/* * Copyright (c) 2017 SUSE. All Rights Reserved. * * This program is free software; you can redistribute it and/or modify it * under the terms of version 2 or any later of the GNU General Public License * as published by the Free Software Foundation. * * This program is distributed in the hope that it would be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * * Further, this software is distributed without any warranty that it is * free of the rightful claim of any third person regarding infringement * or the like. Any license provided herein, whether implied or * otherwise, applies only to this software file. Patent licenses, if * any, provided herein do not apply to combinations of this program with * other software, or any other product whatsoever. * * You should have received a copy of the GNU General Public License along * with this program; if not, write the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * * Started by Jan Kara <jack@suse.cz> * * DESCRIPTION * Check that fanotify permission events are handled properly on instance * destruction. * * Kernel crashes should be fixed by: * 96d41019e3ac "fanotify: fix list corruption in fanotify_get_response()" * * Kernel hangs should be fixed by: * 05f0e38724e8 "fanotify: Release SRCU lock when waiting for userspace response" */ #define _GNU_SOURCE #include "config.h" #include <stdio.h> #include <unistd.h> #include <stdlib.h> #include <sys/stat.h> #include <sys/types.h> #include <sys/fcntl.h> #include <sys/wait.h> #include <errno.h> #include <string.h> #include <signal.h> #include <sys/syscall.h> #include "tst_test.h" #include "lapi/syscalls.h" #include "fanotify.h" #if defined(HAVE_SYS_FANOTIFY_H) #include <sys/fanotify.h> #define BUF_SIZE 256 static char fname[BUF_SIZE]; static char buf[BUF_SIZE]; static volatile int fd_notify; /* Number of children we start */ #define MAX_CHILDREN 16 static pid_t child_pid[MAX_CHILDREN]; /* Number of children we don't respond to before stopping */ #define MAX_NOT_RESPONDED 4 static void generate_events(void) { int fd; /* * generate sequence of events */ if ((fd = open(fname, O_RDWR | O_CREAT, 0700)) == -1) exit(1); /* Run until killed... */ while (1) { lseek(fd, 0, SEEK_SET); if (read(fd, buf, BUF_SIZE) == -1) exit(3); } } static void run_children(void) { int i; for (i = 0; i < MAX_CHILDREN; i++) { child_pid[i] = SAFE_FORK(); if (!child_pid[i]) { /* Child will generate events now */ close(fd_notify); generate_events(); exit(0); } } } static int stop_children(void) { int child_ret; int i, ret = 0; for (i = 0; i < MAX_CHILDREN; i++) SAFE_KILL(child_pid[i], SIGKILL); for (i = 0; i < MAX_CHILDREN; i++) { SAFE_WAITPID(child_pid[i], &child_ret, 0); if (!WIFSIGNALED(child_ret)) ret = 1; } return ret; } static int setup_instance(void) { int fd; fd = SAFE_FANOTIFY_INIT(FAN_CLASS_CONTENT, O_RDONLY); if (fanotify_mark(fd, FAN_MARK_ADD, FAN_ACCESS_PERM, AT_FDCWD, fname) < 0) { close(fd); if (errno == EINVAL) { tst_brk(TCONF | TERRNO, "CONFIG_FANOTIFY_ACCESS_PERMISSIONS not " "configured in kernel?"); } else { tst_brk(TBROK | TERRNO, "fanotify_mark (%d, FAN_MARK_ADD, FAN_ACCESS_PERM, " "AT_FDCWD, %s) failed.", fd, fname); } } return fd; } static void loose_fanotify_events(void) { int not_responded = 0; /* * check events */ while (not_responded < MAX_NOT_RESPONDED) { struct fanotify_event_metadata event; struct fanotify_response resp; /* Get more events */ SAFE_READ(1, fd_notify, &event, sizeof(event)); if (event.mask != FAN_ACCESS_PERM) { tst_res(TFAIL, "get event: mask=%llx (expected %llx) " "pid=%u fd=%u", (unsigned long long)event.mask, (unsigned long long)FAN_ACCESS_PERM, (unsigned)event.pid, event.fd); break; } /* * We respond to permission event with 95% percent * probability. */ if (random() % 100 > 5) { /* Write response to permission event */ resp.fd = event.fd; resp.response = FAN_ALLOW; SAFE_WRITE(1, fd_notify, &resp, sizeof(resp)); } else { not_responded++; } SAFE_CLOSE(event.fd); } } static void test_fanotify(void) { int newfd; int ret; fd_notify = setup_instance(); run_children(); loose_fanotify_events(); /* * Create and destroy another instance. This may hang if * unanswered fanotify events block notification subsystem. */ newfd = setup_instance(); if (close(newfd)) { tst_brk(TBROK | TERRNO, "close(%d) failed", newfd); } tst_res(TPASS, "second instance destroyed successfully"); /* * Now destroy the fanotify instance while there are permission * events at various stages of processing. This may provoke * kernel hangs or crashes. */ SAFE_CLOSE(fd_notify); ret = stop_children(); if (ret) tst_res(TFAIL, "child exited for unexpected reason"); else tst_res(TPASS, "all children exited successfully"); } static void setup(void) { sprintf(fname, "fname_%d", getpid()); SAFE_FILE_PRINTF(fname, "%s", fname); } static void cleanup(void) { if (fd_notify > 0) SAFE_CLOSE(fd_notify); } static struct tst_test test = { .test_all = test_fanotify, .setup = setup, .cleanup = cleanup, .needs_tmpdir = 1, .forks_child = 1, .needs_root = 1, }; #else TST_TEST_TCONF("system doesn't have required fanotify support"); #endif