Re: [LTP] update filecaps test
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Serge E. Hallyn wrote: | Good point. Though note that the cap_to_text manpage is confusing here | - do i free(capstxt), or do I cap_free(cap) as the manpage implies and | automatically free capstxt that way? Reading the manpage on my system | kind of implies that so long as I cap_init at the start and | cap_free(cap) at the end, capstxt will be freed at the end... Though | that's probably not right. cap_free() should be used for both strings and capabilities (ie., anything) allocated by libcap. I'll make the cap_to_text documentation more explicit. Cheers Andrew -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFHxCS4+bHCR3gb8jsRAkllAKCclNz1YSoVbh5QHyET0ab95rievgCbBDFE vz/rqtcS7Un6h4Amx0upk0E= =YI69 -END PGP SIGNATURE- - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list
Re: [LTP] update filecaps test
On Sun, 2008-02-24 at 11:16 -0800, Andrew G. Morgan wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Subrata, I have to apologize. I'm not very familiar with LTP tests and have been putting this off until I had time to figure all this out... I've still not figured out how to run this but, browsing over the source code, have noted a number of things. Please see my comments inline. PS. What should I read to get up to speed on LTP? Thanks Andrew for your comments. I would wait for Sergei to reply back on the source code comments. You can know about LTP just from the following URLs: http://ltp.sourceforge.net/documentation/how-to/ltp.php, http://ltp.cvs.sourceforge.net/ltp/ltp/, Regards-- Subrata Thanks Andrew Subrata Modak wrote: | Andrew, | | Your thoughts on this ;-) | | --Subrata | | On Mon, 2008-02-04 at 21:53 -0600, Serge E. Hallyn wrote: | Hi Andrew, | | The original verify_caps_exec.c test in the filecaps test was written | before libcap had file capabilities support. Faced with implementing | 64-bit support in that ugly mess in order to properly test your | per-process securebits patch, it seemed wise to just switch to using | libcap :) Does the following new version of the file look kosher | to you? | Hi Andrew, | | Can you please provide your comments on this test case from Sergei? We | are looking forward, and, would be happy to see this inside LTP post | comments. | | Regards-- | Subrata | | thanks, | -serge | | /**/ | /* */ | /* Copyright (c) International Business Machines Corp., 2007, 2008 */ | /* */ | /* This program is free software; you can redistribute it and/or modify */ | /* it under the terms of the GNU General Public License as published by */ | /* the Free Software Foundation; either version 2 of the License, or */ | /* (at your option) any later version. */ | /* */ | /* This program is distributed in the hope that it will be useful, */ | /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ | /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ | /* the GNU General Public License for more details. */ | /* */ | /* You should have received a copy of the GNU General Public License */ | /* along with this program; if not, write to the Free Software */ | /* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/ | /* */ | /**/ | /* | * File: verify_caps_exec.c | * Author: Serge Hallyn | * Purpose: perform several tests of file capabilities: | * 1. try setting caps without CAP_SYS_ADMIN | * 2. test proper calculation of pI', pE', and pP'. | * Try setting valid caps, drop rights, and run the executable, | * make sure we get the rights | */ | | #define _GNU_SOURCE | #include stdio.h | #include unistd.h | #include endian.h | #include byteswap.h | #include sys/types.h | #include sys/stat.h | #include sys/wait.h | #include errno.h | #include fcntl.h | #include sys/capability.h | #include sys/prctl.h | #include test.h | | #define TSTPATH ./print_caps | char *TCID = filecaps; | int TST_TOTAL=1; | | int errno; | | void usage(char *me) | { | tst_resm(TFAIL, Usage: %s 0|1 [arg]\n, me); | tst_resm(TINFO, 0: set file caps without CAP_SYS_ADMIN\n); Not sure what is significant about CAP_SYS_ADMIN. | tst_resm(TINFO, 1: test that file caps are set correctly on exec\n); | tst_exit(1); | } | | #define DROP_PERMS 0 | #define KEEP_PERMS 1 | | void print_my_caps() | { | cap_t cap = cap_get_proc(); | tst_resm(TINFO, \ncaps are %s\n, cap_to_text(cap, NULL)); cap_free()? | } | | int drop_root(int keep_perms) | { | int ret; | | if (keep_perms) | prctl(PR_SET_KEEPCAPS, 1); | ret = setresuid(1000, 1000, 1000); | if (ret) { | perror(setresuid); | tst_resm(TFAIL, Error dropping root privs\n); | tst_exit(4); | } | if (keep_perms) { | cap_t cap = cap_from_text(=eip); | cap_set_proc(cap); cap_free()? | } | | return 1; | } | | /* | * TODO: find a better way to do this. Emulate libcap's | * way, or just take it from linux/capability.h | */ | #ifndef __CAP_BITS | #define __CAP_BITS 34 | #endif I guess you might be able to use PR_GET_SECUREBITS to tell you what the max supported capability of the running kernel is. | | int perms_test(void) | { | int ret; | cap_t cap; | | drop_root(DROP_PERMS); | cap = cap_from_text(all=eip); | if (!cap) { | tst_resm(TFAIL, could not get cap from text for perms test\n); | return 1; | } |
Re: [LTP] update filecaps test
Quoting Andrew G. Morgan ([EMAIL PROTECTED]): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Subrata, I have to apologize. I'm not very familiar with LTP tests and have been putting this off until I had time to figure all this out... I've still not figured out how to run this but, browsing over the source code, have noted a number of things. Please see my comments inline. PS. What should I read to get up to speed on LTP? Thanks Andrew Subrata Modak wrote: | Andrew, | | Your thoughts on this ;-) | | --Subrata | | On Mon, 2008-02-04 at 21:53 -0600, Serge E. Hallyn wrote: | Hi Andrew, | | The original verify_caps_exec.c test in the filecaps test was written | before libcap had file capabilities support. Faced with implementing | 64-bit support in that ugly mess in order to properly test your | per-process securebits patch, it seemed wise to just switch to using | libcap :) Does the following new version of the file look kosher | to you? | Hi Andrew, | | Can you please provide your comments on this test case from Sergei? We | are looking forward, and, would be happy to see this inside LTP post | comments. | | Regards-- | Subrata | | thanks, | -serge | | /**/ | /* */ | /* Copyright (c) International Business Machines Corp., 2007, 2008 */ | /* */ | /* This program is free software; you can redistribute it and/or modify */ | /* it under the terms of the GNU General Public License as published by */ | /* the Free Software Foundation; either version 2 of the License, or */ | /* (at your option) any later version. */ | /* */ | /* This program is distributed in the hope that it will be useful, */ | /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ | /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ | /* the GNU General Public License for more details. */ | /* */ | /* You should have received a copy of the GNU General Public License */ | /* along with this program; if not, write to the Free Software */ | /* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/ | /* */ | /**/ | /* | * File: verify_caps_exec.c | * Author: Serge Hallyn | * Purpose: perform several tests of file capabilities: | * 1. try setting caps without CAP_SYS_ADMIN | * 2. test proper calculation of pI', pE', and pP'. | * Try setting valid caps, drop rights, and run the executable, | * make sure we get the rights | */ | | #define _GNU_SOURCE | #include stdio.h | #include unistd.h | #include endian.h | #include byteswap.h | #include sys/types.h | #include sys/stat.h | #include sys/wait.h | #include errno.h | #include fcntl.h | #include sys/capability.h | #include sys/prctl.h | #include test.h | | #define TSTPATH ./print_caps | char *TCID = filecaps; | int TST_TOTAL=1; | | int errno; | | void usage(char *me) | { | tst_resm(TFAIL, Usage: %s 0|1 [arg]\n, me); | tst_resm(TINFO, 0: set file caps without CAP_SYS_ADMIN\n); Not sure what is significant about CAP_SYS_ADMIN. Documentation error. Note that the test drops all caps. | tst_resm(TINFO, 1: test that file caps are set correctly on exec\n); | tst_exit(1); | } | | #define DROP_PERMS 0 | #define KEEP_PERMS 1 | | void print_my_caps() | { | cap_t cap = cap_get_proc(); | tst_resm(TINFO, \ncaps are %s\n, cap_to_text(cap, NULL)); cap_free()? Yup, to all instances of this comment. | } | | int drop_root(int keep_perms) | { | int ret; | | if (keep_perms) | prctl(PR_SET_KEEPCAPS, 1); | ret = setresuid(1000, 1000, 1000); | if (ret) { | perror(setresuid); | tst_resm(TFAIL, Error dropping root privs\n); | tst_exit(4); | } | if (keep_perms) { | cap_t cap = cap_from_text(=eip); | cap_set_proc(cap); cap_free()? | } | | return 1; | } | | /* | * TODO: find a better way to do this. Emulate libcap's | * way, or just take it from linux/capability.h | */ | #ifndef __CAP_BITS | #define __CAP_BITS 34 | #endif I guess you might be able to use PR_GET_SECUREBITS to tell you what the max supported capability of the running kernel is. Good idea. Or if Kaigai's patch goes in that coudl be used... | | int perms_test(void) | { | int ret; | cap_t cap; | | drop_root(DROP_PERMS); | cap = cap_from_text(all=eip); | if (!cap) { | tst_resm(TFAIL, could not get cap from text for perms test\n); | return 1; | } | ret = cap_set_file(TSTPATH, cap); | if (ret) { | tst_resm(TPASS, could not set capabilities as non-root\n); | ret = 0; |
Re: [LTP] update filecaps test
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Serge E. Hallyn wrote: | Thanks Andrew, I'll try to get around to sending a new patch soon. In | the meantime, i would argue that applying the existing patch is better | than doing nothing since the previous version does not work with 64-bit | capabilities. Is that ok with you? Fine with me. Cheers Andrew -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFHw40l+bHCR3gb8jsRAi52AJ9XfBmLRSi2kGktaYGC8adDac4Q8gCdEm9N 3Q4GNlPLBwBp1rm8if1R6vE= =KJO0 -END PGP SIGNATURE- - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list
Re: [LTP] update filecaps test
On Mon, 2008-02-25 at 19:53 -0800, Andrew G. Morgan wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Serge E. Hallyn wrote: | Thanks Andrew, I'll try to get around to sending a new patch soon. In | the meantime, i would argue that applying the existing patch is better | than doing nothing since the previous version does not work with 64-bit | capabilities. Is that ok with you? Sergei, Let me know when you are ready with the new Patch(s) !! ;-) --Subrata Fine with me. Cheers Andrew -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFHw40l+bHCR3gb8jsRAi52AJ9XfBmLRSi2kGktaYGC8adDac4Q8gCdEm9N 3Q4GNlPLBwBp1rm8if1R6vE= =KJO0 -END PGP SIGNATURE- - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ Ltp-list mailing list Ltp-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ltp-list
Re: [LTP] update filecaps test
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Subrata, I have to apologize. I'm not very familiar with LTP tests and have been putting this off until I had time to figure all this out... I've still not figured out how to run this but, browsing over the source code, have noted a number of things. Please see my comments inline. PS. What should I read to get up to speed on LTP? Thanks Andrew Subrata Modak wrote: | Andrew, | | Your thoughts on this ;-) | | --Subrata | | On Mon, 2008-02-04 at 21:53 -0600, Serge E. Hallyn wrote: | Hi Andrew, | | The original verify_caps_exec.c test in the filecaps test was written | before libcap had file capabilities support. Faced with implementing | 64-bit support in that ugly mess in order to properly test your | per-process securebits patch, it seemed wise to just switch to using | libcap :) Does the following new version of the file look kosher | to you? | Hi Andrew, | | Can you please provide your comments on this test case from Sergei? We | are looking forward, and, would be happy to see this inside LTP post | comments. | | Regards-- | Subrata | | thanks, | -serge | | /**/ | /* */ | /* Copyright (c) International Business Machines Corp., 2007, 2008 */ | /* */ | /* This program is free software; you can redistribute it and/or modify */ | /* it under the terms of the GNU General Public License as published by */ | /* the Free Software Foundation; either version 2 of the License, or */ | /* (at your option) any later version. */ | /* */ | /* This program is distributed in the hope that it will be useful, */ | /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ | /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ | /* the GNU General Public License for more details. */ | /* */ | /* You should have received a copy of the GNU General Public License */ | /* along with this program; if not, write to the Free Software */ | /* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/ | /* */ | /**/ | /* | * File: verify_caps_exec.c | * Author: Serge Hallyn | * Purpose: perform several tests of file capabilities: | * 1. try setting caps without CAP_SYS_ADMIN | * 2. test proper calculation of pI', pE', and pP'. | * Try setting valid caps, drop rights, and run the executable, | * make sure we get the rights | */ | | #define _GNU_SOURCE | #include stdio.h | #include unistd.h | #include endian.h | #include byteswap.h | #include sys/types.h | #include sys/stat.h | #include sys/wait.h | #include errno.h | #include fcntl.h | #include sys/capability.h | #include sys/prctl.h | #include test.h | | #define TSTPATH ./print_caps | char *TCID = filecaps; | int TST_TOTAL=1; | | int errno; | | void usage(char *me) | { | tst_resm(TFAIL, Usage: %s 0|1 [arg]\n, me); | tst_resm(TINFO, 0: set file caps without CAP_SYS_ADMIN\n); Not sure what is significant about CAP_SYS_ADMIN. | tst_resm(TINFO, 1: test that file caps are set correctly on exec\n); | tst_exit(1); | } | | #define DROP_PERMS 0 | #define KEEP_PERMS 1 | | void print_my_caps() | { | cap_t cap = cap_get_proc(); | tst_resm(TINFO, \ncaps are %s\n, cap_to_text(cap, NULL)); cap_free()? | } | | int drop_root(int keep_perms) | { | int ret; | | if (keep_perms) | prctl(PR_SET_KEEPCAPS, 1); | ret = setresuid(1000, 1000, 1000); | if (ret) { | perror(setresuid); | tst_resm(TFAIL, Error dropping root privs\n); | tst_exit(4); | } | if (keep_perms) { | cap_t cap = cap_from_text(=eip); | cap_set_proc(cap); cap_free()? | } | | return 1; | } | | /* | * TODO: find a better way to do this. Emulate libcap's | * way, or just take it from linux/capability.h | */ | #ifndef __CAP_BITS | #define __CAP_BITS 34 | #endif I guess you might be able to use PR_GET_SECUREBITS to tell you what the max supported capability of the running kernel is. | | int perms_test(void) | { | int ret; | cap_t cap; | | drop_root(DROP_PERMS); | cap = cap_from_text(all=eip); | if (!cap) { | tst_resm(TFAIL, could not get cap from text for perms test\n); | return 1; | } | ret = cap_set_file(TSTPATH, cap); | if (ret) { | tst_resm(TPASS, could not set capabilities as non-root\n); | ret = 0; | } else { | tst_resm(TFAIL, could set capabilities as non-root\n); | ret = 1; | } | | cap_free(cap); | return ret; | } | | #define FIFOFILE caps_fifo | void create_fifo(void) | { | int ret; | | ret = mkfifo(FIFOFILE, S_IRWXU | S_IRWXG | S_IRWXO); | if
Re: [LTP] update filecaps test
Andrew, Your thoughts on this ;-) --Subrata On Mon, 2008-02-04 at 21:53 -0600, Serge E. Hallyn wrote: Hi Andrew, The original verify_caps_exec.c test in the filecaps test was written before libcap had file capabilities support. Faced with implementing 64-bit support in that ugly mess in order to properly test your per-process securebits patch, it seemed wise to just switch to using libcap :) Does the following new version of the file look kosher to you? Hi Andrew, Can you please provide your comments on this test case from Sergei? We are looking forward, and, would be happy to see this inside LTP post comments. Regards-- Subrata thanks, -serge /**/ /* */ /* Copyright (c) International Business Machines Corp., 2007, 2008 */ /* */ /* This program is free software; you can redistribute it and/or modify */ /* it under the terms of the GNU General Public License as published by */ /* the Free Software Foundation; either version 2 of the License, or */ /* (at your option) any later version. */ /* */ /* This program is distributed in the hope that it will be useful, */ /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ /* the GNU General Public License for more details. */ /* */ /* You should have received a copy of the GNU General Public License */ /* along with this program; if not, write to the Free Software */ /* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* */ /**/ /* * File: verify_caps_exec.c * Author: Serge Hallyn * Purpose: perform several tests of file capabilities: * 1. try setting caps without CAP_SYS_ADMIN * 2. test proper calculation of pI', pE', and pP'. * Try setting valid caps, drop rights, and run the executable, * make sure we get the rights */ #define _GNU_SOURCE #include stdio.h #include unistd.h #include endian.h #include byteswap.h #include sys/types.h #include sys/stat.h #include sys/wait.h #include errno.h #include fcntl.h #include sys/capability.h #include sys/prctl.h #include test.h #define TSTPATH ./print_caps char *TCID = filecaps; int TST_TOTAL=1; int errno; void usage(char *me) { tst_resm(TFAIL, Usage: %s 0|1 [arg]\n, me); tst_resm(TINFO, 0: set file caps without CAP_SYS_ADMIN\n); tst_resm(TINFO, 1: test that file caps are set correctly on exec\n); tst_exit(1); } #define DROP_PERMS 0 #define KEEP_PERMS 1 void print_my_caps() { cap_t cap = cap_get_proc(); tst_resm(TINFO, \ncaps are %s\n, cap_to_text(cap, NULL)); } int drop_root(int keep_perms) { int ret; if (keep_perms) prctl(PR_SET_KEEPCAPS, 1); ret = setresuid(1000, 1000, 1000); if (ret) { perror(setresuid); tst_resm(TFAIL, Error dropping root privs\n); tst_exit(4); } if (keep_perms) { cap_t cap = cap_from_text(=eip); cap_set_proc(cap); } return 1; } /* * TODO: find a better way to do this. Emulate libcap's * way, or just take it from linux/capability.h */ #ifndef __CAP_BITS #define __CAP_BITS 34 #endif int perms_test(void) { int ret; cap_t cap; drop_root(DROP_PERMS); cap = cap_from_text(all=eip); if (!cap) { tst_resm(TFAIL, could not get cap from text for perms test\n); return 1; } ret = cap_set_file(TSTPATH, cap); if (ret) { tst_resm(TPASS, could not set capabilities as non-root\n); ret = 0; } else { tst_resm(TFAIL, could set capabilities as non-root\n); ret = 1; } cap_free(cap); return ret; } #define FIFOFILE caps_fifo void create_fifo(void) { int ret; ret = mkfifo(FIFOFILE, S_IRWXU | S_IRWXG | S_IRWXO); if (ret == -1 errno != EEXIST) { perror(mkfifo); tst_resm(TFAIL, failed creating %s\n, FIFOFILE); tst_exit(1); } } void write_to_fifo(char *buf)
Re: [LTP] update filecaps test
On Mon, 2008-02-04 at 21:53 -0600, Serge E. Hallyn wrote: Hi Andrew, The original verify_caps_exec.c test in the filecaps test was written before libcap had file capabilities support. Faced with implementing 64-bit support in that ugly mess in order to properly test your per-process securebits patch, it seemed wise to just switch to using libcap :) Does the following new version of the file look kosher to you? Hi Andrew, Can you please provide your comments on this test case from Sergei? We are looking forward, and, would be happy to see this inside LTP post comments. Regards-- Subrata thanks, -serge /**/ /* */ /* Copyright (c) International Business Machines Corp., 2007, 2008 */ /* */ /* This program is free software; you can redistribute it and/or modify */ /* it under the terms of the GNU General Public License as published by */ /* the Free Software Foundation; either version 2 of the License, or */ /* (at your option) any later version. */ /* */ /* This program is distributed in the hope that it will be useful, */ /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ /* the GNU General Public License for more details. */ /* */ /* You should have received a copy of the GNU General Public License */ /* along with this program; if not, write to the Free Software */ /* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* */ /**/ /* * File: verify_caps_exec.c * Author: Serge Hallyn * Purpose: perform several tests of file capabilities: * 1. try setting caps without CAP_SYS_ADMIN * 2. test proper calculation of pI', pE', and pP'. * Try setting valid caps, drop rights, and run the executable, * make sure we get the rights */ #define _GNU_SOURCE #include stdio.h #include unistd.h #include endian.h #include byteswap.h #include sys/types.h #include sys/stat.h #include sys/wait.h #include errno.h #include fcntl.h #include sys/capability.h #include sys/prctl.h #include test.h #define TSTPATH ./print_caps char *TCID = filecaps; int TST_TOTAL=1; int errno; void usage(char *me) { tst_resm(TFAIL, Usage: %s 0|1 [arg]\n, me); tst_resm(TINFO, 0: set file caps without CAP_SYS_ADMIN\n); tst_resm(TINFO, 1: test that file caps are set correctly on exec\n); tst_exit(1); } #define DROP_PERMS 0 #define KEEP_PERMS 1 void print_my_caps() { cap_t cap = cap_get_proc(); tst_resm(TINFO, \ncaps are %s\n, cap_to_text(cap, NULL)); } int drop_root(int keep_perms) { int ret; if (keep_perms) prctl(PR_SET_KEEPCAPS, 1); ret = setresuid(1000, 1000, 1000); if (ret) { perror(setresuid); tst_resm(TFAIL, Error dropping root privs\n); tst_exit(4); } if (keep_perms) { cap_t cap = cap_from_text(=eip); cap_set_proc(cap); } return 1; } /* * TODO: find a better way to do this. Emulate libcap's * way, or just take it from linux/capability.h */ #ifndef __CAP_BITS #define __CAP_BITS 34 #endif int perms_test(void) { int ret; cap_t cap; drop_root(DROP_PERMS); cap = cap_from_text(all=eip); if (!cap) { tst_resm(TFAIL, could not get cap from text for perms test\n); return 1; } ret = cap_set_file(TSTPATH, cap); if (ret) { tst_resm(TPASS, could not set capabilities as non-root\n); ret = 0; } else { tst_resm(TFAIL, could set capabilities as non-root\n); ret = 1; } cap_free(cap); return ret; } #define FIFOFILE caps_fifo void create_fifo(void) { int ret; ret = mkfifo(FIFOFILE, S_IRWXU | S_IRWXG | S_IRWXO); if (ret == -1 errno != EEXIST) { perror(mkfifo); tst_resm(TFAIL, failed creating %s\n, FIFOFILE); tst_exit(1); } } void write_to_fifo(char *buf) { int fd; fd = open(FIFOFILE, O_WRONLY); write(fd, buf, strlen(buf)); close(fd); } void
[LTP] update filecaps test
Hi Andrew, The original verify_caps_exec.c test in the filecaps test was written before libcap had file capabilities support. Faced with implementing 64-bit support in that ugly mess in order to properly test your per-process securebits patch, it seemed wise to just switch to using libcap :) Does the following new version of the file look kosher to you? thanks, -serge /**/ /**/ /* Copyright (c) International Business Machines Corp., 2007, 2008 */ /**/ /* This program is free software; you can redistribute it and/or modify */ /* it under the terms of the GNU General Public License as published by */ /* the Free Software Foundation; either version 2 of the License, or */ /* (at your option) any later version.*/ /**/ /* This program is distributed in the hope that it will be useful,*/ /* but WITHOUT ANY WARRANTY; without even the implied warranty of*/ /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ /* the GNU General Public License for more details. */ /**/ /* You should have received a copy of the GNU General Public License */ /* along with this program; if not, write to the Free Software */ /* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/ /**/ /**/ /* * File: verify_caps_exec.c * Author: Serge Hallyn * Purpose: perform several tests of file capabilities: * 1. try setting caps without CAP_SYS_ADMIN * 2. test proper calculation of pI', pE', and pP'. * Try setting valid caps, drop rights, and run the executable, * make sure we get the rights */ #define _GNU_SOURCE #include stdio.h #include unistd.h #include endian.h #include byteswap.h #include sys/types.h #include sys/stat.h #include sys/wait.h #include errno.h #include fcntl.h #include sys/capability.h #include sys/prctl.h #include test.h #define TSTPATH ./print_caps char *TCID = filecaps; int TST_TOTAL=1; int errno; void usage(char *me) { tst_resm(TFAIL, Usage: %s 0|1 [arg]\n, me); tst_resm(TINFO, 0: set file caps without CAP_SYS_ADMIN\n); tst_resm(TINFO, 1: test that file caps are set correctly on exec\n); tst_exit(1); } #define DROP_PERMS 0 #define KEEP_PERMS 1 void print_my_caps() { cap_t cap = cap_get_proc(); tst_resm(TINFO, \ncaps are %s\n, cap_to_text(cap, NULL)); } int drop_root(int keep_perms) { int ret; if (keep_perms) prctl(PR_SET_KEEPCAPS, 1); ret = setresuid(1000, 1000, 1000); if (ret) { perror(setresuid); tst_resm(TFAIL, Error dropping root privs\n); tst_exit(4); } if (keep_perms) { cap_t cap = cap_from_text(=eip); cap_set_proc(cap); } return 1; } /* * TODO: find a better way to do this. Emulate libcap's * way, or just take it from linux/capability.h */ #ifndef __CAP_BITS #define __CAP_BITS 34 #endif int perms_test(void) { int ret; cap_t cap; drop_root(DROP_PERMS); cap = cap_from_text(all=eip); if (!cap) { tst_resm(TFAIL, could not get cap from text for perms test\n); return 1; } ret = cap_set_file(TSTPATH, cap); if (ret) { tst_resm(TPASS, could not set capabilities as non-root\n); ret = 0; } else { tst_resm(TFAIL, could set capabilities as non-root\n); ret = 1; } cap_free(cap); return ret; } #define FIFOFILE caps_fifo void create_fifo(void) { int ret; ret = mkfifo(FIFOFILE, S_IRWXU | S_IRWXG | S_IRWXO); if (ret == -1 errno != EEXIST) { perror(mkfifo); tst_resm(TFAIL, failed creating %s\n, FIFOFILE); tst_exit(1); } } void write_to_fifo(char *buf) { int fd; fd = open(FIFOFILE, O_WRONLY); write(fd, buf, strlen(buf)); close(fd); } void read_from_fifo(char *buf) { int fd; memset(buf, 0, 200); fd = open(FIFOFILE, O_RDONLY); if (fd 0) { perror(open); tst_resm(TFAIL, Failed opening fifo\n); tst_exit(1); } read(fd, buf, 199); close(fd); } int compare_caps(char