1314817Sngie/* $NetBSD: t_msgctl.c,v 1.5 2017/01/13 20:44:45 christos Exp $ */ 2272343Sngie 3272343Sngie/*- 4272343Sngie * Copyright (c) 2011 The NetBSD Foundation, Inc. 5272343Sngie * All rights reserved. 6272343Sngie * 7272343Sngie * This code is derived from software contributed to The NetBSD Foundation 8272343Sngie * by Jukka Ruohonen. 9272343Sngie * 10272343Sngie * Redistribution and use in source and binary forms, with or without 11272343Sngie * modification, are permitted provided that the following conditions 12272343Sngie * are met: 13272343Sngie * 1. Redistributions of source code must retain the above copyright 14272343Sngie * notice, this list of conditions and the following disclaimer. 15272343Sngie * 2. Redistributions in binary form must reproduce the above copyright 16272343Sngie * notice, this list of conditions and the following disclaimer in the 17272343Sngie * documentation and/or other materials provided with the distribution. 18272343Sngie * 19272343Sngie * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20272343Sngie * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21272343Sngie * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22272343Sngie * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23272343Sngie * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24272343Sngie * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25272343Sngie * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26272343Sngie * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27272343Sngie * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28272343Sngie * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29272343Sngie * POSSIBILITY OF SUCH DAMAGE. 30272343Sngie */ 31272343Sngie#include <sys/cdefs.h> 32314817Sngie__RCSID("$NetBSD: t_msgctl.c,v 1.5 2017/01/13 20:44:45 christos Exp $"); 33272343Sngie 34272343Sngie#include <sys/msg.h> 35272343Sngie#include <sys/stat.h> 36272343Sngie#include <sys/sysctl.h> 37272343Sngie#include <sys/wait.h> 38272343Sngie 39272343Sngie#include <atf-c.h> 40272343Sngie#include <errno.h> 41314817Sngie#include <limits.h> 42272343Sngie#include <pwd.h> 43272343Sngie#include <stdio.h> 44272343Sngie#include <stdlib.h> 45272343Sngie#include <string.h> 46272343Sngie#include <sysexits.h> 47272343Sngie#include <time.h> 48272343Sngie#include <unistd.h> 49272343Sngie 50272343Sngie#define MSG_KEY 12345689 51272343Sngie#define MSG_MTYPE_1 0x41 52272343Sngie 53272343Sngiestruct msg { 54272343Sngie long mtype; 55272343Sngie char buf[3]; 56272343Sngie}; 57272343Sngie 58272343Sngiestatic void clean(void); 59272343Sngie 60272343Sngiestatic void 61272343Sngieclean(void) 62272343Sngie{ 63272343Sngie int id; 64272343Sngie 65272343Sngie if ((id = msgget(MSG_KEY, 0)) != -1) 66272343Sngie (void)msgctl(id, IPC_RMID, 0); 67272343Sngie} 68272343Sngie 69272343SngieATF_TC_WITH_CLEANUP(msgctl_err); 70272343SngieATF_TC_HEAD(msgctl_err, tc) 71272343Sngie{ 72272343Sngie atf_tc_set_md_var(tc, "descr", "Test errors from msgctl(2)"); 73272343Sngie} 74272343Sngie 75272343SngieATF_TC_BODY(msgctl_err, tc) 76272343Sngie{ 77272343Sngie const int cmd[] = { IPC_STAT, IPC_SET, IPC_RMID }; 78272343Sngie struct msqid_ds msgds; 79272343Sngie size_t i; 80272343Sngie int id; 81272343Sngie 82272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 83272343Sngie 84272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 85272343Sngie ATF_REQUIRE(id != -1); 86272343Sngie 87272343Sngie errno = 0; 88272343Sngie ATF_REQUIRE_ERRNO(EINVAL, msgctl(id, INT_MAX, &msgds) == -1); 89272343Sngie 90272343Sngie errno = 0; 91272343Sngie ATF_REQUIRE_ERRNO(EFAULT, msgctl(id, IPC_STAT, (void *)-1) == -1); 92272343Sngie 93272343Sngie for (i = 0; i < __arraycount(cmd); i++) { 94272343Sngie errno = 0; 95272343Sngie ATF_REQUIRE_ERRNO(EINVAL, msgctl(-1, cmd[i], &msgds) == -1); 96272343Sngie } 97272343Sngie 98272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 99272343Sngie} 100272343Sngie 101272343SngieATF_TC_CLEANUP(msgctl_err, tc) 102272343Sngie{ 103272343Sngie clean(); 104272343Sngie} 105272343Sngie 106272343SngieATF_TC_WITH_CLEANUP(msgctl_perm); 107272343SngieATF_TC_HEAD(msgctl_perm, tc) 108272343Sngie{ 109272343Sngie atf_tc_set_md_var(tc, "descr", "Test permissions with msgctl(2)"); 110272343Sngie atf_tc_set_md_var(tc, "require.user", "root"); 111272343Sngie} 112272343Sngie 113272343SngieATF_TC_BODY(msgctl_perm, tc) 114272343Sngie{ 115272343Sngie struct msqid_ds msgds; 116272343Sngie struct passwd *pw; 117272343Sngie pid_t pid; 118272343Sngie int sta; 119272343Sngie int id; 120272343Sngie 121272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 122272343Sngie 123272343Sngie pw = getpwnam("nobody"); 124272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 125272343Sngie 126272343Sngie ATF_REQUIRE(id != -1); 127272343Sngie ATF_REQUIRE(pw != NULL); 128272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 129272343Sngie 130272343Sngie pid = fork(); 131272343Sngie ATF_REQUIRE(pid >= 0); 132272343Sngie 133272343Sngie if (pid == 0) { 134272343Sngie 135272343Sngie if (setuid(pw->pw_uid) != 0) 136272343Sngie _exit(EX_OSERR); 137272343Sngie 138272343Sngie msgds.msg_perm.uid = getuid(); 139272343Sngie msgds.msg_perm.gid = getgid(); 140272343Sngie 141272343Sngie errno = 0; 142272343Sngie 143272343Sngie if (msgctl(id, IPC_SET, &msgds) == 0) 144272343Sngie _exit(EXIT_FAILURE); 145272343Sngie 146272343Sngie if (errno != EPERM) 147272343Sngie _exit(EXIT_FAILURE); 148272343Sngie 149272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 150272343Sngie 151272343Sngie if (msgctl(id, IPC_STAT, &msgds) != 0) 152272343Sngie _exit(EX_OSERR); 153272343Sngie 154272343Sngie msgds.msg_qbytes = 1; 155272343Sngie 156272343Sngie if (msgctl(id, IPC_SET, &msgds) == 0) 157272343Sngie _exit(EXIT_FAILURE); 158272343Sngie 159272343Sngie if (errno != EPERM) 160272343Sngie _exit(EXIT_FAILURE); 161272343Sngie 162272343Sngie _exit(EXIT_SUCCESS); 163272343Sngie } 164272343Sngie 165272343Sngie (void)wait(&sta); 166272343Sngie 167272343Sngie if (WIFEXITED(sta) == 0) { 168272343Sngie 169272343Sngie if (WEXITSTATUS(sta) == EX_OSERR) 170272343Sngie atf_tc_fail("system call failed"); 171272343Sngie 172272343Sngie if (WEXITSTATUS(sta) == EXIT_FAILURE) 173272343Sngie atf_tc_fail("UID %u manipulated root's " 174272343Sngie "message queue", pw->pw_uid); 175272343Sngie } 176272343Sngie 177272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 178272343Sngie} 179272343Sngie 180272343SngieATF_TC_CLEANUP(msgctl_perm, tc) 181272343Sngie{ 182272343Sngie clean(); 183272343Sngie} 184272343Sngie 185272343SngieATF_TC_WITH_CLEANUP(msgctl_pid); 186272343SngieATF_TC_HEAD(msgctl_pid, tc) 187272343Sngie{ 188272343Sngie atf_tc_set_md_var(tc, "descr", "Test that PIDs are updated"); 189272343Sngie} 190272343Sngie 191272343SngieATF_TC_BODY(msgctl_pid, tc) 192272343Sngie{ 193272343Sngie struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } }; 194272343Sngie struct msqid_ds msgds; 195272343Sngie int id, sta; 196272343Sngie pid_t pid; 197272343Sngie 198272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 199272343Sngie ATF_REQUIRE(id != -1); 200272343Sngie 201272343Sngie pid = fork(); 202272343Sngie ATF_REQUIRE(pid >= 0); 203272343Sngie 204272343Sngie if (pid == 0) { 205272343Sngie 206319094Sngie#ifdef __FreeBSD__ 207319094Sngie (void)msgsnd(id, &msg, sizeof(msg.buf), IPC_NOWAIT); 208319094Sngie#else 209272343Sngie (void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); 210319094Sngie#endif 211272343Sngie 212272343Sngie _exit(EXIT_SUCCESS); 213272343Sngie } 214272343Sngie 215272343Sngie (void)sleep(1); 216272343Sngie (void)wait(&sta); 217272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 218272343Sngie 219272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 220272343Sngie 221272343Sngie if (pid != msgds.msg_lspid) 222272343Sngie atf_tc_fail("the PID of last msgsnd(2) was not updated"); 223272343Sngie 224272343Sngie pid = fork(); 225272343Sngie ATF_REQUIRE(pid >= 0); 226272343Sngie 227272343Sngie if (pid == 0) { 228272343Sngie 229272343Sngie (void)msgrcv(id, &msg, 230272343Sngie sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT); 231272343Sngie 232272343Sngie _exit(EXIT_SUCCESS); 233272343Sngie } 234272343Sngie 235272343Sngie (void)sleep(1); 236272343Sngie (void)wait(&sta); 237272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 238272343Sngie 239272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 240272343Sngie 241272343Sngie if (pid != msgds.msg_lrpid) 242272343Sngie atf_tc_fail("the PID of last msgrcv(2) was not updated"); 243272343Sngie 244272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 245272343Sngie} 246272343Sngie 247272343SngieATF_TC_CLEANUP(msgctl_pid, tc) 248272343Sngie{ 249272343Sngie clean(); 250272343Sngie} 251272343Sngie 252272343SngieATF_TC_WITH_CLEANUP(msgctl_set); 253272343SngieATF_TC_HEAD(msgctl_set, tc) 254272343Sngie{ 255272343Sngie atf_tc_set_md_var(tc, "descr", "Test msgctl(2) with IPC_SET"); 256272343Sngie atf_tc_set_md_var(tc, "require.user", "root"); 257272343Sngie} 258272343Sngie 259272343SngieATF_TC_BODY(msgctl_set, tc) 260272343Sngie{ 261272343Sngie struct msqid_ds msgds; 262272343Sngie struct passwd *pw; 263272343Sngie int id; 264272343Sngie 265272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 266272343Sngie 267272343Sngie pw = getpwnam("nobody"); 268272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 269272343Sngie 270272343Sngie ATF_REQUIRE(id != -1); 271272343Sngie ATF_REQUIRE(pw != NULL); 272272343Sngie ATF_REQUIRE(msgctl(id, IPC_STAT, &msgds) == 0); 273272343Sngie 274272343Sngie msgds.msg_perm.uid = pw->pw_uid; 275272343Sngie 276272343Sngie if (msgctl(id, IPC_SET, &msgds) != 0) 277272343Sngie atf_tc_fail("root failed to change the UID of message queue"); 278272343Sngie 279272343Sngie msgds.msg_perm.uid = getuid(); 280272343Sngie msgds.msg_perm.gid = pw->pw_gid; 281272343Sngie 282272343Sngie if (msgctl(id, IPC_SET, &msgds) != 0) 283272343Sngie atf_tc_fail("root failed to change the GID of message queue"); 284272343Sngie 285272343Sngie /* 286272343Sngie * Note: setting the qbytes to zero fails even as root. 287272343Sngie */ 288272343Sngie msgds.msg_qbytes = 1; 289272343Sngie msgds.msg_perm.gid = getgid(); 290272343Sngie 291272343Sngie if (msgctl(id, IPC_SET, &msgds) != 0) 292272343Sngie atf_tc_fail("root failed to change qbytes of message queue"); 293272343Sngie 294272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 295272343Sngie} 296272343Sngie 297272343SngieATF_TC_CLEANUP(msgctl_set, tc) 298272343Sngie{ 299272343Sngie clean(); 300272343Sngie} 301272343Sngie 302272343SngieATF_TC_WITH_CLEANUP(msgctl_time); 303272343SngieATF_TC_HEAD(msgctl_time, tc) 304272343Sngie{ 305272343Sngie atf_tc_set_md_var(tc, "descr", "Test that access times are updated"); 306272343Sngie} 307272343Sngie 308272343SngieATF_TC_BODY(msgctl_time, tc) 309272343Sngie{ 310272343Sngie struct msg msg = { MSG_MTYPE_1, { 'a', 'b', 'c' } }; 311272343Sngie struct msqid_ds msgds; 312272343Sngie time_t t; 313272343Sngie int id; 314272343Sngie 315272343Sngie id = msgget(MSG_KEY, IPC_CREAT | 0600); 316272343Sngie ATF_REQUIRE(id != -1); 317272343Sngie 318272343Sngie t = time(NULL); 319272343Sngie 320272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 321319094Sngie#ifdef __FreeBSD__ 322319094Sngie (void)msgsnd(id, &msg, sizeof(msg.buf), IPC_NOWAIT); 323319094Sngie#else 324272343Sngie (void)msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); 325319094Sngie#endif 326272343Sngie (void)msgctl(id, IPC_STAT, &msgds); 327272343Sngie 328272343Sngie if (llabs(t - msgds.msg_stime) > 1) 329272343Sngie atf_tc_fail("time of last msgsnd(2) was not updated"); 330272343Sngie 331272343Sngie if (msgds.msg_rtime != 0) 332272343Sngie atf_tc_fail("time of last msgrcv(2) was updated incorrectly"); 333272343Sngie 334272343Sngie t = time(NULL); 335272343Sngie 336272343Sngie (void)memset(&msgds, 0, sizeof(struct msqid_ds)); 337272343Sngie (void)msgrcv(id, &msg, sizeof(struct msg), MSG_MTYPE_1, IPC_NOWAIT); 338272343Sngie (void)msgctl(id, IPC_STAT, &msgds); 339272343Sngie 340272343Sngie if (llabs(t - msgds.msg_rtime) > 1) 341272343Sngie atf_tc_fail("time of last msgrcv(2) was not updated"); 342272343Sngie 343272343Sngie /* 344272343Sngie * Note: this is non-zero even after the memset(3). 345272343Sngie */ 346272343Sngie if (msgds.msg_stime == 0) 347272343Sngie atf_tc_fail("time of last msgsnd(2) was updated incorrectly"); 348272343Sngie 349272343Sngie ATF_REQUIRE(msgctl(id, IPC_RMID, 0) == 0); 350272343Sngie} 351272343Sngie 352272343SngieATF_TC_CLEANUP(msgctl_time, tc) 353272343Sngie{ 354272343Sngie clean(); 355272343Sngie} 356272343Sngie 357272343SngieATF_TP_ADD_TCS(tp) 358272343Sngie{ 359272343Sngie 360272343Sngie ATF_TP_ADD_TC(tp, msgctl_err); 361272343Sngie ATF_TP_ADD_TC(tp, msgctl_perm); 362272343Sngie ATF_TP_ADD_TC(tp, msgctl_pid); 363272343Sngie ATF_TP_ADD_TC(tp, msgctl_set); 364272343Sngie ATF_TP_ADD_TC(tp, msgctl_time); 365272343Sngie 366272343Sngie return atf_no_error(); 367272343Sngie} 368