| Message ID | 164971768834.169983.11537125892654404197.stgit@magnolia (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | fstests: new tests for kernel 5.18 | expand |
On Mon, Apr 11, 2022 at 03:54:48PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <djwong@kernel.org> > > Add a regression test to make sure that unprivileged userspace linking > into a directory fails with EDQUOT when the directory quota limits have > been exceeded. > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > --- > tests/generic/832 | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ > tests/generic/832.out | 3 ++ > 2 files changed, 70 insertions(+) > create mode 100755 tests/generic/832 > create mode 100644 tests/generic/832.out > > > diff --git a/tests/generic/832 b/tests/generic/832 > new file mode 100755 > index 00000000..1190b795 > --- /dev/null > +++ b/tests/generic/832 > @@ -0,0 +1,67 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright (c) 2022 Oracle. All Rights Reserved. > +# > +# FS QA Test No. 832 > +# > +# Ensure that unprivileged userspace hits EDQUOT while linking files into a > +# directory when the directory's quota limits have been exceeded. > +# > +# Regression test for commit: > +# > +# 871b9316e7a7 ("xfs: reserve quota for dir expansion when linking/unlinking files") > +# > +. ./common/preamble > +_begin_fstest auto quick quota > + > +# Import common functions. > +. ./common/filter > +. ./common/quota > + > +# real QA test starts here > + > +# Modify as appropriate. > +_supported_fs generic > +_require_quota > +_require_user > +_require_scratch > + > +_scratch_mkfs > "$seqres.full" 2>&1 > +_qmount_option usrquota > +_qmount > + > +blocksize=$(_get_block_size $SCRATCH_MNT) > +scratchdir=$SCRATCH_MNT/dir > +scratchfile=$SCRATCH_MNT/file > +mkdir $scratchdir > +touch $scratchfile > + > +# Create a 2-block directory for our 1-block quota limit > +total_size=$((blocksize * 2)) > +dirents=$((total_size / 255)) > + > +for ((i = 0; i < dirents; i++)); do > + name=$(printf "x%0254d" $i) > + ln $scratchfile $scratchdir/$name > +done > + > +# Set a low quota hardlimit for an unprivileged uid and chown the files to it > +echo "set up quota" >> $seqres.full > +setquota -u $qa_user 0 "$((blocksize / 1024))" 0 0 $SCRATCH_MNT > +chown $qa_user $scratchdir $scratchfile > +repquota -upn $SCRATCH_MNT >> $seqres.full > + > +# Fail at appending the directory as qa_user to ensure quota enforcement works > +echo "fail quota" >> $seqres.full > +for ((i = 0; i < dirents; i++)); do > + name=$(printf "y%0254d" $i) > + su - "$qa_user" -c "ln $scratchfile $scratchdir/$name" 2>&1 | \ All looks good to me. Only one question about this "su -". Is the "-" necessary? I checked all cases in fstests, no one use "--login" when try to su to $qa_user. I'm not sure if "login $qa_user" will affect the testing, I just know it affect environment variables. Thanks, Zorro > + _filter_scratch | sed -e 's/y[0-9]*/yXXX/g' > + test "${PIPESTATUS[0]}" -ne 0 && break > +done > +repquota -upn $SCRATCH_MNT >> $seqres.full > + > +# success, all done > +echo Silence is golden > +status=0 > +exit > diff --git a/tests/generic/832.out b/tests/generic/832.out > new file mode 100644 > index 00000000..593afe8b > --- /dev/null > +++ b/tests/generic/832.out > @@ -0,0 +1,3 @@ > +QA output created by 832 > +ln: failed to create hard link 'SCRATCH_MNT/dir/yXXX': Disk quota exceeded > +Silence is golden >
On Wed, Apr 13, 2022 at 01:17:23AM +0800, Zorro Lang wrote: > On Mon, Apr 11, 2022 at 03:54:48PM -0700, Darrick J. Wong wrote: > > From: Darrick J. Wong <djwong@kernel.org> > > > > Add a regression test to make sure that unprivileged userspace linking > > into a directory fails with EDQUOT when the directory quota limits have > > been exceeded. > > > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > > --- > > tests/generic/832 | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ > > tests/generic/832.out | 3 ++ > > 2 files changed, 70 insertions(+) > > create mode 100755 tests/generic/832 > > create mode 100644 tests/generic/832.out > > > > > > diff --git a/tests/generic/832 b/tests/generic/832 > > new file mode 100755 > > index 00000000..1190b795 > > --- /dev/null > > +++ b/tests/generic/832 > > @@ -0,0 +1,67 @@ > > +#! /bin/bash > > +# SPDX-License-Identifier: GPL-2.0 > > +# Copyright (c) 2022 Oracle. All Rights Reserved. > > +# > > +# FS QA Test No. 832 > > +# > > +# Ensure that unprivileged userspace hits EDQUOT while linking files into a > > +# directory when the directory's quota limits have been exceeded. > > +# > > +# Regression test for commit: > > +# > > +# 871b9316e7a7 ("xfs: reserve quota for dir expansion when linking/unlinking files") > > +# > > +. ./common/preamble > > +_begin_fstest auto quick quota > > + > > +# Import common functions. > > +. ./common/filter > > +. ./common/quota > > + > > +# real QA test starts here > > + > > +# Modify as appropriate. > > +_supported_fs generic > > +_require_quota > > +_require_user > > +_require_scratch > > + > > +_scratch_mkfs > "$seqres.full" 2>&1 > > +_qmount_option usrquota > > +_qmount > > + > > +blocksize=$(_get_block_size $SCRATCH_MNT) > > +scratchdir=$SCRATCH_MNT/dir > > +scratchfile=$SCRATCH_MNT/file > > +mkdir $scratchdir > > +touch $scratchfile > > + > > +# Create a 2-block directory for our 1-block quota limit > > +total_size=$((blocksize * 2)) > > +dirents=$((total_size / 255)) > > + > > +for ((i = 0; i < dirents; i++)); do > > + name=$(printf "x%0254d" $i) > > + ln $scratchfile $scratchdir/$name > > +done > > + > > +# Set a low quota hardlimit for an unprivileged uid and chown the files to it > > +echo "set up quota" >> $seqres.full > > +setquota -u $qa_user 0 "$((blocksize / 1024))" 0 0 $SCRATCH_MNT > > +chown $qa_user $scratchdir $scratchfile > > +repquota -upn $SCRATCH_MNT >> $seqres.full > > + > > +# Fail at appending the directory as qa_user to ensure quota enforcement works > > +echo "fail quota" >> $seqres.full > > +for ((i = 0; i < dirents; i++)); do > > + name=$(printf "y%0254d" $i) > > + su - "$qa_user" -c "ln $scratchfile $scratchdir/$name" 2>&1 | \ > > All looks good to me. Only one question about this "su -". Is the "-" necessary? > I checked all cases in fstests, no one use "--login" when try to su to $qa_user. > I'm not sure if "login $qa_user" will affect the testing, I just know it affect > environment variables. It's not strictly necessary since it's unlikely that qa_user="-luser", but it seems like a Good Idea to prevent su cli option injection attacks. --D > Thanks, > Zorro > > > + _filter_scratch | sed -e 's/y[0-9]*/yXXX/g' > > + test "${PIPESTATUS[0]}" -ne 0 && break > > +done > > +repquota -upn $SCRATCH_MNT >> $seqres.full > > + > > +# success, all done > > +echo Silence is golden > > +status=0 > > +exit > > diff --git a/tests/generic/832.out b/tests/generic/832.out > > new file mode 100644 > > index 00000000..593afe8b > > --- /dev/null > > +++ b/tests/generic/832.out > > @@ -0,0 +1,3 @@ > > +QA output created by 832 > > +ln: failed to create hard link 'SCRATCH_MNT/dir/yXXX': Disk quota exceeded > > +Silence is golden > > >
On Tue, Apr 12, 2022 at 10:52:56AM -0700, Darrick J. Wong wrote: > On Wed, Apr 13, 2022 at 01:17:23AM +0800, Zorro Lang wrote: > > On Mon, Apr 11, 2022 at 03:54:48PM -0700, Darrick J. Wong wrote: > > > From: Darrick J. Wong <djwong@kernel.org> > > > > > > Add a regression test to make sure that unprivileged userspace linking > > > into a directory fails with EDQUOT when the directory quota limits have > > > been exceeded. > > > > > > Signed-off-by: Darrick J. Wong <djwong@kernel.org> > > > --- > > > tests/generic/832 | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ > > > tests/generic/832.out | 3 ++ > > > 2 files changed, 70 insertions(+) > > > create mode 100755 tests/generic/832 > > > create mode 100644 tests/generic/832.out > > > > > > > > > diff --git a/tests/generic/832 b/tests/generic/832 > > > new file mode 100755 > > > index 00000000..1190b795 > > > --- /dev/null > > > +++ b/tests/generic/832 > > > @@ -0,0 +1,67 @@ > > > +#! /bin/bash > > > +# SPDX-License-Identifier: GPL-2.0 > > > +# Copyright (c) 2022 Oracle. All Rights Reserved. > > > +# > > > +# FS QA Test No. 832 > > > +# > > > +# Ensure that unprivileged userspace hits EDQUOT while linking files into a > > > +# directory when the directory's quota limits have been exceeded. > > > +# > > > +# Regression test for commit: > > > +# > > > +# 871b9316e7a7 ("xfs: reserve quota for dir expansion when linking/unlinking files") > > > +# > > > +. ./common/preamble > > > +_begin_fstest auto quick quota > > > + > > > +# Import common functions. > > > +. ./common/filter > > > +. ./common/quota > > > + > > > +# real QA test starts here > > > + > > > +# Modify as appropriate. > > > +_supported_fs generic > > > +_require_quota > > > +_require_user > > > +_require_scratch > > > + > > > +_scratch_mkfs > "$seqres.full" 2>&1 > > > +_qmount_option usrquota > > > +_qmount > > > + > > > +blocksize=$(_get_block_size $SCRATCH_MNT) > > > +scratchdir=$SCRATCH_MNT/dir > > > +scratchfile=$SCRATCH_MNT/file > > > +mkdir $scratchdir > > > +touch $scratchfile > > > + > > > +# Create a 2-block directory for our 1-block quota limit > > > +total_size=$((blocksize * 2)) > > > +dirents=$((total_size / 255)) > > > + > > > +for ((i = 0; i < dirents; i++)); do > > > + name=$(printf "x%0254d" $i) > > > + ln $scratchfile $scratchdir/$name > > > +done > > > + > > > +# Set a low quota hardlimit for an unprivileged uid and chown the files to it > > > +echo "set up quota" >> $seqres.full > > > +setquota -u $qa_user 0 "$((blocksize / 1024))" 0 0 $SCRATCH_MNT > > > +chown $qa_user $scratchdir $scratchfile > > > +repquota -upn $SCRATCH_MNT >> $seqres.full > > > + > > > +# Fail at appending the directory as qa_user to ensure quota enforcement works > > > +echo "fail quota" >> $seqres.full > > > +for ((i = 0; i < dirents; i++)); do > > > + name=$(printf "y%0254d" $i) > > > + su - "$qa_user" -c "ln $scratchfile $scratchdir/$name" 2>&1 | \ > > > > All looks good to me. Only one question about this "su -". Is the "-" necessary? > > I checked all cases in fstests, no one use "--login" when try to su to $qa_user. > > I'm not sure if "login $qa_user" will affect the testing, I just know it affect > > environment variables. > > It's not strictly necessary since it's unlikely that qa_user="-luser", > but it seems like a Good Idea to prevent su cli option injection > attacks. Thanks for your understanding :) Eryu of me (after I get push permission) will help to remove the little "-" when merge it. Reviewed-by: Zorro Lang <zlang@redhat.com> Thanks, Zorro > > --D > > > Thanks, > > Zorro > > > > > + _filter_scratch | sed -e 's/y[0-9]*/yXXX/g' > > > + test "${PIPESTATUS[0]}" -ne 0 && break > > > +done > > > +repquota -upn $SCRATCH_MNT >> $seqres.full > > > + > > > +# success, all done > > > +echo Silence is golden > > > +status=0 > > > +exit > > > diff --git a/tests/generic/832.out b/tests/generic/832.out > > > new file mode 100644 > > > index 00000000..593afe8b > > > --- /dev/null > > > +++ b/tests/generic/832.out > > > @@ -0,0 +1,3 @@ > > > +QA output created by 832 > > > +ln: failed to create hard link 'SCRATCH_MNT/dir/yXXX': Disk quota exceeded > > > +Silence is golden > > > > > >
diff --git a/tests/generic/832 b/tests/generic/832 new file mode 100755 index 00000000..1190b795 --- /dev/null +++ b/tests/generic/832 @@ -0,0 +1,67 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Oracle. All Rights Reserved. +# +# FS QA Test No. 832 +# +# Ensure that unprivileged userspace hits EDQUOT while linking files into a +# directory when the directory's quota limits have been exceeded. +# +# Regression test for commit: +# +# 871b9316e7a7 ("xfs: reserve quota for dir expansion when linking/unlinking files") +# +. ./common/preamble +_begin_fstest auto quick quota + +# Import common functions. +. ./common/filter +. ./common/quota + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_quota +_require_user +_require_scratch + +_scratch_mkfs > "$seqres.full" 2>&1 +_qmount_option usrquota +_qmount + +blocksize=$(_get_block_size $SCRATCH_MNT) +scratchdir=$SCRATCH_MNT/dir +scratchfile=$SCRATCH_MNT/file +mkdir $scratchdir +touch $scratchfile + +# Create a 2-block directory for our 1-block quota limit +total_size=$((blocksize * 2)) +dirents=$((total_size / 255)) + +for ((i = 0; i < dirents; i++)); do + name=$(printf "x%0254d" $i) + ln $scratchfile $scratchdir/$name +done + +# Set a low quota hardlimit for an unprivileged uid and chown the files to it +echo "set up quota" >> $seqres.full +setquota -u $qa_user 0 "$((blocksize / 1024))" 0 0 $SCRATCH_MNT +chown $qa_user $scratchdir $scratchfile +repquota -upn $SCRATCH_MNT >> $seqres.full + +# Fail at appending the directory as qa_user to ensure quota enforcement works +echo "fail quota" >> $seqres.full +for ((i = 0; i < dirents; i++)); do + name=$(printf "y%0254d" $i) + su - "$qa_user" -c "ln $scratchfile $scratchdir/$name" 2>&1 | \ + _filter_scratch | sed -e 's/y[0-9]*/yXXX/g' + test "${PIPESTATUS[0]}" -ne 0 && break +done +repquota -upn $SCRATCH_MNT >> $seqres.full + +# success, all done +echo Silence is golden +status=0 +exit diff --git a/tests/generic/832.out b/tests/generic/832.out new file mode 100644 index 00000000..593afe8b --- /dev/null +++ b/tests/generic/832.out @@ -0,0 +1,3 @@ +QA output created by 832 +ln: failed to create hard link 'SCRATCH_MNT/dir/yXXX': Disk quota exceeded +Silence is golden