overlay: filter out xattr starts with "trusted.overlay."
authorXiong Zhou <xzhou@redhat.com>
Thu, 23 Feb 2017 09:42:43 +0000 (17:42 +0800)
committerEryu Guan <eguan@redhat.com>
Thu, 23 Feb 2017 10:40:56 +0000 (18:40 +0800)
Overlayfs should only filter out xattr starting with
"trusted.overlay.", not "trusted.overlay".

Setting xattrs like "trusted.overlay.xxx" is not allowed.
Setting xattrs like "trusted.overlayxxx" is allowed.

v4.8-rc1 introduced a regression that we can't set xattrs
like "trusted.overlayxxx".  Kernel commit below fixed it
in v4.8:
  fe2b75952347 ovl: Fix OVL_XATTR_PREFIX

This case tests both get/set of these 2 kinds of xattrs.

Pattern "trusted.overlay.xxx" should fail, however the
errno returned by set/get varies among kernel versions.

Pattern "trusted.overlayxxx" shold always work.

CC: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Xiong Zhou <xzhou@redhat.com>
Reviewed-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Eryu Guan <eguan@redhat.com>
tests/overlay/026 [new file with mode: 0755]
tests/overlay/026.out [new file with mode: 0644]
tests/overlay/group

diff --git a/tests/overlay/026 b/tests/overlay/026
new file mode 100755 (executable)
index 0000000..55adbad
--- /dev/null
@@ -0,0 +1,110 @@
+#! /bin/bash
+# FS QA Test 026
+#
+# Overlayfs should only filter out xattr starting with
+# "trusted.overlay.", not "trusted.overlay".
+#
+# Setting xattrs like "trusted.overlay.xxx" is not allowed.
+# Setting xattrs like "trusted.overlayxxx" is allowed.
+#
+# v4.8-rc1 introduced a regression that we can't set xattrs
+# like "trusted.overlayxxx".  Kernel commit below fixed it
+# in v4.8:
+#   fe2b75952347 ovl: Fix OVL_XATTR_PREFIX
+#
+# This case tests both get/set of these 2 kinds of xattrs.
+#
+# Pattern "trusted.overlay.xxx" should fail, however the
+# errno returned by set/get varies among kernel versions.
+# Pattern "trusted.overlayxxx" shold always work.
+#
+# This reproducer was originally written by
+#     Miklos Szeredi <mszeredi@redhat.com>
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2017 Red Hat Inc.  All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#-----------------------------------------------------------------------
+#
+
+seq=`basename $0`
+seqres=$RESULT_DIR/$seq
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+status=1       # failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+       cd /
+       rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common/rc
+. ./common/attr
+. ./common/filter
+
+# remove previous $seqres.full before test
+rm -f $seqres.full
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs overlay
+_supported_os Linux
+_require_scratch
+_require_attrs
+
+# Remove all files from previous tests
+_scratch_mkfs
+
+# Mounting overlay
+_scratch_mount
+touch $SCRATCH_MNT/testf0
+touch $SCRATCH_MNT/testf1
+
+# {s,g}etfattr of "trusted.overlayxxx" should work.
+#            v4.3/6/7    v4.8-rc1   v4.8  v4.10
+# setfattr    ok         not perm    ok    ok
+# getfattr    ok         no attr     ok    ok
+#
+$SETFATTR_PROG -n "trusted.overlayfsrz" -v "n" \
+  $SCRATCH_MNT/testf0 2>&1 | _filter_scratch
+
+$GETFATTR_PROG --absolute-names -n "trusted.overlayfsrz" \
+  $SCRATCH_MNT/testf0 2>&1 | _filter_scratch
+
+# {s,g}etfattr of "trusted.overlay.xxx" should fail.
+# The errno returned varies among kernel versions,
+#            v4.3/7   v4.8-rc1    v4.8       v4.10
+# setfattr  not perm  not perm   not perm   not supp
+# getfattr  no attr   no attr    not perm   not supp
+#
+# Consider "Operation not {supported,permitted}" pass.
+#
+$SETFATTR_PROG -n "trusted.overlay.fsz" -v "n" \
+  $SCRATCH_MNT/testf1 2>&1 | _filter_scratch | \
+  sed -e 's/permitted/supported/g'
+
+$GETFATTR_PROG --absolute-names -n "trusted.overlay.fsz" \
+  $SCRATCH_MNT/testf1 2>&1 | _filter_scratch | \
+  sed -e 's/permitted/supported/g'
+
+# success, all done
+status=0
+exit
diff --git a/tests/overlay/026.out b/tests/overlay/026.out
new file mode 100644 (file)
index 0000000..c4572d6
--- /dev/null
@@ -0,0 +1,6 @@
+QA output created by 026
+# file: SCRATCH_MNT/testf0
+trusted.overlayfsrz="n"
+
+setfattr: SCRATCH_MNT/testf1: Operation not supported
+SCRATCH_MNT/testf1: trusted.overlay.fsz: Operation not supported
index 82fe69e7ee435704031bb01106dd5d52070b3725..92afa8d4421056d7c0b272ad7432f176ec464369 100644 (file)
@@ -28,3 +28,4 @@
 023 auto quick attr
 024 auto quick
 025 auto quick attr
+026 auto attr quick