Module Name: src
Committed By: christos
Date: Mon Mar 28 20:51:04 UTC 2022
Modified Files:
src/tests/fs/vfs: Makefile
Added Files:
src/tests/fs/vfs: t_link.c
Log Message:
Add a test for hardlink sysctl limiting.
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/tests/fs/vfs/Makefile
cvs rdiff -u -r0 -r1.1 src/tests/fs/vfs/t_link.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/tests/fs/vfs/Makefile
diff -u src/tests/fs/vfs/Makefile:1.27 src/tests/fs/vfs/Makefile:1.28
--- src/tests/fs/vfs/Makefile:1.27 Mon Mar 2 06:09:13 2020
+++ src/tests/fs/vfs/Makefile Mon Mar 28 16:51:04 2022
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.27 2020/03/02 11:09:13 christos Exp $
+# $NetBSD: Makefile,v 1.28 2022/03/28 20:51:04 christos Exp $
#
.include <bsd.own.mk>
@@ -6,6 +6,7 @@
TESTSDIR= ${TESTSBASE}/fs/vfs
WARNS= 4
+TESTS_C+= t_link
TESTS_C+= t_full
TESTS_C+= t_io
TESTS_C+= t_renamerace
@@ -19,6 +20,12 @@ TESTS_C+= t_mtime_write
TESTS_C+= t_vfsops
TESTS_C+= t_vnops
+
+.PATH: ${NETBSDSRCDIR}/lib/libc/gen
+CPPFLAGS.sysctlbyname.c += -DRUMP_ACTION
+CPPFLAGS.sysctlgetmibinfo.c += -DRUMP_ACTION
+SRCS.t_link+= sysctlbyname.c sysctlgetmibinfo.c t_link.c
+
LDADD+=-lrumpnet_shmif -lrumpnet -lrumpnet_net -lrumpnet_netinet# TCP/IP
LDADD+=-lrumpfs_nfs # NFS
LDADD+=-lrumpfs_ext2fs # ext2fs
Added files:
Index: src/tests/fs/vfs/t_link.c
diff -u /dev/null src/tests/fs/vfs/t_link.c:1.1
--- /dev/null Mon Mar 28 16:51:05 2022
+++ src/tests/fs/vfs/t_link.c Mon Mar 28 16:51:04 2022
@@ -0,0 +1,150 @@
+/* $NetBSD: t_link.c,v 1.1 2022/03/28 20:51:04 christos Exp $ */
+
+/*-
+ * Copyright (c) 2011 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/sysctl.h>
+
+#include <atf-c.h>
+#include <libgen.h>
+#include <limits.h>
+#include <unistd.h>
+#include <stdbool.h>
+
+#include <rump/rump_syscalls.h>
+#include <rump/rump.h>
+
+#include "../common/h_fsmacros.h"
+#include "h_macros.h"
+
+#define USES_OWNER \
+ if (FSTYPE_MSDOS(tc)) \
+ atf_tc_skip("owner not supported by file system")
+
+
+static void
+hardlink(const atf_tc_t *tc, const char *mp, uid_t u1, uid_t u2,
+ bool sysctl, bool allowed)
+{
+ const char name[] = "foo";
+ const char link[] = "bar";
+ int one = 1, fd;
+
+ USES_OWNER;
+
+ FSTEST_ENTER();
+
+ if (sysctl) {
+ if (sysctlbyname(
+ "security.models.extensions.hardlink_check_uid",
+ NULL, 0, &one, sizeof(one)) == -1)
+ atf_tc_fail_errno("sysctlbyname");
+ }
+
+ rump_pub_lwproc_rfork(RUMP_RFCFDG);
+ if (rump_sys_chmod(".", 0777) == -1)
+ atf_tc_fail_errno("chmod");
+ if (rump_sys_setuid(u1) == -1)
+ atf_tc_fail_errno("setuid");
+ if ((fd = rump_sys_open(name, O_RDWR|O_CREAT, 0666)) == -1)
+ atf_tc_fail_errno("open");
+ if (rump_sys_close(fd) == -1)
+ atf_tc_fail_errno("close");
+ rump_pub_lwproc_releaselwp();
+
+ rump_pub_lwproc_rfork(RUMP_RFCFDG);
+ if (rump_sys_setuid(u2) == -1)
+ atf_tc_fail_errno("setuid");
+ if (rump_sys_link(name, link) == -1) {
+ if (allowed)
+ atf_tc_fail_errno("link");
+ } else {
+ if (!allowed)
+ atf_tc_fail("failed to disallow hard link");
+ }
+ rump_pub_lwproc_releaselwp();
+
+ FSTEST_EXIT();
+}
+
+
+static void
+hardlink_sameuser(const atf_tc_t *tc, const char *mp)
+{
+ hardlink(tc, mp, 1, 1, false, true);
+}
+
+static void
+hardlink_sameuser_sysctl(const atf_tc_t *tc, const char *mp)
+{
+ hardlink(tc, mp, 1, 1, true, true);
+}
+
+static void
+hardlink_otheruser(const atf_tc_t *tc, const char *mp)
+{
+ hardlink(tc, mp, 1, 2, false, true);
+}
+
+static void
+hardlink_otheruser_sysctl(const atf_tc_t *tc, const char *mp)
+{
+ hardlink(tc, mp, 1, 2, true, false);
+}
+
+static void
+hardlink_rootuser(const atf_tc_t *tc, const char *mp)
+{
+ hardlink(tc, mp, 1, 0, false, true);
+}
+
+static void
+hardlink_rootuser_sysctl(const atf_tc_t *tc, const char *mp)
+{
+ hardlink(tc, mp, 1, 0, true, true);
+}
+
+ATF_TC_FSAPPLY(hardlink_sameuser, "hardlink same user allowed");
+ATF_TC_FSAPPLY(hardlink_sameuser_sysctl, "hardlink same user sysctl allowed");
+ATF_TC_FSAPPLY(hardlink_otheruser, "hardlink other user allowed");
+ATF_TC_FSAPPLY(hardlink_otheruser_sysctl, "hardlink other user sysctl denied");
+ATF_TC_FSAPPLY(hardlink_rootuser, "hardlink root user allowed");
+ATF_TC_FSAPPLY(hardlink_rootuser_sysctl, "hardlink root user sysctl allowed");
+
+ATF_TP_ADD_TCS(tp)
+{
+ ATF_TP_FSAPPLY(hardlink_sameuser);
+ ATF_TP_FSAPPLY(hardlink_sameuser_sysctl);
+ ATF_TP_FSAPPLY(hardlink_otheruser);
+ ATF_TP_FSAPPLY(hardlink_otheruser_sysctl);
+ ATF_TP_FSAPPLY(hardlink_rootuser);
+ ATF_TP_FSAPPLY(hardlink_rootuser_sysctl);
+
+ return atf_no_error();
+}
