Linux 4.10 compat: has_capability()

Stock kernels older than 4.10 do not export the has_capability()
function which is required by commit e59a377.  To avoid breaking
the build on older kernels revert to the safe legacy behavior and
return EACCES when privileges cannot be checked.

Reviewed-by: Ryan Moeller <ryan@ixsystems.com>
Reviewed-by: Matt Ahrens <matt@delphix.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #10565
Closes #10573
This commit is contained in:
Brian Behlendorf 2020-07-19 09:56:21 -07:00 committed by GitHub
parent 8fbf432ae2
commit e862b7ecfc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 64 additions and 0 deletions

View File

@ -19,6 +19,33 @@ AC_DEFUN([ZFS_AC_KERNEL_NS_CAPABLE], [
]) ])
]) ])
dnl #
dnl # 4.10 API change
dnl # has_capability() was exported.
dnl #
AC_DEFUN([ZFS_AC_KERNEL_SRC_HAS_CAPABILITY], [
ZFS_LINUX_TEST_SRC([has_capability], [
#include <linux/capability.h>
],[
struct task_struct *task = NULL;
int cap = 0;
bool result __attribute__ ((unused));
result = has_capability(task, cap);
])
])
AC_DEFUN([ZFS_AC_KERNEL_HAS_CAPABILITY], [
AC_MSG_CHECKING([whether has_capability() is available])
ZFS_LINUX_TEST_RESULT_SYMBOL([has_capability],
[has_capability], [kernel/capability.c], [
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_HAS_CAPABILITY, 1, [has_capability() is available])
],[
AC_MSG_RESULT(no)
])
])
dnl # dnl #
dnl # 2.6.39 API change dnl # 2.6.39 API change
dnl # struct user_namespace was added to struct cred_t as cred->user_ns member dnl # struct user_namespace was added to struct cred_t as cred->user_ns member
@ -66,12 +93,14 @@ AC_DEFUN([ZFS_AC_KERNEL_KUID_HAS_MAPPING], [
AC_DEFUN([ZFS_AC_KERNEL_SRC_USERNS_CAPABILITIES], [ AC_DEFUN([ZFS_AC_KERNEL_SRC_USERNS_CAPABILITIES], [
ZFS_AC_KERNEL_SRC_NS_CAPABLE ZFS_AC_KERNEL_SRC_NS_CAPABLE
ZFS_AC_KERNEL_SRC_HAS_CAPABILITY
ZFS_AC_KERNEL_SRC_CRED_USER_NS ZFS_AC_KERNEL_SRC_CRED_USER_NS
ZFS_AC_KERNEL_SRC_KUID_HAS_MAPPING ZFS_AC_KERNEL_SRC_KUID_HAS_MAPPING
]) ])
AC_DEFUN([ZFS_AC_KERNEL_USERNS_CAPABILITIES], [ AC_DEFUN([ZFS_AC_KERNEL_USERNS_CAPABILITIES], [
ZFS_AC_KERNEL_NS_CAPABLE ZFS_AC_KERNEL_NS_CAPABLE
ZFS_AC_KERNEL_HAS_CAPABILITY
ZFS_AC_KERNEL_CRED_USER_NS ZFS_AC_KERNEL_CRED_USER_NS
ZFS_AC_KERNEL_KUID_HAS_MAPPING ZFS_AC_KERNEL_KUID_HAS_MAPPING
]) ])

View File

@ -249,13 +249,22 @@ secpolicy_zfs(const cred_t *cr)
* Equivalent to secpolicy_zfs(), but works even if the cred_t is not that of * Equivalent to secpolicy_zfs(), but works even if the cred_t is not that of
* the current process. Takes both cred_t and proc_t so that this can work * the current process. Takes both cred_t and proc_t so that this can work
* easily on all platforms. * easily on all platforms.
*
* The has_capability() function was first exported in the 4.10 Linux kernel
* then backported to some LTS kernels. Prior to this change there was no
* mechanism to perform this check therefore EACCES is returned when the
* functionality is not present in the kernel.
*/ */
int int
secpolicy_zfs_proc(const cred_t *cr, proc_t *proc) secpolicy_zfs_proc(const cred_t *cr, proc_t *proc)
{ {
#if defined(HAVE_HAS_CAPABILITY)
if (!has_capability(proc, CAP_SYS_ADMIN)) if (!has_capability(proc, CAP_SYS_ADMIN))
return (EACCES); return (EACCES);
return (0); return (0);
#else
return (EACCES);
#endif
} }
void void

View File

@ -263,6 +263,8 @@ elif sys.platform.startswith('linux'):
'cli_root/zpool_expand/zpool_expand_001_pos': ['FAIL', known_reason], 'cli_root/zpool_expand/zpool_expand_001_pos': ['FAIL', known_reason],
'cli_root/zpool_expand/zpool_expand_005_pos': ['FAIL', known_reason], 'cli_root/zpool_expand/zpool_expand_005_pos': ['FAIL', known_reason],
'cli_root/zpool_reopen/zpool_reopen_003_pos': ['FAIL', known_reason], 'cli_root/zpool_reopen/zpool_reopen_003_pos': ['FAIL', known_reason],
'limits/filesystem_limit': ['SKIP', known_reason],
'limits/snapshot_limit': ['SKIP', known_reason],
'refreserv/refreserv_raidz': ['FAIL', known_reason], 'refreserv/refreserv_raidz': ['FAIL', known_reason],
'rsend/rsend_007_pos': ['FAIL', known_reason], 'rsend/rsend_007_pos': ['FAIL', known_reason],
'rsend/rsend_010_pos': ['FAIL', known_reason], 'rsend/rsend_010_pos': ['FAIL', known_reason],

View File

@ -30,6 +30,18 @@
verify_runnable "both" verify_runnable "both"
#
# The has_capability() function was first exported in the 4.10 Linux kernel
# then backported to some LTS kernels. Prior to this change there was no
# mechanism to perform the needed permission check. Therefore, this test
# is expected to fail on older kernels and is skipped.
#
if is_linux; then
if [[ $(linux_version) -lt $(linux_version "4.10") ]]; then
log_unsupported "Requires has_capability() kernel function"
fi
fi
function setup function setup
{ {
# We can't delegate 'mount' privs under Linux: to avoid issues with # We can't delegate 'mount' privs under Linux: to avoid issues with

View File

@ -31,6 +31,18 @@
verify_runnable "both" verify_runnable "both"
#
# The has_capability() function was first exported in the 4.10 Linux kernel
# then backported to some LTS kernels. Prior to this change there was no
# mechanism to perform the needed permission check. Therefore, this test
# is expected to fail on older kernels and is skipped.
#
if is_linux; then
if [[ $(linux_version) -lt $(linux_version "4.10") ]]; then
log_unsupported "Requires has_capability() kernel function"
fi
fi
function setup function setup
{ {
# We can't delegate 'mount' privs under Linux: to avoid issues with # We can't delegate 'mount' privs under Linux: to avoid issues with