Make it possible to always run all the tests in the testsuite that don't require idmapped mounts. Now all filesystems can benefit from the generic vfs tests that we currently implement. This means setgid inheritance and other tests will be run for all filesystems not matter if they support idmapped mounts or not. Cc: Seth Forshee <sforshee@xxxxxxxxxxxxxxxx> Cc: Eryu Guan <guaneryu@xxxxxxxxx> Cc: Christoph Hellwig <hch@xxxxxx> Cc: fstests@xxxxxxxxxxxxxxx Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx> --- src/idmapped-mounts/idmapped-mounts.c | 184 ++++++++++++++------------ tests/generic/633 | 1 - 2 files changed, 98 insertions(+), 87 deletions(-) diff --git a/src/idmapped-mounts/idmapped-mounts.c b/src/idmapped-mounts/idmapped-mounts.c index a78a901f..5f304108 100644 --- a/src/idmapped-mounts/idmapped-mounts.c +++ b/src/idmapped-mounts/idmapped-mounts.c @@ -125,6 +125,9 @@ int t_dir1_fd; /* temporary buffer */ char t_buf[PATH_MAX]; +/* whether the underlying filesystem supports idmapped mounts */ +bool t_fs_allow_idmap; + static void stash_overflowuid(void) { int fd; @@ -2867,10 +2870,7 @@ out: static int fscaps(void) { int fret = -1; - int file1_fd = -EBADF; - struct mount_attr attr = { - .attr_set = MOUNT_ATTR_IDMAP, - }; + int file1_fd = -EBADF, fd_userns = -EBADF; pid_t pid; file1_fd = openat(t_dir1_fd, FILE1, O_CREAT | O_EXCL | O_CLOEXEC, 0644); @@ -2884,8 +2884,8 @@ static int fscaps(void) return 0; /* Changing mount properties on a detached mount. */ - attr.userns_fd = get_userns_fd(0, 10000, 10000); - if (attr.userns_fd < 0) { + fd_userns = get_userns_fd(0, 10000, 10000); + if (fd_userns < 0) { log_stderr("failure: get_userns_fd"); goto out; } @@ -2901,7 +2901,7 @@ static int fscaps(void) goto out; } if (pid == 0) { - if (!switch_userns(attr.userns_fd, 0, 0, false)) + if (!switch_userns(fd_userns, 0, 0, false)) die("failure: switch_userns"); /* @@ -2949,7 +2949,7 @@ static int fscaps(void) goto out; } if (pid == 0) { - if (!switch_userns(attr.userns_fd, 0, 0, false)) + if (!switch_userns(fd_userns, 0, 0, false)) die("failure: switch_userns"); if (!expected_dummy_vfs_caps_uid(file1_fd, 0)) @@ -2977,8 +2977,8 @@ static int fscaps(void) fret = 0; log_debug("Ran test"); out: - safe_close(attr.userns_fd); safe_close(file1_fd); + safe_close(fd_userns); return fret; } @@ -13783,95 +13783,96 @@ static const struct option longopts[] = { struct t_idmapped_mounts { int (*test)(void); + bool require_fs_allow_idmap; const char *description; } basic_suite[] = { - { acls, "posix acls on regular mounts", }, - { create_in_userns, "create operations in user namespace", }, - { device_node_in_userns, "device node in user namespace", }, - { expected_uid_gid_idmapped_mounts, "expected ownership on idmapped mounts", }, - { fscaps, "fscaps on regular mounts", }, - { fscaps_idmapped_mounts, "fscaps on idmapped mounts", }, - { fscaps_idmapped_mounts_in_userns, "fscaps on idmapped mounts in user namespace", }, - { fscaps_idmapped_mounts_in_userns_separate_userns, "fscaps on idmapped mounts in user namespace with different id mappings", }, - { fsids_mapped, "mapped fsids", }, - { fsids_unmapped, "unmapped fsids", }, - { hardlink_crossing_mounts, "cross mount hardlink", }, - { hardlink_crossing_idmapped_mounts, "cross idmapped mount hardlink", }, - { hardlink_from_idmapped_mount, "hardlinks from idmapped mounts", }, - { hardlink_from_idmapped_mount_in_userns, "hardlinks from idmapped mounts in user namespace", }, + { acls, true, "posix acls on regular mounts", }, + { create_in_userns, true, "create operations in user namespace", }, + { device_node_in_userns, true, "device node in user namespace", }, + { expected_uid_gid_idmapped_mounts, true, "expected ownership on idmapped mounts", }, + { fscaps, false, "fscaps on regular mounts", }, + { fscaps_idmapped_mounts, true, "fscaps on idmapped mounts", }, + { fscaps_idmapped_mounts_in_userns, true, "fscaps on idmapped mounts in user namespace", }, + { fscaps_idmapped_mounts_in_userns_separate_userns, true, "fscaps on idmapped mounts in user namespace with different id mappings", }, + { fsids_mapped, true, "mapped fsids", }, + { fsids_unmapped, true, "unmapped fsids", }, + { hardlink_crossing_mounts, false, "cross mount hardlink", }, + { hardlink_crossing_idmapped_mounts, true, "cross idmapped mount hardlink", }, + { hardlink_from_idmapped_mount, true, "hardlinks from idmapped mounts", }, + { hardlink_from_idmapped_mount_in_userns, true, "hardlinks from idmapped mounts in user namespace", }, #ifdef HAVE_LIBURING_H - { io_uring, "io_uring", }, - { io_uring_userns, "io_uring in user namespace", }, - { io_uring_idmapped, "io_uring from idmapped mounts", }, - { io_uring_idmapped_userns, "io_uring from idmapped mounts in user namespace", }, - { io_uring_idmapped_unmapped, "io_uring from idmapped mounts with unmapped ids", }, - { io_uring_idmapped_unmapped_userns, "io_uring from idmapped mounts with unmapped ids in user namespace", }, + { io_uring, false, "io_uring", }, + { io_uring_userns, false, "io_uring in user namespace", }, + { io_uring_idmapped, true, "io_uring from idmapped mounts", }, + { io_uring_idmapped_userns, true, "io_uring from idmapped mounts in user namespace", }, + { io_uring_idmapped_unmapped, true, "io_uring from idmapped mounts with unmapped ids", }, + { io_uring_idmapped_unmapped_userns, true, "io_uring from idmapped mounts with unmapped ids in user namespace", }, #endif - { protected_symlinks, "following protected symlinks on regular mounts", }, - { protected_symlinks_idmapped_mounts, "following protected symlinks on idmapped mounts", }, - { protected_symlinks_idmapped_mounts_in_userns, "following protected symlinks on idmapped mounts in user namespace", }, - { rename_crossing_mounts, "cross mount rename", }, - { rename_crossing_idmapped_mounts, "cross idmapped mount rename", }, - { rename_from_idmapped_mount, "rename from idmapped mounts", }, - { rename_from_idmapped_mount_in_userns, "rename from idmapped mounts in user namespace", }, - { setattr_truncate, "setattr truncate", }, - { setattr_truncate_idmapped, "setattr truncate on idmapped mounts", }, - { setattr_truncate_idmapped_in_userns, "setattr truncate on idmapped mounts in user namespace", }, - { setgid_create, "create operations in directories with setgid bit set", }, - { setgid_create_idmapped, "create operations in directories with setgid bit set on idmapped mounts", }, - { setgid_create_idmapped_in_userns, "create operations in directories with setgid bit set on idmapped mounts in user namespace", }, - { setid_binaries, "setid binaries on regular mounts", }, - { setid_binaries_idmapped_mounts, "setid binaries on idmapped mounts", }, - { setid_binaries_idmapped_mounts_in_userns, "setid binaries on idmapped mounts in user namespace", }, - { setid_binaries_idmapped_mounts_in_userns_separate_userns, "setid binaries on idmapped mounts in user namespace with different id mappings", }, - { sticky_bit_unlink, "sticky bit unlink operations on regular mounts", }, - { sticky_bit_unlink_idmapped_mounts, "sticky bit unlink operations on idmapped mounts", }, - { sticky_bit_unlink_idmapped_mounts_in_userns, "sticky bit unlink operations on idmapped mounts in user namespace", }, - { sticky_bit_rename, "sticky bit rename operations on regular mounts", }, - { sticky_bit_rename_idmapped_mounts, "sticky bit rename operations on idmapped mounts", }, - { sticky_bit_rename_idmapped_mounts_in_userns, "sticky bit rename operations on idmapped mounts in user namespace", }, - { symlink_regular_mounts, "symlink from regular mounts", }, - { symlink_idmapped_mounts, "symlink from idmapped mounts", }, - { symlink_idmapped_mounts_in_userns, "symlink from idmapped mounts in user namespace", }, - { threaded_idmapped_mount_interactions, "threaded operations on idmapped mounts", }, + { protected_symlinks, false, "following protected symlinks on regular mounts", }, + { protected_symlinks_idmapped_mounts, true, "following protected symlinks on idmapped mounts", }, + { protected_symlinks_idmapped_mounts_in_userns, true, "following protected symlinks on idmapped mounts in user namespace", }, + { rename_crossing_mounts, false, "cross mount rename", }, + { rename_crossing_idmapped_mounts, true, "cross idmapped mount rename", }, + { rename_from_idmapped_mount, true, "rename from idmapped mounts", }, + { rename_from_idmapped_mount_in_userns, true, "rename from idmapped mounts in user namespace", }, + { setattr_truncate, false, "setattr truncate", }, + { setattr_truncate_idmapped, true, "setattr truncate on idmapped mounts", }, + { setattr_truncate_idmapped_in_userns, true, "setattr truncate on idmapped mounts in user namespace", }, + { setgid_create, false, "create operations in directories with setgid bit set", }, + { setgid_create_idmapped, true, "create operations in directories with setgid bit set on idmapped mounts", }, + { setgid_create_idmapped_in_userns, true, "create operations in directories with setgid bit set on idmapped mounts in user namespace", }, + { setid_binaries, false, "setid binaries on regular mounts", }, + { setid_binaries_idmapped_mounts, true, "setid binaries on idmapped mounts", }, + { setid_binaries_idmapped_mounts_in_userns, true, "setid binaries on idmapped mounts in user namespace", }, + { setid_binaries_idmapped_mounts_in_userns_separate_userns, true, "setid binaries on idmapped mounts in user namespace with different id mappings", }, + { sticky_bit_unlink, false, "sticky bit unlink operations on regular mounts", }, + { sticky_bit_unlink_idmapped_mounts, true, "sticky bit unlink operations on idmapped mounts", }, + { sticky_bit_unlink_idmapped_mounts_in_userns, true, "sticky bit unlink operations on idmapped mounts in user namespace", }, + { sticky_bit_rename, false, "sticky bit rename operations on regular mounts", }, + { sticky_bit_rename_idmapped_mounts, true, "sticky bit rename operations on idmapped mounts", }, + { sticky_bit_rename_idmapped_mounts_in_userns, true, "sticky bit rename operations on idmapped mounts in user namespace", }, + { symlink_regular_mounts, false, "symlink from regular mounts", }, + { symlink_idmapped_mounts, true, "symlink from idmapped mounts", }, + { symlink_idmapped_mounts_in_userns, true, "symlink from idmapped mounts in user namespace", }, + { threaded_idmapped_mount_interactions, true, "threaded operations on idmapped mounts", }, }; struct t_idmapped_mounts fscaps_in_ancestor_userns[] = { - { fscaps_idmapped_mounts_in_userns_valid_in_ancestor_userns, "fscaps on idmapped mounts in user namespace writing fscap valid in ancestor userns", }, + { fscaps_idmapped_mounts_in_userns_valid_in_ancestor_userns, true, "fscaps on idmapped mounts in user namespace writing fscap valid in ancestor userns", }, }; struct t_idmapped_mounts t_nested_userns[] = { - { nested_userns, "test that nested user namespaces behave correctly when attached to idmapped mounts", }, + { nested_userns, true, "test that nested user namespaces behave correctly when attached to idmapped mounts", }, }; struct t_idmapped_mounts t_btrfs[] = { - { btrfs_subvolumes_fsids_mapped, "test subvolumes with mapped fsids", }, - { btrfs_subvolumes_fsids_mapped_userns, "test subvolumes with mapped fsids inside user namespace", }, - { btrfs_subvolumes_fsids_mapped_user_subvol_rm_allowed, "test subvolume deletion with user_subvol_rm_allowed mount option", }, - { btrfs_subvolumes_fsids_mapped_userns_user_subvol_rm_allowed, "test subvolume deletion with user_subvol_rm_allowed mount option inside user namespace", }, - { btrfs_subvolumes_fsids_unmapped, "test subvolumes with unmapped fsids", }, - { btrfs_subvolumes_fsids_unmapped_userns, "test subvolumes with unmapped fsids inside user namespace", }, - { btrfs_snapshots_fsids_mapped, "test snapshots with mapped fsids", }, - { btrfs_snapshots_fsids_mapped_userns, "test snapshots with mapped fsids inside user namespace", }, - { btrfs_snapshots_fsids_mapped_user_subvol_rm_allowed, "test snapshots deletion with user_subvol_rm_allowed mount option", }, - { btrfs_snapshots_fsids_mapped_userns_user_subvol_rm_allowed, "test snapshots deletion with user_subvol_rm_allowed mount option inside user namespace", }, - { btrfs_snapshots_fsids_unmapped, "test snapshots with unmapped fsids", }, - { btrfs_snapshots_fsids_unmapped_userns, "test snapshots with unmapped fsids inside user namespace", }, - { btrfs_delete_by_spec_id, "test subvolume deletion by spec id", }, - { btrfs_subvolumes_setflags_fsids_mapped, "test subvolume flags with mapped fsids", }, - { btrfs_subvolumes_setflags_fsids_mapped_userns, "test subvolume flags with mapped fsids inside user namespace", }, - { btrfs_subvolumes_setflags_fsids_unmapped, "test subvolume flags with unmapped fsids", }, - { btrfs_subvolumes_setflags_fsids_unmapped_userns, "test subvolume flags with unmapped fsids inside user namespace", }, - { btrfs_snapshots_setflags_fsids_mapped, "test snapshots flags with mapped fsids", }, - { btrfs_snapshots_setflags_fsids_mapped_userns, "test snapshots flags with mapped fsids inside user namespace", }, - { btrfs_snapshots_setflags_fsids_unmapped, "test snapshots flags with unmapped fsids", }, - { btrfs_snapshots_setflags_fsids_unmapped_userns, "test snapshots flags with unmapped fsids inside user namespace", }, - { btrfs_subvolume_lookup_user, "test unprivileged subvolume lookup", }, + { btrfs_subvolumes_fsids_mapped, true, "test subvolumes with mapped fsids", }, + { btrfs_subvolumes_fsids_mapped_userns, true, "test subvolumes with mapped fsids inside user namespace", }, + { btrfs_subvolumes_fsids_mapped_user_subvol_rm_allowed, true, "test subvolume deletion with user_subvol_rm_allowed mount option", }, + { btrfs_subvolumes_fsids_mapped_userns_user_subvol_rm_allowed, true, "test subvolume deletion with user_subvol_rm_allowed mount option inside user namespace", }, + { btrfs_subvolumes_fsids_unmapped, true, "test subvolumes with unmapped fsids", }, + { btrfs_subvolumes_fsids_unmapped_userns, true, "test subvolumes with unmapped fsids inside user namespace", }, + { btrfs_snapshots_fsids_mapped, true, "test snapshots with mapped fsids", }, + { btrfs_snapshots_fsids_mapped_userns, true, "test snapshots with mapped fsids inside user namespace", }, + { btrfs_snapshots_fsids_mapped_user_subvol_rm_allowed, true, "test snapshots deletion with user_subvol_rm_allowed mount option", }, + { btrfs_snapshots_fsids_mapped_userns_user_subvol_rm_allowed, true, "test snapshots deletion with user_subvol_rm_allowed mount option inside user namespace", }, + { btrfs_snapshots_fsids_unmapped, true, "test snapshots with unmapped fsids", }, + { btrfs_snapshots_fsids_unmapped_userns, true, "test snapshots with unmapped fsids inside user namespace", }, + { btrfs_delete_by_spec_id, true, "test subvolume deletion by spec id", }, + { btrfs_subvolumes_setflags_fsids_mapped, true, "test subvolume flags with mapped fsids", }, + { btrfs_subvolumes_setflags_fsids_mapped_userns, true, "test subvolume flags with mapped fsids inside user namespace", }, + { btrfs_subvolumes_setflags_fsids_unmapped, true, "test subvolume flags with unmapped fsids", }, + { btrfs_subvolumes_setflags_fsids_unmapped_userns, true, "test subvolume flags with unmapped fsids inside user namespace", }, + { btrfs_snapshots_setflags_fsids_mapped, true, "test snapshots flags with mapped fsids", }, + { btrfs_snapshots_setflags_fsids_mapped_userns, true, "test snapshots flags with mapped fsids inside user namespace", }, + { btrfs_snapshots_setflags_fsids_unmapped, true, "test snapshots flags with unmapped fsids", }, + { btrfs_snapshots_setflags_fsids_unmapped_userns, true, "test snapshots flags with unmapped fsids inside user namespace", }, + { btrfs_subvolume_lookup_user, true, "test unprivileged subvolume lookup", }, }; /* Test for commit 968219708108 ("fs: handle circular mappings correctly"). */ struct t_idmapped_mounts t_setattr_fix_968219708108[] = { - { setattr_fix_968219708108, "test that setattr works correctly", }, + { setattr_fix_968219708108, true, "test that setattr works correctly", }, }; static bool run_test(struct t_idmapped_mounts suite[], size_t suite_size) @@ -13883,6 +13884,15 @@ static bool run_test(struct t_idmapped_mounts suite[], size_t suite_size) int ret; pid_t pid; + /* + * If the underlying filesystems does not support idmapped + * mounts only run vfs generic tests. + */ + if (t->require_fs_allow_idmap && !t_fs_allow_idmap) { + log_debug("Skipping test %s", t->description); + continue; + } + test_setup(); pid = fork(); @@ -14011,13 +14021,15 @@ int main(int argc, char *argv[]) if (t_mnt_fd < 0) die("failed to open %s", t_mountpoint_scratch); - /* - * Caller just wants to know whether the filesystem we're on supports - * idmapped mounts. - */ + t_fs_allow_idmap = fs_allow_idmap(); if (supported) { - if (!fs_allow_idmap()) + /* + * Caller just wants to know whether the filesystem we're on + * supports idmapped mounts. + */ + if (!t_fs_allow_idmap) exit(EXIT_FAILURE); + exit(EXIT_SUCCESS); } diff --git a/tests/generic/633 b/tests/generic/633 index 67501177..38280647 100755 --- a/tests/generic/633 +++ b/tests/generic/633 @@ -15,7 +15,6 @@ _begin_fstest auto quick atime attr cap idmapped io_uring mount perms rw unlink # real QA test starts here _supported_fs generic -_require_idmapped_mounts _require_test echo "Silence is golden" -- 2.32.0