This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]
Re: [PATCH 3/5] linux ttyname and ttyname_r: Add tests [BZ #22145]

From: Christian Brauner <christian dot brauner at mailbox dot org>
To: Luke Shumaker <lukeshu at parabola dot nu>
Cc: libc-alpha at sourceware dot org, christian dot brauner at ubuntu dot com
Date: Thu, 12 Oct 2017 12:32:59 +0200 (CEST)
Subject: Re: [PATCH 3/5] linux ttyname and ttyname_r: Add tests [BZ #22145]
Authentication-results: sourceware.org; auth=none
References: <20171012035321.22094-1-lukeshu@parabola.nu> <20171012035321.22094-4-lukeshu@parabola.nu>
On Wed, Oct 11, 2017 at 11:53:19PM -0400, Luke Shumaker wrote:
> Some of these tests fail for now, the following commits should resolve
> the failures.

Why then arrange them in that order? Is there a reason to not put the tests last
after the other commits?

> ---
> ChangeLog                             |   4 +
> sysdeps/unix/sysv/linux/Makefile      |   2 +-
> sysdeps/unix/sysv/linux/tst-ttyname.c | 325 ++++++++++++++++++++++++++++++++++
> 3 files changed, 330 insertions(+), 1 deletion(-)
> create mode 100644 sysdeps/unix/sysv/linux/tst-ttyname.c
> 
> diff --git a/ChangeLog b/ChangeLog
> index 029c2a265a..1921f8883b 100644
> --- a/ChangeLog
> +++ b/ChangeLog
> @@ -1,5 +1,9 @@
> 2017-10-11  Luke Shumaker  <lukeshu@parabola.nu>
> 
> +	[BZ #22145]
> +	* sysdeps/unix/sysv/linux/tst-ttyname.c: New file.
> +	* sysdeps/unix/sysv/linux/Makefile: Add tst-ttyname to tests.
> +
> * sysdeps/unix/sysv/linux/ttyname.h (is_pty): Update doc reference.
> 
> * manual/terminal.texi: Mention ENODEV for ttyname and ttyname_r.
> diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile
> index 30bd167bae..dcd9208352 100644
> --- a/sysdeps/unix/sysv/linux/Makefile
> +++ b/sysdeps/unix/sysv/linux/Makefile
> @@ -50,7 +50,7 @@ sysdep_headers += sys/mount.h sys/acct.h sys/sysctl.h \
> bits/siginfo-arch.h bits/siginfo-consts-arch.h
> 
> tests += tst-clone tst-clone2 tst-clone3 tst-fanotify tst-personality \
> -	 tst-quota tst-sync_file_range test-errno-linux
> +	 tst-quota tst-sync_file_range tst-ttyname test-errno-linux
> 
> # Generate the list of SYS_* macros for the system calls (__NR_*
> # macros).  The file syscall-names.list contains all possible system
> diff --git a/sysdeps/unix/sysv/linux/tst-ttyname.c b/sysdeps/unix/sysv/linux/tst-ttyname.c
> new file mode 100644
> index 0000000000..884e498d35
> --- /dev/null
> +++ b/sysdeps/unix/sysv/linux/tst-ttyname.c
> @@ -0,0 +1,325 @@
> +/* Copyright (C) 2017 Free Software Foundation, Inc.
> +   This file is part of the GNU C Library.
> +
> +   The GNU C Library is free software; you can redistribute it and/or
> +   modify it under the terms of the GNU Lesser General Public License as
> +   published by the Free Software Foundation; either version 2.1 of the
> +   License, or (at your option) any later version.
> +
> +   The GNU C Library is distributed in the hope that it will be useful,
> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +   Lesser General Public License for more details.
> +
> +   You should have received a copy of the GNU Lesser General Public
> +   License along with the GNU C Library; see the file COPYING.LIB.  If
> +   not, see <http://www.gnu.org/licenses/>.  */
> +
> +#include <errno.h>
> +#include <fcntl.h>
> +#include <limits.h>
> +#include <sched.h>
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +#include <sys/mount.h>
> +#include <sys/stat.h>
> +#include <sys/wait.h>
> +#include <unistd.h>
> +
> +#include <support/check.h>
> +#include <support/namespace.h>
> +#include <support/support.h>
> +#include <support/temp_file.h>
> +#include <support/test-driver.h>
> +#include <support/xunistd.h>
> +
> +#define PREPARE prepare
> +
> +#define VERIFY(expr)					\
> +  ({							\
> +    if (expr)						\
> +      ;							\
> +    else						\
> +      support_exit_failure_impl				\
> +        (1, __FILE__, __LINE__, "%s: %m", #expr);	\
> +  })
> +
> +/* plain ttyname runner */
> +
> +struct result {
> +  const char *name;
> +  int err;
> +};
> +
> +static struct result
> +run_ttyname (int fd)
> +{
> +  struct result ret;
> +  errno = 0;
> +  ret.name = ttyname (fd);

You very likely want to strdup() this. ttyname() is perfectly free to overwrite
the buffer. Also this pointer is going to be invalid after the funtion returns.

> +  ret.err = errno;
> +  return ret;
> +}

Looks like you're returning stack memory from run_ttyname(). That's invalid
memory after the function returns.

> +
> +static bool
> +eq_ttyname (struct result actual, struct result expected)
> +{
> +  if ((actual.err == expected.err) &&
> +      (!actual.name == !expected.name) &&
> +      (actual.name ? strcmp (actual.name, expected.name) == 0 : true))
> +    {
> +      char *name = expected.name
> +	? xasprintf("\"%s\"", expected.name)
> +	: strdup("NULL");
> +      printf ("info: PASS {name=%s, errno=%d}\n",
> +	      name, expected.err);
> +      free(name);
> +      return true;
> +    }
> +
> +  char *actual_name = actual.name
> +    ? xasprintf("\"%s\"", actual.name)
> +    : strdup("NULL");
> +  char *expected_name = expected.name
> +    ? xasprintf("\"%s\"", expected.name)
> +    : strdup("NULL");
> +  printf ("error: actual {name=%s, errno=%d} != expected {name=%s, errno=%d}\n",
> +	  actual_name, actual.err,
> +	  expected_name, expected.err);
> +  free(actual_name);
> +  free(expected_name);
> +  return false;
> +}

The function layout doesn't make much sense to me. Why wouldn't you pass by
reference here aka

eq_ttyname(struct result *actual, struct result *expected)

?

> +
> +/* ttyname_r runner */
> +
> +struct result_r {
> +  const char *name;
> +  int ret;
> +  int err;
> +};
> +
> +static struct result_r
> +run_ttyname_r (int fd)
> +{
> +  static char buf[TTY_NAME_MAX];
> +
> +  struct result_r ret;
> +  errno = 0;
> +  ret.ret = ttyname_r (fd, buf, TTY_NAME_MAX);
> +  ret.err = errno;
> +  if (ret.ret == 0)
> +    ret.name = buf;
> +  else
> +    ret.name = NULL;
> +  return ret;
> +}

Same problem as before, you're returning stack memory and fail to strdup() the
result of ttyname{_r}().

> +
> +static bool
> +eq_ttyname_r (struct result_r actual, struct result_r expected)
> +{
> +  if ((actual.err == expected.err) &&
> +      (actual.ret == expected.ret) &&
> +      (!actual.name == !expected.name) &&
> +      (actual.name ? strcmp (actual.name, expected.name) == 0 : true))
> +    {
> +      char *name = expected.name
> +	? xasprintf("\"%s\"", expected.name)
> +	: strdup("NULL");
> +      printf ("info: PASS {name=%s, ret=%d, errno=%d}\n",
> +              name, expected.ret, expected.err);
> +      free(name);
> +      return true;
> +    }
> +
> +  char *actual_name = actual.name
> +    ? xasprintf("\"%s\"", actual.name)
> +    : strdup("NULL");
> +  char *expected_name = expected.name
> +    ? xasprintf("\"%s\"", expected.name)
> +    : strdup("NULL");
> +  printf ("error: actual {name=%s, ret=%d, errno=%d} != expected {name=%s, ret=%d, errno=%d}\n",
> +	  actual_name, actual.ret, actual.err,
> +	  expected_name, expected.ret, expected.err);
> +  free(actual_name);
> +  free(expected_name);
> +  return false;
> +}

Should take pointers as arguments.

> +
> +/* combined runner */
> +
> +static bool
> +doit (int fd, const char *testname, struct result_r expected_r) {
> +  struct result expected = {.name=expected_r.name, .err=expected_r.ret};
> +  bool ret = true;
> +
> +  printf ("info: running %s\n", testname);
> +
> +  ret = eq_ttyname (run_ttyname (fd), expected) && ret;
> +  ret = eq_ttyname_r (run_ttyname_r (fd), expected_r) && ret;
> +
> +  return ret;
> +}

Given my points from above I'd be surprised if that won't SEGFAULT all over the
place under the right conditions. :)

> +
> +/* main test */
> +
> +static char *chrootdir;
> +static uid_t orig_uid;
> +static uid_t orig_gid;
> +
> +static void
> +prepare (int argc, char **argv)
> +{
> +  chrootdir = xasprintf ("%s/tst-ttyname-XXXXXX", test_dir);
> +  if (mkdtemp (chrootdir) == NULL)
> +    FAIL_EXIT1 ("mkdtemp (\"%s\"): %m", chrootdir);
> +  add_temp_file (chrootdir);
> +
> +  orig_uid = getuid();
> +  orig_gid = getgid();
> +}

Sorry, but where is this function called in the code?

> +
> +static int
> +do_test (void)
> +{
> +  struct stat st;
> +
> +  /* Open the PTS that we'll be testing on. */
> +  int master;
> +  char *slavename;
> +  VERIFY ((master = posix_openpt (O_RDWR|O_NOCTTY|O_NONBLOCK)) >= 0);
> +  VERIFY ((slavename = ptsname (master)));
> +  VERIFY (unlockpt (master) == 0);
> +  if (strncmp (slavename, "/dev/pts/", 9) != 0)
> +    FAIL_UNSUPPORTED ("slave pseudo-terminal is not under /dev/pts/: %s",
> +		      slavename);
> +  int slave = xopen (slavename, O_RDWR, 0);

Why isn't that simply calling openpty()?

+
+  /* Do a basic smoke test */
+
+  if (!doit (slave, "basic smoketest",
+	     (struct result_r){.name=slavename, .ret=0, .err=0}))
+    return 1;
+
+  /* Do the rest in a new mount namespace. */
+
+  support_become_root ();
+  if (unshare (CLONE_NEWNS) < 0)
+    FAIL_UNSUPPORTED ("could not enter new mount namespace");
+  /* support_become_root might have put us in a new user namespace;
+     most filesystems (including tmpfs) don't allow file or directory
+     creation from a user namespace unless uid and gid maps are set,
+     even if we have root privileges in the namespace.
+
+     Also, stat always reports that uid and gid maps are empty, so we
+     have to try actually reading from them to check if they are
+     empty. */
+  int fd;
+  if ((fd = open("/proc/self/uid_map", O_RDWR, 0)) >= 0)
+    {
+      char buf;
+      if (read(fd, &buf, 1) == 0)
+	{
+	  char *str = xasprintf ("0 %ld 1\n", (long)orig_uid);
+	  if (write(fd, str, strlen(str)) < 0)
+	    FAIL_EXIT1("write(uid_map, \"%s\"): %m", str);
+	  free(str);
+	}
+      xclose (fd);
+    }
+  /* oh, but we can't set the gid map until we turn off setgroups */
+  if ((fd = open ("/proc/self/setgroups", O_WRONLY, 0)) >= 0)
+    {
+      const char *str = "deny";
+      if (write(fd, str, strlen(str)) < 0)
+	FAIL_EXIT1("write(setroups, \"%s\"): %m", str);
+      xclose(fd);
+    }
+  if ((fd = open ("/proc/self/gid_map", O_RDWR, 0)) >= 0)
+    {
+      char buf;
+      if (read(fd, &buf, 1) == 0)
+	{
+	  char *str = xasprintf ("0 %ld 1\n", (long)orig_gid);
+	  if (write(fd, str, strlen(str)) < 0)
+	    FAIL_EXIT1("write(gid_map, \"%s\"): %m", str);
+	  free(str);
+	}
+      xclose (fd);
+    }
+
+  /* Set up the chroot */
+
+  VERIFY (mount ("tmpfs", chrootdir, "tmpfs", 0, "mode=755") == 0);
+  VERIFY (chdir (chrootdir) == 0);
+
+  xmkdir ("proc", 0755);
+  /* We possibly aren't root, but just have our own user-ns and
+     mount-ns; we'd also need our own pid-ns to mount procfs
+     normally. */
+  VERIFY (mount ("/proc", "proc", NULL, MS_BIND|MS_REC, NULL) == 0);
+
+  xmkdir ("dev", 0755);
+
+  xmkdir ("dev/pts", 0755);
+  VERIFY
+    (mount ("devpts", "dev/pts", "devpts",
+            MS_NOSUID|MS_NOEXEC, "newinstance,ptmxmode=0666,mode=620") == 0);
+  VERIFY (symlink ("pts/ptmx", "dev/ptmx") == 0);
+
+  /* Put the console at "/console" (where it won't be found);
+     explicitly remount it at "/dev/console" later when we run a test
+     we expect to succeed. */
+  xclose (xopen ("console", O_WRONLY|O_CREAT|O_NOCTTY, 0));
+  xclose (xopen ("dev/console", O_WRONLY|O_CREAT|O_NOCTTY, 0));
+  VERIFY (mount (slavename, "console", NULL, MS_BIND, NULL) == 0);
+
+  xchroot (chrootdir);
+  VERIFY (chdir ("/") == 0);
+
+  bool ok = true;
+
+  VERIFY (stat (slavename, &st) < 0); /* sanity check */
+  ok = doit (slave, "no conflict, no match",
+	     (struct result_r){.name=NULL, .ret=ENODEV, .err=ENODEV}) && ok;
+  VERIFY (mount ("/console", "/dev/console", NULL, MS_BIND, NULL) == 0);
+  ok = doit (slave, "no conflict, console",
+	     (struct result_r){.name="/dev/console", .ret=0, .err=0}) && ok;
+  VERIFY (umount ("/dev/console") == 0);
+
+  /* keep creating PTYs until we we get a name collision */
+  while (stat (slavename, &st) < 0)
+    posix_openpt (O_RDWR|O_NOCTTY|O_NONBLOCK);
+  VERIFY (stat (slavename, &st) == 0);
+  ok = doit (slave, "conflict, no match",
+	     (struct result_r){.name=NULL, .ret=ENODEV, .err=ENODEV}) && ok;
+  VERIFY (mount ("/console", "/dev/console", NULL, MS_BIND, NULL) == 0);
+  ok = doit (slave, "conflict, console",
+	     (struct result_r){.name="/dev/console", .ret=0, .err=0}) && ok;
+  VERIFY (umount ("/dev/console") == 0);
+
+  VERIFY (mount ("/console", "/dev/console", NULL, MS_BIND, NULL) == 0);
+  VERIFY (mount ("/console", slavename, NULL, MS_BIND, NULL) == 0);
+  ok = doit (slave, "with bound pts name",
+	     (struct result_r){.name=slavename, .ret=0, .err=0}) && ok;
+  VERIFY (umount (slavename) == 0);
+  VERIFY (umount ("/dev/console") == 0);
+  
+  VERIFY (mount ("/console", "/dev/console", NULL, MS_BIND, NULL) == 0);
+  xmkdir ("/oldpts", 0755);
+  VERIFY (mount ("/dev/pts", "/oldpts", NULL, MS_MOVE, NULL) == 0);
+  xclose (xopen ("/dev/pts/trap", O_WRONLY|O_CREAT|O_NOCTTY, 0));
+  char *path = xasprintf("/oldpts/%s", strrchr(slavename, '/')+1);
+  VERIFY (mount (path, "/dev/pts/trap", NULL, MS_BIND, NULL) == 0);
+  free(path);
+  ok = doit (slave, "with search-path trap",
+	     (struct result_r){.name="/dev/console", .ret=0, .err=0}) && ok;
+  VERIFY (umount ("/dev/pts/trap") == 0);
+  VERIFY (unlink ("/dev/pts/trap") == 0);
+  VERIFY (umount ("/dev/console") == 0);
+
+  return ok ? 0 : 1;
+}

Tbh, this is very convoluted atm.

+
+#include <support/test-driver.c>
-- 
2.14.2
Follow-Ups:
- Re: [PATCH 3/5] linux ttyname and ttyname_r: Add tests [BZ #22145]
  - From: Andreas Schwab
- Re: [PATCH 3/5] linux ttyname and ttyname_r: Add tests [BZ #22145]
  - From: Luke Shumaker
References:
- [PATCH 0/5] Fixup linux ttyname and ttyname_r [BZ #22145]
  - From: Luke Shumaker
- [PATCH 3/5] linux ttyname and ttyname_r: Add tests [BZ #22145]
  - From: Luke Shumaker
Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]