Add a new function support_capture_subprogram_self_sgid that spawns an
sgid child of the running program with its own image and returns the
exit code of the child process. This functionality is used by at
least three tests in the testsuite at the moment, so it makes sense to
consolidate.
There is also a new function support_subprogram_wait which should
provide simple system() like functionality that does not set up file
actions. This is useful in cases where only the return code of the
spawned subprocess is interesting.
This patch also ports tst-secure-getenv to this new function. A
subsequent patch will port other tests. This also brings an important
change to tst-secure-getenv behaviour. Now instead of succeeding, the
test fails as UNSUPPORTED if it is unable to spawn a setgid child,
which is how it should have been in the first place.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 716a3bdc41)
This introduces a concept of trusted name servers, for which the
AD bit is passed through to applications. For untrusted name
servers (the default), the AD bit in responses are cleared, to
provide a safe default.
This approach is very similar to the one suggested by Pavel Šimerda
in <https://bugzilla.redhat.com/show_bug.cgi?id=1164339#c15>.
The DNS test framework in support/ is enhanced with support for
setting the AD bit in responses.
Tested on x86_64-linux-gnu.
Change-Id: Ibfe0f7c73ea221c35979842c5c3b6ed486495ccc
PTHREAD_STACK_MIN comes from <limits.h>, so include it explicitly.
However, it is not defined on Hurd, so compensate for that as well.
Built on x86_64-linux-gnu, i686-linux-gnu, i686-gnu.
Change-Id: Ifacc888ef86731c2639721b0932ae59583bd6b3e
Reviewed-by: Christian Brauner <christian.brauner@ubuntu.com>
Since gettimeofday will shortly be implemented in terms of
clock_gettime on all platforms, internal code should use clock_gettime
directly; in addition to removing a layer of indirection, this will
allow us to remove the PLT-bypass gunk for gettimeofday. (We can't
quite do that yet, but it'll be coming later in this patch series.)
In many cases, the changed code does fewer conversions.
The changed code always assumes __clock_gettime (CLOCK_REALTIME)
cannot fail. Most of the call sites were assuming gettimeofday could
not fail, but a few places were checking for errors. POSIX says
clock_gettime can only fail if the clock constant is invalid or
unsupported, and CLOCK_REALTIME is the one and only clock constant
that's required to be supported. For consistency I grepped the entire
source tree for any other places that checked for errors from
__clock_gettime (CLOCK_REALTIME), found one, and changed it too.
(For the record, POSIX also says gettimeofday can never fail.)
(It would be nice if we could declare that GNU systems will always
support CLOCK_MONOTONIC as well as CLOCK_REALTIME; there are several
places where we are using CLOCK_REALTIME where _MONOTONIC would be
more appropriate, and/or trying to use _MONOTONIC and then falling
back to _REALTIME. But the Hurd doesn't support CLOCK_MONOTONIC yet,
and it looks like adding it would involve substantial changes to
gnumach's internals and API. Oh well.)
A few Hurd-specific files were changed to use __host_get_time instead
of __clock_gettime, as this seemed tidier. We also assume this cannot
fail. Skimming the code in gnumach leads me to believe the only way
it could fail is if __mach_host_self also failed, and our
Hurd-specific code consistently assumes that can't happen, so I'm
going with that.
With the exception of support/support_test_main.c, test cases are not
modified, mainly because I didn't want to have to figure out which
test cases were testing gettimeofday specifically.
The definition of GETTIME in sysdeps/generic/memusage.h had a typo and
was not reading tv_sec at all. I fixed this. It appears nobody has been
generating malloc traces on a machine that doesn't have a superseding
definition.
There are a whole bunch of places where the code could be simplified
by factoring out timespec subtraction and/or comparison logic, but I
want to keep this patch as mechanical as possible.
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
If WAIT_FOR_DEBUGGER is set to a non-zero value in the environment,
any test that runs will print some useful gdb information and wait
for gdb to attach to it and clear the "wait_for_debugger" variable.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
On i686-gnu the build is broken:
In file included from support_ptrace.c:22:
../include/sys/prctl.h:2:15: fatal error: sys/prctl.h: No such file or directory
#include_next <sys/prctl.h>
This patch just removes the unused prctl.h inclusion.
ChangeLog:
* support/support_ptrace.c: Remove inclusion of sys/prctl.h.
The testcase forks a child process and runs pldd with PID of
this child. On systems where /proc/sys/kernel/yama/ptrace_scope
differs from zero, pldd will fail with
/usr/bin/pldd: cannot attach to process 3: Operation not permitted
This patch checks if ptrace_scope exists, is zero "classic ptrace permissions"
or one "restricted ptrace". If ptrace_scope exists and has a higher
restriction, then the test is marked as UNSUPPORTED.
The case "restricted ptrace" is handled by rearranging the processes involved
during the test. Now we have the following process tree:
-parent: do_test (performs output checks)
--subprocess 1: pldd_process (becomes pldd via execve)
---subprocess 2: target_process (ptraced via pldd)
ChangeLog:
* elf/tst-pldd.c (do_test): Add UNSUPPORTED check.
Rearrange subprocesses.
(pldd_process): New function.
* support/Makefile (libsupport-routines): Add support_ptrace.
* support/xptrace.h: New file.
* support/support_ptrace.c: Likewise.
nss_db allows for getpwent et al to be called without a set*ent,
but it only works once. After the last get*ent a set*ent is
required to restart, because the end*ent did not properly reset
the module. Resetting it to NULL allows for a proper restart.
If the database doesn't exist, however, end*ent erroniously called
munmap which set errno.
The test case runs "makedb" inside the testroot, so needs selinux
DSOs installed.
The original implementations of test_timespec_before_impl and
test_timespec_equal_or_after in 5198399651
were missing the backslash required for a newline.
Checked on x86_64-linux-gnu.
* support/timespec.c: Add backslash to correct newline in failure
message.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Provide an explicit diagnostic if the length is positive, and
do not just crash with a null pointer dereference. Null pointers
are only valid if the length is zero, so this can only happen with
a faulty test.
The patch print timespec members as intmax_t instead of long int.
It avoid the -Werror=format= build issue on x32:
timespec.c: In function 'test_timespec_before_impl':
timespec.c:32:23: error: format '%ld' expects argument of type 'long int',
but argument 4 has type '__time_t' {aka 'const long long int'} [-Werror=format=]
Checked on x86_64-linux-gnu-x32, x86_64-linux-gnu, and i686-linux-gnu.
* support/timespec.c (test_timespec_before_impl,
test_timespec_equal_or_after_impl): print timespec member as intmax_t
insted of long int.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
It adds useful functions for tests that use struct timespec.
Checked on x86_64-linux-gnu and i686-linux-gnu.
* support/timespec.h: New file. Provide timespec helper functions
along with macros in the style of those in check.h.
* support/timespec.c: New file. Implement check functions declared
in support/timespec.h.
* support/timespec-add.c: New file from gnulib containing
timespec_add implementation that handles overflow.
* support/timespec-sub.c: New file from gnulib containing
timespec_sub implementation that handles overflow.
* support/README: Mention timespec.h.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* support/xclock_gettime.c (xclock_gettime): New file. Provide
clock_gettime wrapper for use in tests that fails the test rather
than returning failure.
* support/xtime.h: New file to declare xclock_gettime.
* support/Makefile: Add xclock_gettime.c.
* support/README: Mention xtime.h.
Its API is similar to support_capture_subprocess, but rather creates a
new process based on the input path and arguments. Under the hoods it
uses posix_spawn to create the new process.
It also allows the use of other support_capture_* functions to check
for expected results and free the resources.
Checked on x86_64-linux-gnu.
* support/Makefile (libsupport-routines): Add support_subprocess,
xposix_spawn, xposix_spawn_file_actions_addclose, and
xposix_spawn_file_actions_adddup2.
(tst-support_capture_subprocess-ARGS): New rule.
* support/capture_subprocess.h (support_capture_subprogram): New
prototype.
* support/support_capture_subprocess.c (support_capture_subprocess):
Refactor to use support_subprocess and support_capture_poll.
(support_capture_subprogram): New function.
* support/tst-support_capture_subprocess.c (write_mode_to_str,
str_to_write_mode, test_common, parse_int, handle_restart,
do_subprocess, do_subprogram, do_multiple_tests): New functions.
(do_test): Add support_capture_subprogram tests.
* support/subprocess.h: New file.
* support/support_subprocess.c: Likewise.
* support/xposix_spawn.c: Likewise.
* support/xposix_spawn_file_actions_addclose.c: Likewise.
* support/xposix_spawn_file_actions_adddup2.c: Likewise.
* support/xspawn.h: Likewise.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
One of the implicit-fallthrough warnings from compiling glibc with
-Wextra appears to indicate an actual bug: the test-container code
could fall through inappropriately if execlp returns (which only
occurs on error). This patch adds appropriate error handling in this
case to avoid that fall-through.
Tested for x86_64.
* support/test-container.c (recursive_remove): Use FAIL_EXIT1 if
execlp returns.
The alignment of TLS variables is wrong if accessed from within a thread
for architectures with tls variant TLS_TCB_AT_TP.
For the main thread the static tls data is properly aligned.
For other threads the alignment depends on the alignment of the thread
pointer as the static tls data is located relative to this pointer.
This patch adds this alignment for TLS_TCB_AT_TP variants in the same way
as it is already done for TLS_DTV_AT_TP. The thread pointer is also already
properly aligned if the user provides its own stack for the new thread.
This patch extends the testcase nptl/tst-tls1.c in order to check the
alignment of the tls variables and it adds a pthread_create invocation
with a user provided stack.
The test itself is migrated from test-skeleton.c to test-driver.c
and the missing support functions xpthread_attr_setstack and xposix_memalign
are added.
ChangeLog:
[BZ #23403]
* nptl/allocatestack.c (allocate_stack): Align pointer pd for
TLS_TCB_AT_TP tls variant.
* nptl/tst-tls1.c: Migrate to support/test-driver.c.
Add alignment checks.
* support/Makefile (libsupport-routines): Add xposix_memalign and
xpthread_setstack.
* support/support.h: Add xposix_memalign.
* support/xthread.h: Add xpthread_attr_setstack.
* support/xposix_memalign.c: New File.
* support/xpthread_attr_setstack.c: Likewise.
For a full analysis of both the pthread_rwlock_tryrdlock() stall
and the pthread_rwlock_trywrlock() stall see:
https://sourceware.org/bugzilla/show_bug.cgi?id=23844#c14
In the pthread_rwlock_trydlock() function we fail to inspect for
PTHREAD_RWLOCK_FUTEX_USED in __wrphase_futex and wake the waiting
readers.
In the pthread_rwlock_trywrlock() function we write 1 to
__wrphase_futex and loose the setting of the PTHREAD_RWLOCK_FUTEX_USED
bit, again failing to wake waiting readers during unlock.
The fix in the case of pthread_rwlock_trydlock() is to check for
PTHREAD_RWLOCK_FUTEX_USED and wake the readers.
The fix in the case of pthread_rwlock_trywrlock() is to only write
1 to __wrphase_futex if we installed the write phase, since all other
readers would be spinning waiting for this step.
We add two new tests, one exercises the stall for
pthread_rwlock_trywrlock() which is easy to exercise, and one exercises
the stall for pthread_rwlock_trydlock() which is harder to exercise.
The pthread_rwlock_trywrlock() test fails consistently without the fix,
and passes after. The pthread_rwlock_tryrdlock() test fails roughly
5-10% of the time without the fix, and passes all the time after.
Signed-off-by: Carlos O'Donell <carlos@redhat.com>
Signed-off-by: Torvald Riegel <triegel@redhat.com>
Signed-off-by: Rik Prohaska <prohaska7@gmail.com>
Co-authored-by: Torvald Riegel <triegel@redhat.com>
Co-authored-by: Rik Prohaska <prohaska7@gmail.com>
If /etc/aliases ends with a continuation line (a line that starts
with whitespace) which does not have a trailing newline character,
the file parser would crash due to a null pointer dereference.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Hurd does not support MAP_NORESERVE and MAP_STACK.
Checked on i686-gnu build.
* support/xsigstack.c (MAP_NORESERVE, MAP_STACK): Define if they
are not defined.
There is general agreement that the very short list of things that ISO
C says you can do in an async signal handler should all work when the
handler is running on an alternate signal stack with only MINSIGSTKSZ
space. This patch adds tests to make sure those things do work.
To facilitate this, there is a new set of test support routines for
setting up alternate signal stacks; see support/xsignal.h for the API.
* support/xsignal.h (xalloc_sigstack, xfree_sigstack)
(xget_sigstack_location): New test support functions.
* support/xsigstack.c: New file, implementing them.
* support/tst-xsigstack.c: New test for them.
* support/Makefile: Update.
* signal/tst-minsigstksz-1.c
* signal/tst-minsigstksz-2.c
* signal/tst-minsigstksz-3.c
* signal/tst-minsigstksz-3a.c
* signal/tst-minsigstksz-4.c: New tests.
* signal/Makefile: Run them.
During postclean.req testing it was found that the fork in the
parent process (after the unshare syscall) would fail with ENOMEM
(see recursive_remove() in test-container.c). While failing with
ENOMEM is certainly unexpected, it is simply easier to refactor
the design and have the parent remain outside of the namespace.
This change moves the postclean.req processing to a distinct
process (the parent) that then forks the test process (which will
have to fork once more to complete uid/gid transitions). When the
test process exists the cleanup process will ensure all files are
deleted when a post clean is requested.
Signed-off-by: DJ Delorie <dj@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
[BZ #23948]
* support/test-container.c: Move postclean step to before we
change namespaces.
Signal zero does not terminate a process, so it is safe to use negative
values for signal numbers.
Adjust libio/tst-vtables-common.c to use this new functionality,
instead of determining the termination status for a signal indirectly.
