[no subject]

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index] 

> 
> Also, does _cleanup need to delete $localfile?

Sure

> 
> > +chmod 0644 $localfile
> > +# Test privileged user (xfstests generally run with root)
> > +echo "Test privileged user:"
> > +$here/src/splice2pipe $localfile 1 "AAAAAAAABBBBBBBB"
> > +# Part of 0xff will be overwritten if there's CVE-2022-0847 bug
> > +hexdump -C $localfile
> 
> (I wonder offhand if fstests ought to be checking for the existence of
> hexdump(1) since at least Debian only has it in bsdmainutils package,
> but ... that's a separate question.)

Hmm... I never thought about that, due to the hexdump is in util-linux for
rhel and fedora. That means it's nearly always be there. If Debian or some other
system won't have it by default, we might say 'hexdump' is a necessary dependence
to run fstests in doc :)


> 
> > +
> > +# Create a file with 4k 0xff data, then make sure unprivileged user has readonly
> > +# permission on it
> > +$XFS_IO_PROG -f -t -c "pwrite 0 4k -S 0xff" $localfile >> $seqres.full 2>&1
> > +chmod 0644 $localfile
> > +# Copy splice2pipe to a place which can be run by an unprivileged user (avoid
> > +# something likes /root/xfstests/src/splice2pipe)
> 
> What's wrong with /root/xfstests/src/ ?
> 
> Oh, I bet something in that path isn't readable by non-root, and hence
> the shell invoked by su won't be able to find the binary.

Yes, I clone the xfstests.git into home directory of root sometimes :-D

> 
> Looks good so far, modulo my questions. :)

Thanks for your reviewing! I'll send V2 soon.

Thanks,
Zorro

> 
> Thanks for putting together a regression test!
> 
> --D
> 
> > +cp $here/src/splice2pipe $tmp.splice2pipe
> > +# Test unprivileged user's privilege escalation
> > +echo "Test unprivileged user:"
> > +su ${qa_user} -c "$tmp.splice2pipe $localfile 1 AAAAAAAABBBBBBBB"
> > +hexdump -C $localfile
> > +
> > +# success, all done
> > +status=0
> > +exit
> > diff --git a/tests/generic/676.out b/tests/generic/676.out
> > new file mode 100644
> > index 00000000..f006e659
> > --- /dev/null
> > +++ b/tests/generic/676.out
> > @@ -0,0 +1,9 @@
> > +QA output created by 676
> > +Test privileged user:
> > +00000000  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
> > +*
> > +00001000
> > +Test unprivileged user:
> > +00000000  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
> > +*
> > +00001000
> > -- 
> > 2.31.1
> > 
>
[Index of Archives]     [Linux Filesystems Development]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux