1272343Sngie/* $NetBSD: t_msgctl.c,v 1.4 2014/02/27 00:59:50 joerg Exp $ */ 2272343Sngie 3272343Sngie/*- 4272343Sngie * Copyright (c) 2011 The NetBSD Foundation, Inc. 5272343Sngie * All rights reserved. 6272343Sngie * 7272343Sngie * This code is derived from software contributed to The NetBSD Foundation 8272343Sngie * by Jukka Ruohonen. 9272343Sngie * 10272343Sngie * Redistribution and use in source and binary forms, with or without 11272343Sngie * modification, are permitted provided that the following conditions 12272343Sngie * are met: 13272343Sngie * 1. Redistributions of source code must retain the above copyright 14272343Sngie * notice, this list of conditions and the following disclaimer. 15272343Sngie * 2. Redistributions in binary form must reproduce the above copyright 16272343Sngie * notice, this list of conditions and the following disclaimer in the 17272343Sngie * documentation and/or other materials provided with the distribution. 18272343Sngie * 19272343Sngie * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20272343Sngie * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21272343Sngie * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22272343Sngie * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23272343Sngie * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24272343Sngie * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25272343Sngie * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26272343Sngie * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27272343Sngie * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28272343Sngie * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29272343Sngie * POSSIBILITY OF SUCH DAMAGE. 30272343Sngie */ 31272343Sngie#include <sys/cdefs.h> 32272343Sngie__RCSID("$NetBSD: t_msgctl.c,v 1.4 2014/02/27 00:59:50 joerg Exp $"); 33272343Sngie 34272343Sngie#include <sys/msg.h> 35272343Sngie#include <sys/stat.h> 36272343Sngie#include <sys/sysctl.h> 37272343Sngie#include <sys/wait.h> 38272343Sngie 39272343Sngie#include <atf-c.h> 40272343Sngie#include <errno.h> 41272343Sngie#include <pwd.h> 42272343Sngie#include <stdio.h> 43272343Sngie#include <stdlib.h> 44272343Sngie#include <string.h> 45272343Sngie#include <sysexits.h> 46272343Sngie#include <time.h> 47272343Sngie#include <unistd.h> 48272343Sngie 49273530Sngie#ifdef __FreeBSD__ 50273530Sngie#include <limits.h> 51273530Sngie#endif 52273530Sngie 53272343Sngie#define MSG_KEY 12345689 54272343Sngie#define MSG_MTYPE_1 0x41 55272343Sngie 56272343Sngiestruct msg { 57272343Sngie long mtype; 58272343Sngie char buf[3]; 59272343Sngie}; 60272343Sngie 61272343Sngiestatic void clean(void); 62272343Sngie 63272343Sngiestatic void 64272343Sngieclean(void) 65272343Sngie{ 66272343Sngie int id; 67272343Sngie 68272343Sngie if ((id = msgget(MSG_KEY, 0)) != -1) 69272343Sngie (void)msgctl(id, IPC_RMID, 0); 70272343Sngie} 71272343Sngie 72272343SngieATF_TC_WITH_CLEANUP(msgctl_err); 73272343SngieATF_TC_HEAD(msgctl_err, tc) 74272343Sngie{ 75272343Sngie atf_tc_set_md_var(tc, "descr", "Test errors from msgctl(2)"); 76272343Sngie} 77272343Sngie 78272343SngieATF_TC_BODY(msgctl_err, tc) 79272343Sngie{ 80272343Sngie const int cmd[] = { IPC_STAT, IPC_SET, IPC_RMID }; 81272343Sngie struct msqid_ds msgds; 82272343Sngie size_t i; 83272343Sngie int id; 84272343Sngie 85272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 86272343Sngie 87272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 88272343Sngie ATF_REQUIRE(id != -1); 89272343Sngie 90272343Sngie errno = 0; 91272343Sngie ATF_REQUIRE_ERRNO(EINVAL, msgctl(id, INT_MAX, &msgds) == -1); 92272343Sngie 93272343Sngie errno = 0; 94272343Sngie ATF_REQUIRE_ERRNO(EFAULT, msgctl(id, IPC_STAT, (void *)-1) == -1); 95272343Sngie 96272343Sngie for (i = 0; i < __arraycount(cmd); i++) { 97272343Sngie errno = 0; 98272343Sngie ATF_REQUIRE_ERRNO(EINVAL, msgctl(-1, cmd[i], &msgds) == -1); 99272343Sngie } 100272343Sngie 101272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 102272343Sngie} 103272343Sngie 104272343SngieATF_TC_CLEANUP(msgctl_err, tc) 105272343Sngie{ 106272343Sngie clean(); 107272343Sngie} 108272343Sngie 109272343SngieATF_TC_WITH_CLEANUP(msgctl_perm); 110272343SngieATF_TC_HEAD(msgctl_perm, tc) 111272343Sngie{ 112272343Sngie atf_tc_set_md_var(tc, "descr", "Test permissions with msgctl(2)"); 113272343Sngie atf_tc_set_md_var(tc, "require.user", "root"); 114272343Sngie} 115272343Sngie 116272343SngieATF_TC_BODY(msgctl_perm, tc) 117272343Sngie{ 118272343Sngie struct msqid_ds msgds; 119272343Sngie struct passwd *pw; 120272343Sngie pid_t pid; 121272343Sngie int sta; 122272343Sngie int id; 123272343Sngie 124272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 125272343Sngie 126272343Sngie pw = getpwnam("nobody"); 127272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 128272343Sngie 129272343Sngie ATF_REQUIRE(id != -1); 130272343Sngie ATF_REQUIRE(pw != NULL); 131272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 132272343Sngie 133272343Sngie pid = fork(); 134272343Sngie ATF_REQUIRE(pid >= 0); 135272343Sngie 136272343Sngie if (pid == 0) { 137272343Sngie 138272343Sngie if (setuid(pw->pw_uid) != 0) 139272343Sngie _exit(EX_OSERR); 140272343Sngie 141272343Sngie msgds.msg_perm.uid = getuid(); 142272343Sngie msgds.msg_perm.gid = getgid(); 143272343Sngie 144272343Sngie errno = 0; 145272343Sngie 146272343Sngie if (msgctl(id, IPC_SET, &msgds) == 0) 147272343Sngie _exit(EXIT_FAILURE); 148272343Sngie 149272343Sngie if (errno != EPERM) 150272343Sngie _exit(EXIT_FAILURE); 151272343Sngie 152272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 153272343Sngie 154272343Sngie if (msgctl(id, IPC_STAT, &msgds) != 0) 155272343Sngie _exit(EX_OSERR); 156272343Sngie 157272343Sngie msgds.msg_qbytes = 1; 158272343Sngie 159272343Sngie if (msgctl(id, IPC_SET, &msgds) == 0) 160272343Sngie _exit(EXIT_FAILURE); 161272343Sngie 162272343Sngie if (errno != EPERM) 163272343Sngie _exit(EXIT_FAILURE); 164272343Sngie 165272343Sngie _exit(EXIT_SUCCESS); 166272343Sngie } 167272343Sngie 168272343Sngie (void)wait(&sta); 169272343Sngie 170272343Sngie if (WIFEXITED(sta) == 0) { 171272343Sngie 172272343Sngie if (WEXITSTATUS(sta) == EX_OSERR) 173272343Sngie atf_tc_fail("system call failed"); 174272343Sngie 175272343Sngie if (WEXITSTATUS(sta) == EXIT_FAILURE) 176272343Sngie atf_tc_fail("UID %u manipulated root's " 177272343Sngie "message queue", pw->pw_uid); 178272343Sngie } 179272343Sngie 180272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 181272343Sngie} 182272343Sngie 183272343SngieATF_TC_CLEANUP(msgctl_perm, tc) 184272343Sngie{ 185272343Sngie clean(); 186272343Sngie} 187272343Sngie 188272343SngieATF_TC_WITH_CLEANUP(msgctl_pid); 189272343SngieATF_TC_HEAD(msgctl_pid, tc) 190272343Sngie{ 191272343Sngie atf_tc_set_md_var(tc, "descr", "Test that PIDs are updated"); 192272343Sngie} 193272343Sngie 194272343SngieATF_TC_BODY(msgctl_pid, tc) 195272343Sngie{ 196272343Sngie struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } }; 197272343Sngie struct msqid_ds msgds; 198272343Sngie int id, sta; 199272343Sngie pid_t pid; 200272343Sngie 201272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 202272343Sngie ATF_REQUIRE(id != -1); 203272343Sngie 204272343Sngie pid = fork(); 205272343Sngie ATF_REQUIRE(pid >= 0); 206272343Sngie 207272343Sngie if (pid == 0) { 208272343Sngie 209272343Sngie (void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); 210272343Sngie 211272343Sngie _exit(EXIT_SUCCESS); 212272343Sngie } 213272343Sngie 214272343Sngie (void)sleep(1); 215272343Sngie (void)wait(&sta); 216272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 217272343Sngie 218272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 219272343Sngie 220272343Sngie if (pid != msgds.msg_lspid) 221272343Sngie atf_tc_fail("the PID of last msgsnd(2) was not updated"); 222272343Sngie 223272343Sngie pid = fork(); 224272343Sngie ATF_REQUIRE(pid >= 0); 225272343Sngie 226272343Sngie if (pid == 0) { 227272343Sngie 228272343Sngie (void)msgrcv(id, &msg, 229272343Sngie sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT); 230272343Sngie 231272343Sngie _exit(EXIT_SUCCESS); 232272343Sngie } 233272343Sngie 234272343Sngie (void)sleep(1); 235272343Sngie (void)wait(&sta); 236272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 237272343Sngie 238272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 239272343Sngie 240272343Sngie if (pid != msgds.msg_lrpid) 241272343Sngie atf_tc_fail("the PID of last msgrcv(2) was not updated"); 242272343Sngie 243272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 244272343Sngie} 245272343Sngie 246272343SngieATF_TC_CLEANUP(msgctl_pid, tc) 247272343Sngie{ 248272343Sngie clean(); 249272343Sngie} 250272343Sngie 251272343SngieATF_TC_WITH_CLEANUP(msgctl_set); 252272343SngieATF_TC_HEAD(msgctl_set, tc) 253272343Sngie{ 254272343Sngie atf_tc_set_md_var(tc, "descr", "Test msgctl(2) with IPC_SET"); 255272343Sngie atf_tc_set_md_var(tc, "require.user", "root"); 256272343Sngie} 257272343Sngie 258272343SngieATF_TC_BODY(msgctl_set, tc) 259272343Sngie{ 260272343Sngie struct msqid_ds msgds; 261272343Sngie struct passwd *pw; 262272343Sngie int id; 263272343Sngie 264272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 265272343Sngie 266272343Sngie pw = getpwnam("nobody"); 267272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 268272343Sngie 269272343Sngie ATF_REQUIRE(id != -1); 270272343Sngie ATF_REQUIRE(pw != NULL); 271272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 272272343Sngie 273272343Sngie msgds.msg_perm.uid = pw->pw_uid; 274272343Sngie 275272343Sngie if (msgctl(id, IPC_SET, &msgds) != 0) 276272343Sngie atf_tc_fail("root failed to change the UID of message queue"); 277272343Sngie 278272343Sngie msgds.msg_perm.uid = getuid(); 279272343Sngie msgds.msg_perm.gid = pw->pw_gid; 280272343Sngie 281272343Sngie if (msgctl(id, IPC_SET, &msgds) != 0) 282272343Sngie atf_tc_fail("root failed to change the GID of message queue"); 283272343Sngie 284272343Sngie /* 285272343Sngie * Note: setting the qbytes to zero fails even as root. 286272343Sngie */ 287272343Sngie msgds.msg_qbytes = 1; 288272343Sngie msgds.msg_perm.gid = getgid(); 289272343Sngie 290272343Sngie if (msgctl(id, IPC_SET, &msgds) != 0) 291272343Sngie atf_tc_fail("root failed to change qbytes of message queue"); 292272343Sngie 293272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 294272343Sngie} 295272343Sngie 296272343SngieATF_TC_CLEANUP(msgctl_set, tc) 297272343Sngie{ 298272343Sngie clean(); 299272343Sngie} 300272343Sngie 301272343SngieATF_TC_WITH_CLEANUP(msgctl_time); 302272343SngieATF_TC_HEAD(msgctl_time, tc) 303272343Sngie{ 304272343Sngie atf_tc_set_md_var(tc, "descr", "Test that access times are updated"); 305272343Sngie} 306272343Sngie 307272343SngieATF_TC_BODY(msgctl_time, tc) 308272343Sngie{ 309272343Sngie struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } }; 310272343Sngie struct msqid_ds msgds; 311272343Sngie time_t t; 312272343Sngie int id; 313272343Sngie 314272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 315272343Sngie ATF_REQUIRE(id != -1); 316272343Sngie 317272343Sngie t = time(NULL); 318272343Sngie 319272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 320272343Sngie (void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); 321272343Sngie (void)msgctl(id, IPC_STAT, &msgds); 322272343Sngie 323272343Sngie if (llabs(t - msgds.msg_stime) > 1) 324272343Sngie atf_tc_fail("time of last msgsnd(2) was not updated"); 325272343Sngie 326272343Sngie if (msgds.msg_rtime != 0) 327272343Sngie atf_tc_fail("time of last msgrcv(2) was updated incorrectly"); 328272343Sngie 329272343Sngie t = time(NULL); 330272343Sngie 331272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 332272343Sngie (void)msgrcv(id, &msg, sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT); 333272343Sngie (void)msgctl(id, IPC_STAT, &msgds); 334272343Sngie 335272343Sngie if (llabs(t - msgds.msg_rtime) > 1) 336272343Sngie atf_tc_fail("time of last msgrcv(2) was not updated"); 337272343Sngie 338272343Sngie /* 339272343Sngie * Note: this is non-zero even after the memset(3). 340272343Sngie */ 341272343Sngie if (msgds.msg_stime == 0) 342272343Sngie atf_tc_fail("time of last msgsnd(2) was updated incorrectly"); 343272343Sngie 344272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 345272343Sngie} 346272343Sngie 347272343SngieATF_TC_CLEANUP(msgctl_time, tc) 348272343Sngie{ 349272343Sngie clean(); 350272343Sngie} 351272343Sngie 352272343SngieATF_TP_ADD_TCS(tp) 353272343Sngie{ 354272343Sngie 355272343Sngie ATF_TP_ADD_TC(tp, msgctl_err); 356272343Sngie ATF_TP_ADD_TC(tp, msgctl_perm); 357272343Sngie ATF_TP_ADD_TC(tp, msgctl_pid); 358272343Sngie ATF_TP_ADD_TC(tp, msgctl_set); 359272343Sngie ATF_TP_ADD_TC(tp, msgctl_time); 360272343Sngie 361272343Sngie return atf_no_error(); 362272343Sngie} 363