git: 23402c83f4fc - main - tests/unix_passfd: sending many and too many SCM_RIGHTS
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 25 May 2022 20:30:06 UTC
The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=23402c83f4fc2db45f0435ed106791828a6522df commit 23402c83f4fc2db45f0435ed106791828a6522df Author: Gleb Smirnoff <glebius@FreeBSD.org> AuthorDate: 2022-05-25 20:28:40 +0000 Commit: Gleb Smirnoff <glebius@FreeBSD.org> CommitDate: 2022-05-25 20:28:40 +0000 tests/unix_passfd: sending many and too many SCM_RIGHTS o Exercise bounds checking when sending large set of file descriptors, that can't fit into single control mbuf. o Exercise resource limits checks when receiving a large sets. o Check that socket isn't left in a completely stuck state when we can't receive SCM_RIGHTS due to limits. Current SOCK_STREAM socket would free the control, but leave the data in. This seems to be a legit behavior for a stream socket, as we don't want holes in the data. PR: 239250 Reviewed by: markj Differential revision: https://reviews.freebsd.org/D35315 --- tests/sys/kern/unix_passfd_test.c | 69 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 68 insertions(+), 1 deletion(-) diff --git a/tests/sys/kern/unix_passfd_test.c b/tests/sys/kern/unix_passfd_test.c index 13b569479af8..da7052a7fcf4 100644 --- a/tests/sys/kern/unix_passfd_test.c +++ b/tests/sys/kern/unix_passfd_test.c @@ -28,10 +28,12 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); -#include <sys/types.h> +#include <sys/param.h> #include <sys/socket.h> #include <sys/stat.h> #include <sys/sysctl.h> +#include <sys/time.h> +#include <sys/resource.h> #include <sys/un.h> #include <errno.h> @@ -369,6 +371,70 @@ ATF_TC_BODY(send_and_shutdown, tc) closesocketpair(fd); } +/* + * Send maximum possible SCM_RIGHTS message. + * Internally the file descriptors are converted from integers to pointers + * and stored in a single mbuf cluster. Check that we can not send too much + * and that we can successfully send maximum possible amount. Check that we + * can not exploit getrlimit(3). + */ +#define MAXFDS ((MCLBYTES - _ALIGN(sizeof(struct cmsghdr)))/sizeof(void *)) +ATF_TC_WITHOUT_HEAD(send_a_lot); +ATF_TC_BODY(send_a_lot, tc) +{ + struct msghdr msghdr; + struct iovec iov; + struct rlimit rlim; + int fd[2], nfds; + char *cmsg, ch; + + domainsocketpair(fd); + cmsg = malloc(CMSG_SPACE((MAXFDS + 1) * sizeof(int))); + ATF_REQUIRE(cmsg != NULL); + iov.iov_base = &ch; + iov.iov_len = sizeof(ch); + msghdr = (struct msghdr ){ + .msg_control = cmsg, + .msg_controllen = CMSG_LEN((MAXFDS + 1) * sizeof(int)), + .msg_iov = &iov, + .msg_iovlen = 1, + }; + + /* Sending too much fails. */ + putfds(cmsg, fd[0], MAXFDS + 1); + ATF_REQUIRE(sendmsg(fd[0], &msghdr, 0) == -1); + ATF_REQUIRE(errno == EMSGSIZE); + + /* Sending just the right amount works and everything is received. */ + putfds(cmsg, fd[0], MAXFDS); + msghdr.msg_controllen = CMSG_LEN(MAXFDS * sizeof(int)); + ATF_REQUIRE(sendmsg(fd[0], &msghdr, 0) == 1); + nfds = getnfds(); + ATF_REQUIRE(recvmsg(fd[1], &msghdr, 0) == 1); + ATF_REQUIRE(getnfds() == nfds + MAXFDS); + + /* Limit our process open files... */ + ATF_REQUIRE(getrlimit(RLIMIT_NOFILE, &rlim) == 0); + nfds = rlim.rlim_cur = getnfds(); + ATF_REQUIRE(setrlimit(RLIMIT_NOFILE, &rlim) == 0); + + /* ... and try to receive a single descriptor. */ + putfds(cmsg, fd[0], 1); + msghdr.msg_controllen = CMSG_LEN(sizeof(int)); + ATF_REQUIRE(sendmsg(fd[0], &msghdr, 0) == 1); + ATF_REQUIRE(recvmsg(fd[1], &msghdr, 0) == -1); + /* Such attempt shall fail with EMSGSIZE. */ + ATF_REQUIRE(errno == EMSGSIZE); + ATF_REQUIRE(getnfds() == nfds); + /* + * For the SOCK_STREAM the above attempt shall free the control in + * the kernel, so that socket isn't left in a stuck state. Next read + * shall bring us the normal data only. + */ + ATF_REQUIRE(recvmsg(fd[1], &msghdr, 0) == 1); + ATF_REQUIRE(msghdr.msg_controllen == 0); +} + /* * Send two files. Then receive them. Make sure they are returned in the * right order, and both get there. @@ -756,6 +822,7 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, send_and_close); ATF_TP_ADD_TC(tp, send_and_cancel); ATF_TP_ADD_TC(tp, send_and_shutdown); + ATF_TP_ADD_TC(tp, send_a_lot); ATF_TP_ADD_TC(tp, two_files); ATF_TP_ADD_TC(tp, bundle); ATF_TP_ADD_TC(tp, bundle_cancel);