test: security

This test creates 2 users to check how secure is using criu with setuid bit set. Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

test: security
This test creates 2 users to check how secure is using criu with setuid bit set. Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
ef39c465 · Ruslan Kuprieiev · Pavel Emelyanov · bd1451f7 · ef39c465 · ef39c465
Commit ef39c465 authored Jul 14, 2014 by Ruslan Kuprieiev Committed by Pavel Emelyanov Aug 06, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 125 additions and 1 deletion

Makefile test/Makefile +1 -1

Makefile test/security/Makefile +32 -0

loop.sh test/security/loop.sh +12 -0

run.sh test/security/run.sh +80 -0

No files found.
--- a/test/Makefile
+++ b/test/Makefile
@@ -9,7 +9,7 @@ all: .FORCE
 	$(MAKE) zdtm
 .PHONY: all
-TESTS = unix-callback mem-snap rpc libcriu mounts/ext
+TESTS = unix-callback mem-snap rpc libcriu mounts/ext security
 other: .FORCE
 	for t in $(TESTS); do			\

--- a/test/security/Makefile
+++ b/test/security/Makefile
+DIR	:= /tmp/criu-test
+LOOP	:= $(DIR)/loop.sh
+PIDFILE := $(DIR)/loop.pid
+IMGS	:= $(DIR)/imgs
+CRIU	:= $(DIR)/criu
+ROOT	:=root
+USR1	:=criu-test-user1
+USR2	:=criu-test-user2
+export DIR LOOP PIDFILE IMGS CRIU ROOT USR1 USR2
+run: testdir users
+	./run.sh
+testdir: ../../criu
+	mkdir -p $(DIR)
+	mkdir -p $(IMGS)
+	cp ../../criu $(CRIU)
+	chmod u+s $(CRIU)
+	cp loop.sh $(LOOP)
+	chmod 777 $(DIR)
+users:
+	useradd -M -U $(USR1)
+	useradd -M -U $(USR2)
+	usermod -a -G $(USR2) $(USR1)
+clean:
+	rm -rf $(DIR)
+	-userdel -f $(USR1)
+	-userdel -f $(USR2)
--- a/test/security/loop.sh
+++ b/test/security/loop.sh
+#!/bin/bash
+echo $$
+if [ "$1" == "--chgrp" ]; then
+	grps=( $(groups) )
+	newgrp ${grps[1]}
+fi
+while :; do
+	sleep 1
+done
--- a/test/security/run.sh
+++ b/test/security/run.sh
+#!/bin/bash
+PID=
+function run_as {
+	echo "== Run ${LOOP} as $1"
+	echo ${PIDFILE}
+	rm -f ${PIDFILE}
+	su $1 -c "${LOOP} $2 < /dev/null 2> /dev/null > ${PIDFILE} &"
+	PID=`cat ${PIDFILE}`
+	echo ${PID}
+}
+function dump_as {
+	echo "== Dump ${PID} as $@"
+	su $@ -c "${CRIU} dump --tree ${PID} --images-dir ${IMGS} --shell-job"
+	return $?
+}
+function rstr_as {
+	echo "== Restore ${IMGS} as $@"
+	su $@ -c "${CRIU} restore --images-dir ${IMGS} --shell-job --restore-detached"
+	return $?
+}
+function result {
+	local BGRED='\033[41m'
+	local BGGREEN='\033[42m'
+	local NORMAL=$(tput sgr0)
+	if [ $1 -ne 0 ]; then
+		echo -e "${BGRED}FAIL${NORMAL}"
+	else
+		echo -e "${BGGREEN}PASS${NORMAL}"
+	fi
+}
+function test_root {
+	echo "==== Check that non-root can't dump/restore process owned by root"
+	run_as  ${ROOT}
+	dump_as ${USR1} ; result $((!$?))
+	dump_as ${ROOT} ; result $(($?))
+	rstr_as ${USR1} ; result $((!$?))
+	rstr_as ${ROOT} ; result $(($?))
+	kill -SIGKILL ${PID}
+}
+function test_other {
+	echo "==== Check that user2 can't dump/restore process owned by user1"
+	run_as  ${USR1}
+	dump_as ${USR2} ; result $((!$?))
+	dump_as ${USR1} ; result $(($?))
+	rstr_as ${USR2} ; result $((!$?))
+	rstr_as ${USR1} ; result $(($?))
+	kill -SIGKILL ${PID}
+}
+function test_own {
+	echo "==== Check that user1 can dump/restore his own process that changes it's gid to one from groups"
+	run_as  ${USR1} "--chgrp"
+	dump_as ${USR1} ; result $(($?))
+	rstr_as ${USR1} ; result $(($?))
+	kill -SIGKILL ${PID}
+}
+test_root
+test_other
+test_own