wip: send child pidfd back to parent for waiting

This should eliminate any race conditions around PIDs.

Author: CobaltCause

test/sys/test_pidfd.rs

@@ -11,25 +11,44 @@ fn test_pidfd_open() {
 
 #[cfg(feature = "signal")]
 mod send_signal {
+    use std::{
+        io::{IoSlice, IoSliceMut},
+        os::fd::{AsFd as _, AsRawFd as _, FromRawFd as _, OwnedFd, RawFd},
+    };
+
     use nix::{
         sys::{
             pidfd::{
                 pidfd_open, pidfd_send_signal, PidfdOpenFlags,
                 PidfdSendSignalFlags,
             },
             signal::Signal,
-            wait::{waitpid, WaitStatus},
+            socket::{
+                recvmsg, sendmsg, socketpair, AddressFamily, ControlMessage,
+                ControlMessageOwned, MsgFlags, SockFlag, SockType,
+            },
+            wait::{waitid, Id, WaitPidFlag, WaitStatus},
         },
         unistd::{fork, getpid, ForkResult},
     };
 
     #[test]
     fn test_pidfd_send_signal() {
         // NOTE: This function MUST be async-signal-safe.
-        fn child_process() -> ! {
+        fn child_process(socket: OwnedFd) -> ! {
             let pidfd = pidfd_open(getpid(), PidfdOpenFlags::empty())
                 .unwrap_or_else(|_| std::process::exit(1));
 
+            // Send PIDFD to the parent.
+            sendmsg::<()>(
+                socket.as_raw_fd(),
+                &[IoSlice::new(&[])],
+                &[ControlMessage::ScmRights(&[pidfd.as_raw_fd()])],
+                MsgFlags::empty(),
+                None,
+            )
+            .unwrap_or_else(|_| std::process::exit(1));
+
             // Code beyond this call should be unreachable.
             pidfd_send_signal(
                 &pidfd,
@@ -42,21 +61,53 @@ mod send_signal {
             std::process::exit(1)
         }
 
+        let (socket, child_socket) = socketpair(
+            AddressFamily::Unix,
+            SockType::SeqPacket,
+            None,
+            SockFlag::empty(),
+        )
+        .expect("should be able to create socketpair");
+
         // SAFETY: `child_process` is async-signal-safe.
-        let child = unsafe {
+        unsafe {
             match fork().expect("should be able to fork") {
-                ForkResult::Parent { child } => child,
-                ForkResult::Child => child_process(),
+                ForkResult::Child => child_process(child_socket),
+                ForkResult::Parent { .. } => (),
             }
         };
 
+        let mut iov = [IoSliceMut::new(&mut [])];
+        let mut cmsg = cmsg_space!(RawFd);
+
+        let msg = recvmsg::<()>(
+            socket.as_raw_fd(),
+            &mut iov,
+            Some(&mut cmsg),
+            MsgFlags::empty(),
+        )
+        .expect("should be able to call recvmsg");
+
+        let cmsg = msg
+            .cmsgs()
+            .expect("should be able to receive cmsgs")
+            .next()
+            .expect("should receive 1 cmsg");
+
+        let child_pidfd = if let ControlMessageOwned::ScmRights(fds) = cmsg {
+            if let [fd] = &*fds {
+                // SAFETY: SCM_RIGHTS provides valid file descriptors.
+                unsafe { OwnedFd::from_raw_fd(RawFd::from(*fd)) }
+            } else {
+                panic!("should receive one file descriptor");
+            }
+        } else {
+            panic!("should receive an SCM_RIGHTS cmsg");
+        };
+
         assert!(matches!(
-            waitpid(child, None),
-            Ok(WaitStatus::Signaled(
-                x,
-                Signal::SIGKILL,
-                _
-            )) if x == child
+            waitid(Id::PIDFd(child_pidfd.as_fd()), WaitPidFlag::WEXITED),
+            Ok(WaitStatus::Signaled(_, Signal::SIGKILL, _))
         ));
     }
 }