2013-08-08 17:13:33 -07:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2013 The Android Open Source Project
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <gtest/gtest.h>
|
|
|
|
|
|
|
|
#include <errno.h>
|
Implement some of the missing LFS64 support.
This gives us:
* <dirent.h>
struct dirent64
readdir64, readdir64_r, alphasort64, scandir64
* <fcntl.h>
creat64, openat64, open64.
* <sys/stat.h>
struct stat64
fstat64, fstatat64, lstat64, stat64.
* <sys/statvfs.h>
struct statvfs64
statvfs64, fstatvfs64.
* <sys/vfs.h>
struct statfs64
statfs64, fstatfs64.
This also removes some of the incorrect #define hacks we've had in the
past (for stat64, for example, which we promised to clean up way back
in bug 8472078).
Bug: 11865851
Bug: 8472078
Change-Id: Ia46443521918519f2dfa64d4621027dfd13ac566
2014-01-17 18:42:49 -08:00
|
|
|
#include <fcntl.h>
|
2013-08-08 17:13:33 -07:00
|
|
|
#include <stdlib.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
2013-10-22 10:54:11 -07:00
|
|
|
#include "TemporaryFile.h"
|
|
|
|
|
2013-08-08 17:13:33 -07:00
|
|
|
TEST(sys_stat, futimens) {
|
|
|
|
FILE* fp = tmpfile();
|
|
|
|
ASSERT_TRUE(fp != NULL);
|
|
|
|
|
|
|
|
int fd = fileno(fp);
|
|
|
|
ASSERT_NE(fd, -1);
|
|
|
|
|
|
|
|
timespec times[2];
|
|
|
|
times[0].tv_sec = 123;
|
|
|
|
times[0].tv_nsec = 0;
|
|
|
|
times[1].tv_sec = 456;
|
|
|
|
times[1].tv_nsec = 0;
|
|
|
|
ASSERT_EQ(0, futimens(fd, times)) << strerror(errno);
|
|
|
|
|
|
|
|
struct stat sb;
|
|
|
|
ASSERT_EQ(0, fstat(fd, &sb));
|
|
|
|
ASSERT_EQ(times[0].tv_sec, static_cast<long>(sb.st_atime));
|
|
|
|
ASSERT_EQ(times[1].tv_sec, static_cast<long>(sb.st_mtime));
|
|
|
|
|
|
|
|
fclose(fp);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, futimens_EBADF) {
|
|
|
|
timespec times[2];
|
|
|
|
times[0].tv_sec = 123;
|
|
|
|
times[0].tv_nsec = 0;
|
|
|
|
times[1].tv_sec = 456;
|
|
|
|
times[1].tv_nsec = 0;
|
|
|
|
ASSERT_EQ(-1, futimens(-1, times));
|
|
|
|
ASSERT_EQ(EBADF, errno);
|
|
|
|
}
|
2013-10-22 10:54:11 -07:00
|
|
|
|
2014-10-23 19:10:23 -07:00
|
|
|
TEST(sys_stat, mkfifo_failure) {
|
|
|
|
errno = 0;
|
|
|
|
ASSERT_EQ(-1, mkfifo("/", 0666));
|
|
|
|
ASSERT_EQ(EEXIST, errno);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, mkfifoat_failure) {
|
|
|
|
errno = 0;
|
|
|
|
ASSERT_EQ(-1, mkfifoat(-2, "x", 0666));
|
|
|
|
ASSERT_EQ(EBADF, errno);
|
|
|
|
}
|
|
|
|
|
2013-10-22 10:54:11 -07:00
|
|
|
TEST(sys_stat, mkfifo) {
|
2014-09-24 16:01:18 -07:00
|
|
|
if (getuid() == 0) {
|
|
|
|
// Racy but probably sufficient way to get a suitable filename.
|
|
|
|
std::string path;
|
|
|
|
{
|
|
|
|
TemporaryFile tf;
|
|
|
|
path = tf.filename;
|
|
|
|
}
|
2013-10-22 10:54:11 -07:00
|
|
|
|
2014-09-24 16:01:18 -07:00
|
|
|
ASSERT_EQ(0, mkfifo(path.c_str(), 0666));
|
|
|
|
struct stat sb;
|
|
|
|
ASSERT_EQ(0, stat(path.c_str(), &sb));
|
|
|
|
ASSERT_TRUE(S_ISFIFO(sb.st_mode));
|
|
|
|
unlink(path.c_str());
|
|
|
|
} else {
|
2014-10-23 19:10:23 -07:00
|
|
|
// SELinux policy forbids us from creating FIFOs. http://b/17646702.
|
2014-09-24 16:01:18 -07:00
|
|
|
GTEST_LOG_(INFO) << "This test only performs a test when run as root.";
|
|
|
|
}
|
2013-10-22 10:54:11 -07:00
|
|
|
}
|
Implement some of the missing LFS64 support.
This gives us:
* <dirent.h>
struct dirent64
readdir64, readdir64_r, alphasort64, scandir64
* <fcntl.h>
creat64, openat64, open64.
* <sys/stat.h>
struct stat64
fstat64, fstatat64, lstat64, stat64.
* <sys/statvfs.h>
struct statvfs64
statvfs64, fstatvfs64.
* <sys/vfs.h>
struct statfs64
statfs64, fstatfs64.
This also removes some of the incorrect #define hacks we've had in the
past (for stat64, for example, which we promised to clean up way back
in bug 8472078).
Bug: 11865851
Bug: 8472078
Change-Id: Ia46443521918519f2dfa64d4621027dfd13ac566
2014-01-17 18:42:49 -08:00
|
|
|
|
|
|
|
TEST(sys_stat, stat64_lstat64_fstat64) {
|
|
|
|
struct stat64 sb;
|
|
|
|
ASSERT_EQ(0, stat64("/proc/version", &sb));
|
|
|
|
ASSERT_EQ(0, lstat64("/proc/version", &sb));
|
|
|
|
int fd = open("/proc/version", O_RDONLY);
|
|
|
|
ASSERT_EQ(0, fstat64(fd, &sb));
|
|
|
|
close(fd);
|
|
|
|
}
|
Add fchmodat(AT_SYMLINK_NOFOLLOW) and fchmod O_PATH support
Many libc functions have an option to not follow symbolic
links. This is useful to avoid security sensitive code
from inadvertantly following attacker supplied symlinks
and taking inappropriate action on files it shouldn't.
For example, open() has O_NOFOLLOW, chown() has
lchown(), stat() has lstat(), etc.
There is no such equivalent function for chmod(), such as lchmod().
To address this, POSIX introduced fchmodat(AT_SYMLINK_NOFOLLOW),
which is intended to provide a way to perform a chmod operation
which doesn't follow symlinks.
Currently, the Linux kernel doesn't implement AT_SYMLINK_NOFOLLOW.
In GLIBC, attempting to use the AT_SYMLINK_NOFOLLOW flag causes
fchmodat to return ENOTSUP. Details are in "man fchmodat".
Bionic currently differs from GLIBC in that AT_SYMLINK_NOFOLLOW
is silently ignored and treated as if the flag wasn't present.
This patch provides a userspace implementation of
AT_SYMLINK_NOFOLLOW for bionic. Using open(O_PATH | O_NOFOLLOW),
we can provide a way to atomically change the permissions on
files without worrying about race conditions.
As part of this change, we add support for fchmod on O_PATH
file descriptors, because it's relatively straight forward
and could be useful in the future.
The basic idea behind this implementation comes from
https://sourceware.org/bugzilla/show_bug.cgi?id=14578 , specifically
comment #10.
Change-Id: I1eba0cdb2c509d9193ceecf28f13118188a3cfa7
2015-01-31 19:57:46 -08:00
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_EFAULT_file) {
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, (char *) 0x1, 0751, 0));
|
|
|
|
ASSERT_EQ(EFAULT, errno);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_AT_SYMLINK_NOFOLLOW_EFAULT_file) {
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, (char *) 0x1, 0751, AT_SYMLINK_NOFOLLOW));
|
|
|
|
#if defined(__BIONIC__)
|
|
|
|
ASSERT_EQ(EFAULT, errno);
|
|
|
|
#else
|
|
|
|
// glibc 2.19 does not implement AT_SYMLINK_NOFOLLOW and always
|
|
|
|
// returns ENOTSUP
|
|
|
|
ASSERT_EQ(ENOTSUP, errno);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_bad_flags) {
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, "/blah", 0751, ~AT_SYMLINK_NOFOLLOW));
|
|
|
|
ASSERT_EQ(EINVAL, errno);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_bad_flags_ALL) {
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, "/blah", 0751, ~0));
|
|
|
|
ASSERT_EQ(EINVAL, errno);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_nonexistant_file) {
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, "/blah", 0751, 0));
|
|
|
|
ASSERT_EQ(ENOENT, errno);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_AT_SYMLINK_NOFOLLOW_nonexistant_file) {
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, "/blah", 0751, AT_SYMLINK_NOFOLLOW));
|
|
|
|
#if defined(__BIONIC__)
|
|
|
|
ASSERT_EQ(ENOENT, errno);
|
|
|
|
#else
|
|
|
|
// glibc 2.19 does not implement AT_SYMLINK_NOFOLLOW and always
|
|
|
|
// returns ENOTSUP
|
|
|
|
ASSERT_EQ(ENOTSUP, errno);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_file) {
|
|
|
|
TemporaryFile tf;
|
|
|
|
struct stat sb;
|
|
|
|
|
|
|
|
ASSERT_EQ(0, fchmodat(AT_FDCWD, tf.filename, 0751, 0));
|
|
|
|
ASSERT_EQ(0, fstat(tf.fd, &sb));
|
|
|
|
ASSERT_TRUE(0751 == (sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)));
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_AT_SYMLINK_NOFOLLOW_file) {
|
|
|
|
TemporaryFile tf;
|
|
|
|
errno = 0;
|
|
|
|
int result = fchmodat(AT_FDCWD, tf.filename, 0751, AT_SYMLINK_NOFOLLOW);
|
|
|
|
|
|
|
|
#if defined(__BIONIC__)
|
|
|
|
struct stat sb;
|
|
|
|
ASSERT_EQ(0, result);
|
|
|
|
ASSERT_EQ(0, errno);
|
|
|
|
ASSERT_EQ(0, fstat(tf.fd, &sb));
|
|
|
|
ASSERT_TRUE(0751 == (sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)));
|
|
|
|
#else
|
|
|
|
// glibc 2.19 does not implement AT_SYMLINK_NOFOLLOW and always
|
|
|
|
// returns ENOTSUP
|
|
|
|
ASSERT_EQ(-1, result);
|
|
|
|
ASSERT_EQ(ENOTSUP, errno);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_symlink) {
|
|
|
|
TemporaryFile tf;
|
|
|
|
char linkname[255];
|
|
|
|
struct stat sb;
|
|
|
|
|
|
|
|
snprintf(linkname, sizeof(linkname), "%s.link", tf.filename);
|
|
|
|
|
|
|
|
ASSERT_EQ(0, symlink(tf.filename, linkname));
|
|
|
|
ASSERT_EQ(0, fchmodat(AT_FDCWD, linkname, 0751, 0));
|
|
|
|
ASSERT_EQ(0, fstat(tf.fd, &sb));
|
|
|
|
ASSERT_TRUE(0751 == (sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)));
|
|
|
|
unlink(linkname);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_dangling_symlink) {
|
|
|
|
TemporaryFile tf;
|
|
|
|
char linkname[255];
|
|
|
|
char target[255];
|
|
|
|
|
|
|
|
snprintf(linkname, sizeof(linkname), "%s.link", tf.filename);
|
|
|
|
snprintf(target, sizeof(target), "%s.doesnotexist", tf.filename);
|
|
|
|
|
|
|
|
ASSERT_EQ(0, symlink(target, linkname));
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, linkname, 0751, 0));
|
|
|
|
ASSERT_EQ(ENOENT, errno);
|
|
|
|
unlink(linkname);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_AT_SYMLINK_NOFOLLOW_with_symlink) {
|
|
|
|
TemporaryFile tf;
|
|
|
|
char linkname[255];
|
|
|
|
|
|
|
|
snprintf(linkname, sizeof(linkname), "%s.link", tf.filename);
|
|
|
|
|
|
|
|
ASSERT_EQ(0, symlink(tf.filename, linkname));
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, linkname, 0751, AT_SYMLINK_NOFOLLOW));
|
|
|
|
ASSERT_EQ(ENOTSUP, errno);
|
|
|
|
unlink(linkname);
|
|
|
|
}
|
|
|
|
|
|
|
|
TEST(sys_stat, fchmodat_AT_SYMLINK_NOFOLLOW_with_dangling_symlink) {
|
|
|
|
TemporaryFile tf;
|
|
|
|
char linkname[255];
|
|
|
|
char target[255];
|
|
|
|
|
|
|
|
snprintf(linkname, sizeof(linkname), "%s.link", tf.filename);
|
|
|
|
snprintf(target, sizeof(target), "%s.doesnotexist", tf.filename);
|
|
|
|
|
|
|
|
ASSERT_EQ(0, symlink(target, linkname));
|
|
|
|
ASSERT_EQ(-1, fchmodat(AT_FDCWD, linkname, 0751, AT_SYMLINK_NOFOLLOW));
|
|
|
|
ASSERT_EQ(ENOTSUP, errno);
|
|
|
|
unlink(linkname);
|
|
|
|
}
|