From: "Mickaël Salaün" <mic@digikod.net>
To: "Günther Noack" <gnoack@google.com>
Cc: linux-security-module@vger.kernel.org,
Jeff Xu <jeffxu@google.com>, Arnd Bergmann <arnd@arndb.de>,
Jorge Lucangeli Obes <jorgelo@chromium.org>,
Allen Webb <allenwebb@google.com>,
Dmitry Torokhov <dtor@google.com>,
Paul Moore <paul@paul-moore.com>,
Konstantin Meskhidze <konstantin.meskhidze@huawei.com>,
Matt Bobrowski <repnop@google.com>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH v10 6/9] selftests/landlock: Test IOCTLs on named pipes
Date: Fri, 22 Mar 2024 08:48:29 +0100 [thread overview]
Message-ID: <20240322.axashie2ooJ1@digikod.net> (raw)
In-Reply-To: <20240309075320.160128-7-gnoack@google.com>
It might be interesting to create a layout with one file of each type
and use that for the IOCTL tests.
On Sat, Mar 09, 2024 at 07:53:17AM +0000, Günther Noack wrote:
> Named pipes should behave like pipes created with pipe(2),
> so we don't want to restrict IOCTLs on them.
>
> Suggested-by: Mickaël Salaün <mic@digikod.net>
> Signed-off-by: Günther Noack <gnoack@google.com>
> ---
> tools/testing/selftests/landlock/fs_test.c | 61 ++++++++++++++++++----
> 1 file changed, 52 insertions(+), 9 deletions(-)
>
> diff --git a/tools/testing/selftests/landlock/fs_test.c b/tools/testing/selftests/landlock/fs_test.c
> index 5c47231a722e..d991f44875bc 100644
> --- a/tools/testing/selftests/landlock/fs_test.c
> +++ b/tools/testing/selftests/landlock/fs_test.c
> @@ -3924,6 +3924,58 @@ TEST_F_FORK(layout1, o_path_ftruncate_and_ioctl)
> ASSERT_EQ(0, close(fd));
> }
>
> +static int test_fionread_ioctl(int fd)
> +{
> + size_t sz = 0;
> +
> + if (ioctl(fd, FIONREAD, &sz) < 0 && errno == EACCES)
> + return errno;
> + return 0;
> +}
> +
> +/*
> + * Named pipes are not governed by the LANDLOCK_ACCESS_FS_IOCTL_DEV right,
> + * because they are not character or block devices.
> + */
> +TEST_F_FORK(layout1, named_pipe_ioctl)
> +{
> + pid_t child_pid;
> + int fd, ruleset_fd;
> + const char *const path = file1_s1d1;
> + const struct landlock_ruleset_attr attr = {
> + .handled_access_fs = LANDLOCK_ACCESS_FS_IOCTL_DEV,
> + };
> +
> + ASSERT_EQ(0, unlink(path));
> + ASSERT_EQ(0, mkfifo(path, 0600));
> +
> + /* Enables Landlock. */
> + ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0);
> + ASSERT_LE(0, ruleset_fd);
> + enforce_ruleset(_metadata, ruleset_fd);
> + ASSERT_EQ(0, close(ruleset_fd));
> +
> + /* The child process opens the pipe for writing. */
> + child_pid = fork();
> + ASSERT_NE(-1, child_pid);
> + if (child_pid == 0) {
What is the purpose of this child's code?
> + fd = open(path, O_WRONLY);
> + close(fd);
> + exit(0);
> + }
> +
> + fd = open(path, O_RDONLY);
> + ASSERT_LE(0, fd);
> +
> + /* FIONREAD is implemented by pipefifo_fops. */
> + EXPECT_EQ(0, test_fionread_ioctl(fd));
> +
> + ASSERT_EQ(0, close(fd));
> + ASSERT_EQ(0, unlink(path));
> +
> + ASSERT_EQ(child_pid, waitpid(child_pid, NULL, 0));
> +}
> +
> /* clang-format off */
> FIXTURE(ioctl) {};
>
> @@ -3997,15 +4049,6 @@ static int test_tcgets_ioctl(int fd)
> return 0;
> }
>
> -static int test_fionread_ioctl(int fd)
> -{
> - size_t sz = 0;
> -
> - if (ioctl(fd, FIONREAD, &sz) < 0 && errno == EACCES)
> - return errno;
> - return 0;
> -}
> -
You should add test_fionread_ioctl() at the right place from the start.
> TEST_F_FORK(ioctl, handle_dir_access_file)
> {
> const int flag = 0;
> --
> 2.44.0.278.ge034bb2e1d-goog
>
>
next prev parent reply other threads:[~2024-03-22 7:48 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-09 7:53 [PATCH v10 0/9] Landlock: IOCTL support Günther Noack
2024-03-09 7:53 ` [PATCH v10 1/9] security: Create security_file_vfs_ioctl hook Günther Noack
2024-03-14 17:56 ` Paul Moore
2024-03-15 14:58 ` [RFC PATCH] fs: Add an use vfs_get_ioctl_handler() Mickaël Salaün
2024-03-15 18:30 ` [PATCH v10 1/9] security: Create security_file_vfs_ioctl hook Mickaël Salaün
2024-03-09 7:53 ` [PATCH v10 2/9] landlock: Add IOCTL access right for character and block devices Günther Noack
2024-03-11 14:46 ` Mickaël Salaün
2024-03-11 16:55 ` Alejandro Colomar
2024-03-09 7:53 ` [PATCH v10 3/9] selftests/landlock: Test IOCTL support Günther Noack
2024-03-09 7:53 ` [PATCH v10 4/9] selftests/landlock: Test IOCTL with memfds Günther Noack
2024-03-09 7:53 ` [PATCH v10 5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Günther Noack
2024-03-09 7:53 ` [PATCH v10 6/9] selftests/landlock: Test IOCTLs on named pipes Günther Noack
2024-03-22 7:48 ` Mickaël Salaün [this message]
2024-03-22 8:45 ` Mickaël Salaün
2024-03-22 14:39 ` Günther Noack
2024-03-22 15:04 ` Mickaël Salaün
2024-03-09 7:53 ` [PATCH v10 7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Günther Noack
2024-03-22 7:57 ` Mickaël Salaün
2024-03-22 14:43 ` Günther Noack
2024-03-09 7:53 ` [PATCH v10 8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Günther Noack
2024-03-09 7:53 ` [PATCH v10 9/9] landlock: Document IOCTL support Günther Noack
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240322.axashie2ooJ1@digikod.net \
--to=mic@digikod.net \
--cc=allenwebb@google.com \
--cc=arnd@arndb.de \
--cc=dtor@google.com \
--cc=gnoack@google.com \
--cc=jeffxu@google.com \
--cc=jorgelo@chromium.org \
--cc=konstantin.meskhidze@huawei.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=repnop@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).