• Andy Lutomirski's avatar
    selftests/capabilities: Fix the test_execve test · defb6f0b
    Andy Lutomirski authored
    commit 796a3bae upstream.
    
    test_execve does rather odd mount manipulations to safely create
    temporary setuid and setgid executables that aren't visible to the
    rest of the system.  Those executables end up in the test's cwd, but
    that cwd is MNT_DETACHed.
    
    The core namespace code considers MNT_DETACHed trees to belong to no
    mount namespace at all and, in general, MNT_DETACHed trees are only
    barely function.  This interacted with commit 380cf5ba ("fs:
    Treat foreign mounts as nosuid") to cause all MNT_DETACHed trees to
    act as though they're nosuid, breaking the test.
    
    Fix it by just not detaching the tree.  It's still in a private
    mount namespace and is therefore still invisible to the rest of the
    system (except via /proc, and the same nosuid logic will protect all
    other programs on the system from believing in test_execve's setuid
    bits).
    
    While we're at it, fix some blatant whitespace problems.
    Reported-by: default avatarNaresh Kamboju <naresh.kamboju@linaro.org>
    Fixes: 380cf5ba ("fs: Treat foreign mounts as nosuid")
    Cc: "Eric W. Biederman" <ebiederm@xmission.com>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Shuah Khan <shuahkh@osg.samsung.com>
    Cc: Greg KH <greg@kroah.com>
    Cc: linux-kselftest@vger.kernel.org
    Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
    Acked-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    Signed-off-by: default avatarShuah Khan <shuahkh@osg.samsung.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    defb6f0b
test_execve.c 10.8 KB