On 01/13/2014 05:09 PM, Pádraig Brady wrote:
> On 01/13/2014 03:27 PM, Bernhard Voelker wrote:
>> On 01/13/2014 03:57 PM, Pádraig Brady wrote:
>>> On 01/13/2014 02:50 PM, Pádraig Brady wrote:
>>>> +# Then compile/link it:
>>>> +$CC -shared -fPIC -O2 k.c -o k.so \
>>>> + || framework_failure_ 'failed to build SELinux shared library'
>>>
>>> I'll change that to a || skip_ ...
>>> so that we avoid issues with no (stub) <selinux/selinux.h> being available.
>>
>> LD_PRELOADed tests are sometimes a bit tricky, so doing
>> double checks is a good idea: I'd add a
>> fclose(fopen("x"));
>> inside the dummies, and check if that file has really been
>> created. Otherwise, you can't be sure if replacing the functions
>> really worked.
>
> Right, I'll skip_ in that case to warn
> about stale tests.
>
>> Furthermore, when I added a LD_PRELOADed test a while ago,
>> I think Paul suggested to add -ldl for some non-GNU/Linux
>> platforms.
>
> Right. I'll refactor all those calls to a gcc_shared_() for consistency.
>
>> I'd also specify 'gcc' hardcoded ... probably with -Wall.
>
> Hmm, icc and clang support this gcc interface,
> so I'm inclined to leave it as $CC so as not
> preclude those from this part of the testing matrix.
> We can always beef up require_gcc_shared_() if
> this ever becomes an issue.
Pushing the attached 2 patches in a while.
thanks,
Pádraig.
>From 33825d7c872f1ad4887a448f6d1348fb7dcbb178 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= <[email protected]>
Date: Mon, 13 Jan 2014 19:39:52 +0000
Subject: [PATCH 1/2] maint: refactor gcc commands to build a shared lib in
tests
* init.cfg (gcc_shared_): A new function refactored from tests.
(require_gcc_shared_): Adjust to call gcc_shared_() to build the
test library, and remove that library before the function returns.
* tests/cp/nfs-removal-race.sh: Call the new gcc_shared_().
* tests/df/no-mtab-status.sh: Likewise.
* tests/df/skip-duplicates.sh: Likewise.
* tests/ls/getxattr-speedup.sh: Likewise.
* tests/rm/r-root.sh: Likewise.
---
init.cfg | 11 ++++++++++-
tests/cp/nfs-removal-race.sh | 2 +-
tests/df/no-mtab-status.sh | 2 +-
tests/df/skip-duplicates.sh | 2 +-
tests/ls/getxattr-speedup.sh | 2 +-
tests/rm/r-root.sh | 2 +-
6 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/init.cfg b/init.cfg
index af3963c..876f5e6 100644
--- a/init.cfg
+++ b/init.cfg
@@ -500,13 +500,22 @@ require_sparse_support_()
fi
}
+# Compile a shared lib using the GCC options for doing so.
+# Pass input and output file as parameters respectively.
+# Any other optional parmeters are passed to $CC.
+gcc_shared_()
+{
+ $CC -Wall -shared --std=gnu99 -fPIC -ldl -O2 $3 "$1" -o "$2"
+}
+
# There are a myriad of ways to build shared libs,
# so we only consider running tests requiring shared libs,
# on platforms that support building them as follows.
require_gcc_shared_()
{
- $CC -shared -fPIC -O2 -xc -o d.so -ldl - < /dev/null 2>&1 \
+ gcc_shared_ '-' 'd.so' -xc < /dev/null 2>&1 \
|| skip_ '$CC -shared ... failed to build a shared lib'
+ rm -f d.so
}
mkfifo_or_skip_()
diff --git a/tests/cp/nfs-removal-race.sh b/tests/cp/nfs-removal-race.sh
index 0638db1..6969e8b 100755
--- a/tests/cp/nfs-removal-race.sh
+++ b/tests/cp/nfs-removal-race.sh
@@ -58,7 +58,7 @@ __xstat (int ver, const char *path, struct stat *st)
EOF
# Then compile/link it:
-$CC -shared -fPIC -O2 k.c -o k.so -ldl \
+gcc_shared_ k.c k.so \
|| framework_failure_ 'failed to build shared library'
touch d2 || framework_failure_
diff --git a/tests/df/no-mtab-status.sh b/tests/df/no-mtab-status.sh
index 58f1b46..f2fda5e 100755
--- a/tests/df/no-mtab-status.sh
+++ b/tests/df/no-mtab-status.sh
@@ -45,7 +45,7 @@ struct mntent *getmntent (FILE *fp)
EOF
# Then compile/link it:
-$CC -shared -fPIC -ldl -O2 k.c -o k.so \
+gcc_shared_ k.c k.so \
|| framework_failure_ 'failed to build shared library'
# Test if LD_PRELOAD works:
diff --git a/tests/df/skip-duplicates.sh b/tests/df/skip-duplicates.sh
index 69182d2..266520a 100755
--- a/tests/df/skip-duplicates.sh
+++ b/tests/df/skip-duplicates.sh
@@ -60,7 +60,7 @@ struct mntent *getmntent (FILE *fp)
EOF
# Then compile/link it:
-gcc --std=gnu99 -shared -fPIC -ldl -O2 k.c -o k.so \
+gcc_shared_ k.c k.so \
|| framework_failure_ 'failed to build shared library'
# Test if LD_PRELOAD works:
diff --git a/tests/ls/getxattr-speedup.sh b/tests/ls/getxattr-speedup.sh
index 5725fa5..0144571 100755
--- a/tests/ls/getxattr-speedup.sh
+++ b/tests/ls/getxattr-speedup.sh
@@ -48,7 +48,7 @@ ssize_t lgetxattr(const char *path, const char *name, void *value, size_t size)
EOF
# Then compile/link it:
-$CC -shared -fPIC -O2 k.c -o k.so \
+gcc_shared_ k.c k.so \
|| framework_failure_ 'failed to build shared library'
# Create a few files:
diff --git a/tests/rm/r-root.sh b/tests/rm/r-root.sh
index 06e5769..04a88eb 100755
--- a/tests/rm/r-root.sh
+++ b/tests/rm/r-root.sh
@@ -60,7 +60,7 @@ int unlinkat (int dirfd, const char *pathname, int flags)
EOF
# Then compile/link it:
-gcc -Wall --std=gnu99 -shared -fPIC -ldl -O2 k.c -o k.so \
+gcc_shared_ k.c k.so \
|| framework_failure_ 'failed to build shared library'
#-------------------------------------------------------------------------------
--
1.7.7.6
>From 6f54e3ffeeee69fa75dff00527f0c0bd96b3a6b9 Mon Sep 17 00:00:00 2001
From: Nicolas Looss <[email protected]>
Date: Sat, 4 Jan 2014 03:03:51 +0000
Subject: [PATCH 2/2] copy: fix a segfault in SELinux context copying code
* src/selinux.c (restorecon_private): On ArchLinux the
`fakeroot cp -a file1 file2` command segfaulted due
to getfscreatecon() returning a NULL context.
So map this to the sometimes ignored ENODATA error,
rather than crashing.
* tests/cp/no-ctx.sh: Add a new test case.
* tests/local.mk: Reference the new test.
* NEWS: Mention the fix.
Fixes http://bugs.gnu.org/16335
---
NEWS | 5 ++++
src/selinux.c | 5 ++++
tests/cp/no-ctx.sh | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++
tests/local.mk | 1 +
4 files changed, 74 insertions(+), 0 deletions(-)
create mode 100755 tests/cp/no-ctx.sh
diff --git a/NEWS b/NEWS
index 3e1f9c6..699a7d3 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,11 @@ GNU coreutils NEWS -*- outline -*-
the context of an existing directory to that of its last copied descendent.
[bug introduced in coreutils-8.22]
+ cp -a, mv, and install --preserve-context, no longer seg fault when running
+ with SELinux enabled, when copying from file systems that return an error
+ when reading the SELinux context for a file.
+ [bug introduced in coreutils-8.22]
+
* Noteworthy changes in release 8.22 (2013-12-13) [stable]
diff --git a/src/selinux.c b/src/selinux.c
index cd38a81..016db16 100644
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -192,6 +192,11 @@ restorecon_private (char const *path, bool local)
{
if (getfscreatecon (&tcon) < 0)
return rc;
+ if (!tcon)
+ {
+ errno = ENODATA;
+ return rc;
+ }
rc = lsetfilecon (path, tcon);
freecon (tcon);
return rc;
diff --git a/tests/cp/no-ctx.sh b/tests/cp/no-ctx.sh
new file mode 100755
index 0000000..3b5eb82
--- /dev/null
+++ b/tests/cp/no-ctx.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+# Ensure we handle file systems returning no SELinux context,
+# which triggered a segmentation fault in coreutils-8.22.
+# This test is skipped on systems that lack LD_PRELOAD support; that's fine.
+# Similarly, on a system that lacks lgetfilecon altogether, skipping it is fine.
+
+# Copyright (C) 2014 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+print_ver_ cp
+require_gcc_shared_
+
+# Replace each getfilecon and lgetfilecon call with a call to these stubs.
+cat > k.c <<'EOF' || framework_failure_
+#include <stdio.h>
+#include <selinux/selinux.h>
+#include <errno.h>
+
+int getfilecon (const char *path, security_context_t *con)
+{
+ /* Leave a marker so we can identify if the function was intercepted. */
+ fclose(fopen("preloaded", "w"));
+
+ errno=ENODATA;
+ return -1;
+}
+
+int lgetfilecon (const char *path, security_context_t *con)
+{ return getfilecon (path, con); }
+EOF
+
+# Then compile/link it:
+gcc_shared_ k.c k.so \
+ || skip_ 'failed to build SELinux shared library'
+
+touch file_src
+
+# New file with SELinux context optionally included
+LD_PRELOAD=./k.so cp -a file_src file_dst || fail=1
+
+# Existing file with SELinux context optionally included
+LD_PRELOAD=./k.so cp -a file_src file_dst || fail=1
+
+# ENODATA should give an immediate error when required to preserve ctx
+# This is debatable, and maybe we should not fail when no context available?
+LD_PRELOAD=./k.so cp --preserve=context file_src file_dst && fail=1
+
+test -e preloaded || skip_ 'LD_PRELOAD interception failed'
+
+Exit $fail
diff --git a/tests/local.mk b/tests/local.mk
index dc7341c..9d556f6 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -161,6 +161,7 @@ all_tests = \
tests/rm/ext3-perf.sh \
tests/rm/cycle.sh \
tests/cp/link-heap.sh \
+ tests/cp/no-ctx.sh \
tests/misc/tty-eof.pl \
tests/tail-2/inotify-hash-abuse.sh \
tests/tail-2/inotify-hash-abuse2.sh \
--
1.7.7.6
