Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp121481pxb; Tue, 26 Oct 2021 23:01:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwsZBXskuv4InnwU4U4yZzadSmeUC5HyjkXQ+ad7GDD8gWQWRA+BNPtScXdrazQHZRVABDK X-Received: by 2002:aa7:da16:: with SMTP id r22mr43013136eds.75.1635314476202; Tue, 26 Oct 2021 23:01:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635314476; cv=none; d=google.com; s=arc-20160816; b=ETNrlE4FAxUQjD8CENx0A66wrw2qKwz+bqePAcyfc3bTxf1L2oe/yrgN0yH0DtYbFG hy5L+rPWdjsYk4fkDKVu747gwcCIUbFvZT88GxjwXfIaxmV3MpVnB9bnQZXheiltHl8i U7hoIZRyY5F3wqcVRiKDn8LbmkDrS6X+8FEHIv8R4e9g3oBraAKD5uFyInSMejpG9JP1 45Vw3fqhRL4ufvO9H5/Me1aHbkoyjJJ+Gkwz5RfLTnmHtgsPgqpQJftwsugyIV8wKOvH xlxMa/nVrnjw+kxpiAWtDq/7XK9kDiYyqS3WRxeMztayWX4rvCxu8HduMuqZdC5u/W3o RtDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=nnDPhQGDDH8uaX+jmtKylp5AcibwhHbR/tbFQ2ILtDo=; b=YQWmOekYmB6eUkg1rOmVesvf5aZfeSVE9SUrWX74cIkdVr9sWc30Cd9+8R0wjix4F/ oe++AMy1Ivy/yj5R5D6gwlUXa/GbpA/vi1/qEpAX/1sceZtU6OGZEip1EL7vO3aah3qZ eCGDgBdCZ2OXvsWQd9OAareVpYz8uAq964aEgHbIODzsKyA+CMBAXvlliA9gRV9DtM9S nutr3WP2hWR/LMPKdXqMwVBcZpLxfuFqzolhLWb8UV5ixfG6fK/ISviVbEYsm4s/+hmI vA4gZWI0NK0GAzYTsjgGnWUb/Avg0LZ3GIqXZDv/TmqY+HCO7L9nJG2C+KqRLMT+aBDA cEVQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s3si26725711ejs.386.2021.10.26.23.00.52; Tue, 26 Oct 2021 23:01:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=collabora.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238381AbhJZSqP (ORCPT + 99 others); Tue, 26 Oct 2021 14:46:15 -0400 Received: from bhuna.collabora.co.uk ([46.235.227.227]:43256 "EHLO bhuna.collabora.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238375AbhJZSqP (ORCPT ); Tue, 26 Oct 2021 14:46:15 -0400 Received: from localhost (unknown [IPv6:2804:14c:124:8a08::1002]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: krisman) by bhuna.collabora.co.uk (Postfix) with ESMTPSA id DCF6A1F43877; Tue, 26 Oct 2021 19:43:43 +0100 (BST) From: Gabriel Krisman Bertazi To: ltp@lists.linux.it, jack@suse.com, amir73il@gmail.com Cc: khazhy@google.com, kernel@collabora.com, linux-ext4@vger.kernel.org, repnop@google.com, Gabriel Krisman Bertazi Subject: [PATCH v2 05/10] syscalls/fanotify20: Validate incoming FID in FAN_FS_ERROR Date: Tue, 26 Oct 2021 15:42:34 -0300 Message-Id: <20211026184239.151156-6-krisman@collabora.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211026184239.151156-1-krisman@collabora.com> References: <20211026184239.151156-1-krisman@collabora.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org Verify the FID provided in the event. If the FH has size 0, this is assumed to be a superblock error (i.e. null FH). Signed-off-by: Gabriel Krisman Bertazi --- Changes since v1: - Move defines to header file. - Use 0-len FH for sb error --- testcases/kernel/syscalls/fanotify/fanotify.h | 4 ++ .../kernel/syscalls/fanotify/fanotify20.c | 63 +++++++++++++++++++ 2 files changed, 67 insertions(+) diff --git a/testcases/kernel/syscalls/fanotify/fanotify.h b/testcases/kernel/syscalls/fanotify/fanotify.h index 58e30aaf00bc..9bff3cf1a3fe 100644 --- a/testcases/kernel/syscalls/fanotify/fanotify.h +++ b/testcases/kernel/syscalls/fanotify/fanotify.h @@ -435,4 +435,8 @@ struct fanotify_event_info_header *get_event_info( ((struct fanotify_event_info_error *) \ get_event_info((event), FAN_EVENT_INFO_TYPE_ERROR)) +#define get_event_info_fid(event) \ + ((struct fanotify_event_info_fid *) \ + get_event_info((event), FAN_EVENT_INFO_TYPE_FID)) + #endif /* __FANOTIFY_H__ */ diff --git a/testcases/kernel/syscalls/fanotify/fanotify20.c b/testcases/kernel/syscalls/fanotify/fanotify20.c index 6074d449ae63..220cd51419e8 100644 --- a/testcases/kernel/syscalls/fanotify/fanotify20.c +++ b/testcases/kernel/syscalls/fanotify/fanotify20.c @@ -34,20 +34,61 @@ #ifdef HAVE_SYS_FANOTIFY_H #include "fanotify.h" +#ifndef FILEID_INVALID +#define FILEID_INVALID 0xff +#endif + #define BUF_SIZE 256 static char event_buf[BUF_SIZE]; int fd_notify; #define MOUNT_PATH "test_mnt" +/* These expected FIDs are common to multiple tests */ +static struct fanotify_fid_t null_fid; + static struct test_case { char *name; int error; unsigned int error_count; + struct fanotify_fid_t *fid; void (*trigger_error)(void); } testcases[] = { }; +int check_error_event_info_fid(struct fanotify_event_info_fid *fid, + const struct test_case *ex) +{ + struct file_handle *fh = (struct file_handle *) &fid->handle; + + if (memcmp(&fid->fsid, &ex->fid->fsid, sizeof(fid->fsid))) { + tst_res(TFAIL, "%s: Received bad FSID type (%x...!=%x...)", + ex->name, FSID_VAL_MEMBER(fid->fsid, 0), + FSID_VAL_MEMBER(ex->fid->fsid, 0)); + + return 1; + } + if (fh->handle_type != ex->fid->handle.handle_type) { + tst_res(TFAIL, "%s: Received bad file_handle type (%d!=%d)", + ex->name, fh->handle_type, ex->fid->handle.handle_type); + return 1; + } + + if (fh->handle_bytes != ex->fid->handle.handle_bytes) { + tst_res(TFAIL, "%s: Received bad file_handle len (%d!=%d)", + ex->name, fh->handle_bytes, ex->fid->handle.handle_bytes); + return 1; + } + + if (memcmp(fh->f_handle, ex->fid->handle.f_handle, fh->handle_bytes)) { + tst_res(TFAIL, "%s: Received wrong handle. " + "Expected (%x...) got (%x...) ", ex->name, + *(int*)ex->fid->handle.f_handle, *(int*)fh->f_handle); + return 1; + } + return 0; +} + int check_error_event_info_error(struct fanotify_event_info_error *info_error, const struct test_case *ex) { @@ -91,6 +132,7 @@ void check_event(char *buf, size_t len, const struct test_case *ex) struct fanotify_event_metadata *event = (struct fanotify_event_metadata *) buf; struct fanotify_event_info_error *info_error; + struct fanotify_event_info_fid *info_fid; int fail = 0; if (len < FAN_EVENT_METADATA_LEN) { @@ -109,6 +151,14 @@ void check_event(char *buf, size_t len, const struct test_case *ex) fail++; } + info_fid = get_event_info_fid(event); + if (info_fid) + fail += check_error_event_info_fid(info_fid, ex); + else { + tst_res(TFAIL, "FID record not found"); + fail++; + } + if (!fail) tst_res(TPASS, "Successfully received: %s", ex->name); } @@ -125,12 +175,25 @@ static void do_test(unsigned int i) check_event(event_buf, read_len, tcase); } +static void init_null_fid(void) +{ + /* Use fanotify_save_fid to fill the fsid and overwrite the + * file_handler to create a null_fid + */ + fanotify_save_fid(MOUNT_PATH, &null_fid); + + null_fid.handle.handle_type = FILEID_INVALID; + null_fid.handle.handle_bytes = 0; +} + static void setup(void) { REQUIRE_FANOTIFY_EVENTS_SUPPORTED_ON_FS(FAN_CLASS_NOTIF|FAN_REPORT_FID, FAN_MARK_FILESYSTEM, FAN_FS_ERROR, "."); + init_null_fid(); + fd_notify = SAFE_FANOTIFY_INIT(FAN_CLASS_NOTIF|FAN_REPORT_FID, O_RDONLY); -- 2.33.0