From patchwork Thu Sep 9 15:51:19 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526241 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=OnsaI7kQ; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=iJ/ckHOr; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53Rb37Vkz9sR4 for ; Fri, 10 Sep 2021 01:52:27 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 8B7BB3C8E92 for ; Thu, 9 Sep 2021 17:52:24 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-5.smtp.seeweb.it (in-5.smtp.seeweb.it [IPv6:2001:4b78:1:20::5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 311123C8D8A for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-5.smtp.seeweb.it (Postfix) with ESMTPS id D3E13600095 for ; Thu, 9 Sep 2021 17:51:28 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 951D221CDC for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=CRN/bWTFe48KkbxGojjR+2VbuqjxPPytkL85fezLFWw=; b=OnsaI7kQcLwYXsa/gt3jtsqmDFr/1P4HKuM2pOGI+FXAWXVGRLWX7JzN+OhOGgldhWBMQ7 dFvAhqX5Is0/S6JbLZEl2sb2hvVXtK2YUnaChyF7qBnasnWyk39eTFCie0bH+EKAAuqKOD kDyi1E9BMVSM5YnPfdH6cmvxNwBQ8WI= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=CRN/bWTFe48KkbxGojjR+2VbuqjxPPytkL85fezLFWw=; b=iJ/ckHOrwMbueEoeQereWIRjb1EyH87wa9NvmcCnrThUmEdk+yqQTMSmvgT2aGT7ZpYoUg WJd8Mvr6YdxcCqCA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 729B213CC8 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id lPdqGn8tOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:27 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:19 +0200 Message-Id: <20210909155126.2720-1-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-5.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-5.smtp.seeweb.it Subject: [LTP] [PATCH 1/8] syscalls/rename09: Simplify and convert to new API X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The original test does unnecessaty fork()s and looks up specific usernames which may not exist on some systems. Simplify test and use any two UIDs. Signed-off-by: Martin Doucha --- This is the second batch of fixes for tests failing due to missing system users, this time with API conversions. I'll send one more batch next week. testcases/kernel/syscalls/rename/rename09.c | 293 ++++---------------- 1 file changed, 49 insertions(+), 244 deletions(-) diff --git a/testcases/kernel/syscalls/rename/rename09.c b/testcases/kernel/syscalls/rename/rename09.c index 9b2022592..368a436c2 100644 --- a/testcases/kernel/syscalls/rename/rename09.c +++ b/testcases/kernel/syscalls/rename/rename09.c @@ -1,266 +1,71 @@ +// SPDX-License-Identifier: GPL-2.0-or-later /* - * - * Copyright (c) International Business Machines Corp., 2001 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See - * the GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * Copyright (c) International Business Machines Corp., 2001 + * 07/2001 Ported by Wayne Boyer + * Copyright (C) 2021 SUSE LLC */ -/* - * NAME - * rename09 - * - * DESCRIPTION - * check rename() fails with EACCES - * - * ALGORITHM - * Setup: - * Setup signal handling. - * Create temporary directory. - * Pause for SIGUSR1 if option specified. - * - * Test: - * Loop if the proper options are given. - * fork the first child - * set to be nobody - * create old dir with mode 0700 - * creat a file under it - * fork the second child - * set to bin - * create new dir with mode 0700 - * create a "new" file under it - * try to rename file under old dir to file under new dir - * check the return value, if succeeded (return=0) - * Issue a FAIL message. - * Otherwise, - * Log the errno - * Verify the errno - * if equals to EACCESS, - * Issue Pass message. - * Otherwise, - * Issue Fail message. - * Cleanup: - * Print errno log and/or timing stats if options given - * Delete the temporary directory created. - * - * USAGE - * rename09 [-c n] [-e] [-i n] [-I x] [-P x] [-t] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * - * HISTORY - * 07/2001 Ported by Wayne Boyer - * - * RESTRICTIONS - * Must run test as root. +/*\ + * [Description] * + * Check that renaming/moving a file from directory where the current user does + * not have write permissions fails with EACCES. */ -#include -#include -#include -#include -#include -#include -#include - -#include "test.h" -#include "safe_macros.h" -void setup(); -void cleanup(); +#include +#include +#include -#define PERMS 0700 +#include "tst_test.h" +#include "tst_safe_file_ops.h" +#include "tst_uid.h" -char *TCID = "rename09"; -int TST_TOTAL = 1; +#define SRCDIR "srcdir" +#define DESTDIR "destdir" +#define SRCFILE SRCDIR "/file" +#define DESTFILE DESTDIR "/file" +#define PERMS 0700 -char fdir[255], mdir[255]; -char fname[255], mname[255]; -uid_t nobody_uid, bin_uid; +static uid_t orig_uid, test_users[2]; +static char *tmpdir; -int main(int ac, char **av) +static void setup(void) { - int lc; - int rval; - pid_t pid, pid1; - int status; - - /* - * parse standard options - */ - tst_parse_opts(ac, av, NULL, NULL); - - /* - * perform global setup for test - */ - setup(); - - /* - * check looping state if -i option given - */ - for (lc = 0; TEST_LOOPING(lc); lc++) { - - tst_count = 0; - - if ((pid = FORK_OR_VFORK()) == -1) { - tst_brkm(TBROK, cleanup, "fork() #1 failed"); - } - - if (pid == 0) { /* first child */ - /* set to nobody */ - rval = setreuid(nobody_uid, nobody_uid); - if (rval < 0) { - tst_resm(TWARN, "setreuid failed to " - "to set the real uid to %d and " - "effective uid to %d", - nobody_uid, nobody_uid); - perror("setreuid"); - exit(1); - } - - /* create the a directory with 0700 permits */ - if (mkdir(fdir, PERMS) == -1) { - tst_resm(TWARN, "mkdir(%s, %#o) Failed", - fdir, PERMS); - exit(1); - } - - /* create "old" file under it */ - SAFE_TOUCH(cleanup, fname, 0700, NULL); - - exit(0); - } - - /* wait for child to exit */ - wait(&status); - if (!WIFEXITED(status) || (WEXITSTATUS(status) != 0)) { - tst_brkm(TBROK, cleanup, "First child failed to set " - "up conditions for the test"); - } - - if ((pid1 = FORK_OR_VFORK()) == -1) { - tst_brkm(TBROK, cleanup, "fork() #2 failed"); - } - - if (pid1 == 0) { /* second child */ - /* set to bin */ - if ((rval = seteuid(bin_uid)) == -1) { - tst_resm(TWARN, "seteuid() failed"); - perror("setreuid"); - exit(1); - } - - /* create "new" directory */ - if (mkdir(mdir, PERMS) == -1) { - tst_resm(TWARN, "mkdir(%s, %#o) failed", - mdir, PERMS); - exit(1); - } - - SAFE_TOUCH(cleanup, mname, 0700, NULL); - - /* rename "old" to "new" */ - TEST(rename(fname, mname)); - if (TEST_RETURN != -1) { - tst_resm(TFAIL, "call succeeded unexpectedly"); - continue; - } - - if (TEST_ERRNO != EACCES) { - tst_resm(TFAIL, "Expected EACCES got %d", - TEST_ERRNO); - } else { - tst_resm(TPASS, "rename() returned EACCES"); - } - - /* set the process id back to root */ - if (seteuid(0) == -1) { - tst_resm(TWARN, "seteuid(0) failed"); - exit(1); - } - - /* clean up things in case we are looping */ - SAFE_UNLINK(cleanup, fname); - SAFE_UNLINK(cleanup, mname); - SAFE_RMDIR(cleanup, fdir); - SAFE_RMDIR(cleanup, mdir); - } else { - /* parent - let the second child carry on */ - waitpid(pid1, &status, 0); - if (!WIFEXITED(status) || (WEXITSTATUS(status) != 0)) { - exit(WEXITSTATUS(status)); - } else { - exit(0); - } - } - } - - /* - * cleanup and exit - */ - cleanup(); - tst_exit(); - + umask(0); + orig_uid = getuid(); + tst_get_uids(test_users, 0, 2); + tmpdir = tst_get_tmpdir(); } -/* - * setup() - performs all ONE TIME setup for this test. - */ -void setup(void) +static void run(void) { - struct passwd *pw; - - tst_require_root(); + gid_t curgid = getgid(); - pw = SAFE_GETPWNAM(NULL, "nobody"); - nobody_uid = pw->pw_uid; - pw = SAFE_GETPWNAM(NULL, "bin"); - bin_uid = pw->pw_uid; + SAFE_MKDIR(SRCDIR, PERMS); + SAFE_TOUCH(SRCFILE, PERMS, NULL); + SAFE_CHOWN(SRCDIR, test_users[0], curgid); + SAFE_CHOWN(SRCFILE, test_users[0], curgid); - tst_sig(FORK, DEF_HANDLER, cleanup); + SAFE_SETEUID(test_users[1]); + SAFE_MKDIR(DESTDIR, PERMS); + SAFE_TOUCH(DESTFILE, PERMS, NULL); - TEST_PAUSE; - - /* Create a temporary directory and make it current. */ - tst_tmpdir(); - - umask(0); + TST_EXP_FAIL(rename(SRCFILE, DESTFILE), EACCES, "rename()"); - sprintf(fdir, "tdir_%d", getpid()); - sprintf(mdir, "rndir_%d", getpid()); - sprintf(fname, "%s/tfile_%d", fdir, getpid()); - sprintf(mname, "%s/rnfile_%d", mdir, getpid()); + /* Cleanup between loops */ + SAFE_SETEUID(orig_uid); + tst_purge_dir(tmpdir); } -/* - * cleanup() - performs all ONE TIME cleanup for this test at - * completion or premature exit. - */ -void cleanup(void) +static void cleanup(void) { - - /* - * Remove the temporary directory. - */ - tst_rmdir(); - - /* - * Exit with return code appropriate for results. - */ - + free(tmpdir); } + +static struct tst_test test = { + .test_all = run, + .setup = setup, + .cleanup = cleanup, + .needs_root = 1, + .needs_tmpdir = 1, +}; From patchwork Thu Sep 9 15:51:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526237 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=mtbSn9WW; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=odtmHT37; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53Qn5Vmyz9sX3 for ; Fri, 10 Sep 2021 01:51:45 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 065713C8D83 for ; Thu, 9 Sep 2021 17:51:43 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-4.smtp.seeweb.it (in-4.smtp.seeweb.it [217.194.8.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id CB1EF3C7F5D for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-4.smtp.seeweb.it (Postfix) with ESMTPS id DFFA910005BF for ; Thu, 9 Sep 2021 17:51:28 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id A240F201E6 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+qyIhAU0ElMUtaaBA73UrD4ooeHMVGWcVTUjZAIqwb4=; b=mtbSn9WWfbBgsooLXC1zjRH5ylegJJu0gcF21PJ1b6KdVaNSl9uC1OCSIqkST3/yLA1kRY G8IO5SQGzUEvnGwkJvBvkvqcIYP03fE9DO5BC1SZKksk1iCGNcUbXlaUoxWGzNGHIRShvi MCnxftZZGlEc1XEgifNPH6IJCxTZZDQ= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+qyIhAU0ElMUtaaBA73UrD4ooeHMVGWcVTUjZAIqwb4=; b=odtmHT37fsi4zuasI1RzbqRswgZwvTkujvpjQ5miS6nmXYGuHEGMW9S9EZiX+3+qjiTZ9U 1xlCZNetENoYBVDQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 8D48613E37 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id gECHIX8tOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:27 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:20 +0200 Message-Id: <20210909155126.2720-2-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-4.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-4.smtp.seeweb.it Subject: [LTP] [PATCH 2/8] Add SAFE_SETRESUID()/SAFE_SETRESGID() helper functions X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" Signed-off-by: Martin Doucha --- include/tst_safe_macros.h | 10 ++++++++++ lib/tst_safe_macros.c | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) diff --git a/include/tst_safe_macros.h b/include/tst_safe_macros.h index 6fd618597..d99441c86 100644 --- a/include/tst_safe_macros.h +++ b/include/tst_safe_macros.h @@ -120,6 +120,16 @@ int safe_setreuid(const char *file, const int lineno, #define SAFE_SETREUID(ruid, euid) \ safe_setreuid(__FILE__, __LINE__, (ruid), (euid)) +int safe_setresgid(const char *file, const int lineno, + gid_t rgid, gid_t egid, gid_t sgid); +#define SAFE_SETRESGID(rgid, egid, sgid) \ + safe_setresgid(__FILE__, __LINE__, (rgid), (egid), (sgid)) + +int safe_setresuid(const char *file, const int lineno, + uid_t ruid, uid_t euid, uid_t suid); +#define SAFE_SETRESUID(ruid, euid, suid) \ + safe_setresuid(__FILE__, __LINE__, (ruid), (euid), (suid)) + #define SAFE_GETRESUID(ruid, euid, suid) \ safe_getresuid(__FILE__, __LINE__, NULL, (ruid), (euid), (suid)) diff --git a/lib/tst_safe_macros.c b/lib/tst_safe_macros.c index fcff6d161..36b5da66f 100644 --- a/lib/tst_safe_macros.c +++ b/lib/tst_safe_macros.c @@ -145,6 +145,45 @@ int safe_setreuid(const char *file, const int lineno, return rval; } +int safe_setresgid(const char *file, const int lineno, + gid_t rgid, gid_t egid, gid_t sgid) +{ + int ret; + + ret = setresgid(rgid, egid, sgid); + + if (ret == -1) { + tst_brk_(file, lineno, TBROK | TERRNO, + "setregid(%li, %li, %li) failed", (long)rgid, + (long)egid, (long)sgid); + } else if (ret) { + tst_brk_(file, lineno, TBROK | TERRNO, + "Invalid setregid(%li, %li, %li) return value %d", + (long)rgid, (long)egid, (long)sgid, ret); + } + + return ret; +} + +int safe_setresuid(const char *file, const int lineno, + uid_t ruid, uid_t euid, uid_t suid) +{ + int ret; + + ret = setresuid(ruid, euid, suid); + + if (ret == -1) { + tst_brk_(file, lineno, TBROK | TERRNO, + "setreuid(%li, %li, %li) failed", (long)ruid, + (long)euid, (long)suid); + } else if (ret) { + tst_brk_(file, lineno, TBROK | TERRNO, + "Invalid setreuid(%li, %li, %li) return value %d", + (long)ruid, (long)euid, (long)suid, ret); + } + + return ret; +} int safe_sigaction(const char *file, const int lineno, int signum, const struct sigaction *act, From patchwork Thu Sep 9 15:51:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526240 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=RnEYKsn7; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=7+uOvc4p; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53RN3y09z9sR4 for ; Fri, 10 Sep 2021 01:52:16 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 749D23C8F07 for ; Thu, 9 Sep 2021 17:52:14 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-6.smtp.seeweb.it (in-6.smtp.seeweb.it [IPv6:2001:4b78:1:20::6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 245213C8D83 for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-6.smtp.seeweb.it (Postfix) with ESMTPS id D772A1400514 for ; Thu, 9 Sep 2021 17:51:28 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id B4969201E8 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=sqT2Gq8iTLmmkEY35bXUUl9fRQdDOEd+R7YX93xfpBM=; b=RnEYKsn7EVdlPYJ7nDVlgFFuObTec8F9PlvE2A2n4b1X/himaLK5nGyOkVcxg36uotNMLh L3hLm2QGPZwhAQBi0R2P9zZOTC/OxwPvAJURyxKP3OSmqoHG+c8xQl1oeGvBIrkPyZUPfL LwGoxwPihb3IkjK3GIt52ctQmiivrcg= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=sqT2Gq8iTLmmkEY35bXUUl9fRQdDOEd+R7YX93xfpBM=; b=7+uOvc4pHlVAsDccc5ZjCnos71mAajij7ab4KOobi9zEbQD4LdoidBhXd3e0wYXI0b/1H5 AuCruj6PDEWlSkAQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id A221E13CC8 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id sKGWJn8tOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:27 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:21 +0200 Message-Id: <20210909155126.2720-3-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-6.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-6.smtp.seeweb.it Subject: [LTP] [PATCH 3/8] Add tst_check_resuid() and tst_check_resgid() helper functions X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" --- include/tst_uid.h | 13 ++++++++++++ lib/tst_uid.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) diff --git a/include/tst_uid.h b/include/tst_uid.h index b653d0a1e..e604effce 100644 --- a/include/tst_uid.h +++ b/include/tst_uid.h @@ -24,4 +24,17 @@ gid_t tst_get_free_gid_(const char *file, const int lineno, gid_t skip); void tst_get_uids(uid_t *buf, unsigned int start, unsigned int size); void tst_get_gids(gid_t *buf, unsigned int start, unsigned int size); +/* + * Helper functions for checking current proces UIDs/GIDs. + */ +int tst_check_resuid_(const char *file, const int lineno, const char *callstr, + uid_t exp_ruid, uid_t exp_euid, uid_t exp_suid); +#define tst_check_resuid(cstr, ruid, euid, suid) \ + tst_check_resuid_(__FILE__, __LINE__, (cstr), (ruid), (euid), (suid)) + +int tst_check_resgid_(const char *file, const int lineno, const char *callstr, + gid_t exp_rgid, gid_t exp_egid, gid_t exp_sgid); +#define tst_check_resgid(cstr, rgid, egid, sgid) \ + tst_check_resgid_(__FILE__, __LINE__, (cstr), (rgid), (egid), (sgid)) + #endif /* TST_UID_H_ */ diff --git a/lib/tst_uid.c b/lib/tst_uid.c index 08855ba46..af4ef8cf7 100644 --- a/lib/tst_uid.c +++ b/lib/tst_uid.c @@ -68,3 +68,53 @@ void tst_get_gids(gid_t *buf, unsigned int start, unsigned int count) buf[i++] = id; } } + +int tst_check_resuid_(const char *file, const int lineno, const char *callstr, + uid_t exp_ruid, uid_t exp_euid, uid_t exp_suid) +{ + uid_t ruid, euid, suid; + + SAFE_GETRESUID(&ruid, &euid, &suid); + + if (ruid == exp_ruid && euid == exp_euid && suid == exp_suid) + return 1; + + if (callstr) { + tst_res_(file, lineno, TFAIL, "Unexpected process UID after %s", + callstr); + } else { + tst_res_(file, lineno, TFAIL, "Unexpected process UID"); + } + + tst_res_(file, lineno, TINFO, "Got: ruid = %d, euid = %d, suid = %d", + (int)ruid, (int)euid, (int)suid); + tst_res_(file, lineno, TINFO, + "Expected: ruid = %d, euid = %d, suid = %d", + (int)exp_ruid, (int)exp_euid, (int)exp_suid); + return 0; +} + +int tst_check_resgid_(const char *file, const int lineno, const char *callstr, + gid_t exp_rgid, gid_t exp_egid, gid_t exp_sgid) +{ + gid_t rgid, egid, sgid; + + SAFE_GETRESGID(&rgid, &egid, &sgid); + + if (rgid == exp_rgid && egid == exp_egid && sgid == exp_sgid) + return 1; + + if (callstr) { + tst_res_(file, lineno, TFAIL, "Unexpected process GID after %s", + callstr); + } else { + tst_res_(file, lineno, TFAIL, "Unexpected process GID"); + } + + tst_res_(file, lineno, TINFO, "Got: rgid = %d, egid = %d, sgid = %d", + (int)rgid, (int)egid, (int)sgid); + tst_res_(file, lineno, TINFO, + "Expected: rgid = %d, egid = %d, sgid = %d", + (int)exp_rgid, (int)exp_egid, (int)exp_sgid); + return 0; +} From patchwork Thu Sep 9 15:51:22 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526238 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=NTP4zX1l; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=DENBIjHH; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53Qz2w1qz9sR4 for ; Fri, 10 Sep 2021 01:51:55 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id E99073C7F5D for ; Thu, 9 Sep 2021 17:51:52 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-7.smtp.seeweb.it (in-7.smtp.seeweb.it [217.194.8.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id CC2C33C8D80 for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-7.smtp.seeweb.it (Postfix) with ESMTPS id DC0322005DC for ; Thu, 9 Sep 2021 17:51:28 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id CB4EF223C8 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yTNwCxDURqDqTHPqBcZ2EaFZQjFLUUKhELbFGnCg3Ko=; b=NTP4zX1lvelyT0xNU5mBXo90hGLlRfwOw3Bkfp68FD8b+QYOO74y4mL6wRfIO9qSdv4+19 B9Ns91EhIZFrGbxwIz9JK8wA9opAo+FX6EoFZYPweOG0n1d5aGcJNEpk/vN3ImTzaIH8fl YelXY3CmYBx1w0I2Z5COzdddp8UbOXM= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yTNwCxDURqDqTHPqBcZ2EaFZQjFLUUKhELbFGnCg3Ko=; b=DENBIjHH+GhF+395sNx+j2+gWm/FwmltUaY8xLWUS268o7/MlxCiUp3RM8CH7llRL+3/8C wWI+QbByKMY4RtAA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id B7DAF13E37 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id sB72K38tOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:27 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:22 +0200 Message-Id: <20210909155126.2720-4-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-7.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-7.smtp.seeweb.it Subject: [LTP] [PATCH 4/8] syscalls/setresgid02: Convert to new API X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The original test looks up specific usernames which may not exist on some systems. Use any two non-root IDs instead. Signed-off-by: Martin Doucha --- .../kernel/syscalls/setresgid/setresgid02.c | 271 ++++-------------- 1 file changed, 62 insertions(+), 209 deletions(-) diff --git a/testcases/kernel/syscalls/setresgid/setresgid02.c b/testcases/kernel/syscalls/setresgid/setresgid02.c index 2c45fc27a..13b8689f0 100644 --- a/testcases/kernel/syscalls/setresgid/setresgid02.c +++ b/testcases/kernel/syscalls/setresgid/setresgid02.c @@ -1,237 +1,90 @@ +// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (c) Wipro Technologies Ltd, 2002. All Rights Reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of version 2 of the GNU General Public License as - * published by the Free Software Foundation. - * - * This program is distributed in the hope that it would be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * + * AUTHOR: Madhu T L + * Copyright (C) 2021 SUSE LLC */ -/********************************************************** - * - * TEST IDENTIFIER : setresgid02 - * - * EXECUTED BY : root / superuser - * - * TEST TITLE : Checking functionality of setresgid(2) for - * non-root group id. - * - * TEST CASE TOTAL : 6 - * - * AUTHOR : Madhu T L - * - * SIGNALS - * Uses SIGUSR1 to pause before test if option set. - * (See the parse_opts(3) man page). - * - * DESCRIPTION - * Verify that for non-root effective group id, - * 1. setresgid(2) is successful for setresgid(-1, -1, -1) - * 2. setresgid(2) is successful for setresgid(-1, -1, bin) - * 3. setresgid(2) is successful for setresgid(-1, bin, -1) - * 4. setresgid(2) is successful for setresgid(bin, -1, -1) - * 5. setresgid(2) is successful for setresgid(root, root, root) - * 6. setresgid(2) is successful for setresgid(root, nobody, nobody) - * - * Setup: - * Setup signal handling. - * Test caller is superuser - * Check existence of root, bin and nobody user id's - * Pause for SIGUSR1 if option specified. - * - * Test: - * Loop if the proper options are given. - * Execute system call - * Check return value and functionality, if success, - * Issue PASS message - * Otherwise, - * Issue FAIL message - * - * Cleanup: - * Print errno log and/or timing stats if options given - * - * USAGE: - * setresgid02 [-c n] [-e] [-f] [-h] [-i n] [-I x] [-p] [-P x] [-t] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -f : Turn off functional testing - * -h : Show help screen - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -p : Pause for SIGUSR1 before starting - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * - * CHANGE: Madhu T L - * Date: April 9 2003 - * Replaced setegid() by setresgid() in setup() - ****************************************************************/ -#define _GNU_SOURCE 1 -#include -#include -#include -#include -#include "test.h" -#include "safe_macros.h" -#include "compat_16.h" +/*\ + * [Description] + * + * Verify that setresgid() will successfully set the expected GID when called + * by root with the following combinations of arguments: + * 1. setresgid(-1, -1, -1) + * 2. setresgid(-1, -1, other) + * 3. setresgid(-1, other, -1) + * 4. setresgid(other, -1, -1) + * 5. setresgid(root, root, root) + * 6. setresgid(root, main, main) + */ -#define EXP_RET_VAL 0 +#include "tst_test.h" +#include "tst_uid.h" +#include "compat_tst_16.h" struct test_case_t { /* test case structure */ - uid_t *rgid; /* real GID */ - uid_t *egid; /* effective GID */ - uid_t *sgid; /* saved GID */ - struct passwd *exp_rgid; /* Expected real GID */ - struct passwd *exp_egid; /* Expected effective GID */ - struct passwd *exp_sgid; /* Expected saved GID */ + gid_t *rgid; /* real GID */ + gid_t *egid; /* effective GID */ + gid_t *sgid; /* saved GID */ + gid_t *exp_rgid; /* Expected real GID */ + gid_t *exp_egid; /* Expected effective GID */ + gid_t *exp_sgid; /* Expected saved GID */ char *desc; /* Test description */ }; -TCID_DEFINE(setresgid02); -static int testno; -static struct passwd nobody, bin, root; -static uid_t nobody_gid, root_gid, bin_gid, neg = -1; - -static int test_functionality(uid_t, uid_t, uid_t); -static void setup(void); -static void cleanup(void); +static gid_t root_gid, main_gid, other_gid, neg = -1; /* Don't change order of these test cases */ -static struct test_case_t tdat[] = { - {&neg, &neg, &neg, &root, &nobody, &nobody, +static struct test_case_t test_cases[] = { + {&neg, &neg, &neg, &root_gid, &main_gid, &main_gid, "setresgid(-1, -1, -1)"}, - {&neg, &neg, &bin.pw_gid, &root, &nobody, &bin, - "setresgid(-1, -1, bin)"}, - {&neg, &bin.pw_gid, &neg, &root, &bin, &bin, - "setresgid(-1, bin, -1)"}, - {&bin.pw_gid, &neg, &neg, &bin, &bin, &bin, - "setresgid(bin, -1, -1)"}, - {&root.pw_gid, &root.pw_gid, &root.pw_gid, &root, &root, &root, + {&neg, &neg, &other_gid, &root_gid, &main_gid, &other_gid, + "setresgid(-1, -1, other)"}, + {&neg, &other_gid, &neg, &root_gid, &other_gid, &other_gid, + "setresgid(-1, other, -1)"}, + {&other_gid, &neg, &neg, &other_gid, &other_gid, &other_gid, + "setresgid(other, -1, -1)"}, + {&root_gid, &root_gid, &root_gid, &root_gid, &root_gid, &root_gid, "setresgid(root, root, root)"}, - {&root.pw_gid, &nobody.pw_gid, &nobody.pw_gid, &root, &nobody, &nobody, - "setresgid(root, nobody, nobody)"}, + {&root_gid, &main_gid, &main_gid, &root_gid, &main_gid, &main_gid, + "setresgid(root, main, main)"}, }; -int TST_TOTAL = sizeof(tdat) / sizeof(tdat[0]); - -int main(int argc, char **argv) +static void setup(void) { - int lc; - - tst_parse_opts(argc, argv, NULL, NULL); - - setup(); - - for (lc = 0; TEST_LOOPING(lc); lc++) { - /* reset tst_count in case we are looping */ - tst_count = 0; - - for (testno = 0; testno < TST_TOTAL; ++testno) { + gid_t test_groups[3]; - TEST(SETRESGID(cleanup, *tdat[testno].rgid, *tdat[testno].egid, - *tdat[testno].sgid)); + root_gid = test_groups[0] = getgid(); + tst_get_gids(test_groups, 1, 3); + main_gid = test_groups[1]; + other_gid = test_groups[2]; - if (TEST_RETURN == EXP_RET_VAL) { - if (!test_functionality - (tdat[testno].exp_rgid->pw_gid, - tdat[testno].exp_egid->pw_gid, - tdat[testno].exp_sgid->pw_gid)) { + GID16_CHECK(root_gid, setresgid); + GID16_CHECK(main_gid, setresgid); + GID16_CHECK(other_gid, setresgid); - tst_resm(TPASS, "Test for %s " - "successful", - tdat[testno].desc); - } else { - tst_resm(TFAIL, "Functionality test " - "for %s failed", - tdat[testno].desc); - } - } else { - tst_resm(TFAIL, "Test for %s failed; returned" - " %ld (expected %d), errno %d (expected" - " 0)", tdat[testno].desc, - TEST_RETURN, EXP_RET_VAL, TEST_ERRNO); - } - } - } - cleanup(); - - tst_exit(); + /* Set effective/saved GID to main GID */ + SAFE_SETRESGID(-1, main_gid, main_gid); } -static int test_functionality(uid_t exp_rgid, uid_t exp_egid, uid_t exp_sgid) +static void run(unsigned int n) { - uid_t cur_rgid, cur_egid, cur_sgid; - - /* Get current real, effective and saved group id */ - SAFE_GETRESGID(cleanup, &cur_rgid, &cur_egid, &cur_sgid); - - if ((cur_rgid == exp_rgid) && (cur_egid == exp_egid) - && (cur_sgid == exp_sgid)) { - return 0; - } - return 1; -} - -/* - * setup() - * performs all ONE TIME setup for this test - */ -void setup(void) -{ - struct passwd *passwd_p; - - tst_require_root(); - - tst_sig(NOFORK, DEF_HANDLER, cleanup); - - if ((passwd_p = getpwnam("root")) == NULL) { - tst_brkm(TBROK, NULL, "getpwnam() failed for root"); + const struct test_case_t *tc = test_cases + n; - } - root = *passwd_p; - GID16_CHECK((root_gid = root.pw_gid), "setresgid", cleanup) + TST_EXP_PASS_SILENT(SETRESGID(*tc->rgid, *tc->egid, *tc->sgid), "%s", + tc->desc); - if ((passwd_p = getpwnam("bin")) == NULL) { - tst_brkm(TBROK, NULL, "bin user id doesn't exist"); + if (!TST_PASS) + return; - } - bin = *passwd_p; - GID16_CHECK((bin_gid = bin.pw_gid), "setresgid", cleanup) - - if ((passwd_p = getpwnam("nobody")) == NULL) { - tst_brkm(TBROK, NULL, "nobody user id doesn't exist"); - - } - nobody = *passwd_p; - GID16_CHECK((nobody_gid = nobody.pw_gid), "setresgid", cleanup) - - /* Set effective/saved gid to nobody */ - if (setresgid(-1, nobody_gid, nobody_gid) == -1) { - tst_brkm(TBROK, NULL, "setup() failed for setting while" - " setting real/effective/saved gid"); - - } - - /* Pause if that option was specified - * TEST_PAUSE contains the code to fork the test with the -c option. - */ - TEST_PAUSE; + if (tst_check_resgid(tc->desc, *tc->exp_rgid, *tc->exp_egid, + *tc->exp_sgid)) + tst_res(TPASS, "%s works as expected", tc->desc); } -/* - * cleanup() - * performs all ONE TIME cleanup for this test at - * completion or premature exit - */ -void cleanup(void) -{ - -} +static struct tst_test test = { + .test = run, + .tcnt = ARRAY_SIZE(test_cases), + .setup = setup, + .needs_root = 1, +}; From patchwork Thu Sep 9 15:51:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526239 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=md5q6EyS; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=e0EVCi5L; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53RB40Cdz9sX3 for ; Fri, 10 Sep 2021 01:52:06 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 682C83C8E51 for ; Thu, 9 Sep 2021 17:52:04 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-3.smtp.seeweb.it (in-3.smtp.seeweb.it [IPv6:2001:4b78:1:20::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 245AF3C8D87 for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-3.smtp.seeweb.it (Postfix) with ESMTPS id DDF781A0066F for ; Thu, 9 Sep 2021 17:51:28 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id F08BA223C9 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AFsrI0+R61NFVmO+eKmnXJ17FW/JpZC7vCMO0+Ti6sc=; b=md5q6EySaRxvmGa2ZVkKrXx/nb9A3S/b8W91N77+gxmgeibmKD/tCiMy3alvEtXuN53zKq s2zt8ue71uzjKD3+5ZyanXu/GNUz1/3o2sWwuomz6w7eEAbFFe269ZGi99VKEw+o96YsEi tSJsbkTxlljhFlxWhLaL+m/XWpgnd04= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202687; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AFsrI0+R61NFVmO+eKmnXJ17FW/JpZC7vCMO0+Ti6sc=; b=e0EVCi5LTyyrmclpH3yXBdpJG/tEvnm5uOHCrblOPItUcZR3huyI2szJ2KKTCXtQyUycU1 bPp+ccV1d/3ZeQBA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id D030413CC8 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id UAntMX8tOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:27 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:23 +0200 Message-Id: <20210909155126.2720-5-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-3.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-3.smtp.seeweb.it Subject: [LTP] [PATCH 5/8] syscalls/setresgid03: Convert to new API X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The original test needs user "bin" which may not exist on some systems. Use any non-root ID instead. Signed-off-by: Martin Doucha --- .../kernel/syscalls/setresgid/setresgid03.c | 267 ++++-------------- 1 file changed, 62 insertions(+), 205 deletions(-) diff --git a/testcases/kernel/syscalls/setresgid/setresgid03.c b/testcases/kernel/syscalls/setresgid/setresgid03.c index 78c89487b..e48cdf4ef 100644 --- a/testcases/kernel/syscalls/setresgid/setresgid03.c +++ b/testcases/kernel/syscalls/setresgid/setresgid03.c @@ -1,233 +1,90 @@ +// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (c) Wipro Technologies Ltd, 2002. All Rights Reserved. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of version 2 of the GNU General Public License as - * published by the Free Software Foundation. - * - * This program is distributed in the hope that it would be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * + * AUTHOR: Madhu T L + * Copyright (C) 2021 SUSE LLC */ -/********************************************************** - * - * TEST IDENTIFIER : setresgid03 - * - * EXECUTED BY : root / superuser - * - * TEST TITLE : Checking error conditions for setresgid(2) - * - * TEST CASE TOTAL : 4 - * - * AUTHOR : Madhu T L - * - * SIGNALS - * Uses SIGUSR1 to pause before test if option set. - * (See the parse_opts(3) man page). - * - * DESCRIPTION - * Verify that, - * 1. setresgid(2) fails with EPERM for unprivileged user in setting - * saved group id. - * 2. setresgid(2) fails with EPERM for unprivileged user in setting - * effective group id. - * 3. setresgid(2) fails with EPERM for unprivileged user in setting - * real group id. - * 4. setresgid(2) fails with EPERM for unprivileged user in setting - * real/effective/saved group id. - * - * Setup: - * Setup signal handling. - * Test caller is superuser - * Check existence of user id's root/bin/nobody - * Set real/effective/saved gid to nobody - * Set effective uid to nobody - * Pause for SIGUSR1 if option specified. - * - * Test: - * Loop if the proper options are given. - * Execute system call - * Check return value, errno and functionality, if success, - * Issue PASS message - * Otherwise, - * Issue FAIL message - * - * Cleanup: - * Print errno log and/or timing stats if options given - * - * USAGE: - * setresgid03 [-c n] [-e] [-f] [-h] [-i n] [-I x] [-p] [-P x] [-t] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -f : Turn off functional testing - * -h : Show help screen - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -p : Pause for SIGUSR1 before starting - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. + +/*\ + * [Description] * - ****************************************************************/ + * Verify that setresgid() fails with EPERM if unprivileged user tries to set + * process group ID which requires higher permissions. + */ -#define _GNU_SOURCE 1 -#include -#include #include -#include -#include "test.h" -#include "safe_macros.h" -#include "compat_16.h" +#include -#define EXP_RET_VAL -1 -#define EXP_ERRNO EPERM -#define TEST_DESC "unprivileged user" +#include "tst_test.h" +#include "tst_uid.h" +#include "compat_tst_16.h" struct test_case_t { /* test case structure */ - uid_t *rgid; /* real GID */ - uid_t *egid; /* effective GID */ - uid_t *sgid; /* saved GID */ - struct passwd *exp_rgid; /* Expected real GID */ - struct passwd *exp_egid; /* Expected effective GID */ - struct passwd *exp_sgid; /* Expected saved GID */ + gid_t *rgid; /* real GID */ + gid_t *egid; /* effective GID */ + gid_t *sgid; /* saved GID */ + gid_t *exp_rgid; /* Expected real GID */ + gid_t *exp_egid; /* Expected effective GID */ + gid_t *exp_sgid; /* Expected saved GID */ + char *desc; /* Test description */ }; -TCID_DEFINE(setresgid03); -static int testno; -static struct passwd nobody, bin, root; -static uid_t nobody_gid, bin_gid, neg = -1; - -static int test_functionality(uid_t, uid_t, uid_t); -static void setup(void); -static void cleanup(void); - -static struct test_case_t tdat[] = { - {&neg, &neg, &bin.pw_gid, &nobody, &nobody, &nobody}, - {&neg, &bin.pw_gid, &neg, &nobody, &nobody, &nobody}, - {&bin.pw_gid, &neg, &neg, &nobody, &nobody, &nobody}, - {&bin.pw_gid, &bin.pw_gid, &bin.pw_gid, &nobody, &nobody, &nobody}, +static gid_t nobody_gid, other_gid, neg = -1; + +static struct test_case_t test_cases[] = { + {&neg, &neg, &other_gid, &nobody_gid, &nobody_gid, &nobody_gid, + "setresgid(-1, -1, other)"}, + {&neg, &other_gid, &neg, &nobody_gid, &nobody_gid, &nobody_gid, + "setresgid(-1, other, -1)"}, + {&other_gid, &neg, &neg, &nobody_gid, &nobody_gid, &nobody_gid, + "setresgid(other, -1, -1)"}, + {&other_gid, &other_gid, &other_gid, &nobody_gid, &nobody_gid, + &nobody_gid, "setresgid(other, other, other)"}, }; -int TST_TOTAL = sizeof(tdat) / sizeof(tdat[0]); - -int main(int argc, char **argv) +static void setup(void) { - int lc; - - tst_parse_opts(argc, argv, NULL, NULL); - - setup(); - - for (lc = 0; TEST_LOOPING(lc); lc++) { - /* reset tst_count in case we are looping */ - tst_count = 0; - - for (testno = 0; testno < TST_TOTAL; ++testno) { - - TEST(SETRESGID(cleanup, *tdat[testno].rgid, *tdat[testno].egid, - *tdat[testno].sgid)); - - if ((TEST_RETURN == EXP_RET_VAL) && - (TEST_ERRNO == EXP_ERRNO)) { - - if (!test_functionality - (tdat[testno].exp_rgid->pw_gid, - tdat[testno].exp_egid->pw_gid, - tdat[testno].exp_sgid->pw_gid)) { - - tst_resm(TPASS, "setresgid() failed as " - "expected for %s : errno %d", - TEST_DESC, TEST_ERRNO); - } else { - tst_resm(TFAIL, "Functionality test " - "for setresgid() for %s failed", - TEST_DESC); - } - - } else { - tst_resm(TFAIL, "setresgid() returned " - "unexpected results for %s ; returned" - " %ld (expected %d), errno %d (expected" - " %d)", TEST_DESC, - TEST_RETURN, EXP_RET_VAL, TEST_ERRNO, - EXP_ERRNO); - } - } - } - cleanup(); - - tst_exit(); -} + gid_t test_groups[2]; + struct passwd *pw = SAFE_GETPWNAM("nobody"); -static int test_functionality(uid_t exp_rgid, uid_t exp_egid, uid_t exp_sgid) -{ - uid_t cur_rgid, cur_egid, cur_sgid; + nobody_gid = test_groups[0] = pw->pw_gid; + tst_get_gids(test_groups, 1, 2); + other_gid = test_groups[1]; - /* Get current real, effective and saved group id */ - SAFE_GETRESGID(cleanup, &cur_rgid, &cur_egid, &cur_sgid); + GID16_CHECK(nobody_gid, setresgid); + GID16_CHECK(other_gid, setresgid); - if ((cur_rgid == exp_rgid) && (cur_egid == exp_egid) - && (cur_sgid == exp_sgid)) { - return 0; - } - return 1; + /* Set real/effective/saved gid to nobody */ + SAFE_SETRESGID(nobody_gid, nobody_gid, nobody_gid); + SAFE_SETUID(pw->pw_uid); } -/* - * setup() - * performs all ONE TIME setup for this test - */ -void setup(void) +static void run(unsigned int n) { - struct passwd *passwd_p; - - tst_require_root(); - - tst_sig(NOFORK, DEF_HANDLER, cleanup); - - if ((passwd_p = getpwnam("root")) == NULL) { - tst_brkm(TBROK, NULL, "getpwnam() failed for root"); + const struct test_case_t *tc = test_cases + n; - } - root = *passwd_p; - - if ((passwd_p = getpwnam("bin")) == NULL) { - tst_brkm(TBROK, NULL, "bin user id doesn't exist"); + TEST(SETRESGID(*tc->rgid, *tc->egid, *tc->sgid)); + if (TST_RET != -1) { + tst_res(TFAIL | TTERRNO, "%s returned unexpected value %ld", + tc->desc, TST_RET); + return; } - bin = *passwd_p; - GID16_CHECK((bin_gid = bin.pw_gid), "setresgid", cleanup) - - if ((passwd_p = getpwnam("nobody")) == NULL) { - tst_brkm(TBROK, NULL, "nobody user id doesn't exist"); + if (TST_ERR != EPERM) { + tst_res(TFAIL | TTERRNO, "%s returned unexpected error", + tc->desc); + return; } - nobody = *passwd_p; - GID16_CHECK((nobody_gid = nobody.pw_gid), "setresgid", cleanup) - /* Set real/effective/saved gid to nobody */ - if (setresgid(nobody_gid, nobody_gid, nobody_gid) == -1) { - tst_brkm(TBROK, NULL, "setup() failed for setting while" - " setting real/effective/saved gid"); - } - /* Set euid to nobody */ - SAFE_SETUID(NULL, nobody.pw_uid); - /* Pause if that option was specified - * TEST_PAUSE contains the code to fork the test with the -c option. - */ - TEST_PAUSE; + if (tst_check_resgid(tc->desc, *tc->exp_rgid, *tc->exp_egid, + *tc->exp_sgid)) + tst_res(TPASS | TTERRNO, "%s failed as expected", tc->desc); } -/* - * cleanup() - * performs all ONE TIME cleanup for this test at - * completion or premature exit - */ -void cleanup(void) -{ - -} +static struct tst_test test = { + .test = run, + .tcnt = ARRAY_SIZE(test_cases), + .setup = setup, + .needs_root = 1, +}; From patchwork Thu Sep 9 15:51:24 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526236 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=l101RXVz; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=2TbDZHjt; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53Qb3SQMz9sR4 for ; Fri, 10 Sep 2021 01:51:35 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id B73F33C21FF for ; Thu, 9 Sep 2021 17:51:32 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-5.smtp.seeweb.it (in-5.smtp.seeweb.it [217.194.8.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id C21BA3C21FF for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-5.smtp.seeweb.it (Postfix) with ESMTPS id CCB216009BA for ; Thu, 9 Sep 2021 17:51:28 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 1625E201E9 for ; Thu, 9 Sep 2021 15:51:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202688; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Gpofapi5PcppWo4TdkaYJ6cZp71xt+4Mcy0xZTtmA/s=; b=l101RXVzDUNkWxWE0OVaJHUucHoDWaNcMk560NshFJBvewXI6UMoCyopiCLqpH5o4+5FWy QROzFvvG8W0YHciMqtPm+MPTUCNC6WCnz3x6MS+tONN5WaaxYY41EzarBqne48bI0X8GMC CiQIlSEae06W0V1vMRtPpJXkAk3vWdM= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202688; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Gpofapi5PcppWo4TdkaYJ6cZp71xt+4Mcy0xZTtmA/s=; b=2TbDZHjtJNuNjywdWW0ibu2eWnQPoHqbfieBitygG5Q15ckrfhK0vIir2J5m0FBIpQCY1R KctpcdQM+GTAMyBQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 009A113E37 for ; Thu, 9 Sep 2021 15:51:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id kMHcOn8tOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:27 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:24 +0200 Message-Id: <20210909155126.2720-6-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-5.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-5.smtp.seeweb.it Subject: [LTP] [PATCH 6/8] syscalls/setresuid01: Convert to new API X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The original test needs user "bin" which may not exist on some systems. Use any non-root UID instead. Signed-off-by: Martin Doucha --- .../kernel/syscalls/setresuid/setresuid01.c | 256 ++++-------------- 1 file changed, 59 insertions(+), 197 deletions(-) diff --git a/testcases/kernel/syscalls/setresuid/setresuid01.c b/testcases/kernel/syscalls/setresuid/setresuid01.c index 9f448896b..e9eb8517e 100644 --- a/testcases/kernel/syscalls/setresuid/setresuid01.c +++ b/testcases/kernel/syscalls/setresuid/setresuid01.c @@ -1,221 +1,83 @@ +// SPDX-License-Identifier: GPL-2.0-only /* - * - * Copyright (c) International Business Machines Corp., 2001 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See - * the GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * Copyright (c) International Business Machines Corp., 2001 + * 07/2001 ported by John George + * Copyright (C) 2021 SUSE LLC */ -/* - * NAME - * setresuid01.c +/*\ + * [Description] * - * DESCRIPTION - * Test setresuid() when executed by root. - * - * ALGORITHM - * - * Setup: - * Setup signal handling - * Get user information. - * Pause for SIGUSER1 if option specified. - * Setup test values. - * Loop if the proper options are given. - * For each test execute the system call - * Check return code, if system call failed (return=-1) - * Log the errno and Issue a FAIL message. - * Otherwise, - * Verify the Functionality of system call - * if successful, - * Issue Functionality-Pass message. - * Otherwise, - * Issue Functionality-Fail message. - * Cleanup: - * Print errno log and/or timing stats if options given. - * - * USAGE: - * setresuid01 [-c n] [-e] [-f] [-i n] [-I x] [-P x] [-t] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -f : Turn off functionality Testing. - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * History - * 07/2001 John George - * -Ported - * - * Restrictions - * This test must be ran as root. - * nobody and bin must be valid users. + * Test setresuid() when executed by root. */ -#define _GNU_SOURCE 1 -#include -#include -#include -#include "test.h" -#include -#include "compat_16.h" - -TCID_DEFINE(setresuid01); +#include "tst_test.h" +#include "tst_uid.h" +#include "compat_tst_16.h" -uid_t nobody_pw_uid, root_pw_uid, bin_pw_uid; -uid_t neg_one = -1; +static uid_t root_uid, main_uid, other_uid, neg_one = -1; -struct passwd nobody, bin, root; - -/* - * The following structure contains all test data. Each structure in the array - * is used for a separate test. The tests are executed in the for loop below. - */ - -struct test_data_t { +static struct test_data_t { uid_t *real_uid; uid_t *eff_uid; uid_t *sav_uid; - struct passwd *exp_real_usr; - struct passwd *exp_eff_usr; - struct passwd *exp_sav_usr; + uid_t *exp_real_uid; + uid_t *exp_eff_uid; + uid_t *exp_sav_uid; char *test_msg; } test_data[] = { - { - &neg_one, &neg_one, &neg_one, &root, &root, &root, - "After setresuid(-1, -1, -1),"}, { - &neg_one, &neg_one, &nobody_pw_uid, &root, &root, &nobody, - "After setresuid(-1, -1, nobody),"}, { - &neg_one, &bin_pw_uid, &neg_one, &root, &bin, &nobody, - "After setresuid(-1, bin, -1),"}, { - &neg_one, &neg_one, &root_pw_uid, &root, &bin, &root, - "After setresuid(-1, -1, root),"}, { - &neg_one, &neg_one, &bin_pw_uid, &root, &bin, &bin, - "After setresuid(-1, -1, bin),"}, { - &neg_one, &root_pw_uid, &neg_one, &root, &root, &bin, - "After setresuid(-1, root, -1),"}, { - &nobody_pw_uid, &neg_one, &neg_one, &nobody, &root, &bin, - "After setresuid(nobody, -1, -1)"}, { - &neg_one, &root_pw_uid, &neg_one, &nobody, &root, &bin, - "After setresuid(-1, root, -1),"}, { -&root_pw_uid, &neg_one, &root_pw_uid, &root, &root, &root, - "After setresuid(root, -1, -1),"},}; - -int TST_TOTAL = sizeof(test_data) / sizeof(test_data[0]); - -void setup(void); -void cleanup(void); - -void -uid_verify(struct passwd *ru, struct passwd *eu, struct passwd *su, char *when); - -int main(int ac, char **av) + {&neg_one, &neg_one, &neg_one, &root_uid, &root_uid, &root_uid, + "After setresuid(-1, -1, -1),"}, + {&neg_one, &neg_one, &main_uid, &root_uid, &root_uid, &main_uid, + "After setresuid(-1, -1, main),"}, + {&neg_one, &other_uid, &neg_one, &root_uid, &other_uid, &main_uid, + "After setresuid(-1, other, -1),"}, + {&neg_one, &neg_one, &root_uid, &root_uid, &other_uid, &root_uid, + "After setresuid(-1, -1, root),"}, + {&neg_one, &neg_one, &other_uid, &root_uid, &other_uid, &other_uid, + "After setresuid(-1, -1, other),"}, + {&neg_one, &root_uid, &neg_one, &root_uid, &root_uid, &other_uid, + "After setresuid(-1, root, -1),"}, + {&main_uid, &neg_one, &neg_one, &main_uid, &root_uid, &other_uid, + "After setresuid(main, -1, -1)"}, + {&neg_one, &root_uid, &neg_one, &main_uid, &root_uid, &other_uid, + "After setresuid(-1, root, -1),"}, + {&root_uid, &neg_one, &root_uid, &root_uid, &root_uid, &root_uid, + "After setresuid(root, -1, -1),"}, +}; + +static void setup(void) { - int lc; - - tst_parse_opts(ac, av, NULL, NULL); + uid_t test_users[2]; - setup(); + root_uid = getuid(); + tst_get_uids(test_users, 0, 2); + main_uid = test_users[0]; + other_uid = test_users[1]; - for (lc = 0; TEST_LOOPING(lc); lc++) { - int i; - - /* reset tst_count in case we are looping */ - tst_count = 0; - - for (i = 0; i < TST_TOTAL; i++) { - /* Set the real, effective or user id */ - TEST(SETRESUID(cleanup, *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid)); - - if (TEST_RETURN == -1) { - tst_resm(TFAIL, "setresuid(%d, %d, %d) failed", - *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid); - } else { - uid_verify(test_data[i].exp_real_usr, - test_data[i].exp_eff_usr, - test_data[i].exp_sav_usr, - test_data[i].test_msg); - } - } - } - - cleanup(); - tst_exit(); + UID16_CHECK(root_uid, setresuid); + UID16_CHECK(main_uid, setresuid); + UID16_CHECK(other_uid, setresuid); } -/* - * setup() - * performs all ONE TIME setup for this test - */ -void setup(void) +static void run(unsigned int n) { - tst_require_root(); - - tst_sig(FORK, DEF_HANDLER, cleanup); - - if (getpwnam("nobody") == NULL) { - tst_brkm(TBROK, NULL, "nobody must be a valid user."); - } - - if (getpwnam("bin") == NULL) { - tst_brkm(TBROK, NULL, "bin must be a valid user."); - } + const struct test_data_t *tc = test_data + n; - root = *(getpwnam("root")); - UID16_CHECK((root_pw_uid = root.pw_uid), "setresuid", cleanup) + TST_EXP_PASS_SILENT(SETRESUID(*tc->real_uid, *tc->eff_uid, + *tc->sav_uid), "%s", tc->test_msg); - nobody = *(getpwnam("nobody")); - UID16_CHECK((nobody_pw_uid = nobody.pw_uid), "setresuid", cleanup) + if (!TST_PASS) + return; - bin = *(getpwnam("bin")); - UID16_CHECK((bin_pw_uid = bin.pw_uid), "setresuid", cleanup) - - /* Pause if that option was specified - * TEST_PAUSE contains the code to fork the test with the -c option. - */ - TEST_PAUSE; + if (tst_check_resuid(tc->test_msg, *tc->exp_real_uid, + *tc->exp_eff_uid, *tc->exp_sav_uid)) + tst_res(TPASS, "%s works as expected", tc->test_msg); } -/* - * cleanup() - * performs all ONE TIME cleanup for this test at - * completion or premature exit - */ -void cleanup(void) -{ - -} - -void -uid_verify(struct passwd *ru, struct passwd *eu, struct passwd *su, char *when) -{ - uid_t cur_ru, cur_eu, cur_su; - if (getresuid(&cur_ru, &cur_eu, &cur_su) != 0) { - tst_brkm(TBROK, cleanup, "Set getresuid() failed"); - } - if ((cur_ru != ru->pw_uid) || (cur_eu != eu->pw_uid) || (cur_su != - su->pw_uid)) { - tst_resm(TFAIL, "ERROR: %s real uid = %d; effective uid = %d; " - "saved uid = %d", when, cur_ru, cur_eu, cur_su); - tst_resm(TINFO, "Expected: real uid = %d, effective uid = %d " - "saved uid = %d", ru->pw_uid, eu->pw_uid, su->pw_uid); - } else { - tst_resm(TPASS, - "real uid = %d, effective uid = %d, and saved uid = " - "%d as expected", cur_ru, cur_eu, cur_su); - } -} +static struct tst_test test = { + .test = run, + .tcnt = ARRAY_SIZE(test_data), + .setup = setup, + .needs_root = 1, +}; From patchwork Thu Sep 9 15:51:25 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526243 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=i7yW+ug8; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=pOJ32Mda; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=213.254.12.146; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [213.254.12.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53S033QNz9sR4 for ; Fri, 10 Sep 2021 01:52:48 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 3BE5D3C8E51 for ; Thu, 9 Sep 2021 17:52:46 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-7.smtp.seeweb.it (in-7.smtp.seeweb.it [IPv6:2001:4b78:1:20::7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 673AA3C21FF for ; Thu, 9 Sep 2021 17:51:30 +0200 (CEST) Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-7.smtp.seeweb.it (Postfix) with ESMTPS id 4C78620074B for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 2DA83223CA for ; Thu, 9 Sep 2021 15:51:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202688; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HTy82zXRm9D7umBohh6kMt03BXl/5bWkPPLFqqcnwb0=; b=i7yW+ug8798FuRJSmkGUeUM7nz5/XLMB3VQEV99cmxKGlCJBc24xusZNTYeZ2oLkeywJh1 8UVrJW9A6JSOF7F7r4k9/UA6Q0yHxVKVHEjkYGZ1wslDchKUuo4n+UtJSfjOsTDbKZmdQD bOAXg6NHeNzUNqnS6kCK0jo25uMWjGo= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202688; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HTy82zXRm9D7umBohh6kMt03BXl/5bWkPPLFqqcnwb0=; b=pOJ32Mda+xyQO2GmpyiBIvU80FotoA75Y8wafhLC4WBis6Wmo18R01eEb4C+R627E86bvc Ze3TkS0wZhisCEBQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 19C6013CC8 for ; Thu, 9 Sep 2021 15:51:28 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id cOJSBYAtOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:28 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:25 +0200 Message-Id: <20210909155126.2720-7-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-7.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-7.smtp.seeweb.it Subject: [LTP] [PATCH 7/8] syscalls/setresuid02: Convert to new API X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The original test needs user "bin" which may not exist on some systems. Use any non-root UID instead. Signed-off-by: Martin Doucha --- .../kernel/syscalls/setresuid/setresuid02.c | 256 ++++-------------- 1 file changed, 52 insertions(+), 204 deletions(-) diff --git a/testcases/kernel/syscalls/setresuid/setresuid02.c b/testcases/kernel/syscalls/setresuid/setresuid02.c index 87c5eab90..b3b70dea7 100644 --- a/testcases/kernel/syscalls/setresuid/setresuid02.c +++ b/testcases/kernel/syscalls/setresuid/setresuid02.c @@ -1,232 +1,80 @@ +// SPDX-License-Identifier: GPL-2.0-only /* - * - * Copyright (c) International Business Machines Corp., 2001 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See - * the GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * Copyright (c) International Business Machines Corp., 2001 + * 07/2001 ported by John George + * Copyright (C) 2021 SUSE LLC */ -/* - * NAME - * setresuid02.c - * - * DESCRIPTION - * Test that a non-root user can change the real, effective and saved - * uid values through the setresuid system call. - * - * ALGORITHM - * - * Setup: - * Setup signal handling - * Get user information. - * Pause for SIGUSER1 if option specified. - * - * Setup test values. - * Loop if the proper options are given. - * For each test set execute the system call - * Check that we received the expected result. - * Verify that the uid, euid and suid values are still correct. - * Cleanup: - * Print errno log and/or timing stats if option given. - * - * USAGE: - * setresuid02 [-c n] [-f] [-i n] [-I x] [-P x] [-t] - * where, -c n : Run n copies concurrently. - * -f : Turn off functionality Testing. - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * - * History - * 07/2001 John George - * -Ported +/*\ + * [Description] * - * Restrictions - * This test must be run by root. - * nobody and bin must be a valid users. + * Test that a non-root user can change the real, effective and saved uid + * values through the setresuid system call. */ #define _GNU_SOURCE 1 +#include #include -#include -#include "test.h" -#include -#include -#include "compat_16.h" -TCID_DEFINE(setresuid02); +#include "tst_test.h" +#include "tst_uid.h" +#include "compat_tst_16.h" -uid_t neg_one = -1; +static uid_t nobody_uid, other_uid, neg_one = -1; -/* flag to tell parent if child passed or failed. */ -int flag = 0; - -uid_t nobody_pw_uid, bin_pw_uid; -char user1name[] = "nobody"; -char user2name[] = "bin"; - -struct passwd nobody, bin; - -/* - * The following structure contains all test data. Each structure in the array - * is used for a separate test. The tests are executed in the for loop below. - */ - -struct test_data_t { +static struct test_data_t { uid_t *real_uid; uid_t *eff_uid; uid_t *sav_uid; - struct passwd *exp_real_usr; - struct passwd *exp_eff_usr; - struct passwd *exp_sav_usr; + uid_t *exp_real_uid; + uid_t *exp_eff_uid; + uid_t *exp_sav_uid; char *test_msg; } test_data[] = { - { - &neg_one, &neg_one, &bin_pw_uid, &nobody, &bin, &bin, - "After setresuid(-1, -1, bin),"}, { - &neg_one, &nobody_pw_uid, &neg_one, &nobody, &nobody, &bin, - "After setresuid(-1, nobody -1),"}, { -&bin_pw_uid, &neg_one, &neg_one, &bin, &nobody, &bin, - "After setresuid(bin, -1 -1),"},}; - -int TST_TOTAL = sizeof(test_data) / sizeof(test_data[0]); - -void setup(void); -void cleanup(void); - -void -uid_verify(struct passwd *ru, struct passwd *eu, struct passwd *su, char *); - -int main(int ac, char **av) + {&neg_one, &neg_one, &other_uid, &nobody_uid, &other_uid, &other_uid, + "setresuid(-1, -1, other)"}, + {&neg_one, &nobody_uid, &neg_one, &nobody_uid, &nobody_uid, &other_uid, + "setresuid(-1, nobody -1)"}, + {&other_uid, &neg_one, &neg_one, &other_uid, &nobody_uid, &other_uid, + "setresuid(other, -1 -1)"}, + /* Return to initial state */ + {&nobody_uid, &other_uid, &nobody_uid, &nobody_uid, &other_uid, + &nobody_uid, "setresuid(nobody, other, nobody)"}, +}; + +static void setup(void) { - int lc; + uid_t test_users[2]; + struct passwd *pw = SAFE_GETPWNAM("nobody"); - tst_parse_opts(ac, av, NULL, NULL); + nobody_uid = test_users[0] = pw->pw_uid; + tst_get_uids(test_users, 1, 2); + other_uid = test_users[1]; - setup(); + UID16_CHECK(nobody_uid, setresuid); + UID16_CHECK(other_uid, setresuid); - for (lc = 0; TEST_LOOPING(lc); lc++) { - int i, pid; - - /* reset tst_count in case we are looping */ - tst_count = 0; - - /* set the appropriate ownership values */ - if (setresuid(nobody_pw_uid, bin_pw_uid, nobody_pw_uid) == -1) { - tst_brkm(TFAIL, cleanup, "Initial setresuid failed"); - } - - if ((pid = FORK_OR_VFORK()) == -1) { - tst_brkm(TBROK, cleanup, "fork failed"); - } else if (pid == 0) { /* child */ - - for (i = 0; i < TST_TOTAL; i++) { - - /* Set the real, effective or saved user id */ - TEST(SETRESUID(NULL, *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid)); - - if (TEST_RETURN != -1) { - tst_resm(TPASS, "setresuid(%d, %d, %d) " - "succeeded as expected.", - *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid); - } else { - tst_resm(TFAIL, "setresuid(%d, %d, %d) " - "did not return as expected.", - *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid); - flag = -1; - } - - uid_verify(test_data[i].exp_real_usr, - test_data[i].exp_eff_usr, - test_data[i].exp_sav_usr, - test_data[i].test_msg); - } - exit(flag); - } else { /* parent */ - tst_record_childstatus(cleanup, pid); - } - } - cleanup(); - tst_exit(); + SAFE_SETRESUID(nobody_uid, other_uid, nobody_uid); } -/* - * setup() - * performs all ONE TIME setup for this test - */ -void setup(void) +static void run(unsigned int n) { - tst_require_root(); - - tst_sig(FORK, DEF_HANDLER, cleanup); + const struct test_data_t *tc = test_data + n; - if (getpwnam("nobody") == NULL) { - tst_brkm(TBROK, NULL, "nobody must be a valid user."); - } + TST_EXP_PASS_SILENT(SETRESUID(*tc->real_uid, *tc->eff_uid, + *tc->sav_uid), "%s", tc->test_msg); - if (getpwnam("bin") == NULL) { - tst_brkm(TBROK, NULL, "bin must be a valid user."); - } - - nobody = *(getpwnam("nobody")); - UID16_CHECK((nobody_pw_uid = nobody.pw_uid), "setresuid", cleanup) - - bin = *(getpwnam("bin")); - UID16_CHECK((bin_pw_uid = bin.pw_uid), "setresuid", cleanup) - - /* Pause if that option was specified - * TEST_PAUSE contains the code to fork the test with the -i option. - * You want to make sure you do this before you create your temporary - * directory. - */ - TEST_PAUSE; -} - -/* - * cleanup() - * performs all ONE TIME cleanup for this test at - * completion or premature exit - */ -void cleanup(void) -{ + if (!TST_PASS) + return; + if (tst_check_resuid(tc->test_msg, *tc->exp_real_uid, + *tc->exp_eff_uid, *tc->exp_sav_uid)) + tst_res(TPASS, "%s works as expected", tc->test_msg); } -void -uid_verify(struct passwd *ru, struct passwd *eu, struct passwd *su, char *when) -{ - uid_t cur_ru, cur_eu, cur_su; - if (getresuid(&cur_ru, &cur_eu, &cur_su) != 0) { - flag = -1; - tst_brkm(TBROK, cleanup, "Set getresuid() failed"); - } - if ((cur_ru != ru->pw_uid) || (cur_eu != eu->pw_uid) || (cur_su != - su->pw_uid)) { - tst_resm(TFAIL, "ERROR: %s real uid = %d; effective uid = %d; " - "saved uid = %d", when, cur_ru, cur_eu, cur_su); - tst_resm(TINFO, "Expected: real uid = %d, effective uid = %d " - "saved uid = %d", ru->pw_uid, eu->pw_uid, su->pw_uid); - flag = -1; - } else { - tst_resm(TINFO, "real uid = %d, effective uid = %d, and " - "saved uid = %d as expected", cur_ru, cur_eu, cur_su); - } -} +static struct tst_test test = { + .test = run, + .tcnt = ARRAY_SIZE(test_data), + .setup = setup, + .needs_root = 1, +}; From patchwork Thu Sep 9 15:51:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Doucha X-Patchwork-Id: 1526242 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=suse.cz header.i=@suse.cz header.a=rsa-sha256 header.s=susede2_rsa header.b=jSWOLa1M; dkim=fail reason="signature verification failed" header.d=suse.cz header.i=@suse.cz header.a=ed25519-sha256 header.s=susede2_ed25519 header.b=OKhQp1Ht; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it (client-ip=2001:1418:10:5::2; helo=picard.linux.it; envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it; receiver=) Received: from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H53Rp59XPz9sR4 for ; Fri, 10 Sep 2021 01:52:38 +1000 (AEST) Received: from picard.linux.it (localhost [IPv6:::1]) by picard.linux.it (Postfix) with ESMTP id 12DBA3C92DE for ; Thu, 9 Sep 2021 17:52:36 +0200 (CEST) X-Original-To: ltp@lists.linux.it Delivered-To: ltp@picard.linux.it Received: from in-5.smtp.seeweb.it (in-5.smtp.seeweb.it [217.194.8.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by picard.linux.it (Postfix) with ESMTPS id 090AE3C8D81 for ; Thu, 9 Sep 2021 17:51:30 +0200 (CEST) Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by in-5.smtp.seeweb.it (Postfix) with ESMTPS id 509C260103A for ; Thu, 9 Sep 2021 17:51:29 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 492C1201EA for ; Thu, 9 Sep 2021 15:51:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1631202688; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wArOaWeyMYp3u7n8pAK2hyHkg/OY26QsRXBmT4grnIc=; b=jSWOLa1MrlasmnISzvK9kp12qJ8usHcByTd5WPqYvFvUGDxOKv39SosbPLv03t/J0K31qF 5CVAC7jE4F2DeIaKVJHgRgYPWvpssA7L34Awq2ZceIwZuhWHmUHpTh/ZMtaVk0imMFZx5D KKNrhKAJ+P7e3K2WNncssL8D+/YbWfc= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1631202688; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wArOaWeyMYp3u7n8pAK2hyHkg/OY26QsRXBmT4grnIc=; b=OKhQp1Htij04pWdEURZPn1oo+xZZyIhzn6QK3Fs/49ed5drrxAAs1kcRaF6wkso+gHNyNQ Q+FFQISN71Xu+sDA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 3274813E37 for ; Thu, 9 Sep 2021 15:51:28 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id SFdpC4AtOmFZXwAAMHmgww (envelope-from ) for ; Thu, 09 Sep 2021 15:51:28 +0000 From: Martin Doucha To: ltp@lists.linux.it Date: Thu, 9 Sep 2021 17:51:26 +0200 Message-Id: <20210909155126.2720-8-mdoucha@suse.cz> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210909155126.2720-1-mdoucha@suse.cz> References: <20210909155126.2720-1-mdoucha@suse.cz> MIME-Version: 1.0 X-Virus-Scanned: clamav-milter 0.102.4 at in-5.smtp.seeweb.it X-Virus-Status: Clean X-Spam-Status: No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on in-5.smtp.seeweb.it Subject: [LTP] [PATCH 8/8] syscalls/setresuid03: Convert to new API X-BeenThere: ltp@lists.linux.it X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux Test Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" The original test looks up specific usernames which may not exist on some systems. Use any two non-root UIDs instead. Signed-off-by: Martin Doucha Reviewed-by: Petr Vorel --- .../kernel/syscalls/setresuid/setresuid03.c | 266 ++++-------------- 1 file changed, 53 insertions(+), 213 deletions(-) diff --git a/testcases/kernel/syscalls/setresuid/setresuid03.c b/testcases/kernel/syscalls/setresuid/setresuid03.c index ea06e02bf..f2ad75b13 100644 --- a/testcases/kernel/syscalls/setresuid/setresuid03.c +++ b/testcases/kernel/syscalls/setresuid/setresuid03.c @@ -1,245 +1,85 @@ +// SPDX-License-Identifier: GPL-2.0-only /* - * * Copyright (c) International Business Machines Corp., 2001 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See - * the GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * 07/2001 ported by John George + * Copyright (C) 2021 SUSE LLC */ -/* - * NAME - * setresuid03.c - * - * DESCRIPTION - * Test that the setresuid system call sets the proper errno - * values when a non-root user attempts to change the real, effective or - * saved uid to a value other than one of the current uid, the current - * effective uid of the current saved uid. Also verify that setresuid - * fails if an invalid uid value is given. +/*\ + * [Description] * - * ALGORITHM - * - * Setup: - * Setup signal handling - * Get user information. - * Pause for SIGUSER1 if option specified. - * - * Setup test values. - * Loop if the proper options are given. - * For each test set execute the system call - * Check that we received the expected result. - * Verify that the uid, euid and suid values are still correct. - * Cleanup: - * Print errno log and/or timing stats if option given. - * - * USAGE: - * setresuid03 [-c n] [-f] [-i n] [-I x] [-P x] [-t] - * where, -c n : Run n copies concurrently. - * -e : Turn on errno logging. - * -f : Turn off functionality Testing. - * -i n : Execute test n times. - * -I x : Execute test for x seconds. - * -P x : Pause for x seconds between iterations. - * -t : Turn on syscall timing. - * - * History - * 07/2001 John George - * -Ported - * - * Restrictions - * This test must be run by root. - * nobody and bin must be a valid users. + * Test that the setresuid system call sets the proper errno values when + * a non-root user attempts to change the real, effective or saved uid + * to a value other than one of the current uid, the current effective uid + * or the current saved uid. */ -#define _GNU_SOURCE 1 -#include -#include -#include "test.h" -#include -#include - -#include +#include "tst_test.h" +#include "tst_uid.h" +#include "compat_tst_16.h" -TCID_DEFINE(setresuid03); +static uid_t root_uid, main_uid, other_uid, neg_one = -1; -uid_t neg_one = -1; - -/* flag to tell parent if child passed or failed. */ -int flag = 0; - -uid_t root_pw_uid, nobody_pw_uid, bin_pw_uid; -char user1name[] = "nobody"; -char user2name[] = "bin"; -char rootname[] = "root"; - -struct passwd nobody, bin, root; - -/* - * The following structure contains all test data. Each structure in the array - * is used for a separate test. The tests are executed in the for loop below. - */ - -struct test_data_t { +static struct test_data_t { uid_t *real_uid; uid_t *eff_uid; uid_t *sav_uid; int exp_errno; - struct passwd *exp_real_usr; - struct passwd *exp_eff_usr; - struct passwd *exp_sav_usr; + uid_t *exp_real_uid; + uid_t *exp_eff_uid; + uid_t *exp_sav_uid; char *test_msg; } test_data[] = { - { - &nobody_pw_uid, &neg_one, &neg_one, EPERM, &root, &bin, &bin, - "After setresuid(root, -1, -1),"}, { - &neg_one, &neg_one, &nobody_pw_uid, EPERM, &root, &bin, &bin, - "After setresuid(-1, -1, bin),"}, { - &neg_one, &nobody_pw_uid, &neg_one, EPERM, &root, &bin, &bin, - "After setresuid(-1, -1, bin),"} + {&other_uid, &neg_one, &neg_one, EPERM, &root_uid, &main_uid, + &main_uid, "setresuid(other, -1, -1)"}, + {&neg_one, &neg_one, &other_uid, EPERM, &root_uid, &main_uid, + &main_uid, "setresuid(-1, -1, other)"}, + {&neg_one, &other_uid, &neg_one, EPERM, &root_uid, &main_uid, + &main_uid, "setresuid(-1, other, -1)"} }; -int TST_TOTAL = sizeof(test_data) / sizeof(test_data[0]); - -void setup(void); -void cleanup(void); - -void -uid_verify(struct passwd *ru, struct passwd *eu, struct passwd *su, char *); - -int main(int ac, char **av) +static void setup(void) { - int lc; - - tst_parse_opts(ac, av, NULL, NULL); + uid_t test_users[2]; - setup(); + root_uid = getuid(); + tst_get_uids(test_users, 0, 2); + main_uid = test_users[0]; + other_uid = test_users[1]; - for (lc = 0; TEST_LOOPING(lc); lc++) { - int i, pid; + UID16_CHECK(root_uid, setresuid); + UID16_CHECK(main_uid, setresuid); + UID16_CHECK(other_uid, setresuid); - /* reset tst_count in case we are looping */ - tst_count = 0; - - /* set the appropriate ownership values */ - if (setresuid(root_pw_uid, bin_pw_uid, bin_pw_uid) - == -1) { - tst_brkm(TFAIL, cleanup, "Initial setresuid failed"); - } - - if ((pid = FORK_OR_VFORK()) == -1) { - tst_brkm(TBROK, cleanup, "fork failed"); - } else if (pid == 0) { /* child */ - - for (i = 0; i < TST_TOTAL; i++) { - - /* Set the real, effective or saved user id */ - TEST(SETRESUID(NULL, *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid)); - - if (TEST_RETURN == -1 && TEST_ERRNO == - test_data[i].exp_errno) { - tst_resm(TPASS, "setresuid(%d, %d, %d) " - "failed as expected.", - *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid); - } else { - tst_resm(TFAIL, "setresuid(%d, %d, %d) " - "did not fail as expected.", - *test_data[i].real_uid, - *test_data[i].eff_uid, - *test_data[i].sav_uid); - flag = -1; - } - - uid_verify(test_data[i].exp_real_usr, - test_data[i].exp_eff_usr, - test_data[i].exp_sav_usr, - test_data[i].test_msg); - } - exit(flag); - } else { /* parent */ - tst_record_childstatus(cleanup, pid); - } - } - cleanup(); - tst_exit(); + SAFE_SETRESUID(root_uid, main_uid, main_uid); } -/* - * setup() - * performs all ONE TIME setup for this test - */ -void setup(void) +static void run(unsigned int n) { - tst_require_root(); + const struct test_data_t *tc = test_data + n; - tst_sig(FORK, DEF_HANDLER, cleanup); + TEST(SETRESUID(*tc->real_uid, *tc->eff_uid, *tc->sav_uid)); - if (getpwnam("nobody") == NULL) { - tst_brkm(TBROK, NULL, "nobody must be a valid user."); + if (TST_RET != -1) { + tst_res(TFAIL | TTERRNO, "%s returned unexpected value %ld", + tc->test_msg, TST_RET); + return; } - if (getpwnam("bin") == NULL) { - tst_brkm(TBROK, NULL, "bin must be a valid user."); + if (TST_ERR != tc->exp_errno) { + tst_res(TFAIL | TTERRNO, "%s returned unexpected error", + tc->test_msg); + return; } - root = *(getpwnam("root")); - UID16_CHECK((root_pw_uid = root.pw_uid), "setresuid", cleanup) - - nobody = *(getpwnam("nobody")); - UID16_CHECK((nobody_pw_uid = nobody.pw_uid), "setresuid", cleanup) - - bin = *(getpwnam("bin")); - UID16_CHECK((bin_pw_uid = bin.pw_uid), "setresuid", cleanup) - - /* Pause if that option was specified - * TEST_PAUSE contains the code to fork the test with the -i option. - * You want to make sure you do this before you create your temporary - * directory. - */ - TEST_PAUSE; + if (tst_check_resuid(tc->test_msg, *tc->exp_real_uid, *tc->exp_eff_uid, + *tc->exp_sav_uid)) + tst_res(TPASS | TTERRNO, "%s failed as expected", tc->test_msg); } -/* - * cleanup() - * performs all ONE TIME cleanup for this test at - * completion or premature exit - */ -void cleanup(void) -{ - -} - -void -uid_verify(struct passwd *ru, struct passwd *eu, struct passwd *su, char *when) -{ - uid_t cur_ru, cur_eu, cur_su; - if (getresuid(&cur_ru, &cur_eu, &cur_su) != 0) { - flag = -1; - tst_brkm(TBROK, cleanup, "Set getresuid() failed"); - } - if ((cur_ru != ru->pw_uid) || (cur_eu != eu->pw_uid) || (cur_su != - su->pw_uid)) { - tst_resm(TFAIL, "ERROR: %s real uid = %d; effective uid = %d; " - "saved uid = %d", when, cur_ru, cur_eu, cur_su); - tst_resm(TINFO, "Expected: real uid = %d, effective uid = %d " - "saved uid = %d", ru->pw_uid, eu->pw_uid, su->pw_uid); - flag = -1; - } else { - tst_resm(TINFO, "real uid = %d, effective uid = %d, and " - "saved uid = %d as expected", cur_ru, cur_eu, cur_su); - } -} +static struct tst_test test = { + .test = run, + .tcnt = ARRAY_SIZE(test_data), + .setup = setup, + .needs_root = 1, +};