[PATCH] nptl: Zero-extend arguments to SETXID syscalls [BZ #26248]

Carlos O'Donell carlos@redhat.com
Mon Jul 27 03:37:44 GMT 2020 

On 7/23/20 5:11 PM, Carlos O'Donell wrote:
> On 7/23/20 4:03 PM, H.J. Lu wrote:
>> On Fri, Jul 17, 2020 at 2:22 PM Carlos O'Donell <carlos@redhat.com> wrote:
>>>
>>> On 7/17/20 3:31 PM, H.J. Lu wrote:
>>>> On Fri, Jul 17, 2020 at 8:52 AM Carlos O'Donell <carlos@redhat.com> wrote:
>>>>>
>>>>> On 7/17/20 11:13 AM, Florian Weimer wrote:
>>>>>> * Carlos O'Donell:
>>>>>>
>>>>>>> This test should run in a container, and it should attempt two setgroups
>>>>>>> calls, one with groups and one empty with a bad address.
>>>>>>
>>>>>> Why do you think this needs a container?
>>>>>
>>>>> We are trying to successfully call setgroups(), and to do that we need
>>>>> CAP_SETGID. The way this test is exercising this is by making the test
>>>>> an xtests which can require root and thus you get CAP_SETGID in that way.
>>>>>
>>>>> My suggestion is to move the test from xtests to tests-container to increase
>>>>> the usage of the test. In the container we have a CLONE_NEWUSER so we have
>>>>> a distinct usersnamespace that can be used in conjunction with becoming
>>>>> root, getting CAP_SETGID, and calling setgroups() without restricting this
>>>>> test to `make xcheck`.
>>>>
>>>> I see su in tst-localedef-path-norm.script.  But when I removed "su" from
>>>> tst-localedef-path-norm.script, tst-localedef-path-norm still passed.  There are
>>>
>>> The use "su" changes uid_map and gid_map to map our users to user 0 in the
>>> container, but doesn't explicitly deny us from writing to the files in the
>>> filesytem. The use of "su" in this test was belt-and-suspenders in case
>>> some code internally checked the uid/gid values.
>>>
>>>> [hjl@gnu-cfl-2 build-x86_64-linux]$ ls -l testroot.root
>>>> total 44
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 09:16 bin
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 12:23 dev
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 09:34 etc
>>>> drwxr-xr-x 4 hjl hjl 4096 Jul 17 12:23 export
>>>> -rw-r--r-- 1 hjl hjl    0 Jul 17 09:16 install.stamp
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 09:16 libx32
>>>> -rw-r--r-- 1 hjl hjl    0 Jul 17 12:26 lock.fd
>>>> drwxr-xr-x 5 hjl hjl 4096 Jul 17 12:23 output
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 12:23 proc
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 09:16 sbin
>>>> drwxr-xr-x 2 hjl hjl 4096 Jul 17 12:23 tmp
>>>> drwxr-xr-x 9 hjl hjl 4096 Jul 17 09:16 usr
>>>> drwxr-xr-x 3 hjl hjl 4096 Jul 17 09:34 var
>>>> [hjl@gnu-cfl-2 build-x86_64-linux]$
>>>>
>>>> I don't think su is needed since testroot.root is owned by me.
>>>
>>> Correct.
>>>
>>>>> I see that we don't explicitly say `make xcheck` may require root.
>>>>> Is this something I just taught myself implicitly? :-)
>>>>>
>>>>> Note: We may need to adjust the gid_map writing code in test-container.
>>>>>
>>>>
>>>> Can you help me to make tst-setgroups pass when not running as root?
>>>
>>> Sure, let me have a look at running it as a test in the container.
>>>
>>
>> Any update on this?
> 
> Not yet, I have 3 things on my plate:
> 
> * AArch64 PAC+BTI enablement review.
> * nptl: Zero-extend arguments to SETXID syscalls.
> * FAIL: elf/tst-ldconfig-ld_so_conf-update
> 
> Once I get the first done I'm going to work on this.
> 
> If you can reproduce the last one on Fedora 32 that would
> be great. I don't know what the problem is.
 
We can't fix this easily quickly.

I just reviewed this and we can't easily call setgroups() in a
container test without first enhancing test-container().

The xtests test will have to be good enough for now. Thank you.

-- 
Cheers,
Carlos.

More information about the Libc-alpha mailing list