From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Sasha Levin <sashal@kernel.org>,
linux-kselftest@vger.kernel.org
Subject: [PATCH AUTOSEL 5.4 045/187] selftests: safesetid: Check the return value of setuid/setgid
Date: Fri, 27 Dec 2019 12:38:33 -0500 [thread overview]
Message-ID: <20191227174055.4923-45-sashal@kernel.org> (raw)
In-Reply-To: <20191227174055.4923-1-sashal@kernel.org>
From: Masami Hiramatsu <mhiramat@kernel.org>
[ Upstream commit 295c4e21cf27ac9af542140e3e797df9e0cf7b5f ]
Check the return value of setuid() and setgid().
This fixes the following warnings and improves test result.
safesetid-test.c: In function ‘main’:
safesetid-test.c:294:2: warning: ignoring return value of ‘setuid’, declared with attribute warn_unused_result [-Wunused-result]
setuid(NO_POLICY_USER);
^~~~~~~~~~~~~~~~~~~~~~
safesetid-test.c:295:2: warning: ignoring return value of ‘setgid’, declared with attribute warn_unused_result [-Wunused-result]
setgid(NO_POLICY_USER);
^~~~~~~~~~~~~~~~~~~~~~
safesetid-test.c:309:2: warning: ignoring return value of ‘setuid’, declared with attribute warn_unused_result [-Wunused-result]
setuid(RESTRICTED_PARENT);
^~~~~~~~~~~~~~~~~~~~~~~~~
safesetid-test.c:310:2: warning: ignoring return value of ‘setgid’, declared with attribute warn_unused_result [-Wunused-result]
setgid(RESTRICTED_PARENT);
^~~~~~~~~~~~~~~~~~~~~~~~~
safesetid-test.c: In function ‘test_setuid’:
safesetid-test.c:216:3: warning: ignoring return value of ‘setuid’, declared with attribute warn_unused_result [-Wunused-result]
setuid(child_uid);
^~~~~~~~~~~~~~~~~
Fixes: c67e8ec03f3f ("LSM: SafeSetID: add selftest")
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
.../testing/selftests/safesetid/safesetid-test.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/tools/testing/selftests/safesetid/safesetid-test.c b/tools/testing/selftests/safesetid/safesetid-test.c
index 8f40c6ecdad1..0c4d50644c13 100644
--- a/tools/testing/selftests/safesetid/safesetid-test.c
+++ b/tools/testing/selftests/safesetid/safesetid-test.c
@@ -213,7 +213,8 @@ static void test_setuid(uid_t child_uid, bool expect_success)
}
if (cpid == 0) { /* Code executed by child */
- setuid(child_uid);
+ if (setuid(child_uid) < 0)
+ exit(EXIT_FAILURE);
if (getuid() == child_uid)
exit(EXIT_SUCCESS);
else
@@ -291,8 +292,10 @@ int main(int argc, char **argv)
// First test to make sure we can write userns mappings from a user
// that doesn't have any restrictions (as long as it has CAP_SETUID);
- setuid(NO_POLICY_USER);
- setgid(NO_POLICY_USER);
+ if (setuid(NO_POLICY_USER) < 0)
+ die("Error with set uid(%d)\n", NO_POLICY_USER);
+ if (setgid(NO_POLICY_USER) < 0)
+ die("Error with set gid(%d)\n", NO_POLICY_USER);
// Take away all but setid caps
drop_caps(true);
@@ -306,8 +309,10 @@ int main(int argc, char **argv)
die("test_userns failed when it should work\n");
}
- setuid(RESTRICTED_PARENT);
- setgid(RESTRICTED_PARENT);
+ if (setuid(RESTRICTED_PARENT) < 0)
+ die("Error with set uid(%d)\n", RESTRICTED_PARENT);
+ if (setgid(RESTRICTED_PARENT) < 0)
+ die("Error with set gid(%d)\n", RESTRICTED_PARENT);
test_setuid(ROOT_USER, false);
test_setuid(ALLOWED_CHILD1, true);
--
2.20.1
next prev parent reply other threads:[~2019-12-27 17:56 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20191227174055.4923-1-sashal@kernel.org>
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 024/187] selftests: netfilter: use randomized netns names Sasha Levin
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 040/187] selftests/ftrace: Fix to check the existence of set_ftrace_filter Sasha Levin
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 041/187] selftests/ftrace: Fix ftrace test cases to check unsupported Sasha Levin
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 042/187] selftests/ftrace: Do not to use absolute debugfs path Sasha Levin
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 043/187] selftests/ftrace: Fix multiple kprobe testcase Sasha Levin
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 044/187] selftests: safesetid: Move link library to LDLIBS Sasha Levin
2019-12-27 17:38 ` Sasha Levin [this message]
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 046/187] selftests: safesetid: Fix Makefile to set correct test program Sasha Levin
2019-12-27 17:38 ` [PATCH AUTOSEL 5.4 050/187] selftests: forwarding: Delete IPv6 address at the end Sasha Levin
2019-12-27 17:39 ` [PATCH AUTOSEL 5.4 078/187] kselftest/runner: Print new line in print of timeout log Sasha Levin
2019-12-27 17:39 ` [PATCH AUTOSEL 5.4 079/187] kselftest: Support old perl versions Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191227174055.4923-45-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mhiramat@kernel.org \
--cc=skhan@linuxfoundation.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox