| Age | Commit message (Collapse) | Author |
|---|
|
- "make test" did not build "test/test-chroot-symlink", so the test failed
- "make clean" did not delete libpseudo.so correctly
- "test/test-umask.sh" did not clean up its test files
- build test binaries only if needed, and delete them in "make clean"
- remove var/pseudo from Makefile (run_tests.sh makes it anyway)
- add *.pyc and test binaries (no file extension) to .gitignore
- delete more things in "make distclean"
Signed-off-by: Tomi Belan <tomi.belan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
pseudo_fix_path() incorrectly assumed that 'base' never ends with a slash
because it's a canonical path. However, base can be "/" - a path which is
canonical and yet ends with a slash. This happens when pseudo_cwd is "/" or
when we're starting from a dirfd pointing to "/". The wrong result from
pseudo_fix_path() caused the database lookup to fail and made pseudo abort.
Signed-off-by: Tomi Belan <tomi.belan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Absolute links should be evaluated starting from the chroot path but the
existing implementation drops the whole base path (which includes the
chroot path) when it encounters an absolute link.
Encountered the issue during root image creation process in an OE build
where ldconfig was deleting some absolute links as stat64 calls failed
and the symlinks were deemed dead.
Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[Add tests accidentally missed in previous commit]
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It just so happens that my /home/mac and /home directories have the same
inode number but on different filesystems.
This means that test-openat fails with "Recursion failed!" even when run
without pseudo.
Let's consider both the device number and the inode number before
assuming that we've found the same directory again.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adding this test case was erroneously omitted in
7c722296879906fe093e1e7c4b7537e150d492cd.
Signed-off-by: Philip Lorenz <philip@bithub.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 60e25a36558f1f07dcce1a044fe976b475bec42b started dereferencing
the "path" parameter which for some functions is annotated with the
"nonnull" attribute. While the commit explicitly checks for NULL
pointers before dereferencing it, GCC (at optimization level 1 and
above) removes the check due to the "nonnull" attribute being set for
some parameters in the glibc headers (e.g. statx()).
However, the statx() man page explicitly allows calling with NULL
pointers (in which case the EFAULT is returned) and this behaviour is
used in the wild (e.g. in Rust) to determine whether the statx() system
call is supported.
Disabling the optimization is not possible ([1]) so prevent the compiler
optimization by referencing the parameter in a noop inline assembly
instruction instead.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100404
Signed-off-by: Philip Lorenz <philip@bithub.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The pseudo client path map stores paths that have been sanitised, but
in the ignored-path (PSEUDO_IGNORE_PATHS) codepath for open() calls this
sanitising wasn't performed so it is possible for paths that end with a
trailing slash to be entered.
This then subsequently interacts badly with path manipulation, resulting
in the situation where doing:
fd = open("/some/path/")
parent_fd = openat(fd, "../)
results in parent_fd actually pointing at /some/path still.
Solve this by ensuring that any trailing slashes are removed from the
path when adding to the map in the ignore short-circuit.
Also add a test case for this to ensure that it doesn't regress in the
future.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is an issue in pseudo where if you open a file, rename the file,
then call fstat on the open fd, pseudo would thrown an abort. This is
because it needs to track the open fd mappings to files and it doesn't
update in the case of a rename.
Add code in pseudo to update the fd mappings in the case of a rename
call. Also add a test case.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Johannes Beisswenger <johannes.beisswenger@cetitec.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This adds SPDX license headers to all source files in pseudo so license
identification models current best practise.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Merge fixes from Richard Tollerton and associated test
cases and permissions fixes.
Signed-off-by: Seebs <seebs@seebs.net>
|
|
When tclsh forks it can create new threads in the child process, in a
pthread_atfork() handler. Running this under pseudo results in a
deadlock since the pseudo_lock() call in the new thread in the child
process premanently believes that the mutex is already locked by another
thread (which actually only existed in the parent process).
The provided test cases reproduces this. Similar hangs can also been
seen in other cases, such as when attempting to use vim's cscope support
under pseudo.
Fix it by reseting the mutex in a pthread_atfork() child function.
Signed-off-by: Rabin Vincent <rabinv@axis.com>
Signed-off-by: Seebs <seebs@seebs.net>
|
|
test-umask fails if run twice. Make it remove the created temporary
files before the test.
Signed-off-by: Rabin Vincent <rabinv@axis.com>
Signed-off-by: Seebs <seebs@seebs.net>
|
|
|
|
The test case is based on the simple test of doing:
touch foo
getfattr -d foo
setfattr -n "user.dummy" -v "test" foo
getfattr -d foo
# file: foo
user.dummy="test"
setfattr -n "security.dummy" -v "test" foo
getfattr -n "security.dummy" foo
If pseudo is not running, the first part should work as long as extended
attributes are enabled, but the attempt to set "security...."
should result in a failure similar to:
setfattr: foo: Operation not permitted
As long as pseudo is working properly, no errors should be reported, and
the data should come back with the same values as were originally set.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Change from internal PSEUDO_RELOADED to external PSEUDO_UNLOAD environment
variable. Enable external programs to have a safe and reliable way to unload
pseudo on the next exec*. PSEUDO_UNLOAD also will disable pseudo if we're in a
fork/clone situation in the same way PSEUDO_DISABLED=1 would.
Rename the PSEUDO_DISABLED tests, and create a similar set for the new
PSEUDO_UNLOAD.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
be out of sync in a very inconvenient way.
Changes include:
* Some whitespace fixes, also move the pseudo_variables definition
into pseudo_util.c since it's not used anywhere else.
* Further improvements in the fork() support:
We now recognize both positive and negative forms of PSEUDO_DISABLED,
so we can distinguish between "it was removed from the environment
by env -i" (restore the old value) and "it was intentionally turned
off" (the new value wins).
* clone(2) support. This is a little primitive, and programs might still
fail horribly due to clone's semantics, but at least it's there and
passes easy test cases.
Plus a big patch from Mark Hatle:
Cleanup fork/clone and PSEUDO_DISABLED
guts/fork.c:
* cleanup function and make it more robust
* be sure to call pseudo_setupenv prior to pseudo_client_reset
to match exec behavior
pseudo_wrappers.c:
* fix mismatched type in execl_to_v call via typecast
* Simplify fork call via single call to wrap_fork()
* be sure to save pseudo_disabled
* be sure to call pseudo_setupenv prior to pseudo_client_reset
to match exec behavior
tests:
* Add a test of whether pseudo can be disabled/enabled on a fork.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Add local variable cache via get_value and set_value. The local cache
is setup at constructor time (or soon after).
Rewrite the pseudo_setupenv and pseudo_dropenv routines, add a new
pseudo_setupenvp and pseudo_dropenvp as well to handle the execve
cases.
We can now successfully use /usr/bin/env -i env and get pseudo values
back!
|
|
We wrap all of the execs so that we can ensure the environment is
properly configured prior to the exec running.
handle ... for the new execl* wrappers
Add a test for the new execl* ... handling.
|
|
CQ: WIND00225366
A simple test harness that runs all the scripts in the test
directory. Each test script is run inside pseudo and uses exit status
to report back whether the test was successful. The script uses the
build executables, not the installed ones and each test run starts
with an empty database.
|
Tomi Belan
Chaitanya Vadrevu
Mike Crowe
Philip Lorenz
Ross Burton
Richard Purdie
Johannes Beisswenger
Seebs
Peter Seebach
Mark Hatle
Konrad Scherer