diff options
author | Aleksa Sarai <cyphar@cyphar.com> | 2020-01-18 13:08:00 +0100 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2020-01-18 15:19:18 +0100 |
commit | b28a10aedcd4d175470171a32f4f20b0a60a612b (patch) | |
tree | 418470992a734633f506e8a04e32db89b72c7dd7 /tools/testing/selftests/Makefile | |
parent | open: introduce openat2(2) syscall (diff) | |
download | linux-b28a10aedcd4d175470171a32f4f20b0a60a612b.tar.xz linux-b28a10aedcd4d175470171a32f4f20b0a60a612b.zip |
selftests: add openat2(2) selftests
Test all of the various openat2(2) flags. A small stress-test of a
symlink-rename attack is included to show that the protections against
".."-based attacks are sufficient.
The main things these self-tests are enforcing are:
* The struct+usize ABI for openat2(2) and copy_struct_from_user() to
ensure that upgrades will be handled gracefully (in addition,
ensuring that misaligned structures are also handled correctly).
* The -EINVAL checks for openat2(2) are all correctly handled to avoid
userspace passing unknown or conflicting flag sets (most
importantly, ensuring that invalid flag combinations are checked).
* All of the RESOLVE_* semantics (including errno values) are
correctly handled with various combinations of paths and flags.
* RESOLVE_IN_ROOT correctly protects against the symlink rename(2)
attack that has been responsible for several CVEs (and likely will
be responsible for several more).
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'tools/testing/selftests/Makefile')
-rw-r--r-- | tools/testing/selftests/Makefile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index b001c602414b..4f502448dc7e 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -40,6 +40,7 @@ TARGETS += powerpc TARGETS += proc TARGETS += pstore TARGETS += ptrace +TARGETS += openat2 TARGETS += rseq TARGETS += rtc TARGETS += seccomp |