2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright (c) 2022 Red Hat, Inc. All Rights Reserved.
7 # Test for the Dirty Pipe vulnerability (CVE-2022-0847) caused by an
8 # uninitialized "pipe_buffer.flags" variable, which fixed by:
9 # 9d2231c5d74e ("lib/iov_iter: initialize "flags" in new pipe_buffer")
12 _begin_fstest auto quick
14 # real QA test starts here
19 _require_test_program "splice2pipe"
21 localfile=$TEST_DIR/testfile.$seq
24 # Create a file with 4k 0xff data, then make sure unprivileged user has readonly
26 $XFS_IO_PROG -f -t -c "pwrite 0 4k -S 0xff" $localfile >> $seqres.full 2>&1
28 # Test privileged user (xfstests generally run with root)
29 echo "Test privileged user:"
30 $here/src/splice2pipe $localfile 1 "AAAAAAAABBBBBBBB"
31 # Part of 0xff will be overwritten if there's CVE-2022-0847 bug
34 # Create a file with 4k 0xff data, then make sure unprivileged user has readonly
36 $XFS_IO_PROG -f -t -c "pwrite 0 4k -S 0xff" $localfile >> $seqres.full 2>&1
38 # Copy splice2pipe to a place which can be run by an unprivileged user (avoid
39 # something likes /root/xfstests/src/splice2pipe)
40 cp $here/src/splice2pipe $tmp.splice2pipe
41 # Test unprivileged user's privilege escalation
42 echo "Test unprivileged user:"
43 su ${qa_user} -c "$tmp.splice2pipe $localfile 1 AAAAAAAABBBBBBBB"