{"id":2223680,"url":"http://patchwork.ozlabs.org/api/1.1/patches/2223680/?format=json","web_url":"http://patchwork.ozlabs.org/project/ltp/patch/20260416005603.22427-3-wegao@suse.com/","project":{"id":59,"url":"http://patchwork.ozlabs.org/api/1.1/projects/59/?format=json","name":"Linux Test Project development","link_name":"ltp","list_id":"ltp.lists.linux.it","list_email":"ltp@lists.linux.it","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260416005603.22427-3-wegao@suse.com>","date":"2026-04-16T00:55:23","name":"[v8,2/2] open16: allow restricted O_CREAT of FIFOs and regular files","commit_ref":null,"pull_url":null,"state":"needs-review-ack","archived":false,"hash":"9ead3b8fd4fafc34532a028f5f1ebba172a50564","submitter":{"id":85577,"url":"http://patchwork.ozlabs.org/api/1.1/people/85577/?format=json","name":"Wei Gao","email":"wegao@suse.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/ltp/patch/20260416005603.22427-3-wegao@suse.com/mbox/","series":[{"id":500061,"url":"http://patchwork.ozlabs.org/api/1.1/series/500061/?format=json","web_url":"http://patchwork.ozlabs.org/project/ltp/list/?series=500061","date":"2026-04-16T00:55:21","name":"open16: allow restricted O_CREAT of FIFOs and regular files","version":8,"mbox":"http://patchwork.ozlabs.org/series/500061/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2223680/comments/","check":"warning","checks":"http://patchwork.ozlabs.org/api/patches/2223680/checks/","tags":{},"headers":{"Return-Path":"<ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>","X-Original-To":["incoming@patchwork.ozlabs.org","ltp@lists.linux.it"],"Delivered-To":["patchwork-incoming@legolas.ozlabs.org","ltp@picard.linux.it"],"Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=lists.linux.it header.i=@lists.linux.it\n header.a=rsa-sha256 header.s=picard header.b=PEnR8sHb;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=suse.com header.i=@suse.com header.a=rsa-sha256\n header.s=google header.b=gh2tjlFx;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it\n (client-ip=2001:1418:10:5::2; helo=picard.linux.it;\n envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it;\n receiver=patchwork.ozlabs.org)"],"Received":["from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fx02z4QWHz1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 16 Apr 2026 10:56:59 +1000 (AEST)","from picard.linux.it (localhost [IPv6:::1])\n\tby picard.linux.it (Postfix) with ESMTP id AEBA93E5DED\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 16 Apr 2026 02:56:57 +0200 (CEST)","from in-2.smtp.seeweb.it (in-2.smtp.seeweb.it\n [IPv6:2001:4b78:1:20::2])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature ECDSA (secp384r1))\n (No client certificate requested)\n by picard.linux.it (Postfix) with ESMTPS id 115973E5E02\n for <ltp@lists.linux.it>; Thu, 16 Apr 2026 02:56:11 +0200 (CEST)","from mail-wm1-x330.google.com (mail-wm1-x330.google.com\n [IPv6:2a00:1450:4864:20::330])\n (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by in-2.smtp.seeweb.it (Postfix) with ESMTPS id 9D0EE600843\n for <ltp@lists.linux.it>; Thu, 16 Apr 2026 02:56:10 +0200 (CEST)","by mail-wm1-x330.google.com with SMTP id\n 5b1f17b1804b1-4838c15e3cbso69622605e9.3\n for <ltp@lists.linux.it>; Wed, 15 Apr 2026 17:56:10 -0700 (PDT)","from localhost ([2a07:de40:b240:0:2ad6:ed42:2ad6:ed42])\n by smtp.gmail.com with UTF8SMTPSA id\n 5b1f17b1804b1-488f58233f6sm8557115e9.10.2026.04.15.17.56.09\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Wed, 15 Apr 2026 17:56:09 -0700 (PDT)"],"DKIM-Signature":["v=1; a=rsa-sha256; c=relaxed/simple; d=lists.linux.it;\n i=@lists.linux.it; q=dns/txt; s=picard; t=1776301017; h=to : date :\n message-id : in-reply-to : references : mime-version : subject :\n list-id : list-unsubscribe : list-archive : list-post : list-help :\n list-subscribe : from : reply-to : content-type :\n content-transfer-encoding : sender : from;\n bh=pTkFTz0HCpz+r1/v/WIPFtDYaLGmCHEK6nZbPl57AIw=;\n b=PEnR8sHbQYbBgcalSeNRAdMl3KW6VJ04GMDqpsqVwo4oryjWNo8nqbAOxjFBFdPML3cpE\n auiYItLsry8Fe6djvwqrj5Yg6UyxrsRxEjmbJaCDr6dE3ay3cJV2gd3YFox8Fk1FPGA8Nct\n 7SVNplgu5pn8tjCuAXICQZodZ6XT3+U=","v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=suse.com; s=google; t=1776300970; x=1776905770; darn=lists.linux.it;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:from:to:cc:subject:date\n :message-id:reply-to;\n bh=kHpPnGO5cAEXVKDaHsMWMzTrVg9+mdbldsNdPllyUUs=;\n b=gh2tjlFxsK+w5au/65vcSJUDqxIwpN3yiZrUbrRNLyU57qjl5C+torB9NN6NlfIaWJ\n P4+eUZGAA2xWy02mf9hLWoWQb92+trRKpy308Ju4kbu8lIExml1dkRVRxU1g6nxf0+0s\n 5/xpxmQ+DIaEeo2/guMaEh318yDkItd+shoWuNaGTkvLd36CjISJ83PfRRnJIUtXC8gS\n 4zmxZOCExRpaWzYKHxfxyjIB7AnSxHdD4ijfNRSIuMstHsn23SgFEiJ4Nzw2zpGgSdn5\n maZiSEvQPWm83UKBtUJY79G1QXGJOJf4TplgUo3BehUxICFctIo/FzhpdjSQ6muyCpIi\n BArw=="],"X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1776300970; x=1776905770;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from\n :to:cc:subject:date:message-id:reply-to;\n bh=kHpPnGO5cAEXVKDaHsMWMzTrVg9+mdbldsNdPllyUUs=;\n b=RFgeeI9WEI+RtuvR4vWaRN9Vm0YnxLoI8C7McxqMVVQaI38LoIOUMYOLZusCNE1VHb\n gJCOFOQ3FQ/Ri4L4jP4nmpTI5R1e/CPf24PtkO4XpimnEuGgWSSSQpM0wbmLwIzczJvw\n I4dlqcLVJPZDW3qyg+O/WbeI8Je/z3aP0e4VrgGLpyEm6g2ueXhR0/e4xP/ki1psIHTq\n QJ8jv6fIYbtw7407RM+piWL1Bvabd3kxhknd3ivJqVKScXLHRzzkrzMhcPV1iZwf8b1Y\n 73CoPHz5ZMLsUvEAP8GsRF9xo2vcS229nbQWJ1rxJUvsTEp5+3yXtCCukgE2LATi1HXN\n IdSQ==","X-Gm-Message-State":"AOJu0YzWQB7p8HKJy22h1Svv9sEFYhPfqgij5tz8x9czBfnOroaAKlAz\n RkX5L95VTr0j4Q/AEp3ur53HEp1eiWAKKRa9KbB+pTecca9TL3Hq0ItHYUMaQCB8re/hrYLCqN5\n lsh4=","X-Gm-Gg":"AeBDieu13ABE6LvaRIUWIV1oCFl2RXg/xpkA9jV7QB/hF+XXCUphBbdN3k9eyNr5JOW\n elFyQHxK/XQvH76eDanRJoM//vHaSbqi+yRRwIK8VooOB0kHq4lJZGKCMy5V8sRMgOsGTADcPKF\n oej2xnkLIVbu9d1BdQ1W1x7fQqP3l5lYrlytMJHRS8TdxCp/iexZsJqbOLqEfjEtHTMYULKL+tV\n wXCUqFYxZeF1ZOJSSTFAH3mUw6lv6eHL+KKfispALw16/QARhp/Tq0768DNtUOQzprhxj90RMKs\n +tborAcAMh5ALhvfr8Rql47xP7YjfjCl93/uJZmmgqshatV2phEwizM19bCgsbHfG12p6BJMGGQ\n ExOwpsuyeaF+1+sIg3G3S8HyZpUxKXD3OPFf3MzHjSRCOyrr2Em35dZFY/Hg/I1Jx/rsGUvBdCi\n xn4LMtyNDNeIA=","X-Received":"by 2002:a05:600c:a105:b0:485:3af5:7e53 with SMTP id\n 5b1f17b1804b1-488d6839821mr229754925e9.19.1776300969827;\n Wed, 15 Apr 2026 17:56:09 -0700 (PDT)","To":"ltp@lists.linux.it","Date":"Thu, 16 Apr 2026 00:55:23 +0000","Message-ID":"<20260416005603.22427-3-wegao@suse.com>","X-Mailer":"git-send-email 2.43.0","In-Reply-To":"<20260416005603.22427-1-wegao@suse.com>","References":"<20260415103812.21999-2-wegao@suse.com>\n <20260416005603.22427-1-wegao@suse.com>","MIME-Version":"1.0","X-Spam-Status":"No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID,\n DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,SPF_HELO_NONE,SPF_PASS\n shortcircuit=no autolearn=disabled version=4.0.1","X-Spam-Checker-Version":"SpamAssassin 4.0.1 (2024-03-25) on in-2.smtp.seeweb.it","X-Virus-Scanned":"clamav-milter 1.0.9 at in-2.smtp.seeweb.it","X-Virus-Status":"Clean","Subject":"[LTP] [PATCH v8 2/2] open16: allow restricted O_CREAT of FIFOs and\n regular files","X-BeenThere":"ltp@lists.linux.it","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"Linux Test Project <ltp.lists.linux.it>","List-Unsubscribe":"<https://lists.linux.it/options/ltp>,\n <mailto:ltp-request@lists.linux.it?subject=unsubscribe>","List-Archive":"<http://lists.linux.it/pipermail/ltp/>","List-Post":"<mailto:ltp@lists.linux.it>","List-Help":"<mailto:ltp-request@lists.linux.it?subject=help>","List-Subscribe":"<https://lists.linux.it/listinfo/ltp>,\n <mailto:ltp-request@lists.linux.it?subject=subscribe>","From":"Wei Gao via ltp <ltp@lists.linux.it>","Reply-To":"Wei Gao <wegao@suse.com>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it","Sender":"\"ltp\" <ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>"},"content":"This commit adds test cases to verify the security restrictions for opening\nFIFOs and regular files in world-writable sticky directories.\n\nSigned-off-by: Wei Gao <wegao@suse.com>\n---\n runtest/syscalls                          |   1 +\n testcases/kernel/syscalls/open/.gitignore |   1 +\n testcases/kernel/syscalls/open/open16.c   | 128 ++++++++++++++++++++++\n 3 files changed, 130 insertions(+)\n create mode 100644 testcases/kernel/syscalls/open/open16.c","diff":"diff --git a/runtest/syscalls b/runtest/syscalls\nindex d72fceb5e..c14ebb3a0 100644\n--- a/runtest/syscalls\n+++ b/runtest/syscalls\n@@ -1005,6 +1005,7 @@ open12 open12\n open13 open13\n open14 open14\n open15 open15\n+open16 open16\n \n openat01 openat01\n openat02 openat02\ndiff --git a/testcases/kernel/syscalls/open/.gitignore b/testcases/kernel/syscalls/open/.gitignore\nindex af5997572..d2cacc02e 100644\n--- a/testcases/kernel/syscalls/open/.gitignore\n+++ b/testcases/kernel/syscalls/open/.gitignore\n@@ -13,3 +13,4 @@\n /open13\n /open14\n /open15\n+/open16\ndiff --git a/testcases/kernel/syscalls/open/open16.c b/testcases/kernel/syscalls/open/open16.c\nnew file mode 100644\nindex 000000000..8ba2d9ec9\n--- /dev/null\n+++ b/testcases/kernel/syscalls/open/open16.c\n@@ -0,0 +1,128 @@\n+// SPDX-License-Identifier: GPL-2.0-or-later\n+/*\n+ * Copyright (c) 2026 Wei Gao <wegao@suse.com>\n+ */\n+\n+/*\\\n+ * Verify restricted opening of FIFOs and regular files in sticky directories.\n+ * This test covers the positive case where access is allowed when protection\n+ * is disabled (level 0), and the negative cases where access is disallowed\n+ * (EACCES) in world-writable (level 1) or group-writable (level 2) sticky\n+ * directories when the file is not owned by the opener.\n+ *\n+ * This test requires root to modify /proc/sys/fs/protected_* sysctls and\n+ * to manage file ownership and permissions in sticky directories.\n+ */\n+\n+#include <pwd.h>\n+#include <stdlib.h>\n+#include \"tst_test.h\"\n+#include \"tst_safe_file_at.h\"\n+#include \"tst_uid.h\"\n+\n+#define DIR \"ltp_tmp_check1\"\n+#define TEST_FILE \"test_file_1\"\n+#define TEST_FIFO \"test_fifo_1\"\n+#define PROTECTED_REGULAR \"/proc/sys/fs/protected_regular\"\n+#define PROTECTED_FIFOS \"/proc/sys/fs/protected_fifos\"\n+#define TEST_FIFO_PATH DIR \"/\" TEST_FIFO\n+\n+static int dir_fd = -1;\n+static uid_t uid1, uid2;\n+static gid_t gid1;\n+\n+static struct tcase {\n+\tchar *level;\n+\tint exp_errno;\n+} tcases[] = {\n+\t{\"0\", 0},\n+\t{\"1\", EACCES},\n+\t{\"2\", EACCES},\n+};\n+\n+static void verify_open(unsigned int n)\n+{\n+\tstruct tcase *tc = &tcases[n];\n+\tpid_t pid;\n+\n+\tSAFE_FILE_PRINTF(PROTECTED_REGULAR, \"%s\", tc->level);\n+\tSAFE_FILE_PRINTF(PROTECTED_FIFOS, \"%s\", tc->level);\n+\n+\tif (n == 2) {\n+\t\tSAFE_CHOWN(DIR, -1, gid1);\n+\t\tSAFE_CHMOD(DIR, 0030 | S_ISVTX);\n+\t} else {\n+\t\tSAFE_CHOWN(DIR, 0, 0);\n+\t\tSAFE_CHMOD(DIR, 0777 | S_ISVTX);\n+\t}\n+\n+\tpid = SAFE_FORK();\n+\tif (!pid) {\n+\t\tSAFE_SETGID(gid1);\n+\t\tSAFE_SETUID(uid2);\n+\n+\t\tif (tc->exp_errno) {\n+\t\t\tTST_EXP_FAIL2(openat(dir_fd, TEST_FILE, O_RDWR | O_CREAT, 0777),\n+\t\t\t\ttc->exp_errno, \"openat %s (Level %s)\", TEST_FILE, tc->level);\n+\t\t\tTST_EXP_FAIL2(open(TEST_FIFO_PATH, O_RDWR | O_CREAT, 0777),\n+\t\t\t\ttc->exp_errno, \"open %s (Level %s)\", TEST_FIFO, tc->level);\n+\t\t} else {\n+\t\t\tint fd = TST_EXP_FD(openat(dir_fd, TEST_FILE, O_CREAT | O_RDWR, 0777));\n+\t\t\tif (TST_PASS)\n+\t\t\t\tSAFE_CLOSE(fd);\n+\n+\t\t\tfd = TST_EXP_FD(open(TEST_FIFO_PATH, O_RDWR | O_CREAT, 0777));\n+\t\t\tif (TST_PASS)\n+\t\t\t\tSAFE_CLOSE(fd);\n+\t\t}\n+\n+\t\texit(0);\n+\t}\n+\n+\tSAFE_WAITPID(pid, NULL, 0);\n+}\n+\n+static void setup(void)\n+{\n+\tstruct passwd *pw;\n+\n+\tpw = SAFE_GETPWNAM(\"nobody\");\n+\tuid1 = pw->pw_uid;\n+\tgid1 = pw->pw_gid;\n+\tuid2 = tst_get_free_uid(uid1);\n+\n+\tumask(0);\n+\tSAFE_MKDIR(DIR, 0777 | S_ISVTX);\n+\tdir_fd = SAFE_OPEN(DIR, O_DIRECTORY);\n+\n+\tint fd = SAFE_OPENAT(dir_fd, TEST_FILE, O_CREAT | O_RDWR, 0777);\n+\tSAFE_CLOSE(fd);\n+\tSAFE_MKFIFO(TEST_FIFO_PATH, 0777);\n+\tSAFE_CHOWN(TEST_FIFO_PATH, uid1, gid1);\n+\tSAFE_CHOWN(DIR \"/\" TEST_FILE, uid1, gid1);\n+}\n+\n+static void cleanup(void)\n+{\n+\tif (dir_fd != -1)\n+\t\tSAFE_CLOSE(dir_fd);\n+}\n+\n+static struct tst_test test = {\n+\t.setup = setup,\n+\t.cleanup = cleanup,\n+\t.needs_root = 1,\n+\t.tcnt = ARRAY_SIZE(tcases),\n+\t.test = verify_open,\n+\t.needs_tmpdir = 1,\n+\t.forks_child = 1,\n+\t.save_restore = (const struct tst_path_val[]) {\n+\t\t{PROTECTED_REGULAR, NULL, TST_SR_TCONF},\n+\t\t{PROTECTED_FIFOS, NULL, TST_SR_TCONF},\n+\t\t{}\n+\t},\n+\t.tags = (const struct tst_tag[]) {\n+\t\t{\"linux-git\", \"30aba6656f61\"},\n+\t\t{}\n+\t}\n+};\n","prefixes":["v8","2/2"]}