selftests/landlock: Test IOCTL with memfds (dd6d32af) · Commits · git / linux-net

tools/testing/selftests/landlock/fs_test.c

+36 −8

Original line number	Diff line number	Diff line
		@@ -3849,20 +3849,48 @@ TEST_F_FORK(ftruncate, open_and_ftruncate_in_different_processes)
		ASSERT_EQ(0, close(socket_fds[1]));
		}

		TEST(memfd_ftruncate)
		/* Invokes the FS_IOC_GETFLAGS IOCTL and returns its errno or 0. */
		static int test_fs_ioc_getflags_ioctl(int fd)
		{
		int fd;
		uint32_t flags;

		if (ioctl(fd, FS_IOC_GETFLAGS, &flags) < 0)
		return errno;
		return 0;
		}

		TEST(memfd_ftruncate_and_ioctl)
		{
		const struct landlock_ruleset_attr attr = {
		.handled_access_fs = ACCESS_ALL,
		};
		int ruleset_fd, fd, i;

		/*
		* We exercise the same test both with and without Landlock enabled, to
		* ensure that it behaves the same in both cases.
		*/
		for (i = 0; i < 2; i++) {
		/* Creates a new memfd. */
		fd = memfd_create("name", MFD_CLOEXEC);
		ASSERT_LE(0, fd);

		/*
		* Checks that ftruncate is permitted on file descriptors that are
		* Checks that operations associated with the opened file
		* (ftruncate, ioctl) are permitted on file descriptors that are
		* created in ways other than open(2).
		*/
		EXPECT_EQ(0, test_ftruncate(fd));
		EXPECT_EQ(0, test_fs_ioc_getflags_ioctl(fd));

		ASSERT_EQ(0, close(fd));

		/* Enables Landlock. */
		ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0);
		ASSERT_LE(0, ruleset_fd);
		enforce_ruleset(_metadata, ruleset_fd);
		ASSERT_EQ(0, close(ruleset_fd));
		}
		}

		static int test_fionread_ioctl(int fd)