[PATCH 6/7] Implement testing framework for pidns

Ákos Uzonyi uzonyi.akos at gmail.com
Sun Jul 12 19:46:35 UTC 2020 

* tests/pidns.c: New file.
* tests/pidns.h: New file.
* tests/Makefile.am (libtests_a_SOURCES): Add pidns.c.
* tests/init.sh (test_pidns, test_pidns_run_strace): New functions.
---
 tests/Makefile.am |   1 +
 tests/init.sh     |  30 ++++++++++
 tests/pidns.c     | 149 ++++++++++++++++++++++++++++++++++++++++++++++
 tests/pidns.h     |  41 +++++++++++++
 4 files changed, 221 insertions(+)
 create mode 100644 tests/pidns.c
 create mode 100644 tests/pidns.h

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 28d95e39..c58db3e5 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -44,6 +44,7 @@ libtests_a_SOURCES = \
 	libsocketcall.c \
 	lock_file.c \
 	overflowuid.c \
+	pidns.c \
 	pipe_maxfd.c \
 	print_quoted_string.c \
 	print_time.c \
diff --git a/tests/init.sh b/tests/init.sh
index d78e697b..386c51b0 100644
--- a/tests/init.sh
+++ b/tests/init.sh
@@ -387,6 +387,36 @@ test_prog_set()
 	test_pure_prog_set "$@" < "$srcdir/$NAME.in"
 }
 
+test_pidns_run_strace()
+{
+	local parent_pid
+
+	check_prog tail
+	check_prog cut
+	check_prog grep
+
+	run_prog > /dev/null
+	run_strace -Y -f -e signal=!SIGKILL $@ $args > "$EXP"
+
+	#filter out logs made by the parent process of the pidns test
+	parent_pid="$(tail -n 1 $LOG | cut -d' ' -f1)"
+	grep -E -v "^$parent_pid " "$LOG" > "$OUT"
+	match_diff "$OUT" "$EXP"
+}
+
+test_pidns()
+{
+	#unshare requires root before 3.8 even with CLONE_NEWUSER
+	require_min_kernel_version_or_skip 3.8
+	check_prog unshare
+
+	test_pidns_run_strace "$@"
+
+	#test PID translation when /proc is mounted from an other namespace
+	STRACE="unshare -Urpf $STRACE"
+	test_pidns_run_strace "$@"
+}
+
 check_prog cat
 check_prog rm
 
diff --git a/tests/pidns.c b/tests/pidns.c
new file mode 100644
index 00000000..38e524fa
--- /dev/null
+++ b/tests/pidns.c
@@ -0,0 +1,149 @@
+/*
+ * Testing framework for PID namespace translation
+ *
+ * Copyright (c) 2020 Ákos Uzonyi <uzonyi.akos at gmail.com>
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier: LGPL-2.1-or-later
+ */
+#include "tests.h"
+#include "pidns.h"
+
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <signal.h>
+#include <stdlib.h>
+#include <sched.h>
+#include <unistd.h>
+#include <sys/wait.h>
+#include <linux/sched.h>
+
+bool pidns_translation = false;
+bool pidns_unshared = false;
+
+/* Our PIDs in strace's namespace */
+pid_t pidns_strace_ids[PT_COUNT];
+
+void
+pidns_print_leader(void)
+{
+	if (pidns_translation)
+		printf("%-5d ", pidns_strace_ids[PT_TID]);
+}
+
+const char *
+pidns_pid2str(enum pid_type type)
+{
+	static const char format[] = " /* %d in strace's PID NS */";
+	static char buf[PT_COUNT][sizeof(format) + sizeof(int)];
+
+	if (type < 0 || type >= PT_COUNT)
+		return "";
+
+	if (!pidns_unshared || !pidns_strace_ids[type])
+		return "";
+
+	snprintf(buf[type], sizeof(buf[type]), format, pidns_strace_ids[type]);
+	return buf[type];
+}
+
+static pid_t
+pidns_fork(int *strace_ids_pipe, pid_t pgid, bool new_sid)
+{
+	if (pipe(strace_ids_pipe) < 0)
+		perror_msg_and_fail("pipe");
+
+	fflush(stdout);
+	pid_t pid = fork();
+	if (pid < 0)
+		perror_msg_and_fail("fork");
+	if (!pid)
+		return 0;
+
+	pidns_strace_ids[PT_TID] = pid;
+	pidns_strace_ids[PT_TGID] = pid;
+	pidns_strace_ids[PT_PGID] = 0;
+	pidns_strace_ids[PT_SID] = 0;
+
+	if (!pgid)
+		pgid = pid;
+
+	if (pgid > 0) {
+		if (setpgid(pid, pgid) < 0)
+			perror_msg_and_fail("setpgid");
+
+		pidns_strace_ids[PT_PGID] = pgid;
+	}
+
+	if (new_sid) {
+		pidns_strace_ids[PT_SID] = pid;
+		pidns_strace_ids[PT_PGID] = pid;
+	}
+
+	write(strace_ids_pipe[1], pidns_strace_ids, sizeof(pidns_strace_ids));
+	close(strace_ids_pipe[0]);
+	close(strace_ids_pipe[1]);
+
+	/* WNOWAIT: leave the zombie, to be able to use it as a process group */
+	siginfo_t siginfo;
+	if (waitid(P_PID, pid, &siginfo, WEXITED | WNOWAIT) < 0)
+		perror_msg_and_fail("wait");
+	if (siginfo.si_code != CLD_EXITED || siginfo.si_status)
+		error_msg_and_fail("child terminated with nonzero exit status");
+
+	return pid;
+}
+
+void
+pidns_test_init(void)
+{
+	pidns_translation = true;
+
+	int strace_ids_pipe[2];
+
+	if (!pidns_fork(strace_ids_pipe, -1, false))
+		goto pidns_test_init_run_test;
+
+	/* Unshare user namespace too, so we do not need to be root */
+	if (unshare(CLONE_NEWUSER | CLONE_NEWPID) < 0)
+		perror_msg_and_fail("unshare");
+
+	pidns_unshared = true;
+
+	/* Create sleeping process to keep PID namespace alive */
+	pid_t pause_pid = fork();
+	if (!pause_pid) {
+		pause();
+		_exit(0);
+	}
+
+	if (!pidns_fork(strace_ids_pipe, -1, false))
+		goto pidns_test_init_run_test;
+
+	if (!pidns_fork(strace_ids_pipe, -1, true))
+		goto pidns_test_init_run_test;
+
+	pid_t pgid;
+	if (!(pgid = pidns_fork(strace_ids_pipe, 0, false)))
+		goto pidns_test_init_run_test;
+
+	if (!pidns_fork(strace_ids_pipe, pgid, false))
+		goto pidns_test_init_run_test;
+
+	kill(pause_pid, SIGKILL);
+	while (wait(NULL) > 0);
+	if (errno != ECHILD)
+		perror_msg_and_fail("wait");
+
+	exit(0);
+
+pidns_test_init_run_test:
+	read(strace_ids_pipe[0], pidns_strace_ids, sizeof(pidns_strace_ids));
+	close(strace_ids_pipe[0]);
+	close(strace_ids_pipe[1]);
+
+	if (pidns_strace_ids[PT_SID])
+		setsid();
+}
diff --git a/tests/pidns.h b/tests/pidns.h
new file mode 100644
index 00000000..a24d0fff
--- /dev/null
+++ b/tests/pidns.h
@@ -0,0 +1,41 @@
+/*
+ * Test PID namespace translation
+ *
+ * Copyright (c) 2020 Ákos Uzonyi <uzonyi.akos at gmail.com>
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier: LGPL-2.1-or-later
+ */
+#ifndef STRACE_PIDNS_H
+#define STRACE_PIDNS_H
+
+#include <sys/types.h>
+
+enum pid_type {
+	PT_TID,
+	PT_TGID,
+	PT_PGID,
+	PT_SID,
+
+	PT_COUNT,
+	PT_NONE = -1
+};
+
+/* Prints leader (process tid) if pidns_test_init was called */
+void pidns_print_leader(void);
+
+/*
+ * Returns a static buffer containing the translation of our PID.
+ */
+const char *pidns_pid2str(enum pid_type type);
+
+/**
+ * Init pidns testing.
+ *
+ * Should be called at the beginning of the test's main function
+ *
+ * This function returns from a of child process that is in a new PID namespace.
+ */
+void pidns_test_init(void);
+
+#endif
\ No newline at end of file
-- 
2.27.0

More information about the Strace-devel mailing list