From: "Darrick J. Wong" <djwong@kernel.org>
To: djwong@kernel.org, zlang@redhat.com
Cc: linux-xfs@vger.kernel.org, fstests@vger.kernel.org, guan@eryu.me
Subject: [PATCH 5/7] generic: test that file privilege gets dropped with FIEXCHANGE_RANGE
Date: Tue, 28 Feb 2023 18:59:32 -0800 [thread overview]
Message-ID: <167763957229.3796922.2048519729546749794.stgit@magnolia> (raw)
In-Reply-To: <167763954409.3796922.11086772690906428270.stgit@magnolia>
From: Darrick J. Wong <djwong@kernel.org>
Make sure that we clear the suid and sgid bits and capabilities during a
FIEXCHANGE_RANGE call just like we would for a regular file write.
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
---
tests/generic/1218 | 115 ++++++++++++++++++++++++++++++++++++++++++++++++
tests/generic/1218.out | 49 ++++++++++++++++++++
tests/generic/1219 | 83 +++++++++++++++++++++++++++++++++++
tests/generic/1219.out | 17 +++++++
4 files changed, 264 insertions(+)
create mode 100755 tests/generic/1218
create mode 100644 tests/generic/1218.out
create mode 100755 tests/generic/1219
create mode 100755 tests/generic/1219.out
diff --git a/tests/generic/1218 b/tests/generic/1218
new file mode 100755
index 0000000000..e6c170351e
--- /dev/null
+++ b/tests/generic/1218
@@ -0,0 +1,115 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle. All Rights Reserved.
+#
+# FS QA Test 1218
+#
+# Functional test for dropping suid and sgid bits as part of an atomic file
+# commit.
+#
+. ./common/preamble
+_begin_fstest auto fiexchange swapext quick
+
+# Override the default cleanup function.
+# _cleanup()
+# {
+# cd /
+# rm -r -f $tmp.*
+# }
+
+# Import common functions.
+. ./common/filter
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_xfs_io_command swapext '-v vfs -a'
+_require_xfs_io_command startupdate
+_require_scratch
+
+_scratch_mkfs >> $seqres.full
+_scratch_mount
+_require_congruent_file_oplen $SCRATCH_MNT 1048576
+chmod a+rw $SCRATCH_MNT/
+
+setup_testfile() {
+ rm -f $SCRATCH_MNT/a
+ _pwrite_byte 0x58 0 1m $SCRATCH_MNT/a >> $seqres.full
+ sync
+}
+
+commit_and_check() {
+ local user="$1"
+
+ md5sum $SCRATCH_MNT/a | _filter_scratch
+ stat -c '%a %A %n' $SCRATCH_MNT/a | _filter_scratch
+
+ local cmd="$XFS_IO_PROG -c 'startupdate' -c 'pwrite -S 0x57 0 1m' -c 'commitupdate' $SCRATCH_MNT/a"
+ if [ -n "$user" ]; then
+ su - "$user" -c "$cmd" >> $seqres.full
+ else
+ $SHELL -c "$cmd" >> $seqres.full
+ fi
+
+ _scratch_cycle_mount
+ md5sum $SCRATCH_MNT/a | _filter_scratch
+ stat -c '%a %A %n' $SCRATCH_MNT/a | _filter_scratch
+
+ # Blank line in output
+ echo
+}
+
+# Commit to a non-exec file by an unprivileged user clears suid but leaves
+# sgid.
+echo "Test 1 - qa_user, non-exec file"
+setup_testfile
+chmod a+rws $SCRATCH_MNT/a
+commit_and_check "$qa_user"
+
+# Commit to a group-exec file by an unprivileged user clears suid and sgid.
+echo "Test 2 - qa_user, group-exec file"
+setup_testfile
+chmod g+x,a+rws $SCRATCH_MNT/a
+commit_and_check "$qa_user"
+
+# Commit to a user-exec file by an unprivileged user clears suid but not sgid.
+echo "Test 3 - qa_user, user-exec file"
+setup_testfile
+chmod u+x,a+rws,g-x $SCRATCH_MNT/a
+commit_and_check "$qa_user"
+
+# Commit to a all-exec file by an unprivileged user clears suid and sgid.
+echo "Test 4 - qa_user, all-exec file"
+setup_testfile
+chmod a+rwxs $SCRATCH_MNT/a
+commit_and_check "$qa_user"
+
+# Commit to a non-exec file by root leaves suid and sgid.
+echo "Test 5 - root, non-exec file"
+setup_testfile
+chmod a+rws $SCRATCH_MNT/a
+commit_and_check
+
+# Commit to a group-exec file by root leaves suid and sgid.
+echo "Test 6 - root, group-exec file"
+setup_testfile
+chmod g+x,a+rws $SCRATCH_MNT/a
+commit_and_check
+
+# Commit to a user-exec file by root leaves suid and sgid.
+echo "Test 7 - root, user-exec file"
+setup_testfile
+chmod u+x,a+rws,g-x $SCRATCH_MNT/a
+commit_and_check
+
+# Commit to a all-exec file by root leaves suid and sgid.
+echo "Test 8 - root, all-exec file"
+setup_testfile
+chmod a+rwxs $SCRATCH_MNT/a
+commit_and_check
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/1218.out b/tests/generic/1218.out
new file mode 100644
index 0000000000..8f4469aad4
--- /dev/null
+++ b/tests/generic/1218.out
@@ -0,0 +1,49 @@
+QA output created by 1218
+Test 1 - qa_user, non-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6666 -rwSrwSrw- SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+666 -rw-rw-rw- SCRATCH_MNT/a
+
+Test 2 - qa_user, group-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6676 -rwSrwsrw- SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+676 -rw-rwxrw- SCRATCH_MNT/a
+
+Test 3 - qa_user, user-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6766 -rwsrwSrw- SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+766 -rwxrw-rw- SCRATCH_MNT/a
+
+Test 4 - qa_user, all-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6777 -rwsrwsrwx SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+777 -rwxrwxrwx SCRATCH_MNT/a
+
+Test 5 - root, non-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6666 -rwSrwSrw- SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+6666 -rwSrwSrw- SCRATCH_MNT/a
+
+Test 6 - root, group-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6676 -rwSrwsrw- SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+6676 -rwSrwsrw- SCRATCH_MNT/a
+
+Test 7 - root, user-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6766 -rwsrwSrw- SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+6766 -rwsrwSrw- SCRATCH_MNT/a
+
+Test 8 - root, all-exec file
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+6777 -rwsrwsrwx SCRATCH_MNT/a
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+6777 -rwsrwsrwx SCRATCH_MNT/a
+
diff --git a/tests/generic/1219 b/tests/generic/1219
new file mode 100755
index 0000000000..fe20475058
--- /dev/null
+++ b/tests/generic/1219
@@ -0,0 +1,83 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle. All Rights Reserved.
+#
+# FS QA Test 1219
+#
+# Functional test for dropping capability bits as part of an atomic file
+# commit.
+#
+. ./common/preamble
+_begin_fstest auto fiexchange swapext quick
+
+# Override the default cleanup function.
+# _cleanup()
+# {
+# cd /
+# rm -r -f $tmp.*
+# }
+
+# Import common functions.
+. ./common/filter
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_command "$GETCAP_PROG" getcap
+_require_command "$SETCAP_PROG" setcap
+_require_xfs_io_command swapext '-v vfs -a'
+_require_xfs_io_command startupdate
+_require_scratch
+
+_scratch_mkfs >> $seqres.full
+_scratch_mount
+_require_congruent_file_oplen $SCRATCH_MNT 1048576
+chmod a+rw $SCRATCH_MNT/
+
+setup_testfile() {
+ rm -f $SCRATCH_MNT/a $SCRATCH_MNT/b
+ _pwrite_byte 0x58 0 1m $SCRATCH_MNT/a >> $seqres.full
+ _pwrite_byte 0x57 0 1m $SCRATCH_MNT/b >> $seqres.full
+ chmod a+rw $SCRATCH_MNT/a $SCRATCH_MNT/b
+ $SETCAP_PROG cap_setgid,cap_setuid+ep $SCRATCH_MNT/a
+ sync
+}
+
+commit_and_check() {
+ local user="$1"
+
+ md5sum $SCRATCH_MNT/a | _filter_scratch
+ stat -c '%a %A %n' $SCRATCH_MNT/a | _filter_scratch
+ _getcap -v $SCRATCH_MNT/a | _filter_scratch
+
+ local cmd="$XFS_IO_PROG -c 'startupdate' -c 'pwrite -S 0x57 0 1m' -c 'commitupdate' $SCRATCH_MNT/a"
+ if [ -n "$user" ]; then
+ su - "$user" -c "$cmd" >> $seqres.full
+ else
+ $SHELL -c "$cmd" >> $seqres.full
+ fi
+
+ _scratch_cycle_mount
+ md5sum $SCRATCH_MNT/a | _filter_scratch
+ stat -c '%a %A %n' $SCRATCH_MNT/a | _filter_scratch
+ _getcap -v $SCRATCH_MNT/a | _filter_scratch
+
+ # Blank line in output
+ echo
+}
+
+# Commit by an unprivileged user clears capability bits.
+echo "Test 1 - qa_user"
+setup_testfile
+commit_and_check "$qa_user"
+
+# Commit by root leaves capability bits.
+echo "Test 2 - root"
+setup_testfile
+commit_and_check
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/1219.out b/tests/generic/1219.out
new file mode 100755
index 0000000000..a925b4ec4f
--- /dev/null
+++ b/tests/generic/1219.out
@@ -0,0 +1,17 @@
+QA output created by 1219
+Test 1 - qa_user
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+666 -rw-rw-rw- SCRATCH_MNT/a
+SCRATCH_MNT/a cap_setgid,cap_setuid=ep
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+666 -rw-rw-rw- SCRATCH_MNT/a
+SCRATCH_MNT/a
+
+Test 2 - root
+310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
+666 -rw-rw-rw- SCRATCH_MNT/a
+SCRATCH_MNT/a cap_setgid,cap_setuid=ep
+3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
+666 -rw-rw-rw- SCRATCH_MNT/a
+SCRATCH_MNT/a
+
next prev parent reply other threads:[~2023-03-01 2:59 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-01 2:59 [PATCHSET v24.2 0/7] fstests: atomic file updates Darrick J. Wong
2023-03-01 2:59 ` [PATCH 1/7] xfs/122: fix for swapext log items Darrick J. Wong
2023-03-01 2:59 ` [PATCH 2/7] generic: test old xfs extent swapping ioctl Darrick J. Wong
2023-03-01 2:59 ` [PATCH 3/7] generic: test new vfs swapext ioctl Darrick J. Wong
2023-03-01 2:59 ` [PATCH 4/7] generic, xfs: test scatter-gather atomic file updates Darrick J. Wong
2023-03-01 2:59 ` Darrick J. Wong [this message]
2023-03-01 2:59 ` [PATCH 6/7] fsx: support FIEXCHANGE_RANGE Darrick J. Wong
2023-03-01 2:59 ` [PATCH 7/7] fsstress: update for FIEXCHANGE_RANGE Darrick J. Wong
2023-03-02 9:42 ` Zorro Lang
2023-03-02 15:36 ` Darrick J. Wong
-- strict thread matches above, loose matches on Subject: below --
2022-12-30 22:19 [PATCHSET v24.0 0/7] fstests: atomic file updates Darrick J. Wong
2022-12-30 22:19 ` [PATCH 5/7] generic: test that file privilege gets dropped with FIEXCHANGE_RANGE Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=167763957229.3796922.2048519729546749794.stgit@magnolia \
--to=djwong@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=guan@eryu.me \
--cc=linux-xfs@vger.kernel.org \
--cc=zlang@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.