summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/Makefile5
-rw-r--r--test/personality.c139
2 files changed, 142 insertions, 2 deletions
diff --git a/test/Makefile b/test/Makefile
index efdc3aa..a975999 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -19,7 +19,7 @@ all_targets += poll poll-cancel ring-leak fsync io_uring_setup io_uring_register
poll-many b5837bd5311d-test accept-test d77a67ed5f27-test \
connect 7ad0e4b2f83c-test submit-reuse fallocate open-close \
file-update statx accept-reuse poll-v-poll fadvise madvise \
- short-read openat2 probe shared-wq
+ short-read openat2 probe shared-wq personality
include ../Makefile.quiet
@@ -45,7 +45,8 @@ test_srcs := poll.c poll-cancel.c ring-leak.c fsync.c io_uring_setup.c \
b5837bd5311d-test.c accept-test.c d77a67ed5f27-test.c connect.c \
7ad0e4b2f83c-test.c submit-reuse.c fallocate.c open-close.c \
file-update.c statx.c accept-reuse.c poll-v-poll.c fadvise.c \
- madvise.c short-read.c openat2.c probe.c shared-wq.c
+ madvise.c short-read.c openat2.c probe.c shared-wq.c \
+ personality.c
test_objs := $(patsubst %.c,%.ol,$(test_srcs))
diff --git a/test/personality.c b/test/personality.c
new file mode 100644
index 0000000..c9001ac
--- /dev/null
+++ b/test/personality.c
@@ -0,0 +1,139 @@
+/*
+ * Description: test if personalities work
+ *
+ */
+#include <errno.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <fcntl.h>
+
+#include "liburing.h"
+
+#define FNAME "/tmp/.tmp.access"
+#define USE_UID 1000
+
+static int open_file(struct io_uring *ring, int cred_id)
+{
+ struct io_uring_cqe *cqe;
+ struct io_uring_sqe *sqe;
+ int ret;
+
+ sqe = io_uring_get_sqe(ring);
+ io_uring_prep_openat(sqe, -1, FNAME, O_RDONLY, 0);
+
+ if (cred_id != -1) {
+ sqe->flags |= IOSQE_PERSONALITY;
+ sqe->personality = cred_id;
+ }
+
+ ret = io_uring_submit(ring);
+ if (ret != 1) {
+ fprintf(stderr, "submit got: %d\n", ret);
+ goto err;
+ }
+
+ ret = io_uring_wait_cqe(ring, &cqe);
+ if (ret < 0) {
+ fprintf(stderr, "wait completion %d\n", ret);
+ goto err;
+ }
+
+ ret = cqe->res;
+ io_uring_cqe_seen(ring, cqe);
+err:
+ return ret;
+}
+
+static int test_personality(struct io_uring *ring)
+{
+ int ret, cred_id;
+
+ ret = io_uring_register_personality(ring);
+ if (ret < 0) {
+ if (ret == -EINVAL) {
+ fprintf(stdout, "Personalities not supported, skipping\n");
+ goto out;
+ }
+ fprintf(stderr, "register_personality: %d\n", ret);
+ goto err;
+ }
+ cred_id = ret;
+
+ /* create file only owner can open */
+ ret = open(FNAME, O_RDONLY | O_CREAT, 0600);
+ if (ret < 0) {
+ perror("open");
+ goto err;
+ }
+ close(ret);
+
+ /* verify we can open it */
+ ret = open_file(ring, -1);
+ if (ret < 0) {
+ fprintf(stderr, "current open got: %d\n", ret);
+ goto err;
+ }
+
+ if (seteuid(USE_UID) < 0) {
+ fprintf(stdout, "Can't switch to UID %u, skipping\n", USE_UID);
+ goto out;
+ }
+
+ /* verify we can't open it with current credentials */
+ ret = open_file(ring, -1);
+ if (ret != -EACCES) {
+ fprintf(stderr, "open got: %d\n", ret);
+ goto err;
+ }
+
+ /* verify we can open with registered credentials */
+ ret = open_file(ring, cred_id);
+ if (ret < 0) {
+ fprintf(stderr, "credential open: %d\n", ret);
+ goto err;
+ }
+
+ if (seteuid(0))
+ perror("seteuid");
+
+ ret = io_uring_unregister_personality(ring, cred_id);
+ if (ret) {
+ fprintf(stderr, "register_personality: %d\n", ret);
+ goto err;
+ }
+
+out:
+ unlink(FNAME);
+ return 0;
+err:
+ unlink(FNAME);
+ return 1;
+}
+
+int main(int argc, char *argv[])
+{
+ struct io_uring ring;
+ int ret;
+
+ if (geteuid()) {
+ fprintf(stderr, "Not root, skipping\n");
+ return 0;
+ }
+
+ ret = io_uring_queue_init(8, &ring, 0);
+ if (ret) {
+ printf("ring setup failed\n");
+ return 1;
+
+ }
+
+ ret = test_personality(&ring);
+ if (ret) {
+ fprintf(stderr, "test_personality failed\n");
+ return ret;
+ }
+
+ return 0;
+}