From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by sourceware.org (Postfix) with ESMTP id DD66538930EF for ; Tue, 6 Apr 2021 16:46:20 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org DD66538930EF Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-349-lGW1OEtQOfu6DoRjxQ0VaQ-1; Tue, 06 Apr 2021 12:46:18 -0400 X-MC-Unique: lGW1OEtQOfu6DoRjxQ0VaQ-1 Received: by mail-qk1-f200.google.com with SMTP id k188so12992551qkb.5 for ; Tue, 06 Apr 2021 09:46:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=+uKnPm/HCs4jVr3yOraWIW4g/yGUo3V3zj+3lJO7Auc=; b=IYRYP9dq/RH2Mw2zrIV052x76nSclYKviZuSdffIaPbwuFJgBaulOFgXC91r4htCa3 Lo+26+RR0MAfbtR5ezMNaaaZ6qFHazvG3tVGZbqVkOozury1ITPXkn62TSGSe2u+yA/o uIz8VgLDF7o3XjUtqJCDcv7MktAhBScVUzYZvQSG3aO80PunVmEL4N86tSz9Iz7igKJO ufNrurFeuo9fzHgzAVoQCNcZDzvvtlDtjDKP7AdUgt64Mb0v4yeeHFOZlM1+ugzljcwa en4nvfz14e53XLr1vhlsKnOf1xS7/iGR53pa2uOaN1DZ2yFh4OvoukuNtYShSC9Yc7Pz 9nFQ== X-Gm-Message-State: AOAM531/yNfS5wm1Yn+bTfb7IfkFaCxFcB5PFWtLuhIqGEVNplqX4zhp IMcg3f1Hpjhisb/SdiKyw0cT+hG6RwVXhO+Pfo6++Kzwmf3HElLNqBeo8Kdk/XIoBxw+639XnSY sSZkYnVSAakZCvbckpwz+TmQq+haEgNq7IVMAoiTRt39S46aBX2drurUcoAg24NG1HEkekg== X-Received: by 2002:a05:622a:210:: with SMTP id b16mr28448179qtx.377.1617727577921; Tue, 06 Apr 2021 09:46:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw7MYXpdbHLot1EnYZn+LoV82Whge4PIqi9sCAN7Fv0C+qcfnET9ZppPWsq0mNW5UoPOks2qQ== X-Received: by 2002:a05:622a:210:: with SMTP id b16mr28448154qtx.377.1617727577588; Tue, 06 Apr 2021 09:46:17 -0700 (PDT) Received: from [192.168.1.16] (198-84-214-74.cpe.teksavvy.com. [198.84.214.74]) by smtp.gmail.com with ESMTPSA id j24sm16202156qka.67.2021.04.06.09.46.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 06 Apr 2021 09:46:16 -0700 (PDT) Subject: Re: [PATCH 3/4] Enhance setuid-tunables test To: Siddhesh Poyarekar , libc-alpha@sourceware.org References: <20210316070755.330084-1-siddhesh@sourceware.org> <20210316070755.330084-4-siddhesh@sourceware.org> From: Carlos O'Donell Organization: Red Hat Message-ID: <9abe93cd-fff5-a8c6-6ae9-3734cd656344@redhat.com> Date: Tue, 6 Apr 2021 12:46:15 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 In-Reply-To: <20210316070755.330084-4-siddhesh@sourceware.org> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-13.7 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Apr 2021 16:46:22 -0000 On 3/16/21 3:07 AM, Siddhesh Poyarekar via Libc-alpha wrote: > Instead of passing GLIBC_TUNABLES via the environment, pass the > environment variable from parent to child. This allows us to test > multiple variables to ensure better coverage. > > The test list currently only includes the case that's already being > tested. More tests will be added later. I like that you turn this into a data-driven test and move the env vars out of make. LGTM. Reviewed-by: Carlos O'Donell > --- > elf/Makefile | 2 - > elf/tst-env-setuid-tunables.c | 90 +++++++++++++++++++++++++++-------- > 2 files changed, 69 insertions(+), 23 deletions(-) > > diff --git a/elf/Makefile b/elf/Makefile > index 3b8e13e066..4e04c26eea 100644 > --- a/elf/Makefile > +++ b/elf/Makefile > @@ -1653,8 +1653,6 @@ $(objpfx)tst-nodelete-dlclose.out: $(objpfx)tst-nodelete-dlclose-dso.so \ > > tst-env-setuid-ENV = MALLOC_CHECK_=2 MALLOC_MMAP_THRESHOLD_=4096 \ > LD_HWCAP_MASK=0x1 > -tst-env-setuid-tunables-ENV = \ > - GLIBC_TUNABLES=glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096 OK. > > $(objpfx)tst-debug1: $(libdl) > $(objpfx)tst-debug1.out: $(objpfx)tst-debug1mod1.so > diff --git a/elf/tst-env-setuid-tunables.c b/elf/tst-env-setuid-tunables.c > index 50bef8683d..3d523875b1 100644 > --- a/elf/tst-env-setuid-tunables.c > +++ b/elf/tst-env-setuid-tunables.c > @@ -25,35 +25,50 @@ > #include "config.h" > #undef _LIBC > > -#define test_parent test_parent_tunables > -#define test_child test_child_tunables > - > -static int test_child_tunables (void); > -static int test_parent_tunables (void); > - > -#include "tst-env-setuid.c" > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include > +#include > +#include > +#include > + > +const char *teststrings[] = > +{ > + "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096", OK. > +}; > > -#define CHILD_VALSTRING_VALUE "glibc.malloc.mmap_threshold=4096" > -#define PARENT_VALSTRING_VALUE \ > - "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096" > +const char *resultstrings[] = > +{ > + "glibc.malloc.mmap_threshold=4096", OK. SXID_IGNORE. > +}; > > static int > -test_child_tunables (void) > +test_child (int off) > { > const char *val = getenv ("GLIBC_TUNABLES"); > > #if HAVE_TUNABLES > - if (val != NULL && strcmp (val, CHILD_VALSTRING_VALUE) == 0) > + if (val != NULL && strcmp (val, resultstrings[off]) == 0) > return 0; > > if (val != NULL) > - printf ("Unexpected GLIBC_TUNABLES VALUE %s\n", val); > + printf ("[%d] Unexpected GLIBC_TUNABLES VALUE %s\n", off, val); > > return 1; > #else > if (val != NULL) > { > - printf ("GLIBC_TUNABLES not cleared\n"); > + printf ("[%d] GLIBC_TUNABLES not cleared\n", off); > return 1; > } > return 0; > @@ -61,15 +76,48 @@ test_child_tunables (void) > } > > static int > -test_parent_tunables (void) > +do_test (int argc, char **argv) > { > - const char *val = getenv ("GLIBC_TUNABLES"); > + /* Setgid child process. */ > + if (argc == 2) > + { > + if (getgid () == getegid ()) > + /* This can happen if the file system is mounted nosuid. */ > + FAIL_UNSUPPORTED ("SGID failed: GID and EGID match (%jd)\n", > + (intmax_t) getgid ()); > > - if (val != NULL && strcmp (val, PARENT_VALSTRING_VALUE) == 0) > - return 0; > + int ret = test_child (atoi (argv[1])); > > - if (val != NULL) > - printf ("Unexpected GLIBC_TUNABLES VALUE %s\n", val); > + if (ret != 0) > + exit (1); > > - return 1; > + exit (EXIT_SUCCESS); > + } > + else > + { > + int ret = 0; > + > + /* Spawn tests. */ > + for (int i = 0; i < array_length (teststrings); i++) > + { > + char buf[INT_BUFSIZE_BOUND (int)]; > + > + printf ("Spawned test for %s (%d)\n", teststrings[i], i); > + snprintf (buf, sizeof (buf), "%d\n", i); > + if (setenv ("GLIBC_TUNABLES", teststrings[i], 1) != 0) OK. Put env vars into test as a data-driven test rather than Make-driven. > + exit (1); > + > + int status = support_capture_subprogram_self_sgid (buf); > + > + /* Bail out early if unsupported. */ > + if (WEXITSTATUS (status) == EXIT_UNSUPPORTED) > + return EXIT_UNSUPPORTED; > + > + ret |= status; > + } > + return ret; > + } > } > + > +#define TEST_FUNCTION_ARGV do_test > +#include > -- Cheers, Carlos.