1f08c3bdfSopenharmony_ci/*****************************************************************************
2f08c3bdfSopenharmony_ci * Copyright (c) Kerlabs 2008.                                               *
3f08c3bdfSopenharmony_ci * Copyright (c) International Business Machines  Corp., 2008                *
4f08c3bdfSopenharmony_ci * Created by Renaud Lottiaux                                                *
5f08c3bdfSopenharmony_ci *                                                                           *
6f08c3bdfSopenharmony_ci * This program is free software;  you can redistribute it and/or modify     *
7f08c3bdfSopenharmony_ci * it under the terms of the GNU General Public License as published by      *
8f08c3bdfSopenharmony_ci * the Free Software Foundation; either version 2 of the License, or         *
9f08c3bdfSopenharmony_ci * (at your option) any later version.                                       *
10f08c3bdfSopenharmony_ci *                                                                           *
11f08c3bdfSopenharmony_ci * This program is distributed in the hope that it will be useful,           *
12f08c3bdfSopenharmony_ci * but WITHOUT ANY WARRANTY;  without even the implied warranty of           *
13f08c3bdfSopenharmony_ci * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See                 *
14f08c3bdfSopenharmony_ci * the GNU General Public License for more details.                          *
15f08c3bdfSopenharmony_ci *                                                                           *
16f08c3bdfSopenharmony_ci * You should have received a copy of the GNU General Public License         *
17f08c3bdfSopenharmony_ci * along with this program;  if not, write to the Free Software Foundation,  *
18f08c3bdfSopenharmony_ci * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA          *
19f08c3bdfSopenharmony_ci *****************************************************************************/
20f08c3bdfSopenharmony_ci
21f08c3bdfSopenharmony_ci/*
22f08c3bdfSopenharmony_ci * Check if setfsuid behaves correctly with file permissions.
23f08c3bdfSopenharmony_ci * The test creates a file as ROOT with permissions 0644, does a setfsuid
24f08c3bdfSopenharmony_ci * and then tries to open the file with RDWR permissions.
25f08c3bdfSopenharmony_ci * The same test is done in a fork to check if new UIDs are correctly
26f08c3bdfSopenharmony_ci * passed to the son.
27f08c3bdfSopenharmony_ci */
28f08c3bdfSopenharmony_ci
29f08c3bdfSopenharmony_ci#include <sys/types.h>
30f08c3bdfSopenharmony_ci#include <sys/stat.h>
31f08c3bdfSopenharmony_ci#include <sys/wait.h>
32f08c3bdfSopenharmony_ci#include <errno.h>
33f08c3bdfSopenharmony_ci#include <fcntl.h>
34f08c3bdfSopenharmony_ci#include <pwd.h>
35f08c3bdfSopenharmony_ci#include <stdio.h>
36f08c3bdfSopenharmony_ci#include <stdlib.h>
37f08c3bdfSopenharmony_ci#include <string.h>
38f08c3bdfSopenharmony_ci#include <unistd.h>
39f08c3bdfSopenharmony_ci
40f08c3bdfSopenharmony_ci#include "test.h"
41f08c3bdfSopenharmony_ci#include "safe_macros.h"
42f08c3bdfSopenharmony_ci#include "compat_16.h"
43f08c3bdfSopenharmony_ci
44f08c3bdfSopenharmony_ciTCID_DEFINE(setfsuid04);
45f08c3bdfSopenharmony_ciint TST_TOTAL = 1;
46f08c3bdfSopenharmony_ci
47f08c3bdfSopenharmony_cistatic char nobody_uid[] = "nobody";
48f08c3bdfSopenharmony_cistatic char testfile[] = "setfsuid04_testfile";
49f08c3bdfSopenharmony_cistatic struct passwd *ltpuser;
50f08c3bdfSopenharmony_ci
51f08c3bdfSopenharmony_cistatic int fd = -1;
52f08c3bdfSopenharmony_ci
53f08c3bdfSopenharmony_cistatic void setup(void);
54f08c3bdfSopenharmony_cistatic void cleanup(void);
55f08c3bdfSopenharmony_cistatic void do_master_child(void);
56f08c3bdfSopenharmony_ci
57f08c3bdfSopenharmony_ciint main(int ac, char **av)
58f08c3bdfSopenharmony_ci{
59f08c3bdfSopenharmony_ci	pid_t pid;
60f08c3bdfSopenharmony_ci
61f08c3bdfSopenharmony_ci	tst_parse_opts(ac, av, NULL, NULL);
62f08c3bdfSopenharmony_ci
63f08c3bdfSopenharmony_ci	setup();
64f08c3bdfSopenharmony_ci
65f08c3bdfSopenharmony_ci	pid = FORK_OR_VFORK();
66f08c3bdfSopenharmony_ci	if (pid < 0)
67f08c3bdfSopenharmony_ci		tst_brkm(TBROK, cleanup, "Fork failed");
68f08c3bdfSopenharmony_ci
69f08c3bdfSopenharmony_ci	if (pid == 0)
70f08c3bdfSopenharmony_ci		do_master_child();
71f08c3bdfSopenharmony_ci
72f08c3bdfSopenharmony_ci	tst_record_childstatus(cleanup, pid);
73f08c3bdfSopenharmony_ci
74f08c3bdfSopenharmony_ci	cleanup();
75f08c3bdfSopenharmony_ci	tst_exit();
76f08c3bdfSopenharmony_ci}
77f08c3bdfSopenharmony_ci
78f08c3bdfSopenharmony_cistatic void do_master_child(void)
79f08c3bdfSopenharmony_ci{
80f08c3bdfSopenharmony_ci	int pid;
81f08c3bdfSopenharmony_ci	int status;
82f08c3bdfSopenharmony_ci
83f08c3bdfSopenharmony_ci	if (SETFSUID(NULL, ltpuser->pw_uid) == -1) {
84f08c3bdfSopenharmony_ci		perror("setfsuid failed");
85f08c3bdfSopenharmony_ci		exit(TFAIL);
86f08c3bdfSopenharmony_ci	}
87f08c3bdfSopenharmony_ci
88f08c3bdfSopenharmony_ci	/* Test 1: Check the process with new uid cannot open the file
89f08c3bdfSopenharmony_ci	 *         with RDWR permissions.
90f08c3bdfSopenharmony_ci	 */
91f08c3bdfSopenharmony_ci	TEST(open(testfile, O_RDWR));
92f08c3bdfSopenharmony_ci
93f08c3bdfSopenharmony_ci	if (TEST_RETURN != -1) {
94f08c3bdfSopenharmony_ci		close(TEST_RETURN);
95f08c3bdfSopenharmony_ci		printf("open succeeded unexpectedly\n");
96f08c3bdfSopenharmony_ci		exit(TFAIL);
97f08c3bdfSopenharmony_ci	}
98f08c3bdfSopenharmony_ci
99f08c3bdfSopenharmony_ci	if (TEST_ERRNO == EACCES) {
100f08c3bdfSopenharmony_ci		printf("open failed with EACCESS as expected\n");
101f08c3bdfSopenharmony_ci	} else {
102f08c3bdfSopenharmony_ci		printf("open returned unexpected errno - %d\n", TEST_ERRNO);
103f08c3bdfSopenharmony_ci		exit(TFAIL);
104f08c3bdfSopenharmony_ci	}
105f08c3bdfSopenharmony_ci
106f08c3bdfSopenharmony_ci	/* Test 2: Check a son process cannot open the file
107f08c3bdfSopenharmony_ci	 *         with RDWR permissions.
108f08c3bdfSopenharmony_ci	 */
109f08c3bdfSopenharmony_ci	pid = FORK_OR_VFORK();
110f08c3bdfSopenharmony_ci	if (pid < 0) {
111f08c3bdfSopenharmony_ci		perror("Fork failed");
112f08c3bdfSopenharmony_ci		exit(TFAIL);
113f08c3bdfSopenharmony_ci	}
114f08c3bdfSopenharmony_ci
115f08c3bdfSopenharmony_ci	if (pid == 0) {
116f08c3bdfSopenharmony_ci		/* Test to open the file in son process */
117f08c3bdfSopenharmony_ci		TEST(open(testfile, O_RDWR));
118f08c3bdfSopenharmony_ci
119f08c3bdfSopenharmony_ci		if (TEST_RETURN != -1) {
120f08c3bdfSopenharmony_ci			close(TEST_RETURN);
121f08c3bdfSopenharmony_ci			printf("open succeeded unexpectedly\n");
122f08c3bdfSopenharmony_ci			exit(TFAIL);
123f08c3bdfSopenharmony_ci		}
124f08c3bdfSopenharmony_ci
125f08c3bdfSopenharmony_ci		if (TEST_ERRNO == EACCES) {
126f08c3bdfSopenharmony_ci			printf("open failed with EACCESS as expected\n");
127f08c3bdfSopenharmony_ci		} else {
128f08c3bdfSopenharmony_ci			printf("open returned unexpected errno - %d\n",
129f08c3bdfSopenharmony_ci			       TEST_ERRNO);
130f08c3bdfSopenharmony_ci			exit(TFAIL);
131f08c3bdfSopenharmony_ci		}
132f08c3bdfSopenharmony_ci	} else {
133f08c3bdfSopenharmony_ci		/* Wait for son completion */
134f08c3bdfSopenharmony_ci		if (waitpid(pid, &status, 0) == -1) {
135f08c3bdfSopenharmony_ci			perror("waitpid failed");
136f08c3bdfSopenharmony_ci			exit(TFAIL);
137f08c3bdfSopenharmony_ci		}
138f08c3bdfSopenharmony_ci
139f08c3bdfSopenharmony_ci		if (!WIFEXITED(status) || WEXITSTATUS(status) != 0)
140f08c3bdfSopenharmony_ci			exit(WEXITSTATUS(status));
141f08c3bdfSopenharmony_ci	}
142f08c3bdfSopenharmony_ci
143f08c3bdfSopenharmony_ci	/* Test 3: Fallback to initial uid and check we can again open
144f08c3bdfSopenharmony_ci	 *         the file with RDWR permissions.
145f08c3bdfSopenharmony_ci	 */
146f08c3bdfSopenharmony_ci	tst_count++;
147f08c3bdfSopenharmony_ci	if (SETFSUID(NULL, 0) == -1) {
148f08c3bdfSopenharmony_ci		perror("setfsuid failed");
149f08c3bdfSopenharmony_ci		exit(TFAIL);
150f08c3bdfSopenharmony_ci	}
151f08c3bdfSopenharmony_ci
152f08c3bdfSopenharmony_ci	TEST(open(testfile, O_RDWR));
153f08c3bdfSopenharmony_ci
154f08c3bdfSopenharmony_ci	if (TEST_RETURN == -1) {
155f08c3bdfSopenharmony_ci		perror("open failed unexpectedly");
156f08c3bdfSopenharmony_ci		exit(TFAIL);
157f08c3bdfSopenharmony_ci	} else {
158f08c3bdfSopenharmony_ci		printf("open call succeeded\n");
159f08c3bdfSopenharmony_ci		close(TEST_RETURN);
160f08c3bdfSopenharmony_ci	}
161f08c3bdfSopenharmony_ci	exit(TPASS);
162f08c3bdfSopenharmony_ci}
163f08c3bdfSopenharmony_ci
164f08c3bdfSopenharmony_cistatic void setup(void)
165f08c3bdfSopenharmony_ci{
166f08c3bdfSopenharmony_ci	tst_require_root();
167f08c3bdfSopenharmony_ci
168f08c3bdfSopenharmony_ci	ltpuser = getpwnam(nobody_uid);
169f08c3bdfSopenharmony_ci	if (ltpuser == NULL)
170f08c3bdfSopenharmony_ci		tst_brkm(TBROK, cleanup, "getpwnam failed for user id %s",
171f08c3bdfSopenharmony_ci			nobody_uid);
172f08c3bdfSopenharmony_ci
173f08c3bdfSopenharmony_ci	UID16_CHECK(ltpuser->pw_uid, setfsuid, cleanup);
174f08c3bdfSopenharmony_ci
175f08c3bdfSopenharmony_ci	tst_tmpdir();
176f08c3bdfSopenharmony_ci
177f08c3bdfSopenharmony_ci	/* Create test file */
178f08c3bdfSopenharmony_ci	fd = SAFE_OPEN(cleanup, testfile, O_CREAT | O_RDWR, 0644);
179f08c3bdfSopenharmony_ci
180f08c3bdfSopenharmony_ci	tst_sig(FORK, DEF_HANDLER, cleanup);
181f08c3bdfSopenharmony_ci
182f08c3bdfSopenharmony_ci	TEST_PAUSE;
183f08c3bdfSopenharmony_ci}
184f08c3bdfSopenharmony_ci
185f08c3bdfSopenharmony_cistatic void cleanup(void)
186f08c3bdfSopenharmony_ci{
187f08c3bdfSopenharmony_ci	close(fd);
188f08c3bdfSopenharmony_ci	tst_rmdir();
189f08c3bdfSopenharmony_ci}
190