1 1.16 hannken /* $NetBSD: t_unpriv.c,v 1.16 2018/11/28 10:01:28 hannken Exp $ */ 2 1.1 njoly 3 1.1 njoly /*- 4 1.1 njoly * Copyright (c) 2011 The NetBSD Foundation, Inc. 5 1.1 njoly * All rights reserved. 6 1.1 njoly * 7 1.1 njoly * Redistribution and use in source and binary forms, with or without 8 1.1 njoly * modification, are permitted provided that the following conditions 9 1.1 njoly * are met: 10 1.1 njoly * 1. Redistributions of source code must retain the above copyright 11 1.1 njoly * notice, this list of conditions and the following disclaimer. 12 1.1 njoly * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 njoly * notice, this list of conditions and the following disclaimer in the 14 1.1 njoly * documentation and/or other materials provided with the distribution. 15 1.1 njoly * 16 1.1 njoly * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 1.1 njoly * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 1.1 njoly * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 1.1 njoly * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 1.1 njoly * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 1.1 njoly * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 1.1 njoly * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 1.1 njoly * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 1.1 njoly * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 1.1 njoly * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 1.1 njoly * POSSIBILITY OF SUCH DAMAGE. 27 1.1 njoly */ 28 1.1 njoly 29 1.9 njoly #include <sys/stat.h> 30 1.6 njoly #include <sys/time.h> 31 1.6 njoly 32 1.1 njoly #include <atf-c.h> 33 1.5 njoly #include <libgen.h> 34 1.11 gson #include <limits.h> 35 1.1 njoly #include <unistd.h> 36 1.1 njoly 37 1.1 njoly #include <rump/rump_syscalls.h> 38 1.1 njoly #include <rump/rump.h> 39 1.1 njoly 40 1.1 njoly #include "../common/h_fsmacros.h" 41 1.13 christos #include "h_macros.h" 42 1.1 njoly 43 1.2 njoly #define USES_OWNER \ 44 1.4 njoly if (FSTYPE_MSDOS(tc)) \ 45 1.1 njoly atf_tc_skip("owner not supported by file system") 46 1.1 njoly 47 1.1 njoly static void 48 1.1 njoly owner(const atf_tc_t *tc, const char *mp) 49 1.1 njoly { 50 1.1 njoly 51 1.2 njoly USES_OWNER; 52 1.1 njoly 53 1.1 njoly FSTEST_ENTER(); 54 1.1 njoly 55 1.1 njoly rump_pub_lwproc_rfork(RUMP_RFCFDG); 56 1.1 njoly if (rump_sys_setuid(1) == -1) 57 1.1 njoly atf_tc_fail_errno("setuid"); 58 1.1 njoly if (rump_sys_chown(".", 1, -1) != -1 || errno != EPERM) 59 1.1 njoly atf_tc_fail_errno("chown"); 60 1.1 njoly if (rump_sys_chmod(".", 0000) != -1 || errno != EPERM) 61 1.1 njoly atf_tc_fail_errno("chmod"); 62 1.1 njoly rump_pub_lwproc_releaselwp(); 63 1.1 njoly 64 1.1 njoly if (rump_sys_chown(".", 1, -1) == -1) 65 1.1 njoly atf_tc_fail_errno("chown"); 66 1.1 njoly 67 1.1 njoly rump_pub_lwproc_rfork(RUMP_RFCFDG); 68 1.1 njoly if (rump_sys_setuid(1) == -1) 69 1.1 njoly atf_tc_fail_errno("setuid"); 70 1.1 njoly if (rump_sys_chown(".", 1, -1) == -1) 71 1.1 njoly atf_tc_fail_errno("chown"); 72 1.1 njoly if (rump_sys_chmod(".", 0000) == -1) 73 1.1 njoly atf_tc_fail_errno("chmod"); 74 1.1 njoly rump_pub_lwproc_releaselwp(); 75 1.1 njoly 76 1.1 njoly FSTEST_EXIT(); 77 1.1 njoly } 78 1.1 njoly 79 1.5 njoly static void 80 1.5 njoly dirperms(const atf_tc_t *tc, const char *mp) 81 1.5 njoly { 82 1.5 njoly char name[] = "dir.test/file.test"; 83 1.5 njoly char *dir = dirname(name); 84 1.5 njoly int fd; 85 1.5 njoly 86 1.5 njoly if (FSTYPE_SYSVBFS(tc)) 87 1.5 njoly atf_tc_skip("directories not supported by file system"); 88 1.5 njoly 89 1.5 njoly FSTEST_ENTER(); 90 1.5 njoly 91 1.5 njoly if (rump_sys_mkdir(dir, 0777) == -1) 92 1.5 njoly atf_tc_fail_errno("mkdir"); 93 1.5 njoly 94 1.5 njoly rump_pub_lwproc_rfork(RUMP_RFCFDG); 95 1.5 njoly if (rump_sys_setuid(1) == -1) 96 1.5 njoly atf_tc_fail_errno("setuid"); 97 1.5 njoly if (rump_sys_open(name, O_RDWR|O_CREAT, 0666) != -1 || errno != EACCES) 98 1.5 njoly atf_tc_fail_errno("open"); 99 1.5 njoly rump_pub_lwproc_releaselwp(); 100 1.5 njoly 101 1.5 njoly if ((fd = rump_sys_open(name, O_RDWR|O_CREAT, 0666)) == -1) 102 1.5 njoly atf_tc_fail_errno("open"); 103 1.5 njoly if (rump_sys_close(fd) == -1) 104 1.5 njoly atf_tc_fail_errno("close"); 105 1.5 njoly 106 1.5 njoly rump_pub_lwproc_rfork(RUMP_RFCFDG); 107 1.5 njoly if (rump_sys_setuid(1) == -1) 108 1.5 njoly atf_tc_fail_errno("setuid"); 109 1.5 njoly if (rump_sys_unlink(name) != -1 || errno != EACCES) 110 1.5 njoly atf_tc_fail_errno("unlink"); 111 1.5 njoly rump_pub_lwproc_releaselwp(); 112 1.5 njoly 113 1.5 njoly if (rump_sys_unlink(name) == -1) 114 1.5 njoly atf_tc_fail_errno("unlink"); 115 1.5 njoly 116 1.5 njoly if (rump_sys_rmdir(dir) == -1) 117 1.5 njoly atf_tc_fail_errno("rmdir"); 118 1.5 njoly 119 1.5 njoly FSTEST_EXIT(); 120 1.5 njoly } 121 1.1 njoly 122 1.6 njoly static void 123 1.6 njoly times(const atf_tc_t *tc, const char *mp) 124 1.6 njoly { 125 1.6 njoly const char *name = "file.test"; 126 1.8 njoly int fd; 127 1.11 gson unsigned int i, j; 128 1.7 njoly struct timeval tmv[2]; 129 1.11 gson static struct timeval tmvs[] = { 130 1.11 gson { QUAD_MIN, 0 }, 131 1.11 gson { 0, 0 }, 132 1.11 gson { QUAD_MAX, 999999 } 133 1.11 gson }; 134 1.6 njoly 135 1.6 njoly FSTEST_ENTER(); 136 1.6 njoly 137 1.6 njoly if ((fd = rump_sys_open(name, O_RDWR|O_CREAT, 0666)) == -1) 138 1.6 njoly atf_tc_fail_errno("open"); 139 1.6 njoly if (rump_sys_close(fd) == -1) 140 1.6 njoly atf_tc_fail_errno("close"); 141 1.6 njoly 142 1.6 njoly rump_pub_lwproc_rfork(RUMP_RFCFDG); 143 1.6 njoly if (rump_sys_setuid(1) == -1) 144 1.6 njoly atf_tc_fail_errno("setuid"); 145 1.6 njoly if (rump_sys_utimes(name, NULL) != -1 || errno != EACCES) 146 1.6 njoly atf_tc_fail_errno("utimes"); 147 1.6 njoly rump_pub_lwproc_releaselwp(); 148 1.6 njoly 149 1.6 njoly if (rump_sys_utimes(name, NULL) == -1) 150 1.6 njoly atf_tc_fail_errno("utimes"); 151 1.6 njoly 152 1.11 gson for (i = 0; i < sizeof(tmvs) / sizeof(tmvs[0]); i++) { 153 1.11 gson for (j = 0; j < sizeof(tmvs) / sizeof(tmvs[0]); j++) { 154 1.11 gson tmv[0] = tmvs[i]; 155 1.11 gson tmv[1] = tmvs[j]; 156 1.11 gson rump_pub_lwproc_rfork(RUMP_RFCFDG); 157 1.11 gson if (rump_sys_setuid(1) == -1) 158 1.11 gson atf_tc_fail_errno("setuid"); 159 1.11 gson if (rump_sys_utimes(name, tmv) != -1 || errno != EPERM) 160 1.11 gson atf_tc_fail_errno("utimes"); 161 1.11 gson rump_pub_lwproc_releaselwp(); 162 1.11 gson 163 1.11 gson if (rump_sys_utimes(name, tmv) == -1) 164 1.11 gson atf_tc_fail_errno("utimes"); 165 1.11 gson } 166 1.11 gson } 167 1.7 njoly 168 1.6 njoly if (rump_sys_unlink(name) == -1) 169 1.6 njoly atf_tc_fail_errno("unlink"); 170 1.6 njoly 171 1.6 njoly FSTEST_EXIT(); 172 1.6 njoly } 173 1.6 njoly 174 1.9 njoly static void 175 1.9 njoly flags(const atf_tc_t *tc, const char *mp) 176 1.9 njoly { 177 1.9 njoly const char *name = "file.test"; 178 1.9 njoly int fd, fflags; 179 1.9 njoly struct stat st; 180 1.9 njoly 181 1.9 njoly FSTEST_ENTER(); 182 1.9 njoly 183 1.9 njoly if ((fd = rump_sys_open(name, O_RDWR|O_CREAT, 0666)) == -1) 184 1.9 njoly atf_tc_fail_errno("open"); 185 1.9 njoly if (rump_sys_close(fd) == -1) 186 1.9 njoly atf_tc_fail_errno("close"); 187 1.9 njoly 188 1.9 njoly if (rump_sys_stat(name, &st) == -1) 189 1.9 njoly atf_tc_fail_errno("stat"); 190 1.9 njoly if (rump_sys_chflags(name, st.st_flags) == -1) { 191 1.9 njoly if (errno == EOPNOTSUPP) 192 1.9 njoly atf_tc_skip("file flags not supported by file system"); 193 1.9 njoly atf_tc_fail_errno("chflags"); 194 1.9 njoly } 195 1.9 njoly 196 1.16 hannken fflags = st.st_flags | UF_NODUMP; 197 1.9 njoly 198 1.9 njoly rump_pub_lwproc_rfork(RUMP_RFCFDG); 199 1.9 njoly if (rump_sys_setuid(1) == -1) 200 1.9 njoly atf_tc_fail_errno("setuid"); 201 1.16 hannken fflags |= UF_NODUMP; 202 1.9 njoly if (rump_sys_chflags(name, fflags) != -1 || errno != EPERM) 203 1.9 njoly atf_tc_fail_errno("chflags"); 204 1.9 njoly rump_pub_lwproc_releaselwp(); 205 1.9 njoly 206 1.9 njoly if (rump_sys_chflags(name, fflags) == -1) 207 1.9 njoly atf_tc_fail_errno("chflags"); 208 1.9 njoly 209 1.16 hannken fflags &= ~UF_NODUMP; 210 1.9 njoly if (rump_sys_chflags(name, fflags) == -1) 211 1.9 njoly atf_tc_fail_errno("chflags"); 212 1.9 njoly 213 1.9 njoly if (rump_sys_unlink(name) == -1) 214 1.9 njoly atf_tc_fail_errno("unlink"); 215 1.9 njoly 216 1.9 njoly FSTEST_EXIT(); 217 1.9 njoly } 218 1.9 njoly 219 1.1 njoly ATF_TC_FSAPPLY(owner, "owner unprivileged checks"); 220 1.5 njoly ATF_TC_FSAPPLY(dirperms, "directory permission checks"); 221 1.6 njoly ATF_TC_FSAPPLY(times, "time set checks"); 222 1.9 njoly ATF_TC_FSAPPLY(flags, "file flags checks"); 223 1.1 njoly 224 1.1 njoly ATF_TP_ADD_TCS(tp) 225 1.1 njoly { 226 1.1 njoly 227 1.1 njoly ATF_TP_FSAPPLY(owner); 228 1.5 njoly ATF_TP_FSAPPLY(dirperms); 229 1.6 njoly ATF_TP_FSAPPLY(times); 230 1.9 njoly ATF_TP_FSAPPLY(flags); 231 1.1 njoly 232 1.1 njoly return atf_no_error(); 233 1.1 njoly } 234
Indexes created Mon Sep 22 13:09:51 GMT 2025