syscalls/{f,l,}chown: Don't pass undocumented flags to open and chmod

testcases/kernel/syscalls/chmod/.gitignore

@@ -5,3 +5,4 @@
 /chmod05
 /chmod06
 /chmod07
+/chmod08

testcases/kernel/syscalls/chmod/chmod08.c

@@ -0,0 +1,62 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later
+ * Copyright (C) 2020 Invisible Things Lab
+ *                    Michał Kowalczyk <[email protected]>
+ */
+
+/*
+ * DESCRIPTION
+ *  Changes file access permissions using `chmod` with bits outside of 07777 in
+ *  `mode` set and verifies if they were ignored.
+ *
+ * WARNING
+ *  The fact that these bits are ignored is not documented (at the time of
+ *  writing). Failure of this test doesn't necessarily mean that a regression
+ *  in Linux was introduced, its intention is to catch accidental interface
+ *  changes and warn kernel developers if that happens.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+#include "tst_test.h"
+
+#define OPEN_MODE  0644
+#define CHMOD_MODE (0777 | ~07777)
+#define TESTFILE   "testfile"
+
+static void test_chmod(void)
+{
+	struct stat stat_buf;
+
+	TEST(chmod(TESTFILE, CHMOD_MODE));
+	if (TST_RET == -1) {
+		tst_res(TFAIL | TTERRNO, "chmod(%s, %#o) failed", TESTFILE, CHMOD_MODE);
+		return;
+	}
+
+	SAFE_STAT(TESTFILE, &stat_buf);
+
+	mode_t expected = S_IFREG | (CHMOD_MODE & 07777);
+	if (stat_buf.st_mode != expected) {
+		tst_res(TFAIL, "%s: Incorrect mode 0%04o, expected 0%04o",
+				TESTFILE, stat_buf.st_mode, expected);
+		return;
+	}
+	tst_res(TPASS, "Unknown mode bits were ignored as expected");
+}
+
+static void setup(void)
+{
+	int fd;
+
+	fd = SAFE_OPEN(TESTFILE, O_RDWR | O_CREAT, OPEN_MODE);
+	SAFE_CLOSE(fd);
+}
+
+static struct tst_test test = {
+	.needs_tmpdir = 1,
+	.setup = setup,
+	.test_all = test_chmod,
+};

testcases/kernel/syscalls/chown/chown02.c

@@ -81,10 +81,10 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE	(S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
-#define NEW_PERMS1	(S_IFREG|S_IRWXU|S_IRWXG|S_ISUID|S_ISGID)
-#define NEW_PERMS2	(S_IFREG|S_IRWXU|S_ISGID)
-#define EXP_PERMS	(S_IFREG|S_IRWXU|S_IRWXG)
+#define FILE_MODE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
+#define NEW_PERMS1	(S_IRWXU|S_IRWXG|S_ISUID|S_ISGID)
+#define NEW_PERMS2	(S_IRWXU|S_ISGID)
+#define EXP_PERMS	(S_IRWXU|S_IRWXG)
 #define TESTFILE1	"testfile1"
 #define TESTFILE2	"testfile2"
 

testcases/kernel/syscalls/chown/chown03.c

@@ -84,8 +84,8 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE	(S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
-#define NEW_PERMS	(S_IFREG|S_IRWXU|S_IRWXG|S_ISUID|S_ISGID)
+#define FILE_MODE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
+#define NEW_PERMS	(S_IRWXU|S_IRWXG|S_ISUID|S_ISGID)
 #define TESTFILE	"testfile"
 
 TCID_DEFINE(chown03);

testcases/kernel/syscalls/chown/chown05.c

@@ -79,7 +79,7 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE	(S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
+#define FILE_MODE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
 #define TESTFILE	"testfile"
 
 TCID_DEFINE(chown05);

testcases/kernel/syscalls/fchown/fchown02.c

@@ -39,10 +39,10 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE	S_IFREG | S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH
-#define NEW_PERMS1	S_IFREG | S_IRWXU | S_IRWXG | S_ISUID | S_ISGID
-#define NEW_PERMS2	S_IFREG | S_IRWXU | S_ISGID
-#define EXP_PERMS	S_IFREG | S_IRWXU | S_IRWXG
+#define FILE_MODE	S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH
+#define NEW_PERMS1	S_IRWXU | S_IRWXG | S_ISUID | S_ISGID
+#define NEW_PERMS2	S_IRWXU | S_ISGID
+#define EXP_PERMS	S_IRWXU | S_IRWXG
 #define TESTFILE1	"testfile1"
 #define TESTFILE2	"testfile2"
 

testcases/kernel/syscalls/fchown/fchown03.c

@@ -42,8 +42,8 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE (mode_t)(S_IFREG | S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)
-#define NEW_PERMS (mode_t)(S_IFREG | S_IRWXU | S_IRWXG | S_ISUID | S_ISGID)
+#define FILE_MODE (mode_t)(S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)
+#define NEW_PERMS (mode_t)(S_IRWXU | S_IRWXG | S_ISUID | S_ISGID)
 #define FCHOWN_PERMS	(mode_t)(NEW_PERMS & ~(S_ISUID | S_ISGID))
 #define TESTFILE	"testfile"
 

testcases/kernel/syscalls/fchown/fchown05.c

@@ -35,7 +35,7 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE	S_IFREG | S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH
+#define FILE_MODE	S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH
 #define TESTFILE	"testfile"
 
 TCID_DEFINE(fchown05);

testcases/kernel/syscalls/lchown/lchown01.c

@@ -43,7 +43,7 @@
 #include "safe_macros.h"
 #include "compat_16.h"
 
-#define FILE_MODE	(S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
+#define FILE_MODE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
 #define TESTFILE	"testfile"
 #define SFILE		"slink_file"
 

testcases/kernel/syscalls/open/.gitignore

@@ -13,3 +13,4 @@
 /open12_child
 /open13
 /open14
+/open15

testcases/kernel/syscalls/open/open15.c

@@ -0,0 +1,53 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later
+ * Copyright (C) 2020 Invisible Things Lab
+ *                    Michał Kowalczyk <[email protected]>
+ */
+
+/*
+ * DESCRIPTION
+ *  Creates a file using `open` with bits outside of 07777 in `mode` set and
+ *  verifies if they were ignored.
+ *
+ * WARNING
+ *  The fact that these bits are ignored is not documented (at the time of
+ *  writing). Failure of this test doesn't necessarily mean that a regression
+ *  in Linux was introduced, its intention is to catch accidental interface
+ *  changes and warn kernel developers if that happens.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/types.h>
+
+#include "tst_test.h"
+
+#define TEST_FILE "testfile"
+
+static struct tcase {
+	char *filename;
+	int flags;
+	mode_t mode;
+} tcases[] = {
+	{TEST_FILE, O_RDWR | O_CREAT, 0644 | ~07777},
+	{TEST_FILE, 0, ~07777},
+};
+
+static void verify_open(unsigned int n)
+{
+	struct tcase *tc = &tcases[n];
+
+	TEST(open(tc->filename, tc->flags, tc->mode));
+	int fd = TST_RET;
+	if (fd == -1) {
+		tst_res(TFAIL | TTERRNO, "Cannot open the file");
+		return;
+	}
+	tst_res(TPASS, "Unknown mode bits were ignored as expected");
+	SAFE_CLOSE(fd);
+}
+
+static struct tst_test test = {
+	.tcnt = ARRAY_SIZE(tcases),
+	.needs_tmpdir = 1,
+	.test = verify_open,
+};

testcases/kernel/syscalls/openat/.gitignore

@@ -2,3 +2,4 @@
 /openat02
 /openat02_child
 /openat03
+/openat04

testcases/kernel/syscalls/openat/openat04.c

@@ -0,0 +1,53 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later
+ * Copyright (C) 2020 Invisible Things Lab
+ *                    Michał Kowalczyk <[email protected]>
+ */
+
+/*
+ * DESCRIPTION
+ *  Creates a file using `openat` with bits outside of 07777 in `mode` set and
+ *  verifies if they were ignored.
+ *
+ * WARNING
+ *  The fact that these bits are ignored is not documented (at the time of
+ *  writing). Failure of this test doesn't necessarily mean that a regression
+ *  in Linux was introduced, its intention is to catch accidental interface
+ *  changes and warn kernel developers if that happens.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/types.h>
+
+#include "tst_test.h"
+
+#define TEST_FILE "testfile"
+
+static struct tcase {
+	char *filename;
+	int flags;
+	mode_t mode;
+} tcases[] = {
+	{TEST_FILE, O_RDWR | O_CREAT, 0644 | ~07777},
+	{TEST_FILE, 0, ~07777},
+};
+
+static void verify_open(unsigned int n)
+{
+	struct tcase *tc = &tcases[n];
+
+	TEST(openat(AT_FDCWD, tc->filename, tc->flags, tc->mode));
+	int fd = TST_RET;
+	if (fd == -1) {
+		tst_res(TFAIL | TTERRNO, "Cannot open the file");
+		return;
+	}
+	tst_res(TPASS, "Unknown mode bits were ignored as expected");
+	SAFE_CLOSE(fd);
+}
+
+static struct tst_test test = {
+	.tcnt = ARRAY_SIZE(tcases),
+	.needs_tmpdir = 1,
+	.test = verify_open,
+};

testcases/kernel/syscalls/openat2/.gitignore

@@ -1,3 +1,4 @@
-openat201
-openat202
-openat203
+/openat201
+/openat202
+/openat203
+/openat204

testcases/kernel/syscalls/openat2/openat204.c

@@ -0,0 +1,60 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later
+ * Copyright (C) 2020 Invisible Things Lab
+ *                    Michał Kowalczyk <[email protected]>
+ */
+
+/*
+ * DESCRIPTION
+ *  Creates a file using `openat2` with bits outside of 07777 in `mode` set and
+ *  verifies if they were ignored.
+ *
+ * WARNING
+ *  The fact that these bits are ignored is not documented (at the time of
+ *  writing). Failure of this test doesn't necessarily mean that a regression
+ *  in Linux was introduced, its intention is to catch accidental interface
+ *  changes and warn kernel developers if that happens.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/types.h>
+
+#include "tst_test.h"
+#include "lapi/openat2.h"
+
+#define TEST_FILE "testfile"
+
+static struct tcase {
+	char *filename;
+	uint64_t flags;
+	uint64_t mode;
+	uint64_t resolve;
+} tcases[] = {
+	{TEST_FILE, O_RDWR | O_CREAT, 0644 | ~07777, 0},
+	{TEST_FILE, 0, ~07777, 0},
+};
+
+static void verify_open(unsigned int n)
+{
+	struct tcase *tc = &tcases[n];
+	struct open_how how = {
+		.flags = tc->flags,
+		.mode = tc->mode,
+		.resolve = tc->resolve,
+	};
+
+	TEST(openat2(AT_FDCWD, tc->filename, &how, sizeof(how)));
+	int fd = TST_RET;
+	if (fd == -1) {
+		tst_res(TFAIL | TTERRNO, "Cannot open the file");
+		return;
+	}
+	tst_res(TPASS, "Unknown mode bits were ignored as expected");
+	SAFE_CLOSE(fd);
+}
+
+static struct tst_test test = {
+	.tcnt = ARRAY_SIZE(tcases),
+	.needs_tmpdir = 1,
+	.test = verify_open,
+};