From patchwork Wed Jul 11 21:03:36 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alistair Strachan <astrachan@google.com>
X-Patchwork-Id: 942706
X-Patchwork-Delegate: petr.vorel@gmail.com
Return-Path: <ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=lists.linux.it
	(client-ip=2001:1418:10:5::2; helo=picard.linux.it;
	envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=reject dis=none)
	header.from=google.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=google.com header.i=@google.com
	header.b="WiahBSy2"; dkim-atps=neutral
Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 41Qs4N1Lpkz9ryt
	for <incoming@patchwork.ozlabs.org>;
	Thu, 12 Jul 2018 07:03:46 +1000 (AEST)
Received: from picard.linux.it (localhost [IPv6:::1])
	by picard.linux.it (Postfix) with ESMTP id BE0D83E6E60
	for <incoming@patchwork.ozlabs.org>;
	Wed, 11 Jul 2018 23:03:42 +0200 (CEST)
X-Original-To: ltp@lists.linux.it
Delivered-To: ltp@picard.linux.it
Received: from in-2.smtp.seeweb.it (in-2.smtp.seeweb.it [217.194.8.2])
	by picard.linux.it (Postfix) with ESMTP id E5D6F3E6CB2
	for <ltp@lists.linux.it>; Wed, 11 Jul 2018 23:03:41 +0200 (CEST)
Received: from mail-yb0-x24a.google.com (mail-yb0-x24a.google.com
	[IPv6:2607:f8b0:4002:c09::24a])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	by in-2.smtp.seeweb.it (Postfix) with ESMTPS id 264E16019D5
	for <ltp@lists.linux.it>; Wed, 11 Jul 2018 23:03:41 +0200 (CEST)
Received: by mail-yb0-x24a.google.com with SMTP id x14-v6so26215232ybj.9
	for <ltp@lists.linux.it>; Wed, 11 Jul 2018 14:03:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=20161025;
	h=mime-version:date:in-reply-to:message-id:references:subject:from:to
	:cc; bh=rmvfHJKg2zUOSkUBWNONPJP3x681B523RH7xHzSdJsQ=;
	b=WiahBSy2rLRmciKi9pOT8hECpJ+riLfID984RAQfXZx6PyDGY+gSRDz9hKKcDwVWyG
	KIxqpLAcBzerDYuxnn0aH+3MIDA2V8t9KDlsPHK1BJ7No21HxjE7bgi5jaA4lUPnNs01
	525QJ9R1DQC2cuwqg6GMYzLzHWXOSyIgf28UtlSnatnYIeRAPa+ksfYL3JfvnqPXnszS
	0//XV+yVSE7Z/rWOv7JL24kPFSJYHOsu42bcM+OfPmjye08o6UNf1dFelG34itkzlhJ4
	R34bt7sBi8BmjPqkzvLiZuH+Mto1zB1gKaTz6czwG2pqqQOPbzbVi7bgEsrxFgrv32p/
	qAug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:date:in-reply-to:message-id
	:references:subject:from:to:cc;
	bh=rmvfHJKg2zUOSkUBWNONPJP3x681B523RH7xHzSdJsQ=;
	b=KTMrRVWPuHb4ncJ2jTMKfNQogcEPz/s/RWX703y0on25GWonIYP7u5whGYkSnXFVMv
	NDvinuhfTLbvQ9iC2W1dXLsvK2MnVgFa2E72h9Z4UCkG3PVhpAOSYcP3o3wOzRh2Y8wS
	/wMGICS/xH01MiX4sep7s4xdI4DxKVKDWnIR9OMhmWedyHaO9QP34kE+6HtHvxeF77ya
	trXafogRh0wmWcOUupRkgzo5hRWsdmuj4VgEkp+9bpD2mKoCpoRnoJhN5xVlUqUAKHMh
	Gp+/L2T2/XNVQ21HtfcYe5IoYVrzp1fRgrPaYjPejP4bkGqmmyvLiiz5rHwd4JVKbplw
	PTIg==
X-Gm-Message-State: AOUpUlHHB36IcJMORJBinhyCrdai6sMS5iVXwKerOhzcxoayfJR/IKp4
	t8vdReFK7cNLkBsz5I/Z6cNrZMeNWyWQXCZDNQ0miHWKVnKrk6ZN7Th69EIL47Dn9LSmpbCbViZ
	uhnEsxVbld9cSrbVhMTY9OSgRRysT6bUe09zRawg85yEsvvBTxaqTqAOI+lDnLl3y
X-Google-Smtp-Source: 
 AAOMgpe1Cy9nBgEiewVqGxca+GskpncSq+ndlPDbUiTr/dzBqXjWESPajQGrXSqgJ/gtKeuwr8qZ9gwK26M3oes=
MIME-Version: 1.0
X-Received: by 2002:a81:2bc1:: with SMTP id
	r184-v6mr100559ywr.24.1531343019838;
	Wed, 11 Jul 2018 14:03:39 -0700 (PDT)
Date: Wed, 11 Jul 2018 14:03:36 -0700
In-Reply-To: <93480014.31836255.1531299278505.JavaMail.zimbra@redhat.com>
Message-Id: <20180711210336.186949-1-astrachan@google.com>
References: <93480014.31836255.1531299278505.JavaMail.zimbra@redhat.com>
X-Mailer: git-send-email 2.18.0.203.gfac676dfb9-goog
From: Alistair Strachan <astrachan@google.com>
To: ltp@lists.linux.it
X-Virus-Scanned: clamav-milter 0.99.2 at in-2.smtp.seeweb.it
X-Virus-Status: Clean
X-Spam-Status: No, score=-7.4 required=7.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU, SPF_PASS,
	USER_IN_DEF_DKIM_WL autolearn=disabled version=3.4.0
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	in-2.smtp.seeweb.it
Cc: kernel-team@android.com
Subject: [LTP] [PATCH] filecaps: Respect TMPDIR environment variable
X-BeenThere: ltp@lists.linux.it
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Linux Test Project <ltp.lists.linux.it>
List-Unsubscribe: <https://lists.linux.it/options/ltp>,
	<mailto:ltp-request@lists.linux.it?subject=unsubscribe>
List-Archive: <http://lists.linux.it/pipermail/ltp/>
List-Post: <mailto:ltp@lists.linux.it>
List-Help: <mailto:ltp-request@lists.linux.it?subject=help>
List-Subscribe: <https://lists.linux.it/listinfo/ltp>,
	<mailto:ltp-request@lists.linux.it?subject=subscribe>
Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it
Sender: "ltp" <ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>

The filecapstest.sh wrapper script already allowed the /tmp directory to
be overridden with the TMP environment variable, however doing so had
no effect on verify_caps_exec because it created its own version of this
fifo at a hardcoded location under /tmp.

Change the wrapper script to check for TMPDIR instead of TMP, to match
the value exported by runltp. Export FIFOFILE, to be used by the test
binaries invoked by the script.

Change the print_caps and verify_caps_exec to read FIFOFILE from the
environment (if it exists). Otherwise, TMPDIR will be read from the
environment and used to construct the path to the caps_fifo file.

Signed-off-by: Alistair Strachan <astrachan@google.com>
---
 .../kernel/security/filecaps/filecapstest.sh  |  5 ++-
 .../kernel/security/filecaps/print_caps.c     | 29 +++++++++++++++--
 .../security/filecaps/verify_caps_exec.c      | 32 ++++++++++++++++---
 3 files changed, 56 insertions(+), 10 deletions(-)

diff --git a/testcases/kernel/security/filecaps/filecapstest.sh b/testcases/kernel/security/filecaps/filecapstest.sh
index 213b095bb..9bb5702df 100755
--- a/testcases/kernel/security/filecaps/filecapstest.sh
+++ b/testcases/kernel/security/filecaps/filecapstest.sh
@@ -22,9 +22,8 @@
 echo "Running in:"
 #rm -f print_caps
 #cp $LTPROOT/testcases/bin/print_caps .
-#FIFOFILE="$LTPROOT/testcases/bin/caps_fifo"
-TMP=${TMP:=/tmp}
-FIFOFILE="$TMP/caps_fifo"
+FIFOFILE="${TMPDIR:=/tmp}/caps_fifo"
+export FIFOFILE
 rm -f $FIFOFILE
 mkfifo $FIFOFILE
 chmod 777 $FIFOFILE
diff --git a/testcases/kernel/security/filecaps/print_caps.c b/testcases/kernel/security/filecaps/print_caps.c
index ee7a5f580..2479c4590 100644
--- a/testcases/kernel/security/filecaps/print_caps.c
+++ b/testcases/kernel/security/filecaps/print_caps.c
@@ -27,6 +27,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
@@ -37,7 +38,31 @@
 #include <sys/capability.h>
 #endif
 
-#define FIFOFILE "/tmp/caps_fifo"
+#ifdef HAVE_LIBCAP
+
+static const char *get_caps_fifo(void)
+{
+	static char fifofile[PATH_MAX] = { 0, };
+
+	if (!fifofile[0]) {
+		const char *fifofile_ = getenv("FIFOFILE");
+
+		if (!fifofile_) {
+			const char *tmpdir = getenv("TMPDIR");
+
+			if (!tmpdir)
+				tmpdir = "/tmp";
+			snprintf(fifofile, PATH_MAX, "%s/caps_fifo", tmpdir);
+		} else {
+			strncpy(fifofile, fifofile_, PATH_MAX);
+			fifofile[PATH_MAX - 1] = 0;
+		}
+	}
+
+	return fifofile;
+}
+
+#endif
 
 int main(int argc, char *argv[])
 {
@@ -55,7 +80,7 @@ int main(int argc, char *argv[])
 		exit(1);
 	}
 
-	fd = open(FIFOFILE, O_WRONLY);
+	fd = open(get_caps_fifo(), O_WRONLY);
 	if (!fd) {
 		perror("print_caps: open fifo");
 		exit(2);
diff --git a/testcases/kernel/security/filecaps/verify_caps_exec.c b/testcases/kernel/security/filecaps/verify_caps_exec.c
index 7183d8b4a..fa2f0659c 100644
--- a/testcases/kernel/security/filecaps/verify_caps_exec.c
+++ b/testcases/kernel/security/filecaps/verify_caps_exec.c
@@ -36,6 +36,7 @@
 #include <sys/wait.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <limits.h>
 #include "config.h"
 #if HAVE_SYS_CAPABILITY_H
 #include <linux/types.h>
@@ -119,22 +120,43 @@ static int perms_test(void)
 	return ret;
 }
 
-#define FIFOFILE "/tmp/caps_fifo"
+static const char *get_caps_fifo(void)
+{
+	static char fifofile[PATH_MAX] = { 0, };
+
+	if (!fifofile[0]) {
+		const char *fifofile_ = getenv("FIFOFILE");
+
+		if (!fifofile_) {
+			const char *tmpdir = getenv("TMPDIR");
+
+			if (!tmpdir)
+				tmpdir = "/tmp";
+			snprintf(fifofile, PATH_MAX, "%s/caps_fifo", tmpdir);
+		} else {
+			strncpy(fifofile, fifofile_, PATH_MAX);
+			fifofile[PATH_MAX - 1] = 0;
+		}
+	}
+
+	return fifofile;
+}
+
 static void create_fifo(void)
 {
 	int ret;
 
-	ret = mkfifo(FIFOFILE, S_IRWXU | S_IRWXG | S_IRWXO);
+	ret = mkfifo(get_caps_fifo(), S_IRWXU | S_IRWXG | S_IRWXO);
 	if (ret == -1 && errno != EEXIST)
 		tst_brkm(TFAIL | TERRNO, NULL, "failed creating %s\n",
-			 FIFOFILE);
+			 get_caps_fifo());
 }
 
 static void write_to_fifo(const char *buf)
 {
 	int fd;
 
-	fd = open(FIFOFILE, O_WRONLY);
+	fd = open(get_caps_fifo(), O_WRONLY);
 	write(fd, buf, strlen(buf));
 	close(fd);
 }
@@ -144,7 +166,7 @@ static void read_from_fifo(char *buf)
 	int fd;
 
 	memset(buf, 0, 200);
-	fd = open(FIFOFILE, O_RDONLY);
+	fd = open(get_caps_fifo(), O_RDONLY);
 	if (fd < 0)
 		tst_brkm(TFAIL | TERRNO, NULL, "Failed opening fifo\n");
 	read(fd, buf, 199);