test: security

This test creates 2 users to check how secure is using criu with setuid bit set. Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
2026-01-23 02:14:37 +00:00 · 2014-07-14 22:24:26 +04:00 · 2014-07-14 22:24:26 +04:00 · ef39c4657b
commit ef39c4657b
parent bd1451f771
4 changed files with 125 additions and 1 deletions
--- a/test/Makefile
+++ b/test/Makefile
@ -9,7 +9,7 @@ all: .FORCE
 	$(MAKE) zdtm
 .PHONY: all

-TESTS = unix-callback mem-snap rpc libcriu mounts/ext
+TESTS = unix-callback mem-snap rpc libcriu mounts/ext security

 other: .FORCE
 	for t in $(TESTS); do			\
--- a/test/security/Makefile
+++ b/test/security/Makefile
@ -0,0 +1,32 @@
+DIR	:= /tmp/criu-test
+LOOP	:= $(DIR)/loop.sh
+PIDFILE := $(DIR)/loop.pid
+IMGS	:= $(DIR)/imgs
+CRIU	:= $(DIR)/criu
+
+ROOT	:=root
+USR1	:=criu-test-user1
+USR2	:=criu-test-user2
+
+export DIR LOOP PIDFILE IMGS CRIU ROOT USR1 USR2
+
+run: testdir users
+	./run.sh
+
+testdir: ../../criu
+	mkdir -p $(DIR)
+	mkdir -p $(IMGS)
+	cp ../../criu $(CRIU)
+	chmod u+s $(CRIU)
+	cp loop.sh $(LOOP)
+	chmod 777 $(DIR)
+
+users:
+	useradd -M -U $(USR1)
+	useradd -M -U $(USR2)
+	usermod -a -G $(USR2) $(USR1)
+
+clean:
+	rm -rf $(DIR)
+	-userdel -f $(USR1)
+	-userdel -f $(USR2)
--- a/test/security/loop.sh
+++ b/test/security/loop.sh
@ -0,0 +1,12 @@
+#!/bin/bash
+
+echo $$
+
+if [ "$1" == "--chgrp" ]; then
+	grps=( $(groups) )
+	newgrp ${grps[1]}
+fi
+
+while :; do
+	sleep 1
+done
--- a/test/security/run.sh
+++ b/test/security/run.sh
@ -0,0 +1,80 @@
+#!/bin/bash
+
+PID=
+
+function run_as {
+	echo "== Run ${LOOP} as $1"
+	echo ${PIDFILE}
+	rm -f ${PIDFILE}
+	su $1 -c "${LOOP} $2 < /dev/null 2> /dev/null > ${PIDFILE} &"
+	PID=`cat ${PIDFILE}`
+	echo ${PID}
+}
+
+function dump_as {
+	echo "== Dump ${PID} as $@"
+	su $@ -c "${CRIU} dump --tree ${PID} --images-dir ${IMGS} --shell-job"
+	return $?
+}
+
+function rstr_as {
+	echo "== Restore ${IMGS} as $@"
+	su $@ -c "${CRIU} restore --images-dir ${IMGS} --shell-job --restore-detached"
+	return $?
+}
+
+function result {
+	local BGRED='\033[41m'
+	local BGGREEN='\033[42m'
+	local NORMAL=$(tput sgr0)
+
+	if [ $1 -ne 0 ]; then
+		echo -e "${BGRED}FAIL${NORMAL}"
+	else
+		echo -e "${BGGREEN}PASS${NORMAL}"
+	fi
+}
+
+function test_root {
+	echo "==== Check that non-root can't dump/restore process owned by root"
+
+	run_as  ${ROOT}
+
+	dump_as ${USR1} ; result $((!$?))
+	dump_as ${ROOT} ; result $(($?))
+
+	rstr_as ${USR1} ; result $((!$?))
+	rstr_as ${ROOT} ; result $(($?))
+
+	kill -SIGKILL ${PID}
+}
+
+function test_other {
+	echo "==== Check that user2 can't dump/restore process owned by user1"
+
+	run_as  ${USR1}
+
+	dump_as ${USR2} ; result $((!$?))
+	dump_as ${USR1} ; result $(($?))
+
+	rstr_as ${USR2} ; result $((!$?))
+	rstr_as ${USR1} ; result $(($?))
+
+	kill -SIGKILL ${PID}
+}
+
+function test_own {
+	echo "==== Check that user1 can dump/restore his own process that changes it's gid to one from groups"
+
+	run_as  ${USR1} "--chgrp"
+
+	dump_as ${USR1} ; result $(($?))
+
+	rstr_as ${USR1} ; result $(($?))
+
+	kill -SIGKILL ${PID}
+}
+
+test_root
+test_other
+test_own