diff options
author | gVisor bot <gvisor-bot@google.com> | 2020-08-03 12:27:03 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-08-03 12:27:03 -0700 |
commit | 07267fc4c0e91479dea8f6c3035e61e3a4d4cfa5 (patch) | |
tree | 02706b4f80c9dd73b26fe338a01d981519df247d /test/syscalls/linux | |
parent | 1a93a78d10a7e925fdb0a10ffd27d9b09cefd468 (diff) | |
parent | e76c3c1064e2cb6ef79ea010705230a646369c49 (diff) |
Merge pull request #3469 from craig08:fuse-fix-test-mount-failed
PiperOrigin-RevId: 324657612
Diffstat (limited to 'test/syscalls/linux')
-rw-r--r-- | test/syscalls/linux/mount.cc | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/test/syscalls/linux/mount.cc b/test/syscalls/linux/mount.cc index 97e8d0f7e..46b6f38db 100644 --- a/test/syscalls/linux/mount.cc +++ b/test/syscalls/linux/mount.cc @@ -326,6 +326,14 @@ TEST(MountTest, MountFuseFilesystemNoDevice) { SKIP_IF(IsRunningOnGvisor() && !IsFUSEEnabled()); auto const dir = ASSERT_NO_ERRNO_AND_VALUE(TempPath::CreateDir()); + + // Before kernel version 4.16-rc6, FUSE mount is protected by + // capable(CAP_SYS_ADMIN). After this version, it uses + // ns_capable(CAP_SYS_ADMIN) to protect. Before the 4.16 kernel, it was not + // allowed to mount fuse file systems without the global CAP_SYS_ADMIN. + int res = mount("", dir.path().c_str(), "fuse", 0, ""); + SKIP_IF(!IsRunningOnGvisor() && res == -1 && errno == EPERM); + EXPECT_THAT(mount("", dir.path().c_str(), "fuse", 0, ""), SyscallFailsWithErrno(EINVAL)); } @@ -339,6 +347,12 @@ TEST(MountTest, MountFuseFilesystem) { std::string mopts = "fd=" + std::to_string(fd.get()); auto const dir = ASSERT_NO_ERRNO_AND_VALUE(TempPath::CreateDir()); + + // See comments in MountFuseFilesystemNoDevice for the reason why we skip + // EPERM when running on Linux. + int res = mount("", dir.path().c_str(), "fuse", 0, ""); + SKIP_IF(!IsRunningOnGvisor() && res == -1 && errno == EPERM); + auto const mount = ASSERT_NO_ERRNO_AND_VALUE(Mount("", dir.path(), "fuse", 0, mopts, 0)); } |