From patchwork Tue Dec 17 10:12:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yang Xu X-Patchwork-Id: 1211263 X-Patchwork-Delegate: petr.vorel@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cn.fujitsu.com Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47cYqT6jN4z9sRh for ; Tue, 17 Dec 2019 21:12:53 +1100 (AEDT) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 316903C2386 for ; Tue, 17 Dec 2019 11:12:51 +0100 (CET) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-6.smtp.seeweb.it (in-6.smtp.seeweb.it [217.194.8.6]) by picard.linux.it (Postfix) with ESMTP id E2ED83C2392 for ; Tue, 17 Dec 2019 11:12:45 +0100 (CET) Received: from heian.cn.fujitsu.com (mail.cn.fujitsu.com [183.91.158.132]) by in-6.smtp.seeweb.it (Postfix) with ESMTP id C76451400431 for ; Tue, 17 Dec 2019 11:12:43 +0100 (CET) X-IronPort-AV: E=Sophos;i="5.69,325,1571673600"; d="scan'208";a="80413197" Received: from unknown (HELO cn.fujitsu.com) ([10.167.33.5]) by heian.cn.fujitsu.com with ESMTP; 17 Dec 2019 18:12:43 +0800 Received: from G08CNEXCHPEKD02.g08.fujitsu.local (unknown [10.167.33.83]) by cn.fujitsu.com (Postfix) with ESMTP id 1D3184CE1C91 for ; Tue, 17 Dec 2019 18:03:59 +0800 (CST) Received: from localhost.localdomain (10.167.220.84) by G08CNEXCHPEKD02.g08.fujitsu.local (10.167.33.89) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 17 Dec 2019 18:12:38 +0800 From: Yang Xu To: Date: Tue, 17 Dec 2019 18:12:48 +0800 Message-ID: <1576577571-3668-2-git-send-email-xuyang2018.jy@cn.fujitsu.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> References: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> MIME-Version: 1.0 X-Originating-IP: [10.167.220.84] X-yoursite-MailScanner-ID: 1D3184CE1C91.AE0C8 X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: xuyang2018.jy@cn.fujitsu.com X-Spam-Status: No, score=0.4 required=7.0 tests=KHOP_HELO_FCRDNS, SPF_HELO_NONE, SPF_NONE autolearn=disabled version=3.4.0 X-Virus-Scanned: clamav-milter 0.99.2 at in-6.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on in-6.smtp.seeweb.it Subject: [LTP] [PATCH v1 1/4] syscalls/capset01: Cleanup & convert to new library X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" Test capset() syscall on three versions. Signed-off-by: Yang Xu --- testcases/kernel/syscalls/capset/capset01.c | 150 ++++---------------- 1 file changed, 29 insertions(+), 121 deletions(-) diff --git a/testcases/kernel/syscalls/capset/capset01.c b/testcases/kernel/syscalls/capset/capset01.c index 9c61773bb..75cdd83b9 100644 --- a/testcases/kernel/syscalls/capset/capset01.c +++ b/testcases/kernel/syscalls/capset/capset01.c @@ -1,142 +1,50 @@ /* * Copyright (c) Wipro Technologies Ltd, 2002. All Rights Reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of version 2 of the GNU General Public License as - * published by the Free Software Foundation. - * - * This program is distributed in the hope that it would be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - */ -/********************************************************** - * - * TEST IDENTIFIER : capset01 - * - * EXECUTED BY : anyone - * - * TEST TITLE : Basic test for capset(2) - * - * TEST CASE TOTAL : 1 - * * AUTHOR : Saji Kumar.V.R * - * SIGNALS - * Uses SIGUSR1 to pause before test if option set. - * (See the parse_opts(3) man page). - * - * DESCRIPTION - * This is a Phase I test for the capset(2) system call. - * It is intended to provide a limited exposure of the system call. - * - * Setup: - * Setup signal handling. - * Pause for SIGUSR1 if option specified. - * call capget() to save the current capability data - * - * Test: - * Loop if the proper options are given. - * call capset() with the saved data - * if return value == 0 - * Test passed - * Otherwise - * Test failed - * - * Cleanup: - * Print errno log and/or timing stats if options given - * - * USAGE: - * capset01 [-c n] [-e] [-i n] [-I x] [-P x] [-t] [-h] [-f] [-p] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -h : Show help screen - * -f : Turn off functional testing - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -p : Pause for SIGUSR1 before starting - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * * CHANGES: * 2005/01/01: add an hint to a possible solution when test fails * - Ricky Ng-Adam ****************************************************************/ +#include #include -#include -#include "test.h" +#include "tst_test.h" #include "lapi/syscalls.h" - -/**************************************************************************/ -/* */ -/* Some archs do not have the manpage documented sys/capability.h file, */ -/* and require the use of the line below */ - #include -/* If you are having issues with including this file and have the sys/ */ -/* version, then you may want to try switching to it. -Robbie W. */ -/**************************************************************************/ +static struct tcase { + int version; + char *message; +} tcases[] = { + {0x19980330, "Test on LINUX_CAPABILITY_VERSION_1"}, + {0x20071026, "Test on LINUX_CAPABILITY_VERSION_2"}, + {0x20080522, "Test on LINUX_CAPABILITY_VERSION_3"}, +}; -static void setup(); -static void cleanup(); -char *TCID = "capset01"; -int TST_TOTAL = 1; - -static struct __user_cap_header_struct header; /* cap_user_header_t is a pointer - to __user_cap_header_struct */ - -static struct __user_cap_data_struct data; /* cap_user_data_t is a pointer to - __user_cap_data_struct */ - -int main(int ac, char **av) +static void verify_capset(unsigned int n) { + struct tcase *tc = &tcases[n]; + struct __user_cap_header_struct header; + struct __user_cap_data_struct data[2]; - int lc; - - tst_parse_opts(ac, av, NULL, NULL); - - setup(); + tst_res(TINFO, "%s", tc->message); + header.version = tc->version; + header.pid = getpid(); - for (lc = 0; TEST_LOOPING(lc); lc++) { - - tst_count = 0; - - TEST(ltp_syscall(__NR_capset, &header, &data)); - - if (TEST_RETURN == 0) { - tst_resm(TPASS, "capset() returned %ld", TEST_RETURN); - } else { - tst_resm(TFAIL | TTERRNO, - "Test Failed, capset() returned %ld" - " Maybe you need to do `modprobe capability`?", - TEST_RETURN); - } + if (tst_syscall(__NR_capget, &header, data) == -1) { + tst_res(TFAIL | TTERRNO, "capget() failed"); + return; } - cleanup(); - - tst_exit(); + TEST(tst_syscall(__NR_capset, &header, data)); + if (TST_RET == 0) + tst_res(TPASS, "capset() returned %ld", TST_RET); + else + tst_res(TFAIL | TTERRNO, "Test Failed, capset() returned %ld", TST_RET); } -void setup(void) -{ - - tst_sig(NOFORK, DEF_HANDLER, cleanup); - - TEST_PAUSE; - - header.version = _LINUX_CAPABILITY_VERSION; - header.pid = 0; - if (ltp_syscall(__NR_capget, &header, &data) == -1) - tst_brkm(TBROK | TERRNO, NULL, "capget() failed"); -} - -void cleanup(void) -{ -} +static struct tst_test test = { + .tcnt = ARRAY_SIZE(tcases), + .test = verify_capset, +}; From patchwork Tue Dec 17 10:12:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yang Xu X-Patchwork-Id: 1211265 X-Patchwork-Delegate: petr.vorel@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cn.fujitsu.com Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47cYqt51ZDz9sRh for ; Tue, 17 Dec 2019 21:13:14 +1100 (AEDT) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 971803C207E for ; Tue, 17 Dec 2019 11:13:09 +0100 (CET) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-6.smtp.seeweb.it (in-6.smtp.seeweb.it [IPv6:2001:4b78:1:20::6]) by picard.linux.it (Postfix) with ESMTP id 268393C22D4 for ; Tue, 17 Dec 2019 11:12:53 +0100 (CET) Received: from heian.cn.fujitsu.com (mail.cn.fujitsu.com [183.91.158.132]) by in-6.smtp.seeweb.it (Postfix) with ESMTP id 639CB1400551 for ; Tue, 17 Dec 2019 11:12:50 +0100 (CET) X-IronPort-AV: E=Sophos;i="5.69,325,1571673600"; d="scan'208";a="80413201" Received: from unknown (HELO cn.fujitsu.com) ([10.167.33.5]) by heian.cn.fujitsu.com with ESMTP; 17 Dec 2019 18:12:49 +0800 Received: from G08CNEXCHPEKD02.g08.fujitsu.local (unknown [10.167.33.83]) by cn.fujitsu.com (Postfix) with ESMTP id 232E64CE1C91 for ; Tue, 17 Dec 2019 18:04:05 +0800 (CST) Received: from localhost.localdomain (10.167.220.84) by G08CNEXCHPEKD02.g08.fujitsu.local (10.167.33.89) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 17 Dec 2019 18:12:44 +0800 From: Yang Xu To: Date: Tue, 17 Dec 2019 18:12:49 +0800 Message-ID: <1576577571-3668-3-git-send-email-xuyang2018.jy@cn.fujitsu.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> References: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> MIME-Version: 1.0 X-Originating-IP: [10.167.220.84] X-yoursite-MailScanner-ID: 232E64CE1C91.AFC79 X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: xuyang2018.jy@cn.fujitsu.com X-Spam-Status: No, score=0.4 required=7.0 tests=KHOP_HELO_FCRDNS, SPF_HELO_NONE, SPF_NONE autolearn=disabled version=3.4.0 X-Virus-Scanned: clamav-milter 0.99.2 at in-6.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on in-6.smtp.seeweb.it Subject: [LTP] [PATCH v1 2/4] syscalls/capset02: Cleanup & convert to new library X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" It adds a preferred linux capabilities version check like capget02. Also, it adds various cases about EPERM error. Signed-off-by: Yang Xu --- testcases/kernel/syscalls/capset/capset02.c | 364 ++++++++------------ 1 file changed, 135 insertions(+), 229 deletions(-) diff --git a/testcases/kernel/syscalls/capset/capset02.c b/testcases/kernel/syscalls/capset/capset02.c index aece29511..4df555ce4 100644 --- a/testcases/kernel/syscalls/capset/capset02.c +++ b/testcases/kernel/syscalls/capset/capset02.c @@ -1,261 +1,167 @@ +// SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) Wipro Technologies Ltd, 2002. All Rights Reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of version 2 of the GNU General Public License as - * published by the Free Software Foundation. - * - * This program is distributed in the hope that it would be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * + * Author: Saji Kumar.V.R + * + * Tests basic error handling of the capset syscall. + * 1) capset() fails with errno set to EFAULT if an invalid address + * is given for header. + * 2) capset() fails with errno set to EFAULT if an invalid address + * is given for data. + * 3) capset() fails with errno set ot EINVAL if an unused pid is + * given for header->pid. + * 4) capset() fails with errno set to EINVAL if an invalid value + * is given for header->version. + * 5) capset() fails with errno set to EPERM if the new_Effective is + * not a subset of the new_Permitted. + * 6) capset() fails with errno set to EPERM if the new_Permitted is + * not a subset of the old_Permitted. + * 7) capset() fails with errno set ot EPERM if the new_Inheritable is + * not a subset of the old_Inheritable and bounding set. */ -/********************************************************** - * - * TEST IDENTIFIER : capset02 - * - * EXECUTED BY : anyone - * - * TEST TITLE : Tests for error conditions. - * - * TEST CASE TOTAL : 4 - * - * AUTHOR : Saji Kumar.V.R - * - * SIGNALS - * Uses SIGUSR1 to pause before test if option set. - * (See the parse_opts(3) man page). - * - * DESCRIPTION - * Verify that - * 1) capset() fails with errno set to EFAULT if an invalid address - * is given for header - * 2) capset() fails with errno set to EFAULT if an invalid address - * is given for data - * 3) capset() fails with errno set to EINVAL if an invalid value - * is given for header->version - * 4) capset() fails with errno set to EPERM the process does not - * have enough privilege to set capabilities - * - * - * Setup: - * Setup signal handling. - * Pause for SIGUSR1 if option specified. - * Call capget() to save current capability data - * - * Test: - * Loop if the proper options are given. - * do test specific setup. - * call capset with proper arguments - * if capset() fails with expected errno - * Test passed - * Otherwise - * Test failed - * do test specific cleanup - * - * Cleanup: - * Print errno log and/or timing stats if options given - * - * USAGE: - * capset02 [-c n] [-e] [-i n] [-I x] [-P x] [-t] [-h] [-f] [-p] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -h : Show help screen - * -f : Turn off functional testing - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -p : Pause for SIGUSR1 before starting - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * - ****************************************************************/ +#include #include -#include -#include -#include -#include -#include #include -#include "test.h" -#include "safe_macros.h" +#include +#include "tst_test.h" #include "lapi/syscalls.h" - -/**************************************************************************/ -/* */ -/* Some archs do not have the manpage documented sys/capability.h file, */ -/* and require the use of the line below */ - #include -/* If you are having issues with including this file and have the sys/ */ -/* version, then you may want to try switching to it. -Robbie W. */ -/**************************************************************************/ +#define CAP1 (1 << CAP_NET_RAW | 1 << CAP_CHOWN | 1 << CAP_SETPCAP) +#define CAP2 (CAP1 | 1 << CAP_KILL) -#define INVALID_VERSION 0 - -static void setup(void); -static void cleanup(void); -static void test_setup(int, char *); -static void child_func(void); +static unsigned int check_root_flag, drop_flag; +static struct __user_cap_header_struct header, bad_version_header, unused_pid_header; +static struct __user_cap_data_struct data[2]; +static struct __user_cap_data_struct good_data[2] = { + { + .effective = CAP1, + .permitted = CAP1, + .inheritable = CAP1, + }, +}; -static pid_t child_pid = -1; +static struct __user_cap_data_struct bad_data_pe[2] = { + { + .effective = CAP2, + .permitted = CAP1, + .inheritable = CAP1, + }, +}; -char *TCID = "capset02"; +static struct __user_cap_data_struct bad_data_pp[2] = { + { + .effective = CAP1, + .permitted = CAP2, + .inheritable = CAP1, + }, +}; -static struct __user_cap_header_struct header; -static struct __user_cap_data_struct data; +static struct __user_cap_data_struct bad_data_pi[2] = { + { + .effective = CAP1, + .permitted = CAP1, + .inheritable = CAP2, + }, +}; -struct test_case_t { +static struct tcase { cap_user_header_t headerp; cap_user_data_t datap; - int exp_errno; - char *errdesc; -} test_cases[] = { -#ifndef UCLINUX - /* Skip since uClinux does not implement memory protection */ - { - (cap_user_header_t) - 1, &data, EFAULT, "EFAULT"}, { - &header, (cap_user_data_t) - 1, EFAULT, "EFAULT"}, -#endif - { - &header, &data, EINVAL, "EINVAL"}, { -&header, &data, EPERM, "EPERM"},}; - -int TST_TOTAL = sizeof(test_cases) / sizeof(test_cases[0]); - -int main(int ac, char **av) + int exp_err; + /* + * 1 needs reset header version + * 2 needs root privilege + * 3 needs drop cap in bouding set + */ + int flag; + char *message; +} tcases[] = { + {NULL, data, EFAULT, 0, "Test bad address header"}, + {&header, NULL, EFAULT, 0, "Test bad address data"}, + {&unused_pid_header, data, EINVAL, 1, "Test bad pid"}, + {&bad_version_header, data, EINVAL, 1, "Test bad version"}, + {&header, bad_data_pe, EPERM, 0, "Test bad value data(when pE is not in pP)"}, + {&header, bad_data_pp, EPERM, 2, "Test bad value data(when pP is not in old pP)"}, + {&header, bad_data_pi, EPERM, 3, "Test bad value data(when pI is not in bounding set or old pI)"}, +}; + +static void verify_capset(unsigned int n) { + struct tcase *tc = &tcases[n]; - int lc, i; - - tst_parse_opts(ac, av, NULL, NULL); -#ifdef UCLINUX - maybe_run_child(&child_func, ""); -#endif - - setup(); - - for (lc = 0; TEST_LOOPING(lc); lc++) { - - tst_count = 0; - -#ifdef UCLINUX - i = 2; -#else - i = 0; -#endif - - for (; i < TST_TOTAL; i++) { - - test_setup(i, av[0]); - TEST(ltp_syscall(__NR_capset, test_cases[i].headerp, - test_cases[i].datap)); - - if (TEST_RETURN == -1 && - TEST_ERRNO == test_cases[i].exp_errno) { - tst_resm(TPASS, "capset() returned -1," - " errno: %s", test_cases[i].errdesc); - } else { - tst_resm(TFAIL | TTERRNO, - "Test Failed, capset() returned %ld", - TEST_RETURN); - } - } + tst_res(TINFO, "%s", tc->message); + if (tc->flag == 2 && !check_root_flag) { + tst_res(TCONF, "This test needs root privilege, skip it"); + return; + } + if (tc->flag == 3 && !drop_flag) { + tst_res(TCONF, "This test needs to drop CAP_KILL in bounding set, skip it"); + return; } - cleanup(); - - tst_exit(); - -} - -void setup(void) -{ - tst_require_root(); - - TEST_PAUSE; - + TEST(tst_syscall(__NR_capset, tc->headerp, tc->datap)); + if (TST_RET == 0) { + tst_res(TFAIL, "capset() succeed unexpectedly"); + return; + } + if (TST_ERR == tc->exp_err) + tst_res(TPASS | TTERRNO, "capset() failed as expected"); + else + tst_res(TFAIL | TTERRNO, "capset() expected %s got ", + tst_strerrno(tc->exp_err)); /* - * Save current capability data. - * header.version must be _LINUX_CAPABILITY_VERSION + * When an unsupported version value is specified, it will + * return the kernel preferred value of _LINUX_CAPABILITY_VERSION_?. + * Since linux 2.6.26, version 3 is default. We use it. */ - header.version = _LINUX_CAPABILITY_VERSION; - if (ltp_syscall(__NR_capget, &header, &data) == -1) - tst_brkm(TBROK | TERRNO, NULL, "capget failed"); -} - -void cleanup(void) -{ - if (0 < child_pid) { - kill(child_pid, SIGTERM); - wait(NULL); + if (tc->flag == 1) { + if (tc->headerp->version == 0x20080522) + tc->headerp->version = 0; + else + tst_res(TFAIL, "kernel doesn't return preferred linux" + " capability version when using bad version"); } } -void child_func(void) +static void setup(void) { - for (;;) { - sleep(10); - } -} - -void test_setup(int i, char *argv0) -{ - char nobody_uid[] = "nobody"; - struct passwd *ltpuser; + unsigned int i; + pid_t pid; - switch (i) { - case 0: - break; + pid = getpid(); - case 1: - header.version = _LINUX_CAPABILITY_VERSION; - header.pid = 0; - break; + header.version = 0x20080522; + header.pid = pid; + bad_version_header.version = 0; + bad_version_header.pid = pid; + unused_pid_header.pid = 0x20080522; + unused_pid_header.pid = tst_get_unused_pid(); - case 2: - header.version = INVALID_VERSION; - header.pid = 0; - break; - case 3: - header.version = _LINUX_CAPABILITY_VERSION; - /* - * when a non-zero pid is specified, process should have - * CAP_SETPCAP capability to change capabilities. - * by default, CAP_SETPCAP is not enabled. So giving - * a non-zero pid results in capset() failing with - * errno EPERM - * - * Note: this seems to have changed with recent kernels - * => create a child and try to set its capabilities - */ - child_pid = FORK_OR_VFORK(); - if (child_pid == -1) - tst_brkm(TBROK | TERRNO, cleanup, "fork failed"); - else if (child_pid == 0) { -#ifdef UCLINUX - if (self_exec(argv0, "") < 0) { - perror("self_exec failed"); - exit(1); - } -#else - child_func(); -#endif - } else { - header.pid = child_pid; - ltpuser = getpwnam(nobody_uid); - if (ltpuser == NULL) - tst_brkm(TBROK | TERRNO, cleanup, - "getpwnam failed"); - SAFE_SETEUID(cleanup, ltpuser->pw_uid); - - } - break; + for (i = 0; i < ARRAY_SIZE(tcases); i++) { + if (!tcases[i].headerp) + tcases[i].headerp = tst_get_bad_addr(NULL); + if (!tcases[i].datap) + tcases[i].datap = tst_get_bad_addr(NULL); + } + if (geteuid() == 0) { + TEST(tst_syscall(__NR_capset, &header, good_data)); + if (TST_RET == -1) + tst_res(TFAIL | TTERRNO, "capset good_data failed"); + else + check_root_flag = 1; + TEST(prctl(PR_CAPBSET_DROP, CAP_KILL)); + if (TST_RET == -1) + tst_res(TFAIL | TTERRNO, "drop CAP_KILL failed"); + else + drop_flag = 1; } } + +static struct tst_test test = { + .setup = setup, + .tcnt = ARRAY_SIZE(tcases), + .test = verify_capset, +}; From patchwork Tue Dec 17 10:12:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yang Xu X-Patchwork-Id: 1211264 X-Patchwork-Delegate: petr.vorel@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cn.fujitsu.com Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47cYqg2yH2z9sRh for ; Tue, 17 Dec 2019 21:13:03 +1100 (AEDT) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id B55073C2093 for ; Tue, 17 Dec 2019 11:13:00 +0100 (CET) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-6.smtp.seeweb.it (in-6.smtp.seeweb.it [217.194.8.6]) by picard.linux.it (Postfix) with ESMTP id E68A73C22D4 for ; Tue, 17 Dec 2019 11:12:51 +0100 (CET) Received: from heian.cn.fujitsu.com (mail.cn.fujitsu.com [183.91.158.132]) by in-6.smtp.seeweb.it (Postfix) with ESMTP id D3628140013F for ; Tue, 17 Dec 2019 11:12:49 +0100 (CET) X-IronPort-AV: E=Sophos;i="5.69,325,1571673600"; d="scan'208";a="80413200" Received: from unknown (HELO cn.fujitsu.com) ([10.167.33.5]) by heian.cn.fujitsu.com with ESMTP; 17 Dec 2019 18:12:49 +0800 Received: from G08CNEXCHPEKD02.g08.fujitsu.local (unknown [10.167.33.83]) by cn.fujitsu.com (Postfix) with ESMTP id 807D74CE1C97 for ; Tue, 17 Dec 2019 18:04:08 +0800 (CST) Received: from localhost.localdomain (10.167.220.84) by G08CNEXCHPEKD02.g08.fujitsu.local (10.167.33.89) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 17 Dec 2019 18:12:47 +0800 From: Yang Xu To: Date: Tue, 17 Dec 2019 18:12:50 +0800 Message-ID: <1576577571-3668-4-git-send-email-xuyang2018.jy@cn.fujitsu.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> References: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> MIME-Version: 1.0 X-Originating-IP: [10.167.220.84] X-yoursite-MailScanner-ID: 807D74CE1C97.AE74F X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: xuyang2018.jy@cn.fujitsu.com X-Spam-Status: No, score=0.4 required=7.0 tests=KHOP_HELO_FCRDNS, SPF_HELO_NONE, SPF_NONE autolearn=disabled version=3.4.0 X-Virus-Scanned: clamav-milter 0.99.2 at in-6.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on in-6.smtp.seeweb.it Subject: [LTP] [PATCH v1 3/4] syscalls/capset03: add new EPERM error test without CAP_SETPCAP X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" Signed-off-by: Yang Xu --- runtest/syscalls | 1 + testcases/kernel/syscalls/capset/.gitignore | 1 + testcases/kernel/syscalls/capset/capset03.c | 65 +++++++++++++++++++++ 3 files changed, 67 insertions(+) create mode 100644 testcases/kernel/syscalls/capset/capset03.c diff --git a/runtest/syscalls b/runtest/syscalls index fa87ef63f..4f481be6d 100644 --- a/runtest/syscalls +++ b/runtest/syscalls @@ -44,6 +44,7 @@ capget02 capget02 capset01 capset01 capset02 capset02 +capset03 capset03 cacheflush01 cacheflush01 diff --git a/testcases/kernel/syscalls/capset/.gitignore b/testcases/kernel/syscalls/capset/.gitignore index 004ce7b3e..3f9a4d5e8 100644 --- a/testcases/kernel/syscalls/capset/.gitignore +++ b/testcases/kernel/syscalls/capset/.gitignore @@ -1,2 +1,3 @@ /capset01 /capset02 +/capset03 diff --git a/testcases/kernel/syscalls/capset/capset03.c b/testcases/kernel/syscalls/capset/capset03.c new file mode 100644 index 000000000..d973095a4 --- /dev/null +++ b/testcases/kernel/syscalls/capset/capset03.c @@ -0,0 +1,65 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (c) 2019 FUJITSU LIMITED. All rights reserved. + * Author: Yang Xu +#include +#include +#include +#include "tst_test.h" +#include "lapi/syscalls.h" +#include + +static struct __user_cap_header_struct header = { + .version = 0x20080522, + .pid = 0, +}; + +static struct __user_cap_data_struct data[2] = { + { + .effective = 1 << CAP_KILL, + .permitted = 1 << CAP_KILL, + .inheritable = 1 << CAP_KILL, + }, +}; + +static void verify_capset(void) +{ + tst_res(TINFO, "Test bad value data(when pI is not old pP or old pI without CAP_SETPCAP)"); + data[0].inheritable = (1 << CAP_KILL | 1 << CAP_NET_RAW); + TEST(tst_syscall(__NR_capset, &header, data)); + if (TST_RET == 0) { + tst_res(TFAIL, "capset succeed unexpectedly"); + return; + } + if (TST_ERR == EPERM) + tst_res(TPASS | TTERRNO, "capset() failed as expected"); + else + tst_res(TFAIL | TTERRNO, "capset expected EPERM, bug got"); +} + +static void setup(void) +{ + pid_t pid; + + pid = getpid(); + header.pid = pid; + if (geteuid() == 0) { + TEST(tst_syscall(__NR_capset, &header, data)); + if (TST_RET == -1) + tst_brk(TBROK | TTERRNO, "capset data failed"); + } +} + +static struct tst_test test = { + .setup = setup, + .test_all = verify_capset, + .caps = (struct tst_cap []) { + TST_CAP(TST_CAP_DROP, CAP_SETPCAP), + {} + }, +}; From patchwork Tue Dec 17 10:12:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yang Xu X-Patchwork-Id: 1211266 X-Patchwork-Delegate: petr.vorel@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=cn.fujitsu.com Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47cYr53STdz9sRh for ; Tue, 17 Dec 2019 21:13:25 +1100 (AEDT) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id CC1283C2381 for ; Tue, 17 Dec 2019 11:13:22 +0100 (CET) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-3.smtp.seeweb.it (in-3.smtp.seeweb.it [217.194.8.3]) by picard.linux.it (Postfix) with ESMTP id EF59D3C234F for ; Tue, 17 Dec 2019 11:12:58 +0100 (CET) Received: from heian.cn.fujitsu.com (mail.cn.fujitsu.com [183.91.158.132]) by in-3.smtp.seeweb.it (Postfix) with ESMTP id CCD221A00A35 for ; Tue, 17 Dec 2019 11:12:57 +0100 (CET) X-IronPort-AV: E=Sophos;i="5.69,325,1571673600"; d="scan'208";a="80413209" Received: from unknown (HELO cn.fujitsu.com) ([10.167.33.5]) by heian.cn.fujitsu.com with ESMTP; 17 Dec 2019 18:12:55 +0800 Received: from G08CNEXCHPEKD02.g08.fujitsu.local (unknown [10.167.33.83]) by cn.fujitsu.com (Postfix) with ESMTP id B0BCA4CE1C93 for ; Tue, 17 Dec 2019 18:04:11 +0800 (CST) Received: from localhost.localdomain (10.167.220.84) by G08CNEXCHPEKD02.g08.fujitsu.local (10.167.33.89) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 17 Dec 2019 18:12:50 +0800 From: Yang Xu To: Date: Tue, 17 Dec 2019 18:12:51 +0800 Message-ID: <1576577571-3668-5-git-send-email-xuyang2018.jy@cn.fujitsu.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> References: <1576577571-3668-1-git-send-email-xuyang2018.jy@cn.fujitsu.com> MIME-Version: 1.0 X-Originating-IP: [10.167.220.84] X-yoursite-MailScanner-ID: B0BCA4CE1C93.A0BA3 X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: xuyang2018.jy@cn.fujitsu.com X-Spam-Status: No, score=0.4 required=7.0 tests=KHOP_HELO_FCRDNS, SPF_HELO_NONE, SPF_NONE autolearn=disabled version=3.4.0 X-Virus-Scanned: clamav-milter 0.99.2 at in-3.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on in-3.smtp.seeweb.it Subject: [LTP] [PATCH v3 4/5] syscalls/quotactl05: add project quota test for xfs filesystem X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" This is a variant about quotactl02. It is used to test project quota. I split it into a new case instead of adding it in quotaclt02 because kernel doesn't permit mount both group and project quota before commit d892d5864f02 ("xfs: Start using pquotaino from the superblock."). Signed-off-by: Yang Xu --- runtest/syscalls | 1 + testcases/kernel/syscalls/quotactl/.gitignore | 2 + .../kernel/syscalls/quotactl/quotactl05.c | 99 +++++++++++++++++++ 3 files changed, 102 insertions(+) create mode 100644 testcases/kernel/syscalls/quotactl/quotactl05.c diff --git a/runtest/syscalls b/runtest/syscalls index c30e9e620..f2c7b0daf 100644 --- a/runtest/syscalls +++ b/runtest/syscalls @@ -954,6 +954,7 @@ quotactl01 quotactl01 quotactl02 quotactl02 quotactl03 quotactl03 quotactl04 quotactl04 +quotactl05 quotactl05 read01 read01 read02 read02 diff --git a/testcases/kernel/syscalls/quotactl/.gitignore b/testcases/kernel/syscalls/quotactl/.gitignore index 1db7c5d98..9621e7717 100644 --- a/testcases/kernel/syscalls/quotactl/.gitignore +++ b/testcases/kernel/syscalls/quotactl/.gitignore @@ -2,3 +2,5 @@ /quotactl02 /quotactl03 /quotactl04 +/quotactl05 + diff --git a/testcases/kernel/syscalls/quotactl/quotactl05.c b/testcases/kernel/syscalls/quotactl/quotactl05.c new file mode 100644 index 000000000..2c4f49f7c --- /dev/null +++ b/testcases/kernel/syscalls/quotactl/quotactl05.c @@ -0,0 +1,99 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (c) 2019 FUJITSU LIMITED. All rights reserved. + * Author: Yang Xu + * + * Test Name: quotactl05 + * + * Description: + * This testcase checks basic flags of quotactl(2) for project on an XFS file + * system: + * 1) quotactl(2) succeeds to turn off xfs quota and get xfs quota off status + * for project. + * 2) quotactl(2) succeeds to turn on xfs quota and get xfs quota on status + * for project. + * 3) quotactl(2) succeeds to set and use Q_XGETQUOTA to get xfs disk quota + * limits for project. + * 4) quotactl(2) succeeds to set and use Q_XGETNEXTQUOTA to get xfs disk + * quota limits Cgreater than or equal to ID for project. + * 5) quotactl(2) succeeds to turn off xfs quota and get xfs quota off statv + * for project. + * 6) quotactl(2) succeeds to turn on xfs quota and get xfs quota on statv + * for project. + */ +#include "quotactl02.h" +#if defined(HAVE_XFS_XQM_H) + +static uint32_t qflagp = XFS_QUOTA_PDQ_ENFD; +static struct t_case { + int cmd; + void *addr; + void (*func_check)(); + int check_subcmd; + int flag; + char *des; +} tcases[] = { + {QCMD(Q_XQUOTAOFF, PRJQUOTA), &qflagp, check_qoff, + QCMD(Q_XGETQSTAT, PRJQUOTA), 1, + "turn off xfs quota and get xfs quota off status for project"}, + + {QCMD(Q_XQUOTAON, PRJQUOTA), &qflagp, check_qon, + QCMD(Q_XGETQSTAT, PRJQUOTA), 1, + "turn on xfs quota and get xfs quota on status for project"}, + + {QCMD(Q_XSETQLIM, PRJQUOTA), &set_dquota, check_qlim, + QCMD(Q_XGETQUOTA, PRJQUOTA), 0, + "Q_XGETQUOTA for project"}, + + {QCMD(Q_XSETQLIM, PRJQUOTA), &set_dquota, check_qlim, + QCMD(Q_XGETNEXTQUOTA, PRJQUOTA), 0, + "Q_XGETNEXTQUOTA for project"}, + +#if defined(HAVE_STRUCT_FS_QUOTA_STATV) + {QCMD(Q_XQUOTAOFF, PRJQUOTA), &qflagp, check_qoffv, + QCMD(Q_XGETQSTATV, PRJQUOTA), 1, + "turn off xfs quota and get xfs quota off statv for project"}, + + {QCMD(Q_XQUOTAON, PRJQUOTA), &qflagp, check_qonv, + QCMD(Q_XGETQSTATV, PRJQUOTA), 1, + "turn on xfs quota and get xfs quota on statv for project"}, +#endif +}; + +static void setup(void) +{ + test_id = geteuid(); +} + +static void verify_quota(unsigned int n) +{ + struct t_case *tc = &tcases[n]; + + TEST(quotactl(tc->cmd, tst_device->dev, test_id, tc->addr)); + if (TST_RET == -1) { + tst_res(TFAIL | TTERRNO, "quotactl() failed to %s", tc->des); + return; + } + + if (tc->flag) + tc->func_check(tc->check_subcmd, tc->des, *(int *)(tc->addr)); + else + tc->func_check(tc->check_subcmd, tc->des); +} + +static struct tst_test test = { + .needs_tmpdir = 1, + .needs_root = 1, + .needs_kconfigs = kconfigs, + .test = verify_quota, + .tcnt = ARRAY_SIZE(tcases), + .mount_device = 1, + .dev_fs_type = "xfs", + .mntpoint = mntpoint, + .mnt_data = "prjquota", + .setup = setup, +}; + +#else + TST_TEST_TCONF("This system didn't have "); +#endif