From patchwork Fri Jan 7 14:44:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12706721 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E3D4C433FE for ; Fri, 7 Jan 2022 14:44:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239550AbiAGOow (ORCPT ); Fri, 7 Jan 2022 09:44:52 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:41640 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347786AbiAGOov (ORCPT ); Fri, 7 Jan 2022 09:44:51 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 8DB95B82658 for ; Fri, 7 Jan 2022 14:44:50 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 25A74C36AED; Fri, 7 Jan 2022 14:44:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641566689; bh=yiHZekh+My6I6Dsr7qCrnGaPbHwXRJKPt2BzIh/KqCE=; h=From:To:Cc:Subject:Date:From; b=kqd98Gg+z2BWF7rK1hZVGg9AQs0CCzKzcCNvkfdoxPqhpl6xRvmVGECWzKkNy8jwL nk8DM8bfJKK4LhI2pMDHMtqzGmQbH0+q3lsnulu8uuSjvpqIBpdhVW7iqXgz253b7N a/fgAGASYmZSZLpyBlnyTvcA2IcVlGTYwDbvMT0uZ3Hkdyf7iDROKSy+Vbsq9I6BJJ smTcI2xFq6tE/C2b89hb3f/uMj5ESrnkd7c1VSyJZn9tGLnuVY2hXHlbqrqprTIVPk iXFnax9RQHXF+R6LEhxdV1Gd+QqUf6nHtQhqVfv+R3MBT5JVYKXJt1Yzjbm9YRYFog cgCkodq0RUS7A== From: Christian Brauner To: fstests@vger.kernel.org, Eryu Guan Cc: Christoph Hellwig , Seth Forshee , Christian Brauner , Seth Forshee , Eryu Guan Subject: [PATCH 1/3] idmapped-mounts: remove redundant fchownat() call in setgid tests Date: Fri, 7 Jan 2022 15:44:34 +0100 Message-Id: <20220107144436.332389-1-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=989; h=from:subject; bh=7lW0Hrl8ZzgXRWZJ9lwIG+B4TE+8J9GF0NFhmhtvsqE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTeCHTe4LRtW8PzHh31JMbJijtW8bQxXgw4KX57eursD3bH D1063FHKwiDGxSArpsji0G4SLrecp2KzUaYGzBxWJpAhDFycAjCRj9IMfzi23PyjFLG08U+C9TRP37 sLNBSnndaM3zVjqZNI9Z+0DBZGhl3zdp1JKG+Jv3dV9/C128xRju/LvjL3TF1fI9WqdmCFJicA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org From: Christian Brauner There's another call to fchownat() right above it so we really don't need the second one. Cc: Seth Forshee Cc: Eryu Guan Cc: Christoph Hellwig Cc: fstests@vger.kernel.org Signed-off-by: Christian Brauner --- src/idmapped-mounts/idmapped-mounts.c | 5 ----- 1 file changed, 5 deletions(-) base-commit: 770f462e17e52c4b2bc026fd707ad01fcce95f32 diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index da690779..56b26b0c 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -8133,11 +8133,6 @@ static int setgid_create_idmapped_in_userns(void) goto out; } - if (fchownat(t_dir1_fd, "", -1, 1000, AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) { - log_stderr("failure: fchownat"); - goto out; - } - pid = fork(); if (pid < 0) { log_stderr("failure: fork"); From patchwork Fri Jan 7 14:44:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12706722 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8CA68C433EF for ; Fri, 7 Jan 2022 14:44:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347786AbiAGOoy (ORCPT ); Fri, 7 Jan 2022 09:44:54 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:41670 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347793AbiAGOox (ORCPT ); Fri, 7 Jan 2022 09:44:53 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id DAEEAB82659 for ; Fri, 7 Jan 2022 14:44:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C763DC36AE5; Fri, 7 Jan 2022 14:44:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641566691; bh=fogR077sG3Lc2j2QONsMgfRRejDc1qABhL30nNE/MMs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rQSImyfNA0BSYm7rb3V1YeDNIl0v1mWl7Dk0MAUTGxosaEd/wqZvyH2Q3Qxs44vA4 eJZQ1LkeHOy2FN4wBH0XRO3+z5n1mfrRjMRzU1ZJSbwyhWEjxuvRXbYzpAx+0JrRDV X4IbyG+n/ePvc4xVEkP7J5gOh9GCi1SMtAABgfIEaEF4GZdnQmknTd1t/L4nQni8sp t2zkaqnl5M72zC7yQN40ate8FPW1gM2heYZgELVqMHOkN+Y65fCy9bPRzStwai/38h v8e++0M6PccTj/PJI1EpVsJLM1g1NP7PC4HFSbFiBK6STpC31jZZYGCfM1mRpRYOFr mfGh7TOsAsJKg== From: Christian Brauner To: fstests@vger.kernel.org, Eryu Guan Cc: Christoph Hellwig , Seth Forshee , Christian Brauner , Seth Forshee , Eryu Guan Subject: [PATCH 2/3] idmapped-mounts: add more explanations to setgid tests Date: Fri, 7 Jan 2022 15:44:35 +0100 Message-Id: <20220107144436.332389-2-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220107144436.332389-1-brauner@kernel.org> References: <20220107144436.332389-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2204; h=from:subject; bh=IiZHEqRKjAUBu+B0IkVdkhhq9ET1SHb/rELVE2lp2yo=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTeCHRJs5P3SBQMtHdU+uRcweiX1cVxMn1hwFS1i8edM5Tu dVZ0lLIwiHExyIopsji0m4TLLeep2GyUqQEzh5UJZAgDF6cATCR7HiPDnZ1vP9c0bTGNmaJ8PFWEY2 PCvhVmS70fPFFTeHl8S2DzJoZ/uvfvnhHaaNE077J6jqbb2YcXa11/L9u2ZsNUS7E7X/9wcwEA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org From: Christian Brauner The explanations before were a bit thin and people not familiar with setgid inheritance might get confused. Make it easier to understand the tests. Cc: Seth Forshee Cc: Eryu Guan Cc: Christoph Hellwig Cc: fstests@vger.kernel.org Signed-off-by: Christian Brauner --- src/idmapped-mounts/idmapped-mounts.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index 56b26b0c..c53e1942 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -8128,6 +8128,14 @@ static int setgid_create_idmapped_in_userns(void) if (wait_for_pid(pid)) goto out; + /* + * Below we verify that setgid inheritance for a newly created file or + * directory works correctly. As part of this we need to verify that + * newly created files or directories inherit their gid from their + * parent directory. So we change the parent directorie's gid to 1000 + * and create a file with fs{g,u}id 0 and verify that the newly created + * file and directory inherit gid 1000, not 0. + */ if (fchownat(t_dir1_fd, "", -1, 1000, AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) { log_stderr("failure: fchownat"); goto out; @@ -8172,12 +8180,19 @@ static int setgid_create_idmapped_in_userns(void) die("failure: is_setgid"); } - /* Files and directories created in setgid directories inherit - * the i_gid of the parent directory. + /* + * In setgid directories newly created files always inherit the + * gid from the parent directory. Verify that the file is owned + * by gid 1000, not by gid 0. */ if (!expected_uid_gid(open_tree_fd, FILE1, 0, 0, 1000)) die("failure: check ownership"); + /* + * In setgid directories newly created directories always + * inherit the gid from the parent directory. Verify that the + * directory is owned by gid 1000, not by gid 0. + */ if (!expected_uid_gid(open_tree_fd, DIR1, 0, 0, 1000)) die("failure: check ownership"); From patchwork Fri Jan 7 14:44:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12706723 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4CA23C433F5 for ; Fri, 7 Jan 2022 14:44:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347814AbiAGOo5 (ORCPT ); Fri, 7 Jan 2022 09:44:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48018 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347804AbiAGOo4 (ORCPT ); Fri, 7 Jan 2022 09:44:56 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61E79C061574 for ; Fri, 7 Jan 2022 06:44:56 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 0E7BCB82659 for ; Fri, 7 Jan 2022 14:44:55 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1FEDBC36AED; Fri, 7 Jan 2022 14:44:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641566693; bh=nIh6oMYtp+0XCuPddcVyHt75yBc9TxPk1NSInWN2o7M=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OWYNTJ5PrddCqYJ09BkGn4KHsD6M8QZgDkqkao1evSzGiVgXxaToF57fgvHdC7MQF HlsGwLuyLFYW9XD41ekYtLSenmuH+bqx865K27VYw8OSNpn7CcDtF6cvcUHbOyUfUy 7CiUmI1XyvY7AJSYCdiXaBTMhw+mYp0DU/7mkvlEVvV8fLKtMJXJVPQWYp2bTiiotG SUBhnbx7p9Z36MH7E7vdwIqWqOhQY9vFsEIsZz+ortJXWGnnFo5BnwzTube7SJ4vfJ yVCS7xtM1+gzef0aj7QDedcwaBtmphF/cayN3K/wsoyPIRj3pQIjuKNDC0IG5PcDIp Yd4zcBExf0zVw== From: Christian Brauner To: fstests@vger.kernel.org, Eryu Guan Cc: Christoph Hellwig , Seth Forshee , Christian Brauner , Seth Forshee , Eryu Guan Subject: [PATCH 3/3] idmapped-mounts: add missing ownership comparisons to setgid tests Date: Fri, 7 Jan 2022 15:44:36 +0100 Message-Id: <20220107144436.332389-3-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220107144436.332389-1-brauner@kernel.org> References: <20220107144436.332389-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2688; h=from:subject; bh=Dvm4J26iaMUHiutmbxTVaNPUnTqcjoc2NBXHQF76cLE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTeCHSZN8n9zqZ/h35Kigte6e1arpfQN7Xv9ZN1D86GJj2Y u2EmY0cpC4MYF4OsmCKLQ7tJuNxynorNRpkaMHNYmUCGMHBxCsBEnvoy/FMPXbfrf4b7Hssmj1e3RC q/TeT+635xpe/ejpm3+PKXfuNk+B/e7XZm1/vN184mMj40fRRXN4/v8q4D/9KmvJH3j1ls0sYCAA== X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org From: Christian Brauner In some setgid tests we missed to check ownership right after file or directory creation in order to verify whether gid ownership inheritance from the parent directory to the newly created file or directory works correctly. Add the missing ones. Cc: Seth Forshee Cc: Eryu Guan Cc: Christoph Hellwig Cc: fstests@vger.kernel.org Signed-off-by: Christian Brauner --- src/idmapped-mounts/idmapped-mounts.c | 38 +++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index c53e1942..a5c0a983 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -7863,6 +7863,12 @@ static int setgid_create(void) if (!is_setgid(t_dir1_fd, DIR1, 0)) die("failure: is_setgid"); + if (!expected_uid_gid(t_dir1_fd, FILE1, 0, 0, 0)) + die("failure: check ownership"); + + if (!expected_uid_gid(t_dir1_fd, DIR1, 0, 0, 0)) + die("failure: check ownership"); + if (unlinkat(t_dir1_fd, FILE1, 0)) die("failure: delete"); @@ -7911,6 +7917,22 @@ static int setgid_create(void) die("failure: is_setgid"); } + /* + * In setgid directories newly created files always inherit the + * gid from the parent directory. Verify that the file is owned + * by gid 0, not by gid 10000. + */ + if (!expected_uid_gid(t_dir1_fd, FILE1, 0, 0, 0)) + die("failure: check ownership"); + + /* + * In setgid directories newly created directories always + * inherit the gid from the parent directory. Verify that the + * directory is owned by gid 0, not by gid 10000. + */ + if (!expected_uid_gid(t_dir1_fd, DIR1, 0, 0, 0)) + die("failure: check ownership"); + exit(EXIT_SUCCESS); } if (wait_for_pid(pid)) @@ -8013,6 +8035,22 @@ static int setgid_create_idmapped(void) die("failure: is_setgid"); } + /* + * In setgid directories newly created files always inherit the + * gid from the parent directory. Verify that the file is owned + * by gid 10000, not by gid 11000. + */ + if (!expected_uid_gid(open_tree_fd, FILE1, 0, 10000, 10000)) + die("failure: check ownership"); + + /* + * In setgid directories newly created directories always + * inherit the gid from the parent directory. Verify that the + * directory is owned by gid 10000, not by gid 11000. + */ + if (!expected_uid_gid(open_tree_fd, DIR1, 0, 10000, 10000)) + die("failure: check ownership"); + exit(EXIT_SUCCESS); } if (wait_for_pid(pid))