[PATCH v3] selftests/landlock: Add tests for io_uring openat access control with Landlock rules

Thu Apr 4 13:08:46 UTC 2024

> Subject: Re: your mail

There is an issue with the subject.

On Thu, Apr 04, 2024 at 12:16:21PM +0000, Dorine Tipo wrote:
> 
> > What is tested exactly?
> 
> The test_ioring_op_openat() function is testing the enforcement of
> Landlock rules for read-only access.
> It's specifically checking whether the Landlock rules correctly allow or
> deny read-only access to the specified file when using the openat system
> call with io_uring. The test does this by preparing a submission queue
> entry for the openat operation with io_uring_prep_openat(), submitting
> this operation to the kernel via io_uring, and then checking the result.
> If the operation is successful, it means that Landlock allowed the read-only
> access as expected. If the operation fails, it means that Landlock correctly
> denied the access.

That doesn't reflect the content of this patch.

> 
> > +static int test_ioring_op_openat(struct __test_metadata *const _metadata, const __u64 access, const char **paths)
> > +{
> > +     int ruleset_fd;
> > +     int ret;
> > +     struct io_uring ring;
> > +     struct io_uring_sqe *sqe;
> > +
> > +     /* Test Allowed Access */
> > +     const struct rule allowed_rule[] = {
> > +             {
> > +                     .path = paths[0],
> > +                     .access = access,
> > +             },
> > +             {
> > +                     .path = NULL,
> > +             },
> > +     };
> > +
> > +     ruleset_fd = create_ruleset(_metadata, allowed_rule[0].access, allowed_rule);
> > +
> > +     ASSERT_LE(0, ruleset_fd);
> > +
> > +     ret = io_uring_queue_init(32, &ring, 0);
> > +
> > +     ASSERT_EQ(0, ret);
> > +
> > +     /* Test allowed path */
> > +     sqe = io_uring_get_sqe(&ring);
> > +
> > +     /* Prepare SQE  for the openat operation */
> > +     io_uring_prep_openat(sqe, AT_FDCWD, paths[0], O_RDONLY, ruleset_fd);
> 
> > Can you please explain what this call to io_uring_prep_openat() do?
> 
> io_uring_prep_openat() prepares the submission queue entry for the openat
> system call. In my tests the call to io_uring_prep_openat() is preparing
> an openat operation to open a file at a certain path with read-only access.
> This operation is then submitted to the kernel via io_uring, and the test
> checks whether the operation is allowed or denied based on the define
> Landlock rules.

This is not what is tested by this patch.

What is the last argument of io_uring_prep_openat()?  Did you write this
code?