From: "Mickaël Salaün" <mic@digikod.net>
To: "Günther Noack" <gnoack@google.com>, "Tingmao Wang" <m@maowtm.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
Ben Scarlato <akhna@google.com>,
Christian Brauner <brauner@kernel.org>,
Jann Horn <jannh@google.com>, Jeff Xu <jeffxu@google.com>,
Justin Suess <utilityemal77@gmail.com>,
Mikhail Ivanov <ivanov.mikhail1@huawei-partners.com>,
Paul Moore <paul@paul-moore.com>, Song Liu <song@kernel.org>,
linux-fsdevel@vger.kernel.org,
linux-security-module@vger.kernel.org,
Nicolas Bouchinet <nicolas.bouchinet@oss.cyber.gouv.fr>,
Matthieu Buffet <matthieu@buffet.re>,
NeilBrown <neil@brown.name>
Subject: Re: [PATCH v4 4/4] selftests/landlock: Add disconnected leafs and branch test suites
Date: Thu, 27 Nov 2025 17:49:45 +0100 [thread overview]
Message-ID: <20251127.Zoogohsei6ie@digikod.net> (raw)
In-Reply-To: <20251126191159.3530363-5-mic@digikod.net>
On Wed, Nov 26, 2025 at 08:11:57PM +0100, Mickaël Salaün wrote:
> Test disconnected directories with two test suites and 31 variants to
> cover the main corner cases.
>
> These tests are complementary to the previous commit.
>
> Add test_renameat() and test_exchangeat() helpers.
>
> Test coverage for security/landlock is 92.1% of 1927 lines according to
> LLVM 20.
>
> Cc: Günther Noack <gnoack@google.com>
> Cc: Song Liu <song@kernel.org>
> Cc: Tingmao Wang <m@maowtm.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> ---
>
> Changes since v3:
> - Update tests to reflect the new approach:
> * layout4_disconnected_leafs.s1d41_s1d42_disconnected: allow all
> * layout4_disconnected_leafs.s3d1_s4d1_new_parent: allow all
> * layout4_disconnected_leafs.f1_f2_f3: allow read
> * layout5_disconnected_branch.s2d3_mount1_dst_parent: allow all
> * layout5_disconnected_branch.s4d1_rename_parent: allow all
> - Update test coverage.
>
> Changes since v2:
> - Update test coverage.
>
> Changes since v1:
> - Rename layout4_disconnected to layout4_disconnected_leafs.
> - Fix variable names.
> - Add layout5_disconnected_branch test suite with 19 variants to cover
> potential implementation issues.
> ---
> tools/testing/selftests/landlock/fs_test.c | 912 +++++++++++++++++++++
> 1 file changed, 912 insertions(+)
> +/*
> + * layout5_disconnected_branch before rename:
> + *
> + * tmp
> + * ├── s1d1
> + * │ └── s1d2 [source of the first bind mount]
> + * │ └── s1d3
> + * │ ├── s1d41
> + * │ │ ├── f1
> + * │ │ └── f2
> + * │ └── s1d42
> + * │ ├── f3
> + * │ └── f4
> + * ├── s2d1
> + * │ └── s2d2 [source of the second bind mount]
> + * │ └── s2d3
> + * │ └── s2d4 [first s1d2 bind mount]
> + * │ └── s1d3
> + * │ ├── s1d41
> + * │ │ ├── f1
> + * │ │ └── f2
> + * │ └── s1d42
> + * │ ├── f3
> + * │ └── f4
> + * ├── s3d1
> + * │ └── s3d2 [second s2d2 bind mount]
> + * │ └── s2d3
> + * │ └── s2d4 [first s1d2 bind mount]
> + * │ └── s1d3
> + * │ ├── s1d41
> + * │ │ ├── f1
> + * │ │ └── f2
> + * │ └── s1d42
> + * │ ├── f3
> + * │ └── f4
> + * └── s4d1
> + *
> + * After rename:
> + *
> + * tmp
> + * ├── s1d1
> + * │ └── s1d2 [source of the first bind mount]
> + * │ └── s1d3
> + * │ ├── s1d41
> + * │ │ ├── f1
> + * │ │ └── f2
> + * │ └── s1d42
> + * │ ├── f3
> + * │ └── f4
> + * ├── s2d1
> + * │ └── s2d2 [source of the second bind mount]
> + * ├── s3d1
> + * │ └── s3d2 [second s2d2 bind mount]
> + * └── s4d1
> + * └── s2d3 [renamed here]
> + * └── s2d4 [first s1d2 bind mount]
> + * └── s1d3
> + * ├── s1d41
> + * │ ├── f1
> + * │ └── f2
> + * └── s1d42
> + * ├── f3
> + * └── f4
> + *
> + * Decision path: s1d3 -> s1d2 -> s2d2 -> s3d1 -> tmp
> + * s2d3 is ignored, as well as the directories under the mount points.
I didn't update this comment, here is the new one:
* Decision path for access from the s3d1/s3d2/s2d3/s2d4/s1d3 file descriptor:
* 1. first bind mount: s1d3 -> s1d2
* 2. second bind mount: s2d3
* 3. tmp mount: s4d1 -> tmp [disconnected branch]
* 4. second bind mount: s2d2
* 5. tmp mount: s3d1 -> tmp
* 6. parent mounts: [...] -> /
*
* The s4d1 directory is evaluated even if it is not in the s2d2 mount.
prev parent reply other threads:[~2025-11-27 17:07 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-26 19:11 [PATCH v4 0/4] Landlock: Disconnected directory handling Mickaël Salaün
2025-11-26 19:11 ` [PATCH v4 1/4] landlock: Fix handling of disconnected directories Mickaël Salaün
2025-11-28 1:45 ` Tingmao Wang
2025-11-28 16:56 ` Mickaël Salaün
2025-11-28 17:24 ` Tingmao Wang
2025-11-26 19:11 ` [PATCH v4 2/4] landlock: Improve variable scope Mickaël Salaün
2025-11-26 19:11 ` [PATCH v4 3/4] selftests/landlock: Add tests for access through disconnected paths Mickaël Salaün
2025-11-26 19:11 ` [PATCH v4 4/4] selftests/landlock: Add disconnected leafs and branch test suites Mickaël Salaün
2025-11-27 16:49 ` Mickaël Salaün [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251127.Zoogohsei6ie@digikod.net \
--to=mic@digikod.net \
--cc=akhna@google.com \
--cc=brauner@kernel.org \
--cc=gnoack@google.com \
--cc=ivanov.mikhail1@huawei-partners.com \
--cc=jannh@google.com \
--cc=jeffxu@google.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=m@maowtm.org \
--cc=matthieu@buffet.re \
--cc=neil@brown.name \
--cc=nicolas.bouchinet@oss.cyber.gouv.fr \
--cc=paul@paul-moore.com \
--cc=song@kernel.org \
--cc=utilityemal77@gmail.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).