On Tue, Apr 12, 2022 at 10:52:56AM -0700, Darrick J. Wong wrote:
> On Wed, Apr 13, 2022 at 01:17:23AM +0800, Zorro Lang wrote:
> > On Mon, Apr 11, 2022 at 03:54:48PM -0700, Darrick J. Wong wrote:
> > > From: Darrick J. Wong <djwong@xxxxxxxxxx>
> > >
> > > Add a regression test to make sure that unprivileged userspace linking
> > > into a directory fails with EDQUOT when the directory quota limits have
> > > been exceeded.
> > >
> > > Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx>
> > > ---
> > > tests/generic/832 | 67 +++++++++++++++++++++++++++++++++++++++++++++++++
> > > tests/generic/832.out | 3 ++
> > > 2 files changed, 70 insertions(+)
> > > create mode 100755 tests/generic/832
> > > create mode 100644 tests/generic/832.out
> > >
> > >
> > > diff --git a/tests/generic/832 b/tests/generic/832
> > > new file mode 100755
> > > index 00000000..1190b795
> > > --- /dev/null
> > > +++ b/tests/generic/832
> > > @@ -0,0 +1,67 @@
> > > +#! /bin/bash
> > > +# SPDX-License-Identifier: GPL-2.0
> > > +# Copyright (c) 2022 Oracle. All Rights Reserved.
> > > +#
> > > +# FS QA Test No. 832
> > > +#
> > > +# Ensure that unprivileged userspace hits EDQUOT while linking files into a
> > > +# directory when the directory's quota limits have been exceeded.
> > > +#
> > > +# Regression test for commit:
> > > +#
> > > +# 871b9316e7a7 ("xfs: reserve quota for dir expansion when linking/unlinking files")
> > > +#
> > > +. ./common/preamble
> > > +_begin_fstest auto quick quota
> > > +
> > > +# Import common functions.
> > > +. ./common/filter
> > > +. ./common/quota
> > > +
> > > +# real QA test starts here
> > > +
> > > +# Modify as appropriate.
> > > +_supported_fs generic
> > > +_require_quota
> > > +_require_user
> > > +_require_scratch
> > > +
> > > +_scratch_mkfs > "$seqres.full" 2>&1
> > > +_qmount_option usrquota
> > > +_qmount
> > > +
> > > +blocksize=$(_get_block_size $SCRATCH_MNT)
> > > +scratchdir=$SCRATCH_MNT/dir
> > > +scratchfile=$SCRATCH_MNT/file
> > > +mkdir $scratchdir
> > > +touch $scratchfile
> > > +
> > > +# Create a 2-block directory for our 1-block quota limit
> > > +total_size=$((blocksize * 2))
> > > +dirents=$((total_size / 255))
> > > +
> > > +for ((i = 0; i < dirents; i++)); do
> > > + name=$(printf "x%0254d" $i)
> > > + ln $scratchfile $scratchdir/$name
> > > +done
> > > +
> > > +# Set a low quota hardlimit for an unprivileged uid and chown the files to it
> > > +echo "set up quota" >> $seqres.full
> > > +setquota -u $qa_user 0 "$((blocksize / 1024))" 0 0 $SCRATCH_MNT
> > > +chown $qa_user $scratchdir $scratchfile
> > > +repquota -upn $SCRATCH_MNT >> $seqres.full
> > > +
> > > +# Fail at appending the directory as qa_user to ensure quota enforcement works
> > > +echo "fail quota" >> $seqres.full
> > > +for ((i = 0; i < dirents; i++)); do
> > > + name=$(printf "y%0254d" $i)
> > > + su - "$qa_user" -c "ln $scratchfile $scratchdir/$name" 2>&1 | \
> >
> > All looks good to me. Only one question about this "su -". Is the "-" necessary?
> > I checked all cases in fstests, no one use "--login" when try to su to $qa_user.
> > I'm not sure if "login $qa_user" will affect the testing, I just know it affect
> > environment variables.
>
> It's not strictly necessary since it's unlikely that qa_user="-luser",
> but it seems like a Good Idea to prevent su cli option injection
> attacks.
Thanks for your understanding :) Eryu of me (after I get push permission) will help
to remove the little "-" when merge it.
Reviewed-by: Zorro Lang <zlang@xxxxxxxxxx>
Thanks,
Zorro
>
> --D
>
> > Thanks,
> > Zorro
> >
> > > + _filter_scratch | sed -e 's/y[0-9]*/yXXX/g'
> > > + test "${PIPESTATUS[0]}" -ne 0 && break
> > > +done
> > > +repquota -upn $SCRATCH_MNT >> $seqres.full
> > > +
> > > +# success, all done
> > > +echo Silence is golden
> > > +status=0
> > > +exit
> > > diff --git a/tests/generic/832.out b/tests/generic/832.out
> > > new file mode 100644
> > > index 00000000..593afe8b
> > > --- /dev/null
> > > +++ b/tests/generic/832.out
> > > @@ -0,0 +1,3 @@
> > > +QA output created by 832
> > > +ln: failed to create hard link 'SCRATCH_MNT/dir/yXXX': Disk quota exceeded
> > > +Silence is golden
> > >
> >
>
