~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/tools/testing/selftests/exec/execveat.c

Version: ~ [ linux-5.15-rc1 ] ~ [ linux-5.14.5 ] ~ [ linux-5.13.18 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.66 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.147 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.206 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.246 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.282 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.283 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * Copyright (c) 2014 Google, Inc.
  3  *
  4  * Licensed under the terms of the GNU GPL License version 2
  5  *
  6  * Selftests for execveat(2).
  7  */
  8 
  9 #define _GNU_SOURCE  /* to get O_PATH, AT_EMPTY_PATH */
 10 #include <sys/sendfile.h>
 11 #include <sys/stat.h>
 12 #include <sys/syscall.h>
 13 #include <sys/types.h>
 14 #include <sys/wait.h>
 15 #include <errno.h>
 16 #include <fcntl.h>
 17 #include <limits.h>
 18 #include <stdio.h>
 19 #include <stdlib.h>
 20 #include <string.h>
 21 #include <unistd.h>
 22 
 23 static char longpath[2 * PATH_MAX] = "";
 24 static char *envp[] = { "IN_TEST=yes", NULL, NULL };
 25 static char *argv[] = { "execveat", "99", NULL };
 26 
 27 static int execveat_(int fd, const char *path, char **argv, char **envp,
 28                      int flags)
 29 {
 30 #ifdef __NR_execveat
 31         return syscall(__NR_execveat, fd, path, argv, envp, flags);
 32 #else
 33         errno = ENOSYS;
 34         return -1;
 35 #endif
 36 }
 37 
 38 #define check_execveat_fail(fd, path, flags, errno)     \
 39         _check_execveat_fail(fd, path, flags, errno, #errno)
 40 static int _check_execveat_fail(int fd, const char *path, int flags,
 41                                 int expected_errno, const char *errno_str)
 42 {
 43         int rc;
 44 
 45         errno = 0;
 46         printf("Check failure of execveat(%d, '%s', %d) with %s... ",
 47                 fd, path?:"(null)", flags, errno_str);
 48         rc = execveat_(fd, path, argv, envp, flags);
 49 
 50         if (rc > 0) {
 51                 printf("[FAIL] (unexpected success from execveat(2))\n");
 52                 return 1;
 53         }
 54         if (errno != expected_errno) {
 55                 printf("[FAIL] (expected errno %d (%s) not %d (%s)\n",
 56                         expected_errno, strerror(expected_errno),
 57                         errno, strerror(errno));
 58                 return 1;
 59         }
 60         printf("[OK]\n");
 61         return 0;
 62 }
 63 
 64 static int check_execveat_invoked_rc(int fd, const char *path, int flags,
 65                                      int expected_rc, int expected_rc2)
 66 {
 67         int status;
 68         int rc;
 69         pid_t child;
 70         int pathlen = path ? strlen(path) : 0;
 71 
 72         if (pathlen > 40)
 73                 printf("Check success of execveat(%d, '%.20s...%s', %d)... ",
 74                         fd, path, (path + pathlen - 20), flags);
 75         else
 76                 printf("Check success of execveat(%d, '%s', %d)... ",
 77                         fd, path?:"(null)", flags);
 78         child = fork();
 79         if (child < 0) {
 80                 printf("[FAIL] (fork() failed)\n");
 81                 return 1;
 82         }
 83         if (child == 0) {
 84                 /* Child: do execveat(). */
 85                 rc = execveat_(fd, path, argv, envp, flags);
 86                 printf("[FAIL]: execveat() failed, rc=%d errno=%d (%s)\n",
 87                         rc, errno, strerror(errno));
 88                 exit(1);  /* should not reach here */
 89         }
 90         /* Parent: wait for & check child's exit status. */
 91         rc = waitpid(child, &status, 0);
 92         if (rc != child) {
 93                 printf("[FAIL] (waitpid(%d,...) returned %d)\n", child, rc);
 94                 return 1;
 95         }
 96         if (!WIFEXITED(status)) {
 97                 printf("[FAIL] (child %d did not exit cleanly, status=%08x)\n",
 98                         child, status);
 99                 return 1;
100         }
101         if ((WEXITSTATUS(status) != expected_rc) &&
102             (WEXITSTATUS(status) != expected_rc2)) {
103                 printf("[FAIL] (child %d exited with %d not %d nor %d)\n",
104                         child, WEXITSTATUS(status), expected_rc, expected_rc2);
105                 return 1;
106         }
107         printf("[OK]\n");
108         return 0;
109 }
110 
111 static int check_execveat(int fd, const char *path, int flags)
112 {
113         return check_execveat_invoked_rc(fd, path, flags, 99, 99);
114 }
115 
116 static char *concat(const char *left, const char *right)
117 {
118         char *result = malloc(strlen(left) + strlen(right) + 1);
119 
120         strcpy(result, left);
121         strcat(result, right);
122         return result;
123 }
124 
125 static int open_or_die(const char *filename, int flags)
126 {
127         int fd = open(filename, flags);
128 
129         if (fd < 0) {
130                 printf("Failed to open '%s'; "
131                         "check prerequisites are available\n", filename);
132                 exit(1);
133         }
134         return fd;
135 }
136 
137 static void exe_cp(const char *src, const char *dest)
138 {
139         int in_fd = open_or_die(src, O_RDONLY);
140         int out_fd = open(dest, O_RDWR|O_CREAT|O_TRUNC, 0755);
141         struct stat info;
142 
143         fstat(in_fd, &info);
144         sendfile(out_fd, in_fd, NULL, info.st_size);
145         close(in_fd);
146         close(out_fd);
147 }
148 
149 #define XX_DIR_LEN 200
150 static int check_execveat_pathmax(int dot_dfd, const char *src, int is_script)
151 {
152         int fail = 0;
153         int ii, count, len;
154         char longname[XX_DIR_LEN + 1];
155         int fd;
156 
157         if (*longpath == '\0') {
158                 /* Create a filename close to PATH_MAX in length */
159                 memset(longname, 'x', XX_DIR_LEN - 1);
160                 longname[XX_DIR_LEN - 1] = '/';
161                 longname[XX_DIR_LEN] = '\0';
162                 count = (PATH_MAX - 3) / XX_DIR_LEN;
163                 for (ii = 0; ii < count; ii++) {
164                         strcat(longpath, longname);
165                         mkdir(longpath, 0755);
166                 }
167                 len = (PATH_MAX - 3) - (count * XX_DIR_LEN);
168                 if (len <= 0)
169                         len = 1;
170                 memset(longname, 'y', len);
171                 longname[len] = '\0';
172                 strcat(longpath, longname);
173         }
174         exe_cp(src, longpath);
175 
176         /*
177          * Execute as a pre-opened file descriptor, which works whether this is
178          * a script or not (because the interpreter sees a filename like
179          * "/dev/fd/20").
180          */
181         fd = open(longpath, O_RDONLY);
182         if (fd > 0) {
183                 printf("Invoke copy of '%s' via filename of length %zu:\n",
184                         src, strlen(longpath));
185                 fail += check_execveat(fd, "", AT_EMPTY_PATH);
186         } else {
187                 printf("Failed to open length %zu filename, errno=%d (%s)\n",
188                         strlen(longpath), errno, strerror(errno));
189                 fail++;
190         }
191 
192         /*
193          * Execute as a long pathname relative to ".".  If this is a script,
194          * the interpreter will launch but fail to open the script because its
195          * name ("/dev/fd/5/xxx....") is bigger than PATH_MAX.
196          *
197          * The failure code is usually 127 (POSIX: "If a command is not found,
198          * the exit status shall be 127."), but some systems give 126 (POSIX:
199          * "If the command name is found, but it is not an executable utility,
200          * the exit status shall be 126."), so allow either.
201          */
202         if (is_script)
203                 fail += check_execveat_invoked_rc(dot_dfd, longpath, 0,
204                                                   127, 126);
205         else
206                 fail += check_execveat(dot_dfd, longpath, 0);
207 
208         return fail;
209 }
210 
211 static int run_tests(void)
212 {
213         int fail = 0;
214         char *fullname = realpath("execveat", NULL);
215         char *fullname_script = realpath("script", NULL);
216         char *fullname_symlink = concat(fullname, ".symlink");
217         int subdir_dfd = open_or_die("subdir", O_DIRECTORY|O_RDONLY);
218         int subdir_dfd_ephemeral = open_or_die("subdir.ephemeral",
219                                                O_DIRECTORY|O_RDONLY);
220         int dot_dfd = open_or_die(".", O_DIRECTORY|O_RDONLY);
221         int dot_dfd_path = open_or_die(".", O_DIRECTORY|O_RDONLY|O_PATH);
222         int dot_dfd_cloexec = open_or_die(".", O_DIRECTORY|O_RDONLY|O_CLOEXEC);
223         int fd = open_or_die("execveat", O_RDONLY);
224         int fd_path = open_or_die("execveat", O_RDONLY|O_PATH);
225         int fd_symlink = open_or_die("execveat.symlink", O_RDONLY);
226         int fd_denatured = open_or_die("execveat.denatured", O_RDONLY);
227         int fd_denatured_path = open_or_die("execveat.denatured",
228                                             O_RDONLY|O_PATH);
229         int fd_script = open_or_die("script", O_RDONLY);
230         int fd_ephemeral = open_or_die("execveat.ephemeral", O_RDONLY);
231         int fd_ephemeral_path = open_or_die("execveat.path.ephemeral",
232                                             O_RDONLY|O_PATH);
233         int fd_script_ephemeral = open_or_die("script.ephemeral", O_RDONLY);
234         int fd_cloexec = open_or_die("execveat", O_RDONLY|O_CLOEXEC);
235         int fd_script_cloexec = open_or_die("script", O_RDONLY|O_CLOEXEC);
236 
237         /* Check if we have execveat at all, and bail early if not */
238         errno = 0;
239         execveat_(-1, NULL, NULL, NULL, 0);
240         if (errno == ENOSYS) {
241                 printf("[FAIL] ENOSYS calling execveat - no kernel support?\n");
242                 return 1;
243         }
244 
245         /* Change file position to confirm it doesn't affect anything */
246         lseek(fd, 10, SEEK_SET);
247 
248         /* Normal executable file: */
249         /*   dfd + path */
250         fail += check_execveat(subdir_dfd, "../execveat", 0);
251         fail += check_execveat(dot_dfd, "execveat", 0);
252         fail += check_execveat(dot_dfd_path, "execveat", 0);
253         /*   absolute path */
254         fail += check_execveat(AT_FDCWD, fullname, 0);
255         /*   absolute path with nonsense dfd */
256         fail += check_execveat(99, fullname, 0);
257         /*   fd + no path */
258         fail += check_execveat(fd, "", AT_EMPTY_PATH);
259         /*   O_CLOEXEC fd + no path */
260         fail += check_execveat(fd_cloexec, "", AT_EMPTY_PATH);
261         /*   O_PATH fd */
262         fail += check_execveat(fd_path, "", AT_EMPTY_PATH);
263 
264         /* Mess with executable file that's already open: */
265         /*   fd + no path to a file that's been renamed */
266         rename("execveat.ephemeral", "execveat.moved");
267         fail += check_execveat(fd_ephemeral, "", AT_EMPTY_PATH);
268         /*   fd + no path to a file that's been deleted */
269         unlink("execveat.moved"); /* remove the file now fd open */
270         fail += check_execveat(fd_ephemeral, "", AT_EMPTY_PATH);
271 
272         /* Mess with executable file that's already open with O_PATH */
273         /*   fd + no path to a file that's been deleted */
274         unlink("execveat.path.ephemeral");
275         fail += check_execveat(fd_ephemeral_path, "", AT_EMPTY_PATH);
276 
277         /* Invalid argument failures */
278         fail += check_execveat_fail(fd, "", 0, ENOENT);
279         fail += check_execveat_fail(fd, NULL, AT_EMPTY_PATH, EFAULT);
280 
281         /* Symlink to executable file: */
282         /*   dfd + path */
283         fail += check_execveat(dot_dfd, "execveat.symlink", 0);
284         fail += check_execveat(dot_dfd_path, "execveat.symlink", 0);
285         /*   absolute path */
286         fail += check_execveat(AT_FDCWD, fullname_symlink, 0);
287         /*   fd + no path, even with AT_SYMLINK_NOFOLLOW (already followed) */
288         fail += check_execveat(fd_symlink, "", AT_EMPTY_PATH);
289         fail += check_execveat(fd_symlink, "",
290                                AT_EMPTY_PATH|AT_SYMLINK_NOFOLLOW);
291 
292         /* Symlink fails when AT_SYMLINK_NOFOLLOW set: */
293         /*   dfd + path */
294         fail += check_execveat_fail(dot_dfd, "execveat.symlink",
295                                     AT_SYMLINK_NOFOLLOW, ELOOP);
296         fail += check_execveat_fail(dot_dfd_path, "execveat.symlink",
297                                     AT_SYMLINK_NOFOLLOW, ELOOP);
298         /*   absolute path */
299         fail += check_execveat_fail(AT_FDCWD, fullname_symlink,
300                                     AT_SYMLINK_NOFOLLOW, ELOOP);
301 
302         /* Shell script wrapping executable file: */
303         /*   dfd + path */
304         fail += check_execveat(subdir_dfd, "../script", 0);
305         fail += check_execveat(dot_dfd, "script", 0);
306         fail += check_execveat(dot_dfd_path, "script", 0);
307         /*   absolute path */
308         fail += check_execveat(AT_FDCWD, fullname_script, 0);
309         /*   fd + no path */
310         fail += check_execveat(fd_script, "", AT_EMPTY_PATH);
311         fail += check_execveat(fd_script, "",
312                                AT_EMPTY_PATH|AT_SYMLINK_NOFOLLOW);
313         /*   O_CLOEXEC fd fails for a script (as script file inaccessible) */
314         fail += check_execveat_fail(fd_script_cloexec, "", AT_EMPTY_PATH,
315                                     ENOENT);
316         fail += check_execveat_fail(dot_dfd_cloexec, "script", 0, ENOENT);
317 
318         /* Mess with script file that's already open: */
319         /*   fd + no path to a file that's been renamed */
320         rename("script.ephemeral", "script.moved");
321         fail += check_execveat(fd_script_ephemeral, "", AT_EMPTY_PATH);
322         /*   fd + no path to a file that's been deleted */
323         unlink("script.moved"); /* remove the file while fd open */
324         fail += check_execveat(fd_script_ephemeral, "", AT_EMPTY_PATH);
325 
326         /* Rename a subdirectory in the path: */
327         rename("subdir.ephemeral", "subdir.moved");
328         fail += check_execveat(subdir_dfd_ephemeral, "../script", 0);
329         fail += check_execveat(subdir_dfd_ephemeral, "script", 0);
330         /* Remove the subdir and its contents */
331         unlink("subdir.moved/script");
332         unlink("subdir.moved");
333         /* Shell loads via deleted subdir OK because name starts with .. */
334         fail += check_execveat(subdir_dfd_ephemeral, "../script", 0);
335         fail += check_execveat_fail(subdir_dfd_ephemeral, "script", 0, ENOENT);
336 
337         /* Flag values other than AT_SYMLINK_NOFOLLOW => EINVAL */
338         fail += check_execveat_fail(dot_dfd, "execveat", 0xFFFF, EINVAL);
339         /* Invalid path => ENOENT */
340         fail += check_execveat_fail(dot_dfd, "no-such-file", 0, ENOENT);
341         fail += check_execveat_fail(dot_dfd_path, "no-such-file", 0, ENOENT);
342         fail += check_execveat_fail(AT_FDCWD, "no-such-file", 0, ENOENT);
343         /* Attempt to execute directory => EACCES */
344         fail += check_execveat_fail(dot_dfd, "", AT_EMPTY_PATH, EACCES);
345         /* Attempt to execute non-executable => EACCES */
346         fail += check_execveat_fail(dot_dfd, "Makefile", 0, EACCES);
347         fail += check_execveat_fail(fd_denatured, "", AT_EMPTY_PATH, EACCES);
348         fail += check_execveat_fail(fd_denatured_path, "", AT_EMPTY_PATH,
349                                     EACCES);
350         /* Attempt to execute nonsense FD => EBADF */
351         fail += check_execveat_fail(99, "", AT_EMPTY_PATH, EBADF);
352         fail += check_execveat_fail(99, "execveat", 0, EBADF);
353         /* Attempt to execute relative to non-directory => ENOTDIR */
354         fail += check_execveat_fail(fd, "execveat", 0, ENOTDIR);
355 
356         fail += check_execveat_pathmax(dot_dfd, "execveat", 0);
357         fail += check_execveat_pathmax(dot_dfd, "script", 1);
358         return fail;
359 }
360 
361 static void prerequisites(void)
362 {
363         int fd;
364         const char *script = "#!/bin/sh\nexit $*\n";
365 
366         /* Create ephemeral copies of files */
367         exe_cp("execveat", "execveat.ephemeral");
368         exe_cp("execveat", "execveat.path.ephemeral");
369         exe_cp("script", "script.ephemeral");
370         mkdir("subdir.ephemeral", 0755);
371 
372         fd = open("subdir.ephemeral/script", O_RDWR|O_CREAT|O_TRUNC, 0755);
373         write(fd, script, strlen(script));
374         close(fd);
375 }
376 
377 int main(int argc, char **argv)
378 {
379         int ii;
380         int rc;
381         const char *verbose = getenv("VERBOSE");
382 
383         if (argc >= 2) {
384                 /* If we are invoked with an argument, don't run tests. */
385                 const char *in_test = getenv("IN_TEST");
386 
387                 if (verbose) {
388                         printf("  invoked with:");
389                         for (ii = 0; ii < argc; ii++)
390                                 printf(" [%d]='%s'", ii, argv[ii]);
391                         printf("\n");
392                 }
393 
394                 /* Check expected environment transferred. */
395                 if (!in_test || strcmp(in_test, "yes") != 0) {
396                         printf("[FAIL] (no IN_TEST=yes in env)\n");
397                         return 1;
398                 }
399 
400                 /* Use the final argument as an exit code. */
401                 rc = atoi(argv[argc - 1]);
402                 fflush(stdout);
403         } else {
404                 prerequisites();
405                 if (verbose)
406                         envp[1] = "VERBOSE=1";
407                 rc = run_tests();
408                 if (rc > 0)
409                         printf("%d tests failed\n", rc);
410         }
411         return rc;
412 }
413 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp