From: "Mickaël Salaün" <mic@digikod.net>
To: Saasha Gupta <saashaa1122@gmail.com>
Cc: outreachy@lists.linux.dev, linux-security-module@vger.kernel.org,
linux-kselftest@vger.kernel.org, alison.schofield@intel.com,
paul@paul-moore.com, shuah@kernel.org
Subject: Re: Subject: [PATCH] Add test for more file systems in landlock - ext4
Date: Wed, 3 Apr 2024 18:32:23 +0200 [thread overview]
Message-ID: <20240403.gaingaeR2zez@digikod.net> (raw)
In-Reply-To: <860c9cadb2fa06c8f10db42ad38405ee19d43a16.camel@gmail.com>
On Tue, Apr 02, 2024 at 01:37:44PM +0530, Saasha Gupta wrote:
> Date: Mon, 2 Apr 2024 19:59:56 +0530
>
> RE: This patch is now properly preformatted.
>
> Landlock LSM, a part of the security subsystem, has some tests in place
> for synthetic filesystems such as tmpfs, proc, sysfs, etc. The goal of
> the new issue, and hence this patch is to add tests for non synthetic
> file systems, such as ext4, btrfs, etc
I agree with Julia's review.
>
> This patch adds tests for the ext4 file system. This includes creation
> of a loop device (test-ext4.img) and formating with mkfs.
>
> Signed-off-by: Saasha Gupta <saashaa1122@gmail.com>
> ---
> tools/testing/selftests/landlock/fs_test.c | 65 ++++++++++++++++++++++
> 1 file changed, 65 insertions(+)
>
> diff --git a/tools/testing/selftests/landlock/fs_test.c b/tools/testing/selftests/landlock/fs_test.c
> index 9a6036fbf..b2f2cd5a5 100644
> --- a/tools/testing/selftests/landlock/fs_test.c
> +++ b/tools/testing/selftests/landlock/fs_test.c
> @@ -4675,6 +4675,14 @@ FIXTURE_VARIANT_ADD(layout3_fs, hostfs) {
> .cwd_fs_magic = HOSTFS_SUPER_MAGIC,
> };
>
> +/* Add more filesystems */
> +FIXTURE_VARIANT_ADD(layout3_fs, ext4) {
> + .mnt = {
> + .type = "ext4",
> + },
> + .file_path = TMP_DIR "/dir/file",
> +};
> +
> FIXTURE_SETUP(layout3_fs)
> {
> struct stat statbuf;
> @@ -4728,6 +4736,63 @@ FIXTURE_SETUP(layout3_fs)
> self->has_created_file = true;
> clear_cap(_metadata, CAP_DAC_OVERRIDE);
> }
> +
> + /* Create non synthetic file system - ext4 */
> + if (stat(self->dir_path, &statbuf) != 0) {
dir_path should already exist with previous code right?
> + pid_t pid = fork();
> +
> + if (pid == -1) {
> + perror("Failed to fork");
> + exit(EXIT_FAILURE);
> + } else if (pid == 0) {
> + static const fallocate_argv[] = { "fallocate", "--length",
> + "4M", "test-ext4.img",
> + NULL };
> + execvp(fallocate_argv[0], fallocate_argv);
Using system() would makes this much simpler (see net_test.c).
> + perror("execvp failed");
> + exit(EXIT_FAILURE);
> + } else {
> + int status;
> +
> + if (waitpid(pid, &status, 0) == -1) {
> + perror("waitpid failed");
> + exit(EXIT_FAILURE);
> + }
> + if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
> + TH_LOG(stderr,
> + "Failed to create ext4 filesystem image: fallocate failed\n");
> + exit(EXIT_FAILURE);
> + }
> + }
> + }
> +
> + /* Formate and mount non synthetic file system - ext4 */
> + if (stat("mnt", &statbuf) != 0) {
"mnt" never exists, so this would always run this code...
> + pid_t pid = fork();
> +
> + if (pid == -1) {
> + perror("Failed to fork");
> + exit(EXIT_FAILURE);
> + } else if (pid == 0) {
> + static const mkfs_argv[] = { "mkfs.ext4", "-q",
> + "test-ext4.img", "mnt", NULL };
> + execvp(mkfs_argv[0], mkfs_argv);
> + perror("execvp failed");
> + exit(EXIT_FAILURE);
> + } else {
> + int status;
> +
> + if (waitpid(pid, &status, 0) == -1) {
> + perror("waitpid failed");
> + exit(EXIT_FAILURE);
> + }
> + if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
> + TH_LOG(stderr,
> + "Failed to format ext4 filesystem image: mkfs.ext4 failed\n");
> + exit(EXIT_FAILURE);
> + }
> + }
> + }
> }
>
> FIXTURE_TEARDOWN(layout3_fs)
> --
> 2.44.0
>
>
>
prev parent reply other threads:[~2024-04-03 16:40 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-02 8:07 Subject: [PATCH] Add test for more file systems in landlock - ext4 Saasha Gupta
2024-04-02 11:52 ` Julia Lawall
2024-04-02 11:54 ` Julia Lawall
2024-04-03 16:32 ` Mickaël Salaün [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240403.gaingaeR2zez@digikod.net \
--to=mic@digikod.net \
--cc=alison.schofield@intel.com \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=outreachy@lists.linux.dev \
--cc=paul@paul-moore.com \
--cc=saashaa1122@gmail.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).