[CRIU] [PATCH v3] zdtm: test that UNIX socket owner/group don't change

Fri Aug 22 02:27:14 PDT 2014

On Fri, Aug 22, 2014 at 11:27:01AM +0400, Pavel Tikhomirov wrote:
> In container c/r(OVZ) if UNIX socket was created on tmpfs uid and gid
> might have become corrupted.

Could you explain why they are corrupted on tmpfs only?

> To recreate this case in CRIU, need to mount tmpfs in mount namespace,
> so it will be explictly restored.
> 
> run: bash test/zdtm.sh ns/static/sockets00

We want to execute sockets00 in a current set of namespaces.

ns/* teests are not executed for OpenVZ.

> 
> https://jira.sw.ru/browse/PSBM-28427

Pls, don't add internal links in CRIU patches.

https://bugzilla.openvz.org/show_bug.cgi?id=2969

> 
> changes:
> v2 - cleanup headers, close socket, use err instead fail,
> print id's on error.
> v3 - move to sockets00, mount tmpfs and extend explanation.
> 
> Signed-off-by: Pavel Tikhomirov <ptikhomirov at parallels.com>
> ---
>  test/zdtm.sh                      |  1 +
>  test/zdtm/live/static/sockets00.c | 30 +++++++++++++++++++++++++++++-
>  2 files changed, 30 insertions(+), 1 deletion(-)
> 
> diff --git a/test/zdtm.sh b/test/zdtm.sh
> index 1fd9015..b337b0f 100755
> --- a/test/zdtm.sh
> +++ b/test/zdtm.sh
> @@ -225,6 +225,7 @@ mntns_open
>  mntns_link_remap
>  mntns_link_ghost
>  socket-uid-gid
> +sockets00
>  "
>  
>  source $(readlink -f `dirname $0`/env.sh) || exit 1
> diff --git a/test/zdtm/live/static/sockets00.c b/test/zdtm/live/static/sockets00.c
> index 6ff93ab..1e98154 100644
> --- a/test/zdtm/live/static/sockets00.c
> +++ b/test/zdtm/live/static/sockets00.c
> @@ -11,6 +11,7 @@
>  #include <sys/wait.h>
>  #include <sys/un.h>
>  #include <sys/stat.h>
> +#include <sys/mount.h>
>  #include <limits.h>
>  #include <fcntl.h>
>  
> @@ -36,6 +37,9 @@ int main(int argc, char *argv[])
>  	char path[PATH_MAX];
>  	char buf[64];
>  	char *cwd;
> +	uid_t uid = 18943;
> +	gid_t gid = 58467;
> +	char *tmpfs_dir = "tmpfs";
>  
>  	int ret;
>  
> @@ -47,7 +51,19 @@ int main(int argc, char *argv[])
>  		exit(1);
>  	}
>  
> -	snprintf(path, sizeof(path), "%s/%s", cwd, filename);
> +	snprintf(path, sizeof(path), "%s/%s", cwd, tmpfs_dir);
> +	rmdir(path);
> +	if(mkdir(path, 0777)) {
> +		err("mkdir\n");
> +		exit(1);
> +	}
> +
> +	if(mount("none", path, "tmpfs", 0, "mode=0755,uid=99")) {
> +		err("mount tmpfs\n");
> +		exit(1);
> +	}
> +
> +	snprintf(path, sizeof(path), "%s/%s/%s", cwd, tmpfs_dir, filename);
>  	unlink(path);
>  
>  	addr.sun_family = AF_UNIX;
> @@ -74,6 +90,12 @@ int main(int argc, char *argv[])
>  		exit(1);
>  	}
>  
> +	ret = chown(path, uid, gid);
> +	if (ret) {
> +		err("chown");
> +		exit(1);
> +	}
> +
>  	ret = listen(ssk_icon[0], 16);
>  	if (ret) {
>  		fail("bind\n");
> @@ -119,6 +141,12 @@ int main(int argc, char *argv[])
>  		exit(1);
>  	}
>  
> +	if (st_b.st_uid != uid || st_b.st_gid != gid) {
> +		err("Owner user or group for %s corrupted, uid=%d, gid=%d",
> +		    path, st_b.st_uid, st_b.st_gid);
> +		exit(1);
> +	}
> +
>  	ret = accept(ssk_icon[0], NULL, NULL);
>  	if (ret < 0) {
>  		fail("accept\n");
> -- 
> 1.9.3
> 