/*	$NetBSD: t_socket.c,v 1.6 2019/10/06 01:05:36 mrg Exp $	*/

#include <sys/types.h>
#include <sys/mount.h>
#include <sys/socket.h>
#include <sys/un.h>

#include <rump/rump.h>
#include <rump/rump_syscalls.h>

#include <atf-c.h>
#include <fcntl.h>
#include <err.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <util.h>

#include "h_macros.h"

ATF_TC(cmsg_sendfd_bounds);
ATF_TC_HEAD(cmsg_sendfd_bounds, tc)
{
	atf_tc_set_md_var(tc, "descr", "Checks that attempting to pass an "
	    "invalid fd returns an error");
}

ATF_TC_BODY(cmsg_sendfd_bounds, tc)
{
	struct cmsghdr *cmp;
	struct msghdr msg;
	struct iovec iov;
	int s[2];
	int fd;

	rump_init();

	if (rump_sys_socketpair(AF_LOCAL, SOCK_STREAM, 0, s) == -1)
		atf_tc_fail("rump_sys_socket");

	cmp = malloc(CMSG_SPACE(sizeof(int)));

	iov.iov_base = &fd;
	iov.iov_len = sizeof(int);

	cmp->cmsg_level = SOL_SOCKET;
	cmp->cmsg_type = SCM_RIGHTS;
	cmp->cmsg_len = CMSG_LEN(sizeof(int));

	msg.msg_iov = &iov;
	msg.msg_iovlen = 1;
	msg.msg_name = NULL;
	msg.msg_namelen = 0;
	msg.msg_control = cmp;
	msg.msg_controllen = CMSG_SPACE(sizeof(int));

	/*
	 * ERROR HERE: trying to pass invalid fd
	 * (This value was previously directly used to index the fd
	 *  array and therefore we are passing a hyperspace index)
	 */
	*(int *)CMSG_DATA(cmp) = 0x12345678;

	rump_sys_sendmsg(s[0], &msg, 0);
	if (errno != EBADF)
		atf_tc_fail("descriptor passing failed: expected EBADF (9), "
		    "got %d\n(%s)", errno, strerror(errno));
}


ATF_TC(cmsg_sendfd);
ATF_TC_HEAD(cmsg_sendfd, tc)
{
	atf_tc_set_md_var(tc, "descr", "Checks that fd passing works");
	atf_tc_set_md_var(tc, "timeout", "10");
}

ATF_TC_BODY(cmsg_sendfd, tc)
{
	char buf[128];
	struct cmsghdr *cmp;
	struct msghdr msg;
	struct sockaddr_un sun;
	struct lwp *l1;
	struct iovec iov;
	socklen_t sl;
	int s1, s2, sgot;
	int rfd, fd[2], storage;

	rump_init();

	RZ(rump_pub_lwproc_rfork(RUMP_RFCFDG));
	l1 = rump_pub_lwproc_curlwp();

	/* create unix socket and bind it to a path */
	memset(&sun, 0, sizeof(sun));
	sun.sun_family = AF_LOCAL;
#define SOCKPATH "/com"
	memcpy(sun.sun_path, SOCKPATH, sizeof(SOCKPATH) - 1);
	s1 = rump_sys_socket(AF_LOCAL, SOCK_STREAM, 0);
	if (s1 == -1)
		atf_tc_fail_errno("socket 1");
	if (rump_sys_bind(s1, (struct sockaddr *)&sun, SUN_LEN(&sun)) == -1)
		atf_tc_fail_errno("socket 1 bind");
	if (rump_sys_listen(s1, 1) == -1)
		atf_tc_fail_errno("socket 1 listen");

	/* create second process for test */
	RZ(rump_pub_lwproc_rfork(RUMP_RFCFDG));
	(void)rump_pub_lwproc_curlwp();

	/* connect to unix domain socket */
	memset(&sun, 0, sizeof(sun));
	sun.sun_family = AF_LOCAL;
	memcpy(sun.sun_path, SOCKPATH, sizeof(SOCKPATH) - 1);
	s2 = rump_sys_socket(AF_LOCAL, SOCK_STREAM, 0);
	if (s2 == -1)
		atf_tc_fail_errno("socket 2");
	if (rump_sys_connect(s2, (struct sockaddr *)&sun, SUN_LEN(&sun)) == -1)
		atf_tc_fail_errno("socket 2 connect");

	/* open a pipe and write stuff to it */
	if (rump_sys_pipe(fd) == -1)
		atf_tc_fail_errno("can't open pipe");
#define MAGICSTRING "duam xnaht"
	if (rump_sys_write(fd[1], MAGICSTRING, sizeof(MAGICSTRING)) !=
	    sizeof(MAGICSTRING))
		atf_tc_fail_errno("pipe write"); /* XXX: errno */

	cmp = malloc(CMSG_SPACE(sizeof(int)));

	iov.iov_base = &storage;
	iov.iov_len = sizeof(int);

	cmp->cmsg_level = SOL_SOCKET;
	cmp->cmsg_type = SCM_RIGHTS;
	cmp->cmsg_len = CMSG_LEN(sizeof(int));

	msg.msg_iov = &iov;
	msg.msg_iovlen = 1;
	msg.msg_name = NULL;
	msg.msg_namelen = 0;
	msg.msg_control = cmp;
	msg.msg_controllen = CMSG_SPACE(sizeof(int));
	*(int *)CMSG_DATA(cmp) = fd[0];

	/* pass the fd */
	if (rump_sys_sendmsg(s2, &msg, 0) == -1)
		atf_tc_fail_errno("sendmsg failed");

	/*
	 * We will read to the same cmsg space.  Overwrite the space
	 * with an invalid fd to make sure we get an explicit error
	 * if we don't manage to read the fd.
	 */
	*(int *)CMSG_DATA(cmp) = -1;

	/* switch back to original proc */
	rump_pub_lwproc_switch(l1);

	/* accept connection and read fd */
	sl = sizeof(sun);
	sgot = rump_sys_accept(s1, (struct sockaddr *)&sun, &sl);
	if (sgot == -1)
		atf_tc_fail_errno("accept");
	if (rump_sys_recvmsg(sgot, &msg, 0) == -1)
		atf_tc_fail_errno("recvmsg failed");
	rfd = *(int *)CMSG_DATA(cmp);

	/* read from the fd */
	memset(buf, 0, sizeof(buf));
	if (rump_sys_read(rfd, buf, sizeof(buf)) == -1)
		atf_tc_fail_errno("read rfd");

	/* check that we got the right stuff */
	if (strcmp(buf, MAGICSTRING) != 0)
		atf_tc_fail("expected \"%s\", got \"%s\"", MAGICSTRING, buf);
}

ATF_TC(sock_cloexec);
ATF_TC_HEAD(sock_cloexec, tc)
{
	atf_tc_set_md_var(tc, "descr", "SOCK_CLOEXEC kernel invariant failure");
}

ATF_TC_BODY(sock_cloexec, tc)
{

	rump_init();
	rump_pub_lwproc_rfork(RUMP_RFFDG);
	if (rump_sys_socket(-1, SOCK_CLOEXEC, 0) != -1)
		atf_tc_fail("invalid socket parameters unexpectedly worked");
	rump_pub_lwproc_releaselwp();
}

ATF_TP_ADD_TCS(tp)
{
	ATF_TP_ADD_TC(tp, cmsg_sendfd);
	ATF_TP_ADD_TC(tp, cmsg_sendfd_bounds);
	ATF_TP_ADD_TC(tp, sock_cloexec);

	return atf_no_error();
}