* shmem/unix/shm.c (APR_PERMS_SET_IMPLEMENT): Implement for the

POSIX shm case and "classic mmap" case. * test/testshm.c (test_named_perms): Add test case. CI: Add tests for various SHM configurations, and that the decision logic is setting the correct APR_USE_SHM_* variables.
apache · Aug 6, 2024 · cdcffc1 · cdcffc1
1 parent 82efcd8
commit cdcffc1
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 0 deletions.
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
@@ -17,10 +17,18 @@ jobs:
       matrix:
         include: 
           - name: Default
+            # Check default shm decision logic for Linux:
+            config-output: APR_USE_SHMEM_MMAP_SHM APR_USE_SHMEM_MMAP_ANON
           - name: Static
             config: --enable-static
           - name: Maintainer-mode
             config: --enable-maintainer-mode
+          - name: Named SHM - SysV, Maintainer-mode
+            config: --enable-maintainer-mode --enable-sysv-shm
+            config-output: APR_USE_SHMEM_SHMGET
+          - name: Named SHM - Classic mmap, Maintainer-mode
+            config: --enable-maintainer-mode ac_cv_func_shm_open=no ac_cv_func_shmget=no
+            config-output: APR_USE_SHMEM_MMAP_TMP
           - name: Pool-debug
             config: --enable-pool-debug
           - name: Pool-debug, maintainer-mode

diff --git a/shmem/unix/shm.c b/shmem/unix/shm.c
@@ -705,6 +705,40 @@ APR_PERMS_SET_IMPLEMENT(shm)
     if (shmctl(shmid, IPC_SET, &shmbuf) == -1) {
         return errno;
     }
+    return APR_SUCCESS;
+#elif APR_USE_SHMEM_MMAP_SHM
+    apr_shm_t *shm = (apr_shm_t *)theshm;
+    const char *shm_name;
+    int fd;
+
+    if (!shm->filename)
+        return APR_ENOTIMPL;
+
+    shm_name = make_shm_open_safe_name(shm->filename, shm->pool);
+
+    fd = shm_open(shm_name, O_RDWR, 0);
+    if (fd == -1)
+        return errno;
+
+    if (fchown(fd, uid, gid))
+        return errno;
+
+    if (fchmod(fd, apr_unix_perms2mode(perms)))
+        return errno;
+
+    return APR_SUCCESS;
+#elif APR_USE_SHMEM_MMAP_TMP
+    apr_shm_t *shm = (apr_shm_t *)theshm;
+
+    if (!shm->filename)
+        return APR_ENOTIMPL;
+
+    if (chown(shm->filename, uid, gid))
+        return errno;
+
+    if (chmod(shm->filename, apr_unix_perms2mode(perms)))
+        return errno;
+
     return APR_SUCCESS;
 #else
     return APR_ENOTIMPL;

diff --git a/test/testshm.c b/test/testshm.c
@@ -285,6 +285,36 @@ static void test_named_delete(abts_case *tc, void *data)
     ABTS_TRUE(tc, rv != 0);
 }
 
+static void test_named_perms(abts_case *tc, void *data)
+{
+    apr_status_t rv;
+    apr_shm_t *shm;
+    apr_uid_t uid;
+    apr_gid_t gid;
+
+    apr_shm_remove(SHARED_FILENAME, p);
+
+    rv = apr_shm_create(&shm, SHARED_SIZE, SHARED_FILENAME, p);
+    APR_ASSERT_SUCCESS(tc, "Error allocating shared memory block", rv);
+    if (rv != APR_SUCCESS) {
+        return;
+    }
+    ABTS_PTR_NOTNULL(tc, shm);
+
+    rv = apr_uid_current(&uid, &gid, p);
+    APR_ASSERT_SUCCESS(tc, "retrieve current uid/gid", rv);
+    if (rv) return;
+
+    rv = apr_shm_perms_set(shm,
+                           APR_FPROT_UREAD|APR_FPROT_UWRITE, uid, gid);
+    apr_shm_destroy(shm);
+
+    if (rv == APR_ENOTIMPL)
+        ABTS_SKIP(tc, data, "apr_shm_perms_set not implemented for named shm");
+    else
+        APR_ASSERT_SUCCESS(tc, "Could not change permissions of shm segment", rv);
+}
+
 #endif
 
 abts_suite *testshm(abts_suite *suite)
@@ -301,6 +331,7 @@ abts_suite *testshm(abts_suite *suite)
     abts_run_test(suite, test_named, NULL);
     abts_run_test(suite, test_named_remove, NULL);
     abts_run_test(suite, test_named_delete, NULL);
+    abts_run_test(suite, test_named_perms, NULL);
 #endif
 
     return suite;