1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
|
// SPDX-License-Identifier: GPL-2.0
/* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
#include <stdlib.h>
#include <sys/types.h>
#include <sys/xattr.h>
#include <linux/fsverity.h>
#include <unistd.h>
#include <test_progs.h>
#include "test_get_xattr.skel.h"
#include "test_set_remove_xattr.skel.h"
#include "test_fsverity.skel.h"
static const char testfile[] = "/tmp/test_progs_fs_kfuncs";
static void test_get_xattr(const char *name, const char *value, bool allow_access)
{
struct test_get_xattr *skel = NULL;
int fd = -1, err;
int v[32];
fd = open(testfile, O_CREAT | O_RDONLY, 0644);
if (!ASSERT_GE(fd, 0, "create_file"))
return;
close(fd);
fd = -1;
err = setxattr(testfile, name, value, strlen(value) + 1, 0);
if (err && errno == EOPNOTSUPP) {
printf("%s:SKIP:local fs doesn't support xattr (%d)\n"
"To run this test, make sure /tmp filesystem supports xattr.\n",
__func__, errno);
test__skip();
goto out;
}
if (!ASSERT_OK(err, "setxattr"))
goto out;
skel = test_get_xattr__open_and_load();
if (!ASSERT_OK_PTR(skel, "test_get_xattr__open_and_load"))
goto out;
skel->bss->monitored_pid = getpid();
err = test_get_xattr__attach(skel);
if (!ASSERT_OK(err, "test_get_xattr__attach"))
goto out;
fd = open(testfile, O_RDONLY, 0644);
if (!ASSERT_GE(fd, 0, "open_file"))
goto out;
/* Trigger security_inode_getxattr */
err = getxattr(testfile, name, v, sizeof(v));
if (allow_access) {
ASSERT_EQ(err, -1, "getxattr_return");
ASSERT_EQ(errno, EINVAL, "getxattr_errno");
ASSERT_EQ(skel->bss->found_xattr_from_file, 1, "found_xattr_from_file");
ASSERT_EQ(skel->bss->found_xattr_from_dentry, 1, "found_xattr_from_dentry");
} else {
ASSERT_EQ(err, strlen(value) + 1, "getxattr_return");
ASSERT_EQ(skel->bss->found_xattr_from_file, 0, "found_xattr_from_file");
ASSERT_EQ(skel->bss->found_xattr_from_dentry, 0, "found_xattr_from_dentry");
}
out:
close(fd);
test_get_xattr__destroy(skel);
remove(testfile);
}
/* xattr value we will set to security.bpf.foo */
static const char value_foo[] = "hello";
static void read_and_validate_foo(struct test_set_remove_xattr *skel)
{
char value_out[32];
int err;
err = getxattr(testfile, skel->rodata->xattr_foo, value_out, sizeof(value_out));
ASSERT_EQ(err, sizeof(value_foo), "getxattr size foo");
ASSERT_EQ(strncmp(value_out, value_foo, sizeof(value_foo)), 0, "strncmp value_foo");
}
static void set_foo(struct test_set_remove_xattr *skel)
{
ASSERT_OK(setxattr(testfile, skel->rodata->xattr_foo, value_foo, strlen(value_foo) + 1, 0),
"setxattr foo");
}
static void validate_bar_match(struct test_set_remove_xattr *skel)
{
char value_out[32];
int err;
err = getxattr(testfile, skel->rodata->xattr_bar, value_out, sizeof(value_out));
ASSERT_EQ(err, sizeof(skel->data->value_bar), "getxattr size bar");
ASSERT_EQ(strncmp(value_out, skel->data->value_bar, sizeof(skel->data->value_bar)), 0,
"strncmp value_bar");
}
static void validate_bar_removed(struct test_set_remove_xattr *skel)
{
char value_out[32];
int err;
err = getxattr(testfile, skel->rodata->xattr_bar, value_out, sizeof(value_out));
ASSERT_LT(err, 0, "getxattr size bar should fail");
}
static void test_set_remove_xattr(void)
{
struct test_set_remove_xattr *skel = NULL;
int fd = -1, err;
fd = open(testfile, O_CREAT | O_RDONLY, 0644);
if (!ASSERT_GE(fd, 0, "create_file"))
return;
close(fd);
fd = -1;
skel = test_set_remove_xattr__open_and_load();
if (!ASSERT_OK_PTR(skel, "test_set_remove_xattr__open_and_load"))
return;
/* Set security.bpf.foo to "hello" */
err = setxattr(testfile, skel->rodata->xattr_foo, value_foo, strlen(value_foo) + 1, 0);
if (err && errno == EOPNOTSUPP) {
printf("%s:SKIP:local fs doesn't support xattr (%d)\n"
"To run this test, make sure /tmp filesystem supports xattr.\n",
__func__, errno);
test__skip();
goto out;
}
if (!ASSERT_OK(err, "setxattr"))
goto out;
skel->bss->monitored_pid = getpid();
err = test_set_remove_xattr__attach(skel);
if (!ASSERT_OK(err, "test_set_remove_xattr__attach"))
goto out;
/* First, test not _locked version of the kfuncs with getxattr. */
/* Read security.bpf.foo and trigger test_inode_getxattr. This
* bpf program will set security.bpf.bar to "world".
*/
read_and_validate_foo(skel);
validate_bar_match(skel);
/* Read security.bpf.foo and trigger test_inode_getxattr again.
* This will remove xattr security.bpf.bar.
*/
read_and_validate_foo(skel);
validate_bar_removed(skel);
ASSERT_TRUE(skel->bss->set_security_bpf_bar_success, "set_security_bpf_bar_success");
ASSERT_TRUE(skel->bss->remove_security_bpf_bar_success, "remove_security_bpf_bar_success");
ASSERT_TRUE(skel->bss->set_security_selinux_fail, "set_security_selinux_fail");
ASSERT_TRUE(skel->bss->remove_security_selinux_fail, "remove_security_selinux_fail");
/* Second, test _locked version of the kfuncs, with setxattr */
/* Set security.bpf.foo and trigger test_inode_setxattr. This
* bpf program will set security.bpf.bar to "world".
*/
set_foo(skel);
validate_bar_match(skel);
/* Set security.bpf.foo and trigger test_inode_setxattr again.
* This will remove xattr security.bpf.bar.
*/
set_foo(skel);
validate_bar_removed(skel);
ASSERT_TRUE(skel->bss->locked_set_security_bpf_bar_success,
"locked_set_security_bpf_bar_success");
ASSERT_TRUE(skel->bss->locked_remove_security_bpf_bar_success,
"locked_remove_security_bpf_bar_success");
ASSERT_TRUE(skel->bss->locked_set_security_selinux_fail,
"locked_set_security_selinux_fail");
ASSERT_TRUE(skel->bss->locked_remove_security_selinux_fail,
"locked_remove_security_selinux_fail");
out:
close(fd);
test_set_remove_xattr__destroy(skel);
remove(testfile);
}
#ifndef SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE 32
#endif
static void test_fsverity(void)
{
struct fsverity_enable_arg arg = {0};
struct test_fsverity *skel = NULL;
struct fsverity_digest *d;
int fd, err;
char buffer[4096];
fd = open(testfile, O_CREAT | O_RDWR, 0644);
if (!ASSERT_GE(fd, 0, "create_file"))
return;
/* Write random buffer, so the file is not empty */
err = write(fd, buffer, 4096);
if (!ASSERT_EQ(err, 4096, "write_file"))
goto out;
close(fd);
/* Reopen read-only, otherwise FS_IOC_ENABLE_VERITY will fail */
fd = open(testfile, O_RDONLY, 0644);
if (!ASSERT_GE(fd, 0, "open_file1"))
return;
/* Enable fsverity for the file.
* If the file system doesn't support verity, this will fail. Skip
* the test in such case.
*/
arg.version = 1;
arg.hash_algorithm = FS_VERITY_HASH_ALG_SHA256;
arg.block_size = 4096;
err = ioctl(fd, FS_IOC_ENABLE_VERITY, &arg);
if (err) {
printf("%s:SKIP:local fs doesn't support fsverity (%d)\n"
"To run this test, try enable CONFIG_FS_VERITY and enable FSVerity for the filesystem.\n",
__func__, errno);
test__skip();
goto out;
}
skel = test_fsverity__open_and_load();
if (!ASSERT_OK_PTR(skel, "test_fsverity__open_and_load"))
goto out;
/* Get fsverity_digest from ioctl */
d = (struct fsverity_digest *)skel->bss->expected_digest;
d->digest_algorithm = FS_VERITY_HASH_ALG_SHA256;
d->digest_size = SHA256_DIGEST_SIZE;
err = ioctl(fd, FS_IOC_MEASURE_VERITY, skel->bss->expected_digest);
if (!ASSERT_OK(err, "ioctl_FS_IOC_MEASURE_VERITY"))
goto out;
skel->bss->monitored_pid = getpid();
err = test_fsverity__attach(skel);
if (!ASSERT_OK(err, "test_fsverity__attach"))
goto out;
/* Reopen the file to trigger the program */
close(fd);
fd = open(testfile, O_RDONLY);
if (!ASSERT_GE(fd, 0, "open_file2"))
goto out;
ASSERT_EQ(skel->bss->got_fsverity, 1, "got_fsverity");
ASSERT_EQ(skel->bss->digest_matches, 1, "digest_matches");
out:
close(fd);
test_fsverity__destroy(skel);
remove(testfile);
}
void test_fs_kfuncs(void)
{
/* Matches xattr_names in progs/test_get_xattr.c */
if (test__start_subtest("user_xattr"))
test_get_xattr("user.kfuncs", "hello", true);
if (test__start_subtest("security_bpf_xattr"))
test_get_xattr("security.bpf.xxx", "hello", true);
if (test__start_subtest("security_bpf_xattr_error"))
test_get_xattr("security.bpf", "hello", false);
if (test__start_subtest("security_selinux_xattr_error"))
test_get_xattr("security.selinux", "hello", false);
if (test__start_subtest("set_remove_xattr"))
test_set_remove_xattr();
if (test__start_subtest("fsverity"))
test_fsverity();
}
|
