Lines Matching +full:parent +full:- +full:child
1 // SPDX-License-Identifier: GPL-2.0
3 * Landlock tests - Ptrace
5 * Copyright © 2017-2020 Mickaël Salaün <mic@digikod.net>
6 * Copyright © 2019-2020 ANSSI
63 /* clang-format off */
65 /* clang-format on */
75 * Test multiple tracing combinations between a parent process P1 and a child
86 * P1-. P1 -> P2 : allow
87 * \ P2 -> P1 : allow
90 /* clang-format off */
92 /* clang-format on */ in FIXTURE_VARIANT_ADD()
99 * Child domain
101 * P1--. P1 -> P2 : allow
102 * \ P2 -> P1 : deny
103 * .'-----.
105 * '------'
107 /* clang-format off */
109 /* clang-format on */ in FIXTURE_VARIANT_ADD()
116 * Parent domain
117 * .------.
118 * | P1 --. P1 -> P2 : deny
119 * '------' \ P2 -> P1 : allow
123 /* clang-format off */
125 /* clang-format on */ in FIXTURE_VARIANT_ADD()
132 * Parent + child domain (siblings)
133 * .------.
134 * | P1 ---. P1 -> P2 : deny
135 * '------' \ P2 -> P1 : deny
136 * .---'--.
138 * '------'
140 /* clang-format off */
142 /* clang-format on */ in FIXTURE_VARIANT_ADD()
150 * .-------------.
151 * | P1----. | P1 -> P2 : allow
152 * | \ | P2 -> P1 : allow
155 * '-------------'
157 /* clang-format off */
159 /* clang-format on */ in FIXTURE_VARIANT_ADD()
166 * Inherited + child domain
167 * .-----------------.
168 * | P1----. | P1 -> P2 : allow
169 * | \ | P2 -> P1 : deny
170 * | .-'----. |
172 * | '------' |
173 * '-----------------'
175 /* clang-format off */
177 /* clang-format on */ in FIXTURE_VARIANT_ADD()
184 * Inherited + parent domain
185 * .-----------------.
186 * |.------. | P1 -> P2 : deny
187 * || P1 ----. | P2 -> P1 : allow
188 * |'------' \ |
191 * '-----------------'
193 /* clang-format off */
195 /* clang-format on */ in FIXTURE_VARIANT_ADD()
202 * Inherited + parent and child domain (siblings)
203 * .-----------------.
204 * | .------. | P1 -> P2 : deny
205 * | | P1 . | P2 -> P1 : deny
206 * | '------'\ |
208 * | .--'---. |
210 * | '------' |
211 * '-----------------'
213 /* clang-format off */
215 /* clang-format on */ in FIXTURE_VARIANT_ADD()
229 /* Test PTRACE_TRACEME and PTRACE_ATTACH for parent and child. */
232 pid_t child, parent; in TEST_F() local
244 parent = getpid(); in TEST_F()
247 if (variant->domain_both) { in TEST_F()
249 if (!_metadata->passed) in TEST_F()
254 child = fork(); in TEST_F()
255 ASSERT_LE(0, child); in TEST_F()
256 if (child == 0) { in TEST_F()
261 if (variant->domain_child) in TEST_F()
264 /* Waits for the parent to be in a domain, if any. */ in TEST_F()
267 /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent. */ in TEST_F()
268 err_proc_read = test_ptrace_read(parent); in TEST_F()
269 ret = ptrace(PTRACE_ATTACH, parent, NULL, 0); in TEST_F()
270 if (variant->domain_child) { in TEST_F()
271 EXPECT_EQ(-1, ret); in TEST_F()
279 ASSERT_EQ(parent, waitpid(parent, &status, 0)); in TEST_F()
281 ASSERT_EQ(0, ptrace(PTRACE_DETACH, parent, NULL, 0)); in TEST_F()
284 /* Tests child PTRACE_TRACEME. */ in TEST_F()
286 if (variant->domain_parent) { in TEST_F()
287 EXPECT_EQ(-1, ret); in TEST_F()
299 if (!variant->domain_parent) { in TEST_F()
303 /* Waits for the parent PTRACE_ATTACH test. */ in TEST_F()
305 _exit(_metadata->passed ? EXIT_SUCCESS : EXIT_FAILURE); in TEST_F()
311 if (variant->domain_parent) in TEST_F()
314 /* Signals that the parent is in a domain, if any. */ in TEST_F()
318 * Waits for the child to test PTRACE_ATTACH on the parent and start in TEST_F()
323 /* Tests child PTRACE_TRACEME. */ in TEST_F()
324 if (!variant->domain_parent) { in TEST_F()
325 ASSERT_EQ(child, waitpid(child, &status, 0)); in TEST_F()
327 ASSERT_EQ(0, ptrace(PTRACE_DETACH, child, NULL, 0)); in TEST_F()
329 /* The child should not be traced by the parent. */ in TEST_F()
330 EXPECT_EQ(-1, ptrace(PTRACE_DETACH, child, NULL, 0)); in TEST_F()
334 /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the child. */ in TEST_F()
335 err_proc_read = test_ptrace_read(child); in TEST_F()
336 ret = ptrace(PTRACE_ATTACH, child, NULL, 0); in TEST_F()
337 if (variant->domain_parent) { in TEST_F()
338 EXPECT_EQ(-1, ret); in TEST_F()
346 ASSERT_EQ(child, waitpid(child, &status, 0)); in TEST_F()
348 ASSERT_EQ(0, ptrace(PTRACE_DETACH, child, NULL, 0)); in TEST_F()
351 /* Signals that the parent PTRACE_ATTACH test is done. */ in TEST_F()
353 ASSERT_EQ(child, waitpid(child, &status, 0)); in TEST_F()
356 _metadata->passed = 0; in TEST_F()