1*25da2beaSAndroid Build Coastguard Worker /* SPDX-License-Identifier: MIT */
2*25da2beaSAndroid Build Coastguard Worker /*
3*25da2beaSAndroid Build Coastguard Worker * Description: test if personalities work
4*25da2beaSAndroid Build Coastguard Worker *
5*25da2beaSAndroid Build Coastguard Worker */
6*25da2beaSAndroid Build Coastguard Worker #include <errno.h>
7*25da2beaSAndroid Build Coastguard Worker #include <stdio.h>
8*25da2beaSAndroid Build Coastguard Worker #include <unistd.h>
9*25da2beaSAndroid Build Coastguard Worker #include <stdlib.h>
10*25da2beaSAndroid Build Coastguard Worker #include <string.h>
11*25da2beaSAndroid Build Coastguard Worker #include <fcntl.h>
12*25da2beaSAndroid Build Coastguard Worker
13*25da2beaSAndroid Build Coastguard Worker #include "liburing.h"
14*25da2beaSAndroid Build Coastguard Worker
15*25da2beaSAndroid Build Coastguard Worker #define FNAME "/tmp/.tmp.access"
16*25da2beaSAndroid Build Coastguard Worker #define USE_UID 1000
17*25da2beaSAndroid Build Coastguard Worker
18*25da2beaSAndroid Build Coastguard Worker static int no_personality;
19*25da2beaSAndroid Build Coastguard Worker
open_file(struct io_uring * ring,int cred_id,int with_link)20*25da2beaSAndroid Build Coastguard Worker static int open_file(struct io_uring *ring, int cred_id, int with_link)
21*25da2beaSAndroid Build Coastguard Worker {
22*25da2beaSAndroid Build Coastguard Worker struct io_uring_cqe *cqe;
23*25da2beaSAndroid Build Coastguard Worker struct io_uring_sqe *sqe;
24*25da2beaSAndroid Build Coastguard Worker int ret, i, to_submit = 1;
25*25da2beaSAndroid Build Coastguard Worker
26*25da2beaSAndroid Build Coastguard Worker if (with_link) {
27*25da2beaSAndroid Build Coastguard Worker sqe = io_uring_get_sqe(ring);
28*25da2beaSAndroid Build Coastguard Worker io_uring_prep_nop(sqe);
29*25da2beaSAndroid Build Coastguard Worker sqe->flags |= IOSQE_IO_LINK;
30*25da2beaSAndroid Build Coastguard Worker sqe->user_data = 1;
31*25da2beaSAndroid Build Coastguard Worker to_submit++;
32*25da2beaSAndroid Build Coastguard Worker }
33*25da2beaSAndroid Build Coastguard Worker
34*25da2beaSAndroid Build Coastguard Worker sqe = io_uring_get_sqe(ring);
35*25da2beaSAndroid Build Coastguard Worker io_uring_prep_openat(sqe, -1, FNAME, O_RDONLY, 0);
36*25da2beaSAndroid Build Coastguard Worker sqe->user_data = 2;
37*25da2beaSAndroid Build Coastguard Worker
38*25da2beaSAndroid Build Coastguard Worker if (cred_id != -1)
39*25da2beaSAndroid Build Coastguard Worker sqe->personality = cred_id;
40*25da2beaSAndroid Build Coastguard Worker
41*25da2beaSAndroid Build Coastguard Worker ret = io_uring_submit(ring);
42*25da2beaSAndroid Build Coastguard Worker if (ret != to_submit) {
43*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "submit got: %d\n", ret);
44*25da2beaSAndroid Build Coastguard Worker goto err;
45*25da2beaSAndroid Build Coastguard Worker }
46*25da2beaSAndroid Build Coastguard Worker
47*25da2beaSAndroid Build Coastguard Worker for (i = 0; i < to_submit; i++) {
48*25da2beaSAndroid Build Coastguard Worker ret = io_uring_wait_cqe(ring, &cqe);
49*25da2beaSAndroid Build Coastguard Worker if (ret < 0) {
50*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "wait completion %d\n", ret);
51*25da2beaSAndroid Build Coastguard Worker goto err;
52*25da2beaSAndroid Build Coastguard Worker }
53*25da2beaSAndroid Build Coastguard Worker
54*25da2beaSAndroid Build Coastguard Worker ret = cqe->res;
55*25da2beaSAndroid Build Coastguard Worker io_uring_cqe_seen(ring, cqe);
56*25da2beaSAndroid Build Coastguard Worker }
57*25da2beaSAndroid Build Coastguard Worker err:
58*25da2beaSAndroid Build Coastguard Worker return ret;
59*25da2beaSAndroid Build Coastguard Worker }
60*25da2beaSAndroid Build Coastguard Worker
test_personality(struct io_uring * ring)61*25da2beaSAndroid Build Coastguard Worker static int test_personality(struct io_uring *ring)
62*25da2beaSAndroid Build Coastguard Worker {
63*25da2beaSAndroid Build Coastguard Worker int ret, cred_id;
64*25da2beaSAndroid Build Coastguard Worker
65*25da2beaSAndroid Build Coastguard Worker ret = io_uring_register_personality(ring);
66*25da2beaSAndroid Build Coastguard Worker if (ret < 0) {
67*25da2beaSAndroid Build Coastguard Worker if (ret == -EINVAL) {
68*25da2beaSAndroid Build Coastguard Worker fprintf(stdout, "Personalities not supported, skipping\n");
69*25da2beaSAndroid Build Coastguard Worker no_personality = 1;
70*25da2beaSAndroid Build Coastguard Worker goto out;
71*25da2beaSAndroid Build Coastguard Worker }
72*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "register_personality: %d\n", ret);
73*25da2beaSAndroid Build Coastguard Worker goto err;
74*25da2beaSAndroid Build Coastguard Worker }
75*25da2beaSAndroid Build Coastguard Worker cred_id = ret;
76*25da2beaSAndroid Build Coastguard Worker
77*25da2beaSAndroid Build Coastguard Worker /* create file only owner can open */
78*25da2beaSAndroid Build Coastguard Worker ret = open(FNAME, O_RDONLY | O_CREAT, 0600);
79*25da2beaSAndroid Build Coastguard Worker if (ret < 0) {
80*25da2beaSAndroid Build Coastguard Worker perror("open");
81*25da2beaSAndroid Build Coastguard Worker goto err;
82*25da2beaSAndroid Build Coastguard Worker }
83*25da2beaSAndroid Build Coastguard Worker close(ret);
84*25da2beaSAndroid Build Coastguard Worker
85*25da2beaSAndroid Build Coastguard Worker /* verify we can open it */
86*25da2beaSAndroid Build Coastguard Worker ret = open_file(ring, -1, 0);
87*25da2beaSAndroid Build Coastguard Worker if (ret < 0) {
88*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "current open got: %d\n", ret);
89*25da2beaSAndroid Build Coastguard Worker goto err;
90*25da2beaSAndroid Build Coastguard Worker }
91*25da2beaSAndroid Build Coastguard Worker
92*25da2beaSAndroid Build Coastguard Worker if (seteuid(USE_UID) < 0) {
93*25da2beaSAndroid Build Coastguard Worker fprintf(stdout, "Can't switch to UID %u, skipping\n", USE_UID);
94*25da2beaSAndroid Build Coastguard Worker goto out;
95*25da2beaSAndroid Build Coastguard Worker }
96*25da2beaSAndroid Build Coastguard Worker
97*25da2beaSAndroid Build Coastguard Worker /* verify we can't open it with current credentials */
98*25da2beaSAndroid Build Coastguard Worker ret = open_file(ring, -1, 0);
99*25da2beaSAndroid Build Coastguard Worker if (ret != -EACCES) {
100*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "open got: %d\n", ret);
101*25da2beaSAndroid Build Coastguard Worker goto err;
102*25da2beaSAndroid Build Coastguard Worker }
103*25da2beaSAndroid Build Coastguard Worker
104*25da2beaSAndroid Build Coastguard Worker /* verify we can open with registered credentials */
105*25da2beaSAndroid Build Coastguard Worker ret = open_file(ring, cred_id, 0);
106*25da2beaSAndroid Build Coastguard Worker if (ret < 0) {
107*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "credential open: %d\n", ret);
108*25da2beaSAndroid Build Coastguard Worker goto err;
109*25da2beaSAndroid Build Coastguard Worker }
110*25da2beaSAndroid Build Coastguard Worker close(ret);
111*25da2beaSAndroid Build Coastguard Worker
112*25da2beaSAndroid Build Coastguard Worker /* verify we can open with registered credentials and as a link */
113*25da2beaSAndroid Build Coastguard Worker ret = open_file(ring, cred_id, 1);
114*25da2beaSAndroid Build Coastguard Worker if (ret < 0) {
115*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "credential open: %d\n", ret);
116*25da2beaSAndroid Build Coastguard Worker goto err;
117*25da2beaSAndroid Build Coastguard Worker }
118*25da2beaSAndroid Build Coastguard Worker
119*25da2beaSAndroid Build Coastguard Worker if (seteuid(0))
120*25da2beaSAndroid Build Coastguard Worker perror("seteuid");
121*25da2beaSAndroid Build Coastguard Worker
122*25da2beaSAndroid Build Coastguard Worker ret = io_uring_unregister_personality(ring, cred_id);
123*25da2beaSAndroid Build Coastguard Worker if (ret) {
124*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "register_personality: %d\n", ret);
125*25da2beaSAndroid Build Coastguard Worker goto err;
126*25da2beaSAndroid Build Coastguard Worker }
127*25da2beaSAndroid Build Coastguard Worker
128*25da2beaSAndroid Build Coastguard Worker out:
129*25da2beaSAndroid Build Coastguard Worker unlink(FNAME);
130*25da2beaSAndroid Build Coastguard Worker return 0;
131*25da2beaSAndroid Build Coastguard Worker err:
132*25da2beaSAndroid Build Coastguard Worker unlink(FNAME);
133*25da2beaSAndroid Build Coastguard Worker return 1;
134*25da2beaSAndroid Build Coastguard Worker }
135*25da2beaSAndroid Build Coastguard Worker
test_invalid_personality(struct io_uring * ring)136*25da2beaSAndroid Build Coastguard Worker static int test_invalid_personality(struct io_uring *ring)
137*25da2beaSAndroid Build Coastguard Worker {
138*25da2beaSAndroid Build Coastguard Worker int ret;
139*25da2beaSAndroid Build Coastguard Worker
140*25da2beaSAndroid Build Coastguard Worker ret = open_file(ring, 2, 0);
141*25da2beaSAndroid Build Coastguard Worker if (ret != -EINVAL) {
142*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "invalid personality got: %d\n", ret);
143*25da2beaSAndroid Build Coastguard Worker goto err;
144*25da2beaSAndroid Build Coastguard Worker }
145*25da2beaSAndroid Build Coastguard Worker return 0;
146*25da2beaSAndroid Build Coastguard Worker err:
147*25da2beaSAndroid Build Coastguard Worker return 1;
148*25da2beaSAndroid Build Coastguard Worker }
149*25da2beaSAndroid Build Coastguard Worker
test_invalid_unregister(struct io_uring * ring)150*25da2beaSAndroid Build Coastguard Worker static int test_invalid_unregister(struct io_uring *ring)
151*25da2beaSAndroid Build Coastguard Worker {
152*25da2beaSAndroid Build Coastguard Worker int ret;
153*25da2beaSAndroid Build Coastguard Worker
154*25da2beaSAndroid Build Coastguard Worker ret = io_uring_unregister_personality(ring, 2);
155*25da2beaSAndroid Build Coastguard Worker if (ret != -EINVAL) {
156*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "invalid personality unregister got: %d\n", ret);
157*25da2beaSAndroid Build Coastguard Worker goto err;
158*25da2beaSAndroid Build Coastguard Worker }
159*25da2beaSAndroid Build Coastguard Worker return 0;
160*25da2beaSAndroid Build Coastguard Worker err:
161*25da2beaSAndroid Build Coastguard Worker return 1;
162*25da2beaSAndroid Build Coastguard Worker }
163*25da2beaSAndroid Build Coastguard Worker
main(int argc,char * argv[])164*25da2beaSAndroid Build Coastguard Worker int main(int argc, char *argv[])
165*25da2beaSAndroid Build Coastguard Worker {
166*25da2beaSAndroid Build Coastguard Worker struct io_uring ring;
167*25da2beaSAndroid Build Coastguard Worker int ret;
168*25da2beaSAndroid Build Coastguard Worker
169*25da2beaSAndroid Build Coastguard Worker if (argc > 1)
170*25da2beaSAndroid Build Coastguard Worker return 0;
171*25da2beaSAndroid Build Coastguard Worker
172*25da2beaSAndroid Build Coastguard Worker if (geteuid()) {
173*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "Not root, skipping\n");
174*25da2beaSAndroid Build Coastguard Worker return 0;
175*25da2beaSAndroid Build Coastguard Worker }
176*25da2beaSAndroid Build Coastguard Worker
177*25da2beaSAndroid Build Coastguard Worker ret = io_uring_queue_init(8, &ring, 0);
178*25da2beaSAndroid Build Coastguard Worker if (ret) {
179*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "ring setup failed: %d\n", ret);
180*25da2beaSAndroid Build Coastguard Worker return 1;
181*25da2beaSAndroid Build Coastguard Worker }
182*25da2beaSAndroid Build Coastguard Worker
183*25da2beaSAndroid Build Coastguard Worker ret = test_personality(&ring);
184*25da2beaSAndroid Build Coastguard Worker if (ret) {
185*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "test_personality failed\n");
186*25da2beaSAndroid Build Coastguard Worker return ret;
187*25da2beaSAndroid Build Coastguard Worker }
188*25da2beaSAndroid Build Coastguard Worker if (no_personality)
189*25da2beaSAndroid Build Coastguard Worker return 0;
190*25da2beaSAndroid Build Coastguard Worker
191*25da2beaSAndroid Build Coastguard Worker ret = test_invalid_personality(&ring);
192*25da2beaSAndroid Build Coastguard Worker if (ret) {
193*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "test_invalid_personality failed\n");
194*25da2beaSAndroid Build Coastguard Worker return ret;
195*25da2beaSAndroid Build Coastguard Worker }
196*25da2beaSAndroid Build Coastguard Worker
197*25da2beaSAndroid Build Coastguard Worker ret = test_invalid_unregister(&ring);
198*25da2beaSAndroid Build Coastguard Worker if (ret) {
199*25da2beaSAndroid Build Coastguard Worker fprintf(stderr, "test_invalid_unregister failed\n");
200*25da2beaSAndroid Build Coastguard Worker return ret;
201*25da2beaSAndroid Build Coastguard Worker }
202*25da2beaSAndroid Build Coastguard Worker
203*25da2beaSAndroid Build Coastguard Worker return 0;
204*25da2beaSAndroid Build Coastguard Worker }
205