proc: split verifyProcRoot

The verification logic that something is on procfs is needed in other
places, we can easily split it into two functions so folks can verify
the latter if they prefer.

Signed-off-by: Aleksa Sarai <[email protected]>

Author: cyphar

procfs_linux.go

@@ -39,12 +39,25 @@ const (
 	procRootIno    = 1      // PROC_ROOT_INO
 )
 
-func verifyProcRoot(procRoot *os.File) error {
-	if statfs, err := fstatfs(procRoot); err != nil {
+// verifyProcHandle checks that the handle is from a procfs filesystem.
+// Contrast this to [verifyProcRoot], which also verifies that the handle is
+// the root of a procfs mount.
+func verifyProcHandle(procHandle *os.File) error {
+	if statfs, err := fstatfs(procHandle); err != nil {
 		return err
 	} else if statfs.Type != procSuperMagic {
 		return fmt.Errorf("%w: incorrect procfs root filesystem type 0x%x", errUnsafeProcfs, statfs.Type)
 	}
+	return nil
+}
+
+// verifyProcRoot verifies that the handle is the root of a procfs filesystem.
+// Contrast this to [verifyProcHandle], which only verifies if the handle is
+// some file on procfs (regardless of what file it is).
+func verifyProcRoot(procRoot *os.File) error {
+	if err := verifyProcHandle(procRoot); err != nil {
+		return err
+	}
 	if stat, err := fstat(procRoot); err != nil {
 		return err
 	} else if stat.Ino != procRootIno {

procfs_linux_test.go

@@ -386,37 +386,43 @@ func TestProcSelfFdPath_DeadDir(t *testing.T) {
 	})
 }
 
-func testVerifyProcRoot(t *testing.T, procRoot string, expectedErr error, errString string) {
+func testVerifyProcRoot(t *testing.T, procRoot string, expectedHandleErr, expectedRootErr error, errString string) {
 	fakeProcRoot, err := os.OpenFile(procRoot, unix.O_PATH|unix.O_CLOEXEC, 0)
 	require.NoError(t, err)
 	defer fakeProcRoot.Close() //nolint:errcheck // test code
 
 	err = verifyProcRoot(fakeProcRoot)
-	require.ErrorIsf(t, err, expectedErr, "verifyProcRoot(%s)", procRoot)
-	if expectedErr != nil {
+	require.ErrorIsf(t, err, expectedRootErr, "verifyProcRoot(%s)", procRoot)
+	if expectedRootErr != nil {
 		require.ErrorContainsf(t, err, errString, "verifyProcRoot(%s)", procRoot)
 	}
+
+	err = verifyProcHandle(fakeProcRoot)
+	require.ErrorIsf(t, err, expectedHandleErr, "verifyProcHandle(%s)", procRoot)
+	if expectedHandleErr != nil {
+		require.ErrorContainsf(t, err, errString, "verifyProcHandle(%s)", procRoot)
+	}
 }
 
 func TestVerifyProcRoot_Regular(t *testing.T) {
 	testForceProcThreadSelf(t, func(t *testing.T) {
-		testVerifyProcRoot(t, "/proc", nil, "")
+		testVerifyProcRoot(t, "/proc", nil, nil, "")
 	})
 }
 
 func TestVerifyProcRoot_ProcNonRoot(t *testing.T) {
 	testForceProcThreadSelf(t, func(t *testing.T) {
-		testVerifyProcRoot(t, "/proc/self", errUnsafeProcfs, "incorrect procfs root inode number")
-		testVerifyProcRoot(t, "/proc/mounts", errUnsafeProcfs, "incorrect procfs root inode number")
-		testVerifyProcRoot(t, "/proc/stat", errUnsafeProcfs, "incorrect procfs root inode number")
+		testVerifyProcRoot(t, "/proc/self", nil, errUnsafeProcfs, "incorrect procfs root inode number")
+		testVerifyProcRoot(t, "/proc/mounts", nil, errUnsafeProcfs, "incorrect procfs root inode number")
+		testVerifyProcRoot(t, "/proc/stat", nil, errUnsafeProcfs, "incorrect procfs root inode number")
 	})
 }
 
 func TestVerifyProcRoot_NotProc(t *testing.T) {
 	testForceProcThreadSelf(t, func(t *testing.T) {
-		testVerifyProcRoot(t, "/", errUnsafeProcfs, "incorrect procfs root filesystem type")
-		testVerifyProcRoot(t, ".", errUnsafeProcfs, "incorrect procfs root filesystem type")
-		testVerifyProcRoot(t, t.TempDir(), errUnsafeProcfs, "incorrect procfs root filesystem type")
+		testVerifyProcRoot(t, "/", errUnsafeProcfs, errUnsafeProcfs, "incorrect procfs root filesystem type")
+		testVerifyProcRoot(t, ".", errUnsafeProcfs, errUnsafeProcfs, "incorrect procfs root filesystem type")
+		testVerifyProcRoot(t, t.TempDir(), errUnsafeProcfs, errUnsafeProcfs, "incorrect procfs root filesystem type")
 	})
 }