diff options
| author | Aleksa Sarai <cyphar@cyphar.com> | 2020-01-18 23:08:00 +1100 | 
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2020-01-18 09:19:18 -0500 | 
| commit | b28a10aedcd4d175470171a32f4f20b0a60a612b (patch) | |
| tree | 418470992a734633f506e8a04e32db89b72c7dd7 /lib/debugobjects.c | |
| parent | fddb5d430ad9fa91b49b1d34d0202ffe2fa0e179 (diff) | |
selftests: add openat2(2) selftests
Test all of the various openat2(2) flags. A small stress-test of a
symlink-rename attack is included to show that the protections against
".."-based attacks are sufficient.
The main things these self-tests are enforcing are:
  * The struct+usize ABI for openat2(2) and copy_struct_from_user() to
    ensure that upgrades will be handled gracefully (in addition,
    ensuring that misaligned structures are also handled correctly).
  * The -EINVAL checks for openat2(2) are all correctly handled to avoid
    userspace passing unknown or conflicting flag sets (most
    importantly, ensuring that invalid flag combinations are checked).
  * All of the RESOLVE_* semantics (including errno values) are
    correctly handled with various combinations of paths and flags.
  * RESOLVE_IN_ROOT correctly protects against the symlink rename(2)
    attack that has been responsible for several CVEs (and likely will
    be responsible for several more).
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'lib/debugobjects.c')
0 files changed, 0 insertions, 0 deletions
