| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 18 Dec 2022 21:04:32 +0800
From: Zorro Lang <zlang@...hat.com>
To: Amir Goldstein <amir73il@...il.com>
Cc: linux-fsdevel@...r.kernel.org, fstests@...r.kernel.org,
linux-xfs@...r.kernel.org, linux-ext4@...r.kernel.org,
Christian Brauner <brauner@...nel.org>
Subject: Re: Why fstests g/673 and g/683~687 suddently fail (on xfs, ext4...)
on latest linux v6.1+ ?
On Sun, Dec 18, 2022 at 02:11:01PM +0200, Amir Goldstein wrote:
> On Sun, Dec 18, 2022 at 1:06 PM Zorro Lang <zlang@...hat.com> wrote:
> >
> > Hi,
> >
> > fstests generic/673 and generic/683~687 are a series of test cases to
> > verify suid and sgid bits are dropped properly. xfs-list writes these
> > cases to verify xfs behavior follows vfs, e.g. [1]. And these cases
> > test passed on xfs and ext4 for long time. Even on my last regression
> > test on linux v6.1-rc8+, they were passed too.
> >
> > But now the default behavior looks like be changed again, xfs and ext4
> > start to fail [2] on latest linux v6.1+ (HEAD [0]), So there must be
> > changed. I'd like to make sure what's changed, and if it's expected?
>
> I think that is expected and I assume Christian was planning to fix the tests.
>
> See Christian's pull request:
> https://lore.kernel.org/linux-fsdevel/20221212112053.99208-1-brauner@kernel.org/
>
> "Note, that some xfstests will now fail as these patches will cause the setgid
> bit to be lost in certain conditions for unprivileged users modifying a setgid
> file when they would've been kept otherwise. I think this risk is worth taking
> and I explained and mentioned this multiple times on the list:
> https://lore.kernel.org/linux-fsdevel/20221122142010.zchf2jz2oymx55qi@wittgenstein"
Hi Amir,
Thanks for your reply. Yes, these test cases were failed on overlayfs, passed on
xfs, ext4 and btrfs. Now it's reversed, overlayfs passed on this test, xfs and
ext4 failed.
Anyway, if this's an expected behavior change, and it's reviewed and accepted by
linux upstream, I don't have objection. Just to make sure if there's a regression.
Feel free to send patch to fstests@ to update the expected results, and show
details about why change them again :)
Thanks,
Zorro
>
> Thanks,
> Amir.
>
> >
> > Thanks,
> > Zorro
> >
> > [0]
> > commit f9ff5644bcc04221bae56f922122f2b7f5d24d62
> > Author: Linus Torvalds <torvalds@...ux-foundation.org>
> > Date: Sat Dec 17 08:55:19 2022 -0600
> >
> > Merge tag 'hsi-for-6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-h
> >
> > [1]
> > commit e014f37db1a2d109afa750042ac4d69cf3e3d88e
> > Author: Darrick J. Wong <djwong@...nel.org>
> > Date: Tue Mar 8 10:51:16 2022 -0800
> >
> > xfs: use setattr_copy to set vfs inode attributes
> >
> > [2]
> > FSTYP -- xfs (debug)
> > PLATFORM -- Linux/s390x ibm-z-510 6.1.0+ #1 SMP Sat Dec 17 13:23:59 EST 2022
> > MKFS_OPTIONS -- -f -m crc=1,finobt=1,reflink=1,rmapbt=0,bigtime=1,inobtcount=1 -b size=1024 /dev/loop1
> > MOUNT_OPTIONS -- -o context=system_u:object_r:root_t:s0 /dev/loop1 /mnt/fstests/SCRATCH_DIR
> >
> > generic/673 - output mismatch (see /var/lib/xfstests/results//generic/673.out.bad)
> > --- tests/generic/673.out 2022-12-17 13:57:40.336589178 -0500
> > +++ /var/lib/xfstests/results//generic/673.out.bad 2022-12-18 00:00:53.627210256 -0500
> > @@ -51,7 +51,7 @@
> > 310f146ce52077fcd3308dcbe7632bb2 SCRATCH_MNT/a
> > 2666 -rw-rwSrw- SCRATCH_MNT/a
> > 3784de23efab7a2074c9ec66901e39e5 SCRATCH_MNT/a
> > -2666 -rw-rwSrw- SCRATCH_MNT/a
> > +666 -rw-rw-rw- SCRATCH_MNT/a
> >
> > Test 10 - qa_user, group-exec file, only sgid
> > ...
> > (Run 'diff -u /var/lib/xfstests/tests/generic/673.out /var/lib/xfstests/results//generic/673.out.bad' to see the entire diff)
> > Ran: generic/673
> > Failures: generic/673
> > Failed 1 of 1 tests
> >
> > FSTYP -- xfs (debug)
> > PLATFORM -- Linux/s390x ibm-z-510 6.1.0+ #1 SMP Sat Dec 17 13:23:59 EST 2022
> > MKFS_OPTIONS -- -f -m crc=1,finobt=1,reflink=1,rmapbt=0,bigtime=1,inobtcount=1 -b size=1024 /dev/loop1
> > MOUNT_OPTIONS -- -o context=system_u:object_r:root_t:s0 /dev/loop1 /mnt/fstests/SCRATCH_DIR
> >
> > generic/683 - output mismatch (see /var/lib/xfstests/results//generic/683.out.bad)
> > --- tests/generic/683.out 2022-12-17 13:57:40.696589178 -0500
> > +++ /var/lib/xfstests/results//generic/683.out.bad 2022-12-18 00:04:55.297220255 -0500
> > @@ -33,7 +33,7 @@
> >
> > Test 9 - qa_user, non-exec file falloc, only sgid
> > 2666 -rw-rwSrw- TEST_DIR/683/a
> > -2666 -rw-rwSrw- TEST_DIR/683/a
> > +666 -rw-rw-rw- TEST_DIR/683/a
> >
> > Test 10 - qa_user, group-exec file falloc, only sgid
> > ...
> > (Run 'diff -u /var/lib/xfstests/tests/generic/683.out /var/lib/xfstests/results//generic/683.out.bad' to see the entire diff)
> > Ran: generic/683
> > Failures: generic/683
> > Failed 1 of 1 tests
> >
> > FSTYP -- xfs (debug)
> > PLATFORM -- Linux/s390x ibm-z-510 6.1.0+ #1 SMP Sat Dec 17 13:23:59 EST 2022
> > MKFS_OPTIONS -- -f -m crc=1,finobt=1,reflink=1,rmapbt=0,bigtime=1,inobtcount=1 -b size=1024 /dev/loop1
> > MOUNT_OPTIONS -- -o context=system_u:object_r:root_t:s0 /dev/loop1 /mnt/fstests/SCRATCH_DIR
> >
> > generic/684 - output mismatch (see /var/lib/xfstests/results//generic/684.out.bad)
> > --- tests/generic/684.out 2022-12-17 13:57:40.766589178 -0500
> > +++ /var/lib/xfstests/results//generic/684.out.bad 2022-12-18 00:05:27.597220255 -0500
> > @@ -33,7 +33,7 @@
> >
> > Test 9 - qa_user, non-exec file fpunch, only sgid
> > 2666 -rw-rwSrw- TEST_DIR/684/a
> > -2666 -rw-rwSrw- TEST_DIR/684/a
> > +666 -rw-rw-rw- TEST_DIR/684/a
> >
> > Test 10 - qa_user, group-exec file fpunch, only sgid
> > ...
> > (Run 'diff -u /var/lib/xfstests/tests/generic/684.out /var/lib/xfstests/results//generic/684.out.bad' to see the entire diff)
> > Ran: generic/684
> > Failures: generic/684
> > Failed 1 of 1 tests
> > ....
> > ....
> >
> >
> > Thanks,
> > Zorro
> >
>
Powered by blists - more mailing lists