Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 1 | /***************************************************************************** |
| 2 | * Copyright (c) Kerlabs 2008. * |
| 3 | * Copyright (c) International Business Machines Corp., 2008 * |
| 4 | * Created by Renaud Lottiaux * |
| 5 | * * |
| 6 | * This program is free software; you can redistribute it and/or modify * |
| 7 | * it under the terms of the GNU General Public License as published by * |
| 8 | * the Free Software Foundation; either version 2 of the License, or * |
| 9 | * (at your option) any later version. * |
| 10 | * * |
| 11 | * This program is distributed in the hope that it will be useful, * |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * |
| 14 | * the GNU General Public License for more details. * |
| 15 | * * |
| 16 | * You should have received a copy of the GNU General Public License * |
| 17 | * along with this program; if not, write to the Free Software Foundation, * |
| 18 | * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * |
| 19 | *****************************************************************************/ |
| 20 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 21 | /* |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 22 | * Check if setfsuid behaves correctly with file permissions. |
| 23 | * The test creates a file as ROOT with permissions 0644, does a setfsuid |
| 24 | * and then tries to open the file with RDWR permissions. |
| 25 | * The same test is done in a fork to check if new UIDs are correctly |
| 26 | * passed to the son. |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 27 | */ |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 28 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 29 | #include <sys/types.h> |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 30 | #include <sys/stat.h> |
| 31 | #include <sys/wait.h> |
| 32 | #include <errno.h> |
| 33 | #include <fcntl.h> |
| 34 | #include <pwd.h> |
| 35 | #include <stdio.h> |
| 36 | #include <stdlib.h> |
| 37 | #include <string.h> |
| 38 | #include <unistd.h> |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 39 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 40 | #include "test.h" |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 41 | #include "compat_16.h" |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 42 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 43 | TCID_DEFINE(setfsuid04); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 44 | int TST_TOTAL = 1; |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 45 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 46 | static char nobody_uid[] = "nobody"; |
| 47 | static char testfile[] = "setfsuid04_testfile"; |
| 48 | static struct passwd *ltpuser; |
Wanlong Gao | 354ebb4 | 2012-12-07 10:10:04 +0800 | [diff] [blame] | 49 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 50 | static int fd = -1; |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 51 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 52 | static void setup(void); |
| 53 | static void cleanup(void); |
| 54 | static void do_master_child(void); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 55 | |
| 56 | int main(int ac, char **av) |
| 57 | { |
| 58 | pid_t pid; |
Cyril Hrubis | 0b9589f | 2014-05-27 17:40:33 +0200 | [diff] [blame] | 59 | const char *msg; |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 60 | |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 61 | if ((msg = parse_opts(ac, av, NULL, NULL)) != NULL) |
Garrett Cooper | 60fa801 | 2010-11-22 13:50:58 -0800 | [diff] [blame] | 62 | tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 63 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 64 | setup(); |
| 65 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 66 | pid = FORK_OR_VFORK(); |
| 67 | if (pid < 0) |
| 68 | tst_brkm(TBROK, cleanup, "Fork failed"); |
subrata_modak | bdbaec5 | 2009-02-26 12:14:51 +0000 | [diff] [blame] | 69 | |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 70 | if (pid == 0) |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 71 | do_master_child(); |
Garrett Cooper | 2c28215 | 2010-12-16 00:55:50 -0800 | [diff] [blame] | 72 | |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 73 | tst_record_childstatus(cleanup, pid); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 74 | |
| 75 | cleanup(); |
Garrett Cooper | 1e6f5a6 | 2010-12-19 09:58:10 -0800 | [diff] [blame] | 76 | tst_exit(); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 77 | } |
| 78 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 79 | static void do_master_child(void) |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 80 | { |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 81 | int pid; |
| 82 | int status; |
| 83 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 84 | if (SETFSUID(NULL, ltpuser->pw_uid) == -1) { |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 85 | perror("setfsuid failed"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 86 | exit(TFAIL); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 87 | } |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 88 | |
| 89 | /* Test 1: Check the process with new uid cannot open the file |
| 90 | * with RDWR permissions. |
| 91 | */ |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 92 | TEST(open(testfile, O_RDWR)); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 93 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 94 | if (TEST_RETURN != -1) { |
| 95 | close(TEST_RETURN); |
| 96 | printf("open succeeded unexpectedly\n"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 97 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 98 | } |
| 99 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 100 | if (TEST_ERRNO == EACCES) { |
| 101 | printf("open failed with EACCESS as expected\n"); |
| 102 | } else { |
| 103 | printf("open returned unexpected errno - %d\n", TEST_ERRNO); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 104 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 105 | } |
| 106 | |
| 107 | /* Test 2: Check a son process cannot open the file |
| 108 | * with RDWR permissions. |
| 109 | */ |
| 110 | pid = FORK_OR_VFORK(); |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 111 | if (pid < 0) { |
| 112 | perror("Fork failed"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 113 | exit(TFAIL); |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 114 | } |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 115 | |
| 116 | if (pid == 0) { |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 117 | /* Test to open the file in son process */ |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 118 | TEST(open(testfile, O_RDWR)); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 119 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 120 | if (TEST_RETURN != -1) { |
| 121 | close(TEST_RETURN); |
| 122 | printf("open succeeded unexpectedly\n"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 123 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 124 | } |
| 125 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 126 | if (TEST_ERRNO == EACCES) { |
| 127 | printf("open failed with EACCESS as expected\n"); |
| 128 | } else { |
| 129 | printf("open returned unexpected errno - %d\n", |
| 130 | TEST_ERRNO); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 131 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 132 | } |
| 133 | } else { |
| 134 | /* Wait for son completion */ |
| 135 | if (waitpid(pid, &status, 0) == -1) { |
| 136 | perror("waitpid failed"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 137 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 138 | } |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 139 | |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 140 | if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) |
| 141 | exit(WEXITSTATUS(status)); |
| 142 | } |
| 143 | |
| 144 | /* Test 3: Fallback to initial uid and check we can again open |
| 145 | * the file with RDWR permissions. |
| 146 | */ |
Caspar Zhang | d59a659 | 2013-03-07 14:59:12 +0800 | [diff] [blame] | 147 | tst_count++; |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 148 | if (SETFSUID(NULL, 0) == -1) { |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 149 | perror("setfsuid failed"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 150 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 151 | } |
| 152 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 153 | TEST(open(testfile, O_RDWR)); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 154 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 155 | if (TEST_RETURN == -1) { |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 156 | perror("open failed unexpectedly"); |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 157 | exit(TFAIL); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 158 | } else { |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 159 | printf("open call succeeded\n"); |
| 160 | close(TEST_RETURN); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 161 | } |
Xiaoguang Wang | d84d901 | 2014-07-28 19:51:41 +0800 | [diff] [blame] | 162 | exit(TPASS); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 163 | } |
| 164 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 165 | static void setup(void) |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 166 | { |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 167 | tst_require_root(NULL); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 168 | |
subrata_modak | bdbaec5 | 2009-02-26 12:14:51 +0000 | [diff] [blame] | 169 | ltpuser = getpwnam(nobody_uid); |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 170 | if (ltpuser == NULL) |
| 171 | tst_brkm(TBROK, cleanup, "getpwnam failed for user id %s", |
| 172 | nobody_uid); |
| 173 | |
| 174 | UID16_CHECK(ltpuser->pw_uid, setfsuid, cleanup); |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 175 | |
subrata_modak | 9e89d9a | 2008-09-08 08:52:52 +0000 | [diff] [blame] | 176 | tst_tmpdir(); |
| 177 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 178 | /* Create test file */ |
| 179 | fd = open(testfile, O_CREAT | O_RDWR, 0644); |
| 180 | if (fd < 0) |
| 181 | tst_brkm(TBROK, cleanup, "cannot creat test file"); |
| 182 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 183 | tst_sig(FORK, DEF_HANDLER, cleanup); |
| 184 | |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 185 | TEST_PAUSE; |
| 186 | } |
| 187 | |
Stanislav Kholmanskikh | 0e7a99b | 2013-09-13 13:59:10 +0400 | [diff] [blame] | 188 | static void cleanup(void) |
subrata_modak | cbfac50 | 2008-08-19 07:23:42 +0000 | [diff] [blame] | 189 | { |
subrata_modak | 56207ce | 2009-03-23 13:35:39 +0000 | [diff] [blame] | 190 | close(fd); |
subrata_modak | 9e89d9a | 2008-09-08 08:52:52 +0000 | [diff] [blame] | 191 | tst_rmdir(); |
Garrett Cooper | 72dd5a7 | 2011-02-15 23:02:07 -0800 | [diff] [blame] | 192 | } |