selftests/landlock: Test IOCTLs on named pipes

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Named pipes should behave like pipes created with pipe(2),
so we don't want to restrict IOCTLs on them.

Suggested-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20240419161122.2023765-6-gnoack@google.com
Signed-off-by: Mickaël Salaün <mic@digikod.net>

authored by

Günther Noack and committed by

Mickaël Salaün 2 years ago 56ffd377 7954a1d1

+43

1 changed file

expand all

tools

testing

selftests

landlock

fs_test.c

+43

tools/testing/selftests/landlock/fs_test.c

··· 3942 3942 ASSERT_EQ(0, close(fd)); 3943 3943 } 3944 3944 3945 + /* 3946 + * Named pipes are not governed by the LANDLOCK_ACCESS_FS_IOCTL_DEV right, 3947 + * because they are not character or block devices. 3948 + */ 3949 + TEST_F_FORK(layout1, named_pipe_ioctl) 3950 + { 3951 + pid_t child_pid; 3952 + int fd, ruleset_fd; 3953 + const char *const path = file1_s1d1; 3954 + const struct landlock_ruleset_attr attr = { 3955 + .handled_access_fs = LANDLOCK_ACCESS_FS_IOCTL_DEV, 3956 + }; 3957 + 3958 + ASSERT_EQ(0, unlink(path)); 3959 + ASSERT_EQ(0, mkfifo(path, 0600)); 3960 + 3961 + /* Enables Landlock. */ 3962 + ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); 3963 + ASSERT_LE(0, ruleset_fd); 3964 + enforce_ruleset(_metadata, ruleset_fd); 3965 + ASSERT_EQ(0, close(ruleset_fd)); 3966 + 3967 + /* The child process opens the pipe for writing. */ 3968 + child_pid = fork(); 3969 + ASSERT_NE(-1, child_pid); 3970 + if (child_pid == 0) { 3971 + fd = open(path, O_WRONLY); 3972 + close(fd); 3973 + exit(0); 3974 + } 3975 + 3976 + fd = open(path, O_RDONLY); 3977 + ASSERT_LE(0, fd); 3978 + 3979 + /* FIONREAD is implemented by pipefifo_fops. */ 3980 + EXPECT_EQ(0, test_fionread_ioctl(fd)); 3981 + 3982 + ASSERT_EQ(0, close(fd)); 3983 + ASSERT_EQ(0, unlink(path)); 3984 + 3985 + ASSERT_EQ(child_pid, waitpid(child_pid, NULL, 0)); 3986 + } 3987 + 3945 3988 /* clang-format off */ 3946 3989 FIXTURE(ioctl) {}; 3947 3990