diff options
author | Kees Cook <keescook@chromium.org> | 2020-05-17 21:47:43 -0700 |
---|---|---|
committer | Shuah Khan <skhan@linuxfoundation.org> | 2020-05-22 09:29:00 -0600 |
commit | 61016db15b8e20f371352db6a75b044ec3183fe7 (patch) | |
tree | e165fec62302f9fd5d2d7f0d23196b50b6fdcf3e /tools/testing/selftests/exec/execveat.c | |
parent | a5f304670b80973dfce5bc86cacff20244926cf6 (diff) | |
download | linux-61016db15b8e20f371352db6a75b044ec3183fe7.tar.bz2 |
selftests/exec: Verify execve of non-regular files fail
Add a named pipe as an exec target to make sure that non-regular
files are rejected by execve() with EACCES. This can help verify
commit 73601ea5b7b1 ("fs/open.c: allow opening only regular files
during execve()").
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
Diffstat (limited to 'tools/testing/selftests/exec/execveat.c')
-rw-r--r-- | tools/testing/selftests/exec/execveat.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/tools/testing/selftests/exec/execveat.c b/tools/testing/selftests/exec/execveat.c index cbb6efbdb786..67bf7254a48f 100644 --- a/tools/testing/selftests/exec/execveat.c +++ b/tools/testing/selftests/exec/execveat.c @@ -5,7 +5,9 @@ * Selftests for execveat(2). */ +#ifndef _GNU_SOURCE #define _GNU_SOURCE /* to get O_PATH, AT_EMPTY_PATH */ +#endif #include <sys/sendfile.h> #include <sys/stat.h> #include <sys/syscall.h> @@ -311,6 +313,10 @@ static int run_tests(void) fail += check_execveat_fail(AT_FDCWD, fullname_symlink, AT_SYMLINK_NOFOLLOW, ELOOP); + /* Non-regular file failure */ + fail += check_execveat_fail(dot_dfd, "pipe", 0, EACCES); + unlink("pipe"); + /* Shell script wrapping executable file: */ /* dfd + path */ fail += check_execveat(subdir_dfd, "../script", 0); @@ -384,6 +390,8 @@ static void prerequisites(void) fd = open("subdir.ephemeral/script", O_RDWR|O_CREAT|O_TRUNC, 0755); write(fd, script, strlen(script)); close(fd); + + mkfifo("pipe", 0755); } int main(int argc, char **argv) |