[mirror_lxc.git] / src / tests / capabilities.c

/* liblxcapi
 *
 * Copyright © 2021 Christian Brauner <christian.brauner@ubuntu.com>.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2, as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

#include "config.h"

#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>

#include "lxccontainer.h"
#include "attach_options.h"

#include "caps.h"
#include "lxctest.h"
#include "utils.h"

#if HAVE_LIBCAP
__u32 *cap_bset_bits = NULL;
__u32 last_cap = 0;

static int capabilities_allow(void *payload)
{
	for (__u32 cap = 0; cap <= last_cap; cap++) {
		bool bret;

		if (!is_set(cap, cap_bset_bits))
			continue;

		if (cap == CAP_MKNOD)
			bret = cap_get_bound(cap) == CAP_SET;
		else
			bret = cap_get_bound(cap) != CAP_SET;
		if (!bret) {
			lxc_error("Capability %d unexpectedly raised or lowered\n", cap);
			return EXIT_FAILURE;
		}
	}

	return EXIT_SUCCESS;
}

static int capabilities_deny(void *payload)
{
	for (__u32 cap = 0; cap <= last_cap; cap++) {
		bool bret;

		if (!is_set(cap, cap_bset_bits))
			continue;

		if (cap == CAP_MKNOD)
			bret = cap_get_bound(cap) != CAP_SET;
		else
			bret = cap_get_bound(cap) == CAP_SET;
		if (!bret) {
			lxc_error("Capability %d unexpectedly raised or lowered\n", cap);
			return EXIT_FAILURE;
		}
	}

	return EXIT_SUCCESS;
}

static int run(int (*test)(void *), bool allow)
{
	int fd_log = -EBADF, fret = -1;
	lxc_attach_options_t attach_options = LXC_ATTACH_OPTIONS_DEFAULT;
	int ret;
	pid_t pid;
	struct lxc_container *c;
	struct lxc_log log;
	char template[sizeof(P_tmpdir"/capabilities_XXXXXX")];

	(void)strlcpy(template, P_tmpdir"/capabilities_XXXXXX", sizeof(template));

	fd_log = lxc_make_tmpfile(template, false);
	if (fd_log < 0) {
		lxc_error("%s", "Failed to create temporary log file for container \"capabilities\"");
		return fret;
	}

	log.name = "capabilities";
	log.file = template;
	log.level = "TRACE";
	log.prefix = "capabilities";
	log.quiet = false;
	log.lxcpath = NULL;

	if (lxc_log_init(&log))
		return fret;

	c = lxc_container_new("capabilities", NULL);
	if (!c) {
		lxc_error("%s\n", "Failed to create container \"capabilities\"");
		return fret;
	}

	if (c->is_defined(c)) {
		lxc_error("%s\n", "Container \"capabilities\" is defined");
		goto on_error_put;
	}

	if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
		lxc_error("%s\n", "Failed to create busybox container \"capabilities\"");
		goto on_error_put;
	}

	if (!c->is_defined(c)) {
		lxc_error("%s\n", "Container \"capabilities\" is not defined");
		goto on_error_destroy;
	}

	if (!c->clear_config_item(c, "lxc.cap.drop")) {
		lxc_error("%s\n", "Failed to clear config item \"lxc.cap.drop\"");
		goto on_error_destroy;
	}

	if (!c->clear_config_item(c, "lxc.cap.keep")) {
		lxc_error("%s\n", "Failed to clear config item \"lxc.cap.drop\"");
		goto on_error_destroy;
	}

	if (allow) {
		if (!c->set_config_item(c, "lxc.cap.keep", "mknod")) {
			lxc_error("%s\n", "Failed to set config item \"lxc.cap.keep=mknod\"");
			goto on_error_destroy;
		}
	} else {
		if (!c->set_config_item(c, "lxc.cap.drop", "mknod")) {
			lxc_error("%s\n", "Failed to set config item \"lxc.cap.drop=mknod\"");
			goto on_error_destroy;
		}
	}

	if (!c->want_daemonize(c, true)) {
		lxc_error("%s\n", "Failed to mark container \"capabilities\" daemonized");
		goto on_error_destroy;
	}

	if (!c->startl(c, 0, NULL)) {
		lxc_error("%s\n", "Failed to start container \"capabilities\" daemonized");
		goto on_error_destroy;
	}

	ret = c->attach(c, test, NULL, &attach_options, &pid);
	if (ret < 0) {
		lxc_error("%s\n", "Failed to run function in container \"capabilities\"");
		goto on_error_stop;
	}

	ret = wait_for_pid(pid);
	if (ret) {
		lxc_error("%s\n", "Function \"capabilities\" failed");
		goto on_error_stop;
	}

	fret = 0;

on_error_stop:
	if (c->is_running(c) && !c->stop(c))
		lxc_error("%s\n", "Failed to stop container \"capabilities\"");

on_error_destroy:
	if (!c->destroy(c))
		lxc_error("%s\n", "Failed to destroy container \"capabilities\"");

on_error_put:
	lxc_container_put(c);

	if (fret == EXIT_SUCCESS) {
		lxc_debug("All capability %s tests passed\n", allow ? "allow" : "deny");
	} else {
		int fd;

		fd = open(template, O_RDONLY);
		if (fd >= 0) {
			char buf[4096];
			ssize_t buflen;
			while ((buflen = read(fd, buf, 1024)) > 0) {
				buflen = write(STDERR_FILENO, buf, buflen);
				if (buflen <= 0)
					break;
			}
			close(fd);
		}
	}
	(void)unlink(template);

	return fret;
}

static void __attribute__((constructor)) capabilities_init(void)
{
	int ret;
	__u32 nr_u32;

	ret = lxc_caps_last_cap(&last_cap);
	if (ret || last_cap > 200)
		_exit(EXIT_FAILURE);

	nr_u32 = BITS_TO_LONGS(last_cap);
	cap_bset_bits = zalloc(nr_u32 * sizeof(__u32));
	if (!cap_bset_bits)
		_exit(EXIT_FAILURE);

	for (__u32 cap_bit = 0; cap_bit <= last_cap; cap_bit++) {
		if (prctl(PR_CAPBSET_READ, prctl_arg(cap_bit)) == 0)
			continue;

		set_bit(cap_bit, cap_bset_bits);
	}
}

static void __attribute__((destructor)) capabilities_exit(void)
{
	free(cap_bset_bits);
}

int main(int argc, char *argv[])
{
	if (run(capabilities_allow, true))
		exit(EXIT_FAILURE);

	if (run(capabilities_deny, false))
		exit(EXIT_FAILURE);

	exit(EXIT_SUCCESS);
}

#else /* !HAVE_LIBCAP */

int main(int argc, char *argv[])
{
	lxc_debug("%s\n", "Capabilities not supported. Skipping.");
	exit(EXIT_SUCCESS);
}
#endif
Commit	Line	Data
634b43e1 CB	1	/* liblxcapi
	2	*
	3	* Copyright © 2021 Christian Brauner <christian.brauner@ubuntu.com>.
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License version 2, as
	7	* published by the Free Software Foundation.
	8	*
	9	* This program is distributed in the hope that it will be useful,
	10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	* GNU General Public License for more details.
	13	*
	14	* You should have received a copy of the GNU General Public License along
	15	* with this program; if not, write to the Free Software Foundation, Inc.,
	16	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	17	*/
	18
	19	#include "config.h"
	20
	21	#include <errno.h>
	22	#include <fcntl.h>
	23	#include <inttypes.h>
	24	#include <signal.h>
	25	#include <stdio.h>
	26	#include <stdlib.h>
	27	#include <string.h>
	28	#include <unistd.h>
	29	#include <sys/stat.h>
	30	#include <sys/types.h>
	31	#include <sys/wait.h>
	32
	33	#include "lxccontainer.h"
	34	#include "attach_options.h"
	35
	36	#include "caps.h"
	37	#include "lxctest.h"
	38	#include "utils.h"
	39
	40	#if HAVE_LIBCAP
8a0de7e7 CB	41	__u32 *cap_bset_bits = NULL;
	42	__u32 last_cap = 0;
	43
634b43e1 CB	44	static int capabilities_allow(void *payload)
634b43e1 CB	45	{
7418b27f	46	for (__u32 cap = 0; cap <= last_cap; cap++) {
634b43e1 CB	47	bool bret;
634b43e1 CB	48
8a0de7e7 CB	49	if (!is_set(cap, cap_bset_bits))
	50	continue;
	51
634b43e1 CB	52	if (cap == CAP_MKNOD)
	53	bret = cap_get_bound(cap) == CAP_SET;
	54	else
	55	bret = cap_get_bound(cap) != CAP_SET;
	56	if (!bret) {
	57	lxc_error("Capability %d unexpectedly raised or lowered\n", cap);
	58	return EXIT_FAILURE;
	59	}
	60	}
	61
	62	return EXIT_SUCCESS;
	63	}
	64
09f2a3ef CB	65	static int capabilities_deny(void *payload)
09f2a3ef CB	66	{
09f2a3ef CB	67	for (__u32 cap = 0; cap <= last_cap; cap++) {
	68	bool bret;
	69
8a0de7e7 CB	70	if (!is_set(cap, cap_bset_bits))
	71	continue;
	72
09f2a3ef CB	73	if (cap == CAP_MKNOD)
	74	bret = cap_get_bound(cap) != CAP_SET;
	75	else
	76	bret = cap_get_bound(cap) == CAP_SET;
	77	if (!bret) {
	78	lxc_error("Capability %d unexpectedly raised or lowered\n", cap);
	79	return EXIT_FAILURE;
	80	}
	81	}
	82
	83	return EXIT_SUCCESS;
	84	}
	85
	86	static int run(int (test)(void ), bool allow)
634b43e1	87	{
b8eb6ca7	88	int fd_log = -EBADF, fret = -1;
634b43e1 CB	89	lxc_attach_options_t attach_options = LXC_ATTACH_OPTIONS_DEFAULT;
	90	int ret;
	91	pid_t pid;
	92	struct lxc_container *c;
	93	struct lxc_log log;
09f2a3ef	94	char template[sizeof(P_tmpdir"/capabilities_XXXXXX")];
634b43e1	95
09f2a3ef	96	(void)strlcpy(template, P_tmpdir"/capabilities_XXXXXX", sizeof(template));
634b43e1 CB	97
	98	fd_log = lxc_make_tmpfile(template, false);
	99	if (fd_log < 0) {
09f2a3ef CB	100	lxc_error("%s", "Failed to create temporary log file for container \"capabilities\"");
09f2a3ef CB	101	return fret;
634b43e1 CB	102	}
634b43e1 CB	103
09f2a3ef	104	log.name = "capabilities";
634b43e1 CB	105	log.file = template;
	106	log.level = "TRACE";
	107	log.prefix = "capabilities";
	108	log.quiet = false;
	109	log.lxcpath = NULL;
	110
	111	if (lxc_log_init(&log))
09f2a3ef	112	return fret;
634b43e1	113
09f2a3ef	114	c = lxc_container_new("capabilities", NULL);
634b43e1	115	if (!c) {
09f2a3ef CB	116	lxc_error("%s\n", "Failed to create container \"capabilities\"");
09f2a3ef CB	117	return fret;
634b43e1 CB	118	}
	119
	120	if (c->is_defined(c)) {
09f2a3ef	121	lxc_error("%s\n", "Container \"capabilities\" is defined");
634b43e1 CB	122	goto on_error_put;
	123	}
	124
	125	if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
09f2a3ef	126	lxc_error("%s\n", "Failed to create busybox container \"capabilities\"");
634b43e1 CB	127	goto on_error_put;
	128	}
	129
	130	if (!c->is_defined(c)) {
09f2a3ef	131	lxc_error("%s\n", "Container \"capabilities\" is not defined");
634b43e1 CB	132	goto on_error_destroy;
	133	}
	134
	135	if (!c->clear_config_item(c, "lxc.cap.drop")) {
	136	lxc_error("%s\n", "Failed to clear config item \"lxc.cap.drop\"");
	137	goto on_error_destroy;
	138	}
	139
	140	if (!c->clear_config_item(c, "lxc.cap.keep")) {
	141	lxc_error("%s\n", "Failed to clear config item \"lxc.cap.drop\"");
	142	goto on_error_destroy;
	143	}
	144
09f2a3ef CB	145	if (allow) {
	146	if (!c->set_config_item(c, "lxc.cap.keep", "mknod")) {
	147	lxc_error("%s\n", "Failed to set config item \"lxc.cap.keep=mknod\"");
	148	goto on_error_destroy;
	149	}
	150	} else {
	151	if (!c->set_config_item(c, "lxc.cap.drop", "mknod")) {
	152	lxc_error("%s\n", "Failed to set config item \"lxc.cap.drop=mknod\"");
	153	goto on_error_destroy;
	154	}
634b43e1 CB	155	}
	156
	157	if (!c->want_daemonize(c, true)) {
09f2a3ef	158	lxc_error("%s\n", "Failed to mark container \"capabilities\" daemonized");
634b43e1 CB	159	goto on_error_destroy;
	160	}
	161
	162	if (!c->startl(c, 0, NULL)) {
09f2a3ef	163	lxc_error("%s\n", "Failed to start container \"capabilities\" daemonized");
634b43e1 CB	164	goto on_error_destroy;
	165	}
	166
09f2a3ef	167	ret = c->attach(c, test, NULL, &attach_options, &pid);
634b43e1	168	if (ret < 0) {
09f2a3ef	169	lxc_error("%s\n", "Failed to run function in container \"capabilities\"");
634b43e1 CB	170	goto on_error_stop;
	171	}
	172
	173	ret = wait_for_pid(pid);
	174	if (ret) {
09f2a3ef	175	lxc_error("%s\n", "Function \"capabilities\" failed");
634b43e1 CB	176	goto on_error_stop;
	177	}
	178
	179	fret = 0;
	180
	181	on_error_stop:
	182	if (c->is_running(c) && !c->stop(c))
09f2a3ef	183	lxc_error("%s\n", "Failed to stop container \"capabilities\"");
634b43e1 CB	184
	185	on_error_destroy:
	186	if (!c->destroy(c))
09f2a3ef	187	lxc_error("%s\n", "Failed to destroy container \"capabilities\"");
634b43e1 CB	188
	189	on_error_put:
	190	lxc_container_put(c);
	191
	192	if (fret == EXIT_SUCCESS) {
09f2a3ef	193	lxc_debug("All capability %s tests passed\n", allow ? "allow" : "deny");
634b43e1 CB	194	} else {
	195	int fd;
	196
	197	fd = open(template, O_RDONLY);
	198	if (fd >= 0) {
	199	char buf[4096];
	200	ssize_t buflen;
	201	while ((buflen = read(fd, buf, 1024)) > 0) {
	202	buflen = write(STDERR_FILENO, buf, buflen);
	203	if (buflen <= 0)
	204	break;
	205	}
	206	close(fd);
	207	}
	208	}
	209	(void)unlink(template);
	210
09f2a3ef CB	211	return fret;
	212	}
	213
8a0de7e7 CB	214	static void __attribute__((constructor)) capabilities_init(void)
	215	{
	216	int ret;
	217	__u32 nr_u32;
	218
	219	ret = lxc_caps_last_cap(&last_cap);
	220	if (ret \|\| last_cap > 200)
	221	_exit(EXIT_FAILURE);
	222
	223	nr_u32 = BITS_TO_LONGS(last_cap);
	224	cap_bset_bits = zalloc(nr_u32 * sizeof(__u32));
	225	if (!cap_bset_bits)
	226	_exit(EXIT_FAILURE);
	227
	228	for (__u32 cap_bit = 0; cap_bit <= last_cap; cap_bit++) {
	229	if (prctl(PR_CAPBSET_READ, prctl_arg(cap_bit)) == 0)
	230	continue;
	231
	232	set_bit(cap_bit, cap_bset_bits);
	233	}
	234	}
	235
	236	static void __attribute__((destructor)) capabilities_exit(void)
	237	{
	238	free(cap_bset_bits);
	239	}
	240
09f2a3ef CB	241	int main(int argc, char *argv[])
	242	{
	243	if (run(capabilities_allow, true))
	244	exit(EXIT_FAILURE);
	245
	246	if (run(capabilities_deny, false))
	247	exit(EXIT_FAILURE);
	248
	249	exit(EXIT_SUCCESS);
634b43e1 CB	250	}
	251
	252	#else /* !HAVE_LIBCAP */
	253
	254	int main(int argc, char *argv[])
	255	{
	256	lxc_debug("%s\n", "Capabilities not supported. Skipping.");
	257	exit(EXIT_SUCCESS);
	258	}
	259	#endif