elf/tst-env-setuid-tunables.c

   1 /* Copyright (C) 2017-2023 Free Software Foundation, Inc.
   2    This file is part of the GNU C Library.
   3
   4    The GNU C Library is free software; you can redistribute it and/or
   5    modify it under the terms of the GNU Lesser General Public
   6    License as published by the Free Software Foundation; either
   7    version 2.1 of the License, or (at your option) any later version.
   8
   9    The GNU C Library is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12    Lesser General Public License for more details.
  13
  14    You should have received a copy of the GNU Lesser General Public
  15    License along with the GNU C Library; if not, see
  16    <https://www.gnu.org/licenses/>.  */
  17
  18 /* Verify that tunables correctly filter out unsafe tunables like
  19    glibc.malloc.check and glibc.malloc.mmap_threshold but also retain
  20    glibc.malloc.mmap_threshold in an unprivileged child.  */
  21
  22 #define _LIBC 1
  23 #include "config.h"
  24 #undef _LIBC
  25
  26 #include <errno.h>
  27 #include <fcntl.h>
  28 #include <stdlib.h>
  29 #include <stdint.h>
  30 #include <stdio.h>
  31 #include <string.h>
  32 #include <sys/stat.h>
  33 #include <sys/wait.h>
  34 #include <unistd.h>
  35 #include <intprops.h>
  36 #include <array_length.h>
  37
  38 #include <support/check.h>
  39 #include <support/support.h>
  40 #include <support/test-driver.h>
  41 #include <support/capture_subprocess.h>
  42
  43 const char *teststrings[] =
  44 {
  45   "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096",
  46   "glibc.malloc.check=2:glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096",
  47   "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096:glibc.malloc.check=2",
  48   "glibc.malloc.perturb=0x800",
  49   "glibc.malloc.perturb=0x800:glibc.malloc.mmap_threshold=4096",
  50   "glibc.malloc.perturb=0x800:not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096",
  51   "glibc.not_valid.check=2:glibc.malloc.mmap_threshold=4096",
  52   "not_valid.malloc.check=2:glibc.malloc.mmap_threshold=4096",
  53   "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096",
  54   "glibc.malloc.check=2",
  55   "glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096:glibc.malloc.check=2",
  56   "glibc.malloc.check=4:glibc.malloc.garbage=2:glibc.maoc.mmap_threshold=4096",
  57   ":glibc.malloc.garbage=2:glibc.malloc.check=1",
  58   "glibc.malloc.check=1:glibc.malloc.check=2",
  59   "not_valid.malloc.check=2",
  60   "glibc.not_valid.check=2",
  61 };
  62
  63 static int
  64 test_child (int off)
  65 {
  66   const char *val = getenv ("GLIBC_TUNABLES");
  67   int ret = 1;
  68
  69   printf ("    [%d] GLIBC_TUNABLES is %s\n", off, val);
  70   fflush (stdout);
  71   if (val != NULL)
  72     printf ("    [%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val);
  73   else
  74     ret = 0;
  75   fflush (stdout);
  76
  77   return ret;
  78 }
  79
  80 static int
  81 do_test (int argc, char **argv)
  82 {
  83   /* Setgid child process.  */
  84   if (argc == 2)
  85     {
  86       if (getgid () == getegid ())
  87         /* This can happen if the file system is mounted nosuid.  */
  88         FAIL_UNSUPPORTED ("SGID failed: GID and EGID match (%jd)\n",
  89                           (intmax_t) getgid ());
  90
  91       int ret = test_child (atoi (argv[1]));
  92
  93       if (ret != 0)
  94         exit (1);
  95
  96       /* Special return code to make sure that the child executed all the way
  97          through.  */
  98       exit (42);
  99     }
 100   else
 101     {
 102       /* Spawn tests.  */
 103       for (int i = 0; i < array_length (teststrings); i++)
 104         {
 105           char buf[INT_BUFSIZE_BOUND (int)];
 106
 107           printf ("[%d] Spawned test for %s\n", i, teststrings[i]);
 108           snprintf (buf, sizeof (buf), "%d\n", i);
 109           fflush (stdout);
 110           if (setenv ("GLIBC_TUNABLES", teststrings[i], 1) != 0)
 111             {
 112               printf ("    [%d] Failed to set GLIBC_TUNABLES: %m", i);
 113               support_record_failure ();
 114               continue;
 115             }
 116
 117           int status = support_capture_subprogram_self_sgid (buf);
 118
 119           /* Bail out early if unsupported.  */
 120           if (WEXITSTATUS (status) == EXIT_UNSUPPORTED)
 121             return EXIT_UNSUPPORTED;
 122
 123           if (WEXITSTATUS (status) != 42)
 124             {
 125               printf ("    [%d] child failed with status %d\n", i,
 126                       WEXITSTATUS (status));
 127               support_record_failure ();
 128             }
 129         }
 130       return 0;
 131     }
 132 }
 133
 134 #define TEST_FUNCTION_ARGV do_test
 135 #include <support/test-driver.c>