1 #include <signal.h>
2 #include <libproc.h>
3 #include <sys/sysctl.h>
4
5 #include <darwintest.h>
6
7 // rdar://128791723
8 // Ensure pidversion always changes across exec
9
10 static int32_t
get_pidversion_for_pid(pid_t pid)11 get_pidversion_for_pid(pid_t pid)
12 {
13 struct proc_bsdinfowithuniqid bsd_info;
14 int ret = proc_pidinfo(pid, PROC_PIDT_BSDINFOWITHUNIQID, 0, &bsd_info, sizeof(bsd_info));
15 T_ASSERT_EQ((unsigned long)ret, sizeof(bsd_info), "PROC_PIDT_BSDINFOWITHUNIQID");
16 return bsd_info.p_uniqidentifier.p_idversion;
17 }
18
19 T_DECL(ensure_pidversion_changes_on_exec,
20 "Ensure pidversion always changes across exec, even when groomed not to",
21 T_META_NAMESPACE("xnu.exec"),
22 T_META_TAG_VM_PREFERRED
23 ) {
24 T_SETUPBEGIN;
25
26 // Given we exec a helper program (in a forked child, so this runner can stick around)
27 // (And we set up some resources to communicate with the forked process)
28 int pipefd[2];
29 T_ASSERT_POSIX_SUCCESS(pipe(pipefd), "pipe");
30
31 pid_t forked_pid = fork();
32 T_ASSERT_POSIX_SUCCESS(forked_pid, "fork");
33
34 if (forked_pid == 0) {
35 close(pipefd[0]);
36
37 // And we keep track of our current pidversion
38 int32_t forked_proc_pidv = get_pidversion_for_pid(getpid());
39
40 // And we ask the kernel to groom things such that `nextpidversion == current_proc->p_idversion + 1`
41 int64_t val = 0;
42 size_t val_len = sizeof(val);
43 sysctlbyname("debug.test.setup_ensure_pidversion_changes_on_exec", &val, &val_len, &val, sizeof(val));
44
45 // (And we send the parent's pidversion back to the test runner, for comparison with the exec'd process)
46 T_ASSERT_POSIX_SUCCESS(write(pipefd[1], (void*)&forked_proc_pidv, sizeof(forked_proc_pidv)), "write");
47 T_ASSERT_POSIX_SUCCESS(close(pipefd[1]), "close");
48
49 // When I exec a child
50 // (Which spins forever, so we can poke it)
51 char *args[4];
52 char *tail_path = "/usr/bin/tail";
53 args[0] = tail_path;
54 args[1] = "-f";
55 args[2] = "/dev/null";
56 args[3] = NULL;
57 execv(tail_path, args);
58 T_FAIL("execve() failed");
59 }
60
61 T_ASSERT_POSIX_SUCCESS(close(pipefd[1]), "close");
62
63 // (And we read the parent's pidversion from our forked counterpart, for comparison with the exec'd process)
64 int32_t forked_proc_pidversion;
65 T_ASSERT_POSIX_SUCCESS(read(pipefd[0], &forked_proc_pidversion, sizeof(forked_proc_pidversion)), "read");
66 T_ASSERT_POSIX_SUCCESS(close(pipefd[0]), "close");
67
68 // (Give the forked process a moment to exec().)
69 // (To get rid of this, we could exec something controlled that signals a semaphore.)
70 sleep(1);
71
72 T_SETUPEND;
73
74 // And I interrogate the pidversion of the exec'd process
75 int32_t exec_proc_pidversion = get_pidversion_for_pid(forked_pid);
76
77 // Then the pidversion should NOT be reused, despite our grooming
78 T_ASSERT_NE(exec_proc_pidversion, forked_proc_pidversion, "Prevent pidversion reuse");
79
80 // Cleanup: kill our errant child
81 T_SETUPBEGIN;
82 T_ASSERT_POSIX_SUCCESS(kill(forked_pid, SIGKILL), "kill");
83 T_SETUPEND;
84 }
85