From patchwork Fri Jan 7 14:58:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12706760 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9783FC433FE for ; Fri, 7 Jan 2022 14:58:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347928AbiAGO6a (ORCPT ); Fri, 7 Jan 2022 09:58:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51158 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347927AbiAGO63 (ORCPT ); Fri, 7 Jan 2022 09:58:29 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A4AFEC061574 for ; Fri, 7 Jan 2022 06:58:29 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 44A286155E for ; Fri, 7 Jan 2022 14:58:29 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1DFD6C36AE0; Fri, 7 Jan 2022 14:58:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641567508; bh=UqiTKUFe4ld9bkGtzzNrxwwqczDoc/0mCPFR43LJycw=; h=From:To:Cc:Subject:Date:From; b=dN5Dr7oE1CqSN/lciw42zGQwtE871jsd0F3QvMQ/97d79lw1oh2thqekRCASpmt72 IclxCGnDX91L4BUhTPDL9KwWnEHUcrA/pPNRjzTaiIl2lKf2PsSTNQtomMqkqjMf8V HXn3sLSaxEg8KCNZi7YiGdaWPr9X6CvnRrZGujuu9VrMGBdDehBp0SHbn6i9Ey2ySN 2jH8Mvf9YUNSgxNRGdV+OD7CiOIOnsOsLz5XZ0L1ELEtGa9zhXoguSILCPacUozrXH /ncwsFWn8hZTDeJEnK8qA21ml/YEWip5RchYzc9T7YAObu+GZtKzaNMaLoq83p3kCJ iC7tLIVmoVpVw== From: Christian Brauner To: fstests@vger.kernel.org, Eryu Guan Cc: Christoph Hellwig , Seth Forshee , Christian Brauner , Eryu Guan Subject: [PATCH 1/3] idmapped-mounts: remove redundant fchownat() call in setgid tests Date: Fri, 7 Jan 2022 15:58:16 +0100 Message-Id: <20220107145818.336126-1-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1090; h=from:subject; bh=UqiTKUFe4ld9bkGtzzNrxwwqczDoc/0mCPFR43LJycw=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTeCGX2SN2hvPg+zwcOm7wzjaocCh72i9etFFHoEP3T+eji 2tYtHaUsDGJcDLJiiiwO7Sbhcst5KjYbZWrAzGFlAhnCwMUpABNpEGZkWBfPL7BmCe9U5/kOV48Vvl Hb2BnKHduz461UpODBw4qnMhn+1548ZrtR1frU4q2K5pc67/T89v1zb96zDaL7n53qn5mUzAoA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org There's another call to fchownat() right above it so we really don't need the second one. Cc: Seth Forshee Cc: Eryu Guan Cc: Christoph Hellwig Cc: fstests@vger.kernel.org Signed-off-by: Christian Brauner Reviewed-by: Christoph Hellwig --- /* v2 */ - Christian Brauner : - fix Seth's mail address in commit message --- src/idmapped-mounts/idmapped-mounts.c | 5 ----- 1 file changed, 5 deletions(-) base-commit: 770f462e17e52c4b2bc026fd707ad01fcce95f32 diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index da690779..56b26b0c 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -8133,11 +8133,6 @@ static int setgid_create_idmapped_in_userns(void) goto out; } - if (fchownat(t_dir1_fd, "", -1, 1000, AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) { - log_stderr("failure: fchownat"); - goto out; - } - pid = fork(); if (pid < 0) { log_stderr("failure: fork"); From patchwork Fri Jan 7 14:58:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12706761 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 72A7DC433F5 for ; Fri, 7 Jan 2022 14:58:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239604AbiAGO6g (ORCPT ); Fri, 7 Jan 2022 09:58:36 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:45738 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347934AbiAGO6c (ORCPT ); Fri, 7 Jan 2022 09:58:32 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id B6BDDB8265C for ; Fri, 7 Jan 2022 14:58:31 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 208B5C36AEB; Fri, 7 Jan 2022 14:58:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641567510; bh=+im/UKgTLrAy3fEKhG0H6CyKiWB0+pSbQcE1/3MDqpQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lpHuTm+3AwtJP8Jl7BaYntWTBUmX894Y1MifU4mr6L349Ibxb/3KI2HzqSwk/Jea1 n6r48cr1nV43eNVMkrVTN9c8nO5Axtl3+V5G+gD144wQchrSU9mS/AB9QXKE8nD4ad NdJkfm/ygNCgFPxPgF5eR2m6kMPuEos3KPh8CFNUqN7/ISJKoUDi7j89Wqj1Uathfj ufNPHHQWuf9uIKKp5leUL7yp3ofUqXmkrAkjR+ld9Hd2ke25pRdVhbhAlTUT2ay5Rj AwhOzqyaW1H4syggirsEWsPjHtbduwDAzSvylyn3gWyoTnHjP1eMwUFEB73QQSs0Yt ubL/8CXBi/+ug== From: Christian Brauner To: fstests@vger.kernel.org, Eryu Guan Cc: Christoph Hellwig , Seth Forshee , Christian Brauner , Eryu Guan Subject: [PATCH 2/3] idmapped-mounts: add more explanations to setgid tests Date: Fri, 7 Jan 2022 15:58:17 +0100 Message-Id: <20220107145818.336126-2-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220107145818.336126-1-brauner@kernel.org> References: <20220107145818.336126-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2305; h=from:subject; bh=+im/UKgTLrAy3fEKhG0H6CyKiWB0+pSbQcE1/3MDqpQ=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTeCGV22sR0YOXSdeuT42O/Rx+1n5ZpmMys2HzL3/hi1JQT CVkfO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACby7DMjw4Lvqzef6fV/tLkznyXws4 er/j+N36lbFvE/WdbVN9ePLYrhf3KaYvB63h0f/Lmrrr7/uarqyW+FEusMOSFpjZf8Qv8msQMA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org The explanations before were a bit thin and people not familiar with setgid inheritance might get confused. Make it easier to understand the tests. Cc: Seth Forshee Cc: Eryu Guan Cc: Christoph Hellwig Cc: fstests@vger.kernel.org Signed-off-by: Christian Brauner Reviewed-by: Christoph Hellwig --- /* v2 */ - Christian Brauner : - fix Seth's mail address in commit message --- src/idmapped-mounts/idmapped-mounts.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index 56b26b0c..c53e1942 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -8128,6 +8128,14 @@ static int setgid_create_idmapped_in_userns(void) if (wait_for_pid(pid)) goto out; + /* + * Below we verify that setgid inheritance for a newly created file or + * directory works correctly. As part of this we need to verify that + * newly created files or directories inherit their gid from their + * parent directory. So we change the parent directorie's gid to 1000 + * and create a file with fs{g,u}id 0 and verify that the newly created + * file and directory inherit gid 1000, not 0. + */ if (fchownat(t_dir1_fd, "", -1, 1000, AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) { log_stderr("failure: fchownat"); goto out; @@ -8172,12 +8180,19 @@ static int setgid_create_idmapped_in_userns(void) die("failure: is_setgid"); } - /* Files and directories created in setgid directories inherit - * the i_gid of the parent directory. + /* + * In setgid directories newly created files always inherit the + * gid from the parent directory. Verify that the file is owned + * by gid 1000, not by gid 0. */ if (!expected_uid_gid(open_tree_fd, FILE1, 0, 0, 1000)) die("failure: check ownership"); + /* + * In setgid directories newly created directories always + * inherit the gid from the parent directory. Verify that the + * directory is owned by gid 1000, not by gid 0. + */ if (!expected_uid_gid(open_tree_fd, DIR1, 0, 0, 1000)) die("failure: check ownership"); From patchwork Fri Jan 7 14:58:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12706762 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15BE9C433EF for ; Fri, 7 Jan 2022 14:58:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347927AbiAGO6i (ORCPT ); Fri, 7 Jan 2022 09:58:38 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:60396 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347935AbiAGO6e (ORCPT ); Fri, 7 Jan 2022 09:58:34 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1977061EF7 for ; Fri, 7 Jan 2022 14:58:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0C485C36AEF; Fri, 7 Jan 2022 14:58:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641567512; bh=Czg7uLOahRnQpkQfPkGqyhzGbB9ON78W/OEF3TcayI8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hpuN/pEqnBE8AcKz1bzbWHQbtvx9vX8YnXmSTwb3Zr55ZajYGJbSbd+CDJKuKaQEQ 6G5TQOE/Rg99zlRzOqBmwSx3nrbNkJ+uzr9r10wMfSRYLIZvOogo2tUZRgTtv9oUHr AEkFwkkpqFkgf5p/fvUBEXoUWkiSBLEeSVu0uItxSe9WINrHwEvGTs+Mk21xxyFlCV Ds8dvZv9OiVfCe5omCfHF9f8cLUnOfhM2N+Rz20U3kvEgSec7NGiqi7CPKdVDt73AR rx2g4hElGDRtmaVVDfsnqpxAJuPrsjQNrlRsWgsZq0v3lSXaKuZJXVcnUyoVmezSpG wJyrJmLL8blHg== From: Christian Brauner To: fstests@vger.kernel.org, Eryu Guan Cc: Christoph Hellwig , Seth Forshee , Christian Brauner , Eryu Guan Subject: [PATCH 3/3] idmapped-mounts: add missing ownership comparisons to setgid tests Date: Fri, 7 Jan 2022 15:58:18 +0100 Message-Id: <20220107145818.336126-3-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220107145818.336126-1-brauner@kernel.org> References: <20220107145818.336126-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2789; h=from:subject; bh=Czg7uLOahRnQpkQfPkGqyhzGbB9ON78W/OEF3TcayI8=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTeCGVepeXL8tvqfMSEPzFf/6W0vuPem7Mua6tmPr+ih82e +OU/OkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACbiNYGRYZb93qWB+QG/Zs93sQ9d/+ t3JtPFmPUq268XZy9QtLV45sfIcLKEU/vOppDvugpzPmyPDe/ftqz/6LL+/6FqfYIFj/5sYQUA X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org In some setgid tests we missed to check ownership right after file or directory creation in order to verify whether gid ownership inheritance from the parent directory to the newly created file or directory works correctly. Add the missing ones. Cc: Seth Forshee Cc: Eryu Guan Cc: Christoph Hellwig Cc: fstests@vger.kernel.org Signed-off-by: Christian Brauner Reviewed-by: Christoph Hellwig --- /* v2 */ - Christian Brauner : - fix Seth's mail address in commit message --- src/idmapped-mounts/idmapped-mounts.c | 38 +++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index c53e1942..a5c0a983 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -7863,6 +7863,12 @@ static int setgid_create(void) if (!is_setgid(t_dir1_fd, DIR1, 0)) die("failure: is_setgid"); + if (!expected_uid_gid(t_dir1_fd, FILE1, 0, 0, 0)) + die("failure: check ownership"); + + if (!expected_uid_gid(t_dir1_fd, DIR1, 0, 0, 0)) + die("failure: check ownership"); + if (unlinkat(t_dir1_fd, FILE1, 0)) die("failure: delete"); @@ -7911,6 +7917,22 @@ static int setgid_create(void) die("failure: is_setgid"); } + /* + * In setgid directories newly created files always inherit the + * gid from the parent directory. Verify that the file is owned + * by gid 0, not by gid 10000. + */ + if (!expected_uid_gid(t_dir1_fd, FILE1, 0, 0, 0)) + die("failure: check ownership"); + + /* + * In setgid directories newly created directories always + * inherit the gid from the parent directory. Verify that the + * directory is owned by gid 0, not by gid 10000. + */ + if (!expected_uid_gid(t_dir1_fd, DIR1, 0, 0, 0)) + die("failure: check ownership"); + exit(EXIT_SUCCESS); } if (wait_for_pid(pid)) @@ -8013,6 +8035,22 @@ static int setgid_create_idmapped(void) die("failure: is_setgid"); } + /* + * In setgid directories newly created files always inherit the + * gid from the parent directory. Verify that the file is owned + * by gid 10000, not by gid 11000. + */ + if (!expected_uid_gid(open_tree_fd, FILE1, 0, 10000, 10000)) + die("failure: check ownership"); + + /* + * In setgid directories newly created directories always + * inherit the gid from the parent directory. Verify that the + * directory is owned by gid 10000, not by gid 11000. + */ + if (!expected_uid_gid(open_tree_fd, DIR1, 0, 10000, 10000)) + die("failure: check ownership"); + exit(EXIT_SUCCESS); } if (wait_for_pid(pid))