mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
Add tests to openat to test what names apparmor sees when a rename
occurs between the open(dir) and openat(file) calls.
This commit is contained in:
Steve Beattie
parent
94d4ac649e
commit
a39a3b0410
3 changed files with 109 additions and 28 deletions
|
|
@ -65,12 +65,12 @@ int main(int argc, char *argv[])
|
|||
{
|
||||
int rc;
|
||||
int waitstatus;
|
||||
int c, o;
|
||||
int c;
|
||||
char buf[BUFSIZ];
|
||||
void *child_stack = malloc(PAGE_SIZE << 4);
|
||||
int clone_flags = 0;
|
||||
|
||||
while ((c = getopt_long (argc, argv, "+hn", long_options, &o)) != -1) {
|
||||
while ((c = getopt_long (argc, argv, "+hn", long_options, NULL)) != -1) {
|
||||
switch (c) {
|
||||
case 'n':
|
||||
clone_flags |= CLONE_NEWNS;
|
||||
|
|
|
|||
|
|
@ -12,33 +12,80 @@
|
|||
#define _GNU_SOURCE
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
#include <getopt.h>
|
||||
|
||||
struct option long_options[] = {
|
||||
{"delete", 0, 0, 'd'}, /* delete the directory after opening */
|
||||
{"rename", 1, 0, 'r'}, /* rename the directory to -- */
|
||||
{"help", 0, 0, 'h'},
|
||||
};
|
||||
|
||||
static void usage (char * program)
|
||||
{
|
||||
fprintf(stderr, "usage: %s [--delete] dir file\n", program);
|
||||
fprintf(stderr, "%s\n", "$Id$");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
int fd = -1, dirfd = -1;
|
||||
int c;
|
||||
int do_delete = 0;
|
||||
int do_rename = 0;
|
||||
char *dir, *file, *newdir = NULL;
|
||||
|
||||
if (argc != 3){
|
||||
fprintf(stderr, "usage: %s dir file\n", argv[0]);
|
||||
return 1;
|
||||
while ((c = getopt_long (argc, argv, "+hdr:", long_options, NULL)) != -1) {
|
||||
switch (c) {
|
||||
case 'd':
|
||||
do_delete = 1;
|
||||
break;
|
||||
case 'r':
|
||||
do_rename = 1;
|
||||
newdir = optarg;
|
||||
break;
|
||||
case 'h':
|
||||
/* fall through */
|
||||
default:
|
||||
usage(argv[0]);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
dirfd = open(argv[1], O_RDONLY | O_DIRECTORY);
|
||||
if (argc - optind != 2)
|
||||
usage(argv[0]);
|
||||
|
||||
dir = argv[optind];
|
||||
file = argv[optind + 1];
|
||||
|
||||
dirfd = open(dir, O_RDONLY | O_DIRECTORY);
|
||||
if (dirfd == -1) {
|
||||
fprintf(stderr, "FAIL: open %s failed - %s\n",
|
||||
argv[1], strerror(errno));
|
||||
dir, strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
|
||||
fd = openat(dirfd, argv[2], O_RDWR | O_CREAT, S_IWUSR | S_IRUSR);
|
||||
if (do_delete && rmdir(dir) == -1) {
|
||||
fprintf(stderr, "FAIL: rmdir %s failed - %s\n",
|
||||
dir, strerror(errno));
|
||||
return 1;
|
||||
} else if (do_rename && rename(dir, newdir) == -1) {
|
||||
fprintf(stderr, "FAIL: rename %s, %s failed - %s\n",
|
||||
dir, newdir, strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
|
||||
fd = openat(dirfd, file, O_RDWR | O_CREAT, S_IWUSR | S_IRUSR);
|
||||
if (fd == -1) {
|
||||
fprintf(stderr, "FAIL: openat %s failed - %s\n",
|
||||
argv[2], strerror(errno));
|
||||
file, strerror(errno));
|
||||
close(dirfd);
|
||||
return 1;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,8 +11,6 @@
|
|||
#=NAME open
|
||||
#=DESCRIPTION
|
||||
# Verify that the openat syscall is correctly managed for confined profiles.
|
||||
# FIXME: need to add tests that delete the directory after it is opened
|
||||
# but before the openat() call occurs.
|
||||
#=END
|
||||
|
||||
pwd=`dirname $0`
|
||||
|
|
@ -22,43 +20,79 @@ bin=$pwd
|
|||
|
||||
. $bin/prologue.inc
|
||||
|
||||
dir=${tmpdir}
|
||||
subdir=deleteme
|
||||
otherdir=otherdir
|
||||
file=${subdir}/file
|
||||
filepath=${tmpdir}/${file}
|
||||
filepath=${dir}/${file}
|
||||
okperm=rw
|
||||
badperm1=r
|
||||
badperm2=w
|
||||
|
||||
mkdir ${tmpdir}/${subdir}
|
||||
resettest () {
|
||||
rm -rf ${dir}/${subdir} ${dir}/${otherdir}
|
||||
mkdir ${dir}/${subdir}
|
||||
}
|
||||
|
||||
# PASS UNCONFINED
|
||||
runchecktest "OPENAT unconfined RW (create) " pass $tmpdir $file
|
||||
resettest
|
||||
runchecktest "OPENAT unconfined RW (create) " pass $dir $file
|
||||
|
||||
# PASS TEST (the file shouldn't exist, so open should create it
|
||||
rm -f ${filepath}
|
||||
genprofile ${tmpdir}:r ${filepath}:$okperm
|
||||
runchecktest "OPENAT RW (create) " pass $tmpdir $file
|
||||
resettest
|
||||
genprofile ${dir}:r ${filepath}:$okperm
|
||||
runchecktest "OPENAT RW (create) " pass $dir $file
|
||||
|
||||
# PASS TEST
|
||||
genprofile ${tmpdir}:r ${filepath}:$okperm
|
||||
runchecktest "OPENAT RW" pass $tmpdir $file
|
||||
resettest
|
||||
touch ${filepath}
|
||||
genprofile ${dir}:r ${filepath}:$okperm
|
||||
runchecktest "OPENAT RW (exists)" pass $dir $file
|
||||
|
||||
# FAILURE TEST (1)
|
||||
genprofile ${tmpdir}:r ${filepath}:$badperm1
|
||||
runchecktest "OPENAT R" fail $tmpdir $file
|
||||
resettest
|
||||
touch ${filepath}
|
||||
genprofile ${dir}:r ${filepath}:$badperm1
|
||||
runchecktest "OPENAT R" fail $dir $file
|
||||
|
||||
# FAILURE TEST (2)
|
||||
genprofile ${tmpdir}:r ${filepath}:$badperm2
|
||||
runchecktest "OPENAT W" fail $tmpdir $file
|
||||
resettest
|
||||
touch ${filepath}
|
||||
genprofile ${dir}:r ${filepath}:$badperm2
|
||||
runchecktest "OPENAT W (exists)" fail $dir $file
|
||||
|
||||
# FAILURE TEST (3)
|
||||
genprofile ${tmpdir}:r ${filepath}:$badperm1 cap:dac_override
|
||||
runchecktest "OPENAT R+dac_override" fail $tmpdir $file
|
||||
resettest
|
||||
genprofile ${dir}:r ${filepath}:$badperm1 cap:dac_override
|
||||
runchecktest "OPENAT R+dac_override" fail $dir $file
|
||||
|
||||
# FAILURE TEST (4)
|
||||
# This is testing for bug: https://bugs.wirex.com/show_bug.cgi?id=2885
|
||||
# When we open O_CREAT|O_RDWR, we are (were?) allowing only write access
|
||||
# to be required.
|
||||
rm -f ${filepath}
|
||||
genprofile ${tmpdir}:r ${filepath}:$badperm2
|
||||
runchecktest "OPENAT W (create)" fail $tmpdir $file
|
||||
resettest
|
||||
genprofile ${dir}:r ${filepath}:$badperm2
|
||||
runchecktest "OPENAT W (create)" fail $dir $file
|
||||
|
||||
# PASS rename of directory in between opendir/openat
|
||||
resettest
|
||||
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/otherdir/file:rw
|
||||
runchecktest "OPENAT RW (rename/newpath)" pass --rename ${dir}/otherdir ${dir}/${subdir} file
|
||||
|
||||
# PASS rename of directory in between opendir/openat - file exists
|
||||
resettest
|
||||
touch ${filepath}
|
||||
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/otherdir/file:rw
|
||||
runchecktest "OPENAT RW (rename/newpath)" pass --rename ${dir}/otherdir ${dir}/${subdir} file
|
||||
|
||||
# FAIL rename of directory in between opendir/openat - use old name
|
||||
resettest
|
||||
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/${subdir}/file:rw
|
||||
runchecktest "OPENAT RW (rename/newpath)" fail --rename ${dir}/otherdir ${dir}/${subdir} file
|
||||
exit
|
||||
|
||||
# FAIL rename of directory in between opendir/openat - use old name, file exists
|
||||
resettest
|
||||
touch ${filepath}
|
||||
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/${subdir}/file:rw
|
||||
runchecktest "OPENAT RW (rename/newpath)" fail --rename ${dir}/otherdir ${dir}/${subdir} file
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue