From: Christian Brauner Date: Mon, 23 Mar 2026 16:41:08 +0000 (+0100) Subject: selftests/fsmount_ns: add missing TARGETS and fix cap test X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=660c09404cdabfe969d58375e990d2955af59797;p=thirdparty%2Fkernel%2Flinux.git selftests/fsmount_ns: add missing TARGETS and fix cap test Add missing top-level kselftest TARGETS entries for empty_mntns and fsmount_ns so that 'make kselftest' discovers and runs these tests. Fix requires_cap_sys_admin test which always SKIPped because fsopen() was called after enter_userns(), where CAP_SYS_ADMIN in the mount namespace's user_ns is unavailable. Move fsopen/fsconfig before fork so the configured fs_fd is inherited by the child, which then only needs to call fsmount() after dropping privileges. Fixes: 3ac7ea91f3d0 ("selftests: add FSMOUNT_NAMESPACE tests") Signed-off-by: Christian Brauner --- diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 2d05b3e1a26e..5677dd8b2a76 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -39,6 +39,8 @@ TARGETS += filesystems/statmount TARGETS += filesystems/mount-notify TARGETS += filesystems/fuse TARGETS += filesystems/move_mount +TARGETS += filesystems/empty_mntns +TARGETS += filesystems/fsmount_ns TARGETS += firmware TARGETS += fpu TARGETS += ftrace diff --git a/tools/testing/selftests/filesystems/fsmount_ns/fsmount_ns_test.c b/tools/testing/selftests/filesystems/fsmount_ns/fsmount_ns_test.c index 239abbe63814..b70b3051eed4 100644 --- a/tools/testing/selftests/filesystems/fsmount_ns/fsmount_ns_test.c +++ b/tools/testing/selftests/filesystems/fsmount_ns/fsmount_ns_test.c @@ -388,12 +388,23 @@ TEST_F(fsmount_ns_caps, requires_cap_sys_admin) { pid_t pid; int status; + int fs_fd; + + /* + * Prepare the configured filesystem fd as root before forking. + * fsopen() requires CAP_SYS_ADMIN in the mount namespace's + * user_ns, which won't be available after enter_userns(). + */ + fs_fd = sys_fsopen("tmpfs", FSOPEN_CLOEXEC); + ASSERT_GE(fs_fd, 0); + + ASSERT_EQ(sys_fsconfig(fs_fd, FSCONFIG_CMD_CREATE, NULL, NULL, 0), 0); pid = fork(); ASSERT_GE(pid, 0); if (pid == 0) { - int fs_fd, fd; + int fd; /* Child: drop privileges using utils.h helper */ if (enter_userns() != 0) @@ -403,15 +414,6 @@ TEST_F(fsmount_ns_caps, requires_cap_sys_admin) if (caps_down() == 0) _exit(3); - fs_fd = sys_fsopen("tmpfs", FSOPEN_CLOEXEC); - if (fs_fd < 0) - _exit(4); - - if (sys_fsconfig(fs_fd, FSCONFIG_CMD_CREATE, NULL, NULL, 0) < 0) { - close(fs_fd); - _exit(5); - } - fd = sys_fsmount(fs_fd, FSMOUNT_NAMESPACE | FSMOUNT_CLOEXEC, 0); close(fs_fd); @@ -432,6 +434,7 @@ TEST_F(fsmount_ns_caps, requires_cap_sys_admin) _exit(7); } + close(fs_fd); ASSERT_EQ(waitpid(pid, &status, 0), pid); ASSERT_TRUE(WIFEXITED(status)); @@ -448,12 +451,6 @@ TEST_F(fsmount_ns_caps, requires_cap_sys_admin) case 3: SKIP(return, "caps_down failed"); break; - case 4: - SKIP(return, "fsopen failed in userns"); - break; - case 5: - SKIP(return, "fsconfig CMD_CREATE failed in userns"); - break; case 6: SKIP(return, "FSMOUNT_NAMESPACE not supported"); break;