Am Mi., 18. Juni 2025 um 22:54 Uhr schrieb Christian Brauner
<brauner@xxxxxxxxxx>:
>
> Verify that ->setattr() on a pidfd doens't work.
>
> Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
Reviewed-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@xxxxxxxxxxxxx>
> ---
> tools/testing/selftests/pidfd/.gitignore | 1 +
> tools/testing/selftests/pidfd/Makefile | 2 +-
> tools/testing/selftests/pidfd/pidfd_setattr_test.c | 69 ++++++++++++++++++++++
> 3 files changed, 71 insertions(+), 1 deletion(-)
>
> diff --git a/tools/testing/selftests/pidfd/.gitignore b/tools/testing/selftests/pidfd/.gitignore
> index bc4130506eda..144e7ff65d6a 100644
> --- a/tools/testing/selftests/pidfd/.gitignore
> +++ b/tools/testing/selftests/pidfd/.gitignore
> @@ -11,3 +11,4 @@ pidfd_bind_mount
> pidfd_info_test
> pidfd_exec_helper
> pidfd_xattr_test
> +pidfd_setattr_test
> diff --git a/tools/testing/selftests/pidfd/Makefile b/tools/testing/selftests/pidfd/Makefile
> index c9fd5023ef15..03a6eede9c9e 100644
> --- a/tools/testing/selftests/pidfd/Makefile
> +++ b/tools/testing/selftests/pidfd/Makefile
> @@ -4,7 +4,7 @@ CFLAGS += -g $(KHDR_INCLUDES) -pthread -Wall
> TEST_GEN_PROGS := pidfd_test pidfd_fdinfo_test pidfd_open_test \
> pidfd_poll_test pidfd_wait pidfd_getfd_test pidfd_setns_test \
> pidfd_file_handle_test pidfd_bind_mount pidfd_info_test \
> - pidfd_xattr_test
> + pidfd_xattr_test pidfd_setattr_test
>
> TEST_GEN_PROGS_EXTENDED := pidfd_exec_helper
>
> diff --git a/tools/testing/selftests/pidfd/pidfd_setattr_test.c b/tools/testing/selftests/pidfd/pidfd_setattr_test.c
> new file mode 100644
> index 000000000000..d7de05edc4b3
> --- /dev/null
> +++ b/tools/testing/selftests/pidfd/pidfd_setattr_test.c
> @@ -0,0 +1,69 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +#define _GNU_SOURCE
> +#include <errno.h>
> +#include <fcntl.h>
> +#include <limits.h>
> +#include <linux/types.h>
> +#include <poll.h>
> +#include <pthread.h>
> +#include <sched.h>
> +#include <signal.h>
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +#include <syscall.h>
> +#include <sys/prctl.h>
> +#include <sys/wait.h>
> +#include <unistd.h>
> +#include <sys/socket.h>
> +#include <linux/kcmp.h>
> +#include <sys/stat.h>
> +#include <sys/xattr.h>
> +
> +#include "pidfd.h"
> +#include "../kselftest_harness.h"
> +
> +FIXTURE(pidfs_setattr)
> +{
> + pid_t child_pid;
> + int child_pidfd;
> +};
> +
> +FIXTURE_SETUP(pidfs_setattr)
> +{
> + self->child_pid = create_child(&self->child_pidfd, CLONE_NEWUSER | CLONE_NEWPID);
> + EXPECT_GE(self->child_pid, 0);
> +
> + if (self->child_pid == 0)
> + _exit(EXIT_SUCCESS);
> +}
> +
> +FIXTURE_TEARDOWN(pidfs_setattr)
> +{
> + sys_waitid(P_PID, self->child_pid, NULL, WEXITED);
> + EXPECT_EQ(close(self->child_pidfd), 0);
> +}
> +
> +TEST_F(pidfs_setattr, no_chown)
> +{
> + ASSERT_LT(fchown(self->child_pidfd, 1234, 5678), 0);
> + ASSERT_EQ(errno, EOPNOTSUPP);
> +}
> +
> +TEST_F(pidfs_setattr, no_chmod)
> +{
> + ASSERT_LT(fchmod(self->child_pidfd, 0777), 0);
> + ASSERT_EQ(errno, EOPNOTSUPP);
> +}
> +
> +TEST_F(pidfs_setattr, no_exec)
> +{
> + char *const argv[] = { NULL };
> + char *const envp[] = { NULL };
> +
> + ASSERT_LT(execveat(self->child_pidfd, "", argv, envp, AT_EMPTY_PATH), 0);
> + ASSERT_EQ(errno, EACCES);
> +}
> +
> +TEST_HARNESS_MAIN
>
> --
> 2.47.2
>
