diff options
author | Andrew G. Morgan <morgan@kernel.org> | 2016-02-06 19:42:27 -0800 |
---|---|---|
committer | Andrew G. Morgan <morgan@kernel.org> | 2016-02-06 19:42:27 -0800 |
commit | dce069b617cf5e42fde707196eaf2ee8d62bc96c (patch) | |
tree | 58038c1d524b63e7dec8391cb4b8f902b700bf0d | |
parent | 1f52c8a50305ab07b029008a8c7d6318355944b3 (diff) | |
download | libcap-dce069b617cf5e42fde707196eaf2ee8d62bc96c.tar.gz |
Add something to run libcap's quicktest tests against development kernel.
The kdebug directory requires qemu to run and expects the kernel
to be compiled with the running architecture. My setup has the kernel
sources as a peer to the libcap directory so kdebug assumes that too.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
-rw-r--r-- | Makefile | 3 | ||||
-rw-r--r-- | kdebug/Makefile | 14 | ||||
-rw-r--r-- | kdebug/test-bash.sh | 4 | ||||
-rw-r--r-- | kdebug/test-init.sh | 14 | ||||
-rwxr-xr-x | kdebug/test-kernel.sh | 67 | ||||
-rw-r--r-- | kdebug/test-passwd | 2 | ||||
-rw-r--r-- | kdebug/test-prompt.sh | 2 | ||||
-rwxr-xr-x | progs/quicktest.sh | 3 |
8 files changed, 107 insertions, 2 deletions
@@ -8,13 +8,14 @@ include Make.Rules # flags # -all install clean: %: %-here +all install clean kdebug: %: %-here $(MAKE) -C libcap $@ ifneq ($(PAM_CAP),no) $(MAKE) -C pam_cap $@ endif $(MAKE) -C progs $@ $(MAKE) -C doc $@ + $(MAKE) -C kdebug $@ all-here: diff --git a/kdebug/Makefile b/kdebug/Makefile new file mode 100644 index 0000000..c710050 --- /dev/null +++ b/kdebug/Makefile @@ -0,0 +1,14 @@ +topdir=$(shell pwd)/.. +include ../Make.Rules + +test: + ./test-kernel.sh + +all: + @echo cd to kdebug to test a kernel build + +install: + +clean: + $(LOCALCLEAN) + rm -f fs.conf initramfs.img diff --git a/kdebug/test-bash.sh b/kdebug/test-bash.sh new file mode 100644 index 0000000..2777b21 --- /dev/null +++ b/kdebug/test-bash.sh @@ -0,0 +1,4 @@ +#!/bin/sh +# bash is used in various headers so we need a wrapper to invoke sh +# instead. +exec sh "$@" diff --git a/kdebug/test-init.sh b/kdebug/test-init.sh new file mode 100644 index 0000000..4b55b51 --- /dev/null +++ b/kdebug/test-init.sh @@ -0,0 +1,14 @@ +#!/bin/sh +PATH=/bin + +echo -n "Mounting filesystems ... " +mount -t proc proc /proc +mount -t devtmpfs dev /dev +mount -t sysfs sys /sys +mount -t devpts pts /dev/pts +echo done + +echo Hello, World +cd /root +./quicktest.sh +sh -i diff --git a/kdebug/test-kernel.sh b/kdebug/test-kernel.sh new file mode 100755 index 0000000..c8ce144 --- /dev/null +++ b/kdebug/test-kernel.sh @@ -0,0 +1,67 @@ +#!/bin/bash +# The following is a synthesis of info in: +# +# http://vmsplice.net/~stefan/stefanha-kernel-recipes-2015.pdf +# http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/README +# +KBASE=../../linux +#APPEND="console=ttyS0" + +function die { + echo "$*" + exit 1 +} + +pushd .. +make || die "failed to make libcap tree" +popd + +# Assumes desired make *config (eg. make defconfig) is already done. +pushd $KBASE +pwd +make V=1 all || die "failed to build kernel: $0" +popd + +HERE=$(/bin/pwd) + +cat > fs.conf <<EOF +file /init test-init.sh 0755 0 0 +dir /etc 0755 0 0 +file /etc/passwd test-passwd 0444 0 0 +dir /lib 0755 0 0 +dir /proc 0755 0 0 +dir /dev 0755 0 0 +dir /sys 0755 0 0 +dir /sbin 0755 0 0 +file /sbin/busybox /usr/sbin/busybox 0755 0 0 +dir /bin 0755 0 0 +file /bin/myprompt test-prompt.sh 0755 0 0 +file /bin/bash test-bash.sh 0755 0 0 +dir /usr 0755 0 0 +dir /usr/bin 0755 0 0 +dir /root 0755 0 0 +file /root/quicktest.sh $HERE/../progs/quicktest.sh 0755 0 0 +file /root/setcap $HERE/../progs/setcap 0755 0 0 +file /root/getcap $HERE/../progs/getcap 0755 0 0 +file /root/capsh $HERE/../progs/capsh 0755 0 0 +file /root/getpcaps $HERE/../progs/getpcaps 0755 0 0 +EOF + +COMMANDS="ls ln cp id pwd mkdir rmdir cat rm sh mount umount chmod less" +for f in $COMMANDS; do + echo slink /bin/$f /sbin/busybox 0755 0 0 >> fs.conf +done + +UCOMMANDS="id cut" +for f in $UCOMMANDS; do + echo slink /usr/bin/$f /sbin/busybox 0755 0 0 >> fs.conf +done + +$KBASE/usr/gen_init_cpio fs.conf | gzip -9 > initramfs.img + +KERNEL=$KBASE/arch/x86_64/boot/bzImage + +qemu-system-$(uname -m) -m 1024 \ + -kernel $KERNEL \ + -initrd initramfs.img \ + -append "$APPEND" diff --git a/kdebug/test-passwd b/kdebug/test-passwd new file mode 100644 index 0000000..4fa92a4 --- /dev/null +++ b/kdebug/test-passwd @@ -0,0 +1,2 @@ +root:x:0:0:root:/root:/bin/bash +nobody:x:99:99:Nobody:/:/sbin/nologin diff --git a/kdebug/test-prompt.sh b/kdebug/test-prompt.sh new file mode 100644 index 0000000..1c19c16 --- /dev/null +++ b/kdebug/test-prompt.sh @@ -0,0 +1,2 @@ +#!/bin/sh +echo -n "$(pwd)# " diff --git a/progs/quicktest.sh b/progs/quicktest.sh index 48c9b9e..e8b2c8e 100755 --- a/progs/quicktest.sh +++ b/progs/quicktest.sh @@ -122,8 +122,9 @@ rm -f ./privileged # test that we do not support capabilities on setuid shell-scripts cat > hack.sh <<EOF #!/bin/bash +/usr/bin/id mypid=\$\$ -caps=\$(./getpcaps \$mypid 2>&1 | cut -d: -f2) +caps=\$(./getpcaps \$mypid 2>&1 | /usr/bin/cut -d: -f2) if [ "\$caps" != " =" ]; then echo "Shell script got [\$caps] - you should upgrade your kernel" exit 1 |