Fix rights checks across the codebase.

* Fix path_open granting more rights than requested * Add missing rights checks in: fd_fdstat_set_flags, fd_filestat_get, poll_oneoff * Fix `open_scratch_directory` not requesting any rights. * Properly request needed rights in various tests * Add some extra trace-level logging * Remove a no-op restriction of rights to the ones returned by `determine_type_rights`. It was redundant, because `FdEntry:from` internally also called `determine_type_rights` and only dropped some of them.
2020-01-07 17:19:20 +01:00
parent 5efa640e23
commit f7f10c12b3
12 changed files with 71 additions and 36 deletions
--- a/crates/test-programs/wasi-tests/src/bin/fd_advise.rs
+++ b/crates/test-programs/wasi-tests/src/bin/fd_advise.rs
@@ -9,7 +9,11 @@ unsafe fn test_fd_advise(dir_fd: wasi::Fd) {
        0,
        "file",
        wasi::OFLAGS_CREAT,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
+        wasi::RIGHTS_FD_READ
+            | wasi::RIGHTS_FD_WRITE
+            | wasi::RIGHTS_FD_ADVISE
+            | wasi::RIGHTS_FD_FILESTAT_GET
+            | wasi::RIGHTS_FD_ALLOCATE,
        0,
        0,
    )
--- a/crates/test-programs/wasi-tests/src/bin/fd_filestat_set.rs
+++ b/crates/test-programs/wasi-tests/src/bin/fd_filestat_set.rs
@@ -9,7 +9,11 @@ unsafe fn test_fd_filestat_set(dir_fd: wasi::Fd) {
        0,
        "file",
        wasi::OFLAGS_CREAT,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
+        wasi::RIGHTS_FD_READ
+            | wasi::RIGHTS_FD_WRITE
+            | wasi::RIGHTS_FD_FILESTAT_GET
+            | wasi::RIGHTS_FD_FILESTAT_SET_SIZE
+            | wasi::RIGHTS_FD_FILESTAT_SET_TIMES,
        0,
        0,
    )
--- a/crates/test-programs/wasi-tests/src/bin/fd_readdir.rs
+++ b/crates/test-programs/wasi-tests/src/bin/fd_readdir.rs
@@ -90,7 +90,10 @@ unsafe fn test_fd_readdir(dir_fd: wasi::Fd) {
        0,
        "file",
        wasi::OFLAGS_CREAT,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
+        wasi::RIGHTS_FD_READ
+            | wasi::RIGHTS_FD_WRITE
+            | wasi::RIGHTS_FD_READDIR
+            | wasi::RIGHTS_FD_FILESTAT_GET,
        0,
        0,
    )
--- a/crates/test-programs/wasi-tests/src/bin/file_allocate.rs
+++ b/crates/test-programs/wasi-tests/src/bin/file_allocate.rs
@@ -9,7 +9,10 @@ unsafe fn test_file_allocate(dir_fd: wasi::Fd) {
        0,
        "file",
        wasi::OFLAGS_CREAT,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
+        wasi::RIGHTS_FD_READ
+            | wasi::RIGHTS_FD_WRITE
+            | wasi::RIGHTS_FD_ALLOCATE
+            | wasi::RIGHTS_FD_FILESTAT_GET,
        0,
        0,
    )
--- a/crates/test-programs/wasi-tests/src/bin/file_seek_tell.rs
+++ b/crates/test-programs/wasi-tests/src/bin/file_seek_tell.rs
@@ -9,7 +9,7 @@ unsafe fn test_file_seek_tell(dir_fd: wasi::Fd) {
        0,
        "file",
        wasi::OFLAGS_CREAT,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
+        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE | wasi::RIGHTS_FD_SEEK | wasi::RIGHTS_FD_TELL,
        0,
        0,
    )
--- a/crates/test-programs/wasi-tests/src/bin/path_link.rs
+++ b/crates/test-programs/wasi-tests/src/bin/path_link.rs
@@ -2,8 +2,15 @@ use more_asserts::assert_gt;
 use std::{env, process};
 use wasi_tests::{create_file, open_scratch_directory};

+const TEST_RIGHTS: wasi::Rights = wasi::RIGHTS_FD_READ
+    | wasi::RIGHTS_PATH_LINK_SOURCE
+    | wasi::RIGHTS_PATH_LINK_TARGET
+    | wasi::RIGHTS_FD_FILESTAT_GET
+    | wasi::RIGHTS_PATH_OPEN
+    | wasi::RIGHTS_PATH_UNLINK_FILE;
+
 unsafe fn create_or_open(dir_fd: wasi::Fd, name: &str, flags: wasi::Oflags) -> wasi::Fd {
-    let file_fd = wasi::path_open(dir_fd, 0, name, flags, 0, 0, 0)
+    let file_fd = wasi::path_open(dir_fd, 0, name, flags, TEST_RIGHTS, TEST_RIGHTS, 0)
        .unwrap_or_else(|_| panic!("opening '{}'", name));
    assert_gt!(
        file_fd,
@@ -14,7 +21,7 @@ unsafe fn create_or_open(dir_fd: wasi::Fd, name: &str, flags: wasi::Oflags) -> w
 }

 unsafe fn open_link(dir_fd: wasi::Fd, name: &str) -> wasi::Fd {
-    let file_fd = wasi::path_open(dir_fd, 0, name, 0, 0, 0, 0)
+    let file_fd = wasi::path_open(dir_fd, 0, name, 0, TEST_RIGHTS, TEST_RIGHTS, 0)
        .unwrap_or_else(|_| panic!("opening a link '{}'", name));
    assert_gt!(
        file_fd,
--- a/crates/test-programs/wasi-tests/src/bin/path_open_read_without_rights.rs
+++ b/crates/test-programs/wasi-tests/src/bin/path_open_read_without_rights.rs
@@ -1,23 +1,9 @@
 use std::{env, process};
 use wasi_tests::open_scratch_directory;
-use wasi_tests::{drop_rights, fd_get_rights};
+use wasi_tests::{drop_rights, fd_get_rights, create_file};

 const TEST_FILENAME: &'static str = "file";

-unsafe fn create_testfile(dir_fd: wasi::Fd) {
-    let fd = wasi::path_open(
-        dir_fd,
-        0,
-        TEST_FILENAME,
-        wasi::OFLAGS_CREAT | wasi::OFLAGS_EXCL,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
-        0,
-        0,
-    )
-    .expect("creating a file");
-    wasi::fd_close(fd).expect("closing a file");
-}
-
 unsafe fn try_read_file(dir_fd: wasi::Fd) {
    let fd = wasi::path_open(dir_fd, 0, TEST_FILENAME, 0, 0, 0, 0).expect("opening the file");

@@ -46,7 +32,7 @@ unsafe fn try_read_file(dir_fd: wasi::Fd) {
 }

 unsafe fn test_read_rights(dir_fd: wasi::Fd) {
-    create_testfile(dir_fd);
+    create_file(dir_fd, TEST_FILENAME);
    drop_rights(dir_fd, wasi::RIGHTS_FD_READ, wasi::RIGHTS_FD_READ);

    let (rbase, rinher) = fd_get_rights(dir_fd);
--- a/crates/test-programs/wasi-tests/src/bin/poll_oneoff.rs
+++ b/crates/test-programs/wasi-tests/src/bin/poll_oneoff.rs
@@ -197,7 +197,7 @@ unsafe fn test_fd_readwrite_valid_fd(dir_fd: wasi::Fd) {
        0,
        "file",
        wasi::OFLAGS_CREAT,
-        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE,
+        wasi::RIGHTS_FD_READ | wasi::RIGHTS_FD_WRITE | wasi::RIGHTS_POLL_FD_READWRITE,
        0,
        0,
    )