selftests/fs/mount-notify: add a test variant running inside userns

# SPDX-License-Identifier: GPL-2.0-only

/*_test

/*_test_ns

CFLAGS += -Wall -O2 -g $(KHDR_INCLUDES) $(TOOLS_INCLUDES)

LDLIBS += -lcap

TEST_GEN_PROGS := mount-notify_test

TEST_GEN_PROGS := mount-notify_test mount-notify_test_ns

include ../../lib.mk

$(OUTPUT)/mount-notify_test: ../utils.c

$(OUTPUT)/mount-notify_test_ns: ../utils.c

// SPDX-License-Identifier: GPL-2.0-or-later

// Copyright (c) 2025 Miklos Szeredi <miklos@szeredi.hu>

#define _GNU_SOURCE

#include <fcntl.h>

#include <sched.h>

#include <stdio.h>

#include <string.h>

#include <sys/stat.h>

#include <sys/mount.h>

#include <unistd.h>

#include <sys/syscall.h>

#include "../../kselftest_harness.h"

#include "../../pidfd/pidfd.h"

#include "../statmount/statmount.h"

#include "../utils.h"

// Needed for linux/fanotify.h

#ifndef __kernel_fsid_t

typedef struct {

	int	val[2];

} __kernel_fsid_t;

#endif

#include <sys/fanotify.h>

static const char root_mntpoint_templ[] = "/tmp/mount-notify_test_root.XXXXXX";

static const int mark_types[] = {

	FAN_MARK_FILESYSTEM,

	FAN_MARK_MOUNT,

	FAN_MARK_INODE

};

static const int mark_cmds[] = {

	FAN_MARK_ADD,

	FAN_MARK_REMOVE,

	FAN_MARK_FLUSH

};

#define NUM_FAN_FDS ARRAY_SIZE(mark_cmds)

FIXTURE(fanotify) {

	int fan_fd[NUM_FAN_FDS];

	char buf[256];

	unsigned int rem;

	void *next;

	char root_mntpoint[sizeof(root_mntpoint_templ)];

	int orig_root;

	int orig_ns_fd;

	int ns_fd;

	uint64_t root_id;

};

FIXTURE_SETUP(fanotify)

{

	int i, ret;

	self->orig_ns_fd = open("/proc/self/ns/mnt", O_RDONLY);

	ASSERT_GE(self->orig_ns_fd, 0);

	ret = setup_userns();

	ASSERT_EQ(ret, 0);

	self->ns_fd = open("/proc/self/ns/mnt", O_RDONLY);

	ASSERT_GE(self->ns_fd, 0);

	strcpy(self->root_mntpoint, root_mntpoint_templ);

	ASSERT_NE(mkdtemp(self->root_mntpoint), NULL);

	self->orig_root = open("/", O_PATH | O_CLOEXEC);

	ASSERT_GE(self->orig_root, 0);

	ASSERT_EQ(mount("tmpfs", self->root_mntpoint, "tmpfs", 0, NULL), 0);

	ASSERT_EQ(chroot(self->root_mntpoint), 0);

	ASSERT_EQ(chdir("/"), 0);

	ASSERT_EQ(mkdir("a", 0700), 0);

	ASSERT_EQ(mkdir("b", 0700), 0);

	self->root_id = get_unique_mnt_id("/");

	ASSERT_NE(self->root_id, 0);

	for (i = 0; i < NUM_FAN_FDS; i++) {

		int fan_fd = fanotify_init(FAN_REPORT_FID, 0);

		// Verify that watching tmpfs mounted inside userns is allowed

		ret = fanotify_mark(fan_fd, FAN_MARK_ADD | mark_types[i],

				    FAN_OPEN, AT_FDCWD, "/");

		ASSERT_EQ(ret, 0);

		// ...but watching entire orig root filesystem is not allowed

		ret = fanotify_mark(fan_fd, FAN_MARK_ADD | FAN_MARK_FILESYSTEM,

				    FAN_OPEN, self->orig_root, ".");

		ASSERT_NE(ret, 0);

		close(fan_fd);

		self->fan_fd[i] = fanotify_init(FAN_REPORT_MNT | FAN_NONBLOCK,

						0);

		ASSERT_GE(self->fan_fd[i], 0);

		// Verify that watching mntns where group was created is allowed

		ret = fanotify_mark(self->fan_fd[i], FAN_MARK_ADD |

				    FAN_MARK_MNTNS,

				    FAN_MNT_ATTACH | FAN_MNT_DETACH,

				    self->ns_fd, NULL);

		ASSERT_EQ(ret, 0);

		// ...but watching orig mntns is not allowed

		ret = fanotify_mark(self->fan_fd[i], FAN_MARK_ADD |

				    FAN_MARK_MNTNS,

				    FAN_MNT_ATTACH | FAN_MNT_DETACH,

				    self->orig_ns_fd, NULL);

		ASSERT_NE(ret, 0);

		// On fd[0] we do an extra ADD that changes nothing.

		// On fd[1]/fd[2] we REMOVE/FLUSH which removes the mark.

		ret = fanotify_mark(self->fan_fd[i], mark_cmds[i] |

				    FAN_MARK_MNTNS,

				    FAN_MNT_ATTACH | FAN_MNT_DETACH,

				    self->ns_fd, NULL);

		ASSERT_EQ(ret, 0);

	}

	self->rem = 0;

}

FIXTURE_TEARDOWN(fanotify)

{

	int i;

	ASSERT_EQ(self->rem, 0);

	for (i = 0; i < NUM_FAN_FDS; i++)

		close(self->fan_fd[i]);

	ASSERT_EQ(fchdir(self->orig_root), 0);

	ASSERT_EQ(chroot("."), 0);

	EXPECT_EQ(umount2(self->root_mntpoint, MNT_DETACH), 0);

	EXPECT_EQ(chdir(self->root_mntpoint), 0);

	EXPECT_EQ(chdir("/"), 0);

	EXPECT_EQ(rmdir(self->root_mntpoint), 0);

}

static uint64_t expect_notify(struct __test_metadata *const _metadata,

			      FIXTURE_DATA(fanotify) *self,

			      uint64_t *mask)

{

	struct fanotify_event_metadata *meta;

	struct fanotify_event_info_mnt *mnt;

	unsigned int thislen;

	if (!self->rem) {

		ssize_t len;

		int i;

		for (i = NUM_FAN_FDS - 1; i >= 0; i--) {

			len = read(self->fan_fd[i], self->buf,

				   sizeof(self->buf));

			if (i > 0) {

				// Groups 1,2 should get EAGAIN

				ASSERT_EQ(len, -1);

				ASSERT_EQ(errno, EAGAIN);

			} else {

				// Group 0 should get events

				ASSERT_GT(len, 0);

			}

		}

		self->rem = len;

		self->next = (void *) self->buf;

	}

	meta = self->next;

	ASSERT_TRUE(FAN_EVENT_OK(meta, self->rem));

	thislen = meta->event_len;

	self->rem -= thislen;

	self->next += thislen;

	*mask = meta->mask;

	thislen -= sizeof(*meta);

	mnt = ((void *) meta) + meta->event_len - thislen;

	ASSERT_EQ(thislen, sizeof(*mnt));

	return mnt->mnt_id;

}

static void expect_notify_n(struct __test_metadata *const _metadata,

				 FIXTURE_DATA(fanotify) *self,

				 unsigned int n, uint64_t mask[], uint64_t mnts[])

{

	unsigned int i;

	for (i = 0; i < n; i++)

		mnts[i] = expect_notify(_metadata, self, &mask[i]);

}

static uint64_t expect_notify_mask(struct __test_metadata *const _metadata,

				   FIXTURE_DATA(fanotify) *self,

				   uint64_t expect_mask)

{

	uint64_t mntid, mask;

	mntid = expect_notify(_metadata, self, &mask);

	ASSERT_EQ(expect_mask, mask);

	return mntid;

}

static void expect_notify_mask_n(struct __test_metadata *const _metadata,

				 FIXTURE_DATA(fanotify) *self,

				 uint64_t mask, unsigned int n, uint64_t mnts[])

{

	unsigned int i;

	for (i = 0; i < n; i++)

		mnts[i] = expect_notify_mask(_metadata, self, mask);

}

static void verify_mount_ids(struct __test_metadata *const _metadata,

			     const uint64_t list1[], const uint64_t list2[],

			     size_t num)

{

	unsigned int i, j;

	// Check that neither list has any duplicates

	for (i = 0; i < num; i++) {

		for (j = 0; j < num; j++) {

			if (i != j) {

				ASSERT_NE(list1[i], list1[j]);

				ASSERT_NE(list2[i], list2[j]);

			}

		}

	}

	// Check that all list1 memebers can be found in list2. Together with

	// the above it means that the list1 and list2 represent the same sets.

	for (i = 0; i < num; i++) {

		for (j = 0; j < num; j++) {

			if (list1[i] == list2[j])

				break;

		}

		ASSERT_NE(j, num);

	}

}

static void check_mounted(struct __test_metadata *const _metadata,

			  const uint64_t mnts[], size_t num)

{

	ssize_t ret;

	uint64_t *list;

	list = malloc((num + 1) * sizeof(list[0]));

	ASSERT_NE(list, NULL);

	ret = listmount(LSMT_ROOT, 0, 0, list, num + 1, 0);

	ASSERT_EQ(ret, num);

	verify_mount_ids(_metadata, mnts, list, num);

	free(list);

}

static void setup_mount_tree(struct __test_metadata *const _metadata,

			    int log2_num)

{

	int ret, i;

	ret = mount("", "/", NULL, MS_SHARED, NULL);

	ASSERT_EQ(ret, 0);

	for (i = 0; i < log2_num; i++) {

		ret = mount("/", "/", NULL, MS_BIND, NULL);

		ASSERT_EQ(ret, 0);

	}

}

TEST_F(fanotify, bind)

{

	int ret;

	uint64_t mnts[2] = { self->root_id };

	ret = mount("/", "/", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	mnts[1] = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH);

	ASSERT_NE(mnts[0], mnts[1]);

	check_mounted(_metadata, mnts, 2);

	// Cleanup

	uint64_t detach_id;

	ret = umount("/");

	ASSERT_EQ(ret, 0);

	detach_id = expect_notify_mask(_metadata, self, FAN_MNT_DETACH);

	ASSERT_EQ(detach_id, mnts[1]);

	check_mounted(_metadata, mnts, 1);

}

TEST_F(fanotify, move)

{

	int ret;

	uint64_t mnts[2] = { self->root_id };

	uint64_t move_id;

	ret = mount("/", "/a", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	mnts[1] = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH);

	ASSERT_NE(mnts[0], mnts[1]);

	check_mounted(_metadata, mnts, 2);

	ret = move_mount(AT_FDCWD, "/a", AT_FDCWD, "/b", 0);

	ASSERT_EQ(ret, 0);

	move_id = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH | FAN_MNT_DETACH);

	ASSERT_EQ(move_id, mnts[1]);

	// Cleanup

	ret = umount("/b");

	ASSERT_EQ(ret, 0);

	check_mounted(_metadata, mnts, 1);

}

TEST_F(fanotify, propagate)

{

	const unsigned int log2_num = 4;

	const unsigned int num = (1 << log2_num);

	uint64_t mnts[num];

	setup_mount_tree(_metadata, log2_num);

	expect_notify_mask_n(_metadata, self, FAN_MNT_ATTACH, num - 1, mnts + 1);

	mnts[0] = self->root_id;

	check_mounted(_metadata, mnts, num);

	// Cleanup

	int ret;

	uint64_t mnts2[num];

	ret = umount2("/", MNT_DETACH);

	ASSERT_EQ(ret, 0);

	ret = mount("", "/", NULL, MS_PRIVATE, NULL);

	ASSERT_EQ(ret, 0);

	mnts2[0] = self->root_id;

	expect_notify_mask_n(_metadata, self, FAN_MNT_DETACH, num - 1, mnts2 + 1);

	verify_mount_ids(_metadata, mnts, mnts2, num);

	check_mounted(_metadata, mnts, 1);

}

TEST_F(fanotify, fsmount)

{

	int ret, fs, mnt;

	uint64_t mnts[2] = { self->root_id };

	fs = fsopen("tmpfs", 0);

	ASSERT_GE(fs, 0);

	ret = fsconfig(fs, FSCONFIG_CMD_CREATE, 0, 0, 0);

	ASSERT_EQ(ret, 0);

	mnt = fsmount(fs, 0, 0);

	ASSERT_GE(mnt, 0);

	close(fs);

	ret = move_mount(mnt, "", AT_FDCWD, "/a", MOVE_MOUNT_F_EMPTY_PATH);

	ASSERT_EQ(ret, 0);

	close(mnt);

	mnts[1] = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH);

	ASSERT_NE(mnts[0], mnts[1]);

	check_mounted(_metadata, mnts, 2);

	// Cleanup

	uint64_t detach_id;

	ret = umount("/a");

	ASSERT_EQ(ret, 0);

	detach_id = expect_notify_mask(_metadata, self, FAN_MNT_DETACH);

	ASSERT_EQ(detach_id, mnts[1]);

	check_mounted(_metadata, mnts, 1);

}

TEST_F(fanotify, reparent)

{

	uint64_t mnts[6] = { self->root_id };

	uint64_t dmnts[3];

	uint64_t masks[3];

	unsigned int i;

	int ret;

	// Create setup with a[1] -> b[2] propagation

	ret = mount("/", "/a", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	ret = mount("", "/a", NULL, MS_SHARED, NULL);

	ASSERT_EQ(ret, 0);

	ret = mount("/a", "/b", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	ret = mount("", "/b", NULL, MS_SLAVE, NULL);

	ASSERT_EQ(ret, 0);

	expect_notify_mask_n(_metadata, self, FAN_MNT_ATTACH, 2, mnts + 1);

	check_mounted(_metadata, mnts, 3);

	// Mount on a[3], which is propagated to b[4]

	ret = mount("/", "/a", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	expect_notify_mask_n(_metadata, self, FAN_MNT_ATTACH, 2, mnts + 3);

	check_mounted(_metadata, mnts, 5);

	// Mount on b[5], not propagated

	ret = mount("/", "/b", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	mnts[5] = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH);

	check_mounted(_metadata, mnts, 6);

	// Umount a[3], which is propagated to b[4], but not b[5]

	// This will result in b[5] "falling" on b[2]

	ret = umount("/a");

	ASSERT_EQ(ret, 0);

	expect_notify_n(_metadata, self, 3, masks, dmnts);

	verify_mount_ids(_metadata, mnts + 3, dmnts, 3);

	for (i = 0; i < 3; i++) {

		if (dmnts[i] == mnts[5]) {

			ASSERT_EQ(masks[i], FAN_MNT_ATTACH | FAN_MNT_DETACH);

		} else {

			ASSERT_EQ(masks[i], FAN_MNT_DETACH);

		}

	}

	mnts[3] = mnts[5];

	check_mounted(_metadata, mnts, 4);

	// Cleanup

	ret = umount("/b");

	ASSERT_EQ(ret, 0);

	ret = umount("/a");

	ASSERT_EQ(ret, 0);

	ret = umount("/b");

	ASSERT_EQ(ret, 0);

	expect_notify_mask_n(_metadata, self, FAN_MNT_DETACH, 3, dmnts);

	verify_mount_ids(_metadata, mnts + 1, dmnts, 3);

	check_mounted(_metadata, mnts, 1);

}

TEST_F(fanotify, rmdir)

{

	uint64_t mnts[3] = { self->root_id };

	int ret;

	ret = mount("/", "/a", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	ret = mount("/", "/a/b", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	expect_notify_mask_n(_metadata, self, FAN_MNT_ATTACH, 2, mnts + 1);

	check_mounted(_metadata, mnts, 3);

	ret = chdir("/a");

	ASSERT_EQ(ret, 0);

	ret = fork();

	ASSERT_GE(ret, 0);

	if (ret == 0) {

		chdir("/");

		unshare(CLONE_NEWNS);

		mount("", "/", NULL, MS_REC|MS_PRIVATE, NULL);

		umount2("/a", MNT_DETACH);

		// This triggers a detach in the other namespace

		rmdir("/a");

		exit(0);

	}

	wait(NULL);

	expect_notify_mask_n(_metadata, self, FAN_MNT_DETACH, 2, mnts + 1);

	check_mounted(_metadata, mnts, 1);

	// Cleanup

	ret = chdir("/");

	ASSERT_EQ(ret, 0);

}

TEST_F(fanotify, pivot_root)

{

	uint64_t mnts[3] = { self->root_id };

	uint64_t mnts2[3];

	int ret;

	ret = mount("tmpfs", "/a", "tmpfs", 0, NULL);

	ASSERT_EQ(ret, 0);

	mnts[2] = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH);

	ret = mkdir("/a/new", 0700);

	ASSERT_EQ(ret, 0);

	ret = mkdir("/a/old", 0700);

	ASSERT_EQ(ret, 0);

	ret = mount("/a", "/a/new", NULL, MS_BIND, NULL);

	ASSERT_EQ(ret, 0);

	mnts[1] = expect_notify_mask(_metadata, self, FAN_MNT_ATTACH);

	check_mounted(_metadata, mnts, 3);

	ret = syscall(SYS_pivot_root, "/a/new", "/a/new/old");

	ASSERT_EQ(ret, 0);

	expect_notify_mask_n(_metadata, self, FAN_MNT_ATTACH | FAN_MNT_DETACH, 2, mnts2);

	verify_mount_ids(_metadata, mnts, mnts2, 2);

	check_mounted(_metadata, mnts, 3);

	// Cleanup

	ret = syscall(SYS_pivot_root, "/old", "/old/a/new");

	ASSERT_EQ(ret, 0);

	ret = umount("/a/new");

	ASSERT_EQ(ret, 0);

	ret = umount("/a");

	ASSERT_EQ(ret, 0);

	check_mounted(_metadata, mnts, 1);

}

TEST_HARNESS_MAIN