Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 | // SPDX-License-Identifier: GPL-2.0-only /* * Check if we can fully utilize 4-tuples for connect(). * * Rules to bind sockets to the same port when all ephemeral ports are * exhausted. * * 1. if there are TCP_LISTEN sockets on the port, fail to bind. * 2. if there are sockets without SO_REUSEADDR, fail to bind. * 3. if SO_REUSEADDR is disabled, fail to bind. * 4. if SO_REUSEADDR is enabled and SO_REUSEPORT is disabled, * succeed to bind. * 5. if SO_REUSEADDR and SO_REUSEPORT are enabled and * there is no socket having the both options and the same EUID, * succeed to bind. * 6. fail to bind. * * Author: Kuniyuki Iwashima <kuniyu@amazon.co.jp> */ #include <arpa/inet.h> #include <netinet/in.h> #include <sys/socket.h> #include <sys/types.h> #include <unistd.h> #include "../kselftest_harness.h" struct reuse_opts { int reuseaddr[2]; int reuseport[2]; }; struct reuse_opts unreusable_opts[12] = { {{0, 0}, {0, 0}}, {{0, 0}, {0, 1}}, {{0, 0}, {1, 0}}, {{0, 0}, {1, 1}}, {{0, 1}, {0, 0}}, {{0, 1}, {0, 1}}, {{0, 1}, {1, 0}}, {{0, 1}, {1, 1}}, {{1, 0}, {0, 0}}, {{1, 0}, {0, 1}}, {{1, 0}, {1, 0}}, {{1, 0}, {1, 1}}, }; struct reuse_opts reusable_opts[4] = { {{1, 1}, {0, 0}}, {{1, 1}, {0, 1}}, {{1, 1}, {1, 0}}, {{1, 1}, {1, 1}}, }; int bind_port(struct __test_metadata *_metadata, int reuseaddr, int reuseport) { struct sockaddr_in local_addr; int len = sizeof(local_addr); int fd, ret; fd = socket(AF_INET, SOCK_STREAM, 0); ASSERT_NE(-1, fd) TH_LOG("failed to open socket."); ret = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(int)); ASSERT_EQ(0, ret) TH_LOG("failed to setsockopt: SO_REUSEADDR."); ret = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &reuseport, sizeof(int)); ASSERT_EQ(0, ret) TH_LOG("failed to setsockopt: SO_REUSEPORT."); local_addr.sin_family = AF_INET; local_addr.sin_addr.s_addr = inet_addr("127.0.0.1"); local_addr.sin_port = 0; if (bind(fd, (struct sockaddr *)&local_addr, len) == -1) { close(fd); return -1; } return fd; } TEST(reuseaddr_ports_exhausted_unreusable) { struct reuse_opts *opts; int i, j, fd[2]; for (i = 0; i < 12; i++) { opts = &unreusable_opts[i]; for (j = 0; j < 2; j++) fd[j] = bind_port(_metadata, opts->reuseaddr[j], opts->reuseport[j]); ASSERT_NE(-1, fd[0]) TH_LOG("failed to bind."); EXPECT_EQ(-1, fd[1]) TH_LOG("should fail to bind."); for (j = 0; j < 2; j++) if (fd[j] != -1) close(fd[j]); } } TEST(reuseaddr_ports_exhausted_reusable_same_euid) { struct reuse_opts *opts; int i, j, fd[2]; for (i = 0; i < 4; i++) { opts = &reusable_opts[i]; for (j = 0; j < 2; j++) fd[j] = bind_port(_metadata, opts->reuseaddr[j], opts->reuseport[j]); ASSERT_NE(-1, fd[0]) TH_LOG("failed to bind."); if (opts->reuseport[0] && opts->reuseport[1]) { EXPECT_EQ(-1, fd[1]) TH_LOG("should fail to bind because both sockets succeed to be listened."); } else { EXPECT_NE(-1, fd[1]) TH_LOG("should succeed to bind to connect to different destinations."); } for (j = 0; j < 2; j++) if (fd[j] != -1) close(fd[j]); } } TEST(reuseaddr_ports_exhausted_reusable_different_euid) { struct reuse_opts *opts; int i, j, ret, fd[2]; uid_t euid[2] = {10, 20}; for (i = 0; i < 4; i++) { opts = &reusable_opts[i]; for (j = 0; j < 2; j++) { ret = seteuid(euid[j]); ASSERT_EQ(0, ret) TH_LOG("failed to seteuid: %d.", euid[j]); fd[j] = bind_port(_metadata, opts->reuseaddr[j], opts->reuseport[j]); ret = seteuid(0); ASSERT_EQ(0, ret) TH_LOG("failed to seteuid: 0."); } ASSERT_NE(-1, fd[0]) TH_LOG("failed to bind."); EXPECT_NE(-1, fd[1]) TH_LOG("should succeed to bind because one socket can be bound in each euid."); if (fd[1] != -1) { ret = listen(fd[0], 5); ASSERT_EQ(0, ret) TH_LOG("failed to listen."); ret = listen(fd[1], 5); EXPECT_EQ(-1, ret) TH_LOG("should fail to listen because only one uid reserves the port in TCP_LISTEN."); } for (j = 0; j < 2; j++) if (fd[j] != -1) close(fd[j]); } } TEST_HARNESS_MAIN |