1f08c3bdfSopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 2f08c3bdfSopenharmony_ci/* 3f08c3bdfSopenharmony_ci * Copyright (c) International Business Machines Corp., 2009 4f08c3bdfSopenharmony_ci * Copyright (c) Nadia Derbey, 2009 <Nadia.Derbey@bull.net> 5f08c3bdfSopenharmony_ci * Copyright (C) 2023 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com> 6f08c3bdfSopenharmony_ci */ 7f08c3bdfSopenharmony_ci 8f08c3bdfSopenharmony_ci/*\ 9f08c3bdfSopenharmony_ci * [Description] 10f08c3bdfSopenharmony_ci * 11f08c3bdfSopenharmony_ci * Create a mqueue inside the parent and check if it can be accessed from 12f08c3bdfSopenharmony_ci * the child namespace. Isolated and unshared process can't access to parent, 13f08c3bdfSopenharmony_ci * but plain process can. 14f08c3bdfSopenharmony_ci */ 15f08c3bdfSopenharmony_ci 16f08c3bdfSopenharmony_ci#include "tst_test.h" 17f08c3bdfSopenharmony_ci#include "lapi/sched.h" 18f08c3bdfSopenharmony_ci#include "tst_safe_posix_ipc.h" 19f08c3bdfSopenharmony_ci 20f08c3bdfSopenharmony_ci#define MQNAME "/MQ1" 21f08c3bdfSopenharmony_ci 22f08c3bdfSopenharmony_cistatic mqd_t mqd; 23f08c3bdfSopenharmony_cistatic char *str_op; 24f08c3bdfSopenharmony_ci 25f08c3bdfSopenharmony_cistatic void run(void) 26f08c3bdfSopenharmony_ci{ 27f08c3bdfSopenharmony_ci const struct tst_clone_args clone_args = { 28f08c3bdfSopenharmony_ci .flags = CLONE_NEWIPC, 29f08c3bdfSopenharmony_ci .exit_signal = SIGCHLD, 30f08c3bdfSopenharmony_ci }; 31f08c3bdfSopenharmony_ci 32f08c3bdfSopenharmony_ci tst_res(TINFO, "Checking namespaces isolation from parent to child"); 33f08c3bdfSopenharmony_ci 34f08c3bdfSopenharmony_ci if (str_op && !strcmp(str_op, "clone")) { 35f08c3bdfSopenharmony_ci tst_res(TINFO, "Spawning isolated process"); 36f08c3bdfSopenharmony_ci 37f08c3bdfSopenharmony_ci if (!SAFE_CLONE(&clone_args)) { 38f08c3bdfSopenharmony_ci TST_EXP_FAIL(mq_open(MQNAME, O_RDONLY), ENOENT); 39f08c3bdfSopenharmony_ci return; 40f08c3bdfSopenharmony_ci } 41f08c3bdfSopenharmony_ci } else if (str_op && !strcmp(str_op, "unshare")) { 42f08c3bdfSopenharmony_ci tst_res(TINFO, "Spawning unshared process"); 43f08c3bdfSopenharmony_ci 44f08c3bdfSopenharmony_ci if (!SAFE_FORK()) { 45f08c3bdfSopenharmony_ci SAFE_UNSHARE(CLONE_NEWIPC); 46f08c3bdfSopenharmony_ci TST_EXP_FAIL(mq_open(MQNAME, O_RDONLY), ENOENT); 47f08c3bdfSopenharmony_ci return; 48f08c3bdfSopenharmony_ci } 49f08c3bdfSopenharmony_ci } else { 50f08c3bdfSopenharmony_ci tst_res(TINFO, "Spawning plain process"); 51f08c3bdfSopenharmony_ci 52f08c3bdfSopenharmony_ci if (!SAFE_FORK()) { 53f08c3bdfSopenharmony_ci TST_EXP_POSITIVE(mq_open(MQNAME, O_RDONLY)); 54f08c3bdfSopenharmony_ci return; 55f08c3bdfSopenharmony_ci } 56f08c3bdfSopenharmony_ci } 57f08c3bdfSopenharmony_ci} 58f08c3bdfSopenharmony_ci 59f08c3bdfSopenharmony_cistatic void setup(void) 60f08c3bdfSopenharmony_ci{ 61f08c3bdfSopenharmony_ci mqd = SAFE_MQ_OPEN(MQNAME, O_RDWR | O_CREAT | O_EXCL, 0777, NULL); 62f08c3bdfSopenharmony_ci} 63f08c3bdfSopenharmony_ci 64f08c3bdfSopenharmony_cistatic void cleanup(void) 65f08c3bdfSopenharmony_ci{ 66f08c3bdfSopenharmony_ci if (mqd != -1) { 67f08c3bdfSopenharmony_ci SAFE_MQ_CLOSE(mqd); 68f08c3bdfSopenharmony_ci SAFE_MQ_UNLINK(MQNAME); 69f08c3bdfSopenharmony_ci } 70f08c3bdfSopenharmony_ci} 71f08c3bdfSopenharmony_ci 72f08c3bdfSopenharmony_cistatic struct tst_test test = { 73f08c3bdfSopenharmony_ci .test_all = run, 74f08c3bdfSopenharmony_ci .setup = setup, 75f08c3bdfSopenharmony_ci .cleanup = cleanup, 76f08c3bdfSopenharmony_ci .needs_root = 1, 77f08c3bdfSopenharmony_ci .forks_child = 1, 78f08c3bdfSopenharmony_ci .options = (struct tst_option[]) { 79f08c3bdfSopenharmony_ci { "m:", &str_op, "Child process isolation <clone|unshare>" }, 80f08c3bdfSopenharmony_ci {}, 81f08c3bdfSopenharmony_ci }, 82f08c3bdfSopenharmony_ci .needs_kconfigs = (const char *[]) { 83f08c3bdfSopenharmony_ci "CONFIG_USER_NS", 84f08c3bdfSopenharmony_ci NULL 85f08c3bdfSopenharmony_ci }, 86f08c3bdfSopenharmony_ci}; 87