src/test/test-mount-util.c

   1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
   2
   3 #include <sys/mount.h>
   4 #include <sys/statvfs.h>
   5
   6 #include "alloc-util.h"
   7 #include "capability-util.h"
   8 #include "fd-util.h"
   9 #include "fileio.h"
  10 #include "mount-util.h"
  11 #include "namespace-util.h"
  12 #include "path-util.h"
  13 #include "process-util.h"
  14 #include "rm-rf.h"
  15 #include "string-util.h"
  16 #include "strv.h"
  17 #include "tests.h"
  18 #include "tmpfile-util.h"
  19
  20 static void test_mount_option_mangle(void) {
  21         char *opts = NULL;
  22         unsigned long f;
  23
  24         log_info("/* %s */", __func__);
  25
  26         assert_se(mount_option_mangle(NULL, MS_RDONLY|MS_NOSUID, &f, &opts) == 0);
  27         assert_se(f == (MS_RDONLY|MS_NOSUID));
  28         assert_se(opts == NULL);
  29
  30         assert_se(mount_option_mangle("", MS_RDONLY|MS_NOSUID, &f, &opts) == 0);
  31         assert_se(f == (MS_RDONLY|MS_NOSUID));
  32         assert_se(opts == NULL);
  33
  34         assert_se(mount_option_mangle("ro,nosuid,nodev,noexec", 0, &f, &opts) == 0);
  35         assert_se(f == (MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC));
  36         assert_se(opts == NULL);
  37
  38         assert_se(mount_option_mangle("ro,nosuid,nodev,noexec,mode=755", 0, &f, &opts) == 0);
  39         assert_se(f == (MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC));
  40         assert_se(streq(opts, "mode=755"));
  41         opts = mfree(opts);
  42
  43         assert_se(mount_option_mangle("rw,nosuid,foo,hogehoge,nodev,mode=755", 0, &f, &opts) == 0);
  44         assert_se(f == (MS_NOSUID|MS_NODEV));
  45         assert_se(streq(opts, "foo,hogehoge,mode=755"));
  46         opts = mfree(opts);
  47
  48         assert_se(mount_option_mangle("rw,nosuid,nodev,noexec,relatime,net_cls,net_prio", MS_RDONLY, &f, &opts) == 0);
  49         assert_se(f == (MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_RELATIME));
  50         assert_se(streq(opts, "net_cls,net_prio"));
  51         opts = mfree(opts);
  52
  53         assert_se(mount_option_mangle("rw,nosuid,nodev,relatime,size=1630748k,mode=700,uid=1000,gid=1000", MS_RDONLY, &f, &opts) == 0);
  54         assert_se(f == (MS_NOSUID|MS_NODEV|MS_RELATIME));
  55         assert_se(streq(opts, "size=1630748k,mode=700,uid=1000,gid=1000"));
  56         opts = mfree(opts);
  57
  58         assert_se(mount_option_mangle("size=1630748k,rw,gid=1000,,,nodev,relatime,,mode=700,nosuid,uid=1000", MS_RDONLY, &f, &opts) == 0);
  59         assert_se(f == (MS_NOSUID|MS_NODEV|MS_RELATIME));
  60         assert_se(streq(opts, "size=1630748k,gid=1000,mode=700,uid=1000"));
  61         opts = mfree(opts);
  62
  63         assert_se(mount_option_mangle("rw,exec,size=8143984k,nr_inodes=2035996,mode=755", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV, &f, &opts) == 0);
  64         assert_se(f == (MS_NOSUID|MS_NODEV));
  65         assert_se(streq(opts, "size=8143984k,nr_inodes=2035996,mode=755"));
  66         opts = mfree(opts);
  67
  68         assert_se(mount_option_mangle("rw,relatime,fmask=0022,,,dmask=0022", MS_RDONLY, &f, &opts) == 0);
  69         assert_se(f == MS_RELATIME);
  70         assert_se(streq(opts, "fmask=0022,dmask=0022"));
  71         opts = mfree(opts);
  72
  73         assert_se(mount_option_mangle("rw,relatime,fmask=0022,dmask=0022,\"hogehoge", MS_RDONLY, &f, &opts) < 0);
  74
  75         assert_se(mount_option_mangle("mode=1777,size=10%,nr_inodes=400k,uid=496107520,gid=496107520,context=\"system_u:object_r:svirt_sandbox_file_t:s0:c0,c1\"", 0, &f, &opts) == 0);
  76         assert_se(f == 0);
  77         assert_se(streq(opts, "mode=1777,size=10%,nr_inodes=400k,uid=496107520,gid=496107520,context=\"system_u:object_r:svirt_sandbox_file_t:s0:c0,c1\""));
  78         opts = mfree(opts);
  79 }
  80
  81 static void test_bind_remount_recursive(void) {
  82         _cleanup_(rm_rf_physical_and_freep) char *tmp = NULL;
  83         _cleanup_free_ char *subdir = NULL;
  84         const char *p;
  85
  86         log_info("/* %s */", __func__);
  87
  88         if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) {
  89                 (void) log_tests_skipped("not running privileged");
  90                 return;
  91         }
  92
  93         assert_se(mkdtemp_malloc("/tmp/XXXXXX", &tmp) >= 0);
  94         subdir = path_join(tmp, "subdir");
  95         assert_se(subdir);
  96         assert_se(mkdir(subdir, 0755) >= 0);
  97
  98         FOREACH_STRING(p, "/usr", "/sys", "/", tmp) {
  99                 pid_t pid;
 100
 101                 pid = fork();
 102                 assert_se(pid >= 0);
 103
 104                 if (pid == 0) {
 105                         struct statvfs svfs;
 106                         /* child */
 107                         assert_se(detach_mount_namespace() >= 0);
 108
 109                         /* Check that the subdir is writable (it must be because it's in /tmp) */
 110                         assert_se(statvfs(subdir, &svfs) >= 0);
 111                         assert_se(!FLAGS_SET(svfs.f_flag, ST_RDONLY));
 112
 113                         /* Make the subdir a bind mount */
 114                         assert_se(mount_nofollow(subdir, subdir, NULL, MS_BIND|MS_REC, NULL) >= 0);
 115
 116                         /* Ensure it's still writable */
 117                         assert_se(statvfs(subdir, &svfs) >= 0);
 118                         assert_se(!FLAGS_SET(svfs.f_flag, ST_RDONLY));
 119
 120                         /* Now mark the path we currently run for read-only */
 121                         assert_se(bind_remount_recursive(p, MS_RDONLY, MS_RDONLY, STRV_MAKE("/sys/kernel")) >= 0);
 122
 123                         /* Ensure that this worked on the top-level */
 124                         assert_se(statvfs(p, &svfs) >= 0);
 125                         assert_se(FLAGS_SET(svfs.f_flag, ST_RDONLY));
 126
 127                         /* And ensure this had an effect on the subdir exactly if we are talking about a path above the subdir */
 128                         assert_se(statvfs(subdir, &svfs) >= 0);
 129                         assert_se(FLAGS_SET(svfs.f_flag, ST_RDONLY) == !!path_startswith(subdir, p));
 130
 131                         _exit(EXIT_SUCCESS);
 132                 }
 133
 134                 assert_se(wait_for_terminate_and_check("test-remount-rec", pid, WAIT_LOG) == EXIT_SUCCESS);
 135         }
 136 }
 137
 138 static void test_bind_remount_one(void) {
 139         pid_t pid;
 140
 141         log_info("/* %s */", __func__);
 142
 143         if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) {
 144                 (void) log_tests_skipped("not running privileged");
 145                 return;
 146         }
 147
 148         pid = fork();
 149         assert_se(pid >= 0);
 150
 151         if (pid == 0) {
 152                 /* child */
 153
 154                 _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
 155
 156                 assert_se(detach_mount_namespace() >= 0);
 157
 158                 assert_se(fopen_unlocked("/proc/self/mountinfo", "re", &proc_self_mountinfo) >= 0);
 159
 160                 assert_se(bind_remount_one_with_mountinfo("/run", MS_RDONLY, MS_RDONLY, proc_self_mountinfo) >= 0);
 161                 assert_se(bind_remount_one_with_mountinfo("/proc/idontexist", MS_RDONLY, MS_RDONLY, proc_self_mountinfo) == -ENOENT);
 162                 assert_se(bind_remount_one_with_mountinfo("/proc/self", MS_RDONLY, MS_RDONLY, proc_self_mountinfo) == -EINVAL);
 163                 assert_se(bind_remount_one_with_mountinfo("/", MS_RDONLY, MS_RDONLY, proc_self_mountinfo) >= 0);
 164
 165                 _exit(EXIT_SUCCESS);
 166         }
 167
 168         assert_se(wait_for_terminate_and_check("test-remount-one", pid, WAIT_LOG) == EXIT_SUCCESS);
 169 }
 170
 171 int main(int argc, char *argv[]) {
 172         test_setup_logging(LOG_DEBUG);
 173
 174         test_mount_option_mangle();
 175         test_bind_remount_recursive();
 176         test_bind_remount_one();
 177
 178         return 0;
 179 }