selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The LANDLOCK_ACCESS_FS_IOCTL_DEV right should have no effect on the use of
named UNIX domain sockets.

Suggested-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20240419161122.2023765-7-gnoack@google.com
[mic: Add missing stddef.h for offsetof()]
Signed-off-by: Mickaël Salaün <mic@digikod.net>

authored by

Günther Noack and committed by

Mickaël Salaün 2 years ago f83d51a5 56ffd377

+53

1 changed file

expand all

tools

testing

selftests

landlock

fs_test.c

+53

tools/testing/selftests/landlock/fs_test.c

··· 14 14 #include <linux/landlock.h> 15 15 #include <linux/magic.h> 16 16 #include <sched.h> 17 + #include <stddef.h> 17 18 #include <stdio.h> 18 19 #include <string.h> 19 20 #include <sys/capability.h> ··· 22 21 #include <sys/mount.h> 23 22 #include <sys/prctl.h> 24 23 #include <sys/sendfile.h> 24 + #include <sys/socket.h> 25 25 #include <sys/stat.h> 26 26 #include <sys/sysmacros.h> 27 + #include <sys/un.h> 27 28 #include <sys/vfs.h> 28 29 #include <unistd.h> 29 30 ··· 3986 3983 ASSERT_EQ(0, unlink(path)); 3987 3984 3988 3985 ASSERT_EQ(child_pid, waitpid(child_pid, NULL, 0)); 3986 + } 3987 + 3988 + /* For named UNIX domain sockets, no IOCTL restrictions apply. */ 3989 + TEST_F_FORK(layout1, named_unix_domain_socket_ioctl) 3990 + { 3991 + const char *const path = file1_s1d1; 3992 + int srv_fd, cli_fd, ruleset_fd; 3993 + socklen_t size; 3994 + struct sockaddr_un srv_un, cli_un; 3995 + const struct landlock_ruleset_attr attr = { 3996 + .handled_access_fs = LANDLOCK_ACCESS_FS_IOCTL_DEV, 3997 + }; 3998 + 3999 + /* Sets up a server */ 4000 + srv_un.sun_family = AF_UNIX; 4001 + strncpy(srv_un.sun_path, path, sizeof(srv_un.sun_path)); 4002 + 4003 + ASSERT_EQ(0, unlink(path)); 4004 + srv_fd = socket(AF_UNIX, SOCK_STREAM, 0); 4005 + ASSERT_LE(0, srv_fd); 4006 + 4007 + size = offsetof(struct sockaddr_un, sun_path) + strlen(srv_un.sun_path); 4008 + ASSERT_EQ(0, bind(srv_fd, (struct sockaddr *)&srv_un, size)); 4009 + ASSERT_EQ(0, listen(srv_fd, 10 /* qlen */)); 4010 + 4011 + /* Enables Landlock. */ 4012 + ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); 4013 + ASSERT_LE(0, ruleset_fd); 4014 + enforce_ruleset(_metadata, ruleset_fd); 4015 + ASSERT_EQ(0, close(ruleset_fd)); 4016 + 4017 + /* Sets up a client connection to it */ 4018 + cli_un.sun_family = AF_UNIX; 4019 + cli_fd = socket(AF_UNIX, SOCK_STREAM, 0); 4020 + ASSERT_LE(0, cli_fd); 4021 + 4022 + size = offsetof(struct sockaddr_un, sun_path) + strlen(cli_un.sun_path); 4023 + ASSERT_EQ(0, bind(cli_fd, (struct sockaddr *)&cli_un, size)); 4024 + 4025 + bzero(&cli_un, sizeof(cli_un)); 4026 + cli_un.sun_family = AF_UNIX; 4027 + strncpy(cli_un.sun_path, path, sizeof(cli_un.sun_path)); 4028 + size = offsetof(struct sockaddr_un, sun_path) + strlen(cli_un.sun_path); 4029 + 4030 + ASSERT_EQ(0, connect(cli_fd, (struct sockaddr *)&cli_un, size)); 4031 + 4032 + /* FIONREAD and other IOCTLs should not be forbidden. */ 4033 + EXPECT_EQ(0, test_fionread_ioctl(cli_fd)); 4034 + 4035 + ASSERT_EQ(0, close(cli_fd)); 3989 4036 } 3990 4037 3991 4038 /* clang-format off */