1 // Copyright 2020 The BoringSSL Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include <openssl/base.h>
16
17 #include "../bcm_support.h"
18
19 // TSAN cannot cope with this test and complains that "starting new threads
20 // after multi-threaded fork is not supported".
21 #if defined(OPENSSL_FORK_DETECTION) && !defined(OPENSSL_TSAN) && \
22 !defined(OPENSSL_IOS)
23 #include <errno.h>
24 #include <inttypes.h>
25 #include <stdio.h>
26 #include <string.h>
27 #include <sys/wait.h>
28 #include <unistd.h>
29
30 #include <functional>
31
32 #if defined(OPENSSL_THREADS)
33 #include <thread>
34 #include <vector>
35 #endif
36
37 #include <gtest/gtest.h>
38
39
WaitpidEINTR(pid_t pid,int * out_status,int options)40 static pid_t WaitpidEINTR(pid_t pid, int *out_status, int options) {
41 pid_t ret;
42 do {
43 ret = waitpid(pid, out_status, options);
44 } while (ret < 0 && errno == EINTR);
45
46 return ret;
47 }
48
49 // The *InChild functions run inside a child process and must report errors via
50 // |stderr| and |_exit| rather than GTest.
51
CheckGenerationAtLeastInChild(const char * name,uint64_t minimum_expected)52 static void CheckGenerationAtLeastInChild(const char *name,
53 uint64_t minimum_expected) {
54 uint64_t generation = CRYPTO_get_fork_generation();
55 if (generation < minimum_expected) {
56 fprintf(stderr, "%s generation (#1) was %" PRIu64 ", wanted %" PRIu64 ".\n",
57 name, generation, minimum_expected);
58 _exit(1);
59 }
60
61 // The generation should be stable.
62 uint64_t new_generation = CRYPTO_get_fork_generation();
63 if (new_generation != generation) {
64 fprintf(stderr, "%s generation (#2) was %" PRIu64 ", wanted %" PRIu64 ".\n",
65 name, new_generation, generation);
66 _exit(1);
67 }
68 }
69
70 // ForkInChild forks a child which runs |f|. If the child exits unsuccessfully,
71 // this function will also exit unsuccessfully.
ForkInChild(std::function<void ()> f)72 static void ForkInChild(std::function<void()> f) {
73 fflush(stderr); // Avoid duplicating any buffered output.
74
75 const pid_t pid = fork();
76 if (pid < 0) {
77 perror("fork");
78 _exit(1);
79 } else if (pid == 0) {
80 f();
81 _exit(0);
82 }
83
84 // Wait for the child and pass its exit code up.
85 int status;
86 if (WaitpidEINTR(pid, &status, 0) < 0) {
87 perror("waitpid");
88 _exit(1);
89 }
90 if (!WIFEXITED(status)) {
91 fprintf(stderr, "Child did not exit cleanly.\n");
92 _exit(1);
93 }
94 if (WEXITSTATUS(status) != 0) {
95 // Pass the failure up.
96 _exit(WEXITSTATUS(status));
97 }
98 }
99
TEST(ForkDetect,Test)100 TEST(ForkDetect, Test) {
101 uint64_t start = CRYPTO_get_fork_generation();
102 if (start == 0) {
103 GTEST_SKIP() << "Fork detection not supported. Skipping test.\n";
104 }
105
106 // The fork generation should be stable.
107 EXPECT_EQ(start, CRYPTO_get_fork_generation());
108
109 fflush(stderr);
110 const pid_t child = fork();
111
112 if (child == 0) {
113 // Fork grandchildren before observing the fork generation. The
114 // grandchildren will observe |start| + 1.
115 for (int i = 0; i < 2; i++) {
116 ForkInChild(
117 [&] { CheckGenerationAtLeastInChild("Grandchild", start + 1); });
118 }
119
120 // Now the child also observes |start| + 1. This is fine because it has
121 // already diverged from the grandchild at this point.
122
123 CheckGenerationAtLeastInChild("Child", start + 1);
124
125 // In the pthread_atfork the value may have changed.
126 uint64_t child_generation = CRYPTO_get_fork_generation();
127 // Forked grandchildren will now observe |start| + 2.
128 for (int i = 0; i < 2; i++) {
129 ForkInChild([&] {
130 CheckGenerationAtLeastInChild("Grandchild", child_generation + 1);
131 });
132 }
133
134 #if defined(OPENSSL_THREADS)
135 // The fork generation logic itself must be thread-safe. We test this in a
136 // child process to capture the actual fork detection. This segment is meant
137 // to be tested in TSan.
138 ForkInChild([&] {
139 std::vector<std::thread> threads(4);
140 for (int i = 0; i < 2; i++) {
141 for (auto &t : threads) {
142 t = std::thread([&] {
143 CheckGenerationAtLeastInChild("Grandchild thread",
144 child_generation + 1);
145 });
146 }
147 for (auto &t : threads) {
148 t.join();
149 }
150 }
151 });
152 #endif // OPENSSL_THREADS
153
154 // The child's observed value should be unchanged.
155 if (child_generation != CRYPTO_get_fork_generation()) {
156 fprintf(stderr,
157 "Child generation (final stable check) was %" PRIu64
158 ", wanted %" PRIu64 ".\n",
159 child_generation, CRYPTO_get_fork_generation());
160 _exit(1);
161 }
162
163 _exit(0);
164 }
165
166 ASSERT_GT(child, 0) << "Error in fork: " << strerror(errno);
167 int status;
168 ASSERT_EQ(child, WaitpidEINTR(child, &status, 0))
169 << "Error in waitpid: " << strerror(errno);
170 ASSERT_TRUE(WIFEXITED(status));
171 EXPECT_EQ(0, WEXITSTATUS(status)) << "Error in child process";
172
173 // We still observe |start|.
174 EXPECT_EQ(start, CRYPTO_get_fork_generation());
175 }
176
177 #endif // OPENSSL_FORK_DETECTION && !OPENSSL_TSAN && !OPENSSL_IOS
178