summaryrefslogtreecommitdiffhomepage
path: root/images/basic/integrationtest
diff options
context:
space:
mode:
Diffstat (limited to 'images/basic/integrationtest')
-rw-r--r--images/basic/integrationtest/Dockerfile7
-rw-r--r--images/basic/integrationtest/copy_up_testfile.txt1
-rw-r--r--images/basic/integrationtest/link_test.c93
-rw-r--r--images/basic/integrationtest/ping4.sh25
-rw-r--r--images/basic/integrationtest/ping6.sh32
-rw-r--r--images/basic/integrationtest/test_copy_up.c88
-rw-r--r--images/basic/integrationtest/test_rewinddir.c78
7 files changed, 324 insertions, 0 deletions
diff --git a/images/basic/integrationtest/Dockerfile b/images/basic/integrationtest/Dockerfile
new file mode 100644
index 000000000..e80e17527
--- /dev/null
+++ b/images/basic/integrationtest/Dockerfile
@@ -0,0 +1,7 @@
+FROM ubuntu:bionic
+
+WORKDIR /root
+COPY . .
+RUN chmod +x *.sh
+
+RUN apt-get update && apt-get install -y gcc iputils-ping iproute2
diff --git a/images/basic/integrationtest/copy_up_testfile.txt b/images/basic/integrationtest/copy_up_testfile.txt
new file mode 100644
index 000000000..e4188c841
--- /dev/null
+++ b/images/basic/integrationtest/copy_up_testfile.txt
@@ -0,0 +1 @@
+old data
diff --git a/images/basic/integrationtest/link_test.c b/images/basic/integrationtest/link_test.c
new file mode 100644
index 000000000..45ab00abe
--- /dev/null
+++ b/images/basic/integrationtest/link_test.c
@@ -0,0 +1,93 @@
+// Copyright 2020 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <err.h>
+#include <fcntl.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+// Basic test for linkat(2). Syscall tests requires CAP_DAC_READ_SEARCH and it
+// cannot use tricks like userns as root. For this reason, run a basic link test
+// to ensure some coverage.
+int main(int argc, char** argv) {
+ const char kOldPath[] = "old.txt";
+ int fd = open(kOldPath, O_RDWR | O_CREAT | O_TRUNC, 0600);
+ if (fd < 0) {
+ errx(1, "open(%s) failed", kOldPath);
+ }
+ const char kData[] = "some random content";
+ if (write(fd, kData, sizeof(kData)) < 0) {
+ err(1, "write failed");
+ }
+ close(fd);
+
+ struct stat old_stat;
+ if (stat(kOldPath, &old_stat)) {
+ errx(1, "stat(%s) failed", kOldPath);
+ }
+
+ const char kNewPath[] = "new.txt";
+ if (link(kOldPath, kNewPath)) {
+ errx(1, "link(%s, %s) failed", kOldPath, kNewPath);
+ }
+
+ struct stat new_stat;
+ if (stat(kNewPath, &new_stat)) {
+ errx(1, "stat(%s) failed", kNewPath);
+ }
+
+ // Check that files are the same.
+ if (old_stat.st_dev != new_stat.st_dev) {
+ errx(1, "files st_dev is different, want: %lu, got: %lu", old_stat.st_dev,
+ new_stat.st_dev);
+ }
+ if (old_stat.st_ino != new_stat.st_ino) {
+ errx(1, "files st_ino is different, want: %lu, got: %lu", old_stat.st_ino,
+ new_stat.st_ino);
+ }
+
+ // Check that link count is correct.
+ if (new_stat.st_nlink != old_stat.st_nlink + 1) {
+ errx(1, "wrong nlink, want: %lu, got: %lu", old_stat.st_nlink + 1,
+ new_stat.st_nlink);
+ }
+
+ // Check taht contents are the same.
+ fd = open(kNewPath, O_RDONLY);
+ if (fd < 0) {
+ errx(1, "open(%s) failed", kNewPath);
+ }
+ char buf[sizeof(kData)] = {};
+ if (read(fd, buf, sizeof(buf)) < 0) {
+ err(1, "read failed");
+ }
+ close(fd);
+
+ if (strcmp(buf, kData) != 0) {
+ errx(1, "file content mismatch: %s", buf);
+ }
+
+ // Cleanup.
+ if (unlink(kNewPath)) {
+ errx(1, "unlink(%s) failed", kNewPath);
+ }
+ if (unlink(kOldPath)) {
+ errx(1, "unlink(%s) failed", kOldPath);
+ }
+
+ // Success!
+ return 0;
+}
diff --git a/images/basic/integrationtest/ping4.sh b/images/basic/integrationtest/ping4.sh
new file mode 100644
index 000000000..2a343712a
--- /dev/null
+++ b/images/basic/integrationtest/ping4.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+# Copyright 2020 The gVisor Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -euo pipefail
+
+# The docker API doesn't provide for starting a container, running a command,
+# and getting the exit status of the command in one go. The most straightforward
+# way to do this is to verify the output of the command, so we output nothing on
+# success and an error message on failure.
+if ! out=$(ping -c 10 127.0.0.1); then
+ echo "$out"
+fi
diff --git a/images/basic/integrationtest/ping6.sh b/images/basic/integrationtest/ping6.sh
new file mode 100644
index 000000000..4268951d0
--- /dev/null
+++ b/images/basic/integrationtest/ping6.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Copyright 2020 The gVisor Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -euo pipefail
+
+# Enable ipv6 on loopback if it's not already enabled. Runsc doesn't enable ipv6
+# loopback unless an ipv6 address was assigned to the container, which docker
+# does not do by default.
+if ! [[ $(ip -6 addr show dev lo) ]]; then
+ ip addr add ::1 dev lo
+fi
+
+# The docker API doesn't provide for starting a container, running a command,
+# and getting the exit status of the command in one go. The most straightforward
+# way to do this is to verify the output of the command, so we output nothing on
+# success and an error message on failure.
+if ! out=$(/bin/ping6 -c 10 ::1); then
+ echo "$out"
+fi
diff --git a/images/basic/integrationtest/test_copy_up.c b/images/basic/integrationtest/test_copy_up.c
new file mode 100644
index 000000000..010b261dc
--- /dev/null
+++ b/images/basic/integrationtest/test_copy_up.c
@@ -0,0 +1,88 @@
+#include <err.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <unistd.h>
+
+int main(int argc, char** argv) {
+ const char kTestFilePath[] = "copy_up_testfile.txt";
+ const char kOldFileData[] = "old data\n";
+ const char kNewFileData[] = "new data\n";
+ const size_t kPageSize = sysconf(_SC_PAGE_SIZE);
+
+ // Open a file that already exists in a host overlayfs lower layer.
+ const int fd_rdonly = open(kTestFilePath, O_RDONLY);
+ if (fd_rdonly < 0) {
+ err(1, "open(%s, O_RDONLY)", kTestFilePath);
+ }
+
+ // Check that the file's initial contents are what we expect when read via
+ // syscall.
+ char oldbuf[sizeof(kOldFileData)] = {};
+ ssize_t n = pread(fd_rdonly, oldbuf, sizeof(oldbuf), 0);
+ if (n < 0) {
+ err(1, "initial pread");
+ }
+ if (n != strlen(kOldFileData)) {
+ errx(1, "short initial pread (%ld/%lu bytes)", n, strlen(kOldFileData));
+ }
+ if (strcmp(oldbuf, kOldFileData) != 0) {
+ errx(1, "initial pread returned wrong data: %s", oldbuf);
+ }
+
+ // Check that the file's initial contents are what we expect when read via
+ // memory mapping.
+ void* page = mmap(NULL, kPageSize, PROT_READ, MAP_SHARED, fd_rdonly, 0);
+ if (page == MAP_FAILED) {
+ err(1, "mmap");
+ }
+ if (strcmp(page, kOldFileData) != 0) {
+ errx(1, "mapping contains wrong initial data: %s", (const char*)page);
+ }
+
+ // Open the same file writably, causing host overlayfs to copy it up, and
+ // replace its contents.
+ const int fd_rdwr = open(kTestFilePath, O_RDWR);
+ if (fd_rdwr < 0) {
+ err(1, "open(%s, O_RDWR)", kTestFilePath);
+ }
+ n = write(fd_rdwr, kNewFileData, strlen(kNewFileData));
+ if (n < 0) {
+ err(1, "write");
+ }
+ if (n != strlen(kNewFileData)) {
+ errx(1, "short write (%ld/%lu bytes)", n, strlen(kNewFileData));
+ }
+ if (ftruncate(fd_rdwr, strlen(kNewFileData)) < 0) {
+ err(1, "truncate");
+ }
+
+ int failed = 0;
+
+ // Check that syscalls on the old FD return updated contents. (Before Linux
+ // 4.18, this requires that runsc use a post-copy-up FD to service the read.)
+ char newbuf[sizeof(kNewFileData)] = {};
+ n = pread(fd_rdonly, newbuf, sizeof(newbuf), 0);
+ if (n < 0) {
+ err(1, "final pread");
+ }
+ if (n != strlen(kNewFileData)) {
+ warnx("short final pread (%ld/%lu bytes)", n, strlen(kNewFileData));
+ failed = 1;
+ } else if (strcmp(newbuf, kNewFileData) != 0) {
+ warnx("final pread returned wrong data: %s", newbuf);
+ failed = 1;
+ }
+
+ // Check that the memory mapping of the old FD has been updated. (Linux
+ // overlayfs does not do this, so regardless of kernel version this requires
+ // that runsc replace existing memory mappings with mappings of a
+ // post-copy-up FD.)
+ if (strcmp(page, kNewFileData) != 0) {
+ warnx("mapping contains wrong final data: %s", (const char*)page);
+ failed = 1;
+ }
+
+ return failed;
+}
diff --git a/images/basic/integrationtest/test_rewinddir.c b/images/basic/integrationtest/test_rewinddir.c
new file mode 100644
index 000000000..f1a4085e1
--- /dev/null
+++ b/images/basic/integrationtest/test_rewinddir.c
@@ -0,0 +1,78 @@
+#include <dirent.h>
+#include <err.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+int main(int argc, char** argv) {
+ const char kDirPath[] = "rewinddir_test_dir";
+ const char kFileBasename[] = "rewinddir_test_file";
+
+ // Create the test directory.
+ if (mkdir(kDirPath, 0755) < 0) {
+ err(1, "mkdir(%s)", kDirPath);
+ }
+
+ // The test directory should initially be empty.
+ DIR* dir = opendir(kDirPath);
+ if (!dir) {
+ err(1, "opendir(%s)", kDirPath);
+ }
+ int failed = 0;
+ while (1) {
+ errno = 0;
+ struct dirent* d = readdir(dir);
+ if (!d) {
+ if (errno != 0) {
+ err(1, "readdir");
+ }
+ break;
+ }
+ if (strcmp(d->d_name, ".") != 0 && strcmp(d->d_name, "..") != 0) {
+ warnx("unexpected file %s in new directory", d->d_name);
+ failed = 1;
+ }
+ }
+
+ // Create a file in the test directory.
+ char* file_path = malloc(strlen(kDirPath) + 1 + strlen(kFileBasename));
+ if (!file_path) {
+ errx(1, "malloc");
+ }
+ strcpy(file_path, kDirPath);
+ file_path[strlen(kDirPath)] = '/';
+ strcpy(file_path + strlen(kDirPath) + 1, kFileBasename);
+ if (mknod(file_path, 0644, 0) < 0) {
+ err(1, "mknod(%s)", file_path);
+ }
+
+ // After rewinddir(), re-reading the directory stream should yield the new
+ // file.
+ rewinddir(dir);
+ size_t found_file = 0;
+ while (1) {
+ errno = 0;
+ struct dirent* d = readdir(dir);
+ if (!d) {
+ if (errno != 0) {
+ err(1, "readdir");
+ }
+ break;
+ }
+ if (strcmp(d->d_name, kFileBasename) == 0) {
+ found_file++;
+ } else if (strcmp(d->d_name, ".") != 0 && strcmp(d->d_name, "..") != 0) {
+ warnx("unexpected file %s in new directory", d->d_name);
+ failed = 1;
+ }
+ }
+ if (found_file != 1) {
+ warnx("readdir returned file %s %zu times, wanted 1", kFileBasename,
+ found_file);
+ failed = 1;
+ }
+
+ return failed;
+}