unix: solicit EPERM via wrong PID in creds test.

In a Linux user namespace that doesn't have UID 0 mapped, WriteMsgUnix will return an EINVAL as the uid-valid-in-uns check comes first in the kernel. Even if in a user and PID namespace, using the wrong PID in Ucred will always give EPERM.
2026-02-08 03:36:03 +03:00 · 2018-03-31 17:50:50 -06:00
parent 378d26f466
commit 341d3f0cba
1 changed files with 15 additions and 18 deletions
--- a/unix/creds_test.go
+++ b/unix/creds_test.go
@@ -72,27 +72,24 @@ func TestSCMCredentials(t *testing.T) {
 		defer cli.Close()

 		var ucred unix.Ucred
-		if os.Getuid() != 0 {
-			ucred.Pid = int32(os.Getpid())
-			ucred.Uid = 0
-			ucred.Gid = 0
-			oob := unix.UnixCredentials(&ucred)
-			_, _, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)
-			if op, ok := err.(*net.OpError); ok {
-				err = op.Err
-			}
-			if sys, ok := err.(*os.SyscallError); ok {
-				err = sys.Err
-			}
-			if err != syscall.EPERM {
-				t.Fatalf("WriteMsgUnix failed with %v, want EPERM", err)
-			}
-		}
-
-		ucred.Pid = int32(os.Getpid())
+		ucred.Pid = int32(os.Getpid() - 1)
 		ucred.Uid = uint32(os.Getuid())
 		ucred.Gid = uint32(os.Getgid())
 		oob := unix.UnixCredentials(&ucred)
+		_, _, err = cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)
+		if op, ok := err.(*net.OpError); ok {
+			err = op.Err
+		}
+		if sys, ok := err.(*os.SyscallError); ok {
+			err = sys.Err
+		}
+		if err != syscall.EPERM {
+			t.Fatalf("WriteMsgUnix failed with %v, want EPERM", err)
+		}
+
+		// Fix the PID.
+		ucred.Pid = int32(os.Getpid())
+		oob = unix.UnixCredentials(&ucred)

 		// On SOCK_STREAM, this is internally going to send a dummy byte
 		n, oobn, err := cli.(*net.UnixConn).WriteMsgUnix(nil, oob, nil)