From 074684af9649edfc923f7cf99bc7acfd621e1443 Mon Sep 17 00:00:00 2001 From: Chenbo Feng Date: Wed, 14 Jun 2017 15:14:34 -0700 Subject: [PATCH] Add test to check sock addr in qtaguid ctrl file This test verifies the socket address information is not leaked by xt_qtaguid module inside the kernel. The sock_addr parsed from proc/net/xt_qtaguid/ctrl file should always be 0 Bug: 62489688 Test: in cts-tf: run cts --module CtsNativeNetTestCases Change-Id: Ie9ed8aa604be7c6ae364baa69922b89c006dea72 --- .../native/qtaguid/src/NativeQtaguidTest.cpp | 51 ++++++++++++++----- 1 file changed, 37 insertions(+), 14 deletions(-) diff --git a/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp b/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp index 926a740f1b..9009c248ca 100644 --- a/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp +++ b/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp @@ -23,7 +23,7 @@ #include #include -int getCtrlRefCnt(int tag, uid_t uid) { +int getCtrlSkInfo(int tag, uid_t uid, uint64_t* sk_addr, int* ref_cnt) { FILE *fp; fp = fopen("/proc/net/xt_qtaguid/ctrl", "r"); if (!fp) @@ -38,43 +38,66 @@ int getCtrlRefCnt(int tag, uid_t uid) { if (strstr(line_buffer, pattern) == NULL) continue; int res; - uint32_t ref_cnt; pid_t dummy_pid; - uint64_t dummy_sk; uint64_t k_tag; uint32_t k_uid; const int TOTAL_PARAM = 5; res = sscanf(line_buffer, "sock=%" PRIx64 " tag=0x%" PRIx64 " (uid=%" PRIu32 ") " - "pid=%u f_count=%u", &dummy_sk, &k_tag, &k_uid, - &dummy_pid, &ref_cnt); + "pid=%u f_count=%u", sk_addr, &k_tag, &k_uid, + &dummy_pid, ref_cnt); if (!(res == TOTAL_PARAM && k_tag == full_tag && k_uid == uid)) - res = -EINVAL; - res = ref_cnt; + return -EINVAL; free(line_buffer); - return res; + return 0; } free(line_buffer); return -ENOENT; } -TEST (NativeSocketRefCnt, close_socket_without_untag) { +void checkNoSocketPointerLeaks(int family) { + int sockfd = socket(family, SOCK_STREAM, 0); + uid_t uid = getuid(); + int tag = arc4random(); + int ref_cnt; + uint64_t sk_addr; + uint64_t expect_addr = 0; + + EXPECT_EQ(0, qtaguid_tagSocket(sockfd, tag, uid)); + EXPECT_EQ(0, getCtrlSkInfo(tag, uid, &sk_addr, &ref_cnt)); + EXPECT_EQ(expect_addr, sk_addr); + close(sockfd); + EXPECT_EQ(-ENOENT, getCtrlSkInfo(tag, uid, &sk_addr, &ref_cnt)); +} + +TEST (NativeQtaguidTest, close_socket_without_untag) { int sockfd = socket(AF_INET, SOCK_STREAM, 0); uid_t uid = getuid(); int tag = arc4random(); + int ref_cnt; + uint64_t dummy_sk; EXPECT_EQ(0, qtaguid_tagSocket(sockfd, tag, uid)); - EXPECT_GE(2, getCtrlRefCnt(tag, uid)); + EXPECT_EQ(0, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt)); + EXPECT_EQ(2, ref_cnt); close(sockfd); - EXPECT_EQ(-ENOENT, getCtrlRefCnt(tag, uid)); + EXPECT_EQ(-ENOENT, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt)); } -TEST (NativeSocketRefCnt, close_socket_without_untag_ipv6) { +TEST (NativeQtaguidTest, close_socket_without_untag_ipv6) { int sockfd = socket(AF_INET6, SOCK_STREAM, 0); uid_t uid = getuid(); int tag = arc4random(); + int ref_cnt; + uint64_t dummy_sk; EXPECT_EQ(0, qtaguid_tagSocket(sockfd, tag, uid)); - EXPECT_GE(2, getCtrlRefCnt(tag, uid)); + EXPECT_EQ(0, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt)); + EXPECT_EQ(2, ref_cnt); close(sockfd); - EXPECT_EQ(-ENOENT, getCtrlRefCnt(tag, uid)); + EXPECT_EQ(-ENOENT, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt)); +} + +TEST (NativeQtaguidTest, no_socket_addr_leak) { + checkNoSocketPointerLeaks(AF_INET); + checkNoSocketPointerLeaks(AF_INET6); } int main(int argc, char **argv) {