userns: Unbreak the unprivileged remount tests

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

A security fix in caused the way the unprivileged remount tests were
using user namespaces to break. Tweak the way user namespaces are
being used so the test works again.

Cc: stable@vger.kernel.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

Eric W. Biederman 11 years ago db86da7c 36476bea

+24 -8

1 changed file

expand all

tools

testing

selftests

mount

unprivileged-remount-test.c

+24 -8

tools/testing/selftests/mount/unprivileged-remount-test.c

··· 53 53 exit(EXIT_FAILURE); 54 54 } 55 55 56 - static void write_file(char *filename, char *fmt, ...) 56 + static void vmaybe_write_file(bool enoent_ok, char *filename, char *fmt, va_list ap) 57 57 { 58 58 char buf[4096]; 59 59 int fd; 60 60 ssize_t written; 61 61 int buf_len; 62 - va_list ap; 63 62 64 - va_start(ap, fmt); 65 63 buf_len = vsnprintf(buf, sizeof(buf), fmt, ap); 66 - va_end(ap); 67 64 if (buf_len < 0) { 68 65 die("vsnprintf failed: %s\n", 69 66 strerror(errno)); ··· 71 74 72 75 fd = open(filename, O_WRONLY); 73 76 if (fd < 0) { 77 + if ((errno == ENOENT) && enoent_ok) 78 + return; 74 79 die("open of %s failed: %s\n", 75 80 filename, strerror(errno)); 76 81 } ··· 89 90 die("close of %s failed: %s\n", 90 91 filename, strerror(errno)); 91 92 } 93 + } 94 + 95 + static void maybe_write_file(char *filename, char *fmt, ...) 96 + { 97 + va_list ap; 98 + 99 + va_start(ap, fmt); 100 + vmaybe_write_file(true, filename, fmt, ap); 101 + va_end(ap); 102 + 103 + } 104 + 105 + static void write_file(char *filename, char *fmt, ...) 106 + { 107 + va_list ap; 108 + 109 + va_start(ap, fmt); 110 + vmaybe_write_file(false, filename, fmt, ap); 111 + va_end(ap); 112 + 92 113 } 93 114 94 115 static int read_mnt_flags(const char *path) ··· 163 144 strerror(errno)); 164 145 } 165 146 147 + maybe_write_file("/proc/self/setgroups", "deny"); 166 148 write_file("/proc/self/uid_map", "0 %d 1", uid); 167 149 write_file("/proc/self/gid_map", "0 %d 1", gid); 168 150 169 - if (setgroups(0, NULL) != 0) { 170 - die("setgroups failed: %s\n", 171 - strerror(errno)); 172 - } 173 151 if (setgid(0) != 0) { 174 152 die ("setgid(0) failed %s\n", 175 153 strerror(errno));