/*
* Test sealing with open(/proc/self/fd/%d)
* Via /proc we can get access to a separate file-context for the same memfd.
* This is *not* like dup(), but like a real separate open(). Make sure the
* semantics are as expected and we correctly check for RDONLY / WRONLY / RDWR.
*/
static void test_share_open(char *banner, char *b_suffix)
{
int fd, fd2;
printf("%s %s %s\n", memfd_str, banner, b_suffix);
fd = mfd_assert_new("kern_memfd_share_open",
mfd_def_size,
MFD_CLOEXEC | MFD_ALLOW_SEALING);
mfd_assert_has_seals(fd, 0);
fd2 = mfd_assert_open(fd, O_RDWR, 0);
mfd_assert_add_seals(fd, F_SEAL_WRITE);
mfd_assert_has_seals(fd, F_SEAL_WRITE);
mfd_assert_has_seals(fd2, F_SEAL_WRITE);
mfd_assert_add_seals(fd2, F_SEAL_SHRINK);
mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK);
mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK);
close(fd);
fd = mfd_assert_open(fd2, O_RDONLY, 0);
mfd_fail_add_seals(fd, F_SEAL_SEAL);
mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK);
mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK);
close(fd2);
fd2 = mfd_assert_open(fd, O_RDWR, 0);
mfd_assert_add_seals(fd2, F_SEAL_SEAL);
mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_SEAL);
mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_SEAL);
close(fd2);
close(fd);
}
static void mfd_assert_shrink(int fd)
{
int r, fd2;
r = ftruncate(fd, MFD_DEF_SIZE / 2);
if (r < 0) {
printf("ftruncate(SHRINK) failed: %m\n");
abort();
}
mfd_assert_size(fd, MFD_DEF_SIZE / 2);
fd2 = mfd_assert_open(fd,
O_RDWR | O_CREAT | O_TRUNC,
S_IRUSR | S_IWUSR);
close(fd2);
mfd_assert_size(fd, 0);
}