##/bin/bash # SPDX-License-Identifier: GPL-2.0+ # Copyright (c) 2000-2004 Silicon Graphics, Inc. All Rights Reserved. # # common extended attribute and ACL support # filesystems that want to test maximum supported acl counts need to # add support in here _acl_get_max() { case $FSTYP in xfs) # CRC format filesystems have much larger ACL counts. The actual # number is into the thousands, but testing that meany takes too # long, so just test well past the old limit of 25. $XFS_INFO_PROG $TEST_DIR | _filter_mkfs > /dev/null 2> $tmp.info . $tmp.info rm $tmp.info if [ $_fs_has_crcs -eq 0 ]; then echo 25 else echo 5461 fi ;; jfs) echo 8191 ;; f2fs) _fs_options $TEST_DEV | grep "inline_xattr" >/dev/null 2>&1 if [ $? -eq 0 ]; then echo 531 else echo 506 fi ;; bcachefs) echo 251 ;; *) echo 0 ;; esac } _require_acl_get_max() { if [ $(_acl_get_max) -eq 0 ]; then _notrun "$FSTYP does not define maximum ACL count" fi } # pick three unused user/group ids, store them as $acl[1-3] # _acl_setup_ids() { eval `(_cat_passwd; _cat_group) | awk -F: ' { ids[$3]=1 } END { j=1 for(i=1; i<1000000 && j<=3;i++){ if (! (i in ids)) { printf "acl%d=%d;", j, i; j++ } } }'` } # filter for the acl ids selected above # _acl_filter_id() { sed \ -e "s/u:$acl1/u:id1/" \ -e "s/u:$acl2/u:id2/" \ -e "s/u:$acl3/u:id3/" \ -e "s/g:$acl1/g:id1/" \ -e "s/g:$acl2/g:id2/" \ -e "s/g:$acl3/g:id3/" \ -e "s/ $acl1 / id1 /" \ -e "s/ $acl2 / id2 /" \ -e "s/ $acl3 / id3 /" } _getfacl_filter_id() { sed \ -e "s/user:$acl1/user:id1/" \ -e "s/user:$acl2/user:id2/" \ -e "s/user:$acl3/user:id3/" \ -e "s/group:$acl1/group:id1/" \ -e "s/group:$acl2/group:id2/" \ -e "s/group:$acl3/group:id3/" \ -e "s/: $acl1/: id1/" \ -e "s/: $acl2/: id2/" \ -e "s/: $acl3/: id3/" } # filtered ls # _acl_ls() { _ls_l -n $* | awk '{ print $1, $3, $4, $NF }' | _acl_filter_id } # create an ACL with n ACEs in it # _create_n_aces() { let n=$1-4 acl='u::rwx,g::rwx,o::rwx,m::rwx' # 4 ace acl start while [ $n -ne 0 ]; do acl="$acl,u:$n:rwx" let n=$n-1 done echo $acl } # filter user ace names to user ids # _filter_aces() { tmp_file=`mktemp /tmp/ace.XXXXXX` (_cat_passwd; _cat_group) > $tmp_file $AWK_PROG -v tmpfile=$tmp_file ' BEGIN { FS=":" while ( getline 0 ) { idlist[$1] = $3 } } /^user/ { if ($2 in idlist) sub($2, idlist[$2]); print; next} /^u/ { if ($2 in idlist) sub($2, idlist[$2]); print; next} /^default:user/ { if ($3 in idlist) sub($3, idlist[$3]); print; next} {print} ' rm -f $tmp_file } _filter_aces_notypes() { tr '\[' '\012' | tr ']' '\012' | tr ',' '\012' | _filter_aces|\ sed -e 's/u:/user:/' -e 's/g:/group:/' -e 's/o:/other:/' -e 's/m:/mask:/' } _require_acls() { [ -n "$CHACL_PROG" ] || _notrun "chacl command not found" # # Test if chacl is able to list ACLs on the target filesystems. On really # old kernels the system calls might not be implemented at all, but the # more common case is that the tested filesystem simply doesn't support # ACLs. # touch $TEST_DIR/syscalltest chacl -l $TEST_DIR/syscalltest > $TEST_DIR/syscalltest.out 2>&1 cat $TEST_DIR/syscalltest.out >> $seqres.full if grep -q 'Function not implemented' $TEST_DIR/syscalltest.out; then _notrun "kernel does not support ACLs" fi if grep -q 'Operation not supported' $TEST_DIR/syscalltest.out; then _notrun "ACLs not supported by this filesystem type: $FSTYP" fi rm -f $TEST_DIR/syscalltest.out } _list_acl() { file=$1 ls -dD $file | _acl_filter_id } _require_attrs() { local args local nsp if [ $# -eq 0 ]; then args="user" else args="$*" fi [ -n "$ATTR_PROG" ] || _notrun "attr command not found" [ -n "$GETFATTR_PROG" ] || _notrun "getfattr command not found" [ -n "$SETFATTR_PROG" ] || _notrun "setfattr command not found" for nsp in $args; do # # Test if chacl is able to write an attribute on the target # filesystems. On really old kernels the system calls might # not be implemented at all, but the more common case is that # the tested filesystem simply doesn't support attributes. # Note that we can't simply list attributes as various security # modules generate synthetic attributes not actually stored on # disk. # touch $TEST_DIR/syscalltest $SETFATTR_PROG -n "$nsp.xfstests" -v "attr" $TEST_DIR/syscalltest > $TEST_DIR/syscalltest.out 2>&1 cat $TEST_DIR/syscalltest.out >> $seqres.full if grep -q 'Function not implemented' $TEST_DIR/syscalltest.out; then _notrun "kernel does not support attrs" fi if grep -q 'Operation not supported' $TEST_DIR/syscalltest.out; then _notrun "attr namespace $nsp not supported by this filesystem type: $FSTYP" fi rm -f $TEST_DIR/syscalltest.out done } _require_attr_v1() { _scratch_mkfs_xfs_supported -i attr=1 >/dev/null 2>&1 \ || _notrun "attr v1 not supported on $SCRATCH_DEV" } # check if we support the noattr2 mount option _require_noattr2() { _scratch_mkfs_xfs > /dev/null 2>&1 \ || _fail "_scratch_mkfs_xfs failed on $SCRATCH_DEV" _try_scratch_mount -o noattr2 > /dev/null 2>&1 \ || _notrun "noattr2 mount option not supported on $SCRATCH_DEV" _scratch_unmount } # getfattr -R returns info in readdir order which varies from fs to fs. # This sorts the output by filename _sort_getfattr_output() { awk '{a[FNR]=$0}END{n = asort(a); for(i=1; i <= n; i++) print a[i]"\n"}' RS='' } # Previously, when getfattr dumps values of all extended attributes, it prints # empty attr as 'user.name', but new getfattr (since attr-2.4.48) prints it as # 'user.name=""'. Filter out the ending '=""' so that both old and new getfattr # pints the same output. # # Note: This function returns the getfattr command result. _getfattr() { $GETFATTR_PROG "$@" | sed -e 's/=\"\"//' return ${PIPESTATUS[0]} } # set maximum total attr space based on fs type case "$FSTYP" in xfs|udf|pvfs2|9p|ceph|nfs) MAX_ATTRS=1000 ;; *) # Assume max ~1 block of attrs BLOCK_SIZE=`_get_block_size $TEST_DIR` # user.attribute_XXX="value.XXX" is about 32 bytes; leave some overhead let MAX_ATTRS=$BLOCK_SIZE/40 esac export MAX_ATTRS # Set max attr value size based on fs type case "$FSTYP" in xfs|udf|btrfs) MAX_ATTRVAL_SIZE=64 ;; pvfs2) MAX_ATTRVAL_SIZE=8192 ;; 9p|ceph|nfs) MAX_ATTRVAL_SIZE=65536 ;; bcachefs) MAX_ATTRVAL_SIZE=1024 ;; *) # Assume max ~1 block of attrs BLOCK_SIZE=`_get_block_size $TEST_DIR` # leave a little overhead let MAX_ATTRVAL_SIZE=$BLOCK_SIZE-256 esac export MAX_ATTRVAL_SIZE # make sure this script returns success /bin/true