btrfs: add test for send/receive with file capabilities set

Test that if we set a capability on a file but not on the next files we
create, send/receive operations only apply the capability to the first
file, the one for which we have set a capability.

This is motivated by a regression that started to happen with kernel 5.8,
caused by an incompatibility between kernel commit 89efda52e6b693
("btrfs: send: emit file capabilities after chown") and a workaround for
send/receive added to btrfs-progs several years ago by btrfs-progs
commit 123a2a085027e ("btrfs-progs: receive: restore capabilities after
chown"). That workaround in btrfs-progs was added in btrfs-progs 4.1.

That kernel commit ended up fixing the bugs the btrfs-progs commit
targeted, as well as other bugs around btrfs send and capabilities.
However it did not play nice with the btrfs-progs workaround.
The kernel fix was backported to all stable kernels and the btrfs-progs
workaround was later removed from btrfs-progs by commit 81d8ea9346c6ee
("btrfs-progs: receive: remove workaround for setting capabilities"),
introduced in btrfs-progs 5.11.

The test currently fails on any environment using kernel 5.8+ and a
btrfs-progs version between 4.1 and 5.10. Updating btrfs-progs to
version 5.11 makes the test pass.

Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>

diff --git a/tests/btrfs/235 b/tests/btrfs/235
new file mode 100755 (executable)
index 0000000..600dad9
--- /dev/null
+++ b/tests/btrfs/235
@@ -0,0 +1,113 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (C) 2021 SUSE Linux Products GmbH. All Rights Reserved.
+#
+# FS QA Test No. btrfs/235
+#
+# Test that if we set a capability on a file but not on the next files we create,
+# send/receive operations only apply the capability to the first file, the one
+# for which we have set a capability.
+#
+seq=`basename $0`
+seqres=$RESULT_DIR/$seq
+echo "QA output created by $seq"
+
+tmp=/tmp/$$
+status=1       # failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+       cd /
+       rm -fr $send_files_dir
+       rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common/rc
+. ./common/filter
+
+# real QA test starts here
+_supported_fs btrfs
+_require_test
+_require_scratch
+_require_command "$SETCAP_PROG" setcap
+_require_command "$GETCAP_PROG" getcap
+
+send_files_dir=$TEST_DIR/btrfs-test-$seq
+
+rm -f $seqres.full
+rm -fr $send_files_dir
+mkdir $send_files_dir
+
+_scratch_mkfs >>$seqres.full 2>&1
+_scratch_mount
+
+touch $SCRATCH_MNT/foo
+touch $SCRATCH_MNT/bar
+touch $SCRATCH_MNT/baz
+
+# Set a capability only on file foo. Note that file foo has a lower inode number
+# then files bar and baz - we want to test that if a file with a lower inode
+# number has a capability set, after a send/receive, the capability is not set
+# on the next files that have higher inode numbers.
+$SETCAP_PROG cap_net_raw=p $SCRATCH_MNT/foo
+
+# Now create the base snapshot, which is going to be the parent snapshot for
+# a later incremental send.
+$BTRFS_UTIL_PROG subvolume snapshot -r $SCRATCH_MNT \
+       $SCRATCH_MNT/mysnap1 > /dev/null
+
+$BTRFS_UTIL_PROG send -f $send_files_dir/1.snap \
+       $SCRATCH_MNT/mysnap1 2>&1 1>/dev/null | _filter_scratch
+
+# Now do something similar as before, but this time to test incremental
+# send/receive instead.
+
+touch $SCRATCH_MNT/foo2
+touch $SCRATCH_MNT/bar2
+touch $SCRATCH_MNT/baz2
+
+# Add a capability to file bar now. We want to check later that the capability
+# is not added to file baz or any of the new files foo2, bar2 and baz2.
+$SETCAP_PROG cap_net_raw=p $SCRATCH_MNT/bar
+
+# Add a capability to the new file foo2, we want to check later that it is not
+# incorrectly propagated to the new files bar2 and baz2.
+$SETCAP_PROG cap_sys_nice=ep $SCRATCH_MNT/foo2
+
+$BTRFS_UTIL_PROG subvolume snapshot -r $SCRATCH_MNT \
+                $SCRATCH_MNT/mysnap2 > /dev/null
+$BTRFS_UTIL_PROG send -p $SCRATCH_MNT/mysnap1 -f $send_files_dir/2.snap \
+                $SCRATCH_MNT/mysnap2 2>&1 1>/dev/null | _filter_scratch
+
+# Now recreate the filesystem by receiving both send streams.
+_scratch_unmount
+_scratch_mkfs >>$seqres.full 2>&1
+_scratch_mount
+
+$BTRFS_UTIL_PROG receive -f $send_files_dir/1.snap $SCRATCH_MNT > /dev/null
+$BTRFS_UTIL_PROG receive -f $send_files_dir/2.snap $SCRATCH_MNT > /dev/null
+
+echo "File mysnap1/foo capabilities:"
+_getcap $SCRATCH_MNT/mysnap1/foo | _filter_scratch
+echo "File mysnap1/bar capabilities:"
+_getcap $SCRATCH_MNT/mysnap1/bar | _filter_scratch
+echo "File mysnap1/baz capabilities:"
+_getcap $SCRATCH_MNT/mysnap1/baz | _filter_scratch
+
+echo "File mysnap2/foo capabilities:"
+_getcap $SCRATCH_MNT/mysnap2/foo | _filter_scratch
+echo "File mysnap2/bar capabilities:"
+_getcap $SCRATCH_MNT/mysnap2/bar | _filter_scratch
+echo "File mysnap2/baz capabilities:"
+_getcap $SCRATCH_MNT/mysnap2/baz | _filter_scratch
+echo "File mysnap2/foo2 capabilities:"
+_getcap $SCRATCH_MNT/mysnap2/foo2 | _filter_scratch
+echo "File mysnap2/bar2 capabilities:"
+_getcap $SCRATCH_MNT/mysnap2/bar2 | _filter_scratch
+echo "File mysnap2/baz2 capabilities:"
+_getcap $SCRATCH_MNT/mysnap2/baz2 | _filter_scratch
+
+status=0
+exit

diff --git a/tests/btrfs/235.out b/tests/btrfs/235.out
new file mode 100644 (file)
index 0000000..953c69b
--- /dev/null
+++ b/tests/btrfs/235.out
@@ -0,0 +1,17 @@
+QA output created by 235
+At subvol SCRATCH_MNT/mysnap1
+At subvol SCRATCH_MNT/mysnap2
+At subvol mysnap1
+File mysnap1/foo capabilities:
+SCRATCH_MNT/mysnap1/foo cap_net_raw=p
+File mysnap1/bar capabilities:
+File mysnap1/baz capabilities:
+File mysnap2/foo capabilities:
+SCRATCH_MNT/mysnap2/foo cap_net_raw=p
+File mysnap2/bar capabilities:
+SCRATCH_MNT/mysnap2/bar cap_net_raw=p
+File mysnap2/baz capabilities:
+File mysnap2/foo2 capabilities:
+SCRATCH_MNT/mysnap2/foo2 cap_sys_nice=ep
+File mysnap2/bar2 capabilities:
+File mysnap2/baz2 capabilities:

diff --git a/tests/btrfs/group b/tests/btrfs/group
index 6d0c70c0a1347221413121e81417af3aa10ca3ed..331dd432fac3c1a9674c219637e8cdb17107baaf 100644 (file)
--- a/tests/btrfs/group
+++ b/tests/btrfs/group
@@ -237,3 +237,4 @@
 232 auto quick qgroup limit
 233 auto quick subvolume
 234 auto quick compress rw
+235 auto quick send