Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

syscalls/{f,l,}chown: Don't pass undocumented flags to open and chmod #671

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

syscalls/{f,l,}chown: Don't pass undocumented flags to open and chmod #671

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f33aee7
syscalls/{f,l,}chown: Don't pass undocumented flags to open and chmod
mkow Apr 23, 2020
66987ed
Test ignoring of unknown bits in open/openat/openat2/chmod mode
mkow Aug 19, 2020
279f4fa
fixup! Test ignoring of unknown bits in open/openat/openat2/chmod mode
mkow Sep 22, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions testcases/kernel/syscalls/chmod/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@
/chmod05
/chmod06
/chmod07
/chmod08
64 changes: 64 additions & 0 deletions testcases/kernel/syscalls/chmod/chmod08.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
/* SPDX-License-Identifier: GPL-2.0-or-later
* Copyright (C) 2020 Invisible Things Lab
* Michał Kowalczyk <[email protected]>
*/

/*
* DESCRIPTION
* Changes file access permissions using `chmod` with bits outside of 07777 in
* `mode` set and verifies if they were ignored.
*
* WARNING
* The fact that these bits are ignored is not documented (at the time of
* writing). Failure of this test doesn't necessarily mean that a regression
* in Linux was introduced, its intention is to catch accidental interface
* changes and warn kernel developers if that happens.
*/

#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>

#include "tst_test.h"

#define OPEN_MODE 0644
#define CHMOD_MODE (0777 | ~07777)
#define TESTFILE "testfile"

void test_chmod(void)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Local functions like these should be declared static, but that is very minor.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I copied this from some other chmod test and didn't notice the problem, sorry. Should be fixed now.

{
struct stat stat_buf;

TEST(chmod(TESTFILE, CHMOD_MODE));
if (TST_RET == -1) {
tst_res(TFAIL, "chmod(%s, %#o) failed", TESTFILE, CHMOD_MODE);
}

if (stat(TESTFILE, &stat_buf) == -1) {
tst_brk(TFAIL | TTERRNO, "stat failed");
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do have a safe macros to simplify error handling. So this if () could be replaced and is equivalent to just:

SAFE_STAT(TESTFILE, &stat_buf);

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.
Should I also use SAFE_CHMOD above? From what I see these macros are used only for things which shouldn't fail / are unrelated to the test itself, because they use TBROK instead of TFAIL. So, I guess the answer is "no"?

mode_t expected = S_IFREG | (CHMOD_MODE & 07777);
if (stat_buf.st_mode == expected) {
tst_res(TPASS, "Unknown mode bits were ignored as expected",
TESTFILE, CHMOD_MODE);
} else {
tst_res(TFAIL, "%s: Incorrect mode 0%04o, expected 0%04o",
TESTFILE, stat_buf.st_mode, expected);
}
}

void setup(void)
{
int fd;

fd = SAFE_OPEN(TESTFILE, O_RDWR | O_CREAT, OPEN_MODE);
SAFE_CLOSE(fd);
}

static struct tst_test test = {
.needs_tmpdir = 1,
.setup = setup,
.test_all = test_chmod,
};
1 change: 1 addition & 0 deletions testcases/kernel/syscalls/open/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,4 @@
/open12_child
/open13
/open14
/open15
67 changes: 67 additions & 0 deletions testcases/kernel/syscalls/open/open15.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
/* SPDX-License-Identifier: GPL-2.0-or-later
* Copyright (C) 2020 Invisible Things Lab
* Michał Kowalczyk <[email protected]>
*/

/*
* DESCRIPTION
* Creates a file using `open` with bits outside of 07777 in `mode` set and
* verifies if they were ignored.
*
* WARNING
* The fact that these bits are ignored is not documented (at the time of
* writing). Failure of this test doesn't necessarily mean that a regression
* in Linux was introduced, its intention is to catch accidental interface
* changes and warn kernel developers if that happens.
*/

#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>

#include "tst_test.h"

#define TEST_FILE "testfile"

static int fd;

static struct tcase {
char *filename;
int flags;
mode_t mode;
} tcases[] = {
{TEST_FILE, O_RDWR | O_CREAT, 0644 | ~07777},
{TEST_FILE, 0, ~07777}
};

static void verify_open(unsigned int n)
{
struct tcase *tc = &tcases[n];
struct stat buf;

TEST(open(tc->filename, tc->flags, tc->mode));
fd = TST_RET;
if (fd == -1) {
tst_res(TFAIL, "Cannot open the file");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two minor things: we use TTERRNO to print errno on failure. And we usually prefer to use return than have else block (readability).

if (fd == -1) {
	tst_res(TFAIL | TTERRNO, "Cannot open the file");
	return;
}

tst_res(TPASS, "Unknown mode bits were ignored as expected");
SAFE_CLOSE(fd);

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

} else {
tst_res(TPASS, "Unknown mode bits were ignored as expected");
SAFE_CLOSE(fd);
}
}

static void setup(void)
{
}

static void cleanup(void)
{
}

static struct tst_test test = {
.tcnt = ARRAY_SIZE(tcases),
.needs_tmpdir = 1,
.setup = setup,
.cleanup = cleanup,
.test = verify_open,
};
1 change: 1 addition & 0 deletions testcases/kernel/syscalls/openat/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,4 @@
/openat02
/openat02_child
/openat03
/openat04
67 changes: 67 additions & 0 deletions testcases/kernel/syscalls/openat/openat04.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
/* SPDX-License-Identifier: GPL-2.0-or-later
* Copyright (C) 2020 Invisible Things Lab
* Michał Kowalczyk <[email protected]>
*/

/*
* DESCRIPTION
* Creates a file using `openat` with bits outside of 07777 in `mode` set and
* verifies if they were ignored.
*
* WARNING
* The fact that these bits are ignored is not documented (at the time of
* writing). Failure of this test doesn't necessarily mean that a regression
* in Linux was introduced, its intention is to catch accidental interface
* changes and warn kernel developers if that happens.
*/

#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>

#include "tst_test.h"

#define TEST_FILE "testfile"

static int fd;

static struct tcase {
char *filename;
int flags;
mode_t mode;
} tcases[] = {
{TEST_FILE, O_RDWR | O_CREAT, 0644 | ~07777},
{TEST_FILE, 0, ~07777}
};

static void verify_open(unsigned int n)
{
struct tcase *tc = &tcases[n];
struct stat buf;

TEST(openat(AT_FDCWD, tc->filename, tc->flags, tc->mode));
fd = TST_RET;
if (fd == -1) {
tst_res(TFAIL, "Cannot open the file");
} else {
tst_res(TPASS, "Unknown mode bits were ignored as expected");
SAFE_CLOSE(fd);
}
}

static void setup(void)
{
}

static void cleanup(void)
{
}

static struct tst_test test = {
.tcnt = ARRAY_SIZE(tcases),
.needs_tmpdir = 1,
.setup = setup,
.cleanup = cleanup,
.test = verify_open,
};
7 changes: 4 additions & 3 deletions testcases/kernel/syscalls/openat2/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
openat201
openat202
openat203
/openat201
/openat202
/openat203
/openat204
68 changes: 68 additions & 0 deletions testcases/kernel/syscalls/openat2/openat204.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
/* SPDX-License-Identifier: GPL-2.0-or-later
* Copyright (C) 2020 Invisible Things Lab
* Michał Kowalczyk <[email protected]>
*/

/*
* DESCRIPTION
* Creates a file using `openat2` with bits outside of 07777 in `mode` set and
* verifies if they were ignored.
*
* WARNING
* The fact that these bits are ignored is not documented (at the time of
* writing). Failure of this test doesn't necessarily mean that a regression
* in Linux was introduced, its intention is to catch accidental interface
* changes and warn kernel developers if that happens.
*/

#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>

#include "tst_test.h"
#include "lapi/openat2.h"

#define TEST_FILE "testfile"

static int fd;

static struct tcase {
char *filename;
int flags;
mode_t mode;
} tcases[] = {
{TEST_FILE, O_RDWR | O_CREAT, 0644 | ~07777},
{TEST_FILE, 0, ~07777}
};

static void verify_open(unsigned int n)
{
struct tcase *tc = &tcases[n];
struct stat buf;

TEST(openat2(AT_FDCWD, tc->filename, tc->flags, tc->mode));
fd = TST_RET;
if (fd == -1) {
tst_res(TFAIL, "Cannot open the file");
} else {
tst_res(TPASS, "Unknown mode bits were ignored as expected");
SAFE_CLOSE(fd);
}
}

static void setup(void)
{
}

static void cleanup(void)
{
}

static struct tst_test test = {
.tcnt = ARRAY_SIZE(tcases),
.needs_tmpdir = 1,
.setup = setup,
.cleanup = cleanup,
.test = verify_open,
};