[PATCH v2 i-g-t 1/2] lib/igt_fs: add igt_fs_check_root_perm() helper

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Peter Senna Tschudin <peter.senna@linux.intel.com>
To: igt-dev@lists.freedesktop.org
Cc: Peter Senna Tschudin <peter.senna@linux.intel.com>
Subject: [PATCH v2 i-g-t 1/2] lib/igt_fs: add igt_fs_check_root_perm() helper
Date: Sun, 18 Jan 2026 21:00:09 +0100	[thread overview]
Message-ID: <20260118200010.18669-1-peter.senna@linux.intel.com> (raw)
In-Reply-To: <20250909130808.54117-1-peter.senna@linux.intel.com>

Add igt_fs_check_root_perm() to check that a file is owned by root
(uid=0, gid=0) and that only the owner has write permissions.

This will be used for validating the permissions and ownership of files
where strict root-only write access is required. Example usage:

 int result = igt_fs_check_root_perm(dirfd, pathname);
 if (result == -ENOENT) {
 	igt_skip("File does not exist\n");
 } else if (result < 0) {
 	igt_skip("Cannot stat file: %s\n", strerror(-result));
 } else {
 	igt_assert_f(result == 0, "Permission check failed\n");
 }

Signed-off-by: Peter Senna Tschudin <peter.senna@linux.intel.com>
---

Changes from v1:
 - changed return type from bool to int
 - Use errno code including for file not found

 lib/igt_fs.c | 32 ++++++++++++++++++++++++++++++++
 lib/igt_fs.h |  1 +
 2 files changed, 33 insertions(+)

diff --git a/lib/igt_fs.c b/lib/igt_fs.c
index 8f4d17546..660def4cd 100644
--- a/lib/igt_fs.c
+++ b/lib/igt_fs.c
@@ -25,6 +25,7 @@
 #include <fcntl.h>
 #include <stdlib.h>
 #include <sys/stat.h>
+#include <stdbool.h>
 #include <unistd.h>
 
 #include "igt_fs.h"
@@ -141,3 +142,34 @@ int igt_fs_remove_dir(int fd, const char *name)
 
 	return 0;
 }
+
+/**
+ * igt_fs_check_root_perm: Checks if the user and group are root and that
+ *                         only the user can write to the file.
+ * @dirfd: file descriptor of the directory containing the file
+ * @pathname:  name of the file to check
+ *
+ * Returns:
+ *  0 if the file is owned by root and only root can write to it (success),
+ *  1 if the file exists but fails permission checks (failure),
+ * -ENOENT if the file does not exist,
+ * -errno for other stat failures
+ */
+int igt_fs_check_root_perm(int dirfd, const char *pathname)
+{
+	struct stat st;
+
+	if (fstatat(dirfd, pathname, &st, 0))
+		return -errno;
+
+	if (st.st_uid != 0 || st.st_gid != 0)
+		return 1;
+
+	if (st.st_mode & S_IWGRP)
+		return 1;
+
+	if (st.st_mode & S_IWOTH)
+		return 1;
+
+	return 0;
+}
diff --git a/lib/igt_fs.h b/lib/igt_fs.h
index ee3e7593b..3a3f81d80 100644
--- a/lib/igt_fs.h
+++ b/lib/igt_fs.h
@@ -31,5 +31,6 @@ int igt_fs_create_dir(int fd, const char *name, mode_t mode);
 int igt_fs_remove_dir(int fd, const char *name);
 ssize_t igt_readn(int fd, char *buf, size_t len);
 ssize_t igt_writen(int fd, const char *buf, size_t len);
+int igt_fs_check_root_perm(int dirfd, const char *pathname);
 
 #endif /* __IGT_FS_H__ */
-- 
2.43.0

next prev parent reply	other threads:[~2026-01-18 20:00 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-09-09 13:08 [PATCH i-g-t 0/2] tests/intel/xe_compute: check root-only write permission for ccs_mode Peter Senna Tschudin
2025-09-09 13:08 ` [PATCH i-g-t 1/2] lib/igt_fs: add igt_fs_check_root_perm() helper Peter Senna Tschudin
2025-09-12 15:57   ` Kamil Konieczny
2025-09-09 13:08 ` [PATCH i-g-t 2/2] tests/intel/xe_compute: check root-only write permission for ccs_mode Peter Senna Tschudin
2025-09-15 12:28   ` Kamil Konieczny
2025-09-10  0:20 ` ✓ Xe.CI.BAT: success for " Patchwork
2025-09-10  0:26 ` ✓ i915.CI.BAT: " Patchwork
2025-09-10  7:16 ` ✓ Xe.CI.Full: " Patchwork
2025-09-10 13:04 ` ✗ i915.CI.Full: failure " Patchwork
2026-01-18 20:00 ` Peter Senna Tschudin [this message]
2026-01-18 20:00   ` [PATCH v2 i-g-t 2/2] " Peter Senna Tschudin
2026-01-19 12:29     ` Kamil Konieczny
2026-01-18 20:33 ` ✓ Xe.CI.BAT: success for tests/intel/xe_compute: check root-only write permission for ccs_mode (rev2) Patchwork
2026-01-18 20:51 ` ✓ i915.CI.BAT: " Patchwork
2026-01-18 21:40 ` ✗ Xe.CI.Full: failure " Patchwork
2026-01-18 22:55 ` ✗ i915.CI.Full: " Patchwork

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:8f4d1754 dfblob:660def4c dfblob:ee3e7593 dfblob:3a3f81d8 )
 OR (
bs:"[PATCH v2 i-g-t 1/2] lib/igt_fs: add igt_fs_check_root_perm() helper" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260118200010.18669-1-peter.senna@linux.intel.com \
    --to=peter.senna@linux.intel.com \
    --cc=igt-dev@lists.freedesktop.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.