From c141a92544864b59d152d0c2f1ad1bf3800f0e58 Mon Sep 17 00:00:00 2001 From: zhushengle Date: Thu, 23 Feb 2023 20:09:42 +0800 Subject: [PATCH] =?UTF-8?q?feat=20=E6=94=AF=E6=8C=81=E5=AE=B9=E5=99=A8?= =?UTF-8?q?=E9=99=90=E9=A2=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit BREAKING CHANGE: 支持容器限额对外变更: 1.在proc目录下增加sys/user目录,支持max_容器_container 配额文件 Close #I6HDQK Signed-off-by: zhushengle Change-Id: Ieaac046182f679a6f49cbdc74593ab39fcb31f5f --- fs/proc/BUILD.gn | 1 + fs/proc/include/internal.h | 1 + fs/proc/os_adapt/proc_init.c | 3 + fs/proc/os_adapt/sys_user.c | 228 ++++++++++++++ kernel/base/container/los_container.c | 139 +++++++++ kernel/base/container/los_ipc_container.c | 13 + kernel/base/container/los_mnt_container.c | 13 + kernel/base/container/los_pid_container.c | 28 +- kernel/base/container/los_time_container.c | 13 + kernel/base/container/los_user_container.c | 17 +- kernel/base/container/los_uts_container.c | 12 + kernel/base/include/los_container_pri.h | 28 ++ kernel/base/include/los_ipc_container_pri.h | 2 + kernel/base/include/los_mnt_container_pri.h | 1 + kernel/base/include/los_pid_container_pri.h | 2 + kernel/base/include/los_time_container_pri.h | 2 + kernel/base/include/los_user_container_pri.h | 2 + kernel/base/include/los_uts_container_pri.h | 1 + kernel/common/los_config.h | 8 + .../unittest/container/It_container_test.cpp | 287 +++++++++++++++--- .../unittest/container/It_container_test.h | 33 +- testsuites/unittest/container/config.gni | 10 + .../container/full/It_pid_container_024.cpp | 5 +- .../smoke/It_ipc_container_007.cpp} | 65 ++-- .../container/smoke/It_ipc_container_008.cpp | 105 +++++++ .../smoke/It_mnt_container_009.cpp} | 63 ++-- .../container/smoke/It_mnt_container_010.cpp | 105 +++++++ .../smoke/It_pid_container_032.cpp} | 63 ++-- .../container/smoke/It_pid_container_033.cpp | 105 +++++++ .../container/smoke/It_time_container_006.cpp | 85 +++++- .../smoke/It_user_container_006.cpp} | 63 ++-- .../container/smoke/It_user_container_007.cpp | 105 +++++++ .../container/smoke/It_uts_container_005.cpp | 81 +++-- .../container/smoke/It_uts_container_006.cpp | 49 ++- .../smoke/It_uts_container_007.cpp} | 62 ++-- .../container/smoke/It_uts_container_008.cpp | 105 +++++++ testsuites/unittest/process/fs/config.gni | 6 - .../process/fs/smoke/It_process_fs_002.cpp | 7 +- .../process/fs/smoke/It_process_fs_006.cpp | 124 -------- 39 files changed, 1691 insertions(+), 351 deletions(-) create mode 100644 fs/proc/os_adapt/sys_user.c rename testsuites/unittest/{process/fs/smoke/It_process_fs_020.cpp => container/smoke/It_ipc_container_007.cpp} (58%) create mode 100644 testsuites/unittest/container/smoke/It_ipc_container_008.cpp rename testsuites/unittest/{process/fs/smoke/It_process_fs_018.cpp => container/smoke/It_mnt_container_009.cpp} (60%) create mode 100644 testsuites/unittest/container/smoke/It_mnt_container_010.cpp rename testsuites/unittest/{process/fs/smoke/It_process_fs_019.cpp => container/smoke/It_pid_container_032.cpp} (60%) create mode 100644 testsuites/unittest/container/smoke/It_pid_container_033.cpp rename testsuites/unittest/{process/fs/smoke/It_process_fs_017.cpp => container/smoke/It_user_container_006.cpp} (60%) create mode 100644 testsuites/unittest/container/smoke/It_user_container_007.cpp rename testsuites/unittest/{process/fs/smoke/It_process_fs_016.cpp => container/smoke/It_uts_container_007.cpp} (59%) create mode 100644 testsuites/unittest/container/smoke/It_uts_container_008.cpp delete mode 100644 testsuites/unittest/process/fs/smoke/It_process_fs_006.cpp diff --git a/fs/proc/BUILD.gn b/fs/proc/BUILD.gn index bbeece87..eb2538ed 100644 --- a/fs/proc/BUILD.gn +++ b/fs/proc/BUILD.gn @@ -43,6 +43,7 @@ kernel_module(module_name) { "os_adapt/proc_init.c", "os_adapt/proc_vfs.c", "os_adapt/process_proc.c", + "os_adapt/sys_user.c", "os_adapt/uptime_proc.c", "os_adapt/vmm_proc.c", "src/proc_file.c", diff --git a/fs/proc/include/internal.h b/fs/proc/include/internal.h index a041a31a..22949386 100644 --- a/fs/proc/include/internal.h +++ b/fs/proc/include/internal.h @@ -89,6 +89,7 @@ void ProcFdInit(void); #ifdef LOSCFG_KERNEL_CONTAINER void *ProcfsContainerGet(int fd, unsigned int *containerType); +void ProcSysUserInit(void); #endif #ifdef __cplusplus diff --git a/fs/proc/os_adapt/proc_init.c b/fs/proc/os_adapt/proc_init.c index b6cb4386..85913e1d 100644 --- a/fs/proc/os_adapt/proc_init.c +++ b/fs/proc/os_adapt/proc_init.c @@ -75,6 +75,9 @@ void ProcFsInit(void) #ifdef LOSCFG_KERNEL_PLIMITS ProcLimitsInit(); #endif +#ifdef LOSCFG_KERNEL_CONTAINER + ProcSysUserInit(); +#endif } LOS_MODULE_INIT(ProcFsInit, LOS_INIT_LEVEL_KMOD_EXTENDED); diff --git a/fs/proc/os_adapt/sys_user.c b/fs/proc/os_adapt/sys_user.c new file mode 100644 index 00000000..e834fffc --- /dev/null +++ b/fs/proc/os_adapt/sys_user.c @@ -0,0 +1,228 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of + * conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list + * of conditions and the following disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include "proc_fs.h" +#include "internal.h" +#include "los_process_pri.h" +#include "user_copy.h" +#include "los_memory.h" + +#ifdef LOSCFG_KERNEL_CONTAINER +struct ProcSysUser { + char *name; + mode_t mode; + int type; + const struct ProcFileOperations *fileOps; +}; + +static unsigned int MemUserCopy(const char *src, size_t len, char **kbuf) +{ + if (LOS_IsUserAddressRange((VADDR_T)(UINTPTR)src, len)) { + char *kernelBuf = LOS_MemAlloc(m_aucSysMem1, len + 1); + if (kernelBuf == NULL) { + return ENOMEM; + } + + if (LOS_ArchCopyFromUser(kernelBuf, src, len) != 0) { + (VOID)LOS_MemFree(m_aucSysMem1, kernelBuf); + return EFAULT; + } + kernelBuf[len] = '\0'; + *kbuf = kernelBuf; + return 0; + } + return 0; +} + +static int GetContainerLimitValue(struct ProcFile *pf, const CHAR *buf, size_t count) +{ + int value; + char *kbuf = NULL; + + if ((pf == NULL) || (pf->pPDE == NULL) || (buf == NULL) || (count <= 0)) { + return -EINVAL; + } + + unsigned ret = MemUserCopy(buf, count, &kbuf); + if (ret != 0) { + return -ret; + } else if ((ret == 0) && (kbuf != NULL)) { + buf = (const char *)kbuf; + } + + if (strspn(buf, "0123456789") != count) { + (void)LOS_MemFree(m_aucSysMem1, kbuf); + return -EINVAL; + } + value = atoi(buf); + (void)LOS_MemFree(m_aucSysMem1, kbuf); + return value; +} + +static ssize_t ProcSysUserWrite(struct ProcFile *pf, const char *buf, size_t size, loff_t *ppos) +{ + (void)ppos; + unsigned ret; + int value = GetContainerLimitValue(pf, buf, size); + if (value < 0) { + return -EINVAL; + } + + ContainerType type = (ContainerType)(uintptr_t)pf->pPDE->data; + ret = OsSetContainerLimit(type, value); + if (ret != LOS_OK) { + return -EINVAL; + } + return size; +} + +static int ProcSysUserRead(struct SeqBuf *seqBuf, void *v) +{ + unsigned ret; + if ((seqBuf == NULL) || (v == NULL)) { + return EINVAL; + } + + ContainerType type = (ContainerType)(uintptr_t)v; + ret = OsGetContainerLimit(type); + if (ret == OS_INVALID_VALUE) { + return EINVAL; + } + (void)LosBufPrintf(seqBuf, "\nlimit: %u\n", ret); + (void)LosBufPrintf(seqBuf, "count: %u\n", OsGetContainerCount(type)); + return 0; +} + +static const struct ProcFileOperations SYS_USER_OPT = { + .read = ProcSysUserRead, + .write = ProcSysUserWrite, +}; + +static struct ProcSysUser g_sysUser[] = { +#ifdef LOSCFG_MNT_CONTAINER + { + .name = "max_mnt_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = MNT_CONTAINER, + .fileOps = &SYS_USER_OPT + + }, +#endif +#ifdef LOSCFG_PID_CONTAINER + { + .name = "max_pid_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = PID_CONTAINER, + .fileOps = &SYS_USER_OPT + }, +#endif +#ifdef LOSCFG_USER_CONTAINER + { + .name = "max_user_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = USER_CONTAINER, + .fileOps = &SYS_USER_OPT + + }, +#endif +#ifdef LOSCFG_UTS_CONTAINER + { + .name = "max_uts_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = UTS_CONTAINER, + .fileOps = &SYS_USER_OPT + + }, +#endif +#ifdef LOSCFG_UTS_CONTAINER + { + .name = "max_time_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = UTS_CONTAINER, + .fileOps = &SYS_USER_OPT + + }, +#endif +#ifdef LOSCFG_IPC_CONTAINER + { + .name = "max_ipc_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = IPC_CONTAINER, + .fileOps = &SYS_USER_OPT + }, +#endif +#ifdef LOSCFG_NET_CONTAINER + { + .name = "max_net_container", + .mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH, + .type = NET_CONTAINER, + .fileOps = &SYS_USER_OPT + }, +#endif +}; + +static int ProcCreateSysUser(struct ProcDirEntry *parent) +{ + struct ProcDataParm parm; + for (int index = 0; index < (sizeof(g_sysUser) / sizeof(struct ProcSysUser)); index++) { + struct ProcSysUser *sysUser = &g_sysUser[index]; + parm.data = (void *)(uintptr_t)sysUser->type; + parm.dataType = PROC_DATA_STATIC; + struct ProcDirEntry *userFile = ProcCreateData(sysUser->name, sysUser->mode, parent, sysUser->fileOps, &parm); + if (userFile == NULL) { + PRINT_ERR("create /proc/%s/%s error!\n", parent->name, sysUser->name); + return -1; + } + } + return 0; +} + +#define PROC_SYS_USER_MODE (S_IFDIR | S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH) +void ProcSysUserInit(void) +{ + struct ProcDirEntry *parentPDE = CreateProcEntry("sys", PROC_SYS_USER_MODE, NULL); + if (parentPDE == NULL) { + return; + } + struct ProcDirEntry *pde = CreateProcEntry("user", PROC_SYS_USER_MODE, parentPDE); + if (pde == NULL) { + PRINT_ERR("create /proc/process error!\n"); + return; + } + + int ret = ProcCreateSysUser(pde); + if (ret < 0) { + PRINT_ERR("Create proc sys user failed!\n"); + } + return; +} +#endif diff --git a/kernel/base/container/los_container.c b/kernel/base/container/los_container.c index 7f374016..f0f1e31b 100644 --- a/kernel/base/container/los_container.c +++ b/kernel/base/container/los_container.c @@ -33,6 +33,7 @@ #ifdef LOSCFG_KERNEL_CONTAINER STATIC Container g_rootContainer; +STATIC ContainerLimit g_containerLimit; STATIC Atomic g_containerCount = 0xF0000000U; #ifdef LOSCFG_USER_CONTAINER STATIC Credentials *g_rootCredentials = NULL; @@ -56,25 +57,163 @@ VOID OsContainerInitSystemProcess(LosProcessCB *processCB) return; } +UINT32 OsGetContainerLimit(ContainerType type) +{ + switch (type) { +#ifdef LOSCFG_PID_CONTAINER + case PID_CONTAINER: + case PID_CHILD_CONTAINER: + return g_containerLimit.pidLimit; +#endif +#ifdef LOSCFG_USER_CONTAINER + case USER_CONTAINER: + return g_containerLimit.userLimit; +#endif +#ifdef LOSCFG_UTS_CONTAINER + case UTS_CONTAINER: + return g_containerLimit.utsLimit; +#endif +#ifdef LOSCFG_MNT_CONTAINER + case MNT_CONTAINER: + return g_containerLimit.mntLimit; +#endif +#ifdef LOSCFG_IPC_CONTAINER + case IPC_CONTAINER: + return g_containerLimit.ipcLimit; +#endif +#ifdef LOSCFG_TIME_CONTAINER + case TIME_CONTAINER: + case TIME_CHILD_CONTAINER: + return g_containerLimit.timeLimit; +#endif + default: + break; + } + return OS_INVALID_VALUE; +} + +UINT32 OsContainerLimitCheck(ContainerType type, UINT32 *containerCount) +{ + UINT32 intSave; + SCHEDULER_LOCK(intSave); + if ((*containerCount) >= OsGetContainerLimit(type)) { + SCHEDULER_UNLOCK(intSave); + return EINVAL; + } + SCHEDULER_UNLOCK(intSave); + return LOS_OK; +} + +UINT32 OsSetContainerLimit(ContainerType type, UINT32 value) +{ + UINT32 intSave; + + if (value > LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT) { + return EINVAL; + } + + SCHEDULER_LOCK(intSave); + switch (type) { +#ifdef LOSCFG_PID_CONTAINER + case PID_CONTAINER: + case PID_CHILD_CONTAINER: + g_containerLimit.pidLimit = value; + break; +#endif +#ifdef LOSCFG_USER_CONTAINER + case USER_CONTAINER: + g_containerLimit.userLimit = value; + break; +#endif +#ifdef LOSCFG_UTS_CONTAINER + case UTS_CONTAINER: + g_containerLimit.utsLimit = value; + break; +#endif +#ifdef LOSCFG_MNT_CONTAINER + case MNT_CONTAINER: + g_containerLimit.mntLimit = value; + break; +#endif +#ifdef LOSCFG_IPC_CONTAINER + case IPC_CONTAINER: + g_containerLimit.ipcLimit = value; + break; +#endif +#ifdef LOSCFG_TIME_CONTAINER + case TIME_CONTAINER: + case TIME_CHILD_CONTAINER: + g_containerLimit.timeLimit = value; + break; +#endif + default: + SCHEDULER_UNLOCK(intSave); + return EINVAL; + } + SCHEDULER_UNLOCK(intSave); + return LOS_OK; +} + +UINT32 OsGetContainerCount(ContainerType type) +{ + switch (type) { +#ifdef LOSCFG_PID_CONTAINER + case PID_CONTAINER: + case PID_CHILD_CONTAINER: + return OsGetPidContainerCount(); +#endif +#ifdef LOSCFG_USER_CONTAINER + case USER_CONTAINER: + return OsGetUserContainerCount(); +#endif +#ifdef LOSCFG_UTS_CONTAINER + case UTS_CONTAINER: + return OsGetUtsContainerCount(); +#endif +#ifdef LOSCFG_MNT_CONTAINER + case MNT_CONTAINER: + return OsGetMntContainerCount(); +#endif +#ifdef LOSCFG_IPC_CONTAINER + case IPC_CONTAINER: + return OsGetIpcContainerCount(); +#endif +#ifdef LOSCFG_TIME_CONTAINER + case TIME_CONTAINER: + case TIME_CHILD_CONTAINER: + return OsGetTimeContainerCount(); +#endif + default: + break; + } + return OS_INVALID_VALUE; +} + VOID OsInitRootContainer(VOID) { #ifdef LOSCFG_USER_CONTAINER + g_containerLimit.userLimit = LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT; OsInitRootUserCredentials(&g_rootCredentials); #endif #ifdef LOSCFG_PID_CONTAINER + g_containerLimit.pidLimit = LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT; (VOID)OsInitRootPidContainer(&g_rootContainer.pidContainer); g_rootContainer.pidForChildContainer = g_rootContainer.pidContainer; #endif #ifdef LOSCFG_UTS_CONTAINER + g_containerLimit.utsLimit = LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT; (VOID)OsInitRootUtsContainer(&g_rootContainer.utsContainer); #endif #ifdef LOSCFG_MNT_CONTAINER + g_containerLimit.mntLimit = LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT; (VOID)OsInitRootMntContainer(&g_rootContainer.mntContainer); #endif #ifdef LOSCFG_IPC_CONTAINER + g_containerLimit.ipcLimit = LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT; (VOID)OsInitRootIpcContainer(&g_rootContainer.ipcContainer); #endif #ifdef LOSCFG_TIME_CONTAINER + g_containerLimit.timeLimit = LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT; (VOID)OsInitRootTimeContainer(&g_rootContainer.timeContainer); g_rootContainer.timeForChildContainer = g_rootContainer.timeContainer; #endif diff --git a/kernel/base/container/los_ipc_container.c b/kernel/base/container/los_ipc_container.c index 826a7561..d63e2b4f 100644 --- a/kernel/base/container/los_ipc_container.c +++ b/kernel/base/container/los_ipc_container.c @@ -121,6 +121,10 @@ UINT32 OsCopyIpcContainer(UINTPTR flags, LosProcessCB *child, LosProcessCB *pare return LOS_OK; } + if (OsContainerLimitCheck(IPC_CONTAINER, &g_currentIpcContainerNum) != LOS_OK) { + return EPERM; + } + return CreateIpcContainer(child, parent); } @@ -137,6 +141,10 @@ UINT32 OsUnshareIpcContainer(UINTPTR flags, LosProcessCB *curr, Container *newCo return LOS_OK; } + if (OsContainerLimitCheck(IPC_CONTAINER, &g_currentIpcContainerNum) != LOS_OK) { + return EPERM; + } + IpcContainer *ipcContainer = CreateNewIpcContainer(parentContainer); if (ipcContainer == NULL) { return ENOMEM; @@ -206,4 +214,9 @@ IpcContainer *OsGetCurrIpcContainer(VOID) { return OsCurrProcessGet()->container->ipcContainer; } + +UINT32 OsGetIpcContainerCount(VOID) +{ + return g_currentIpcContainerNum; +} #endif diff --git a/kernel/base/container/los_mnt_container.c b/kernel/base/container/los_mnt_container.c index ed6032b6..976feaeb 100644 --- a/kernel/base/container/los_mnt_container.c +++ b/kernel/base/container/los_mnt_container.c @@ -124,6 +124,10 @@ UINT32 OsCopyMntContainer(UINTPTR flags, LosProcessCB *child, LosProcessCB *pare return LOS_OK; } + if (OsContainerLimitCheck(MNT_CONTAINER, &g_currentMntContainerNum) != LOS_OK) { + return EPERM; + } + ret = CreateMntContainer(child, parent); if (ret != LOS_OK) { return ret; @@ -146,6 +150,10 @@ UINT32 OsUnshareMntContainer(UINTPTR flags, LosProcessCB *curr, Container *newCo return LOS_OK; } + if (OsContainerLimitCheck(MNT_CONTAINER, &g_currentMntContainerNum) != LOS_OK) { + return EPERM; + } + MntContainer *mntContainer = CreateNewMntContainer(parentContainer); if (mntContainer == NULL) { return ENOMEM; @@ -237,4 +245,9 @@ UINT32 OsGetMntContainerID(MntContainer *mntContainer) return mntContainer->containerID; } + +UINT32 OsGetMntContainerCount(VOID) +{ + return g_currentMntContainerNum; +} #endif diff --git a/kernel/base/container/los_pid_container.c b/kernel/base/container/los_pid_container.c index a90ca790..ba0bf9e4 100644 --- a/kernel/base/container/los_pid_container.c +++ b/kernel/base/container/los_pid_container.c @@ -52,7 +52,18 @@ STATIC VOID FreeVpid(LosProcessCB *processCB) processVid->vpid = OS_INVALID_VALUE; LOS_ListTailInsert(&pidContainer->pidFreeList, &processVid->node); LOS_AtomicDec(&pidContainer->rc); - pidContainer = pidContainer->parent; + PidContainer *parentPidContainer = pidContainer->parent; + if (LOS_AtomicRead(&pidContainer->rc) > 0) { + pidContainer = parentPidContainer; + continue; + } + g_currentPidContainerNum--; + (VOID)LOS_MemFree(m_aucSysMem1, pidContainer->rootPGroup); + (VOID)LOS_MemFree(m_aucSysMem1, pidContainer); + if (pidContainer == processCB->container->pidContainer) { + processCB->container->pidContainer = NULL; + } + pidContainer = parentPidContainer; } } @@ -305,7 +316,7 @@ VOID OsPidContainerDestroy(Container *container, LosProcessCB *processCB) } } - if (LOS_AtomicRead(&pidContainer->rc) <= 0) { + if ((container->pidContainer != NULL) && (LOS_AtomicRead(&pidContainer->rc) <= 0)) { g_currentPidContainerNum--; container->pidContainer = NULL; container->pidForChildContainer = NULL; @@ -409,6 +420,10 @@ UINT32 OsCopyPidContainer(UINTPTR flags, LosProcessCB *child, LosProcessCB *pare } SCHEDULER_UNLOCK(intSave); + if (OsContainerLimitCheck(PID_CONTAINER, &g_currentPidContainerNum) != LOS_OK) { + return EPERM; + } + ret = CreatePidContainer(child, parent); if (ret != LOS_OK) { return ret; @@ -445,6 +460,10 @@ UINT32 OsUnsharePidContainer(UINTPTR flags, LosProcessCB *curr, Container *newCo return LOS_OK; } + if (OsContainerLimitCheck(PID_CONTAINER, &g_currentPidContainerNum) != LOS_OK) { + return EPERM; + } + PidContainer *pidForChild = CreateNewPidContainer(curr->container->pidContainer); if (pidForChild == NULL) { return ENOMEM; @@ -596,4 +615,9 @@ UINT32 OsGetPidContainerID(PidContainer *pidContainer) return pidContainer->containerID; } + +UINT32 OsGetPidContainerCount(VOID) +{ + return g_currentPidContainerNum; +} #endif diff --git a/kernel/base/container/los_time_container.c b/kernel/base/container/los_time_container.c index 5ec69c72..78bc8482 100644 --- a/kernel/base/container/los_time_container.c +++ b/kernel/base/container/los_time_container.c @@ -96,6 +96,10 @@ UINT32 OsCopyTimeContainer(UINTPTR flags, LosProcessCB *child, LosProcessCB *par return LOS_OK; } + if (OsContainerLimitCheck(TIME_CONTAINER, &g_currentTimeContainerNum) != LOS_OK) { + return EPERM; + } + return CreateTimeContainer(child, parent); } @@ -114,6 +118,10 @@ UINT32 OsUnshareTimeContainer(UINTPTR flags, LosProcessCB *curr, Container *newC return LOS_OK; } + if (OsContainerLimitCheck(TIME_CONTAINER, &g_currentTimeContainerNum) != LOS_OK) { + return EPERM; + } + TimeContainer *timeForChild = CreateNewTimeContainer(curr->container->timeContainer); if (timeForChild == NULL) { return ENOMEM; @@ -242,4 +250,9 @@ UINT32 OsSetTimeContainerMonotonic(LosProcessCB *processCB, struct timespec64 *o timeContainer->monotonic.tv_nsec = offsets->tv_nsec; return LOS_OK; } + +UINT32 OsGetTimeContainerCount(VOID) +{ + return g_currentTimeContainerNum; +} #endif diff --git a/kernel/base/container/los_user_container.c b/kernel/base/container/los_user_container.c index 5101171a..e118e4fe 100644 --- a/kernel/base/container/los_user_container.c +++ b/kernel/base/container/los_user_container.c @@ -48,10 +48,14 @@ #define DEC 10 #ifdef LOSCFG_USER_CONTAINER -UINT32 g_currentUserContainerNum = 1; +UINT32 g_currentUserContainerNum = 0; UINT32 OsCreateUserContainer(Credentials *newCredentials, UserContainer *parentUserContainer) { + if (g_currentUserContainerNum >= OsGetContainerLimit(USER_CONTAINER)) { + return EPERM; + } + if ((parentUserContainer != NULL) && (parentUserContainer->level >= LEVEL_MAX)) { return EINVAL; } @@ -95,7 +99,11 @@ VOID FreeUserContainer(UserContainer *userContainer) userContainer->parent = NULL; userContainer = parent; g_currentUserContainerNum--; - } while ((userContainer != NULL) && (LOS_AtomicRead(&userContainer->rc) <= 0)); + if (userContainer == NULL) { + break; + } + LOS_AtomicDec(&userContainer->rc); + } while (LOS_AtomicRead(&userContainer->rc) <= 0); } STATIC UidGidExtent *MapIdUpBase(UINT32 extents, UidGidMap *map, UINT32 id) @@ -423,4 +431,9 @@ INT32 OsUserContainerMapWrite(struct ProcFile *fp, CHAR *kbuf, size_t count, map->extentCount = newMap.extentCount; return count; } + +UINT32 OsGetUserContainerCount(VOID) +{ + return g_currentUserContainerNum; +} #endif diff --git a/kernel/base/container/los_uts_container.c b/kernel/base/container/los_uts_container.c index f5d6a501..736e8ea9 100644 --- a/kernel/base/container/los_uts_container.c +++ b/kernel/base/container/los_uts_container.c @@ -135,6 +135,10 @@ UINT32 OsCopyUtsContainer(UINTPTR flags, LosProcessCB *child, LosProcessCB *pare return LOS_OK; } + if (OsContainerLimitCheck(UTS_CONTAINER, &g_currentUtsContainerNum) != LOS_OK) { + return EPERM; + } + return CreateUtsContainer(child, parent); } @@ -151,6 +155,10 @@ UINT32 OsUnshareUtsContainer(UINTPTR flags, LosProcessCB *curr, Container *newCo return LOS_OK; } + if (OsContainerLimitCheck(UTS_CONTAINER, &g_currentUtsContainerNum) != LOS_OK) { + return EPERM; + } + UtsContainer *utsContainer = CreateNewUtsContainer(parentContainer); if (utsContainer == NULL) { return ENOMEM; @@ -226,4 +234,8 @@ UINT32 OsGetUtsContainerID(UtsContainer *utsContainer) return utsContainer->containerID; } +UINT32 OsGetUtsContainerCount(VOID) +{ + return g_currentUtsContainerNum; +} #endif diff --git a/kernel/base/include/los_container_pri.h b/kernel/base/include/los_container_pri.h index 7e8ebd8a..f4122bfd 100644 --- a/kernel/base/include/los_container_pri.h +++ b/kernel/base/include/los_container_pri.h @@ -86,6 +86,27 @@ typedef struct Container { #endif } Container; +typedef struct TagContainerLimit { +#ifdef LOSCFG_PID_CONTAINER + UINT32 pidLimit; +#endif +#ifdef LOSCFG_UTS_CONTAINER + UINT32 utsLimit; +#endif +#ifdef LOSCFG_MNT_CONTAINER + UINT32 mntLimit; +#endif +#ifdef LOSCFG_IPC_CONTAINER + UINT32 ipcLimit; +#endif +#ifdef LOSCFG_TIME_CONTAINER + UINT32 timeLimit; +#endif +#ifdef LOSCFG_USER_CONTAINER + UINT32 userLimit; +#endif +} ContainerLimit; + VOID OsContainerInitSystemProcess(LosProcessCB *processCB); VOID OsInitRootContainer(VOID); @@ -104,5 +125,12 @@ INT32 OsUnshare(UINT32 flags); INT32 OsSetNs(INT32 fd, INT32 type); +UINT32 OsGetContainerLimit(ContainerType type); + +UINT32 OsContainerLimitCheck(ContainerType type, UINT32 *containerCount); + +UINT32 OsSetContainerLimit(ContainerType type, UINT32 value); + +UINT32 OsGetContainerCount(ContainerType type); #endif #endif /* _LOS_CONTAINER_PRI_H */ diff --git a/kernel/base/include/los_ipc_container_pri.h b/kernel/base/include/los_ipc_container_pri.h index 01593d4d..42ccbf3e 100644 --- a/kernel/base/include/los_ipc_container_pri.h +++ b/kernel/base/include/los_ipc_container_pri.h @@ -72,6 +72,8 @@ UINT32 OsGetIpcContainerID(IpcContainer *ipcContainer); IpcContainer *OsGetCurrIpcContainer(VOID); +UINT32 OsGetIpcContainerCount(VOID); + #define IPC_ALL_QUEUE (OsGetCurrIpcContainer()->allQueue) #define FREE_QUEUE_LIST (OsGetCurrIpcContainer()->freeQueueList) diff --git a/kernel/base/include/los_mnt_container_pri.h b/kernel/base/include/los_mnt_container_pri.h index c2cb7dc5..f604c69c 100644 --- a/kernel/base/include/los_mnt_container_pri.h +++ b/kernel/base/include/los_mnt_container_pri.h @@ -61,5 +61,6 @@ VOID OsMntContainerDestroy(struct Container *container); UINT32 OsGetMntContainerID(MntContainer *mntContainer); +UINT32 OsGetMntContainerCount(VOID); #endif #endif diff --git a/kernel/base/include/los_pid_container_pri.h b/kernel/base/include/los_pid_container_pri.h index bad7994d..cc047e68 100644 --- a/kernel/base/include/los_pid_container_pri.h +++ b/kernel/base/include/los_pid_container_pri.h @@ -106,4 +106,6 @@ UINT32 OsAllocVtid(LosTaskCB *taskCB, const LosProcessCB *processCB); UINT32 OsGetPidContainerID(PidContainer *pidContainer); BOOL OsPidContainerProcessParentIsRealParent(const LosProcessCB *processCB, const LosProcessCB *curr); + +UINT32 OsGetPidContainerCount(VOID); #endif /* _LOS_PID_CONTAINER_PRI_H */ diff --git a/kernel/base/include/los_time_container_pri.h b/kernel/base/include/los_time_container_pri.h index f96fe2c6..6798580b 100644 --- a/kernel/base/include/los_time_container_pri.h +++ b/kernel/base/include/los_time_container_pri.h @@ -62,6 +62,8 @@ UINT32 OsGetTimeContainerMonotonic(LosProcessCB *processCB, struct timespec64 *o UINT32 OsSetTimeContainerMonotonic(LosProcessCB *processCB, struct timespec64 *offsets); +UINT32 OsGetTimeContainerCount(VOID); + #define CLOCK_MONOTONIC_TIME_BASE (OsGetCurrTimeContainer()->monotonic) #endif diff --git a/kernel/base/include/los_user_container_pri.h b/kernel/base/include/los_user_container_pri.h index bdc38904..a073599b 100644 --- a/kernel/base/include/los_user_container_pri.h +++ b/kernel/base/include/los_user_container_pri.h @@ -76,5 +76,7 @@ UINT32 OsMakeKgid(UserContainer *userContainer, UINT32 gid); INT32 OsUserContainerMapWrite(struct ProcFile *fp, CHAR *buf, size_t count, INT32 capSetid, UidGidMap *map, UidGidMap *parentMap); + +UINT32 OsGetUserContainerCount(VOID); #endif #endif diff --git a/kernel/base/include/los_uts_container_pri.h b/kernel/base/include/los_uts_container_pri.h index f21f2092..5642286c 100644 --- a/kernel/base/include/los_uts_container_pri.h +++ b/kernel/base/include/los_uts_container_pri.h @@ -60,5 +60,6 @@ struct utsname *OsGetCurrUtsName(VOID); UINT32 OsGetUtsContainerID(UtsContainer *utsContainer); +UINT32 OsGetUtsContainerCount(VOID); #endif #endif /* _LOS_UTS_CONTAINER_PRI_H */ diff --git a/kernel/common/los_config.h b/kernel/common/los_config.h index 98fe3aef..f06ae174 100644 --- a/kernel/common/los_config.h +++ b/kernel/common/los_config.h @@ -389,6 +389,14 @@ extern UINT32 __heap_end; #define VERSION_NUM(a, b, c, d) (((a) << 24) | ((b) << 16) | (c) << 8 | (d)) #define KERNEL_OPEN_VERSION_NUM VERSION_NUM(KERNEL_MAJOR, KERNEL_MINOR, KERNEL_PATCH, KERNEL_ITRE) +/** + * @ingroup los_config + * The container limit + */ +#ifndef LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT +#define LOSCFG_KERNEL_CONTAINER_DEFAULT_LIMIT 10 +#endif + /****************************** Exception information configuration ******************************/ #ifdef LOSCFG_SAVE_EXCINFO /** diff --git a/testsuites/unittest/container/It_container_test.cpp b/testsuites/unittest/container/It_container_test.cpp index 296228b6..dffb215d 100644 --- a/testsuites/unittest/container/It_container_test.cpp +++ b/testsuites/unittest/container/It_container_test.cpp @@ -88,6 +88,63 @@ int WaitChild(pid_t pid, int *status, int errNo1, int errNo2) return 0; } +int ReadFile(const char *filepath, char *buf) +{ + FILE *fpid = nullptr; + fpid = fopen(filepath, "r"); + if (fpid == nullptr) { + return -1; + } + size_t trd = fread(buf, 1, 512, fpid); + (void)fclose(fpid); + return trd; +} + +int WriteFile(const char *filepath, const char *buf) +{ + int fd = open(filepath, O_WRONLY); + if (fd == -1) { + return -1; + } + size_t twd = write(fd, buf, strlen(buf)); + if (twd == -1) { + (void)close(fd); + return -1; + } + (void)close(fd); + return twd; +} + +int GetLine(char *buf, int count, int maxLen, char **array) +{ + char *head = buf; + char *tail = buf; + char index = 0; + if ((buf == NULL) || (strlen(buf) == 0)) { + return 0; + } + while (*tail != '\0') { + if (*tail != '\n') { + tail++; + continue; + } + if (index >= count) { + return index + 1; + } + + array[index] = head; + index++; + *tail = '\0'; + if (strlen(head) > maxLen) { + return index + 1; + } + tail++; + head = tail; + tail++; + } + return (index + 1); +} + std::string GenContainerLinkPath(int pid, const std::string& containerType) { std::ostringstream buf; @@ -125,6 +182,79 @@ HWTEST_F(ContainerTest, ItContainer001, TestSize.Level0) ItContainer001(); } +#if defined(LOSCFG_USER_TEST_USER_CONTAINER) +/** +* @tc.name: Container_UTS_Test_001 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6EC0A +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUserContainer001, TestSize.Level0) +{ + ItUserContainer001(); +} + +/** +* @tc.name: Container_UTS_Test_002 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6EC0A +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUserContainer002, TestSize.Level0) +{ + ItUserContainer002(); +} + +/** +* @tc.name: Container_UTS_Test_003 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6EC0A +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUserContainer003, TestSize.Level0) +{ + ItUserContainer003(); +} + +/** +* @tc.name: Container_UTS_Test_004 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6EC0A +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUserContainer004, TestSize.Level0) +{ + ItUserContainer004(); +} + +/** +* @tc.name: Container_UTS_Test_006 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUserContainer006, TestSize.Level0) +{ + ItUserContainer006(); +} + +/** +* @tc.name: Container_UTS_Test_007 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUserContainer007, TestSize.Level0) +{ + ItUserContainer007(); +} +#endif #if defined(LOSCFG_USER_TEST_PID_CONTAINER) /** * @tc.name: Container_Pid_Test_023 @@ -221,6 +351,30 @@ HWTEST_F(ContainerTest, ItPidContainer031, TestSize.Level0) { ItPidContainer031(); } + +/** +* @tc.name: Container_Pid_Test_032 +* @tc.desc: pid container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItPidContainer032, TestSize.Level0) +{ + ItPidContainer032(); +} + +/** +* @tc.name: Container_Pid_Test_033 +* @tc.desc: pid container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItPidContainer033, TestSize.Level0) +{ + ItPidContainer033(); +} #endif #if defined(LOSCFG_USER_TEST_UTS_CONTAINER) /** @@ -282,6 +436,30 @@ HWTEST_F(ContainerTest, ItUtsContainer006, TestSize.Level0) { ItUtsContainer006(); } + +/** +* @tc.name: Container_UTS_Test_007 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUtsContainer007, TestSize.Level0) +{ + ItUtsContainer007(); +} + +/** +* @tc.name: Container_UTS_Test_008 +* @tc.desc: uts container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItUtsContainer008, TestSize.Level0) +{ + ItUtsContainer008(); +} #endif #if defined(LOSCFG_USER_TEST_MNT_CONTAINER) @@ -381,6 +559,30 @@ HWTEST_F(ContainerTest, ItMntContainer008, TestSize.Level0) ItMntContainer008(); } +/** +* @tc.name: Container_MNT_Test_009 +* @tc.desc: mnt container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItMntContainer009, TestSize.Level0) +{ + ItMntContainer009(); +} + +/** +* @tc.name: Container_MNT_Test_010 +* @tc.desc: mnt container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItMntContainer010, TestSize.Level0) +{ + ItMntContainer010(); +} + /** * @tc.name: chroot_Test_001 * @tc.desc: chroot function test case @@ -478,6 +680,30 @@ HWTEST_F(ContainerTest, ItIpcContainer006, TestSize.Level0) { ItIpcContainer006(); } + +/** +* @tc.name: Container_IPC_Test_007 +* @tc.desc: ipc container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItIpcContainer007, TestSize.Level0) +{ + ItIpcContainer007(); +} + +/** +* @tc.name: Container_IPC_Test_008 +* @tc.desc: ipc container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItIpcContainer008, TestSize.Level0) +{ + ItIpcContainer008(); +} #endif #if defined(LOSCFG_USER_TEST_TIME_CONTAINER) @@ -541,6 +767,18 @@ HWTEST_F(ContainerTest, ItTimeContainer005, TestSize.Level0) ItTimeContainer005(); } +/** +* @tc.name: Container_TIME_Test_006 +* @tc.desc: time container function test case +* @tc.type: FUNC +* @tc.require: issueI6HDQK +* @tc.author: +*/ +HWTEST_F(ContainerTest, ItTimeContainer006, TestSize.Level0) +{ + ItTimeContainer006(); +} + /* * @tc.name: Container_TIME_Test_007 * @tc.desc: time container function test case @@ -589,55 +827,6 @@ HWTEST_F(ContainerTest, ItTimeContainer010, TestSize.Level0) ItTimeContainer010(); } #endif -#if defined(LOSCFG_USER_TEST_USER_CONTAINER) -/** -* @tc.name: Container_UTS_Test_001 -* @tc.desc: uts container function test case -* @tc.type: FUNC -* @tc.require: issueI6EC0A -* @tc.author: -*/ -HWTEST_F(ContainerTest, ItUserContainer001, TestSize.Level0) -{ - ItUserContainer001(); -} - -/** -* @tc.name: Container_UTS_Test_002 -* @tc.desc: uts container function test case -* @tc.type: FUNC -* @tc.require: issueI6EC0A -* @tc.author: -*/ -HWTEST_F(ContainerTest, ItUserContainer002, TestSize.Level0) -{ - ItUserContainer002(); -} - -/** -* @tc.name: Container_UTS_Test_003 -* @tc.desc: uts container function test case -* @tc.type: FUNC -* @tc.require: issueI6EC0A -* @tc.author: -*/ -HWTEST_F(ContainerTest, ItUserContainer003, TestSize.Level0) -{ - ItUserContainer003(); -} - -/** -* @tc.name: Container_UTS_Test_004 -* @tc.desc: uts container function test case -* @tc.type: FUNC -* @tc.require: issueI6EC0A -* @tc.author: -*/ -HWTEST_F(ContainerTest, ItUserContainer004, TestSize.Level0) -{ - ItUserContainer004(); -} -#endif #endif /* LOSCFG_USER_TEST_SMOKE */ #if defined(LOSCFG_USER_TEST_FULL) diff --git a/testsuites/unittest/container/It_container_test.h b/testsuites/unittest/container/It_container_test.h index 49e40414..0da1c6be 100644 --- a/testsuites/unittest/container/It_container_test.h +++ b/testsuites/unittest/container/It_container_test.h @@ -91,6 +91,10 @@ extern "C" { #define CLONE_NEWTIME 0x00000080 } +int WriteFile(const char *filepath, const char *buf); +int ReadFile(const char *filepath, char *buf); +int GetLine(char *buf, int count, int maxLen, char **array); + int ChildFunction(void *args); pid_t CloneWrapper(int (*func)(void *), int flag, void *args); @@ -142,11 +146,11 @@ void ItUserContainer002(void); void ItUserContainer003(void); void ItUserContainer004(void); void ItUserContainer005(void); -#if defined(LOSCFG_USER_TEST_SMOKE) +void ItUserContainer006(void); +void ItUserContainer007(void); void ItContainer001(void); void ItContainerChroot001(void); void ItContainerChroot002(void); -#if defined(LOSCFG_USER_TEST_PID_CONTAINER) void ItPidContainer023(void); void ItPidContainer025(void); void ItPidContainer026(void); @@ -155,15 +159,15 @@ void ItPidContainer028(void); void ItPidContainer029(void); void ItPidContainer030(void); void ItPidContainer031(void); -#endif -#if defined(LOSCFG_USER_TEST_UTS_CONTAINER) +void ItPidContainer032(void); +void ItPidContainer033(void); void ItUtsContainer001(void); void ItUtsContainer002(void); void ItUtsContainer004(void); void ItUtsContainer005(void); void ItUtsContainer006(void); -#endif -#if defined(LOSCFG_USER_TEST_MNT_CONTAINER) +void ItUtsContainer007(void); +void ItUtsContainer008(void); void ItMntContainer001(void); void ItMntContainer002(void); void ItMntContainer003(void); @@ -172,16 +176,16 @@ void ItMntContainer005(void); void ItMntContainer006(void); void ItMntContainer007(void); void ItMntContainer008(void); -#endif -#if defined(LOSCFG_USER_TEST_IPC_CONTAINER) +void ItMntContainer009(void); +void ItMntContainer010(void); void ItIpcContainer001(void); void ItIpcContainer002(void); void ItIpcContainer003(void); void ItIpcContainer004(void); void ItIpcContainer005(void); void ItIpcContainer006(void); -#endif -#if defined(LOSCFG_USER_TEST_TIME_CONTAINER) +void ItIpcContainer007(void); +void ItIpcContainer008(void); void ItTimeContainer001(void); void ItTimeContainer002(void); void ItTimeContainer003(void); @@ -192,11 +196,6 @@ void ItTimeContainer007(void); void ItTimeContainer008(void); void ItTimeContainer009(void); void ItTimeContainer010(void); -#endif -#endif - -#if defined(LOSCFG_USER_TEST_FULL) -#if defined(LOSCFG_USER_TEST_PID_CONTAINER) void ItPidContainer001(void); void ItPidContainer002(void); void ItPidContainer003(void); @@ -220,10 +219,6 @@ void ItPidContainer020(void); void ItPidContainer021(void); void ItPidContainer022(void); void ItPidContainer024(void); -#endif -#if defined(LOSCFG_USER_TEST_UTS_CONTAINER) void ItUtsContainer003(void); -#endif -#endif #endif /* _IT_CONTAINER_TEST_H */ diff --git a/testsuites/unittest/container/config.gni b/testsuites/unittest/container/config.gni index a0b0cba1..160a05ba 100644 --- a/testsuites/unittest/container/config.gni +++ b/testsuites/unittest/container/config.gni @@ -50,6 +50,8 @@ if (defined(LOSCFG_USER_TEST_PID_CONTAINER)) { "$TEST_UNITTEST_DIR/container/smoke/It_pid_container_029.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_pid_container_030.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_pid_container_031.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_pid_container_032.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_pid_container_033.cpp", ] sources_full += [ "$TEST_UNITTEST_DIR/container/full/It_pid_container_001.cpp", @@ -84,6 +86,8 @@ if (defined(LOSCFG_USER_TEST_UTS_CONTAINER)) { "$TEST_UNITTEST_DIR/container/smoke/It_uts_container_004.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_uts_container_005.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_uts_container_006.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_uts_container_007.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_uts_container_008.cpp", ] sources_full += [ "$TEST_UNITTEST_DIR/container/full/It_uts_container_003.cpp" ] @@ -100,6 +104,8 @@ if (defined(LOSCFG_USER_TEST_MNT_CONTAINER)) { "$TEST_UNITTEST_DIR/container/smoke/It_mnt_container_006.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_mnt_container_007.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_mnt_container_008.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_mnt_container_009.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_mnt_container_010.cpp", ] } @@ -111,6 +117,8 @@ if (defined(LOSCFG_USER_TEST_IPC_CONTAINER)) { "$TEST_UNITTEST_DIR/container/smoke/It_ipc_container_004.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_ipc_container_005.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_ipc_container_006.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_ipc_container_007.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_ipc_container_008.cpp", ] } @@ -135,6 +143,8 @@ if (defined(LOSCFG_USER_TEST_USER_CONTAINER)) { "$TEST_UNITTEST_DIR/container/smoke/It_user_container_002.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_user_container_003.cpp", "$TEST_UNITTEST_DIR/container/smoke/It_user_container_004.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_user_container_006.cpp", + "$TEST_UNITTEST_DIR/container/smoke/It_user_container_007.cpp", ] sources_full += [ "$TEST_UNITTEST_DIR/container/full/It_user_container_005.cpp" ] diff --git a/testsuites/unittest/container/full/It_pid_container_024.cpp b/testsuites/unittest/container/full/It_pid_container_024.cpp index d8f3b70e..1a64c7ba 100644 --- a/testsuites/unittest/container/full/It_pid_container_024.cpp +++ b/testsuites/unittest/container/full/It_pid_container_024.cpp @@ -33,13 +33,11 @@ #include "pthread.h" #include "sched.h" -const int SLEEP_TIME_US = 1000; -const int LOOP_NUM = 1000; +const int LOOP_NUM = 100; static int ChildFunc(void *arg) { (void)arg; - usleep(SLEEP_TIME_US); exit(EXIT_CODE_ERRNO_5); } @@ -61,6 +59,7 @@ static int GroupProcess(void *arg) if (status != EXIT_CODE_ERRNO_5) { return EXIT_CODE_ERRNO_2; } + usleep(10000); } exit(EXIT_CODE_ERRNO_5); diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_020.cpp b/testsuites/unittest/container/smoke/It_ipc_container_007.cpp similarity index 58% rename from testsuites/unittest/process/fs/smoke/It_process_fs_020.cpp rename to testsuites/unittest/container/smoke/It_ipc_container_007.cpp index 41fdac5a..76e3f114 100644 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_020.cpp +++ b/testsuites/unittest/container/smoke/It_ipc_container_007.cpp @@ -29,12 +29,13 @@ */ #include -#include "It_process_fs_test.h" +#include "It_container_test.h" static int const configLen = 16; -static int const invalidNum = 2; -static const int CHILD_FUNC_ARG = 0x2088; -const int STACK_SIZE = (1024 * 1024); +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; static int childFunc(void *arg) { @@ -44,32 +45,56 @@ static int childFunc(void *arg) return 0; } -void ItProcessFs020(void) +void ItIpcContainer007(void) { - std::string path = "/proc/sys/user/max_net_container"; - int fd = open(path.c_str(), O_WRONLY); - ASSERT_NE(fd, -1); + std::string path = "/proc/sys/user/max_ipc_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; - char buf[configLen]; - size_t ret = sprintf_s(buf, configLen, "%d", invalidNum); - ASSERT_GT(ret, 0); - ret = write(fd, buf, (strlen(buf) + 1)); + int ret = ReadFile(path.c_str(), buf); ASSERT_NE(ret, -1); - int arg = CHILD_FUNC_ARG; + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0); ASSERT_NE(stack, nullptr); char *stackTop = stack + STACK_SIZE; - auto pid = clone(childFunc, stackTop, CLONE_NEWNET, &arg); - ASSERT_NE(pid, -1); - pid = clone(childFunc, stackTop, CLONE_NEWNET, &arg); - ASSERT_NE(pid, -1); + auto pid1 = clone(childFunc, stackTop, CLONE_NEWIPC, NULL); + ASSERT_NE(pid1, -1); + + auto pid2 = clone(childFunc, stackTop, CLONE_NEWIPC, NULL); + ASSERT_EQ(pid2, -1); + + ret = waitpid(pid1, NULL, 0); + ASSERT_EQ(ret, pid1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - pid = clone(childFunc, stackTop, CLONE_NEWNET, &arg); - ASSERT_EQ(pid, -1); + GetLine(buf, g_arryLen, g_readLen, array); - (void)close(fd); + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); } diff --git a/testsuites/unittest/container/smoke/It_ipc_container_008.cpp b/testsuites/unittest/container/smoke/It_ipc_container_008.cpp new file mode 100644 index 00000000..27b08583 --- /dev/null +++ b/testsuites/unittest/container/smoke/It_ipc_container_008.cpp @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of + * conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list + * of conditions and the following disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include "It_container_test.h" + +static int const configLen = 16; +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; + +static int childFunc(void *arg) +{ + (void)arg; + + int ret = unshare(CLONE_NEWIPC); + if (ret != 0) { + return EXIT_CODE_ERRNO_1; + } + return 0; +} + +void ItIpcContainer008(void) +{ + std::string path = "/proc/sys/user/max_ipc_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; + int status = 0; + + int ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + ASSERT_NE(stack, nullptr); + char *stackTop = stack + STACK_SIZE; + + auto pid1 = clone(childFunc, stackTop, CLONE_NEWIPC, NULL); + ASSERT_NE(pid1, -1); + + ret = waitpid(pid1, &status, 0); + ASSERT_EQ(ret, pid1); + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + ret = WEXITSTATUS(status); + ASSERT_EQ(ret, EXIT_CODE_ERRNO_1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); +} diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_018.cpp b/testsuites/unittest/container/smoke/It_mnt_container_009.cpp similarity index 60% rename from testsuites/unittest/process/fs/smoke/It_process_fs_018.cpp rename to testsuites/unittest/container/smoke/It_mnt_container_009.cpp index 8241ba5b..3df5c82d 100644 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_018.cpp +++ b/testsuites/unittest/container/smoke/It_mnt_container_009.cpp @@ -29,12 +29,13 @@ */ #include -#include "It_process_fs_test.h" +#include "It_container_test.h" static int const configLen = 16; -static int const invalidNum = 2; -static const int CHILD_FUNC_ARG = 0x2088; -const int STACK_SIZE = (1024 * 1024); +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; static int childFunc(void *arg) { @@ -44,32 +45,56 @@ static int childFunc(void *arg) return 0; } -void ItProcessFs018(void) +void ItMntContainer009(void) { std::string path = "/proc/sys/user/max_mnt_container"; - int fd = open(path.c_str(), O_WRONLY); - ASSERT_NE(fd, -1); + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; - char buf[configLen]; - size_t ret = sprintf_s(buf, configLen, "%d", invalidNum); - ASSERT_GT(ret, 0); - ret = write(fd, buf, (strlen(buf) + 1)); + int ret = ReadFile(path.c_str(), buf); ASSERT_NE(ret, -1); - int arg = CHILD_FUNC_ARG; + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0); ASSERT_NE(stack, nullptr); char *stackTop = stack + STACK_SIZE; - auto pid = clone(childFunc, stackTop, CLONE_NEWNS, &arg); - ASSERT_NE(pid, -1); - pid = clone(childFunc, stackTop, CLONE_NEWNS, &arg); - ASSERT_NE(pid, -1); + auto pid1 = clone(childFunc, stackTop, CLONE_NEWNS, NULL); + ASSERT_NE(pid1, -1); + + auto pid2 = clone(childFunc, stackTop, CLONE_NEWNS, NULL); + ASSERT_EQ(pid2, -1); + + ret = waitpid(pid1, NULL, 0); + ASSERT_EQ(ret, pid1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - pid = clone(childFunc, stackTop, CLONE_NEWNS, &arg); - ASSERT_EQ(pid, -1); + GetLine(buf, g_arryLen, g_readLen, array); - (void)close(fd); + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); } diff --git a/testsuites/unittest/container/smoke/It_mnt_container_010.cpp b/testsuites/unittest/container/smoke/It_mnt_container_010.cpp new file mode 100644 index 00000000..ebcf3a90 --- /dev/null +++ b/testsuites/unittest/container/smoke/It_mnt_container_010.cpp @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of + * conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list + * of conditions and the following disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include "It_container_test.h" + +static int const configLen = 16; +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; + +static int childFunc(void *arg) +{ + (void)arg; + + int ret = unshare(CLONE_NEWNS); + if (ret != 0) { + return EXIT_CODE_ERRNO_1; + } + return 0; +} + +void ItMntContainer010(void) +{ + std::string path = "/proc/sys/user/max_mnt_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; + int status = 0; + + int ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + ASSERT_NE(stack, nullptr); + char *stackTop = stack + STACK_SIZE; + + auto pid1 = clone(childFunc, stackTop, CLONE_NEWNS, NULL); + ASSERT_NE(pid1, -1); + + ret = waitpid(pid1, &status, 0); + ASSERT_EQ(ret, pid1); + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + ret = WEXITSTATUS(status); + ASSERT_EQ(ret, EXIT_CODE_ERRNO_1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); +} diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_019.cpp b/testsuites/unittest/container/smoke/It_pid_container_032.cpp similarity index 60% rename from testsuites/unittest/process/fs/smoke/It_process_fs_019.cpp rename to testsuites/unittest/container/smoke/It_pid_container_032.cpp index ffd52a18..4ed7670e 100644 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_019.cpp +++ b/testsuites/unittest/container/smoke/It_pid_container_032.cpp @@ -29,12 +29,13 @@ */ #include -#include "It_process_fs_test.h" +#include "It_container_test.h" static int const configLen = 16; -static int const invalidNum = 2; -static const int CHILD_FUNC_ARG = 0x2088; -const int STACK_SIZE = (1024 * 1024); +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; static int childFunc(void *arg) { @@ -44,32 +45,56 @@ static int childFunc(void *arg) return 0; } -void ItProcessFs019(void) +void ItPidContainer032(void) { std::string path = "/proc/sys/user/max_pid_container"; - int fd = open(path.c_str(), O_WRONLY); - ASSERT_NE(fd, -1); + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; - char buf[configLen]; - size_t ret = sprintf_s(buf, configLen, "%d", invalidNum); - ASSERT_GT(ret, 0); - ret = write(fd, buf, (strlen(buf) + 1)); + int ret = ReadFile(path.c_str(), buf); ASSERT_NE(ret, -1); - int arg = CHILD_FUNC_ARG; + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0); ASSERT_NE(stack, nullptr); char *stackTop = stack + STACK_SIZE; - auto pid = clone(childFunc, stackTop, CLONE_NEWPID, &arg); - ASSERT_NE(pid, -1); - pid = clone(childFunc, stackTop, CLONE_NEWPID, &arg); - ASSERT_NE(pid, -1); + auto pid1 = clone(childFunc, stackTop, CLONE_NEWPID, NULL); + ASSERT_NE(pid1, -1); + + auto pid2 = clone(childFunc, stackTop, CLONE_NEWPID, NULL); + ASSERT_EQ(pid2, -1); + + ret = waitpid(pid1, NULL, 0); + ASSERT_EQ(ret, pid1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - pid = clone(childFunc, stackTop, CLONE_NEWPID, &arg); - ASSERT_EQ(pid, -1); + GetLine(buf, g_arryLen, g_readLen, array); - (void)close(fd); + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); } diff --git a/testsuites/unittest/container/smoke/It_pid_container_033.cpp b/testsuites/unittest/container/smoke/It_pid_container_033.cpp new file mode 100644 index 00000000..4eae6c73 --- /dev/null +++ b/testsuites/unittest/container/smoke/It_pid_container_033.cpp @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of + * conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list + * of conditions and the following disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include "It_container_test.h" + +static int const configLen = 16; +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; + +static int childFunc(void *arg) +{ + (void)arg; + + int ret = unshare(CLONE_NEWPID); + if (ret != 0) { + return EXIT_CODE_ERRNO_1; + } + return 0; +} + +void ItPidContainer033(void) +{ + std::string path = "/proc/sys/user/max_pid_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; + int status = 0; + + int ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + ASSERT_NE(stack, nullptr); + char *stackTop = stack + STACK_SIZE; + + auto pid1 = clone(childFunc, stackTop, CLONE_NEWPID, NULL); + ASSERT_NE(pid1, -1); + + ret = waitpid(pid1, &status, 0); + ASSERT_EQ(ret, pid1); + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + ret = WEXITSTATUS(status); + ASSERT_EQ(ret, EXIT_CODE_ERRNO_1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); +} diff --git a/testsuites/unittest/container/smoke/It_time_container_006.cpp b/testsuites/unittest/container/smoke/It_time_container_006.cpp index b9b7b8dd..2d2d6e1b 100644 --- a/testsuites/unittest/container/smoke/It_time_container_006.cpp +++ b/testsuites/unittest/container/smoke/It_time_container_006.cpp @@ -27,26 +27,85 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include #include "It_container_test.h" -const int MAX_TIME_CONTAINER = 64; -const int STR_LEN = 100; +static int const configLen = 16; +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; + +static int childFunc(void *arg) +{ + (void)arg; + + int ret = unshare(CLONE_NEWTIME); + if (ret != 0) { + return EXIT_CODE_ERRNO_1; + } + + ret = unshare(CLONE_NEWTIME); + if (ret != 0) { + return EXIT_CODE_ERRNO_2; + } + + return 0; +} void ItTimeContainer006(void) { - int ret; - char *fileName = "/proc/sys/user/max_time_container"; - FILE *fp = nullptr; - char strBuf[STR_LEN] = {0}; + std::string path = "/proc/sys/user/max_time_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; + int status = 0; + + int ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + ASSERT_NE(stack, nullptr); + char *stackTop = stack + STACK_SIZE; + + auto pid1 = clone(childFunc, stackTop, CLONE_NEWTIME, NULL); + ASSERT_NE(pid1, -1); + + ret = waitpid(pid1, &status, 0); + ASSERT_EQ(ret, pid1); + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + ret = WEXITSTATUS(status); + ASSERT_EQ(ret, EXIT_CODE_ERRNO_2); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); - fp = fopen(fileName, "rb"); - ASSERT_TRUE(fp != 0); + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - ret = fread(strBuf, 1, STR_LEN, fp); - ASSERT_TRUE(ret != -1); + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - ret = atoi(strBuf); - ASSERT_EQ(ret, MAX_TIME_CONTAINER); + GetLine(buf, g_arryLen, g_readLen, array); - (void)fclose(fp); + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); } diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_017.cpp b/testsuites/unittest/container/smoke/It_user_container_006.cpp similarity index 60% rename from testsuites/unittest/process/fs/smoke/It_process_fs_017.cpp rename to testsuites/unittest/container/smoke/It_user_container_006.cpp index ff2553cc..4aeb45dd 100644 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_017.cpp +++ b/testsuites/unittest/container/smoke/It_user_container_006.cpp @@ -29,12 +29,13 @@ */ #include -#include "It_process_fs_test.h" +#include "It_container_test.h" static int const configLen = 16; -static int const invalidNum = 2; -static const int CHILD_FUNC_ARG = 0x2088; -const int STACK_SIZE = (1024 * 1024); +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; static int childFunc(void *arg) { @@ -44,32 +45,56 @@ static int childFunc(void *arg) return 0; } -void ItProcessFs017(void) +void ItUserContainer006(void) { std::string path = "/proc/sys/user/max_user_container"; - int fd = open(path.c_str(), O_WRONLY); - ASSERT_NE(fd, -1); + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; - char buf[configLen]; - size_t ret = sprintf_s(buf, configLen, "%d", invalidNum); - ASSERT_GT(ret, 0); - ret = write(fd, buf, (strlen(buf) + 1)); + int ret = ReadFile(path.c_str(), buf); ASSERT_NE(ret, -1); - int arg = CHILD_FUNC_ARG; + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0); ASSERT_NE(stack, nullptr); char *stackTop = stack + STACK_SIZE; - auto pid = clone(childFunc, stackTop, CLONE_NEWUSER, &arg); - ASSERT_NE(pid, -1); - pid = clone(childFunc, stackTop, CLONE_NEWUSER, &arg); - ASSERT_NE(pid, -1); + auto pid1 = clone(childFunc, stackTop, CLONE_NEWUSER, NULL); + ASSERT_NE(pid1, -1); + + auto pid2 = clone(childFunc, stackTop, CLONE_NEWUSER, NULL); + ASSERT_EQ(pid2, -1); + + ret = waitpid(pid1, NULL, 0); + ASSERT_EQ(ret, pid1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - pid = clone(childFunc, stackTop, CLONE_NEWUSER, &arg); - ASSERT_EQ(pid, -1); + GetLine(buf, g_arryLen, g_readLen, array); - (void)close(fd); + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); } diff --git a/testsuites/unittest/container/smoke/It_user_container_007.cpp b/testsuites/unittest/container/smoke/It_user_container_007.cpp new file mode 100644 index 00000000..f66c16d7 --- /dev/null +++ b/testsuites/unittest/container/smoke/It_user_container_007.cpp @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of + * conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list + * of conditions and the following disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include "It_container_test.h" + +static int const configLen = 16; +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; + +static int childFunc(void *arg) +{ + (void)arg; + + int ret = unshare(CLONE_NEWUSER); + if (ret != 0) { + return EXIT_CODE_ERRNO_1; + } + return 0; +} + +void ItUserContainer007(void) +{ + std::string path = "/proc/sys/user/max_user_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; + int status = 0; + + int ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + ASSERT_NE(stack, nullptr); + char *stackTop = stack + STACK_SIZE; + + auto pid1 = clone(childFunc, stackTop, CLONE_NEWUSER, NULL); + ASSERT_NE(pid1, -1); + + ret = waitpid(pid1, &status, 0); + ASSERT_EQ(ret, pid1); + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + ret = WEXITSTATUS(status); + ASSERT_EQ(ret, EXIT_CODE_ERRNO_1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); +} diff --git a/testsuites/unittest/container/smoke/It_uts_container_005.cpp b/testsuites/unittest/container/smoke/It_uts_container_005.cpp index 537a9f2e..e9f4a7b8 100644 --- a/testsuites/unittest/container/smoke/It_uts_container_005.cpp +++ b/testsuites/unittest/container/smoke/It_uts_container_005.cpp @@ -38,54 +38,83 @@ static int ChildFun(void *p) return EXIT_CODE_ERRNO_3; } -void ItUtsContainer005(void) +static int UtsContainerTest(void *arg) { + (void)arg; pid_t callerPid; int childPid; int fd = -1; - int ret; - int status; - int setFlag; + int ret, status, setFlag; char targetpath[100]; - char old_uts_link[100]; - char new_uts_link[100]; const char *containerType = "uts"; callerPid = getpid(); childPid = clone(ChildFun, NULL, CLONE_NEWUTS | SIGCHLD, NULL); - ASSERT_NE(childPid, -1); + if (childPid == -1) { + return EXIT_CODE_ERRNO_1; + } - auto linkBuffer = ReadlinkContainer(callerPid, containerType); - ASSERT_TRUE(linkBuffer.c_str() != NULL); - ret = sprintf_s(old_uts_link, sizeof(old_uts_link), "%s", linkBuffer.c_str()); - ASSERT_NE(ret, -1); + auto linkBuffer1 = ReadlinkContainer(callerPid, containerType); + if (linkBuffer1.c_str() == NULL) { + return EXIT_CODE_ERRNO_2; + } ret = sprintf_s(targetpath, sizeof(targetpath), "/proc/%d/container/uts", childPid); - ASSERT_NE(ret, -1); + if (ret == -1) { + return EXIT_CODE_ERRNO_4; + } + fd = open(targetpath, O_RDONLY | O_CLOEXEC); - ASSERT_NE(fd, -1); + if (fd == -1) { + return EXIT_CODE_ERRNO_5; + } setFlag = CLONE_NEWUTS; ret = setns(fd, setFlag); - ASSERT_NE(ret, -1); + (void)close(fd); + if (ret == -1) { + return EXIT_CODE_ERRNO_6; + } - /* NOTE: close fd, otherwise test fail */ - ret = close(fd); - fd = -1; - ASSERT_NE(ret, -1); + auto linkBuffer2 = ReadlinkContainer(callerPid, containerType); - linkBuffer = ReadlinkContainer(callerPid, containerType); - - ret = sprintf_s(new_uts_link, sizeof(new_uts_link), "%s", linkBuffer.c_str()); - ASSERT_NE(ret, -1); - ASSERT_STRNE(old_uts_link, new_uts_link); + ret = linkBuffer2.compare(linkBuffer1); + if (ret == 0) { + return EXIT_CODE_ERRNO_7; + } ret = waitpid(childPid, &status, 0); - ASSERT_EQ(ret, childPid); + if (ret != childPid) { + return EXIT_CODE_ERRNO_8; + } int exitCode = WEXITSTATUS(status); - ASSERT_EQ(exitCode, EXIT_CODE_ERRNO_3); + if (exitCode != EXIT_CODE_ERRNO_3) { + return EXIT_CODE_ERRNO_9; + } ret = setns(fd, setFlag); - ASSERT_EQ(ret, -1); + if (ret != -1) { + return EXIT_CODE_ERRNO_10; + } + return 0; +} + +void ItUtsContainer005(void) +{ + int ret; + + int arg = CHILD_FUNC_ARG; + auto pid = CloneWrapper(UtsContainerTest, CLONE_NEWUTS, &arg); + ASSERT_NE(pid, -1); + + int status; + ret = waitpid(pid, &status, 0); + ASSERT_EQ(ret, pid); + + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + + int exitCode = WEXITSTATUS(status); + ASSERT_EQ(exitCode, 0); } diff --git a/testsuites/unittest/container/smoke/It_uts_container_006.cpp b/testsuites/unittest/container/smoke/It_uts_container_006.cpp index d5f3b8e5..d7bf8d0f 100644 --- a/testsuites/unittest/container/smoke/It_uts_container_006.cpp +++ b/testsuites/unittest/container/smoke/It_uts_container_006.cpp @@ -29,35 +29,70 @@ */ #include "It_container_test.h" -void ItUtsContainer006(void) +static int UtsContainerTest(void *arg) { + (void)arg; std::string containerType = "uts"; int parentPid = getpid(); auto parentlink = ReadlinkContainer(parentPid, containerType); int childsPid = CloneWrapper(ChildFunction, CLONE_NEWUTS, NULL); - ASSERT_NE(childsPid, -1); + if (childsPid == -1) { + return EXIT_CODE_ERRNO_1; + } auto childlink = ReadlinkContainer(childsPid, containerType); std::string filePath = GenContainerLinkPath(childsPid, containerType); int fd = open(filePath.c_str(), O_RDONLY); - ASSERT_NE(fd, -1); + if (fd == -1) { + return EXIT_CODE_ERRNO_2; + } int ret = setns(fd, CLONE_NEWUTS); - ASSERT_NE(ret, -1); (void)close(fd); + if (ret == -1) { + return EXIT_CODE_ERRNO_3; + } auto parentlink1 = ReadlinkContainer(parentPid, containerType); ret = parentlink.compare(parentlink1); - ASSERT_NE(ret, 0); + if (ret == 0) { + return EXIT_CODE_ERRNO_4; + } ret = parentlink1.compare(childlink); - ASSERT_EQ(ret, 0); + if (ret != 0) { + return EXIT_CODE_ERRNO_5; + } int status; ret = waitpid(childsPid, &status, 0); - ASSERT_EQ(ret, childsPid); + if (ret != childsPid) { + return EXIT_CODE_ERRNO_6; + } + + int exitCode = WEXITSTATUS(status); + if (exitCode != 0) { + return EXIT_CODE_ERRNO_7; + } + return 0; +} + +void ItUtsContainer006(void) +{ + int ret; + + int arg = CHILD_FUNC_ARG; + auto pid = CloneWrapper(UtsContainerTest, CLONE_NEWUTS, &arg); + ASSERT_NE(pid, -1); + + int status; + ret = waitpid(pid, &status, 0); + ASSERT_EQ(ret, pid); + + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); int exitCode = WEXITSTATUS(status); ASSERT_EQ(exitCode, 0); diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_016.cpp b/testsuites/unittest/container/smoke/It_uts_container_007.cpp similarity index 59% rename from testsuites/unittest/process/fs/smoke/It_process_fs_016.cpp rename to testsuites/unittest/container/smoke/It_uts_container_007.cpp index 7f67c27e..2e7bb30f 100644 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_016.cpp +++ b/testsuites/unittest/container/smoke/It_uts_container_007.cpp @@ -29,12 +29,13 @@ */ #include -#include "It_process_fs_test.h" +#include "It_container_test.h" static int const configLen = 16; -static int const invalidNum = 2; -static const int CHILD_FUNC_ARG = 0x2088; -const int STACK_SIZE = (1024 * 1024); +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; static int childFunc(void *arg) { @@ -44,31 +45,56 @@ static int childFunc(void *arg) return 0; } -void ItProcessFs016(void) +void ItUtsContainer007(void) { std::string path = "/proc/sys/user/max_uts_container"; - int fd = open(path.c_str(), O_WRONLY); - ASSERT_NE(fd, -1); + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; - char buf[configLen]; - (void)sprintf(buf, "%d", invalidNum); - size_t ret = write(fd, buf, (strlen(buf) + 1)); + int ret = ReadFile(path.c_str(), buf); ASSERT_NE(ret, -1); - int arg = CHILD_FUNC_ARG; + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0); ASSERT_NE(stack, nullptr); char *stackTop = stack + STACK_SIZE; - auto pid = clone(childFunc, stackTop, CLONE_NEWUTS, &arg); - ASSERT_NE(pid, -1); - pid = clone(childFunc, stackTop, CLONE_NEWUTS, &arg); - ASSERT_NE(pid, -1); + auto pid1 = clone(childFunc, stackTop, CLONE_NEWUTS, NULL); + ASSERT_NE(pid1, -1); + + auto pid2 = clone(childFunc, stackTop, CLONE_NEWUTS, NULL); + ASSERT_EQ(pid2, -1); + + ret = waitpid(pid1, NULL, 0); + ASSERT_EQ(ret, pid1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); - pid = clone(childFunc, stackTop, CLONE_NEWUTS, &arg); - ASSERT_EQ(pid, -1); + GetLine(buf, g_arryLen, g_readLen, array); - (void)close(fd); + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); } diff --git a/testsuites/unittest/container/smoke/It_uts_container_008.cpp b/testsuites/unittest/container/smoke/It_uts_container_008.cpp new file mode 100644 index 00000000..d5cc7c34 --- /dev/null +++ b/testsuites/unittest/container/smoke/It_uts_container_008.cpp @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of + * conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list + * of conditions and the following disclaimer in the documentation and/or other materials + * provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include "It_container_test.h" + +static int const configLen = 16; +static const int MAX_CONTAINER = 10; +static const int g_buffSize = 512; +static const int g_arryLen = 4; +static const int g_readLen = 254; + +static int childFunc(void *arg) +{ + (void)arg; + + int ret = unshare(CLONE_NEWUTS); + if (ret != 0) { + return EXIT_CODE_ERRNO_1; + } + return 0; +} + +void ItUtsContainer008(void) +{ + std::string path = "/proc/sys/user/max_uts_container"; + char *array[g_arryLen] = { nullptr }; + char buf[g_buffSize] = { 0 }; + int status = 0; + + int ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + int value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); + + int usedCount = atoi(array[2] + strlen("count: ")); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", usedCount + 1); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + char *stack = (char *)mmap(nullptr, STACK_SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + ASSERT_NE(stack, nullptr); + char *stackTop = stack + STACK_SIZE; + + auto pid1 = clone(childFunc, stackTop, CLONE_NEWUTS, NULL); + ASSERT_NE(pid1, -1); + + ret = waitpid(pid1, &status, 0); + ASSERT_EQ(ret, pid1); + ret = WIFEXITED(status); + ASSERT_NE(ret, 0); + ret = WEXITSTATUS(status); + ASSERT_EQ(ret, EXIT_CODE_ERRNO_1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = sprintf_s(buf, configLen, "%d", value); + ASSERT_GT(ret, 0); + + ret = WriteFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + (void)memset_s(buf, configLen, 0, configLen); + ret = ReadFile(path.c_str(), buf); + ASSERT_NE(ret, -1); + + GetLine(buf, g_arryLen, g_readLen, array); + + value = atoi(array[1] + strlen("limit: ")); + ASSERT_EQ(value, MAX_CONTAINER); +} diff --git a/testsuites/unittest/process/fs/config.gni b/testsuites/unittest/process/fs/config.gni index 13af27aa..5978495b 100644 --- a/testsuites/unittest/process/fs/config.gni +++ b/testsuites/unittest/process/fs/config.gni @@ -51,7 +51,6 @@ process_fs_sources_smoke = [ "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_003.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_004.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_005.cpp", - "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_006.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_007.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_008.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_009.cpp", @@ -61,11 +60,6 @@ process_fs_sources_smoke = [ "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_013.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_014.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_015.cpp", - "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_016.cpp", - "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_017.cpp", - "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_018.cpp", - "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_019.cpp", - "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_020.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_021.cpp", "$TEST_UNITTEST_DIR/process/fs/smoke/It_process_fs_022.cpp", ] diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_002.cpp b/testsuites/unittest/process/fs/smoke/It_process_fs_002.cpp index 2b3bd3a6..d558aff9 100644 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_002.cpp +++ b/testsuites/unittest/process/fs/smoke/It_process_fs_002.cpp @@ -41,12 +41,9 @@ void ItProcessFs002(void) ASSERT_NE(fp, nullptr); int ret = fread(szStatBuf, 1, LEN_BUFF, fp); - PrintTest("cat /proc/meminfo\n"); - PrintTest("%s\n", szStatBuf); - ASSERT_EQ(ret, strlen(szStatBuf)); + (void)fclose(fp); + ASSERT_NE(ret, -1); char *res = strstr(szStatBuf, "UsedSize"); ASSERT_NE(res, nullptr); - - (void)fclose(fp); } diff --git a/testsuites/unittest/process/fs/smoke/It_process_fs_006.cpp b/testsuites/unittest/process/fs/smoke/It_process_fs_006.cpp deleted file mode 100644 index 2610f27d..00000000 --- a/testsuites/unittest/process/fs/smoke/It_process_fs_006.cpp +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 2023-2023 Huawei Device Co., Ltd. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without modification, - * are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, this list of - * conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright notice, this list - * of conditions and the following disclaimer in the documentation and/or other materials - * provided with the distribution. - * - * 3. Neither the name of the copyright holder nor the names of its contributors may be used - * to endorse or promote products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, - * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; - * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include "It_process_fs_test.h" - -static int const maxContainerNum = 5; -static int const configLen = 16; -static int nInitArry[maxContainerNum] = {61, 54, 49, 44, 41}; - -static std::string arryEntries[maxContainerNum] = { - "max_mnt_container", - "max_pid_container", - "max_user_container", - "max_net_container", - "max_uts_container" -}; - -static void WriteContainer(const char *filepath, int value) -{ - PrintTest("writeproc %d >> %s\n", value, filepath); - int fd = open(filepath, O_WRONLY); - ASSERT_NE(fd, -1); - char buf[configLen]; - size_t twd = sprintf_s(buf, configLen, "%d", value); - ASSERT_GT(twd, 0); - twd = write(fd, buf, (strlen(buf)+1)); - ASSERT_EQ(twd, -1); - (void)close(fd); -} - -static void ReadContainer(std::string strFile, int value) -{ - char szStatBuf[configLen]; - FILE *fp = fopen(strFile.c_str(), "rb"); - ASSERT_NE(fp, nullptr); - - int ret; - (void)memset_s(szStatBuf, configLen, 0, configLen); - ret = fread(szStatBuf, 1, configLen, fp); - ASSERT_NE(ret, 0); - PrintTest("cat %s\n", strFile.c_str()); - - PrintTest("%s\n", szStatBuf); - ret = atoi(szStatBuf); - ASSERT_EQ(ret, value); - - (void)fclose(fp); -} - -static void ErrWriteContainer0(const char *filepath) -{ - int fd = open(filepath, O_WRONLY); - ASSERT_NE(fd, -1); - char buf[configLen]; - int invalidNum = 0; - size_t twd1 = sprintf_s(buf, configLen, "%d", invalidNum); - ASSERT_GT(twd1, 0); - PrintTest("writeproc %d >> %s\n", invalidNum, filepath); - twd1 = write(fd, buf, (strlen(buf)+1)); - (void)close(fd); - ASSERT_EQ(twd1, -1); -} - -static void ErrWriteContainer65(const char *filepath) -{ - int fd = open(filepath, O_WRONLY); - ASSERT_NE(fd, -1); - char buf[configLen]; - int invalidNum = 65; - size_t twd2 = sprintf_s(buf, configLen, "%d", invalidNum); - ASSERT_GT(twd2, 0); - PrintTest("writeproc %d >> %s\n", invalidNum, filepath); - twd2 = write(fd, buf, (strlen(buf)+1)); - (void)close(fd); - ASSERT_EQ(twd2, -1); -} - -void ItProcessFs006(void) -{ - const int CONFIG_FILE_LEN = 1024; - char szFile[CONFIG_FILE_LEN] = {0}; - for (int i = 0; i < maxContainerNum; i++) { - size_t count = sprintf_s(szFile, CONFIG_FILE_LEN, "/proc/sys/user/%s", arryEntries[i].c_str()); - ASSERT_GT(count, 0); - WriteContainer(szFile, nInitArry[i]); - ReadContainer(szFile, nInitArry[i]); - } - - for (int i = 0; i < maxContainerNum; i++) { - size_t count = sprintf_s(szFile, CONFIG_FILE_LEN, "/proc/sys/user/%s", arryEntries[i].c_str()); - ASSERT_GT(count, 0); - ErrWriteContainer0(szFile); - - ErrWriteContainer65(szFile); - } -} -- GitLab