From: Richard Wareing <rwareing@fb.com>
To: fstests@vger.kernel.org
Cc: linux-xfs@vger.kernel.org
Subject: [PATCH v4] xfs: Add test for CVE-2017-14340
Date: Thu, 21 Sep 2017 12:34:58 -0700 [thread overview]
Message-ID: <20170921193458.694078-1-rwareing@fb.com> (raw)
Verify kernel doesn't panic when user attempts to set realtime flags
on non-realtime FS, using kernel compiled with CONFIG_XFS_RT. Unpatched
kernels will panic during this test. Kernels not compiled with
CONFIG_XFS_RT should pass test.
This bug was fixed via commit b31ff3cdf540110da4572e3e29bd172087af65cc
on the main kernel tree.
Signed-off-by: Richard Wareing <rwareing@fb.com>
---
Changes since v3:
* Tabs not spaces
* Test added to auto group
* _filter_xfs_io filter only
* Removed _require_test
Changes since v2:
* Added to dangerous group
Changes since v1:
* Corrected copyright text
tests/xfs/431 | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
tests/xfs/431.out | 3 ++
tests/xfs/group | 1 +
3 files changed, 87 insertions(+)
create mode 100755 tests/xfs/431
create mode 100644 tests/xfs/431.out
diff --git a/tests/xfs/431 b/tests/xfs/431
new file mode 100755
index 0000000..1d8df1c
--- /dev/null
+++ b/tests/xfs/431
@@ -0,0 +1,83 @@
+#! /bin/bash
+# FS QA Test 431
+#
+# Verify kernel doesn't panic when user attempts to set realtime flags
+# on non-realtime FS, using kernel compiled with CONFIG_XFS_RT. Unpatched
+# kernels will panic during this test. Kernels not compiled with
+# CONFIG_XFS_RT should pass test.
+#
+# See CVE-2017-14340 for more information.
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2017 Facebook, Inc. All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#-----------------------------------------------------------------------
+#
+
+seq=`basename $0`
+seqres=$RESULT_DIR/$seq
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+status=1 # failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+ cd /
+ rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common/rc
+. ./common/filter
+
+# remove previous $seqres.full before test
+rm -f $seqres.full
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs xfs
+_supported_os Linux
+_require_xfs_io_command "chattr"
+_require_xfs_io_command "fsync"
+_require_xfs_io_command "pwrite"
+_require_scratch
+
+_scratch_mkfs >/dev/null 2>&1
+_scratch_mount
+
+# Set realtime inherit flag on scratch mount, suppress output
+# as this may simply error out on future kernels, we will check
+# exit code instead.
+$XFS_IO_PROG -c 'chattr +t' $SCRATCH_MNT &> /dev/null
+
+# Erroring out here is fine, this would be desired behavior for
+# FSes without realtime devices present.
+if [ $? -eq 0 ]; then
+ # Attempt to write/fsync data to file
+ $XFS_IO_PROG -fc 'pwrite 0 1m' -c fsync $SCRATCH_MNT/testfile |
+ tee -a $seqres.full | _filter_xfs_io
+
+ # Remove the rt inherit flag after we are done or xfs_repair
+ # will fail.
+ $XFS_IO_PROG -c 'chattr -t' $SCRATCH_MNT | tee -a $seqres.full 2>&1
+fi
+
+# success, all done
+status=0
+exit
diff --git a/tests/xfs/431.out b/tests/xfs/431.out
new file mode 100644
index 0000000..8c14f11
--- /dev/null
+++ b/tests/xfs/431.out
@@ -0,0 +1,3 @@
+QA output created by 431
+wrote 1048576/1048576 bytes at offset 0
+XXX Bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
diff --git a/tests/xfs/group b/tests/xfs/group
index 0a449b9..1765559 100644
--- a/tests/xfs/group
+++ b/tests/xfs/group
@@ -427,3 +427,4 @@
428 dangerous_fuzzers dangerous_scrub dangerous_online_repair
429 dangerous_fuzzers dangerous_scrub dangerous_repair
430 dangerous_fuzzers dangerous_scrub dangerous_online_repair
+431 auto quick dangerous
--
2.9.5
next reply other threads:[~2017-09-21 19:35 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-21 19:34 Richard Wareing [this message]
2017-09-21 19:53 ` [PATCH v4] xfs: Add test for CVE-2017-14340 Darrick J. Wong
2017-09-21 21:02 ` Richard Wareing
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170921193458.694078-1-rwareing@fb.com \
--to=rwareing@fb.com \
--cc=fstests@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.