Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / 1f7e60c37ea96c32d231bbd3ff5d9216eee439a0 / . / libcontainer / libcontainer_unittest.cc
blob: 3791c6f2832cb02f54a298e4c74063c14e162f10 [file] [log] [blame]
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]1// Copyright 2016 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]4
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]5#include <errno.h>
6#include <signal.h>
7#include <sys/mount.h>
8#include <sys/stat.h>
9#include <sys/types.h>
10#include <unistd.h>
11
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]12#include <map>
Luis Hector Chavezedec56e2017-09-19 15:43:53 -0700[diff] [blame]13#include <memory>
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]14#include <string>
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]15#include <utility>
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]16#include <vector>
Luis Hector Chavezedec56e2017-09-19 15:43:53 -0700[diff] [blame]17
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]18#include <base/bind.h>
19#include <base/bind_helpers.h>
Luis Hector Chavez5381d002017-09-16 12:54:24 -0700[diff] [blame]20#include <base/files/file_path.h>
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]21#include <base/files/file_util.h>
22#include <base/files/scoped_temp_dir.h>
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]23#include <base/posix/eintr_wrapper.h>
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]24#include <gtest/gtest.h>
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]25
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]26#include "libcontainer/cgroup.h"
27#include "libcontainer/config.h"
28#include "libcontainer/container.h"
Luis Hector Chavez836d7b22017-09-14 15:11:15 -0700[diff] [blame]29#include "libcontainer/libcontainer.h"
Luis Hector Chavez835d39e2017-09-19 15:16:31 -0700[diff] [blame]30#include "libcontainer/libcontainer_util.h"
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]31
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]32namespace libcontainer {
33
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]34namespace {
35
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]36using MinijailHookCallback = base::Callback<int()>;
37
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]38constexpr int kTestCpuShares = 200;
39constexpr int kTestCpuQuota = 20000;
40constexpr int kTestCpuPeriod = 50000;
41
42struct MockPosixState {
43 struct MountArgs {
44 std::string source;
45 base::FilePath target;
46 std::string filesystemtype;
47 unsigned long mountflags;
48 const void* data;
49 bool outside_mount;
50 };
51 std::vector<MountArgs> mount_args;
52
53 dev_t stat_rdev_ret = makedev(2, 3);
54
55 std::vector<int> kill_sigs;
56 base::FilePath mkdtemp_root;
57};
58MockPosixState* g_mock_posix_state = nullptr;
59
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]60struct MockCgroupState {
61 struct AddedDevice {
62 bool allow;
63 int major;
64 int minor;
65 bool read;
66 bool write;
67 bool modify;
68 char type;
69 };
70
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]71 bool freeze_ret = true;
72 bool thaw_ret = true;
73 bool deny_all_devs_ret = true;
74 bool add_device_ret = true;
75 bool set_cpu_ret = true;
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]76
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]77 int deny_all_devs_called_count;
78
79 std::vector<AddedDevice> added_devices;
80
81 int set_cpu_shares_count;
82 int set_cpu_quota_count;
83 int set_cpu_period_count;
84 int set_cpu_rt_runtime_count;
85 int set_cpu_rt_period_count;
86};
87MockCgroupState* g_mock_cgroup_state = nullptr;
88
89class MockCgroup : public libcontainer::Cgroup {
90 public:
91 explicit MockCgroup(MockCgroupState* state) : state_(state) {}
92 ~MockCgroup() = default;
93
94 static std::unique_ptr<libcontainer::Cgroup> Create(
95 base::StringPiece name,
96 const base::FilePath& cgroup_root,
97 const base::FilePath& cgroup_parent,
98 uid_t cgroup_owner,
99 gid_t cgroup_group) {
Ben Chanc4929c62017-09-29 23:25:39 -0700[diff] [blame]100 return std::make_unique<MockCgroup>(g_mock_cgroup_state);
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]101 }
102
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]103 bool Freeze() override { return state_->freeze_ret; }
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]104
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]105 bool Thaw() override { return state_->thaw_ret; }
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]106
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]107 bool DenyAllDevices() override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]108 ++state_->deny_all_devs_called_count;
109 return state_->deny_all_devs_ret;
110 }
111
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]112 bool AddDevice(bool allow,
113 int major,
114 int minor,
115 bool read,
116 bool write,
117 bool modify,
118 char type) override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]119 state_->added_devices.emplace_back(MockCgroupState::AddedDevice{
120 allow, major, minor, read, write, modify, type});
121 return state_->add_device_ret;
122 }
123
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]124 bool SetCpuShares(int shares) override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]125 state_->set_cpu_shares_count++;
126 return state_->set_cpu_ret;
127 }
128
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]129 bool SetCpuQuota(int quota) override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]130 state_->set_cpu_quota_count++;
131 return state_->set_cpu_ret;
132 }
133
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]134 bool SetCpuPeriod(int period) override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]135 state_->set_cpu_period_count++;
136 return state_->set_cpu_ret;
137 }
138
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]139 bool SetCpuRtRuntime(int rt_runtime) override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]140 state_->set_cpu_rt_runtime_count++;
141 return state_->set_cpu_ret;
142 }
143
Luis Hector Chavez1f7e60c2017-09-27 22:03:48 -0700[diff] [blame^]144 bool SetCpuRtPeriod(int rt_period) override {
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]145 state_->set_cpu_rt_period_count++;
146 return state_->set_cpu_ret;
147 }
148
149 private:
150 MockCgroupState* const state_;
151
152 DISALLOW_COPY_AND_ASSIGN(MockCgroup);
153};
154
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]155struct MockMinijailState {
156 std::string alt_syscall_table;
157 int ipc_called_count;
158 int vfs_called_count;
159 int net_called_count;
160 int pids_called_count;
161 int run_as_init_called_count;
162 int user_called_count;
163 int cgroups_called_count;
164 int wait_called_count;
165 int reset_signal_mask_called_count;
166 int pid;
167 std::map<minijail_hook_event_t, std::vector<MinijailHookCallback>> hooks;
168};
169MockMinijailState* g_mock_minijail_state = nullptr;
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]170
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]171} // namespace
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]172
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]173TEST(LibcontainerTest, PremountedRunfs) {
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]174 char premounted_runfs[] = "/tmp/cgtest_run/root";
175 struct container_config* config = container_config_create();
176 ASSERT_NE(nullptr, config);
Keshav Santhanam0e4c3282016-07-14 10:25:16 -0700[diff] [blame]177
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]178 container_config_premounted_runfs(config, premounted_runfs);
179 const char* result = container_config_get_premounted_runfs(config);
180 ASSERT_EQ(0, strcmp(result, premounted_runfs));
Keshav Santhanam0e4c3282016-07-14 10:25:16 -0700[diff] [blame]181
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]182 container_config_destroy(config);
Keshav Santhanam0e4c3282016-07-14 10:25:16 -0700[diff] [blame]183}
184
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]185TEST(LibcontainerTest, PidFilePath) {
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]186 char pid_file_path[] = "/tmp/cgtest_run/root/container.pid";
187 struct container_config* config = container_config_create();
188 ASSERT_NE(nullptr, config);
Keshav Santhanam0e4c3282016-07-14 10:25:16 -0700[diff] [blame]189
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]190 container_config_pid_file(config, pid_file_path);
191 const char* result = container_config_get_pid_file(config);
192 ASSERT_EQ(0, strcmp(result, pid_file_path));
Keshav Santhanam0e4c3282016-07-14 10:25:16 -0700[diff] [blame]193
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]194 container_config_destroy(config);
Keshav Santhanam0e4c3282016-07-14 10:25:16 -0700[diff] [blame]195}
196
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]197TEST(LibcontainerTest, LogPreserve) {
Luis Hector Chavez835d39e2017-09-19 15:16:31 -0700[diff] [blame]198 errno = EPERM;
199 PLOG_PRESERVE(ERROR) << "This is an expected error log";
200 ASSERT_EQ(EPERM, errno);
201}
202
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]203class ContainerTest : public ::testing::Test {
204 public:
205 ContainerTest() = default;
206 ~ContainerTest() override = default;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]207
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]208 void SetUp() override {
209 g_mock_posix_state = new MockPosixState();
210 g_mock_cgroup_state = new MockCgroupState();
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]211 g_mock_minijail_state = new MockMinijailState();
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]212 libcontainer::Cgroup::SetCgroupFactoryForTesting(&MockCgroup::Create);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]213
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]214 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]215
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]216 ASSERT_TRUE(base::CreateTemporaryDirInDir(
217 temp_dir_.path(), FILE_PATH_LITERAL("container_test"), &rootfs_));
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]218
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]219 mount_flags_ = MS_NOSUID | MS_NODEV | MS_NOEXEC;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]220
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]221 config_.reset(new Config());
222 container_config_uid_map(config_->get(), "0 0 4294967295");
223 container_config_gid_map(config_->get(), "0 0 4294967295");
224 container_config_rootfs(config_->get(), rootfs_.value().c_str());
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]225
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]226 static const char* kArgv[] = {
227 "/sbin/init",
228 };
229 container_config_program_argv(config_->get(), kArgv, 1);
230 container_config_alt_syscall_table(config_->get(), "testsyscalltable");
231 container_config_add_mount(config_->get(),
232 "testtmpfs",
233 "tmpfs",
234 "/tmp",
235 "tmpfs",
236 nullptr,
237 nullptr,
238 mount_flags_,
239 0,
240 1000,
241 1000,
242 0x666,
243 0,
244 0);
245 container_config_add_device(config_->get(),
246 'c',
247 "/dev/foo",
248 S_IRWXU | S_IRWXG,
249 245,
250 2,
251 0,
252 1000,
253 1001,
254 1,
255 1,
256 0);
257 // test dynamic minor on /dev/null
258 container_config_add_device(config_->get(),
259 'c',
260 "/dev/null",
261 S_IRWXU | S_IRWXG,
262 1,
263 -1,
264 1,
265 1000,
266 1001,
267 1,
268 1,
269 0);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]270
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]271 container_config_set_cpu_shares(config_->get(), kTestCpuShares);
272 container_config_set_cpu_cfs_params(
273 config_->get(), kTestCpuQuota, kTestCpuPeriod);
274 /* Invalid params, so this won't be applied. */
275 container_config_set_cpu_rt_params(config_->get(), 20000, 20000);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]276
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]277 base::FilePath rundir;
278 ASSERT_TRUE(base::CreateTemporaryDirInDir(
279 temp_dir_.path(), FILE_PATH_LITERAL("container_test_run"), &rundir));
280 container_.reset(new Container("containerUT", rundir));
281 ASSERT_NE(nullptr, container_.get());
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]282 }
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]283
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]284 void TearDown() override {
285 container_.reset();
286 config_.reset();
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]287
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]288 ASSERT_TRUE(temp_dir_.Delete());
289 delete g_mock_posix_state;
290 g_mock_posix_state = nullptr;
291 libcontainer::Cgroup::SetCgroupFactoryForTesting(nullptr);
292 delete g_mock_cgroup_state;
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]293 delete g_mock_minijail_state;
294 g_mock_minijail_state = nullptr;
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]295 }
296
297 protected:
298 std::unique_ptr<Config> config_;
299 std::unique_ptr<Container> container_;
300 int mount_flags_;
301 base::FilePath rootfs_;
302
303 private:
304 base::ScopedTempDir temp_dir_;
305
306 DISALLOW_COPY_AND_ASSIGN(ContainerTest);
307};
308
309TEST_F(ContainerTest, TestMountTmpStart) {
310 ASSERT_EQ(0, container_start(container_->get(), config_->get()));
311 ASSERT_EQ(2, g_mock_posix_state->mount_args.size());
312 EXPECT_EQ(false, g_mock_posix_state->mount_args[1].outside_mount);
313 EXPECT_STREQ("tmpfs", g_mock_posix_state->mount_args[1].source.c_str());
314 EXPECT_STREQ("/tmp",
315 g_mock_posix_state->mount_args[1].target.value().c_str());
316 EXPECT_STREQ("tmpfs",
317 g_mock_posix_state->mount_args[1].filesystemtype.c_str());
318 EXPECT_EQ(g_mock_posix_state->mount_args[1].mountflags,
319 static_cast<unsigned long>(mount_flags_));
320 EXPECT_EQ(nullptr, g_mock_posix_state->mount_args[1].data);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]321
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]322 EXPECT_EQ(1, g_mock_minijail_state->ipc_called_count);
323 EXPECT_EQ(1, g_mock_minijail_state->vfs_called_count);
324 EXPECT_EQ(1, g_mock_minijail_state->net_called_count);
325 EXPECT_EQ(1, g_mock_minijail_state->pids_called_count);
326 EXPECT_EQ(1, g_mock_minijail_state->user_called_count);
327 EXPECT_EQ(1, g_mock_minijail_state->cgroups_called_count);
328 EXPECT_EQ(1, g_mock_minijail_state->run_as_init_called_count);
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]329 EXPECT_EQ(1, g_mock_cgroup_state->deny_all_devs_called_count);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]330
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]331 ASSERT_EQ(2, g_mock_cgroup_state->added_devices.size());
332 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[0].allow);
333 EXPECT_EQ(245, g_mock_cgroup_state->added_devices[0].major);
334 EXPECT_EQ(2, g_mock_cgroup_state->added_devices[0].minor);
335 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[0].read);
336 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[0].write);
337 EXPECT_EQ(0, g_mock_cgroup_state->added_devices[0].modify);
338 EXPECT_EQ('c', g_mock_cgroup_state->added_devices[0].type);
Dylan Reid355d5e42016-04-29 16:53:31 -0700[diff] [blame]339
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]340 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[1].allow);
341 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[1].major);
342 EXPECT_EQ(-1, g_mock_cgroup_state->added_devices[1].minor);
343 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[1].read);
344 EXPECT_EQ(1, g_mock_cgroup_state->added_devices[1].write);
345 EXPECT_EQ(0, g_mock_cgroup_state->added_devices[1].modify);
346 EXPECT_EQ('c', g_mock_cgroup_state->added_devices[1].type);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]347
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]348 EXPECT_EQ(1, g_mock_cgroup_state->set_cpu_shares_count);
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]349 EXPECT_EQ(kTestCpuShares, container_config_get_cpu_shares(config_->get()));
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]350 EXPECT_EQ(1, g_mock_cgroup_state->set_cpu_quota_count);
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]351 EXPECT_EQ(kTestCpuQuota, container_config_get_cpu_quota(config_->get()));
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]352 EXPECT_EQ(1, g_mock_cgroup_state->set_cpu_period_count);
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]353 EXPECT_EQ(kTestCpuPeriod, container_config_get_cpu_period(config_->get()));
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]354 EXPECT_EQ(0, g_mock_cgroup_state->set_cpu_rt_runtime_count);
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]355 EXPECT_EQ(0, container_config_get_cpu_rt_runtime(config_->get()));
Luis Hector Chavez76ae9ac2017-09-20 21:13:08 -0700[diff] [blame]356 EXPECT_EQ(0, g_mock_cgroup_state->set_cpu_rt_period_count);
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]357 EXPECT_EQ(0, container_config_get_cpu_rt_period(config_->get()));
Chinyue Chenfac909e2016-06-24 14:17:42 +0800[diff] [blame]358
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]359 ASSERT_NE(std::string(), g_mock_minijail_state->alt_syscall_table);
360 EXPECT_EQ("testsyscalltable", g_mock_minijail_state->alt_syscall_table);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]361
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]362 EXPECT_EQ(0, container_wait(container_->get()));
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]363 EXPECT_EQ(1, g_mock_minijail_state->wait_called_count);
364 EXPECT_EQ(1, g_mock_minijail_state->reset_signal_mask_called_count);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]365}
366
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]367TEST_F(ContainerTest, TestKillContainer) {
368 ASSERT_EQ(0, container_start(container_->get(), config_->get()));
369 EXPECT_EQ(0, container_kill(container_->get()));
370 EXPECT_EQ(std::vector<int>{SIGKILL}, g_mock_posix_state->kill_sigs);
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]371 EXPECT_EQ(1, g_mock_minijail_state->wait_called_count);
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]372}
373
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]374} // namespace libcontainer
375
376// libc stubs so the UT doesn't need root to call mount, etc.
Luis Hector Chavezf9b16872017-09-14 14:22:15 -0700[diff] [blame]377extern "C" {
378
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]379extern decltype(chmod) __real_chmod;
380int __wrap_chmod(const char* path, mode_t mode) {
381 if (!libcontainer::g_mock_posix_state)
382 return __real_chmod(path, mode);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]383 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]384}
385
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]386extern decltype(chown) __real_chown;
387int __wrap_chown(const char* path, uid_t owner, gid_t group) {
388 if (!libcontainer::g_mock_posix_state)
389 return __real_chown(path, owner, group);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]390 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]391}
392
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]393extern decltype(getuid) __real_getuid;
394uid_t __wrap_getuid(void) {
395 if (!libcontainer::g_mock_posix_state)
396 return __real_getuid();
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]397 return 0;
398}
399
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]400extern decltype(kill) __real_kill;
401int __wrap_kill(pid_t pid, int sig) {
402 if (!libcontainer::g_mock_posix_state)
403 return __real_kill(pid, sig);
404 libcontainer::g_mock_posix_state->kill_sigs.push_back(sig);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]405 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]406}
407
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]408extern decltype(mkdir) __real_mkdir;
409int __wrap_mkdir(const char* pathname, mode_t mode) {
410 if (!libcontainer::g_mock_posix_state)
411 return __real_mkdir(pathname, mode);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]412 return 0;
Luis Hector Chavez836d7b22017-09-14 15:11:15 -0700[diff] [blame]413}
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]414
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]415extern decltype(mkdtemp) __real_mkdtemp;
416char* __wrap_mkdtemp(char* template_string) {
417 if (!libcontainer::g_mock_posix_state)
418 return __real_mkdtemp(template_string);
419 libcontainer::g_mock_posix_state->mkdtemp_root =
420 base::FilePath(template_string);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]421 return template_string;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]422}
423
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]424extern decltype(mount) __real_mount;
425int __wrap_mount(const char* source,
426 const char* target,
427 const char* filesystemtype,
428 unsigned long mountflags,
429 const void* data) {
430 if (!libcontainer::g_mock_posix_state)
431 return __real_mount(source, target, filesystemtype, mountflags, data);
432
433 libcontainer::g_mock_posix_state->mount_args.emplace_back(
434 libcontainer::MockPosixState::MountArgs{source,
435 base::FilePath(target),
436 filesystemtype,
437 mountflags,
438 data,
439 true});
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]440 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]441}
442
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]443extern decltype(rmdir) __real_rmdir;
444int __wrap_rmdir(const char* pathname) {
445 if (!libcontainer::g_mock_posix_state)
446 return __real_rmdir(pathname);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]447 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]448}
449
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]450extern decltype(umount) __real_umount;
451int __wrap_umount(const char* target) {
452 if (!libcontainer::g_mock_posix_state)
453 return __real_umount(target);
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]454 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]455}
456
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]457extern decltype(umount2) __real_umount2;
458int __wrap_umount2(const char* target, int flags) {
459 if (!libcontainer::g_mock_posix_state)
460 return __real_umount2(target, flags);
461 return 0;
462}
463
464extern decltype(unlink) __real_unlink;
465int __wrap_unlink(const char* pathname) {
466 if (!libcontainer::g_mock_posix_state)
467 return __real_unlink(pathname);
468 return 0;
469}
470
471extern decltype(__xmknod) __real___xmknod;
472int __wrap___xmknod(int ver, const char* pathname, mode_t mode, dev_t* dev) {
473 if (!libcontainer::g_mock_posix_state)
474 return __real___xmknod(ver, pathname, mode, dev);
475 return 0;
476}
477
478extern decltype(__xstat) __real___xstat;
479int __wrap___xstat(int ver, const char* path, struct stat* buf) {
480 if (!libcontainer::g_mock_posix_state)
481 return __real___xstat(ver, path, buf);
482 buf->st_rdev = libcontainer::g_mock_posix_state->stat_rdev_ret;
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]483 return 0;
484}
485
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]486extern decltype(setns) __real_setns;
487int __wrap_setns(int fd, int nstype) {
488 if (!libcontainer::g_mock_posix_state)
489 return __real_setns(fd, nstype);
490 return 0;
491}
492
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]493/* Minijail stubs */
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]494struct minijail* minijail_new(void) {
495 return (struct minijail*)0x55;
Chinyue Chen03c54ae2016-06-29 12:29:10 +0800[diff] [blame]496}
497
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]498void minijail_destroy(struct minijail* j) {}
499
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]500int minijail_mount_with_data(struct minijail* j,
501 const char* source,
502 const char* target,
503 const char* filesystemtype,
504 unsigned long mountflags,
505 const char* data) {
Luis Hector Chavez58725a82017-09-19 21:14:17 -0700[diff] [blame]506 libcontainer::g_mock_posix_state->mount_args.emplace_back(
507 libcontainer::MockPosixState::MountArgs{source,
508 base::FilePath(target),
509 filesystemtype,
510 mountflags,
511 data,
512 false});
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]513 return 0;
514}
515
Luis Hector Chavezedec56e2017-09-19 15:43:53 -0700[diff] [blame]516void minijail_namespace_user_disable_setgroups(struct minijail* j) {}
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]517
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]518void minijail_namespace_vfs(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]519 ++libcontainer::g_mock_minijail_state->vfs_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]520}
521
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]522void minijail_namespace_ipc(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]523 ++libcontainer::g_mock_minijail_state->ipc_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]524}
525
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]526void minijail_namespace_net(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]527 ++libcontainer::g_mock_minijail_state->net_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]528}
529
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]530void minijail_namespace_pids(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]531 ++libcontainer::g_mock_minijail_state->pids_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]532}
533
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]534void minijail_namespace_user(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]535 ++libcontainer::g_mock_minijail_state->user_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]536}
537
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]538void minijail_namespace_cgroups(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]539 ++libcontainer::g_mock_minijail_state->cgroups_called_count;
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]540}
541
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]542int minijail_uidmap(struct minijail* j, const char* uidmap) {
543 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]544}
545
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]546int minijail_gidmap(struct minijail* j, const char* gidmap) {
547 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]548}
549
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]550int minijail_enter_pivot_root(struct minijail* j, const char* dir) {
551 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]552}
553
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]554void minijail_run_as_init(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]555 ++libcontainer::g_mock_minijail_state->run_as_init_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]556}
557
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]558int minijail_run_pid_pipes_no_preload(struct minijail* j,
559 const char* filename,
560 char* const argv[],
561 pid_t* pchild_pid,
562 int* pstdin_fd,
563 int* pstdout_fd,
564 int* pstderr_fd) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]565 libcontainer::g_mock_minijail_state->pid = fork();
566 if (libcontainer::g_mock_minijail_state->pid == -1)
567 return libcontainer::g_mock_minijail_state->pid;
568
569 if (libcontainer::g_mock_minijail_state->pid == 0) {
570 for (minijail_hook_event_t event : {MINIJAIL_HOOK_EVENT_PRE_CHROOT,
571 MINIJAIL_HOOK_EVENT_PRE_DROP_CAPS,
572 MINIJAIL_HOOK_EVENT_PRE_EXECVE}) {
573 auto it = libcontainer::g_mock_minijail_state->hooks.find(event);
574 if (it == libcontainer::g_mock_minijail_state->hooks.end())
575 continue;
576 for (auto& hook : it->second) {
577 int rc = hook.Run();
578 if (rc)
579 _exit(rc);
580 }
581 }
582 _exit(0);
583 }
584
585 *pchild_pid = libcontainer::g_mock_minijail_state->pid;
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]586 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]587}
588
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]589int minijail_write_pid_file(struct minijail* j, const char* path) {
590 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]591}
592
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]593int minijail_wait(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]594 ++libcontainer::g_mock_minijail_state->wait_called_count;
595 int status;
596 if (HANDLE_EINTR(
597 waitpid(libcontainer::g_mock_minijail_state->pid, &status, 0)) < 0) {
598 PLOG_PRESERVE(ERROR) << "Failed to wait for minijail";
599 return -errno;
600 }
601 if (!WIFEXITED(status)) {
602 LOG(ERROR) << "minijail terminated abnormally: " << std::hex << status;
603 return -ECANCELED;
604 }
605 // Exit status gets truncated to 8 bits. This should sign-extend it so that
606 // any negative values we passed are preserved.
607 return static_cast<int8_t>(WEXITSTATUS(status));
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]608}
609
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]610int minijail_use_alt_syscall(struct minijail* j, const char* table) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]611 libcontainer::g_mock_minijail_state->alt_syscall_table = table;
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]612 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]613}
614
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]615int minijail_add_to_cgroup(struct minijail* j, const char* cg_path) {
616 return 0;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]617}
618
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]619void minijail_reset_signal_mask(struct minijail* j) {
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]620 ++libcontainer::g_mock_minijail_state->reset_signal_mask_called_count;
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]621}
622
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]623void minijail_skip_remount_private(struct minijail* j) {}
Dylan Reid837c74a2016-01-22 17:25:21 -0800[diff] [blame]624
Luis Hector Chavez644d2042017-09-19 18:56:44 -0700[diff] [blame]625int minijail_preserve_fd(struct minijail* j, int parent_fd, int child_fd) {
626 return 0;
627}
628
629int minijail_add_hook(struct minijail* j,
630 minijail_hook_t hook,
631 void* payload,
632 minijail_hook_event_t event) {
633 auto it = libcontainer::g_mock_minijail_state->hooks.insert(
634 std::make_pair(event, std::vector<libcontainer::MinijailHookCallback>()));
635 it.first->second.emplace_back(base::Bind(hook, base::Unretained(payload)));
636 return 0;
637}
638
Luis Hector Chavez9e03e172017-09-15 11:29:54 -0700[diff] [blame]639void minijail_close_open_fds(struct minijail* j) {}
640
Luis Hector Chavez31735bc2017-09-15 08:17:10 -0700[diff] [blame]641} // extern "C"