, pidfd);
2122def297eSChristian Kellner
2132def297eSChristian Kellner return PIDFD_PASS;
2142def297eSChristian Kellner }
2152def297eSChristian Kellner
child_fdinfo_nspid_test(void * args)2162def297eSChristian Kellner static int child_fdinfo_nspid_test(void *args)
2172def297eSChristian Kellner {
2182def297eSChristian Kellner struct error err;
2192def297eSChristian Kellner int pidfd;
2202def297eSChristian Kellner int r;
2212def297eSChristian Kellner
2222def297eSChristian Kellner /* if we got no fd for the sibling, we are done */
2232def297eSChristian Kellner if (!args)
2242def297eSChristian Kellner return PIDFD_PASS;
2252def297eSChristian Kellner
2262def297eSChristian Kellner /* verify that we can not resolve the pidfd for a process
2272def297eSChristian Kellner * in a sibling pid namespace, i.e. a pid namespace it is
2282def297eSChristian Kellner * not in our or a descended namespace
2292def297eSChristian Kellner */
2302def297eSChristian Kellner r = mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, 0);
2312def297eSChristian Kellner if (r < 0) {
2322def297eSChristian Kellner ksft_print_msg("Failed to remount / private\n");
2332def297eSChristian Kellner return PIDFD_ERROR;
2342def297eSChristian Kellner }
2352def297eSChristian Kellner
2362def297eSChristian Kellner (void)umount2("/proc", MNT_DETACH);
2372def297eSChristian Kellner r = mount("proc", "/proc", "proc", 0, NULL);
2382def297eSChristian Kellner if (r < 0) {
2392def297eSChristian Kellner ksft_print_msg("Failed to remount /proc\n");
2402def297eSChristian Kellner return PIDFD_ERROR;
2412def297eSChristian Kellner }
2422def297eSChristian Kellner
2432def297eSChristian Kellner pidfd = *(int *)args;
24467fc7000SChristian Brauner r = verify_fdinfo(pidfd, &err, "NSpid:", 6, "\t0\n");
2452def297eSChristian Kellner
2462def297eSChristian Kellner if (r != PIDFD_PASS)
2472def297eSChristian Kellner ksft_print_msg("NSpid fdinfo check failed: %s\n", err.msg);
2482def297eSChristian Kellner
2492def297eSChristian Kellner return r;
2502def297eSChristian Kellner }
2512def297eSChristian Kellner
test_pidfd_fdinfo_nspid(void)2522def297eSChristian Kellner static void test_pidfd_fdinfo_nspid(void)
2532def297eSChristian Kellner {
2542def297eSChristian Kellner struct child a, b;
2552def297eSChristian Kellner struct error err = {0, };
2562def297eSChristian Kellner const char *test_name = "pidfd check for NSpid in fdinfo";
2572def297eSChristian Kellner
2582def297eSChristian Kellner /* Create a new child in a new pid and mount namespace */
2592def297eSChristian Kellner a = clone_newns(child_fdinfo_nspid_test, NULL, &err);
2602def297eSChristian Kellner error_check(&err, test_name);
2612def297eSChristian Kellner
2622def297eSChristian Kellner /* Pass the pidfd representing the first child to the
2632def297eSChristian Kellner * second child, which will be in a sibling pid namespace,
2642def297eSChristian Kellner * which means that the fdinfo NSpid entry for the pidfd
2652def297eSChristian Kellner * should only contain '0'.
2662def297eSChristian Kellner */
2672def297eSChristian Kellner b = clone_newns(child_fdinfo_nspid_test, &a.fd, &err);
2682def297eSChristian Kellner error_check(&err, test_name);
2692def297eSChristian Kellner
2702def297eSChristian Kellner /* The children will have pid 1 in the new pid namespace,
2712def297eSChristian Kellner * so the line must be 'NSPid:\t<pid>\t1'.
2722def297eSChristian Kellner */
27367fc7000SChristian Brauner verify_fdinfo(a.fd, &err, "NSpid:", 6, "\t%d\t%d\n", a.pid, 1);
27467fc7000SChristian Brauner verify_fdinfo(b.fd, &err, "NSpid:", 6, "\t%d\t%d\n", b.pid, 1);
2752def297eSChristian Kellner
2762def297eSChristian Kellner /* wait for the process, check the exit status and set
2772def297eSChristian Kellner * 'err' accordingly, if it is not already set.
2782def297eSChristian Kellner */
27967fc7000SChristian Brauner child_join_close(&a, &err);
28067fc7000SChristian Brauner child_join_close(&b, &err);
2812def297eSChristian Kellner
2822def297eSChristian Kellner error_report(&err, test_name);
2832def297eSChristian Kellner }
2842def297eSChristian Kellner
test_pidfd_dead_fdinfo(void)28567fc7000SChristian Brauner static void test_pidfd_dead_fdinfo(void)
28667fc7000SChristian Brauner {
28767fc7000SChristian Brauner struct child a;
28867fc7000SChristian Brauner struct error err = {0, };
28967fc7000SChristian Brauner const char *test_name = "pidfd check fdinfo for dead process";
29067fc7000SChristian Brauner
29167fc7000SChristian Brauner /* Create a new child in a new pid and mount namespace */
29267fc7000SChristian Brauner a = clone_newns(child_fdinfo_nspid_test, NULL, &err);
29367fc7000SChristian Brauner error_check(&err, test_name);
29467fc7000SChristian Brauner child_join(&a, &err);
29567fc7000SChristian Brauner
29667fc7000SChristian Brauner verify_fdinfo(a.fd, &err, "Pid:", 4, "\t-1\n");
29767fc7000SChristian Brauner verify_fdinfo(a.fd, &err, "NSpid:", 6, "\t-1\n");
29867fc7000SChristian Brauner child_close(&a);
29967fc7000SChristian Brauner error_report(&err, test_name);
30067fc7000SChristian Brauner }
30167fc7000SChristian Brauner
main(int argc,char ** argv)3022def297eSChristian Kellner int main(int argc, char **argv)
3032def297eSChristian Kellner {
3042def297eSChristian Kellner ksft_print_header();
30567fc7000SChristian Brauner ksft_set_plan(2);
3062def297eSChristian Kellner
3072def297eSChristian Kellner test_pidfd_fdinfo_nspid();
30867fc7000SChristian Brauner test_pidfd_dead_fdinfo();
3092def297eSChristian Kellner
3102def297eSChristian Kellner return ksft_exit_pass();
3112def297eSChristian Kellner }
312