* [PATCHSET 0/2] fstests: new tests for kernel 5.17 @ 2022-03-16 3:30 Darrick J. Wong 2022-03-16 3:30 ` [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors Darrick J. Wong 2022-03-16 3:30 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong 0 siblings, 2 replies; 9+ messages in thread From: Darrick J. Wong @ 2022-03-16 3:30 UTC (permalink / raw) To: djwong, guaneryu; +Cc: linux-xfs, fstests, guan Hi all, Add new tests for bugfixes merged during 5.17. Specifically, we now check that failures in xfs_fs_sync_fs actually get propagated to userspace, and that fallocate actually updates setuid/setgid bits /and/ file capabilities correctly. If you're going to start using this mess, you probably ought to just pull from my git trees, which are linked below. This is an extraordinary way to destroy everything. Enjoy! Comments and questions are, as always, welcome. --D kernel git tree: https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=xfs-fixes-5.17 fstests git tree: https://git.kernel.org/cgit/linux/kernel/git/djwong/xfstests-dev.git/log/?h=xfs-fixes-5.17 --- tests/generic/834 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/834.out | 33 +++++++++++++ tests/generic/835 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/835.out | 33 +++++++++++++ tests/generic/836 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/836.out | 33 +++++++++++++ tests/generic/837 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/837.out | 33 +++++++++++++ tests/generic/838 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/838.out | 33 +++++++++++++ tests/generic/839 | 79 ++++++++++++++++++++++++++++++ tests/generic/839.out | 13 +++++ tests/xfs/839 | 42 ++++++++++++++++ tests/xfs/839.out | 2 + 14 files changed, 946 insertions(+) create mode 100755 tests/generic/834 create mode 100644 tests/generic/834.out create mode 100755 tests/generic/835 create mode 100644 tests/generic/835.out create mode 100755 tests/generic/836 create mode 100644 tests/generic/836.out create mode 100755 tests/generic/837 create mode 100644 tests/generic/837.out create mode 100755 tests/generic/838 create mode 100644 tests/generic/838.out create mode 100755 tests/generic/839 create mode 100755 tests/generic/839.out create mode 100755 tests/xfs/839 create mode 100644 tests/xfs/839.out ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors 2022-03-16 3:30 [PATCHSET 0/2] fstests: new tests for kernel 5.17 Darrick J. Wong @ 2022-03-16 3:30 ` Darrick J. Wong 2022-03-23 2:44 ` Zorro Lang 2022-03-16 3:30 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong 1 sibling, 1 reply; 9+ messages in thread From: Darrick J. Wong @ 2022-03-16 3:30 UTC (permalink / raw) To: djwong, guaneryu; +Cc: linux-xfs, fstests, guan From: Darrick J. Wong <djwong@kernel.org> This is a regression test to make sure that nonzero error returns from a filesystem's ->sync_fs implementation are actually passed back to userspace when the call stack involves syncfs(2). Signed-off-by: Darrick J. Wong <djwong@kernel.org> --- tests/xfs/839 | 42 ++++++++++++++++++++++++++++++++++++++++++ tests/xfs/839.out | 2 ++ 2 files changed, 44 insertions(+) create mode 100755 tests/xfs/839 create mode 100644 tests/xfs/839.out diff --git a/tests/xfs/839 b/tests/xfs/839 new file mode 100755 index 00000000..9bfe93ef --- /dev/null +++ b/tests/xfs/839 @@ -0,0 +1,42 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 839 +# +# Regression test for kernel commits: +# +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs") +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs") +# +# During a code inspection, I noticed that sync_filesystem ignores the return +# value of the ->sync_fs calls that it makes. sync_filesystem, in turn is used +# by the syncfs(2) syscall to persist filesystem changes to disk. This means +# that syncfs(2) does not capture internal filesystem errors that are neither +# visible from the block device (e.g. media error) nor recorded in s_wb_err. +# XFS historically returned 0 from ->sync_fs even if there were log failures, +# so that had to be corrected as well. +# +# The kernel commits above fix this problem, so this test tries to trigger the +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the +# hope that the EIO generated as a result of the filesystem being shut down is +# only visible via ->sync_fs. +# +. ./common/preamble +_begin_fstest auto quick shutdown + +# real QA test starts here + +# Modify as appropriate. +_require_xfs_io_command syncfs +_require_scratch_nocheck +_require_scratch_shutdown + +# Reuse the fs formatted when we checked for the shutdown ioctl, and don't +# bother checking the filesystem afterwards since we never wrote anything. +_scratch_mount +$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT + +# success, all done +status=0 +exit diff --git a/tests/xfs/839.out b/tests/xfs/839.out new file mode 100644 index 00000000..f275cdcc --- /dev/null +++ b/tests/xfs/839.out @@ -0,0 +1,2 @@ +QA output created by 839 +syncfs: Input/output error ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors 2022-03-16 3:30 ` [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors Darrick J. Wong @ 2022-03-23 2:44 ` Zorro Lang 2022-03-24 21:38 ` Darrick J. Wong 0 siblings, 1 reply; 9+ messages in thread From: Zorro Lang @ 2022-03-23 2:44 UTC (permalink / raw) To: Darrick J. Wong; +Cc: linux-xfs, fstests On Tue, Mar 15, 2022 at 08:30:35PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <djwong@kernel.org> > > This is a regression test to make sure that nonzero error returns from > a filesystem's ->sync_fs implementation are actually passed back to > userspace when the call stack involves syncfs(2). > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > --- > tests/xfs/839 | 42 ++++++++++++++++++++++++++++++++++++++++++ > tests/xfs/839.out | 2 ++ > 2 files changed, 44 insertions(+) > create mode 100755 tests/xfs/839 > create mode 100644 tests/xfs/839.out > > > diff --git a/tests/xfs/839 b/tests/xfs/839 > new file mode 100755 > index 00000000..9bfe93ef > --- /dev/null > +++ b/tests/xfs/839 > @@ -0,0 +1,42 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 839 > +# > +# Regression test for kernel commits: > +# > +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs") > +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs") > +# > +# During a code inspection, I noticed that sync_filesystem ignores the return > +# value of the ->sync_fs calls that it makes. sync_filesystem, in turn is used > +# by the syncfs(2) syscall to persist filesystem changes to disk. This means > +# that syncfs(2) does not capture internal filesystem errors that are neither > +# visible from the block device (e.g. media error) nor recorded in s_wb_err. > +# XFS historically returned 0 from ->sync_fs even if there were log failures, > +# so that had to be corrected as well. > +# > +# The kernel commits above fix this problem, so this test tries to trigger the > +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the > +# hope that the EIO generated as a result of the filesystem being shut down is > +# only visible via ->sync_fs. > +# > +. ./common/preamble > +_begin_fstest auto quick shutdown > + > +# real QA test starts here > + > +# Modify as appropriate. > +_require_xfs_io_command syncfs > +_require_scratch_nocheck > +_require_scratch_shutdown Can this case be a generic case, with the help of _require_scratch_shutdown and _require_xfs_io_command? Thanks, Zorro > + > +# Reuse the fs formatted when we checked for the shutdown ioctl, and don't > +# bother checking the filesystem afterwards since we never wrote anything. > +_scratch_mount > +$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT > + > +# success, all done > +status=0 > +exit > diff --git a/tests/xfs/839.out b/tests/xfs/839.out > new file mode 100644 > index 00000000..f275cdcc > --- /dev/null > +++ b/tests/xfs/839.out > @@ -0,0 +1,2 @@ > +QA output created by 839 > +syncfs: Input/output error > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors 2022-03-23 2:44 ` Zorro Lang @ 2022-03-24 21:38 ` Darrick J. Wong 0 siblings, 0 replies; 9+ messages in thread From: Darrick J. Wong @ 2022-03-24 21:38 UTC (permalink / raw) To: linux-xfs, fstests; +Cc: Theodore Ts'o [adding tytso for the ext4 question] On Wed, Mar 23, 2022 at 10:44:32AM +0800, Zorro Lang wrote: > On Tue, Mar 15, 2022 at 08:30:35PM -0700, Darrick J. Wong wrote: > > From: Darrick J. Wong <djwong@kernel.org> > > > > This is a regression test to make sure that nonzero error returns from > > a filesystem's ->sync_fs implementation are actually passed back to > > userspace when the call stack involves syncfs(2). > > > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > > --- > > tests/xfs/839 | 42 ++++++++++++++++++++++++++++++++++++++++++ > > tests/xfs/839.out | 2 ++ > > 2 files changed, 44 insertions(+) > > create mode 100755 tests/xfs/839 > > create mode 100644 tests/xfs/839.out > > > > > > diff --git a/tests/xfs/839 b/tests/xfs/839 > > new file mode 100755 > > index 00000000..9bfe93ef > > --- /dev/null > > +++ b/tests/xfs/839 > > @@ -0,0 +1,42 @@ > > +#! /bin/bash > > +# SPDX-License-Identifier: GPL-2.0 > > +# Copyright (c) 2022 Oracle. All Rights Reserved. > > +# > > +# FS QA Test No. 839 > > +# > > +# Regression test for kernel commits: > > +# > > +# 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs") > > +# 2d86293c7075 ("xfs: return errors in xfs_fs_sync_fs") > > +# > > +# During a code inspection, I noticed that sync_filesystem ignores the return > > +# value of the ->sync_fs calls that it makes. sync_filesystem, in turn is used > > +# by the syncfs(2) syscall to persist filesystem changes to disk. This means > > +# that syncfs(2) does not capture internal filesystem errors that are neither > > +# visible from the block device (e.g. media error) nor recorded in s_wb_err. > > +# XFS historically returned 0 from ->sync_fs even if there were log failures, > > +# so that had to be corrected as well. > > +# > > +# The kernel commits above fix this problem, so this test tries to trigger the > > +# bug by using the shutdown ioctl on a clean, freshly mounted filesystem in the > > +# hope that the EIO generated as a result of the filesystem being shut down is > > +# only visible via ->sync_fs. > > +# > > +. ./common/preamble > > +_begin_fstest auto quick shutdown > > + > > +# real QA test starts here > > + > > +# Modify as appropriate. > > +_require_xfs_io_command syncfs > > +_require_scratch_nocheck > > +_require_scratch_shutdown > > Can this case be a generic case, with the help of _require_scratch_shutdown > and _require_xfs_io_command? I'm not sure. Of the three filesystems that both have a ->sync_fs function and implement FS_IOC_SHUTDOWN, xfs and f2fs look like they passes errors like they should. ext4 is another story -- curiously, if the fs is shut down, it'll return 0 and it doesn't check the return value of dquot_writeback_dquots. I don't remember enough of ext to know if that's deliberate or merely an age-old artifact of the Bad Old Days when that whole code path didn't care about errors. --D > Thanks, > Zorro > > > + > > +# Reuse the fs formatted when we checked for the shutdown ioctl, and don't > > +# bother checking the filesystem afterwards since we never wrote anything. > > +_scratch_mount > > +$XFS_IO_PROG -x -c 'shutdown -f ' -c syncfs $SCRATCH_MNT > > + > > +# success, all done > > +status=0 > > +exit > > diff --git a/tests/xfs/839.out b/tests/xfs/839.out > > new file mode 100644 > > index 00000000..f275cdcc > > --- /dev/null > > +++ b/tests/xfs/839.out > > @@ -0,0 +1,2 @@ > > +QA output created by 839 > > +syncfs: Input/output error > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 2/2] generic: ensure we drop suid after fallocate 2022-03-16 3:30 [PATCHSET 0/2] fstests: new tests for kernel 5.17 Darrick J. Wong 2022-03-16 3:30 ` [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors Darrick J. Wong @ 2022-03-16 3:30 ` Darrick J. Wong 2022-03-23 3:06 ` Zorro Lang 1 sibling, 1 reply; 9+ messages in thread From: Darrick J. Wong @ 2022-03-16 3:30 UTC (permalink / raw) To: djwong, guaneryu; +Cc: linux-xfs, fstests, guan From: Darrick J. Wong <djwong@kernel.org> fallocate changes file contents, so make sure that we drop privileges and file capabilities after each fallocate operation. Signed-off-by: Darrick J. Wong <djwong@kernel.org> --- tests/generic/834 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/834.out | 33 +++++++++++++ tests/generic/835 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/835.out | 33 +++++++++++++ tests/generic/836 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/836.out | 33 +++++++++++++ tests/generic/837 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/837.out | 33 +++++++++++++ tests/generic/838 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/838.out | 33 +++++++++++++ tests/generic/839 | 79 ++++++++++++++++++++++++++++++ tests/generic/839.out | 13 +++++ 12 files changed, 902 insertions(+) create mode 100755 tests/generic/834 create mode 100644 tests/generic/834.out create mode 100755 tests/generic/835 create mode 100644 tests/generic/835.out create mode 100755 tests/generic/836 create mode 100644 tests/generic/836.out create mode 100755 tests/generic/837 create mode 100644 tests/generic/837.out create mode 100755 tests/generic/838 create mode 100644 tests/generic/838.out create mode 100755 tests/generic/839 create mode 100755 tests/generic/839.out diff --git a/tests/generic/834 b/tests/generic/834 new file mode 100755 index 00000000..27552221 --- /dev/null +++ b/tests/generic/834 @@ -0,0 +1,129 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 834 +# +# Functional test for dropping suid and sgid bits as part of a fallocate. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=falloc +_require_xfs_io_command $verb + +_require_congruent_file_oplen $TEST_DIR 65536 + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/834.out b/tests/generic/834.out new file mode 100644 index 00000000..2226eea6 --- /dev/null +++ b/tests/generic/834.out @@ -0,0 +1,33 @@ +QA output created by 834 +Test 1 - qa_user, non-exec file falloc +6666 -rwSrwSrw- TEST_DIR/834/a +666 -rw-rw-rw- TEST_DIR/834/a + +Test 2 - qa_user, group-exec file falloc +6676 -rwSrwsrw- TEST_DIR/834/a +676 -rw-rwxrw- TEST_DIR/834/a + +Test 3 - qa_user, user-exec file falloc +6766 -rwsrwSrw- TEST_DIR/834/a +766 -rwxrw-rw- TEST_DIR/834/a + +Test 4 - qa_user, all-exec file falloc +6777 -rwsrwsrwx TEST_DIR/834/a +777 -rwxrwxrwx TEST_DIR/834/a + +Test 5 - root, non-exec file falloc +6666 -rwSrwSrw- TEST_DIR/834/a +6666 -rwSrwSrw- TEST_DIR/834/a + +Test 6 - root, group-exec file falloc +6676 -rwSrwsrw- TEST_DIR/834/a +6676 -rwSrwsrw- TEST_DIR/834/a + +Test 7 - root, user-exec file falloc +6766 -rwsrwSrw- TEST_DIR/834/a +6766 -rwsrwSrw- TEST_DIR/834/a + +Test 8 - root, all-exec file falloc +6777 -rwsrwsrwx TEST_DIR/834/a +6777 -rwsrwsrwx TEST_DIR/834/a + diff --git a/tests/generic/835 b/tests/generic/835 new file mode 100755 index 00000000..56e4d80c --- /dev/null +++ b/tests/generic/835 @@ -0,0 +1,129 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 835 +# +# Functional test for dropping suid and sgid bits as part of a fpunch. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=fpunch +_require_xfs_io_command $verb + +_require_congruent_file_oplen $TEST_DIR 65536 + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/835.out b/tests/generic/835.out new file mode 100644 index 00000000..186d7da4 --- /dev/null +++ b/tests/generic/835.out @@ -0,0 +1,33 @@ +QA output created by 835 +Test 1 - qa_user, non-exec file fpunch +6666 -rwSrwSrw- TEST_DIR/835/a +666 -rw-rw-rw- TEST_DIR/835/a + +Test 2 - qa_user, group-exec file fpunch +6676 -rwSrwsrw- TEST_DIR/835/a +676 -rw-rwxrw- TEST_DIR/835/a + +Test 3 - qa_user, user-exec file fpunch +6766 -rwsrwSrw- TEST_DIR/835/a +766 -rwxrw-rw- TEST_DIR/835/a + +Test 4 - qa_user, all-exec file fpunch +6777 -rwsrwsrwx TEST_DIR/835/a +777 -rwxrwxrwx TEST_DIR/835/a + +Test 5 - root, non-exec file fpunch +6666 -rwSrwSrw- TEST_DIR/835/a +6666 -rwSrwSrw- TEST_DIR/835/a + +Test 6 - root, group-exec file fpunch +6676 -rwSrwsrw- TEST_DIR/835/a +6676 -rwSrwsrw- TEST_DIR/835/a + +Test 7 - root, user-exec file fpunch +6766 -rwsrwSrw- TEST_DIR/835/a +6766 -rwsrwSrw- TEST_DIR/835/a + +Test 8 - root, all-exec file fpunch +6777 -rwsrwsrwx TEST_DIR/835/a +6777 -rwsrwsrwx TEST_DIR/835/a + diff --git a/tests/generic/836 b/tests/generic/836 new file mode 100755 index 00000000..b355f6e9 --- /dev/null +++ b/tests/generic/836 @@ -0,0 +1,129 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 836 +# +# Functional test for dropping suid and sgid bits as part of a fzero. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=fzero +_require_xfs_io_command $verb + +_require_congruent_file_oplen $TEST_DIR 65536 + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/836.out b/tests/generic/836.out new file mode 100644 index 00000000..9f9f5f12 --- /dev/null +++ b/tests/generic/836.out @@ -0,0 +1,33 @@ +QA output created by 836 +Test 1 - qa_user, non-exec file fzero +6666 -rwSrwSrw- TEST_DIR/836/a +666 -rw-rw-rw- TEST_DIR/836/a + +Test 2 - qa_user, group-exec file fzero +6676 -rwSrwsrw- TEST_DIR/836/a +676 -rw-rwxrw- TEST_DIR/836/a + +Test 3 - qa_user, user-exec file fzero +6766 -rwsrwSrw- TEST_DIR/836/a +766 -rwxrw-rw- TEST_DIR/836/a + +Test 4 - qa_user, all-exec file fzero +6777 -rwsrwsrwx TEST_DIR/836/a +777 -rwxrwxrwx TEST_DIR/836/a + +Test 5 - root, non-exec file fzero +6666 -rwSrwSrw- TEST_DIR/836/a +6666 -rwSrwSrw- TEST_DIR/836/a + +Test 6 - root, group-exec file fzero +6676 -rwSrwsrw- TEST_DIR/836/a +6676 -rwSrwsrw- TEST_DIR/836/a + +Test 7 - root, user-exec file fzero +6766 -rwsrwSrw- TEST_DIR/836/a +6766 -rwsrwSrw- TEST_DIR/836/a + +Test 8 - root, all-exec file fzero +6777 -rwsrwsrwx TEST_DIR/836/a +6777 -rwsrwsrwx TEST_DIR/836/a + diff --git a/tests/generic/837 b/tests/generic/837 new file mode 100755 index 00000000..348a9168 --- /dev/null +++ b/tests/generic/837 @@ -0,0 +1,129 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 837 +# +# Functional test for dropping suid and sgid bits as part of a finsert. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=finsert +_require_xfs_io_command $verb + +_require_congruent_file_oplen $TEST_DIR 65536 + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/837.out b/tests/generic/837.out new file mode 100644 index 00000000..686b806e --- /dev/null +++ b/tests/generic/837.out @@ -0,0 +1,33 @@ +QA output created by 837 +Test 1 - qa_user, non-exec file finsert +6666 -rwSrwSrw- TEST_DIR/837/a +666 -rw-rw-rw- TEST_DIR/837/a + +Test 2 - qa_user, group-exec file finsert +6676 -rwSrwsrw- TEST_DIR/837/a +676 -rw-rwxrw- TEST_DIR/837/a + +Test 3 - qa_user, user-exec file finsert +6766 -rwsrwSrw- TEST_DIR/837/a +766 -rwxrw-rw- TEST_DIR/837/a + +Test 4 - qa_user, all-exec file finsert +6777 -rwsrwsrwx TEST_DIR/837/a +777 -rwxrwxrwx TEST_DIR/837/a + +Test 5 - root, non-exec file finsert +6666 -rwSrwSrw- TEST_DIR/837/a +6666 -rwSrwSrw- TEST_DIR/837/a + +Test 6 - root, group-exec file finsert +6676 -rwSrwsrw- TEST_DIR/837/a +6676 -rwSrwsrw- TEST_DIR/837/a + +Test 7 - root, user-exec file finsert +6766 -rwsrwSrw- TEST_DIR/837/a +6766 -rwsrwSrw- TEST_DIR/837/a + +Test 8 - root, all-exec file finsert +6777 -rwsrwsrwx TEST_DIR/837/a +6777 -rwsrwsrwx TEST_DIR/837/a + diff --git a/tests/generic/838 b/tests/generic/838 new file mode 100755 index 00000000..1e76b584 --- /dev/null +++ b/tests/generic/838 @@ -0,0 +1,129 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 838 +# +# Functional test for dropping suid and sgid bits as part of a fcollapse. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=fcollapse +_require_xfs_io_command $verb + +_require_congruent_file_oplen $TEST_DIR 65536 + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/838.out b/tests/generic/838.out new file mode 100644 index 00000000..cdc29f4b --- /dev/null +++ b/tests/generic/838.out @@ -0,0 +1,33 @@ +QA output created by 838 +Test 1 - qa_user, non-exec file fcollapse +6666 -rwSrwSrw- TEST_DIR/838/a +666 -rw-rw-rw- TEST_DIR/838/a + +Test 2 - qa_user, group-exec file fcollapse +6676 -rwSrwsrw- TEST_DIR/838/a +676 -rw-rwxrw- TEST_DIR/838/a + +Test 3 - qa_user, user-exec file fcollapse +6766 -rwsrwSrw- TEST_DIR/838/a +766 -rwxrw-rw- TEST_DIR/838/a + +Test 4 - qa_user, all-exec file fcollapse +6777 -rwsrwsrwx TEST_DIR/838/a +777 -rwxrwxrwx TEST_DIR/838/a + +Test 5 - root, non-exec file fcollapse +6666 -rwSrwSrw- TEST_DIR/838/a +6666 -rwSrwSrw- TEST_DIR/838/a + +Test 6 - root, group-exec file fcollapse +6676 -rwSrwsrw- TEST_DIR/838/a +6676 -rwSrwsrw- TEST_DIR/838/a + +Test 7 - root, user-exec file fcollapse +6766 -rwsrwSrw- TEST_DIR/838/a +6766 -rwsrwSrw- TEST_DIR/838/a + +Test 8 - root, all-exec file fcollapse +6777 -rwsrwsrwx TEST_DIR/838/a +6777 -rwsrwsrwx TEST_DIR/838/a + diff --git a/tests/generic/839 b/tests/generic/839 new file mode 100755 index 00000000..a1e23916 --- /dev/null +++ b/tests/generic/839 @@ -0,0 +1,79 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 839 +# +# Functional test for dropping capability bits as part of an fallocate. +# +. ./common/preamble +_begin_fstest auto fiexchange swapext quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_command "$GETCAP_PROG" getcap +_require_command "$SETCAP_PROG" setcap +_require_xfs_io_command falloc +_require_test + +_require_congruent_file_oplen $TEST_DIR 65536 + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + touch $junk_file + chmod a+rwx $junk_file + $SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file + sync +} + +commit_and_check() { + local user="$1" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + _getcap -v $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + _getcap -v $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +# Commit by an unprivileged user clears capability bits. +echo "Test 1 - qa_user" +setup_testfile +commit_and_check "$qa_user" + +# Commit by root leaves capability bits. +echo "Test 2 - root" +setup_testfile +commit_and_check + +# success, all done +status=0 +exit diff --git a/tests/generic/839.out b/tests/generic/839.out new file mode 100755 index 00000000..f571cd26 --- /dev/null +++ b/tests/generic/839.out @@ -0,0 +1,13 @@ +QA output created by 839 +Test 1 - qa_user +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a cap_setgid,cap_setuid=ep +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a + +Test 2 - root +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a cap_setgid,cap_setuid=ep +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a + ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 2/2] generic: ensure we drop suid after fallocate 2022-03-16 3:30 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong @ 2022-03-23 3:06 ` Zorro Lang 2022-03-26 18:07 ` Darrick J. Wong 0 siblings, 1 reply; 9+ messages in thread From: Zorro Lang @ 2022-03-23 3:06 UTC (permalink / raw) To: Darrick J. Wong; +Cc: linux-xfs, fstests On Tue, Mar 15, 2022 at 08:30:40PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <djwong@kernel.org> > > fallocate changes file contents, so make sure that we drop privileges > and file capabilities after each fallocate operation. > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > --- > tests/generic/834 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/834.out | 33 +++++++++++++ > tests/generic/835 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/835.out | 33 +++++++++++++ > tests/generic/836 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/836.out | 33 +++++++++++++ > tests/generic/837 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/837.out | 33 +++++++++++++ > tests/generic/838 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/838.out | 33 +++++++++++++ > tests/generic/839 | 79 ++++++++++++++++++++++++++++++ > tests/generic/839.out | 13 +++++ > 12 files changed, 902 insertions(+) > create mode 100755 tests/generic/834 > create mode 100644 tests/generic/834.out > create mode 100755 tests/generic/835 > create mode 100644 tests/generic/835.out > create mode 100755 tests/generic/836 > create mode 100644 tests/generic/836.out > create mode 100755 tests/generic/837 > create mode 100644 tests/generic/837.out > create mode 100755 tests/generic/838 > create mode 100644 tests/generic/838.out > create mode 100755 tests/generic/839 > create mode 100755 tests/generic/839.out > > > diff --git a/tests/generic/834 b/tests/generic/834 > new file mode 100755 > index 00000000..27552221 > --- /dev/null > +++ b/tests/generic/834 > @@ -0,0 +1,129 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 834 > +# > +# Functional test for dropping suid and sgid bits as part of a fallocate. > +# > +. ./common/preamble > +_begin_fstest auto clone quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > +. ./common/reflink > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_test > +verb=falloc > +_require_xfs_io_command $verb > + > +_require_congruent_file_oplen $TEST_DIR 65536 ^^ Is it a Darrick's unpublic secret weapon:) > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + [snip] ... > diff --git a/tests/generic/839 b/tests/generic/839 > new file mode 100755 > index 00000000..a1e23916 > --- /dev/null > +++ b/tests/generic/839 > @@ -0,0 +1,79 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 839 > +# > +# Functional test for dropping capability bits as part of an fallocate. > +# > +. ./common/preamble > +_begin_fstest auto fiexchange swapext quick ^^ ^^ I think we don't have these two group names currently, this will cause failure. You can register them if you need :) Thanks, Zorro > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_command "$GETCAP_PROG" getcap > +_require_command "$SETCAP_PROG" setcap > +_require_xfs_io_command falloc > +_require_test > + > +_require_congruent_file_oplen $TEST_DIR 65536 > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + touch $junk_file > + chmod a+rwx $junk_file > + $SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file > + sync > +} > + > +commit_and_check() { > + local user="$1" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + _getcap -v $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + _getcap -v $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +# Commit by an unprivileged user clears capability bits. > +echo "Test 1 - qa_user" > +setup_testfile > +commit_and_check "$qa_user" > + > +# Commit by root leaves capability bits. > +echo "Test 2 - root" > +setup_testfile > +commit_and_check > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/839.out b/tests/generic/839.out > new file mode 100755 > index 00000000..f571cd26 > --- /dev/null > +++ b/tests/generic/839.out > @@ -0,0 +1,13 @@ > +QA output created by 839 > +Test 1 - qa_user > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a cap_setgid,cap_setuid=ep > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a > + > +Test 2 - root > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a cap_setgid,cap_setuid=ep > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a > + > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 2/2] generic: ensure we drop suid after fallocate 2022-03-23 3:06 ` Zorro Lang @ 2022-03-26 18:07 ` Darrick J. Wong 0 siblings, 0 replies; 9+ messages in thread From: Darrick J. Wong @ 2022-03-26 18:07 UTC (permalink / raw) To: linux-xfs, fstests On Wed, Mar 23, 2022 at 11:06:57AM +0800, Zorro Lang wrote: > On Tue, Mar 15, 2022 at 08:30:40PM -0700, Darrick J. Wong wrote: > > From: Darrick J. Wong <djwong@kernel.org> > > > > fallocate changes file contents, so make sure that we drop privileges > > and file capabilities after each fallocate operation. > > > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > > --- > > tests/generic/834 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > > tests/generic/834.out | 33 +++++++++++++ > > tests/generic/835 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > > tests/generic/835.out | 33 +++++++++++++ > > tests/generic/836 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > > tests/generic/836.out | 33 +++++++++++++ > > tests/generic/837 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > > tests/generic/837.out | 33 +++++++++++++ > > tests/generic/838 | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ > > tests/generic/838.out | 33 +++++++++++++ > > tests/generic/839 | 79 ++++++++++++++++++++++++++++++ > > tests/generic/839.out | 13 +++++ > > 12 files changed, 902 insertions(+) > > create mode 100755 tests/generic/834 > > create mode 100644 tests/generic/834.out > > create mode 100755 tests/generic/835 > > create mode 100644 tests/generic/835.out > > create mode 100755 tests/generic/836 > > create mode 100644 tests/generic/836.out > > create mode 100755 tests/generic/837 > > create mode 100644 tests/generic/837.out > > create mode 100755 tests/generic/838 > > create mode 100644 tests/generic/838.out > > create mode 100755 tests/generic/839 > > create mode 100755 tests/generic/839.out > > > > > > diff --git a/tests/generic/834 b/tests/generic/834 > > new file mode 100755 > > index 00000000..27552221 > > --- /dev/null > > +++ b/tests/generic/834 > > @@ -0,0 +1,129 @@ > > +#! /bin/bash > > +# SPDX-License-Identifier: GPL-2.0 > > +# Copyright (c) 2022 Oracle. All Rights Reserved. > > +# > > +# FS QA Test No. 834 > > +# > > +# Functional test for dropping suid and sgid bits as part of a fallocate. > > +# > > +. ./common/preamble > > +_begin_fstest auto clone quick > > + > > +# Override the default cleanup function. > > +_cleanup() > > +{ > > + cd / > > + rm -r -f $tmp.* $junk_dir > > +} > > + > > +# Import common functions. > > +. ./common/filter > > +. ./common/reflink > > + > > +# real QA test starts here > > + > > +# Modify as appropriate. > > +_supported_fs generic > > +_require_user > > +_require_test > > +verb=falloc > > +_require_xfs_io_command $verb > > + > > +_require_congruent_file_oplen $TEST_DIR 65536 > ^^ > > Is it a Darrick's unpublic secret weapon:) Not really, the latest djwong development branches are always at https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfstests-dev.git/ (But yes, the _require_congruent_file_oplen helper prevents us from running fallocate tests when the selected operation size isn't congruent with the configured blocksize (e.g. blksz=65536 when the rt extent size is 28k) > > + > > +junk_dir=$TEST_DIR/$seq > > +junk_file=$junk_dir/a > > +mkdir -p $junk_dir/ > > +chmod a+rw $junk_dir/ > > + > > [snip] ... > > > diff --git a/tests/generic/839 b/tests/generic/839 > > new file mode 100755 > > index 00000000..a1e23916 > > --- /dev/null > > +++ b/tests/generic/839 > > @@ -0,0 +1,79 @@ > > +#! /bin/bash > > +# SPDX-License-Identifier: GPL-2.0 > > +# Copyright (c) 2022 Oracle. All Rights Reserved. > > +# > > +# FS QA Test No. 839 > > +# > > +# Functional test for dropping capability bits as part of an fallocate. > > +# > > +. ./common/preamble > > +_begin_fstest auto fiexchange swapext quick > ^^ ^^ > > I think we don't have these two group names currently, this will cause failure. > You can register them if you need :) Oops. Yeah, I'll fix these things before I resubmit. Thanks for pointing that out. :( --D > > Thanks, > Zorro > > > + > > +# Override the default cleanup function. > > +_cleanup() > > +{ > > + cd / > > + rm -r -f $tmp.* $junk_dir > > +} > > + > > +# Import common functions. > > +. ./common/filter > > + > > +# real QA test starts here > > + > > +# Modify as appropriate. > > +_supported_fs generic > > +_require_user > > +_require_command "$GETCAP_PROG" getcap > > +_require_command "$SETCAP_PROG" setcap > > +_require_xfs_io_command falloc > > +_require_test > > + > > +_require_congruent_file_oplen $TEST_DIR 65536 > > + > > +junk_dir=$TEST_DIR/$seq > > +junk_file=$junk_dir/a > > +mkdir -p $junk_dir/ > > +chmod a+rw $junk_dir/ > > + > > +setup_testfile() { > > + rm -f $junk_file > > + touch $junk_file > > + chmod a+rwx $junk_file > > + $SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file > > + sync > > +} > > + > > +commit_and_check() { > > + local user="$1" > > + > > + stat -c '%a %A %n' $junk_file | _filter_test_dir > > + _getcap -v $junk_file | _filter_test_dir > > + > > + local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file" > > + if [ -n "$user" ]; then > > + su - "$user" -c "$cmd" >> $seqres.full > > + else > > + $SHELL -c "$cmd" >> $seqres.full > > + fi > > + > > + stat -c '%a %A %n' $junk_file | _filter_test_dir > > + _getcap -v $junk_file | _filter_test_dir > > + > > + # Blank line in output > > + echo > > +} > > + > > +# Commit by an unprivileged user clears capability bits. > > +echo "Test 1 - qa_user" > > +setup_testfile > > +commit_and_check "$qa_user" > > + > > +# Commit by root leaves capability bits. > > +echo "Test 2 - root" > > +setup_testfile > > +commit_and_check > > + > > +# success, all done > > +status=0 > > +exit > > diff --git a/tests/generic/839.out b/tests/generic/839.out > > new file mode 100755 > > index 00000000..f571cd26 > > --- /dev/null > > +++ b/tests/generic/839.out > > @@ -0,0 +1,13 @@ > > +QA output created by 839 > > +Test 1 - qa_user > > +777 -rwxrwxrwx TEST_DIR/839/a > > +TEST_DIR/839/a cap_setgid,cap_setuid=ep > > +777 -rwxrwxrwx TEST_DIR/839/a > > +TEST_DIR/839/a > > + > > +Test 2 - root > > +777 -rwxrwxrwx TEST_DIR/839/a > > +TEST_DIR/839/a cap_setgid,cap_setuid=ep > > +777 -rwxrwxrwx TEST_DIR/839/a > > +TEST_DIR/839/a > > + > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCHSET v2 0/2] fstests: new tests for kernel 5.18 @ 2022-04-19 17:32 Darrick J. Wong 2022-04-19 17:32 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong 0 siblings, 1 reply; 9+ messages in thread From: Darrick J. Wong @ 2022-04-19 17:32 UTC (permalink / raw) To: djwong, guaneryu, zlang; +Cc: linux-xfs, fstests, guan, amir73il Hi all, Add new tests for bugfixes merged during 5.18. Specifically, we now check quota enforcement when linking and renaming into a directory (merged), test that XFS reliably returns all errors captured by xfs_sync_fs, and make sure that fallocate drops file privileges and capabilities like any other file write would. v2: move stuff around If you're going to start using this mess, you probably ought to just pull from my git trees, which are linked below. This is an extraordinary way to destroy everything. Enjoy! Comments and questions are, as always, welcome. --D kernel git tree: https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=xfs-merge-5.18 fstests git tree: https://git.kernel.org/cgit/linux/kernel/git/djwong/xfstests-dev.git/log/?h=xfs-merge-5.18 --- tests/generic/834 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/834.out | 33 +++++++++++++ tests/generic/835 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/835.out | 33 +++++++++++++ tests/generic/836 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/836.out | 33 +++++++++++++ tests/generic/837 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/837.out | 33 +++++++++++++ tests/generic/838 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/838.out | 33 +++++++++++++ tests/generic/839 | 77 ++++++++++++++++++++++++++++++ tests/generic/839.out | 13 +++++ tests/xfs/839 | 42 ++++++++++++++++ tests/xfs/839.out | 2 + 14 files changed, 934 insertions(+) create mode 100755 tests/generic/834 create mode 100644 tests/generic/834.out create mode 100755 tests/generic/835 create mode 100644 tests/generic/835.out create mode 100755 tests/generic/836 create mode 100644 tests/generic/836.out create mode 100755 tests/generic/837 create mode 100644 tests/generic/837.out create mode 100755 tests/generic/838 create mode 100644 tests/generic/838.out create mode 100755 tests/generic/839 create mode 100755 tests/generic/839.out create mode 100755 tests/xfs/839 create mode 100644 tests/xfs/839.out ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 2/2] generic: ensure we drop suid after fallocate 2022-04-19 17:32 [PATCHSET v2 0/2] fstests: new tests for kernel 5.18 Darrick J. Wong @ 2022-04-19 17:32 ` Darrick J. Wong 2022-04-19 18:40 ` Zorro Lang 0 siblings, 1 reply; 9+ messages in thread From: Darrick J. Wong @ 2022-04-19 17:32 UTC (permalink / raw) To: djwong, guaneryu, zlang; +Cc: linux-xfs, fstests, guan, amir73il From: Darrick J. Wong <djwong@kernel.org> fallocate changes file contents, so make sure that we drop privileges and file capabilities after each fallocate operation. Signed-off-by: Darrick J. Wong <djwong@kernel.org> --- tests/generic/834 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/834.out | 33 +++++++++++++ tests/generic/835 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/835.out | 33 +++++++++++++ tests/generic/836 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/836.out | 33 +++++++++++++ tests/generic/837 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/837.out | 33 +++++++++++++ tests/generic/838 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/838.out | 33 +++++++++++++ tests/generic/839 | 77 ++++++++++++++++++++++++++++++ tests/generic/839.out | 13 +++++ 12 files changed, 890 insertions(+) create mode 100755 tests/generic/834 create mode 100644 tests/generic/834.out create mode 100755 tests/generic/835 create mode 100644 tests/generic/835.out create mode 100755 tests/generic/836 create mode 100644 tests/generic/836.out create mode 100755 tests/generic/837 create mode 100644 tests/generic/837.out create mode 100755 tests/generic/838 create mode 100644 tests/generic/838.out create mode 100755 tests/generic/839 create mode 100755 tests/generic/839.out diff --git a/tests/generic/834 b/tests/generic/834 new file mode 100755 index 00000000..9b0ff7e5 --- /dev/null +++ b/tests/generic/834 @@ -0,0 +1,127 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 834 +# +# Functional test for dropping suid and sgid bits as part of a fallocate. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=falloc +_require_xfs_io_command $verb + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/834.out b/tests/generic/834.out new file mode 100644 index 00000000..2226eea6 --- /dev/null +++ b/tests/generic/834.out @@ -0,0 +1,33 @@ +QA output created by 834 +Test 1 - qa_user, non-exec file falloc +6666 -rwSrwSrw- TEST_DIR/834/a +666 -rw-rw-rw- TEST_DIR/834/a + +Test 2 - qa_user, group-exec file falloc +6676 -rwSrwsrw- TEST_DIR/834/a +676 -rw-rwxrw- TEST_DIR/834/a + +Test 3 - qa_user, user-exec file falloc +6766 -rwsrwSrw- TEST_DIR/834/a +766 -rwxrw-rw- TEST_DIR/834/a + +Test 4 - qa_user, all-exec file falloc +6777 -rwsrwsrwx TEST_DIR/834/a +777 -rwxrwxrwx TEST_DIR/834/a + +Test 5 - root, non-exec file falloc +6666 -rwSrwSrw- TEST_DIR/834/a +6666 -rwSrwSrw- TEST_DIR/834/a + +Test 6 - root, group-exec file falloc +6676 -rwSrwsrw- TEST_DIR/834/a +6676 -rwSrwsrw- TEST_DIR/834/a + +Test 7 - root, user-exec file falloc +6766 -rwsrwSrw- TEST_DIR/834/a +6766 -rwsrwSrw- TEST_DIR/834/a + +Test 8 - root, all-exec file falloc +6777 -rwsrwsrwx TEST_DIR/834/a +6777 -rwsrwsrwx TEST_DIR/834/a + diff --git a/tests/generic/835 b/tests/generic/835 new file mode 100755 index 00000000..0f67ce3b --- /dev/null +++ b/tests/generic/835 @@ -0,0 +1,127 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 835 +# +# Functional test for dropping suid and sgid bits as part of a fpunch. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=fpunch +_require_xfs_io_command $verb + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/835.out b/tests/generic/835.out new file mode 100644 index 00000000..186d7da4 --- /dev/null +++ b/tests/generic/835.out @@ -0,0 +1,33 @@ +QA output created by 835 +Test 1 - qa_user, non-exec file fpunch +6666 -rwSrwSrw- TEST_DIR/835/a +666 -rw-rw-rw- TEST_DIR/835/a + +Test 2 - qa_user, group-exec file fpunch +6676 -rwSrwsrw- TEST_DIR/835/a +676 -rw-rwxrw- TEST_DIR/835/a + +Test 3 - qa_user, user-exec file fpunch +6766 -rwsrwSrw- TEST_DIR/835/a +766 -rwxrw-rw- TEST_DIR/835/a + +Test 4 - qa_user, all-exec file fpunch +6777 -rwsrwsrwx TEST_DIR/835/a +777 -rwxrwxrwx TEST_DIR/835/a + +Test 5 - root, non-exec file fpunch +6666 -rwSrwSrw- TEST_DIR/835/a +6666 -rwSrwSrw- TEST_DIR/835/a + +Test 6 - root, group-exec file fpunch +6676 -rwSrwsrw- TEST_DIR/835/a +6676 -rwSrwsrw- TEST_DIR/835/a + +Test 7 - root, user-exec file fpunch +6766 -rwsrwSrw- TEST_DIR/835/a +6766 -rwsrwSrw- TEST_DIR/835/a + +Test 8 - root, all-exec file fpunch +6777 -rwsrwsrwx TEST_DIR/835/a +6777 -rwsrwsrwx TEST_DIR/835/a + diff --git a/tests/generic/836 b/tests/generic/836 new file mode 100755 index 00000000..c470cb1e --- /dev/null +++ b/tests/generic/836 @@ -0,0 +1,127 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 836 +# +# Functional test for dropping suid and sgid bits as part of a fzero. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=fzero +_require_xfs_io_command $verb + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/836.out b/tests/generic/836.out new file mode 100644 index 00000000..9f9f5f12 --- /dev/null +++ b/tests/generic/836.out @@ -0,0 +1,33 @@ +QA output created by 836 +Test 1 - qa_user, non-exec file fzero +6666 -rwSrwSrw- TEST_DIR/836/a +666 -rw-rw-rw- TEST_DIR/836/a + +Test 2 - qa_user, group-exec file fzero +6676 -rwSrwsrw- TEST_DIR/836/a +676 -rw-rwxrw- TEST_DIR/836/a + +Test 3 - qa_user, user-exec file fzero +6766 -rwsrwSrw- TEST_DIR/836/a +766 -rwxrw-rw- TEST_DIR/836/a + +Test 4 - qa_user, all-exec file fzero +6777 -rwsrwsrwx TEST_DIR/836/a +777 -rwxrwxrwx TEST_DIR/836/a + +Test 5 - root, non-exec file fzero +6666 -rwSrwSrw- TEST_DIR/836/a +6666 -rwSrwSrw- TEST_DIR/836/a + +Test 6 - root, group-exec file fzero +6676 -rwSrwsrw- TEST_DIR/836/a +6676 -rwSrwsrw- TEST_DIR/836/a + +Test 7 - root, user-exec file fzero +6766 -rwsrwSrw- TEST_DIR/836/a +6766 -rwsrwSrw- TEST_DIR/836/a + +Test 8 - root, all-exec file fzero +6777 -rwsrwsrwx TEST_DIR/836/a +6777 -rwsrwsrwx TEST_DIR/836/a + diff --git a/tests/generic/837 b/tests/generic/837 new file mode 100755 index 00000000..f9a49bb1 --- /dev/null +++ b/tests/generic/837 @@ -0,0 +1,127 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 837 +# +# Functional test for dropping suid and sgid bits as part of a finsert. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=finsert +_require_xfs_io_command $verb + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/837.out b/tests/generic/837.out new file mode 100644 index 00000000..686b806e --- /dev/null +++ b/tests/generic/837.out @@ -0,0 +1,33 @@ +QA output created by 837 +Test 1 - qa_user, non-exec file finsert +6666 -rwSrwSrw- TEST_DIR/837/a +666 -rw-rw-rw- TEST_DIR/837/a + +Test 2 - qa_user, group-exec file finsert +6676 -rwSrwsrw- TEST_DIR/837/a +676 -rw-rwxrw- TEST_DIR/837/a + +Test 3 - qa_user, user-exec file finsert +6766 -rwsrwSrw- TEST_DIR/837/a +766 -rwxrw-rw- TEST_DIR/837/a + +Test 4 - qa_user, all-exec file finsert +6777 -rwsrwsrwx TEST_DIR/837/a +777 -rwxrwxrwx TEST_DIR/837/a + +Test 5 - root, non-exec file finsert +6666 -rwSrwSrw- TEST_DIR/837/a +6666 -rwSrwSrw- TEST_DIR/837/a + +Test 6 - root, group-exec file finsert +6676 -rwSrwsrw- TEST_DIR/837/a +6676 -rwSrwsrw- TEST_DIR/837/a + +Test 7 - root, user-exec file finsert +6766 -rwsrwSrw- TEST_DIR/837/a +6766 -rwsrwSrw- TEST_DIR/837/a + +Test 8 - root, all-exec file finsert +6777 -rwsrwsrwx TEST_DIR/837/a +6777 -rwsrwsrwx TEST_DIR/837/a + diff --git a/tests/generic/838 b/tests/generic/838 new file mode 100755 index 00000000..55838a8b --- /dev/null +++ b/tests/generic/838 @@ -0,0 +1,127 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 838 +# +# Functional test for dropping suid and sgid bits as part of a fcollapse. +# +. ./common/preamble +_begin_fstest auto clone quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter +. ./common/reflink + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_test +verb=fcollapse +_require_xfs_io_command $verb + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full + sync +} + +commit_and_check() { + local user="$1" + local command="$2" + local start="$3" + local end="$4" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +nr=0 +# Commit to a non-exec file by an unprivileged user clears suid but +# leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a group-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a user-exec file by an unprivileged user clears suid but +# not sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a all-exec file by an unprivileged user clears suid and +# sgid. +nr=$((nr + 1)) +echo "Test $nr - qa_user, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "$qa_user" "$verb" 64k 64k + +# Commit to a non-exec file by root clears suid but leaves sgid. +nr=$((nr + 1)) +echo "Test $nr - root, non-exec file $verb" +setup_testfile +chmod a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a group-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, group-exec file $verb" +setup_testfile +chmod g+x,a+rws $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a user-exec file by root clears suid but not sgid. +nr=$((nr + 1)) +echo "Test $nr - root, user-exec file $verb" +setup_testfile +chmod u+x,a+rws,g-x $junk_file +commit_and_check "" "$verb" 64k 64k + +# Commit to a all-exec file by root clears suid and sgid. +nr=$((nr + 1)) +echo "Test $nr - root, all-exec file $verb" +setup_testfile +chmod a+rwxs $junk_file +commit_and_check "" "$verb" 64k 64k + +# success, all done +status=0 +exit diff --git a/tests/generic/838.out b/tests/generic/838.out new file mode 100644 index 00000000..cdc29f4b --- /dev/null +++ b/tests/generic/838.out @@ -0,0 +1,33 @@ +QA output created by 838 +Test 1 - qa_user, non-exec file fcollapse +6666 -rwSrwSrw- TEST_DIR/838/a +666 -rw-rw-rw- TEST_DIR/838/a + +Test 2 - qa_user, group-exec file fcollapse +6676 -rwSrwsrw- TEST_DIR/838/a +676 -rw-rwxrw- TEST_DIR/838/a + +Test 3 - qa_user, user-exec file fcollapse +6766 -rwsrwSrw- TEST_DIR/838/a +766 -rwxrw-rw- TEST_DIR/838/a + +Test 4 - qa_user, all-exec file fcollapse +6777 -rwsrwsrwx TEST_DIR/838/a +777 -rwxrwxrwx TEST_DIR/838/a + +Test 5 - root, non-exec file fcollapse +6666 -rwSrwSrw- TEST_DIR/838/a +6666 -rwSrwSrw- TEST_DIR/838/a + +Test 6 - root, group-exec file fcollapse +6676 -rwSrwsrw- TEST_DIR/838/a +6676 -rwSrwsrw- TEST_DIR/838/a + +Test 7 - root, user-exec file fcollapse +6766 -rwsrwSrw- TEST_DIR/838/a +6766 -rwsrwSrw- TEST_DIR/838/a + +Test 8 - root, all-exec file fcollapse +6777 -rwsrwsrwx TEST_DIR/838/a +6777 -rwsrwsrwx TEST_DIR/838/a + diff --git a/tests/generic/839 b/tests/generic/839 new file mode 100755 index 00000000..14a94352 --- /dev/null +++ b/tests/generic/839 @@ -0,0 +1,77 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 839 +# +# Functional test for dropping capability bits as part of an fallocate. +# +. ./common/preamble +_begin_fstest auto prealloc quick + +# Override the default cleanup function. +_cleanup() +{ + cd / + rm -r -f $tmp.* $junk_dir +} + +# Import common functions. +. ./common/filter + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_user +_require_command "$GETCAP_PROG" getcap +_require_command "$SETCAP_PROG" setcap +_require_xfs_io_command falloc +_require_test + +junk_dir=$TEST_DIR/$seq +junk_file=$junk_dir/a +mkdir -p $junk_dir/ +chmod a+rw $junk_dir/ + +setup_testfile() { + rm -f $junk_file + touch $junk_file + chmod a+rwx $junk_file + $SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file + sync +} + +commit_and_check() { + local user="$1" + + stat -c '%a %A %n' $junk_file | _filter_test_dir + _getcap -v $junk_file | _filter_test_dir + + local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file" + if [ -n "$user" ]; then + su - "$user" -c "$cmd" >> $seqres.full + else + $SHELL -c "$cmd" >> $seqres.full + fi + + stat -c '%a %A %n' $junk_file | _filter_test_dir + _getcap -v $junk_file | _filter_test_dir + + # Blank line in output + echo +} + +# Commit by an unprivileged user clears capability bits. +echo "Test 1 - qa_user" +setup_testfile +commit_and_check "$qa_user" + +# Commit by root leaves capability bits. +echo "Test 2 - root" +setup_testfile +commit_and_check + +# success, all done +status=0 +exit diff --git a/tests/generic/839.out b/tests/generic/839.out new file mode 100755 index 00000000..f571cd26 --- /dev/null +++ b/tests/generic/839.out @@ -0,0 +1,13 @@ +QA output created by 839 +Test 1 - qa_user +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a cap_setgid,cap_setuid=ep +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a + +Test 2 - root +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a cap_setgid,cap_setuid=ep +777 -rwxrwxrwx TEST_DIR/839/a +TEST_DIR/839/a + ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 2/2] generic: ensure we drop suid after fallocate 2022-04-19 17:32 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong @ 2022-04-19 18:40 ` Zorro Lang 0 siblings, 0 replies; 9+ messages in thread From: Zorro Lang @ 2022-04-19 18:40 UTC (permalink / raw) To: Darrick J. Wong; +Cc: guaneryu, linux-xfs, fstests, guan, amir73il On Tue, Apr 19, 2022 at 10:32:21AM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <djwong@kernel.org> > > fallocate changes file contents, so make sure that we drop privileges > and file capabilities after each fallocate operation. > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > --- > tests/generic/834 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/834.out | 33 +++++++++++++ > tests/generic/835 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/835.out | 33 +++++++++++++ > tests/generic/836 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/836.out | 33 +++++++++++++ > tests/generic/837 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/837.out | 33 +++++++++++++ > tests/generic/838 | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/838.out | 33 +++++++++++++ > tests/generic/839 | 77 ++++++++++++++++++++++++++++++ > tests/generic/839.out | 13 +++++ > 12 files changed, 890 insertions(+) > create mode 100755 tests/generic/834 > create mode 100644 tests/generic/834.out > create mode 100755 tests/generic/835 > create mode 100644 tests/generic/835.out > create mode 100755 tests/generic/836 > create mode 100644 tests/generic/836.out > create mode 100755 tests/generic/837 > create mode 100644 tests/generic/837.out > create mode 100755 tests/generic/838 > create mode 100644 tests/generic/838.out > create mode 100755 tests/generic/839 > create mode 100755 tests/generic/839.out > > > diff --git a/tests/generic/834 b/tests/generic/834 > new file mode 100755 > index 00000000..9b0ff7e5 > --- /dev/null > +++ b/tests/generic/834 > @@ -0,0 +1,127 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 834 > +# > +# Functional test for dropping suid and sgid bits as part of a fallocate. > +# > +. ./common/preamble > +_begin_fstest auto clone quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > +. ./common/reflink > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic Thanks for you'd like to accept this change :) If someone fs clearly says they never support this behavior, we can deal with them later. Or they can use Amir's later patch to exclude themselves from this case testing clearly. Reviewed-by: Zorro Lang <zlang@redhat.com> > +_require_user > +_require_test > +verb=falloc > +_require_xfs_io_command $verb > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full > + sync > +} > + > +commit_and_check() { > + local user="$1" > + local command="$2" > + local start="$3" > + local end="$4" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +nr=0 > +# Commit to a non-exec file by an unprivileged user clears suid but > +# leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a group-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a user-exec file by an unprivileged user clears suid but > +# not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a all-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a non-exec file by root clears suid but leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a group-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a user-exec file by root clears suid but not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a all-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/834.out b/tests/generic/834.out > new file mode 100644 > index 00000000..2226eea6 > --- /dev/null > +++ b/tests/generic/834.out > @@ -0,0 +1,33 @@ > +QA output created by 834 > +Test 1 - qa_user, non-exec file falloc > +6666 -rwSrwSrw- TEST_DIR/834/a > +666 -rw-rw-rw- TEST_DIR/834/a > + > +Test 2 - qa_user, group-exec file falloc > +6676 -rwSrwsrw- TEST_DIR/834/a > +676 -rw-rwxrw- TEST_DIR/834/a > + > +Test 3 - qa_user, user-exec file falloc > +6766 -rwsrwSrw- TEST_DIR/834/a > +766 -rwxrw-rw- TEST_DIR/834/a > + > +Test 4 - qa_user, all-exec file falloc > +6777 -rwsrwsrwx TEST_DIR/834/a > +777 -rwxrwxrwx TEST_DIR/834/a > + > +Test 5 - root, non-exec file falloc > +6666 -rwSrwSrw- TEST_DIR/834/a > +6666 -rwSrwSrw- TEST_DIR/834/a > + > +Test 6 - root, group-exec file falloc > +6676 -rwSrwsrw- TEST_DIR/834/a > +6676 -rwSrwsrw- TEST_DIR/834/a > + > +Test 7 - root, user-exec file falloc > +6766 -rwsrwSrw- TEST_DIR/834/a > +6766 -rwsrwSrw- TEST_DIR/834/a > + > +Test 8 - root, all-exec file falloc > +6777 -rwsrwsrwx TEST_DIR/834/a > +6777 -rwsrwsrwx TEST_DIR/834/a > + > diff --git a/tests/generic/835 b/tests/generic/835 > new file mode 100755 > index 00000000..0f67ce3b > --- /dev/null > +++ b/tests/generic/835 > @@ -0,0 +1,127 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 835 > +# > +# Functional test for dropping suid and sgid bits as part of a fpunch. > +# > +. ./common/preamble > +_begin_fstest auto clone quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > +. ./common/reflink > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_test > +verb=fpunch > +_require_xfs_io_command $verb > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full > + sync > +} > + > +commit_and_check() { > + local user="$1" > + local command="$2" > + local start="$3" > + local end="$4" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +nr=0 > +# Commit to a non-exec file by an unprivileged user clears suid but > +# leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a group-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a user-exec file by an unprivileged user clears suid but > +# not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a all-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a non-exec file by root clears suid but leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a group-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a user-exec file by root clears suid but not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a all-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/835.out b/tests/generic/835.out > new file mode 100644 > index 00000000..186d7da4 > --- /dev/null > +++ b/tests/generic/835.out > @@ -0,0 +1,33 @@ > +QA output created by 835 > +Test 1 - qa_user, non-exec file fpunch > +6666 -rwSrwSrw- TEST_DIR/835/a > +666 -rw-rw-rw- TEST_DIR/835/a > + > +Test 2 - qa_user, group-exec file fpunch > +6676 -rwSrwsrw- TEST_DIR/835/a > +676 -rw-rwxrw- TEST_DIR/835/a > + > +Test 3 - qa_user, user-exec file fpunch > +6766 -rwsrwSrw- TEST_DIR/835/a > +766 -rwxrw-rw- TEST_DIR/835/a > + > +Test 4 - qa_user, all-exec file fpunch > +6777 -rwsrwsrwx TEST_DIR/835/a > +777 -rwxrwxrwx TEST_DIR/835/a > + > +Test 5 - root, non-exec file fpunch > +6666 -rwSrwSrw- TEST_DIR/835/a > +6666 -rwSrwSrw- TEST_DIR/835/a > + > +Test 6 - root, group-exec file fpunch > +6676 -rwSrwsrw- TEST_DIR/835/a > +6676 -rwSrwsrw- TEST_DIR/835/a > + > +Test 7 - root, user-exec file fpunch > +6766 -rwsrwSrw- TEST_DIR/835/a > +6766 -rwsrwSrw- TEST_DIR/835/a > + > +Test 8 - root, all-exec file fpunch > +6777 -rwsrwsrwx TEST_DIR/835/a > +6777 -rwsrwsrwx TEST_DIR/835/a > + > diff --git a/tests/generic/836 b/tests/generic/836 > new file mode 100755 > index 00000000..c470cb1e > --- /dev/null > +++ b/tests/generic/836 > @@ -0,0 +1,127 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 836 > +# > +# Functional test for dropping suid and sgid bits as part of a fzero. > +# > +. ./common/preamble > +_begin_fstest auto clone quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > +. ./common/reflink > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_test > +verb=fzero > +_require_xfs_io_command $verb > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full > + sync > +} > + > +commit_and_check() { > + local user="$1" > + local command="$2" > + local start="$3" > + local end="$4" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +nr=0 > +# Commit to a non-exec file by an unprivileged user clears suid but > +# leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a group-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a user-exec file by an unprivileged user clears suid but > +# not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a all-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a non-exec file by root clears suid but leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a group-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a user-exec file by root clears suid but not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a all-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/836.out b/tests/generic/836.out > new file mode 100644 > index 00000000..9f9f5f12 > --- /dev/null > +++ b/tests/generic/836.out > @@ -0,0 +1,33 @@ > +QA output created by 836 > +Test 1 - qa_user, non-exec file fzero > +6666 -rwSrwSrw- TEST_DIR/836/a > +666 -rw-rw-rw- TEST_DIR/836/a > + > +Test 2 - qa_user, group-exec file fzero > +6676 -rwSrwsrw- TEST_DIR/836/a > +676 -rw-rwxrw- TEST_DIR/836/a > + > +Test 3 - qa_user, user-exec file fzero > +6766 -rwsrwSrw- TEST_DIR/836/a > +766 -rwxrw-rw- TEST_DIR/836/a > + > +Test 4 - qa_user, all-exec file fzero > +6777 -rwsrwsrwx TEST_DIR/836/a > +777 -rwxrwxrwx TEST_DIR/836/a > + > +Test 5 - root, non-exec file fzero > +6666 -rwSrwSrw- TEST_DIR/836/a > +6666 -rwSrwSrw- TEST_DIR/836/a > + > +Test 6 - root, group-exec file fzero > +6676 -rwSrwsrw- TEST_DIR/836/a > +6676 -rwSrwsrw- TEST_DIR/836/a > + > +Test 7 - root, user-exec file fzero > +6766 -rwsrwSrw- TEST_DIR/836/a > +6766 -rwsrwSrw- TEST_DIR/836/a > + > +Test 8 - root, all-exec file fzero > +6777 -rwsrwsrwx TEST_DIR/836/a > +6777 -rwsrwsrwx TEST_DIR/836/a > + > diff --git a/tests/generic/837 b/tests/generic/837 > new file mode 100755 > index 00000000..f9a49bb1 > --- /dev/null > +++ b/tests/generic/837 > @@ -0,0 +1,127 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 837 > +# > +# Functional test for dropping suid and sgid bits as part of a finsert. > +# > +. ./common/preamble > +_begin_fstest auto clone quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > +. ./common/reflink > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_test > +verb=finsert > +_require_xfs_io_command $verb > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full > + sync > +} > + > +commit_and_check() { > + local user="$1" > + local command="$2" > + local start="$3" > + local end="$4" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +nr=0 > +# Commit to a non-exec file by an unprivileged user clears suid but > +# leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a group-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a user-exec file by an unprivileged user clears suid but > +# not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a all-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a non-exec file by root clears suid but leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a group-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a user-exec file by root clears suid but not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a all-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/837.out b/tests/generic/837.out > new file mode 100644 > index 00000000..686b806e > --- /dev/null > +++ b/tests/generic/837.out > @@ -0,0 +1,33 @@ > +QA output created by 837 > +Test 1 - qa_user, non-exec file finsert > +6666 -rwSrwSrw- TEST_DIR/837/a > +666 -rw-rw-rw- TEST_DIR/837/a > + > +Test 2 - qa_user, group-exec file finsert > +6676 -rwSrwsrw- TEST_DIR/837/a > +676 -rw-rwxrw- TEST_DIR/837/a > + > +Test 3 - qa_user, user-exec file finsert > +6766 -rwsrwSrw- TEST_DIR/837/a > +766 -rwxrw-rw- TEST_DIR/837/a > + > +Test 4 - qa_user, all-exec file finsert > +6777 -rwsrwsrwx TEST_DIR/837/a > +777 -rwxrwxrwx TEST_DIR/837/a > + > +Test 5 - root, non-exec file finsert > +6666 -rwSrwSrw- TEST_DIR/837/a > +6666 -rwSrwSrw- TEST_DIR/837/a > + > +Test 6 - root, group-exec file finsert > +6676 -rwSrwsrw- TEST_DIR/837/a > +6676 -rwSrwsrw- TEST_DIR/837/a > + > +Test 7 - root, user-exec file finsert > +6766 -rwsrwSrw- TEST_DIR/837/a > +6766 -rwsrwSrw- TEST_DIR/837/a > + > +Test 8 - root, all-exec file finsert > +6777 -rwsrwsrwx TEST_DIR/837/a > +6777 -rwsrwsrwx TEST_DIR/837/a > + > diff --git a/tests/generic/838 b/tests/generic/838 > new file mode 100755 > index 00000000..55838a8b > --- /dev/null > +++ b/tests/generic/838 > @@ -0,0 +1,127 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 838 > +# > +# Functional test for dropping suid and sgid bits as part of a fcollapse. > +# > +. ./common/preamble > +_begin_fstest auto clone quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > +. ./common/reflink > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_test > +verb=fcollapse > +_require_xfs_io_command $verb > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + _pwrite_byte 0x58 0 192k $junk_file >> $seqres.full > + sync > +} > + > +commit_and_check() { > + local user="$1" > + local command="$2" > + local start="$3" > + local end="$4" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c '$command $start $end' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +nr=0 > +# Commit to a non-exec file by an unprivileged user clears suid but > +# leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a group-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a user-exec file by an unprivileged user clears suid but > +# not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a all-exec file by an unprivileged user clears suid and > +# sgid. > +nr=$((nr + 1)) > +echo "Test $nr - qa_user, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "$qa_user" "$verb" 64k 64k > + > +# Commit to a non-exec file by root clears suid but leaves sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, non-exec file $verb" > +setup_testfile > +chmod a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a group-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, group-exec file $verb" > +setup_testfile > +chmod g+x,a+rws $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a user-exec file by root clears suid but not sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, user-exec file $verb" > +setup_testfile > +chmod u+x,a+rws,g-x $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# Commit to a all-exec file by root clears suid and sgid. > +nr=$((nr + 1)) > +echo "Test $nr - root, all-exec file $verb" > +setup_testfile > +chmod a+rwxs $junk_file > +commit_and_check "" "$verb" 64k 64k > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/838.out b/tests/generic/838.out > new file mode 100644 > index 00000000..cdc29f4b > --- /dev/null > +++ b/tests/generic/838.out > @@ -0,0 +1,33 @@ > +QA output created by 838 > +Test 1 - qa_user, non-exec file fcollapse > +6666 -rwSrwSrw- TEST_DIR/838/a > +666 -rw-rw-rw- TEST_DIR/838/a > + > +Test 2 - qa_user, group-exec file fcollapse > +6676 -rwSrwsrw- TEST_DIR/838/a > +676 -rw-rwxrw- TEST_DIR/838/a > + > +Test 3 - qa_user, user-exec file fcollapse > +6766 -rwsrwSrw- TEST_DIR/838/a > +766 -rwxrw-rw- TEST_DIR/838/a > + > +Test 4 - qa_user, all-exec file fcollapse > +6777 -rwsrwsrwx TEST_DIR/838/a > +777 -rwxrwxrwx TEST_DIR/838/a > + > +Test 5 - root, non-exec file fcollapse > +6666 -rwSrwSrw- TEST_DIR/838/a > +6666 -rwSrwSrw- TEST_DIR/838/a > + > +Test 6 - root, group-exec file fcollapse > +6676 -rwSrwsrw- TEST_DIR/838/a > +6676 -rwSrwsrw- TEST_DIR/838/a > + > +Test 7 - root, user-exec file fcollapse > +6766 -rwsrwSrw- TEST_DIR/838/a > +6766 -rwsrwSrw- TEST_DIR/838/a > + > +Test 8 - root, all-exec file fcollapse > +6777 -rwsrwsrwx TEST_DIR/838/a > +6777 -rwsrwsrwx TEST_DIR/838/a > + > diff --git a/tests/generic/839 b/tests/generic/839 > new file mode 100755 > index 00000000..14a94352 > --- /dev/null > +++ b/tests/generic/839 > @@ -0,0 +1,77 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 839 > +# > +# Functional test for dropping capability bits as part of an fallocate. > +# > +. ./common/preamble > +_begin_fstest auto prealloc quick > + > +# Override the default cleanup function. > +_cleanup() > +{ > + cd / > + rm -r -f $tmp.* $junk_dir > +} > + > +# Import common functions. > +. ./common/filter > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_user > +_require_command "$GETCAP_PROG" getcap > +_require_command "$SETCAP_PROG" setcap > +_require_xfs_io_command falloc > +_require_test > + > +junk_dir=$TEST_DIR/$seq > +junk_file=$junk_dir/a > +mkdir -p $junk_dir/ > +chmod a+rw $junk_dir/ > + > +setup_testfile() { > + rm -f $junk_file > + touch $junk_file > + chmod a+rwx $junk_file > + $SETCAP_PROG cap_setgid,cap_setuid+ep $junk_file > + sync > +} > + > +commit_and_check() { > + local user="$1" > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + _getcap -v $junk_file | _filter_test_dir > + > + local cmd="$XFS_IO_PROG -c 'falloc 0 64k' $junk_file" > + if [ -n "$user" ]; then > + su - "$user" -c "$cmd" >> $seqres.full > + else > + $SHELL -c "$cmd" >> $seqres.full > + fi > + > + stat -c '%a %A %n' $junk_file | _filter_test_dir > + _getcap -v $junk_file | _filter_test_dir > + > + # Blank line in output > + echo > +} > + > +# Commit by an unprivileged user clears capability bits. > +echo "Test 1 - qa_user" > +setup_testfile > +commit_and_check "$qa_user" > + > +# Commit by root leaves capability bits. > +echo "Test 2 - root" > +setup_testfile > +commit_and_check > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/839.out b/tests/generic/839.out > new file mode 100755 > index 00000000..f571cd26 > --- /dev/null > +++ b/tests/generic/839.out > @@ -0,0 +1,13 @@ > +QA output created by 839 > +Test 1 - qa_user > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a cap_setgid,cap_setuid=ep > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a > + > +Test 2 - root > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a cap_setgid,cap_setuid=ep > +777 -rwxrwxrwx TEST_DIR/839/a > +TEST_DIR/839/a > + > ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2022-04-19 18:41 UTC | newest] Thread overview: 9+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-03-16 3:30 [PATCHSET 0/2] fstests: new tests for kernel 5.17 Darrick J. Wong 2022-03-16 3:30 ` [PATCH 1/2] xfs: make sure syncfs(2) passes back super_operations.sync_fs errors Darrick J. Wong 2022-03-23 2:44 ` Zorro Lang 2022-03-24 21:38 ` Darrick J. Wong 2022-03-16 3:30 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong 2022-03-23 3:06 ` Zorro Lang 2022-03-26 18:07 ` Darrick J. Wong -- strict thread matches above, loose matches on Subject: below -- 2022-04-19 17:32 [PATCHSET v2 0/2] fstests: new tests for kernel 5.18 Darrick J. Wong 2022-04-19 17:32 ` [PATCH 2/2] generic: ensure we drop suid after fallocate Darrick J. Wong 2022-04-19 18:40 ` Zorro Lang
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox