[PATCHSET v2 0/2] fstests: new tests for kernel 5.18

[PATCHSET v2 0/2] fstests: new tests for kernel 5.18

[Darrick J. Wong]

Hi all,

Add new tests for bugfixes merged during 5.18.  Specifically, we now
check quota enforcement when linking and renaming into a directory
(merged), test that XFS reliably returns all errors captured by
xfs_sync_fs, and make sure that fallocate drops file privileges and
capabilities like any other file write would.

v2: move stuff around

If you're going to start using this mess, you probably ought to just
pull from my git trees, which are linked below.

This is an extraordinary way to destroy everything.  Enjoy!
Comments and questions are, as always, welcome.

--D

kernel git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=xfs-merge-5.18

fstests git tree:
https://git.kernel.org/cgit/linux/kernel/git/djwong/xfstests-dev.git/log/?h=xfs-merge-5.18
---
 tests/generic/834     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/834.out |   33 +++++++++++++
 tests/generic/835     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/835.out |   33 +++++++++++++
 tests/generic/836     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/836.out |   33 +++++++++++++
 tests/generic/837     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/837.out |   33 +++++++++++++
 tests/generic/838     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/838.out |   33 +++++++++++++
 tests/generic/839     |   77 ++++++++++++++++++++++++++++++
 tests/generic/839.out |   13 +++++
 tests/xfs/839         |   42 ++++++++++++++++
 tests/xfs/839.out     |    2 +
 14 files changed, 934 insertions(+)
 create mode 100755 tests/generic/834
 create mode 100644 tests/generic/834.out
 create mode 100755 tests/generic/835
 create mode 100644 tests/generic/835.out
 create mode 100755 tests/generic/836
 create mode 100644 tests/generic/836.out
 create mode 100755 tests/generic/837
 create mode 100644 tests/generic/837.out
 create mode 100755 tests/generic/838
 create mode 100644 tests/generic/838.out
 create mode 100755 tests/generic/839
 create mode 100755 tests/generic/839.out
 create mode 100755 tests/xfs/839
 create mode 100644 tests/xfs/839.out

[PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors

[Darrick J. Wong]

From: Darrick J. Wong <djwong@kernel.org>

This is a regression test to make sure that nonzero error returns from
a filesystem's ->sync_fs implementation are actually passed back to
userspace when the call stack involves syncfs(2).

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Zorro Lang <zlang@redhat.com>
---
 tests/xfs/839     |   42 ++++++++++++++++++++++++++++++++++++++++++
 tests/xfs/839.out |    2 ++
 2 files changed, 44 insertions(+)
 create mode 100755 tests/xfs/839
 create mode 100644 tests/xfs/839.out


diff --git a/tests/xfs/839 b/tests/xfs/839
new file mode 100755
index 00000000..9bfe93ef
--- /dev/null
+++ b/tests/xfs/839
@@ -0,0 +1,42 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 839
+#
+# Regression test for kernel commits:
+#
+# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs")
+# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs")
+#
+# During a code inspection, I noticed that sync_filesystem ignores the return
+# value of the ->sync_fs calls that it makes.  sync_filesystem, in turn is used
+# by the syncfs(2) syscall to persist filesystem changes to disk.  This means
+# that syncfs(2) does not capture internal filesystem errors that are neither
+# visible from the block device (e.g. media error) nor recorded in s_wb_err.
+# XFS historically returned 0 from ->sync_fs even if there were log failures,
+# so that had to be corrected as well.
+#
+# The kernel commits above fix this problem, so this test tries to trigger the
+# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the
+# hope that the EIO generated as a result of the filesystem being shut down is
+# only visible via ->sync_fs.
+#
+. ./common/preamble
+_begin_fstest auto quick shutdown
+
+# real QA test starts here
+
+# Modify as appropriate.
+_require_xfs_io_command syncfs
+_require_scratch_nocheck
+_require_scratch_shutdown
+
+# Reuse the fs formatted when we checked for the shutdown ioctl, and don't
+# bother checking the filesystem afterwards since we never wrote anything.
+_scratch_mount
+$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT
+
+# success, all done
+status=0
+exit
diff --git a/tests/xfs/839.out b/tests/xfs/839.out
new file mode 100644
index 00000000..f275cdcc
--- /dev/null
+++ b/tests/xfs/839.out
@@ -0,0 +1,2 @@
+QA output created by 839
+syncfs: Input/output error

[PATCH 2/2] generic: ensure we drop suid after fallocate

[Darrick J. Wong]

From: Darrick J. Wong <djwong@kernel.org>

fallocate changes file contents, so make sure that we drop privileges
and file capabilities after each fallocate operation.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
---
 tests/generic/834     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/834.out |   33 +++++++++++++
 tests/generic/835     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/835.out |   33 +++++++++++++
 tests/generic/836     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/836.out |   33 +++++++++++++
 tests/generic/837     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/837.out |   33 +++++++++++++
 tests/generic/838     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
 tests/generic/838.out |   33 +++++++++++++
 tests/generic/839     |   77 ++++++++++++++++++++++++++++++
 tests/generic/839.out |   13 +++++
 12 files changed, 890 insertions(+)
 create mode 100755 tests/generic/834
 create mode 100644 tests/generic/834.out
 create mode 100755 tests/generic/835
 create mode 100644 tests/generic/835.out
 create mode 100755 tests/generic/836
 create mode 100644 tests/generic/836.out
 create mode 100755 tests/generic/837
 create mode 100644 tests/generic/837.out
 create mode 100755 tests/generic/838
 create mode 100644 tests/generic/838.out
 create mode 100755 tests/generic/839
 create mode 100755 tests/generic/839.out


diff --git a/tests/generic/834 b/tests/generic/834
new file mode 100755
index 00000000..9b0ff7e5
--- /dev/null
+++ b/tests/generic/834
@@ -0,0 +1,127 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 834
+#
+# Functional test for dropping suid and sgid bits as part of a fallocate.
+#
+. ./common/preamble
+_begin_fstest auto clone quick
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	rm -r -f $tmp.* $junk_dir
+}
+
+# Import common functions.
+. ./common/filter
+. ./common/reflink
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_test
+verb=falloc
+_require_xfs_io_command $verb
+
+junk_dir=$TEST_DIR/$seq
+junk_file=$junk_dir/a
+mkdir -p $junk_dir/
+chmod a+rw $junk_dir/
+
+setup_testfile() {
+	rm -f $junk_file
+	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
+	sync
+}
+
+commit_and_check() {
+	local user="$1"
+	local command="$2"
+	local start="$3"
+	local end="$4"
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
+	if [ -n "$user" ]; then
+		su - "$user" -c "$cmd" >> $seqres.full
+	else
+		$SHELL -c "$cmd" >> $seqres.full
+	fi
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	# Blank line in output
+	echo
+}
+
+nr=0
+# Commit to a non-exec file by an unprivileged user clears suid but
+# leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a group-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a user-exec file by an unprivileged user clears suid but
+# not sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a all-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a non-exec file by root clears suid but leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a group-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a user-exec file by root clears suid but not sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a all-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/834.out b/tests/generic/834.out
new file mode 100644
index 00000000..2226eea6
--- /dev/null
+++ b/tests/generic/834.out
@@ -0,0 +1,33 @@
+QA output created by 834
+Test 1 - qa_user, non-exec file falloc
+6666 -rwSrwSrw- TEST_DIR/834/a
+666 -rw-rw-rw- TEST_DIR/834/a
+
+Test 2 - qa_user, group-exec file falloc
+6676 -rwSrwsrw- TEST_DIR/834/a
+676 -rw-rwxrw- TEST_DIR/834/a
+
+Test 3 - qa_user, user-exec file falloc
+6766 -rwsrwSrw- TEST_DIR/834/a
+766 -rwxrw-rw- TEST_DIR/834/a
+
+Test 4 - qa_user, all-exec file falloc
+6777 -rwsrwsrwx TEST_DIR/834/a
+777 -rwxrwxrwx TEST_DIR/834/a
+
+Test 5 - root, non-exec file falloc
+6666 -rwSrwSrw- TEST_DIR/834/a
+6666 -rwSrwSrw- TEST_DIR/834/a
+
+Test 6 - root, group-exec file falloc
+6676 -rwSrwsrw- TEST_DIR/834/a
+6676 -rwSrwsrw- TEST_DIR/834/a
+
+Test 7 - root, user-exec file falloc
+6766 -rwsrwSrw- TEST_DIR/834/a
+6766 -rwsrwSrw- TEST_DIR/834/a
+
+Test 8 - root, all-exec file falloc
+6777 -rwsrwsrwx TEST_DIR/834/a
+6777 -rwsrwsrwx TEST_DIR/834/a
+
diff --git a/tests/generic/835 b/tests/generic/835
new file mode 100755
index 00000000..0f67ce3b
--- /dev/null
+++ b/tests/generic/835
@@ -0,0 +1,127 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 835
+#
+# Functional test for dropping suid and sgid bits as part of a fpunch.
+#
+. ./common/preamble
+_begin_fstest auto clone quick
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	rm -r -f $tmp.* $junk_dir
+}
+
+# Import common functions.
+. ./common/filter
+. ./common/reflink
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_test
+verb=fpunch
+_require_xfs_io_command $verb
+
+junk_dir=$TEST_DIR/$seq
+junk_file=$junk_dir/a
+mkdir -p $junk_dir/
+chmod a+rw $junk_dir/
+
+setup_testfile() {
+	rm -f $junk_file
+	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
+	sync
+}
+
+commit_and_check() {
+	local user="$1"
+	local command="$2"
+	local start="$3"
+	local end="$4"
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
+	if [ -n "$user" ]; then
+		su - "$user" -c "$cmd" >> $seqres.full
+	else
+		$SHELL -c "$cmd" >> $seqres.full
+	fi
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	# Blank line in output
+	echo
+}
+
+nr=0
+# Commit to a non-exec file by an unprivileged user clears suid but
+# leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a group-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a user-exec file by an unprivileged user clears suid but
+# not sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a all-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a non-exec file by root clears suid but leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a group-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a user-exec file by root clears suid but not sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a all-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/835.out b/tests/generic/835.out
new file mode 100644
index 00000000..186d7da4
--- /dev/null
+++ b/tests/generic/835.out
@@ -0,0 +1,33 @@
+QA output created by 835
+Test 1 - qa_user, non-exec file fpunch
+6666 -rwSrwSrw- TEST_DIR/835/a
+666 -rw-rw-rw- TEST_DIR/835/a
+
+Test 2 - qa_user, group-exec file fpunch
+6676 -rwSrwsrw- TEST_DIR/835/a
+676 -rw-rwxrw- TEST_DIR/835/a
+
+Test 3 - qa_user, user-exec file fpunch
+6766 -rwsrwSrw- TEST_DIR/835/a
+766 -rwxrw-rw- TEST_DIR/835/a
+
+Test 4 - qa_user, all-exec file fpunch
+6777 -rwsrwsrwx TEST_DIR/835/a
+777 -rwxrwxrwx TEST_DIR/835/a
+
+Test 5 - root, non-exec file fpunch
+6666 -rwSrwSrw- TEST_DIR/835/a
+6666 -rwSrwSrw- TEST_DIR/835/a
+
+Test 6 - root, group-exec file fpunch
+6676 -rwSrwsrw- TEST_DIR/835/a
+6676 -rwSrwsrw- TEST_DIR/835/a
+
+Test 7 - root, user-exec file fpunch
+6766 -rwsrwSrw- TEST_DIR/835/a
+6766 -rwsrwSrw- TEST_DIR/835/a
+
+Test 8 - root, all-exec file fpunch
+6777 -rwsrwsrwx TEST_DIR/835/a
+6777 -rwsrwsrwx TEST_DIR/835/a
+
diff --git a/tests/generic/836 b/tests/generic/836
new file mode 100755
index 00000000..c470cb1e
--- /dev/null
+++ b/tests/generic/836
@@ -0,0 +1,127 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 836
+#
+# Functional test for dropping suid and sgid bits as part of a fzero.
+#
+. ./common/preamble
+_begin_fstest auto clone quick
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	rm -r -f $tmp.* $junk_dir
+}
+
+# Import common functions.
+. ./common/filter
+. ./common/reflink
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_test
+verb=fzero
+_require_xfs_io_command $verb
+
+junk_dir=$TEST_DIR/$seq
+junk_file=$junk_dir/a
+mkdir -p $junk_dir/
+chmod a+rw $junk_dir/
+
+setup_testfile() {
+	rm -f $junk_file
+	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
+	sync
+}
+
+commit_and_check() {
+	local user="$1"
+	local command="$2"
+	local start="$3"
+	local end="$4"
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
+	if [ -n "$user" ]; then
+		su - "$user" -c "$cmd" >> $seqres.full
+	else
+		$SHELL -c "$cmd" >> $seqres.full
+	fi
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	# Blank line in output
+	echo
+}
+
+nr=0
+# Commit to a non-exec file by an unprivileged user clears suid but
+# leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a group-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a user-exec file by an unprivileged user clears suid but
+# not sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a all-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a non-exec file by root clears suid but leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a group-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a user-exec file by root clears suid but not sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a all-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/836.out b/tests/generic/836.out
new file mode 100644
index 00000000..9f9f5f12
--- /dev/null
+++ b/tests/generic/836.out
@@ -0,0 +1,33 @@
+QA output created by 836
+Test 1 - qa_user, non-exec file fzero
+6666 -rwSrwSrw- TEST_DIR/836/a
+666 -rw-rw-rw- TEST_DIR/836/a
+
+Test 2 - qa_user, group-exec file fzero
+6676 -rwSrwsrw- TEST_DIR/836/a
+676 -rw-rwxrw- TEST_DIR/836/a
+
+Test 3 - qa_user, user-exec file fzero
+6766 -rwsrwSrw- TEST_DIR/836/a
+766 -rwxrw-rw- TEST_DIR/836/a
+
+Test 4 - qa_user, all-exec file fzero
+6777 -rwsrwsrwx TEST_DIR/836/a
+777 -rwxrwxrwx TEST_DIR/836/a
+
+Test 5 - root, non-exec file fzero
+6666 -rwSrwSrw- TEST_DIR/836/a
+6666 -rwSrwSrw- TEST_DIR/836/a
+
+Test 6 - root, group-exec file fzero
+6676 -rwSrwsrw- TEST_DIR/836/a
+6676 -rwSrwsrw- TEST_DIR/836/a
+
+Test 7 - root, user-exec file fzero
+6766 -rwsrwSrw- TEST_DIR/836/a
+6766 -rwsrwSrw- TEST_DIR/836/a
+
+Test 8 - root, all-exec file fzero
+6777 -rwsrwsrwx TEST_DIR/836/a
+6777 -rwsrwsrwx TEST_DIR/836/a
+
diff --git a/tests/generic/837 b/tests/generic/837
new file mode 100755
index 00000000..f9a49bb1
--- /dev/null
+++ b/tests/generic/837
@@ -0,0 +1,127 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 837
+#
+# Functional test for dropping suid and sgid bits as part of a finsert.
+#
+. ./common/preamble
+_begin_fstest auto clone quick
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	rm -r -f $tmp.* $junk_dir
+}
+
+# Import common functions.
+. ./common/filter
+. ./common/reflink
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_test
+verb=finsert
+_require_xfs_io_command $verb
+
+junk_dir=$TEST_DIR/$seq
+junk_file=$junk_dir/a
+mkdir -p $junk_dir/
+chmod a+rw $junk_dir/
+
+setup_testfile() {
+	rm -f $junk_file
+	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
+	sync
+}
+
+commit_and_check() {
+	local user="$1"
+	local command="$2"
+	local start="$3"
+	local end="$4"
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
+	if [ -n "$user" ]; then
+		su - "$user" -c "$cmd" >> $seqres.full
+	else
+		$SHELL -c "$cmd" >> $seqres.full
+	fi
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	# Blank line in output
+	echo
+}
+
+nr=0
+# Commit to a non-exec file by an unprivileged user clears suid but
+# leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a group-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a user-exec file by an unprivileged user clears suid but
+# not sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a all-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a non-exec file by root clears suid but leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a group-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a user-exec file by root clears suid but not sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a all-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/837.out b/tests/generic/837.out
new file mode 100644
index 00000000..686b806e
--- /dev/null
+++ b/tests/generic/837.out
@@ -0,0 +1,33 @@
+QA output created by 837
+Test 1 - qa_user, non-exec file finsert
+6666 -rwSrwSrw- TEST_DIR/837/a
+666 -rw-rw-rw- TEST_DIR/837/a
+
+Test 2 - qa_user, group-exec file finsert
+6676 -rwSrwsrw- TEST_DIR/837/a
+676 -rw-rwxrw- TEST_DIR/837/a
+
+Test 3 - qa_user, user-exec file finsert
+6766 -rwsrwSrw- TEST_DIR/837/a
+766 -rwxrw-rw- TEST_DIR/837/a
+
+Test 4 - qa_user, all-exec file finsert
+6777 -rwsrwsrwx TEST_DIR/837/a
+777 -rwxrwxrwx TEST_DIR/837/a
+
+Test 5 - root, non-exec file finsert
+6666 -rwSrwSrw- TEST_DIR/837/a
+6666 -rwSrwSrw- TEST_DIR/837/a
+
+Test 6 - root, group-exec file finsert
+6676 -rwSrwsrw- TEST_DIR/837/a
+6676 -rwSrwsrw- TEST_DIR/837/a
+
+Test 7 - root, user-exec file finsert
+6766 -rwsrwSrw- TEST_DIR/837/a
+6766 -rwsrwSrw- TEST_DIR/837/a
+
+Test 8 - root, all-exec file finsert
+6777 -rwsrwsrwx TEST_DIR/837/a
+6777 -rwsrwsrwx TEST_DIR/837/a
+
diff --git a/tests/generic/838 b/tests/generic/838
new file mode 100755
index 00000000..55838a8b
--- /dev/null
+++ b/tests/generic/838
@@ -0,0 +1,127 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 838
+#
+# Functional test for dropping suid and sgid bits as part of a fcollapse.
+#
+. ./common/preamble
+_begin_fstest auto clone quick
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	rm -r -f $tmp.* $junk_dir
+}
+
+# Import common functions.
+. ./common/filter
+. ./common/reflink
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_test
+verb=fcollapse
+_require_xfs_io_command $verb
+
+junk_dir=$TEST_DIR/$seq
+junk_file=$junk_dir/a
+mkdir -p $junk_dir/
+chmod a+rw $junk_dir/
+
+setup_testfile() {
+	rm -f $junk_file
+	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
+	sync
+}
+
+commit_and_check() {
+	local user="$1"
+	local command="$2"
+	local start="$3"
+	local end="$4"
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
+	if [ -n "$user" ]; then
+		su - "$user" -c "$cmd" >> $seqres.full
+	else
+		$SHELL -c "$cmd" >> $seqres.full
+	fi
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+
+	# Blank line in output
+	echo
+}
+
+nr=0
+# Commit to a non-exec file by an unprivileged user clears suid but
+# leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a group-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a user-exec file by an unprivileged user clears suid but
+# not sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a all-exec file by an unprivileged user clears suid and
+# sgid.
+nr=$((nr + 1))
+echo "Test $nr - qa_user, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "$qa_user" "$verb" 64k 64k
+
+# Commit to a non-exec file by root clears suid but leaves sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, non-exec file $verb"
+setup_testfile
+chmod a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a group-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, group-exec file $verb"
+setup_testfile
+chmod g+x,a+rws $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a user-exec file by root clears suid but not sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, user-exec file $verb"
+setup_testfile
+chmod u+x,a+rws,g-x $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# Commit to a all-exec file by root clears suid and sgid.
+nr=$((nr + 1))
+echo "Test $nr - root, all-exec file $verb"
+setup_testfile
+chmod a+rwxs $junk_file
+commit_and_check "" "$verb" 64k 64k
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/838.out b/tests/generic/838.out
new file mode 100644
index 00000000..cdc29f4b
--- /dev/null
+++ b/tests/generic/838.out
@@ -0,0 +1,33 @@
+QA output created by 838
+Test 1 - qa_user, non-exec file fcollapse
+6666 -rwSrwSrw- TEST_DIR/838/a
+666 -rw-rw-rw- TEST_DIR/838/a
+
+Test 2 - qa_user, group-exec file fcollapse
+6676 -rwSrwsrw- TEST_DIR/838/a
+676 -rw-rwxrw- TEST_DIR/838/a
+
+Test 3 - qa_user, user-exec file fcollapse
+6766 -rwsrwSrw- TEST_DIR/838/a
+766 -rwxrw-rw- TEST_DIR/838/a
+
+Test 4 - qa_user, all-exec file fcollapse
+6777 -rwsrwsrwx TEST_DIR/838/a
+777 -rwxrwxrwx TEST_DIR/838/a
+
+Test 5 - root, non-exec file fcollapse
+6666 -rwSrwSrw- TEST_DIR/838/a
+6666 -rwSrwSrw- TEST_DIR/838/a
+
+Test 6 - root, group-exec file fcollapse
+6676 -rwSrwsrw- TEST_DIR/838/a
+6676 -rwSrwsrw- TEST_DIR/838/a
+
+Test 7 - root, user-exec file fcollapse
+6766 -rwsrwSrw- TEST_DIR/838/a
+6766 -rwsrwSrw- TEST_DIR/838/a
+
+Test 8 - root, all-exec file fcollapse
+6777 -rwsrwsrwx TEST_DIR/838/a
+6777 -rwsrwsrwx TEST_DIR/838/a
+
diff --git a/tests/generic/839 b/tests/generic/839
new file mode 100755
index 00000000..14a94352
--- /dev/null
+++ b/tests/generic/839
@@ -0,0 +1,77 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 839
+#
+# Functional test for dropping capability bits as part of an fallocate.
+#
+. ./common/preamble
+_begin_fstest auto prealloc quick
+
+# Override the default cleanup function.
+_cleanup()
+{
+	cd /
+	rm -r -f $tmp.* $junk_dir
+}
+
+# Import common functions.
+. ./common/filter
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_require_user
+_require_command "$GETCAP_PROG" getcap
+_require_command "$SETCAP_PROG" setcap
+_require_xfs_io_command falloc
+_require_test
+
+junk_dir=$TEST_DIR/$seq
+junk_file=$junk_dir/a
+mkdir -p $junk_dir/
+chmod a+rw $junk_dir/
+
+setup_testfile() {
+	rm -f $junk_file
+	touch $junk_file
+	chmod a+rwx $junk_file
+	$SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file
+	sync
+}
+
+commit_and_check() {
+	local user="$1"
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+	_getcap -v $junk_file | _filter_test_dir
+
+	local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file"
+	if [ -n "$user" ]; then
+		su - "$user" -c "$cmd" >> $seqres.full
+	else
+		$SHELL -c "$cmd" >> $seqres.full
+	fi
+
+	stat -c '%a %A %n' $junk_file | _filter_test_dir
+	_getcap -v $junk_file | _filter_test_dir
+
+	# Blank line in output
+	echo
+}
+
+# Commit by an unprivileged user clears capability bits.
+echo "Test 1 - qa_user"
+setup_testfile
+commit_and_check "$qa_user"
+
+# Commit by root leaves capability bits.
+echo "Test 2 - root"
+setup_testfile
+commit_and_check
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/839.out b/tests/generic/839.out
new file mode 100755
index 00000000..f571cd26
--- /dev/null
+++ b/tests/generic/839.out
@@ -0,0 +1,13 @@
+QA output created by 839
+Test 1 - qa_user
+777 -rwxrwxrwx TEST_DIR/839/a
+TEST_DIR/839/a cap_setgid,cap_setuid=ep
+777 -rwxrwxrwx TEST_DIR/839/a
+TEST_DIR/839/a
+
+Test 2 - root
+777 -rwxrwxrwx TEST_DIR/839/a
+TEST_DIR/839/a cap_setgid,cap_setuid=ep
+777 -rwxrwxrwx TEST_DIR/839/a
+TEST_DIR/839/a
+

Re: [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors

[Amir Goldstein]

On Tue, Apr 19, 2022 at 8:32 PM Darrick J. Wong <djwong@kernel.org> wrote:
>
> From: Darrick J. Wong <djwong@kernel.org>
>
> This is a regression test to make sure that nonzero error returns from
> a filesystem's ->sync_fs implementation are actually passed back to
> userspace when the call stack involves syncfs(2).
>
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> Reviewed-by: Zorro Lang <zlang@redhat.com>
> ---
>  tests/xfs/839     |   42 ++++++++++++++++++++++++++++++++++++++++++
>  tests/xfs/839.out |    2 ++
>  2 files changed, 44 insertions(+)
>  create mode 100755 tests/xfs/839
>  create mode 100644 tests/xfs/839.out
>
>
> diff --git a/tests/xfs/839 b/tests/xfs/839
> new file mode 100755
> index 00000000..9bfe93ef
> --- /dev/null
> +++ b/tests/xfs/839
> @@ -0,0 +1,42 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 839
> +#
> +# Regression test for kernel commits:
> +#
> +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs")
> +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs")
> +#
> +# During a code inspection, I noticed that sync_filesystem ignores the return
> +# value of the ->sync_fs calls that it makes.  sync_filesystem, in turn is used
> +# by the syncfs(2) syscall to persist filesystem changes to disk.  This means
> +# that syncfs(2) does not capture internal filesystem errors that are neither
> +# visible from the block device (e.g. media error) nor recorded in s_wb_err.
> +# XFS historically returned 0 from ->sync_fs even if there were log failures,
> +# so that had to be corrected as well.
> +#
> +# The kernel commits above fix this problem, so this test tries to trigger the
> +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the
> +# hope that the EIO generated as a result of the filesystem being shut down is
> +# only visible via ->sync_fs.
> +#
> +. ./common/preamble
> +_begin_fstest auto quick shutdown
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_require_xfs_io_command syncfs
> +_require_scratch_nocheck
> +_require_scratch_shutdown
> +

From all the commotion around generic vs. xfs, you forgot:

_supported_fs xfs

Otherwise,

Reviewed-by: Amir Goldstein <amir73il@gmail.com>

Thanks,
Amir.

Re: [PATCH 2/2] generic: ensure we drop suid after fallocate

[Zorro Lang]

On Tue, Apr 19, 2022 at 10:32:21AM -0700, Darrick J. Wong wrote:
> From: Darrick J. Wong <djwong@kernel.org>
> 
> fallocate changes file contents, so make sure that we drop privileges
> and file capabilities after each fallocate operation.
> 
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> ---
>  tests/generic/834     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
>  tests/generic/834.out |   33 +++++++++++++
>  tests/generic/835     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
>  tests/generic/835.out |   33 +++++++++++++
>  tests/generic/836     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
>  tests/generic/836.out |   33 +++++++++++++
>  tests/generic/837     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
>  tests/generic/837.out |   33 +++++++++++++
>  tests/generic/838     |  127 +++++++++++++++++++++++++++++++++++++++++++++++++
>  tests/generic/838.out |   33 +++++++++++++
>  tests/generic/839     |   77 ++++++++++++++++++++++++++++++
>  tests/generic/839.out |   13 +++++
>  12 files changed, 890 insertions(+)
>  create mode 100755 tests/generic/834
>  create mode 100644 tests/generic/834.out
>  create mode 100755 tests/generic/835
>  create mode 100644 tests/generic/835.out
>  create mode 100755 tests/generic/836
>  create mode 100644 tests/generic/836.out
>  create mode 100755 tests/generic/837
>  create mode 100644 tests/generic/837.out
>  create mode 100755 tests/generic/838
>  create mode 100644 tests/generic/838.out
>  create mode 100755 tests/generic/839
>  create mode 100755 tests/generic/839.out
> 
> 
> diff --git a/tests/generic/834 b/tests/generic/834
> new file mode 100755
> index 00000000..9b0ff7e5
> --- /dev/null
> +++ b/tests/generic/834
> @@ -0,0 +1,127 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 834
> +#
> +# Functional test for dropping suid and sgid bits as part of a fallocate.
> +#
> +. ./common/preamble
> +_begin_fstest auto clone quick
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	rm -r -f $tmp.* $junk_dir
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +. ./common/reflink
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs generic

Thanks for you'd like to accept this change :) If someone fs clearly says
they never support this behavior, we can deal with them later. Or they can
use Amir's later patch to exclude themselves from this case testing clearly.

Reviewed-by: Zorro Lang <zlang@redhat.com>

> +_require_user
> +_require_test
> +verb=falloc
> +_require_xfs_io_command $verb
> +
> +junk_dir=$TEST_DIR/$seq
> +junk_file=$junk_dir/a
> +mkdir -p $junk_dir/
> +chmod a+rw $junk_dir/
> +
> +setup_testfile() {
> +	rm -f $junk_file
> +	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
> +	sync
> +}
> +
> +commit_and_check() {
> +	local user="$1"
> +	local command="$2"
> +	local start="$3"
> +	local end="$4"
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
> +	if [ -n "$user" ]; then
> +		su - "$user" -c "$cmd" >> $seqres.full
> +	else
> +		$SHELL -c "$cmd" >> $seqres.full
> +	fi
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	# Blank line in output
> +	echo
> +}
> +
> +nr=0
> +# Commit to a non-exec file by an unprivileged user clears suid but
> +# leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by an unprivileged user clears suid but
> +# not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a non-exec file by root clears suid but leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by root clears suid but not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/generic/834.out b/tests/generic/834.out
> new file mode 100644
> index 00000000..2226eea6
> --- /dev/null
> +++ b/tests/generic/834.out
> @@ -0,0 +1,33 @@
> +QA output created by 834
> +Test 1 - qa_user, non-exec file falloc
> +6666 -rwSrwSrw- TEST_DIR/834/a
> +666 -rw-rw-rw- TEST_DIR/834/a
> +
> +Test 2 - qa_user, group-exec file falloc
> +6676 -rwSrwsrw- TEST_DIR/834/a
> +676 -rw-rwxrw- TEST_DIR/834/a
> +
> +Test 3 - qa_user, user-exec file falloc
> +6766 -rwsrwSrw- TEST_DIR/834/a
> +766 -rwxrw-rw- TEST_DIR/834/a
> +
> +Test 4 - qa_user, all-exec file falloc
> +6777 -rwsrwsrwx TEST_DIR/834/a
> +777 -rwxrwxrwx TEST_DIR/834/a
> +
> +Test 5 - root, non-exec file falloc
> +6666 -rwSrwSrw- TEST_DIR/834/a
> +6666 -rwSrwSrw- TEST_DIR/834/a
> +
> +Test 6 - root, group-exec file falloc
> +6676 -rwSrwsrw- TEST_DIR/834/a
> +6676 -rwSrwsrw- TEST_DIR/834/a
> +
> +Test 7 - root, user-exec file falloc
> +6766 -rwsrwSrw- TEST_DIR/834/a
> +6766 -rwsrwSrw- TEST_DIR/834/a
> +
> +Test 8 - root, all-exec file falloc
> +6777 -rwsrwsrwx TEST_DIR/834/a
> +6777 -rwsrwsrwx TEST_DIR/834/a
> +
> diff --git a/tests/generic/835 b/tests/generic/835
> new file mode 100755
> index 00000000..0f67ce3b
> --- /dev/null
> +++ b/tests/generic/835
> @@ -0,0 +1,127 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 835
> +#
> +# Functional test for dropping suid and sgid bits as part of a fpunch.
> +#
> +. ./common/preamble
> +_begin_fstest auto clone quick
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	rm -r -f $tmp.* $junk_dir
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +. ./common/reflink
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs generic
> +_require_user
> +_require_test
> +verb=fpunch
> +_require_xfs_io_command $verb
> +
> +junk_dir=$TEST_DIR/$seq
> +junk_file=$junk_dir/a
> +mkdir -p $junk_dir/
> +chmod a+rw $junk_dir/
> +
> +setup_testfile() {
> +	rm -f $junk_file
> +	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
> +	sync
> +}
> +
> +commit_and_check() {
> +	local user="$1"
> +	local command="$2"
> +	local start="$3"
> +	local end="$4"
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
> +	if [ -n "$user" ]; then
> +		su - "$user" -c "$cmd" >> $seqres.full
> +	else
> +		$SHELL -c "$cmd" >> $seqres.full
> +	fi
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	# Blank line in output
> +	echo
> +}
> +
> +nr=0
> +# Commit to a non-exec file by an unprivileged user clears suid but
> +# leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by an unprivileged user clears suid but
> +# not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a non-exec file by root clears suid but leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by root clears suid but not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/generic/835.out b/tests/generic/835.out
> new file mode 100644
> index 00000000..186d7da4
> --- /dev/null
> +++ b/tests/generic/835.out
> @@ -0,0 +1,33 @@
> +QA output created by 835
> +Test 1 - qa_user, non-exec file fpunch
> +6666 -rwSrwSrw- TEST_DIR/835/a
> +666 -rw-rw-rw- TEST_DIR/835/a
> +
> +Test 2 - qa_user, group-exec file fpunch
> +6676 -rwSrwsrw- TEST_DIR/835/a
> +676 -rw-rwxrw- TEST_DIR/835/a
> +
> +Test 3 - qa_user, user-exec file fpunch
> +6766 -rwsrwSrw- TEST_DIR/835/a
> +766 -rwxrw-rw- TEST_DIR/835/a
> +
> +Test 4 - qa_user, all-exec file fpunch
> +6777 -rwsrwsrwx TEST_DIR/835/a
> +777 -rwxrwxrwx TEST_DIR/835/a
> +
> +Test 5 - root, non-exec file fpunch
> +6666 -rwSrwSrw- TEST_DIR/835/a
> +6666 -rwSrwSrw- TEST_DIR/835/a
> +
> +Test 6 - root, group-exec file fpunch
> +6676 -rwSrwsrw- TEST_DIR/835/a
> +6676 -rwSrwsrw- TEST_DIR/835/a
> +
> +Test 7 - root, user-exec file fpunch
> +6766 -rwsrwSrw- TEST_DIR/835/a
> +6766 -rwsrwSrw- TEST_DIR/835/a
> +
> +Test 8 - root, all-exec file fpunch
> +6777 -rwsrwsrwx TEST_DIR/835/a
> +6777 -rwsrwsrwx TEST_DIR/835/a
> +
> diff --git a/tests/generic/836 b/tests/generic/836
> new file mode 100755
> index 00000000..c470cb1e
> --- /dev/null
> +++ b/tests/generic/836
> @@ -0,0 +1,127 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 836
> +#
> +# Functional test for dropping suid and sgid bits as part of a fzero.
> +#
> +. ./common/preamble
> +_begin_fstest auto clone quick
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	rm -r -f $tmp.* $junk_dir
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +. ./common/reflink
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs generic
> +_require_user
> +_require_test
> +verb=fzero
> +_require_xfs_io_command $verb
> +
> +junk_dir=$TEST_DIR/$seq
> +junk_file=$junk_dir/a
> +mkdir -p $junk_dir/
> +chmod a+rw $junk_dir/
> +
> +setup_testfile() {
> +	rm -f $junk_file
> +	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
> +	sync
> +}
> +
> +commit_and_check() {
> +	local user="$1"
> +	local command="$2"
> +	local start="$3"
> +	local end="$4"
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
> +	if [ -n "$user" ]; then
> +		su - "$user" -c "$cmd" >> $seqres.full
> +	else
> +		$SHELL -c "$cmd" >> $seqres.full
> +	fi
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	# Blank line in output
> +	echo
> +}
> +
> +nr=0
> +# Commit to a non-exec file by an unprivileged user clears suid but
> +# leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by an unprivileged user clears suid but
> +# not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a non-exec file by root clears suid but leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by root clears suid but not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/generic/836.out b/tests/generic/836.out
> new file mode 100644
> index 00000000..9f9f5f12
> --- /dev/null
> +++ b/tests/generic/836.out
> @@ -0,0 +1,33 @@
> +QA output created by 836
> +Test 1 - qa_user, non-exec file fzero
> +6666 -rwSrwSrw- TEST_DIR/836/a
> +666 -rw-rw-rw- TEST_DIR/836/a
> +
> +Test 2 - qa_user, group-exec file fzero
> +6676 -rwSrwsrw- TEST_DIR/836/a
> +676 -rw-rwxrw- TEST_DIR/836/a
> +
> +Test 3 - qa_user, user-exec file fzero
> +6766 -rwsrwSrw- TEST_DIR/836/a
> +766 -rwxrw-rw- TEST_DIR/836/a
> +
> +Test 4 - qa_user, all-exec file fzero
> +6777 -rwsrwsrwx TEST_DIR/836/a
> +777 -rwxrwxrwx TEST_DIR/836/a
> +
> +Test 5 - root, non-exec file fzero
> +6666 -rwSrwSrw- TEST_DIR/836/a
> +6666 -rwSrwSrw- TEST_DIR/836/a
> +
> +Test 6 - root, group-exec file fzero
> +6676 -rwSrwsrw- TEST_DIR/836/a
> +6676 -rwSrwsrw- TEST_DIR/836/a
> +
> +Test 7 - root, user-exec file fzero
> +6766 -rwsrwSrw- TEST_DIR/836/a
> +6766 -rwsrwSrw- TEST_DIR/836/a
> +
> +Test 8 - root, all-exec file fzero
> +6777 -rwsrwsrwx TEST_DIR/836/a
> +6777 -rwsrwsrwx TEST_DIR/836/a
> +
> diff --git a/tests/generic/837 b/tests/generic/837
> new file mode 100755
> index 00000000..f9a49bb1
> --- /dev/null
> +++ b/tests/generic/837
> @@ -0,0 +1,127 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 837
> +#
> +# Functional test for dropping suid and sgid bits as part of a finsert.
> +#
> +. ./common/preamble
> +_begin_fstest auto clone quick
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	rm -r -f $tmp.* $junk_dir
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +. ./common/reflink
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs generic
> +_require_user
> +_require_test
> +verb=finsert
> +_require_xfs_io_command $verb
> +
> +junk_dir=$TEST_DIR/$seq
> +junk_file=$junk_dir/a
> +mkdir -p $junk_dir/
> +chmod a+rw $junk_dir/
> +
> +setup_testfile() {
> +	rm -f $junk_file
> +	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
> +	sync
> +}
> +
> +commit_and_check() {
> +	local user="$1"
> +	local command="$2"
> +	local start="$3"
> +	local end="$4"
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
> +	if [ -n "$user" ]; then
> +		su - "$user" -c "$cmd" >> $seqres.full
> +	else
> +		$SHELL -c "$cmd" >> $seqres.full
> +	fi
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	# Blank line in output
> +	echo
> +}
> +
> +nr=0
> +# Commit to a non-exec file by an unprivileged user clears suid but
> +# leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by an unprivileged user clears suid but
> +# not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a non-exec file by root clears suid but leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by root clears suid but not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/generic/837.out b/tests/generic/837.out
> new file mode 100644
> index 00000000..686b806e
> --- /dev/null
> +++ b/tests/generic/837.out
> @@ -0,0 +1,33 @@
> +QA output created by 837
> +Test 1 - qa_user, non-exec file finsert
> +6666 -rwSrwSrw- TEST_DIR/837/a
> +666 -rw-rw-rw- TEST_DIR/837/a
> +
> +Test 2 - qa_user, group-exec file finsert
> +6676 -rwSrwsrw- TEST_DIR/837/a
> +676 -rw-rwxrw- TEST_DIR/837/a
> +
> +Test 3 - qa_user, user-exec file finsert
> +6766 -rwsrwSrw- TEST_DIR/837/a
> +766 -rwxrw-rw- TEST_DIR/837/a
> +
> +Test 4 - qa_user, all-exec file finsert
> +6777 -rwsrwsrwx TEST_DIR/837/a
> +777 -rwxrwxrwx TEST_DIR/837/a
> +
> +Test 5 - root, non-exec file finsert
> +6666 -rwSrwSrw- TEST_DIR/837/a
> +6666 -rwSrwSrw- TEST_DIR/837/a
> +
> +Test 6 - root, group-exec file finsert
> +6676 -rwSrwsrw- TEST_DIR/837/a
> +6676 -rwSrwsrw- TEST_DIR/837/a
> +
> +Test 7 - root, user-exec file finsert
> +6766 -rwsrwSrw- TEST_DIR/837/a
> +6766 -rwsrwSrw- TEST_DIR/837/a
> +
> +Test 8 - root, all-exec file finsert
> +6777 -rwsrwsrwx TEST_DIR/837/a
> +6777 -rwsrwsrwx TEST_DIR/837/a
> +
> diff --git a/tests/generic/838 b/tests/generic/838
> new file mode 100755
> index 00000000..55838a8b
> --- /dev/null
> +++ b/tests/generic/838
> @@ -0,0 +1,127 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 838
> +#
> +# Functional test for dropping suid and sgid bits as part of a fcollapse.
> +#
> +. ./common/preamble
> +_begin_fstest auto clone quick
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	rm -r -f $tmp.* $junk_dir
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +. ./common/reflink
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs generic
> +_require_user
> +_require_test
> +verb=fcollapse
> +_require_xfs_io_command $verb
> +
> +junk_dir=$TEST_DIR/$seq
> +junk_file=$junk_dir/a
> +mkdir -p $junk_dir/
> +chmod a+rw $junk_dir/
> +
> +setup_testfile() {
> +	rm -f $junk_file
> +	_pwrite_byte 0x58 0 192k $junk_file >> $seqres.full
> +	sync
> +}
> +
> +commit_and_check() {
> +	local user="$1"
> +	local command="$2"
> +	local start="$3"
> +	local end="$4"
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file"
> +	if [ -n "$user" ]; then
> +		su - "$user" -c "$cmd" >> $seqres.full
> +	else
> +		$SHELL -c "$cmd" >> $seqres.full
> +	fi
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +
> +	# Blank line in output
> +	echo
> +}
> +
> +nr=0
> +# Commit to a non-exec file by an unprivileged user clears suid but
> +# leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by an unprivileged user clears suid but
> +# not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by an unprivileged user clears suid and
> +# sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - qa_user, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "$qa_user" "$verb" 64k 64k
> +
> +# Commit to a non-exec file by root clears suid but leaves sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, non-exec file $verb"
> +setup_testfile
> +chmod a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a group-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, group-exec file $verb"
> +setup_testfile
> +chmod g+x,a+rws $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a user-exec file by root clears suid but not sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, user-exec file $verb"
> +setup_testfile
> +chmod u+x,a+rws,g-x $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# Commit to a all-exec file by root clears suid and sgid.
> +nr=$((nr + 1))
> +echo "Test $nr - root, all-exec file $verb"
> +setup_testfile
> +chmod a+rwxs $junk_file
> +commit_and_check "" "$verb" 64k 64k
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/generic/838.out b/tests/generic/838.out
> new file mode 100644
> index 00000000..cdc29f4b
> --- /dev/null
> +++ b/tests/generic/838.out
> @@ -0,0 +1,33 @@
> +QA output created by 838
> +Test 1 - qa_user, non-exec file fcollapse
> +6666 -rwSrwSrw- TEST_DIR/838/a
> +666 -rw-rw-rw- TEST_DIR/838/a
> +
> +Test 2 - qa_user, group-exec file fcollapse
> +6676 -rwSrwsrw- TEST_DIR/838/a
> +676 -rw-rwxrw- TEST_DIR/838/a
> +
> +Test 3 - qa_user, user-exec file fcollapse
> +6766 -rwsrwSrw- TEST_DIR/838/a
> +766 -rwxrw-rw- TEST_DIR/838/a
> +
> +Test 4 - qa_user, all-exec file fcollapse
> +6777 -rwsrwsrwx TEST_DIR/838/a
> +777 -rwxrwxrwx TEST_DIR/838/a
> +
> +Test 5 - root, non-exec file fcollapse
> +6666 -rwSrwSrw- TEST_DIR/838/a
> +6666 -rwSrwSrw- TEST_DIR/838/a
> +
> +Test 6 - root, group-exec file fcollapse
> +6676 -rwSrwsrw- TEST_DIR/838/a
> +6676 -rwSrwsrw- TEST_DIR/838/a
> +
> +Test 7 - root, user-exec file fcollapse
> +6766 -rwsrwSrw- TEST_DIR/838/a
> +6766 -rwsrwSrw- TEST_DIR/838/a
> +
> +Test 8 - root, all-exec file fcollapse
> +6777 -rwsrwsrwx TEST_DIR/838/a
> +6777 -rwsrwsrwx TEST_DIR/838/a
> +
> diff --git a/tests/generic/839 b/tests/generic/839
> new file mode 100755
> index 00000000..14a94352
> --- /dev/null
> +++ b/tests/generic/839
> @@ -0,0 +1,77 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 839
> +#
> +# Functional test for dropping capability bits as part of an fallocate.
> +#
> +. ./common/preamble
> +_begin_fstest auto prealloc quick
> +
> +# Override the default cleanup function.
> +_cleanup()
> +{
> +	cd /
> +	rm -r -f $tmp.* $junk_dir
> +}
> +
> +# Import common functions.
> +. ./common/filter
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs generic
> +_require_user
> +_require_command "$GETCAP_PROG" getcap
> +_require_command "$SETCAP_PROG" setcap
> +_require_xfs_io_command falloc
> +_require_test
> +
> +junk_dir=$TEST_DIR/$seq
> +junk_file=$junk_dir/a
> +mkdir -p $junk_dir/
> +chmod a+rw $junk_dir/
> +
> +setup_testfile() {
> +	rm -f $junk_file
> +	touch $junk_file
> +	chmod a+rwx $junk_file
> +	$SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file
> +	sync
> +}
> +
> +commit_and_check() {
> +	local user="$1"
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +	_getcap -v $junk_file | _filter_test_dir
> +
> +	local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file"
> +	if [ -n "$user" ]; then
> +		su - "$user" -c "$cmd" >> $seqres.full
> +	else
> +		$SHELL -c "$cmd" >> $seqres.full
> +	fi
> +
> +	stat -c '%a %A %n' $junk_file | _filter_test_dir
> +	_getcap -v $junk_file | _filter_test_dir
> +
> +	# Blank line in output
> +	echo
> +}
> +
> +# Commit by an unprivileged user clears capability bits.
> +echo "Test 1 - qa_user"
> +setup_testfile
> +commit_and_check "$qa_user"
> +
> +# Commit by root leaves capability bits.
> +echo "Test 2 - root"
> +setup_testfile
> +commit_and_check
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/generic/839.out b/tests/generic/839.out
> new file mode 100755
> index 00000000..f571cd26
> --- /dev/null
> +++ b/tests/generic/839.out
> @@ -0,0 +1,13 @@
> +QA output created by 839
> +Test 1 - qa_user
> +777 -rwxrwxrwx TEST_DIR/839/a
> +TEST_DIR/839/a cap_setgid,cap_setuid=ep
> +777 -rwxrwxrwx TEST_DIR/839/a
> +TEST_DIR/839/a
> +
> +Test 2 - root
> +777 -rwxrwxrwx TEST_DIR/839/a
> +TEST_DIR/839/a cap_setgid,cap_setuid=ep
> +777 -rwxrwxrwx TEST_DIR/839/a
> +TEST_DIR/839/a
> +
> 

Re: [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors

[Zorro Lang]

On Tue, Apr 19, 2022 at 10:32:15AM -0700, Darrick J. Wong wrote:
> From: Darrick J. Wong <djwong@kernel.org>
> 
> This is a regression test to make sure that nonzero error returns from
> a filesystem's ->sync_fs implementation are actually passed back to
> userspace when the call stack involves syncfs(2).
> 
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> Reviewed-by: Zorro Lang <zlang@redhat.com>
> ---
>  tests/xfs/839     |   42 ++++++++++++++++++++++++++++++++++++++++++
>  tests/xfs/839.out |    2 ++
>  2 files changed, 44 insertions(+)
>  create mode 100755 tests/xfs/839
>  create mode 100644 tests/xfs/839.out
> 
> 
> diff --git a/tests/xfs/839 b/tests/xfs/839
> new file mode 100755
> index 00000000..9bfe93ef
> --- /dev/null
> +++ b/tests/xfs/839
> @@ -0,0 +1,42 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 839
> +#
> +# Regression test for kernel commits:
> +#
> +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs")
> +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs")
> +#
> +# During a code inspection, I noticed that sync_filesystem ignores the return
> +# value of the ->sync_fs calls that it makes.  sync_filesystem, in turn is used
> +# by the syncfs(2) syscall to persist filesystem changes to disk.  This means
> +# that syncfs(2) does not capture internal filesystem errors that are neither
> +# visible from the block device (e.g. media error) nor recorded in s_wb_err.
> +# XFS historically returned 0 from ->sync_fs even if there were log failures,
> +# so that had to be corrected as well.
> +#
> +# The kernel commits above fix this problem, so this test tries to trigger the
> +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the
> +# hope that the EIO generated as a result of the filesystem being shut down is
> +# only visible via ->sync_fs.
> +#
> +. ./common/preamble
> +_begin_fstest auto quick shutdown
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.

Good to me, we can help to add the missing "_supported_fs xfs", if you don't
like to send a new version for that again.

Reviewed-by: Zorro Lang <zlang@redhat.com>

> +_require_xfs_io_command syncfs
> +_require_scratch_nocheck
> +_require_scratch_shutdown
> +
> +# Reuse the fs formatted when we checked for the shutdown ioctl, and don't
> +# bother checking the filesystem afterwards since we never wrote anything.
> +_scratch_mount
> +$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/xfs/839.out b/tests/xfs/839.out
> new file mode 100644
> index 00000000..f275cdcc
> --- /dev/null
> +++ b/tests/xfs/839.out
> @@ -0,0 +1,2 @@
> +QA output created by 839
> +syncfs: Input/output error
> 

Re: [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors

[Darrick J. Wong]

[adding tytso for the ext4 question]

On Wed, Mar 23, 2022 at 10:44:32AM +0800, Zorro Lang wrote:
> On Tue, Mar 15, 2022 at 08:30:35PM -0700, Darrick J. Wong wrote:
> > From: Darrick J. Wong <djwong@kernel.org>
> > 
> > This is a regression test to make sure that nonzero error returns from
> > a filesystem's ->sync_fs implementation are actually passed back to
> > userspace when the call stack involves syncfs(2).
> > 
> > Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> > ---
> >  tests/xfs/839     |   42 ++++++++++++++++++++++++++++++++++++++++++
> >  tests/xfs/839.out |    2 ++
> >  2 files changed, 44 insertions(+)
> >  create mode 100755 tests/xfs/839
> >  create mode 100644 tests/xfs/839.out
> > 
> > 
> > diff --git a/tests/xfs/839 b/tests/xfs/839
> > new file mode 100755
> > index 00000000..9bfe93ef
> > --- /dev/null
> > +++ b/tests/xfs/839
> > @@ -0,0 +1,42 @@
> > +#! /bin/bash
> > +# SPDX-License-Identifier: GPL-2.0
> > +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> > +#
> > +# FS QA Test No. 839
> > +#
> > +# Regression test for kernel commits:
> > +#
> > +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs")
> > +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs")
> > +#
> > +# During a code inspection, I noticed that sync_filesystem ignores the return
> > +# value of the ->sync_fs calls that it makes.  sync_filesystem, in turn is used
> > +# by the syncfs(2) syscall to persist filesystem changes to disk.  This means
> > +# that syncfs(2) does not capture internal filesystem errors that are neither
> > +# visible from the block device (e.g. media error) nor recorded in s_wb_err.
> > +# XFS historically returned 0 from ->sync_fs even if there were log failures,
> > +# so that had to be corrected as well.
> > +#
> > +# The kernel commits above fix this problem, so this test tries to trigger the
> > +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the
> > +# hope that the EIO generated as a result of the filesystem being shut down is
> > +# only visible via ->sync_fs.
> > +#
> > +. ./common/preamble
> > +_begin_fstest auto quick shutdown
> > +
> > +# real QA test starts here
> > +
> > +# Modify as appropriate.
> > +_require_xfs_io_command syncfs
> > +_require_scratch_nocheck
> > +_require_scratch_shutdown
> 
> Can this case be a generic case, with the help of _require_scratch_shutdown
> and _require_xfs_io_command?

I'm not sure.  Of the three filesystems that both have a ->sync_fs
function and implement FS_IOC_SHUTDOWN, xfs and f2fs look like they
passes errors like they should.

ext4 is another story -- curiously, if the fs is shut down, it'll return
0 and it doesn't check the return value of dquot_writeback_dquots.  I
don't remember enough of ext to know if that's deliberate or merely an
age-old artifact of the Bad Old Days when that whole code path didn't
care about errors.

--D

> Thanks,
> Zorro
> 
> > +
> > +# Reuse the fs formatted when we checked for the shutdown ioctl, and don't
> > +# bother checking the filesystem afterwards since we never wrote anything.
> > +_scratch_mount
> > +$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT
> > +
> > +# success, all done
> > +status=0
> > +exit
> > diff --git a/tests/xfs/839.out b/tests/xfs/839.out
> > new file mode 100644
> > index 00000000..f275cdcc
> > --- /dev/null
> > +++ b/tests/xfs/839.out
> > @@ -0,0 +1,2 @@
> > +QA output created by 839
> > +syncfs: Input/output error
> > 
> 

Re: [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors

[Zorro Lang]

On Tue, Mar 15, 2022 at 08:30:35PM -0700, Darrick J. Wong wrote:
> From: Darrick J. Wong <djwong@kernel.org>
> 
> This is a regression test to make sure that nonzero error returns from
> a filesystem's ->sync_fs implementation are actually passed back to
> userspace when the call stack involves syncfs(2).
> 
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
> ---
>  tests/xfs/839     |   42 ++++++++++++++++++++++++++++++++++++++++++
>  tests/xfs/839.out |    2 ++
>  2 files changed, 44 insertions(+)
>  create mode 100755 tests/xfs/839
>  create mode 100644 tests/xfs/839.out
> 
> 
> diff --git a/tests/xfs/839 b/tests/xfs/839
> new file mode 100755
> index 00000000..9bfe93ef
> --- /dev/null
> +++ b/tests/xfs/839
> @@ -0,0 +1,42 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 Oracle.  All Rights Reserved.
> +#
> +# FS QA Test No. 839
> +#
> +# Regression test for kernel commits:
> +#
> +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs")
> +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs")
> +#
> +# During a code inspection, I noticed that sync_filesystem ignores the return
> +# value of the ->sync_fs calls that it makes.  sync_filesystem, in turn is used
> +# by the syncfs(2) syscall to persist filesystem changes to disk.  This means
> +# that syncfs(2) does not capture internal filesystem errors that are neither
> +# visible from the block device (e.g. media error) nor recorded in s_wb_err.
> +# XFS historically returned 0 from ->sync_fs even if there were log failures,
> +# so that had to be corrected as well.
> +#
> +# The kernel commits above fix this problem, so this test tries to trigger the
> +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the
> +# hope that the EIO generated as a result of the filesystem being shut down is
> +# only visible via ->sync_fs.
> +#
> +. ./common/preamble
> +_begin_fstest auto quick shutdown
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_require_xfs_io_command syncfs
> +_require_scratch_nocheck
> +_require_scratch_shutdown

Can this case be a generic case, with the help of _require_scratch_shutdown
and _require_xfs_io_command?

Thanks,
Zorro

> +
> +# Reuse the fs formatted when we checked for the shutdown ioctl, and don't
> +# bother checking the filesystem afterwards since we never wrote anything.
> +_scratch_mount
> +$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/xfs/839.out b/tests/xfs/839.out
> new file mode 100644
> index 00000000..f275cdcc
> --- /dev/null
> +++ b/tests/xfs/839.out
> @@ -0,0 +1,2 @@
> +QA output created by 839
> +syncfs: Input/output error
> 

[PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors

[Darrick J. Wong]

From: Darrick J. Wong <djwong@kernel.org>

This is a regression test to make sure that nonzero error returns from
a filesystem's ->sync_fs implementation are actually passed back to
userspace when the call stack involves syncfs(2).

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
---
 tests/xfs/839     |   42 ++++++++++++++++++++++++++++++++++++++++++
 tests/xfs/839.out |    2 ++
 2 files changed, 44 insertions(+)
 create mode 100755 tests/xfs/839
 create mode 100644 tests/xfs/839.out


diff --git a/tests/xfs/839 b/tests/xfs/839
new file mode 100755
index 00000000..9bfe93ef
--- /dev/null
+++ b/tests/xfs/839
@@ -0,0 +1,42 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 Oracle.  All Rights Reserved.
+#
+# FS QA Test No. 839
+#
+# Regression test for kernel commits:
+#
+# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs")
+# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs")
+#
+# During a code inspection, I noticed that sync_filesystem ignores the return
+# value of the ->sync_fs calls that it makes.  sync_filesystem, in turn is used
+# by the syncfs(2) syscall to persist filesystem changes to disk.  This means
+# that syncfs(2) does not capture internal filesystem errors that are neither
+# visible from the block device (e.g. media error) nor recorded in s_wb_err.
+# XFS historically returned 0 from ->sync_fs even if there were log failures,
+# so that had to be corrected as well.
+#
+# The kernel commits above fix this problem, so this test tries to trigger the
+# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the
+# hope that the EIO generated as a result of the filesystem being shut down is
+# only visible via ->sync_fs.
+#
+. ./common/preamble
+_begin_fstest auto quick shutdown
+
+# real QA test starts here
+
+# Modify as appropriate.
+_require_xfs_io_command syncfs
+_require_scratch_nocheck
+_require_scratch_shutdown
+
+# Reuse the fs formatted when we checked for the shutdown ioctl, and don't
+# bother checking the filesystem afterwards since we never wrote anything.
+_scratch_mount
+$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT
+
+# success, all done
+status=0
+exit
diff --git a/tests/xfs/839.out b/tests/xfs/839.out
new file mode 100644
index 00000000..f275cdcc
--- /dev/null
+++ b/tests/xfs/839.out
@@ -0,0 +1,2 @@
+QA output created by 839
+syncfs: Input/output error