[PATCH 1/6] sysvipc: Fix SEM_STAT_ANY kernel argument pass [BZ #26637]

Adhemerval Zanella adhemerval.zanella@linaro.org
Mon Sep 28 14:45:51 GMT 2020 

From: "Dmitry V. Levin" <ldv@altlinux.org>

Handle SEM_STAT_ANY the same way as SEM_STAT so that the buffer argument
of SEM_STAT_ANY is properly passed to the kernel and back.

The regression testcase checks for Linux specifix SysV ipc message
control extension.  For IPC_INFO/SEM_INFO it tries to match the values
against the tunable /proc values and for SEM_STAT/SEM_STAT_ANY it
check if the create message queue is within the global list returned
by the kernel.

Checked on x86_64-linux-gnu and on i686-linux-gnu (Linux v5.4 and on
Linux v4.15).

Co-authored-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
---
 sysdeps/unix/sysv/linux/Makefile            |   2 +-
 sysdeps/unix/sysv/linux/semctl.c            |   6 +
 sysdeps/unix/sysv/linux/tst-sysvsem-linux.c | 198 ++++++++++++++++++++
 sysvipc/test-sysvsem.c                      |   1 +
 4 files changed, 206 insertions(+), 1 deletion(-)
 create mode 100644 sysdeps/unix/sysv/linux/tst-sysvsem-linux.c

diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile
index 3bd3106ef9..4a4ed3cb5d 100644
--- a/sysdeps/unix/sysv/linux/Makefile
+++ b/sysdeps/unix/sysv/linux/Makefile
@@ -101,7 +101,7 @@ tests += tst-clone tst-clone2 tst-clone3 tst-fanotify tst-personality \
 	 tst-quota tst-sync_file_range tst-sysconf-iov_max tst-ttyname \
 	 test-errno-linux tst-memfd_create tst-mlock2 tst-pkey \
 	 tst-rlimit-infinity tst-ofdlocks tst-gettid tst-gettid-kill \
-	 tst-tgkill
+	 tst-tgkill tst-sysvsem-linux
 tests-internal += tst-ofdlocks-compat tst-sigcontext-get_pc
 
 CFLAGS-tst-sigcontext-get_pc.c = -fasynchronous-unwind-tables
diff --git a/sysdeps/unix/sysv/linux/semctl.c b/sysdeps/unix/sysv/linux/semctl.c
index f131a26fc7..1cdabde8f2 100644
--- a/sysdeps/unix/sysv/linux/semctl.c
+++ b/sysdeps/unix/sysv/linux/semctl.c
@@ -102,6 +102,7 @@ semun64_to_ksemun64 (int cmd, union semun64 semun64,
       r.array = semun64.array;
       break;
     case SEM_STAT:
+    case SEM_STAT_ANY:
     case IPC_STAT:
     case IPC_SET:
       r.buf = buf;
@@ -150,6 +151,7 @@ __semctl64 (int semid, int semnum, int cmd, ...)
     case IPC_STAT:      /* arg.buf */
     case IPC_SET:
     case SEM_STAT:
+    case SEM_STAT_ANY:
     case IPC_INFO:      /* arg.__buf */
     case SEM_INFO:
       va_start (ap, cmd);
@@ -238,6 +240,7 @@ semun_to_semun64 (int cmd, union semun semun, struct __semid64_ds *semid64)
       r.array = semun.array;
       break;
     case SEM_STAT:
+    case SEM_STAT_ANY:
     case IPC_STAT:
     case IPC_SET:
       r.buf = semid64;
@@ -267,6 +270,7 @@ __semctl (int semid, int semnum, int cmd, ...)
     case IPC_STAT:      /* arg.buf */
     case IPC_SET:
     case SEM_STAT:
+    case SEM_STAT_ANY:
     case IPC_INFO:      /* arg.__buf */
     case SEM_INFO:
       va_start (ap, cmd);
@@ -321,6 +325,7 @@ __semctl_mode16 (int semid, int semnum, int cmd, ...)
     case IPC_STAT:      /* arg.buf */
     case IPC_SET:
     case SEM_STAT:
+    case SEM_STAT_ANY:
     case IPC_INFO:      /* arg.__buf */
     case SEM_INFO:
       va_start (ap, cmd);
@@ -354,6 +359,7 @@ __old_semctl (int semid, int semnum, int cmd, ...)
     case IPC_STAT:      /* arg.buf */
     case IPC_SET:
     case SEM_STAT:
+    case SEM_STAT_ANY:
     case IPC_INFO:      /* arg.__buf */
     case SEM_INFO:
       va_start (ap, cmd);
diff --git a/sysdeps/unix/sysv/linux/tst-sysvsem-linux.c b/sysdeps/unix/sysv/linux/tst-sysvsem-linux.c
new file mode 100644
index 0000000000..12a3946d98
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/tst-sysvsem-linux.c
@@ -0,0 +1,198 @@
+/* Basic tests for Linux SYSV semaphore extensions.
+   Copyright (C) 2020 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <sys/ipc.h>
+#include <sys/sem.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <stdio.h>
+
+#include <support/check.h>
+#include <support/temp_file.h>
+
+/* These are for the temporary file we generate.  */
+static char *name;
+static int semid;
+
+static void
+remove_sem (void)
+{
+  /* Enforce message queue removal in case of early test failure.
+     Ignore error since the sem may already have being removed.  */
+  semctl (semid, 0, IPC_RMID, 0);
+}
+
+static void
+do_prepare (int argc, char *argv[])
+{
+  TEST_VERIFY_EXIT (create_temp_file ("tst-sysvsem.", &name) != -1);
+}
+
+#define PREPARE do_prepare
+
+#define SEM_MODE 0644
+
+union semun
+{
+  int val;
+  struct semid_ds *buf;
+  unsigned short  *array;
+  struct seminfo *__buf;
+};
+
+struct test_seminfo
+{
+  int semmsl;
+  int semmns;
+  int semopm;
+  int semmni;
+};
+
+/* It tries to obtain some system-wide SysV semaphore information from /proc
+   to check against IPC_INFO/SEM_INFO.  The /proc only returns the tunables
+   value of SEMMSL, SEMMNS, SEMOPM, and SEMMNI.
+
+   The kernel also returns constant value for SEMVMX, SEMMNU, SEMMAP, SEMUME,
+   and also SEMUSZ and SEMAEM (for IPC_INFO).  The issue to check them is they
+   might change over kernel releases.  */
+
+static bool
+read_sem_stat (struct test_seminfo *tseminfo)
+{
+  FILE *f = fopen ("/proc/sys/kernel/sem", "r");
+  if (f == NULL)
+    return false;
+
+  int r = fscanf (f, "%d %d %d %d",
+		  &tseminfo->semmsl, &tseminfo->semmns, &tseminfo->semopm,
+		  &tseminfo->semmni);
+  TEST_VERIFY_EXIT (r == 4);
+
+  fclose (f);
+
+  return 0;
+}
+
+
+/* Check if the semaphore with IDX (index into the kernel's internal array)
+   matches the one with KEY.  The CMD is either SEM_STAT or SEM_STAT_ANY.  */
+
+static bool
+check_seminfo (int idx, key_t key, int cmd)
+{
+  struct semid_ds seminfo;
+  int sid = semctl (idx, 0, cmd, (union semun) { .buf = &seminfo });
+  /* Ignore unused array slot returned by the kernel or information from
+     unknown semaphores.  */
+  if ((sid == -1 && errno == EINVAL) || sid != semid)
+    return false;
+
+  if (sid == -1)
+    FAIL_EXIT1 ("semctl with SEM_STAT failed (errno=%d)", errno);
+
+  if (seminfo.sem_perm.__key != key)
+    FAIL_EXIT1 ("semid_ds::sem_perm::key (%d) != %d",
+		(int) seminfo.sem_perm.__key, (int) key);
+  if (seminfo.sem_perm.mode != SEM_MODE)
+    FAIL_EXIT1 ("semid_ds::sem_perm::mode (%o) != %o",
+		seminfo.sem_perm.mode, SEM_MODE);
+  if (seminfo.sem_nsems != 1)
+    FAIL_EXIT1 ("semid_ds::sem_nsems (%lu) != 1",
+		(long unsigned) seminfo.sem_nsems);
+
+  return true;
+}
+
+static int
+do_test (void)
+{
+  atexit (remove_sem);
+
+  key_t key = ftok (name, 'G');
+  if (key == -1)
+    FAIL_EXIT1 ("ftok failed: %m");
+
+  semid = semget (key, 1, IPC_CREAT | IPC_EXCL | SEM_MODE);
+  if (semid == -1)
+    FAIL_EXIT1 ("semget failed: %m");
+
+  struct test_seminfo tipcinfo;
+  bool tipcget = read_sem_stat (&tipcinfo);
+
+  int semidx;
+
+  {
+    struct seminfo ipcinfo;
+    semidx = semctl (semid, 0, IPC_INFO, (union semun) { .__buf = &ipcinfo });
+    if (semidx == -1)
+      FAIL_EXIT1 ("semctl with IPC_INFO failed: %m");
+
+    /* We only check if /proc is mounted.  */
+    if (tipcget)
+      {
+	TEST_COMPARE (ipcinfo.semmsl, tipcinfo.semmsl);
+	TEST_COMPARE (ipcinfo.semmns, tipcinfo.semmns);
+	TEST_COMPARE (ipcinfo.semopm, tipcinfo.semopm);
+	TEST_COMPARE (ipcinfo.semmni, tipcinfo.semmni);
+      }
+  }
+
+  /* Same as before but with SEM_INFO.  */
+  {
+    struct seminfo ipcinfo;
+    semidx = semctl (semid, 0, SEM_INFO, (union semun) { .__buf = &ipcinfo });
+    if (semidx == -1)
+      FAIL_EXIT1 ("semctl with IPC_INFO failed: %m");
+
+    if (tipcget)
+      {
+	TEST_COMPARE (ipcinfo.semmsl, tipcinfo.semmsl);
+	TEST_COMPARE (ipcinfo.semmns, tipcinfo.semmns);
+	TEST_COMPARE (ipcinfo.semopm, tipcinfo.semopm);
+	TEST_COMPARE (ipcinfo.semmni, tipcinfo.semmni);
+      }
+  }
+
+  /* We check if the created semaphore shows in the system-wide status.  */
+  bool found = false;
+  for (int i = 0; i <= semidx; i++)
+    {
+      if (check_seminfo (i, key, SEM_STAT))
+	{
+	  found = true;
+	  break;
+	}
+
+      /* We can't tell apart if SEM_STAT_ANY is not supported (kernel older
+	 than 4.17) or if the index used is invalid.  So it just check if
+	 value returned from a valid call matches the created semaphore.  */
+      check_seminfo (i, key, SEM_STAT_ANY);
+    }
+
+  if (!found)
+    FAIL_EXIT1 ("semctl with SEM_STAT/SEM_STAT_ANY could not find the "
+		"created  semaphore");
+
+  if (semctl (semid, 0, IPC_RMID, 0) == -1)
+    FAIL_EXIT1 ("semctl failed: %m");
+
+  return 0;
+}
+
+#include <support/test-driver.c>
diff --git a/sysvipc/test-sysvsem.c b/sysvipc/test-sysvsem.c
index 01dbff343a..b7284e0b48 100644
--- a/sysvipc/test-sysvsem.c
+++ b/sysvipc/test-sysvsem.c
@@ -20,6 +20,7 @@
 #include <stdlib.h>
 #include <errno.h>
 #include <string.h>
+#include <stdbool.h>
 #include <sys/types.h>
 #include <sys/ipc.h>
 #include <sys/sem.h>
-- 
2.25.1

More information about the Libc-alpha mailing list