From 80bac2129b0619064ac5bda6e1822765fc95cf71 Mon Sep 17 00:00:00 2001 From: Jiufei Xue Date: Wed, 8 May 2019 15:10:00 +0800 Subject: [PATCH] generic: check CAP_LINUX_IMMUTABLE capability It should return error while changing IMMUTABLE_FL and APPEND_FL if the process has no capability CAP_LINUX_IMMUTABLE. However, it's not true on overlayfs after kernel version v4.19 since the process's subjective cred is overridden with ofs->creator_cred before calling real vfs_ioctl. The following patch for ovl fix the problem: "ovl: check the capability before cred overridden" Add this testcase to cover this bug. Signed-off-by: Jiufei Xue Reviewed-by: Amir Goldstein Signed-off-by: Eryu Guan --- common/config | 1 + tests/generic/545 | 74 +++++++++++++++++++++++++++++++++++++++++++ tests/generic/545.out | 9 ++++++ tests/generic/group | 1 + 4 files changed, 85 insertions(+) create mode 100755 tests/generic/545 create mode 100644 tests/generic/545.out diff --git a/common/config b/common/config index 64f87057..364432bb 100644 --- a/common/config +++ b/common/config @@ -196,6 +196,7 @@ export SQLITE3_PROG="$(type -P sqlite3)" export TIMEOUT_PROG="$(type -P timeout)" export SETCAP_PROG="$(type -P setcap)" export GETCAP_PROG="$(type -P getcap)" +export CAPSH_PROG="$(type -P capsh)" export CHECKBASHISMS_PROG="$(type -P checkbashisms)" export XFS_INFO_PROG="$(type -P xfs_info)" export DUPEREMOVE_PROG="$(type -P duperemove)" diff --git a/tests/generic/545 b/tests/generic/545 new file mode 100755 index 00000000..4580a551 --- /dev/null +++ b/tests/generic/545 @@ -0,0 +1,74 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2019 Alibaba Group. All Rights Reserved. +# +# FS QA Test No. 545 +# +# Check that we can't set the FS_APPEND_FL and FS_IMMUTABLE_FL inode +# flags without capbility CAP_LINUX_IMMUTABLE +# +seq=`basename $0` +seqres=$RESULT_DIR/$seq +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! +trap "_cleanup; exit \$status" 0 1 2 3 15 + +_cleanup() +{ + # Cleanup of flags on both file in case test is aborted + # (i.e. CTRL-C), so we have no immutable/append-only files + $CHATTR_PROG -ia $workdir/file1 >/dev/null 2>&1 + $CHATTR_PROG -ia $workdir/file2 >/dev/null 2>&1 + + cd / + rm -rf $tmp.* $workdir +} + +# get standard environment, filters and checks +. ./common/rc +. ./common/filter +. ./common/attr + +# real QA test starts here +_supported_os Linux +_supported_fs generic + +_require_test +_require_chattr i +_require_chattr a +_require_command "$CAPSH_PROG" "capsh" + +workdir="$TEST_DIR/test-$seq" +rm -rf $workdir +mkdir $workdir + +echo "Create the original files" +touch $workdir/file1 +touch $workdir/file2 + +do_filter_output() +{ + grep -o "Operation not permitted" +} + +echo "Try to chattr +ia with capabilities CAP_LINUX_IMMUTABLE" +$CHATTR_PROG +a $workdir/file1 +$CHATTR_PROG +i $workdir/file1 + +echo "Try to chattr +ia/-ia without capability CAP_LINUX_IMMUTABLE" +$CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG +a $workdir/file2" 2>&1 | do_filter_output +$CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG +i $workdir/file2" 2>&1 | do_filter_output + +$CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG -i $workdir/file1" 2>&1 | do_filter_output +$CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG -a $workdir/file1" 2>&1 | do_filter_output + +echo "Try to chattr -ia with capability CAP_LINUX_IMMUTABLE" +$CHATTR_PROG -i $workdir/file1 +$CHATTR_PROG -a $workdir/file1 + +# success, all done +status=0 +exit diff --git a/tests/generic/545.out b/tests/generic/545.out new file mode 100644 index 00000000..443ec4c2 --- /dev/null +++ b/tests/generic/545.out @@ -0,0 +1,9 @@ +QA output created by 545 +Create the original files +Try to chattr +ia with capabilities CAP_LINUX_IMMUTABLE +Try to chattr +ia/-ia without capability CAP_LINUX_IMMUTABLE +Operation not permitted +Operation not permitted +Operation not permitted +Operation not permitted +Try to chattr -ia with capability CAP_LINUX_IMMUTABLE diff --git a/tests/generic/group b/tests/generic/group index 40deb4d0..7a457e81 100644 --- a/tests/generic/group +++ b/tests/generic/group @@ -547,3 +547,4 @@ 542 auto quick clone 543 auto quick clone 544 auto quick clone +545 auto quick cap -- 2.39.5