11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ci 31cb0ef41Sopenharmony_ciconst common = require('../common'); 41cb0ef41Sopenharmony_ciconst { spawn, spawnSync } = require('node:child_process'); 51cb0ef41Sopenharmony_ciconst { createInterface } = require('node:readline'); 61cb0ef41Sopenharmony_ciconst assert = require('node:assert'); 71cb0ef41Sopenharmony_ci 81cb0ef41Sopenharmony_ciif (!common.hasCrypto) 91cb0ef41Sopenharmony_ci common.skip('missing crypto'); 101cb0ef41Sopenharmony_ciif (!common.isLinux) 111cb0ef41Sopenharmony_ci common.skip('linux only'); 121cb0ef41Sopenharmony_ciif (common.isAsan) 131cb0ef41Sopenharmony_ci common.skip('strace does not work well with address sanitizer builds'); 141cb0ef41Sopenharmony_ciif (spawnSync('strace').error !== undefined) { 151cb0ef41Sopenharmony_ci common.skip('missing strace'); 161cb0ef41Sopenharmony_ci} 171cb0ef41Sopenharmony_ci 181cb0ef41Sopenharmony_ci{ 191cb0ef41Sopenharmony_ci const allowedOpenCalls = new Set([ 201cb0ef41Sopenharmony_ci '/etc/ssl/openssl.cnf', 211cb0ef41Sopenharmony_ci ]); 221cb0ef41Sopenharmony_ci const strace = spawn('strace', [ 231cb0ef41Sopenharmony_ci '-f', '-ff', 241cb0ef41Sopenharmony_ci '-e', 'trace=open,openat', 251cb0ef41Sopenharmony_ci '-s', '512', 261cb0ef41Sopenharmony_ci '-D', process.execPath, '-e', 'require("crypto")', 271cb0ef41Sopenharmony_ci ]); 281cb0ef41Sopenharmony_ci 291cb0ef41Sopenharmony_ci // stderr is the default for strace 301cb0ef41Sopenharmony_ci const rl = createInterface({ input: strace.stderr }); 311cb0ef41Sopenharmony_ci rl.on('line', (line) => { 321cb0ef41Sopenharmony_ci if (!line.startsWith('open')) { 331cb0ef41Sopenharmony_ci return; 341cb0ef41Sopenharmony_ci } 351cb0ef41Sopenharmony_ci 361cb0ef41Sopenharmony_ci const file = line.match(/"(.*?)"/)[1]; 371cb0ef41Sopenharmony_ci // skip .so reading attempt 381cb0ef41Sopenharmony_ci if (file.match(/.+\.so(\.?)/) !== null) { 391cb0ef41Sopenharmony_ci return; 401cb0ef41Sopenharmony_ci } 411cb0ef41Sopenharmony_ci // skip /proc/* 421cb0ef41Sopenharmony_ci if (file.match(/\/proc\/.+/) !== null) { 431cb0ef41Sopenharmony_ci return; 441cb0ef41Sopenharmony_ci } 451cb0ef41Sopenharmony_ci 461cb0ef41Sopenharmony_ci assert(allowedOpenCalls.delete(file), `${file} is not in the list of allowed openat calls`); 471cb0ef41Sopenharmony_ci }); 481cb0ef41Sopenharmony_ci const debugOutput = []; 491cb0ef41Sopenharmony_ci strace.stderr.setEncoding('utf8'); 501cb0ef41Sopenharmony_ci strace.stderr.on('data', (chunk) => { 511cb0ef41Sopenharmony_ci debugOutput.push(chunk.toString()); 521cb0ef41Sopenharmony_ci }); 531cb0ef41Sopenharmony_ci strace.on('error', common.mustNotCall()); 541cb0ef41Sopenharmony_ci strace.on('exit', common.mustCall((code) => { 551cb0ef41Sopenharmony_ci assert.strictEqual(code, 0, debugOutput); 561cb0ef41Sopenharmony_ci const missingKeys = Array.from(allowedOpenCalls.keys()); 571cb0ef41Sopenharmony_ci if (missingKeys.length) { 581cb0ef41Sopenharmony_ci assert.fail(`The following openat call are missing: ${missingKeys.join(',')}`); 591cb0ef41Sopenharmony_ci } 601cb0ef41Sopenharmony_ci })); 611cb0ef41Sopenharmony_ci} 62