diff options
Diffstat (limited to 'testcases/kernel/containers/utsname/utsname04.c')
-rw-r--r-- | testcases/kernel/containers/utsname/utsname04.c | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/testcases/kernel/containers/utsname/utsname04.c b/testcases/kernel/containers/utsname/utsname04.c new file mode 100644 index 000000000..bf97880ba --- /dev/null +++ b/testcases/kernel/containers/utsname/utsname04.c @@ -0,0 +1,63 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) 2023 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com> + */ + +/*\ + * [Description] + * + * Drop root privileges, create a container with CLONE_NEWUTS and verify that + * we receive a permission error. + */ + +#define _GNU_SOURCE + +#include <pwd.h> +#include "tst_test.h" +#include "lapi/sched.h" + +static char *str_op; + +static void run(void) +{ + const struct tst_clone_args cargs = { + .flags = CLONE_NEWUTS, + .exit_signal = SIGCHLD, + }; + struct passwd *pw; + + tst_res(TINFO, "Dropping root privileges"); + + pw = SAFE_GETPWNAM("nobody"); + SAFE_SETRESUID(pw->pw_uid, pw->pw_uid, pw->pw_uid); + + if (!str_op || !strcmp(str_op, "clone")) { + TEST(tst_clone(&cargs)); + + if (TST_RET == -1) + tst_res(TPASS, "clone3() fails as expected"); + else if (TST_RET == -2) + tst_res(TPASS, "clone() fails as expected"); + else + tst_res(TFAIL, "tst_clone returns %ld", TST_RET); + + TST_EXP_PASS(errno == EPERM); + } else { + if (!SAFE_FORK()) { + TST_EXP_EQ_LI(unshare(CLONE_NEWUTS), -1); + TST_EXP_PASS(errno == EPERM); + return; + } + } +} + +static struct tst_test test = { + .test_all = run, + .needs_root = 1, + .forks_child = 1, + .needs_checkpoints = 1, + .options = (struct tst_option[]) { + { "m:", &str_op, "Test execution mode <clone|unshare>" }, + {}, + }, +}; |