ltp: Remove unnecessary check from creat08 and open10

Issue: LIN1018-1797

At the point of the following failure, the file being checked, setgid,
is owned by "nobody" in the "nogroup" and tries to inherit SGID from
its parent directory who is in group of "bin". This is forbidden since
Linux kernel v4.18-rc4, unless current process is given CAP_FSETID
beforehand. See "Fix up non-directory creation in SGID directories" in
the kernel. The check in Block3 succeeds since it becomes root again
then.

creat08 3 TFAIL : creat08.c:368: testdir.B.1026/setgid: Incorrect modes, setgid bit should be set
creat08 4 TFAIL : creat08.c:376: Test failed in block2.

open10 3 TFAIL : open10.c:352: open10.testdir.B.1045/setgid: Incorrect modes, setgid bit not set
open10 4 TFAIL : open10.c:359: Test failed in block2.
open10 6 TFAIL : open10.c:443: Test failed because of above failures.

Backport a patch from upstream.

(From OE-Core rev: 5f3ab95b0ed964e08c65ae3159606f27485dbec7)

Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2 files changed, 82 insertions, 0 deletions

diff --git a/meta/recipes-extended/ltp/ltp/0043-open-creat-skip-S_ISGID-check-on-files-created-by-no.patch b/meta/recipes-extended/ltp/ltp/0043-open-creat-skip-S_ISGID-check-on-files-created-by-no.patch
new file mode 100644
index 0000000000..dc61fcc039
--- /dev/null
+++ b/meta/recipes-extended/ltp/ltp/0043-open-creat-skip-S_ISGID-check-on-files-created-by-no.patch
@@ -0,0 +1,81 @@
+From 3c87ef2961dedb10d1f674c6a530e00dbab8ec1b Mon Sep 17 00:00:00 2001
+From: Jan Stancek <jstancek@redhat.com>
+Date: Tue, 17 Jul 2018 10:26:39 +0200
+Subject: [PATCH] open|creat: skip S_ISGID check on files created by non-group
+ members
+
+0fa3ecd87848 ("Fix up non-directory creation in SGID directories")
+fixes problem described in CVE-2018-13405. This commit is getting
+backported to older streams as well.
+
+This patch removes S_ISGID check for files created by non-group members
+in LTP tests creat08 and open10.
+
+Once 0fa3ecd87848 will be in non-rc kernel, we could add a new test
+for this CVE that would be limited to 4.18+ kernels.
+
+Signed-off-by: Jan Stancek <jstancek@redhat.com>
+Acked-by: Cyril Hrubis <chrubis@suse.cz>
+Reviewed-by: Naresh Kamboju <naresh.kamboju@linaro.org>
+
+Upstream-Status: Backport
+[ git://github.com/linux-test-project/ltp.git
+  3c87ef2961dedb10d1f674c6a530e00dbab8ec1b
+  "open|creat: skip S_ISGID check on files created by non-group members" ]
+
+Signed-off-by: He Zhe <zhe.he@windriver.com>
+---
+ testcases/kernel/syscalls/creat/creat08.c | 13 ++++++-------
+ testcases/kernel/syscalls/open/open10.c   | 12 +++++-------
+ 2 files changed, 11 insertions(+), 14 deletions(-)
+
+diff --git a/testcases/kernel/syscalls/creat/creat08.c b/testcases/kernel/syscalls/creat/creat08.c
+index 50f2b3993..d22558ac3 100644
+--- a/testcases/kernel/syscalls/creat/creat08.c
++++ b/testcases/kernel/syscalls/creat/creat08.c
+@@ -361,13 +361,12 @@ int main(int ac, char **av)
+                        local_flag = FAILED;
+                }
+ 
+-               /* Verify modes */
+-               if (!(buf.st_mode & S_ISGID)) {
+-                       tst_resm(TFAIL,
+-                                "%s: Incorrect modes, setgid bit should be set",
+-                                setgid_B);
+-                       local_flag = FAILED;
+-               }
++               /*
++                * Skip S_ISGID check
++                * 0fa3ecd87848 ("Fix up non-directory creation in SGID directories")
++                * clears S_ISGID for files created by non-group members
++                */
++
+                close(fd);
+ 
+                if (local_flag == PASSED) {
+diff --git a/testcases/kernel/syscalls/open/open10.c b/testcases/kernel/syscalls/open/open10.c
+index 613f2288f..14feec9e1 100644
+--- a/testcases/kernel/syscalls/open/open10.c
++++ b/testcases/kernel/syscalls/open/open10.c
+@@ -345,13 +345,11 @@ int main(int ac, char *av[])
+                        local_flag = FAILED;
+                }
+ 
+-               /* Verify modes */
+-               if (!(buf.st_mode & S_ISGID)) {
+-                       tst_resm(TFAIL,
+-                                "%s: Incorrect modes, setgid bit not set",
+-                                setgid_B);
+-                       local_flag = FAILED;
+-               }
++               /*
++                * Skip S_ISGID check
++                * 0fa3ecd87848 ("Fix up non-directory creation in SGID directories")
++                * clears S_ISGID for files created by non-group members
++                */
+ 
+                if (local_flag == PASSED) {
+                        tst_resm(TPASS, "Test passed in block2.");
+-- 
+2.11.0
+
diff --git a/meta/recipes-extended/ltp/ltp_20180515.bb b/meta/recipes-extended/ltp/ltp_20180515.bb
index 978d3cd512..7c364a60a1 100644
--- a/meta/recipes-extended/ltp/ltp_20180515.bb
+++ b/meta/recipes-extended/ltp/ltp_20180515.bb
@@ -50,6 +50,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
            file://0040-read_all-Define-FNM_EXTMATCH-if-not-already-like-und.patch \
            file://0041-cve-2017-5669-shmat-for-0-or-PAGESIZE-with-RND-flag-.patch \
            file://0042-fs-ftest-ftest06.c-Fix-too-small-name-string-and-rel.patch \
+           file://0043-open-creat-skip-S_ISGID-check-on-files-created-by-no.patch \
            "
 
 S = "${WORKDIR}/git"