| Message ID | 20210713162450.34947-1-amir73il@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | syscalls/fanotify19: Add test cases for elevated reader privileges | expand |
Hi Amir, > Even when event reader has elevated privileges, the information provided > in events is determined by the privileges of the user that created the > fanotify group. > Add test cases for unprivileged listener and privileged event reader. > This is a regression test for kernel commit > a8b98c808eab ("fanotify: fix permission model of unprivileged group") > Signed-off-by: Amir Goldstein <amir73il@gmail.com> > --- > Hi Petr, > Added test for a fix in v5.13-rc5. Thanks for your patch, pushed! Things I've found, not related to this patch: TBROK when running with higher number of iterations: ./fanotify19 -i 30 ... fanotify19.c:224: TPASS: Received event: mask=2b, pid=11351 fd=-1 fanotify19.c:224: TPASS: Received event: mask=b, pid=11351 fd=-1 fanotify19.c:224: TPASS: Received event: mask=a, pid=11351 fd=-1 fanotify19.c:224: TPASS: Received event: mask=8, pid=11351 fd=-1 fanotify19.c:147: TINFO: Test #3 unprivileged lisneter, privileged reader - events by child fanotify19.c:151: TINFO: Running as privileged user, revoking. fanotify19.c:136: TBROK: Child process terminated incorrectly. Aborting Summary: passed 316 failed 0 broken 1 skipped 0 warnings 0 Could you have look into it? very minor nit: checkpatch complains about minor issues. Although all but quoted string split across lines are easily fixable we don't need to bother with it. But could you please use checkpatch for new tests? Also I'd personally join also strings which are below 100 chars, because it helps to grep. > @@ -248,6 +285,10 @@ static struct tst_test test = { > .needs_root = 1, > .mount_device = 1, > .mntpoint = MOUNT_PATH, > + .tags = (const struct tst_tag[]) { > + {"linux-git", "a8b98c808eab"}, FYI we also support "linux-stable-git", but we mainly use it for stable branch specific patches (something required just for stable), not for regular backports of fixes. Kind regards, Petr
On Wed, Jul 14, 2021 at 10:28 AM Petr Vorel <pvorel@suse.cz> wrote: > > Hi Amir, > > > Even when event reader has elevated privileges, the information provided > > in events is determined by the privileges of the user that created the > > fanotify group. > > > Add test cases for unprivileged listener and privileged event reader. > > > This is a regression test for kernel commit > > a8b98c808eab ("fanotify: fix permission model of unprivileged group") > > > Signed-off-by: Amir Goldstein <amir73il@gmail.com> > > --- > > > Hi Petr, > > > Added test for a fix in v5.13-rc5. > > Thanks for your patch, pushed! > > Things I've found, not related to this patch: > > TBROK when running with higher number of iterations: > ./fanotify19 -i 30 > ... > fanotify19.c:224: TPASS: Received event: mask=2b, pid=11351 fd=-1 > fanotify19.c:224: TPASS: Received event: mask=b, pid=11351 fd=-1 > fanotify19.c:224: TPASS: Received event: mask=a, pid=11351 fd=-1 > fanotify19.c:224: TPASS: Received event: mask=8, pid=11351 fd=-1 > fanotify19.c:147: TINFO: Test #3 unprivileged lisneter, privileged reader - events by child > fanotify19.c:151: TINFO: Running as privileged user, revoking. > fanotify19.c:136: TBROK: Child process terminated incorrectly. Aborting > > Summary: > passed 316 > failed 0 > broken 1 > skipped 0 > warnings 0 > > Could you have look into it? > Posted fix. > very minor nit: checkpatch complains about minor issues. Although all but quoted > string split across lines are easily fixable we don't need to bother with it. > But could you please use checkpatch for new tests? Will do. > Also I'd personally join also strings which are below 100 chars, because it > helps to grep. > > > @@ -248,6 +285,10 @@ static struct tst_test test = { > > .needs_root = 1, > > .mount_device = 1, > > .mntpoint = MOUNT_PATH, > > + .tags = (const struct tst_tag[]) { > > + {"linux-git", "a8b98c808eab"}, > FYI we also support "linux-stable-git", but we mainly use it for stable branch > specific patches (something required just for stable), not for regular backports > of fixes. > I did not understand when linux-stable-git should be used or why it applies to this case. Thanks, Amir.
Hi Amir, > On Wed, Jul 14, 2021 at 10:28 AM Petr Vorel <pvorel@suse.cz> wrote: > > Hi Amir, > > > Even when event reader has elevated privileges, the information provided > > > in events is determined by the privileges of the user that created the > > > fanotify group. > > > Add test cases for unprivileged listener and privileged event reader. > > > This is a regression test for kernel commit > > > a8b98c808eab ("fanotify: fix permission model of unprivileged group") > > > Signed-off-by: Amir Goldstein <amir73il@gmail.com> > > > --- > > > Hi Petr, > > > Added test for a fix in v5.13-rc5. > > Thanks for your patch, pushed! > > Things I've found, not related to this patch: > > TBROK when running with higher number of iterations: > > ./fanotify19 -i 30 > > ... > > fanotify19.c:224: TPASS: Received event: mask=2b, pid=11351 fd=-1 > > fanotify19.c:224: TPASS: Received event: mask=b, pid=11351 fd=-1 > > fanotify19.c:224: TPASS: Received event: mask=a, pid=11351 fd=-1 > > fanotify19.c:224: TPASS: Received event: mask=8, pid=11351 fd=-1 > > fanotify19.c:147: TINFO: Test #3 unprivileged lisneter, privileged reader - events by child > > fanotify19.c:151: TINFO: Running as privileged user, revoking. > > fanotify19.c:136: TBROK: Child process terminated incorrectly. Aborting > > Summary: > > passed 316 > > failed 0 > > broken 1 > > skipped 0 > > warnings 0 > > Could you have look into it? > Posted fix. Thanks! > > very minor nit: checkpatch complains about minor issues. Although all but quoted > > string split across lines are easily fixable we don't need to bother with it. > > But could you please use checkpatch for new tests? > Will do. Thanks! > > Also I'd personally join also strings which are below 100 chars, because it > > helps to grep. > > > @@ -248,6 +285,10 @@ static struct tst_test test = { > > > .needs_root = 1, > > > .mount_device = 1, > > > .mntpoint = MOUNT_PATH, > > > + .tags = (const struct tst_tag[]) { > > > + {"linux-git", "a8b98c808eab"}, > > FYI we also support "linux-stable-git", but we mainly use it for stable branch > > specific patches (something required just for stable), not for regular backports > > of fixes. > I did not understand when linux-stable-git should be used or why it applies > to this case. I'm sorry for not being clear. It does not apply to this case, just FYI. It's for commits which are stable branch specific, i.e. no commit in mainline. Thus we have only two so far. Example of commits: c4a23c852e80 cac68d12c531. c4a23c852e80: No upstream commit, this is a fix to a stable 5.4 specific backport. cac68d12c531 [ Upstream commits 9392a27d88b9 and ff002b30181d ] I'm going to send patch to our doc [1] to mention it. Kind regards, Petr [1] https://github.com/linux-test-project/ltp/wiki/C-Test-API#138-test-tags > Thanks, > Amir.
diff --git a/testcases/kernel/syscalls/fanotify/fanotify19.c b/testcases/kernel/syscalls/fanotify/fanotify19.c index e4ac8a032..3792c717c 100644 --- a/testcases/kernel/syscalls/fanotify/fanotify19.c +++ b/testcases/kernel/syscalls/fanotify/fanotify19.c @@ -38,6 +38,7 @@ #define MOUNT_PATH "fs_mnt" #define TEST_FILE MOUNT_PATH "/testfile" +static uid_t euid; static int fd_notify; static char buf[BUF_SIZE]; static struct fanotify_event_metadata event_buf[EVENT_BUF_LEN]; @@ -45,12 +46,14 @@ static struct fanotify_event_metadata event_buf[EVENT_BUF_LEN]; static struct test_case_t { const char *name; unsigned int fork; + unsigned int elevate; unsigned int event_count; unsigned long long event_set[EVENT_SET_MAX]; } test_cases[] = { { "unprivileged listener - events by self", 0, + 0, 4, { FAN_OPEN, @@ -62,6 +65,7 @@ static struct test_case_t { { "unprivileged lisneter - events by child", 1, + 0, 4, { FAN_OPEN, @@ -69,7 +73,31 @@ static struct test_case_t { FAN_MODIFY, FAN_CLOSE, } - } + }, + { + "unprivileged listener, privileged reader - events by self", + 0, + 1, + 4, + { + FAN_OPEN, + FAN_ACCESS, + FAN_MODIFY, + FAN_CLOSE, + } + }, + { + "unprivileged lisneter, privileged reader - events by child", + 1, + 1, + 4, + { + FAN_OPEN, + FAN_ACCESS, + FAN_MODIFY, + FAN_CLOSE, + } + }, }; static void generate_events(void) @@ -118,6 +146,14 @@ static void test_fanotify(unsigned int n) tst_res(TINFO, "Test #%d %s", n, tc->name); + /* Relinquish privileged user */ + if (euid == 0) { + tst_res(TINFO, + "Running as privileged user, revoking."); + struct passwd *nobody = SAFE_GETPWNAM("nobody"); + SAFE_SETEUID(nobody->pw_uid); + } + /* Initialize fanotify */ fd_notify = fanotify_init(FANOTIFY_REQUIRED_USER_INIT_FLAGS, O_RDONLY); @@ -149,6 +185,13 @@ static void test_fanotify(unsigned int n) else generate_events(); + /* Restore privileges */ + if (euid == 0 && tc->elevate) { + tst_res(TINFO, + "Restoring privileged user."); + SAFE_SETEUID(0); + } + /* Read events from queue */ len = SAFE_READ(0, fd_notify, event_buf + len, EVENT_BUF_LEN - len); @@ -224,13 +267,7 @@ static void setup(void) /* Check for kernel fanotify support */ REQUIRE_FANOTIFY_INIT_FLAGS_SUPPORTED_ON_FS(FAN_REPORT_FID, TEST_FILE); - /* Relinquish privileged user */ - if (geteuid() == 0) { - tst_res(TINFO, - "Running as privileged user, revoking."); - struct passwd *nobody = SAFE_GETPWNAM("nobody"); - SAFE_SETUID(nobody->pw_uid); - } + euid = geteuid(); } static void cleanup(void) @@ -248,6 +285,10 @@ static struct tst_test test = { .needs_root = 1, .mount_device = 1, .mntpoint = MOUNT_PATH, + .tags = (const struct tst_tag[]) { + {"linux-git", "a8b98c808eab"}, + {} + } }; #else
Even when event reader has elevated privileges, the information provided in events is determined by the privileges of the user that created the fanotify group. Add test cases for unprivileged listener and privileged event reader. This is a regression test for kernel commit a8b98c808eab ("fanotify: fix permission model of unprivileged group") Signed-off-by: Amir Goldstein <amir73il@gmail.com> --- Hi Petr, Added test for a fix in v5.13-rc5. Thanks, Amir. .../kernel/syscalls/fanotify/fanotify19.c | 57 ++++++++++++++++--- 1 file changed, 49 insertions(+), 8 deletions(-)