1f08c3bdfSopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 2f08c3bdfSopenharmony_ci/* 3f08c3bdfSopenharmony_ci * Copyright (c) Huawei Technologies Co., Ltd., 2015 4f08c3bdfSopenharmony_ci * Copyright (C) 2022 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com> 5f08c3bdfSopenharmony_ci */ 6f08c3bdfSopenharmony_ci 7f08c3bdfSopenharmony_ci/*\ 8f08c3bdfSopenharmony_ci * [Description] 9f08c3bdfSopenharmony_ci * 10f08c3bdfSopenharmony_ci * Verify that the user ID and group ID, which are inside a container, 11f08c3bdfSopenharmony_ci * can be modified by its parent process. 12f08c3bdfSopenharmony_ci */ 13f08c3bdfSopenharmony_ci 14f08c3bdfSopenharmony_ci#define _GNU_SOURCE 15f08c3bdfSopenharmony_ci 16f08c3bdfSopenharmony_ci#include <stdio.h> 17f08c3bdfSopenharmony_ci#include "tst_test.h" 18f08c3bdfSopenharmony_ci#include "lapi/sched.h" 19f08c3bdfSopenharmony_ci 20f08c3bdfSopenharmony_cistatic void child_fn1(void) 21f08c3bdfSopenharmony_ci{ 22f08c3bdfSopenharmony_ci int uid, gid; 23f08c3bdfSopenharmony_ci 24f08c3bdfSopenharmony_ci TST_CHECKPOINT_WAIT(0); 25f08c3bdfSopenharmony_ci 26f08c3bdfSopenharmony_ci uid = geteuid(); 27f08c3bdfSopenharmony_ci gid = getegid(); 28f08c3bdfSopenharmony_ci 29f08c3bdfSopenharmony_ci TST_EXP_EQ_LI(uid, 100); 30f08c3bdfSopenharmony_ci TST_EXP_EQ_LI(gid, 100); 31f08c3bdfSopenharmony_ci} 32f08c3bdfSopenharmony_ci 33f08c3bdfSopenharmony_cistatic void run(void) 34f08c3bdfSopenharmony_ci{ 35f08c3bdfSopenharmony_ci const struct tst_clone_args args = { 36f08c3bdfSopenharmony_ci .flags = CLONE_NEWUSER, 37f08c3bdfSopenharmony_ci .exit_signal = SIGCHLD, 38f08c3bdfSopenharmony_ci }; 39f08c3bdfSopenharmony_ci int childpid; 40f08c3bdfSopenharmony_ci int parentuid; 41f08c3bdfSopenharmony_ci int parentgid; 42f08c3bdfSopenharmony_ci char path[BUFSIZ]; 43f08c3bdfSopenharmony_ci 44f08c3bdfSopenharmony_ci childpid = SAFE_CLONE(&args); 45f08c3bdfSopenharmony_ci if (!childpid) { 46f08c3bdfSopenharmony_ci child_fn1(); 47f08c3bdfSopenharmony_ci return; 48f08c3bdfSopenharmony_ci } 49f08c3bdfSopenharmony_ci 50f08c3bdfSopenharmony_ci parentuid = geteuid(); 51f08c3bdfSopenharmony_ci parentgid = getegid(); 52f08c3bdfSopenharmony_ci 53f08c3bdfSopenharmony_ci sprintf(path, "/proc/%d/uid_map", childpid); 54f08c3bdfSopenharmony_ci SAFE_FILE_PRINTF(path, "100 %d 1", parentuid); 55f08c3bdfSopenharmony_ci 56f08c3bdfSopenharmony_ci if (access("/proc/self/setgroups", F_OK) == 0) { 57f08c3bdfSopenharmony_ci sprintf(path, "/proc/%d/setgroups", childpid); 58f08c3bdfSopenharmony_ci SAFE_FILE_PRINTF(path, "deny"); 59f08c3bdfSopenharmony_ci } 60f08c3bdfSopenharmony_ci 61f08c3bdfSopenharmony_ci sprintf(path, "/proc/%d/gid_map", childpid); 62f08c3bdfSopenharmony_ci SAFE_FILE_PRINTF(path, "100 %d 1", parentgid); 63f08c3bdfSopenharmony_ci 64f08c3bdfSopenharmony_ci TST_CHECKPOINT_WAKE(0); 65f08c3bdfSopenharmony_ci} 66f08c3bdfSopenharmony_ci 67f08c3bdfSopenharmony_cistatic struct tst_test test = { 68f08c3bdfSopenharmony_ci .test_all = run, 69f08c3bdfSopenharmony_ci .needs_root = 1, 70f08c3bdfSopenharmony_ci .forks_child = 1, 71f08c3bdfSopenharmony_ci .needs_checkpoints = 1, 72f08c3bdfSopenharmony_ci .needs_kconfigs = (const char *[]) { 73f08c3bdfSopenharmony_ci "CONFIG_USER_NS", 74f08c3bdfSopenharmony_ci NULL, 75f08c3bdfSopenharmony_ci }, 76f08c3bdfSopenharmony_ci}; 77