1/*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2022 Gleb Smirnoff <glebius@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28#include <sys/time.h> 29#include <sys/event.h> 30#include <sys/ioctl.h> 31#include <sys/select.h> 32#include <sys/socket.h> 33#include <sys/sysctl.h> 34#include <sys/un.h> 35#include <aio.h> 36#include <errno.h> 37#include <fcntl.h> 38#include <signal.h> 39#include <stdio.h> 40#include <stdlib.h> 41 42#include <atf-c.h> 43 44static struct itimerval itv = { 45 .it_interval = { 0, 0 }, 46 .it_value = { 1, 0 }, /* one second */ 47}; 48static sig_atomic_t timer_done = 0; 49static void 50sigalarm(int sig __unused) 51{ 52 53 timer_done = 1; 54} 55 56static struct sigaction sigact = { 57 .sa_handler = sigalarm, 58}; 59 60static struct sockaddr_un sun = { 61 .sun_family = AF_LOCAL, 62 .sun_len = sizeof(sun), 63 .sun_path = "unix_dgram_listener", 64}; 65 66/* 67 * Fill socket to a state when next send(len) would fail. 68 * 69 * Note that every datagram is prepended with sender address, 70 * size of struct sockaddr. 71 */ 72static void 73fill(int fd, void *buf, ssize_t len) 74{ 75 unsigned long recvspace; 76 size_t llen = sizeof(unsigned long); 77 ssize_t sent; 78 79 ATF_REQUIRE(sysctlbyname("net.local.dgram.recvspace", &recvspace, 80 &llen, NULL, 0) == 0); 81 for (sent = 0; 82 sent + len + sizeof(struct sockaddr) < recvspace; 83 sent += len + sizeof(struct sockaddr)) 84 ATF_REQUIRE(send(fd, buf, len, 0) == len); 85} 86 87ATF_TC_WITHOUT_HEAD(basic); 88ATF_TC_BODY(basic, tc) 89{ 90 struct msghdr msg; 91 struct iovec iov[1]; 92 unsigned long maxdgram; 93 size_t llen = sizeof(unsigned long); 94 int fd[2]; 95 char *buf; 96 97 /* Allocate and initialize: 98 * - fd[0] to send, fd[1] to receive 99 * - buf[maxdgram] for data 100 */ 101 ATF_REQUIRE(sysctlbyname("net.local.dgram.maxdgram", &maxdgram, 102 &llen, NULL, 0) == 0); 103 ATF_REQUIRE(socketpair(PF_UNIX, SOCK_DGRAM, 0, fd) != -1); 104 buf = malloc(maxdgram + 1); 105 ATF_REQUIRE(buf); 106 msg = (struct msghdr ){ 107 .msg_iov = iov, 108 .msg_iovlen = 1, 109 }; 110 iov[0] = (struct iovec ){ 111 .iov_base = buf, 112 }; 113 114 /* Fail to send > maxdgram. */ 115 ATF_REQUIRE(send(fd[0], buf, maxdgram + 1, 0) == -1); 116 ATF_REQUIRE(errno == EMSGSIZE); 117 118 /* Send maxdgram. */ 119 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == (ssize_t)maxdgram); 120 121 /* Exercise MSG_PEEK, full and truncated.. */ 122 ATF_REQUIRE(recv(fd[1], buf, maxdgram, MSG_PEEK) == (ssize_t)maxdgram); 123 iov[0].iov_len = 42; 124 ATF_REQUIRE(recvmsg(fd[1], &msg, MSG_PEEK) == 42); 125 ATF_REQUIRE(msg.msg_flags == (MSG_PEEK | MSG_TRUNC)); 126 127 /* Receive maxdgram. */ 128 iov[0].iov_len = maxdgram; 129 ATF_REQUIRE(recvmsg(fd[1], &msg, 0) == (ssize_t)maxdgram); 130 ATF_REQUIRE(msg.msg_flags == 0); 131 132 /* Receive truncated message. */ 133 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == (ssize_t)maxdgram); 134 iov[0].iov_len = maxdgram / 2; 135 ATF_REQUIRE(recvmsg(fd[1], &msg, 0) == (ssize_t)maxdgram / 2); 136 ATF_REQUIRE(msg.msg_flags == MSG_TRUNC); 137 138 /* Empty: block. */ 139 ATF_REQUIRE(sigaction(SIGALRM, &sigact, NULL) == 0); 140 ATF_REQUIRE(timer_done == 0); 141 ATF_REQUIRE(setitimer(ITIMER_REAL, &itv, NULL) == 0); 142 ATF_REQUIRE(recv(fd[1], buf, maxdgram, 0) == -1); 143 ATF_REQUIRE(errno == EINTR); 144 ATF_REQUIRE(timer_done == 1); 145 146 /* Don't block with MSG_DONTWAIT. */ 147 ATF_REQUIRE(recv(fd[1], buf, maxdgram, MSG_DONTWAIT) == -1); 148 ATF_REQUIRE(errno == EAGAIN); 149 150 /* Don't block with O_NONBLOCK. */ 151 ATF_REQUIRE(fcntl(fd[1], F_SETFL, O_NONBLOCK) != -1); 152 ATF_REQUIRE(recv(fd[1], buf, maxdgram, 0) == -1); 153 ATF_REQUIRE(errno == EAGAIN); 154 155 /* Fail with ENOBUFS on full socket. */ 156 fill(fd[0], buf, maxdgram); 157 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == -1); 158 ATF_REQUIRE(errno == ENOBUFS); 159 160 /* 161 * Fail with ENOBUFS with O_NONBLOCK set, too. See 71e70c25c00 162 * for explanation why this behavior needs to be preserved. 163 */ 164 ATF_REQUIRE(fcntl(fd[0], F_SETFL, O_NONBLOCK) != -1); 165 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == -1); 166 ATF_REQUIRE(errno == ENOBUFS); 167 168 /* Remote side closed -> ECONNRESET. */ 169 close(fd[1]); 170 ATF_REQUIRE(send(fd[0], buf, maxdgram, 0) == -1); 171 ATF_REQUIRE(errno == ECONNRESET); 172} 173 174ATF_TC_WITHOUT_HEAD(one2many); 175ATF_TC_BODY(one2many, tc) 176{ 177 int one, many[3], two; 178#define BUFSIZE 1024 179 char buf[BUFSIZE], goodboy[BUFSIZE], flooder[BUFSIZE], notconn[BUFSIZE]; 180 181 /* Establish one to many connection. */ 182 ATF_REQUIRE((one = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 183 ATF_REQUIRE(bind(one, (struct sockaddr *)&sun, sizeof(sun)) == 0); 184 /* listen(2) shall fail. */ 185 ATF_REQUIRE(listen(one, -1) != 0); 186 for (int i = 0; i < 3; i++) { 187 ATF_REQUIRE((many[i] = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 188 ATF_REQUIRE(connect(many[i], (struct sockaddr *)&sun, 189 sizeof(sun)) == 0); 190 } 191 192 /* accept() on UNIX/DGRAM is invalid. */ 193 ATF_REQUIRE(accept(one, NULL, NULL) == -1); 194 ATF_REQUIRE(errno == EINVAL); 195 196 /* 197 * Connecting a bound socket to self: a strange, useless, but 198 * historically existing edge case that is not explicitly described 199 * in SuS, neither is forbidden there. Works on FreeBSD and Linux. 200 */ 201 ATF_REQUIRE(connect(one, (struct sockaddr *)&sun, sizeof(sun)) == 0); 202 ATF_REQUIRE(send(one, buf, 42, 0) == 42); 203 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == 42); 204 205 /* 206 * Interaction between concurrent senders. New feature in FreeBSD 14. 207 * 208 * One sender can not fill the receive side. Other senders can 209 * continue operation. Senders who don't fill their buffers are 210 * prioritized over flooders. Connected senders are prioritized over 211 * unconnected. 212 * 213 * Disconnecting a sender that has queued data optionally preserves 214 * the data. Allow the data to migrate to peers buffer only if the 215 * latter is empty. Otherwise discard it, to prevent against 216 * connect-fill-close attack. 217 */ 218#define FLOODER 13 /* for connected flooder on many[0] */ 219#define GOODBOY 42 /* for a good boy on many[1] */ 220#define NOTCONN 66 /* for sendto(2) via two */ 221 goodboy[0] = GOODBOY; 222 flooder[0] = FLOODER; 223 notconn[0] = NOTCONN; 224 225 /* Connected priority over sendto(2). */ 226 ATF_REQUIRE((two = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 227 ATF_REQUIRE(sendto(two, notconn, BUFSIZE, 0, (struct sockaddr *)&sun, 228 sizeof(sun)) == BUFSIZE); 229 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 230 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 231 ATF_REQUIRE(buf[0] == GOODBOY); /* message from good boy comes first */ 232 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 233 ATF_REQUIRE(buf[0] == NOTCONN); /* only then message from sendto(2) */ 234 235 /* Casual sender priority over a flooder. */ 236 fill(many[0], flooder, sizeof(flooder)); 237 ATF_REQUIRE(send(many[0], flooder, BUFSIZE, 0) == -1); 238 ATF_REQUIRE(errno == ENOBUFS); 239 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 240 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 241 ATF_REQUIRE(buf[0] == GOODBOY); /* message from good boy comes first */ 242 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 243 ATF_REQUIRE(buf[0] == FLOODER); /* only then message from flooder */ 244 245 /* Once seen, a message can't be deprioritized by any other message. */ 246 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_PEEK) == sizeof(buf)); 247 ATF_REQUIRE(buf[0] == FLOODER); /* message from the flooder seen */ 248 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 249 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_PEEK) == sizeof(buf)); 250 ATF_REQUIRE(buf[0] == FLOODER); /* should be the same message */ 251 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 252 ATF_REQUIRE(buf[0] == FLOODER); /* now we read it out... */ 253 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 254 ATF_REQUIRE(buf[0] == GOODBOY); /* ... and next one is the good boy */ 255 256 /* Disconnect in presence of data from not connected. */ 257 ATF_REQUIRE(sendto(two, notconn, BUFSIZE, 0, (struct sockaddr *)&sun, 258 sizeof(sun)) == BUFSIZE); 259 close(many[0]); 260 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 261 ATF_REQUIRE(buf[0] == NOTCONN); /* message from sendto() */ 262 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_DONTWAIT) == -1); 263 ATF_REQUIRE(errno == EAGAIN); /* data from many[0] discarded */ 264 265 /* Disconnect in absence of data from not connected. */ 266 ATF_REQUIRE(send(many[1], goodboy, BUFSIZE, 0) == BUFSIZE); 267 close(many[1]); 268 ATF_REQUIRE(recv(one, buf, sizeof(buf), 0) == sizeof(buf)); 269 ATF_REQUIRE(buf[0] == GOODBOY); /* message from many[1] preserved */ 270 271 /* Check that nothing leaks on close(2). */ 272 ATF_REQUIRE(send(many[2], buf, 42, 0) == 42); 273 ATF_REQUIRE(send(many[2], buf, 42, 0) == 42); 274 ATF_REQUIRE(recv(one, buf, sizeof(buf), MSG_PEEK) == 42); 275 ATF_REQUIRE(sendto(two, notconn, 42, 0, (struct sockaddr *)&sun, 276 sizeof(sun)) == 42); 277 close(one); 278} 279 280/* 281 * Check that various mechanism report socket as readable and having 282 * 42 bytes of data. 283 */ 284static void 285test42(int fd) 286{ 287 288 /* ioctl(FIONREAD) */ 289 int data; 290 291 ATF_REQUIRE(ioctl(fd, FIONREAD, &data) != -1); 292 ATF_REQUIRE(data == 42); 293 294 /* select(2) */ 295 fd_set rfds; 296 297 FD_ZERO(&rfds); 298 FD_SET(fd, &rfds); 299 ATF_REQUIRE(select(fd + 1, &rfds, NULL, NULL, NULL) == 1); 300 ATF_REQUIRE(FD_ISSET(fd, &rfds)); 301 302 /* kevent(2) */ 303 struct kevent ev; 304 int kq; 305 306 ATF_REQUIRE((kq = kqueue()) != -1); 307 EV_SET(&ev, fd, EVFILT_READ, EV_ADD, NOTE_LOWAT, 41, NULL); 308 ATF_REQUIRE(kevent(kq, &ev, 1, NULL, 0, NULL) == 0); 309 ATF_REQUIRE(kevent(kq, NULL, 0, &ev, 1, NULL) == 1); 310 ATF_REQUIRE(ev.filter == EVFILT_READ); 311 ATF_REQUIRE(ev.data == 42); 312 313 /* aio(4) */ 314 char buf[50]; 315 struct aiocb aio = { 316 .aio_nbytes = 50, 317 .aio_fildes = fd, 318 .aio_buf = buf, 319 }, *aiop; 320 321 ATF_REQUIRE(aio_read(&aio) == 0); 322 ATF_REQUIRE(aio_waitcomplete(&aiop, NULL) == 42); 323 ATF_REQUIRE(aiop == &aio); 324} 325 326/* 327 * Send data and control in connected & unconnected mode and check that 328 * various event mechanisms see the data, but don't count control bytes. 329 */ 330ATF_TC_WITHOUT_HEAD(event); 331ATF_TC_BODY(event, tc) 332{ 333 int fd[2]; 334 char buf[50]; 335 struct iovec iov = { 336 .iov_base = buf, 337 .iov_len = 42, 338 }; 339 struct cmsghdr cmsg = { 340 .cmsg_len = CMSG_LEN(0), 341 .cmsg_level = SOL_SOCKET, 342 .cmsg_type = SCM_TIMESTAMP, 343 }; 344 struct msghdr msghdr = { 345 .msg_iov = &iov, 346 .msg_iovlen = 1, 347 .msg_control = &cmsg, 348 .msg_controllen = CMSG_LEN(0), 349 }; 350 351 /* Connected socket */ 352 ATF_REQUIRE(socketpair(PF_UNIX, SOCK_DGRAM, 0, fd) != -1); 353 ATF_REQUIRE(sendmsg(fd[0], &msghdr, 0) == 42); 354 test42(fd[1]); 355 close(fd[0]); 356 close(fd[1]); 357 358 /* Not-connected send */ 359 ATF_REQUIRE((fd[0] = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 360 ATF_REQUIRE((fd[1] = socket(PF_UNIX, SOCK_DGRAM, 0)) > 0); 361 ATF_REQUIRE(bind(fd[0], (struct sockaddr *)&sun, sizeof(sun)) == 0); 362 ATF_REQUIRE(sendto(fd[1], buf, 42, 0, (struct sockaddr *)&sun, 363 sizeof(sun)) == 42); 364 test42(fd[0]); 365} 366 367ATF_TC_WITHOUT_HEAD(selfgetpeername); 368ATF_TC_BODY(selfgetpeername, tc) 369{ 370 struct sockaddr_un sun; 371 const char *name; 372 socklen_t len; 373 int sd; 374 375 name = "selfgetpeername"; 376 377 sd = socket(PF_UNIX, SOCK_DGRAM, 0); 378 ATF_REQUIRE(sd != -1); 379 380 memset(&sun, 0, sizeof(sun)); 381 sun.sun_len = sizeof(sun); 382 sun.sun_family = AF_UNIX; 383 snprintf(sun.sun_path, sizeof(sun.sun_path), "%s", name); 384 ATF_REQUIRE(bind(sd, (struct sockaddr *)&sun, sizeof(sun)) == 0); 385 ATF_REQUIRE(connect(sd, (struct sockaddr *)&sun, sizeof(sun)) == 0); 386 387 len = sizeof(sun); 388 ATF_REQUIRE(getpeername(sd, (struct sockaddr *)&sun, &len) == 0); 389 ATF_REQUIRE(strcmp(sun.sun_path, name) == 0); 390 391 ATF_REQUIRE(close(sd) == 0); 392} 393 394ATF_TP_ADD_TCS(tp) 395{ 396 ATF_TP_ADD_TC(tp, basic); 397 ATF_TP_ADD_TC(tp, one2many); 398 ATF_TP_ADD_TC(tp, event); 399 ATF_TP_ADD_TC(tp, selfgetpeername); 400 401 return (atf_no_error()); 402} 403