selftests/filesystems: create setup_userns() helper (8199e6f7) · Commits · git / linux-net

tools/testing/selftests/filesystems/statmount/statmount_test_ns.c

+1 −57

Original line number	Diff line number	Diff line
		@@ -79,66 +79,10 @@ static int get_mnt_ns_id(const char mnt_ns, uint64_t mnt_ns_id)
		return NSID_PASS;
		}

		static int write_file(const char path, const char val)
		{
		int fd = open(path, O_WRONLY);
		size_t len = strlen(val);
		int ret;

		if (fd == -1) {
		ksft_print_msg("opening %s for write: %s\n", path, strerror(errno));
		return NSID_ERROR;
		}

		ret = write(fd, val, len);
		if (ret == -1) {
		ksft_print_msg("writing to %s: %s\n", path, strerror(errno));
		return NSID_ERROR;
		}
		if (ret != len) {
		ksft_print_msg("short write to %s\n", path);
		return NSID_ERROR;
		}

		ret = close(fd);
		if (ret == -1) {
		ksft_print_msg("closing %s\n", path);
		return NSID_ERROR;
		}

		return NSID_PASS;
		}

		static int setup_namespace(void)
		{
		int ret;
		char buf[32];
		uid_t uid = getuid();
		gid_t gid = getgid();

		ret = unshare(CLONE_NEWNS\|CLONE_NEWUSER\|CLONE_NEWPID);
		if (ret == -1)
		ksft_exit_fail_msg("unsharing mountns and userns: %s\n",
		strerror(errno));

		sprintf(buf, "0 %d 1", uid);
		ret = write_file("/proc/self/uid_map", buf);
		if (ret != NSID_PASS)
		return ret;
		ret = write_file("/proc/self/setgroups", "deny");
		if (ret != NSID_PASS)
		return ret;
		sprintf(buf, "0 %d 1", gid);
		ret = write_file("/proc/self/gid_map", buf);
		if (ret != NSID_PASS)
		return ret;

		ret = mount("", "/", NULL, MS_REC\|MS_PRIVATE, NULL);
		if (ret == -1) {
		ksft_print_msg("making mount tree private: %s\n",
		strerror(errno));
		if (setup_userns() != 0)
		return NSID_ERROR;
		}

		return NSID_PASS;
		}

+66 −0

Original line number	Diff line number	Diff line
		@@ -18,6 +18,7 @@
		#include <sys/types.h>
		#include <sys/wait.h>
		#include <sys/xattr.h>
		#include <sys/mount.h>

		#include "../kselftest.h"
		#include "wrappers.h"
		@@ -449,6 +450,71 @@ static int create_userns_hierarchy(struct userns_hierarchy *h)
		return fret;
		}

		static int write_file(const char path, const char val)
		{
		int fd = open(path, O_WRONLY);
		size_t len = strlen(val);
		int ret;

		if (fd == -1) {
		ksft_print_msg("opening %s for write: %s\n", path, strerror(errno));
		return -1;
		}

		ret = write(fd, val, len);
		if (ret == -1) {
		ksft_print_msg("writing to %s: %s\n", path, strerror(errno));
		return -1;
		}
		if (ret != len) {
		ksft_print_msg("short write to %s\n", path);
		return -1;
		}

		ret = close(fd);
		if (ret == -1) {
		ksft_print_msg("closing %s\n", path);
		return -1;
		}

		return 0;
		}

		int setup_userns(void)
		{
		int ret;
		char buf[32];
		uid_t uid = getuid();
		gid_t gid = getgid();

		ret = unshare(CLONE_NEWNS\|CLONE_NEWUSER\|CLONE_NEWPID);
		if (ret) {
		ksft_exit_fail_msg("unsharing mountns and userns: %s\n",
		strerror(errno));
		return ret;
		}

		sprintf(buf, "0 %d 1", uid);
		ret = write_file("/proc/self/uid_map", buf);
		if (ret)
		return ret;
		ret = write_file("/proc/self/setgroups", "deny");
		if (ret)
		return ret;
		sprintf(buf, "0 %d 1", gid);
		ret = write_file("/proc/self/gid_map", buf);
		if (ret)
		return ret;

		ret = mount("", "/", NULL, MS_REC\|MS_PRIVATE, NULL);
		if (ret) {
		ksft_print_msg("making mount tree private: %s\n", strerror(errno));
		return ret;
		}

		return 0;
		}

		/* caps_down - lower all effective caps */
		int caps_down(void)
		{

+1 −0

Original line number	Diff line number	Diff line
		@@ -27,6 +27,7 @@ extern int caps_down(void);
		extern int cap_down(cap_value_t down);

		extern bool switch_ids(uid_t uid, gid_t gid);
		extern int setup_userns(void);

		static inline bool switch_userns(int fd, uid_t uid, gid_t gid, bool drop_caps)
		{