diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2019-08-01 15:20:52 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2019-08-01 15:20:52 +0000 |
| commit | 75532bdb153f63a353fdcbc5d647364d1f0223d1 (patch) | |
| tree | 63bb7d2b3e6cf322685d99bcd8e82c2a8817c5db /regress/sys/kern/unveil-unmount | |
| parent | 601bcd1dc134d4246855db4c576ce05ad026e35a (diff) | |
Call unveil(2) in combination with unlink(2) and chroot(2).
Use umount(8) to check that the mountpoint leaks no vnode.
Diffstat (limited to 'regress/sys/kern/unveil-unmount')
| -rw-r--r-- | regress/sys/kern/unveil-unmount/Makefile | 181 | ||||
| -rw-r--r-- | regress/sys/kern/unveil-unmount/unveil-chroot.c | 53 | ||||
| -rw-r--r-- | regress/sys/kern/unveil-unmount/unveil-perm.c | 52 | ||||
| -rw-r--r-- | regress/sys/kern/unveil-unmount/unveil-unlink.c | 50 |
4 files changed, 336 insertions, 0 deletions
diff --git a/regress/sys/kern/unveil-unmount/Makefile b/regress/sys/kern/unveil-unmount/Makefile new file mode 100644 index 00000000000..76c91a60130 --- /dev/null +++ b/regress/sys/kern/unveil-unmount/Makefile @@ -0,0 +1,181 @@ +# $OpenBSD: Makefile,v 1.1.1.1 2019/08/01 15:20:51 bluhm Exp $ + +# Call unveil(2) in combination with unlink(2) and chroot(2). +# Use umount(8) to check that the mountpoint leaks no vnode. +# There were vnode reference counting bugs in the kernel. + +PROGS= unveil-unlink unveil-chroot unveil-perm +CLEANFILES= diskimage + +.PHONY: mount unconfig clean + +diskimage: unconfig + ${SUDO} dd if=/dev/zero of=diskimage bs=512 count=4k + ${SUDO} vnconfig vnd0 diskimage + ${SUDO} newfs vnd0c + +mount: diskimage + @echo '\n======== $@ ========' + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} mount /dev/vnd0c /mnt/regress-unveil + +unconfig: + @echo '\n======== $@ ========' + -${SUDO} umount -f /dev/vnd0c 2>/dev/null || true + -${SUDO} rmdir /mnt/regress-unveil 2>/dev/null || true + -${SUDO} vnconfig -u vnd0 2>/dev/null || true + -${SUDO} rm -f stamp-setup + +REGRESS_SETUP = ${PROGS} mount +REGRESS_CLEANUP = unconfig +REGRESS_TARGETS = + +REGRESS_TARGETS += run-unlink +run-unlink: + @echo '\n======== $@ ========' + # unlink a file in an unveiled directory + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} ./unveil-unlink /mnt/regress-unveil/foo bar + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot +run-chroot: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} ./unveil-chroot /mnt/regress-unveil / + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-dir +run-chroot-dir: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} ./unveil-chroot /mnt/regress-unveil/foo / + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-unveil-dir +run-chroot-unveil-dir: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} ./unveil-chroot /mnt/regress-unveil /foo + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-dir-unveil-dir +run-chroot-dir-unveil-dir: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil/foo/bar + ${SUDO} ./unveil-chroot /mnt/regress-unveil/foo /bar + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-open +run-chroot-open: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} touch /mnt/regress-unveil/baz + ${SUDO} ./unveil-chroot /mnt/regress-unveil / /baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-dir-open +run-chroot-dir-open: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} touch /mnt/regress-unveil/foo/baz + ${SUDO} ./unveil-chroot /mnt/regress-unveil/foo / /baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-unveil-dir-open +run-chroot-unveil-dir-open: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} touch /mnt/regress-unveil/foo/baz + ${SUDO} ./unveil-chroot /mnt/regress-unveil /foo /baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-chroot-dir-unveil-dir-open +run-chroot-dir-unveil-dir-open: + @echo '\n======== $@ ========' + # unveil in a chroot environment + ${SUDO} mkdir -p /mnt/regress-unveil/foo/bar + ${SUDO} touch /mnt/regress-unveil/foo/bar/baz + ${SUDO} ./unveil-chroot /mnt/regress-unveil/foo /bar /baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm +run-perm: + @echo '\n======== $@ ========' + # unveil in a perm environment + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} ./unveil-perm "" /mnt/regress-unveil + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-dir +run-perm-dir: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} ./unveil-perm "" /mnt/regress-unveil/foo + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-open +run-perm-open: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} touch /mnt/regress-unveil/baz + ${SUDO} ./unveil-perm "" /mnt/regress-unveil baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-dir-open +run-perm-dir-open: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} touch /mnt/regress-unveil/foo/baz + ${SUDO} ./unveil-perm "" /mnt/regress-unveil/foo baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-create-open +run-perm-create-open: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} touch /mnt/regress-unveil/baz + ${SUDO} ./unveil-perm "c" /mnt/regress-unveil baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-dir-create-open +run-perm-dir-create-open: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} touch /mnt/regress-unveil/foo/baz + ${SUDO} ./unveil-perm "c" /mnt/regress-unveil/foo baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-write-open +run-perm-write-open: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil + ${SUDO} touch /mnt/regress-unveil/baz + ${SUDO} ./unveil-perm "w" /mnt/regress-unveil baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_TARGETS += run-perm-dir-write-open +run-perm-dir-write-open: + @echo '\n======== $@ ========' + # unveil with permission + ${SUDO} mkdir -p /mnt/regress-unveil/foo + ${SUDO} touch /mnt/regress-unveil/foo/baz + ${SUDO} ./unveil-perm "w" /mnt/regress-unveil/foo baz + ${SUDO} umount /mnt/regress-unveil + +REGRESS_ROOT_TARGETS = ${REGRESS_TARGETS} + +.include <bsd.regress.mk> diff --git a/regress/sys/kern/unveil-unmount/unveil-chroot.c b/regress/sys/kern/unveil-unmount/unveil-chroot.c new file mode 100644 index 00000000000..18cb65a76c7 --- /dev/null +++ b/regress/sys/kern/unveil-unmount/unveil-chroot.c @@ -0,0 +1,53 @@ +/* $OpenBSD: unveil-chroot.c,v 1.1.1.1 2019/08/01 15:20:51 bluhm Exp $ */ +/* + * Copyright (c) 2019 Alexander Bluhm <bluhm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <err.h> +#include <errno.h> +#include <fcntl.h> +#include <stdio.h> +#include <unistd.h> + +int +main(int argc, char *argv[]) +{ + char *root, *dir, *file, *path = NULL; + + if (argc != 3 && argc != 4) + errx(2, "usage: unveil-chroot root dir [file]"); + + root = argv[1]; + dir = argv[2]; + file = argv[3]; + if (file != NULL) { + if (asprintf(&path, "%s/%s", dir, file) == -1) + err(1, "asprintf"); + } + + if (chroot(root) == -1) + err(1, "chroot %s", root); + + if (unveil(dir, "") == -1) + err(1, "unveil %s", dir); + if (file != NULL) { + if (open(path, O_RDONLY) != -1) + errx(1, "open %s succeeded", path); + if (errno != ENOENT) + err(1, "open %s error", path); + } + + return 0; +} diff --git a/regress/sys/kern/unveil-unmount/unveil-perm.c b/regress/sys/kern/unveil-unmount/unveil-perm.c new file mode 100644 index 00000000000..7ccc739d40b --- /dev/null +++ b/regress/sys/kern/unveil-unmount/unveil-perm.c @@ -0,0 +1,52 @@ +/* $OpenBSD: unveil-perm.c,v 1.1.1.1 2019/08/01 15:20:51 bluhm Exp $ */ +/* + * Copyright (c) 2019 Alexander Bluhm <bluhm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <err.h> +#include <errno.h> +#include <fcntl.h> +#include <stdio.h> +#include <unistd.h> + +int +main(int argc, char *argv[]) +{ + char *perm, *dir, *file, *path = NULL; + + if (argc != 3 && argc != 4) + errx(2, "usage: unveil-perm perm dir [file]"); + + perm = argv[1]; + dir = argv[2]; + file = argv[3]; + if (file != NULL) { + if (asprintf(&path, "%s/%s", dir, file) == -1) + err(1, "asprintf"); + } + + if (unveil(dir, perm) == -1) + err(1, "unveil %s %s", dir, perm); + if (file != NULL) { + if (open(path, O_RDONLY) != -1) + errx(1, "open %s succeeded", path); + if (perm == NULL) { + if (errno != ENOENT) + err(1, "open %s error", path); + } + } + + return 0; +} diff --git a/regress/sys/kern/unveil-unmount/unveil-unlink.c b/regress/sys/kern/unveil-unmount/unveil-unlink.c new file mode 100644 index 00000000000..cf59e3b3b45 --- /dev/null +++ b/regress/sys/kern/unveil-unmount/unveil-unlink.c @@ -0,0 +1,50 @@ +/* $OpenBSD: unveil-unlink.c,v 1.1.1.1 2019/08/01 15:20:51 bluhm Exp $ */ +/* + * Copyright (c) 2019 Alexander Bluhm <bluhm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <unistd.h> + +int +main(int argc, char *argv[]) +{ + char *dir, *file, *path; + int fd; + + if (argc != 3) + errx(2, "usage: unveil-unlink dir file"); + + dir = argv[1]; + file = argv[2]; + if (asprintf(&path, "%s/%s", dir, file) == -1) + err(1, "asprintf"); + + fd = open(path, O_WRONLY|O_CREAT, 0755); + if (fd == -1) + err(1, "open %s", dir); + close(fd); + + if (unveil(dir, "r") == -1) + err(1, "unveil %s", dir); + if (unveil(NULL, NULL) == -1) + err(1, "unveil NULL"); + if (unlink(path) == 0) + errx(1, "unlink %s succeeded", path); + + return 0; +} |