From patchwork Sat Jan 19 00:12:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10771847 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 65B4413BF for ; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 54FDB30764 for ; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 495AE3078E; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EE6B130764 for ; Sat, 19 Jan 2019 00:12:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730198AbfASAMu (ORCPT ); Fri, 18 Jan 2019 19:12:50 -0500 Received: from mail-qk1-f195.google.com ([209.85.222.195]:39824 "EHLO mail-qk1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730132AbfASAMt (ORCPT ); Fri, 18 Jan 2019 19:12:49 -0500 Received: by mail-qk1-f195.google.com with SMTP id c21so9061622qkl.6 for ; Fri, 18 Jan 2019 16:12:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=yYt/K9NYhTv2NeJAx/KG9lq59/XGrM4evbM+iin9jyc=; b=SWu7fbN20E/BcGEqPu8Q2vi3pnrfAXEX514qycWU22bHVsOQXeHs7NEei7f0I6ukNb mAUh63b9FudOND7r5AZJdcAjPajxLfKBs/1SPJzi0dYN9cxX5JihX6O1CWF60wQmpUcW bxOxWn1P4OA/ooAanw3WV/Nya2UjAPkn9uYa1PGMf8viHLrWyhbLnMaFtJpbI+u00bqZ WPukauGk0CINuSwma7vUrII6uJ1YakEDUakQamnfKN6xIZ7TPvgpE8tDGbXPPWKBbdc/ P/BZnx1MwYLgEkhqNB+HEkivJ4svnU4q5Gn+qk23niZrZe1wPSZh0cMgsxb4QvUbZc6E 6srw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=yYt/K9NYhTv2NeJAx/KG9lq59/XGrM4evbM+iin9jyc=; b=f+RkSw38TBLDLXzdv24bdAndoU6HX5OMy5SRwl23OcUQLb62zWwrB+tP00aOhcW7YP /pumZX0wlwv9fIQPOzzURPcjfiLGXPoOd4Arz1Rm/wta1PNfLKnuJyE/zA4EMXrV2Ehe 84t7UfXxXArO5+D1tF5IshkwuypdUBlStow12Cu65ISewIbTgBqqQA/A+DTurRWO4ZM0 I/X0qaFRKRZ6YKcvt4+4Zq1/Bt0758+3uhCJJpsgaxNWzGg7WqNRNiALaVQKrC5jQB9a 9cynVJql2uufrfCzIxDHUHhMXb0S0hP+O0Avfjr9Br9dWdmaka8XDY5lt3d54FXLAgsl 6enw== X-Gm-Message-State: AJcUukdgXLs13kwRuPTFii/8LfJlDsxNlJHIyiBXKjm7Bd/fB1dgkq5J zdkeSw5vB2u5kPFVr6NApAxTCg== X-Google-Smtp-Source: ALg8bN69hr9P8qlQphs5KANrd0pNvQIb1AIfQhhqsFRB3NIZ1kIWmIVgbWRD4jXUJJ7QEswBk4VB+g== X-Received: by 2002:a37:8006:: with SMTP id b6mr16115382qkd.19.1547856767670; Fri, 18 Jan 2019 16:12:47 -0800 (PST) Received: from localhost.localdomain ([64.125.109.186]) by smtp.gmail.com with ESMTPSA id m14sm41140501qka.21.2019.01.18.16.12.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 16:12:47 -0800 (PST) From: Tycho Andersen To: Shuah Khan , Kees Cook Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Tycho Andersen Subject: [PATCH 1/6] selftests: don't kill child immediately in get_metadata() test Date: Fri, 18 Jan 2019 17:12:12 -0700 Message-Id: <20190119001217.12660-2-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190119001217.12660-1-tycho@tycho.ws> References: <20190119001217.12660-1-tycho@tycho.ws> MIME-Version: 1.0 Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This this test forks a child, and then the parent waits for a write() to a pipe signalling the child is ready to be attached to. If something in the child ASSERTs before it does this write, the test will hang waiting for it. Instead, let's EXPECT, so that execution continues until we do the write. Any failure after that is fine and can ASSERT. Signed-off-by: Tycho Andersen --- tools/testing/selftests/seccomp/seccomp_bpf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 496a9a8c773a..9aba1b904089 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -2943,11 +2943,11 @@ TEST(get_metadata) }; /* one with log, one without */ - ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, + EXPECT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_LOG, &prog)); - ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog)); + EXPECT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog)); - ASSERT_EQ(0, close(pipefd[0])); + EXPECT_EQ(0, close(pipefd[0])); ASSERT_EQ(1, write(pipefd[1], "1", 1)); ASSERT_EQ(0, close(pipefd[1])); From patchwork Sat Jan 19 00:12:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10771849 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D5F2C186E for ; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C606030764 for ; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BA9FC3078E; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6E70230764 for ; Sat, 19 Jan 2019 00:12:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730132AbfASAMv (ORCPT ); Fri, 18 Jan 2019 19:12:51 -0500 Received: from mail-qk1-f193.google.com ([209.85.222.193]:36368 "EHLO mail-qk1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730197AbfASAMu (ORCPT ); Fri, 18 Jan 2019 19:12:50 -0500 Received: by mail-qk1-f193.google.com with SMTP id o125so9073549qkf.3 for ; Fri, 18 Jan 2019 16:12:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=PHPeHYkiG+kt+yg/KDYa6TT6vm5cw8+nKFhtmOsn/MY=; b=dVPvPY0p88nbi7xYfnGZDQypj2AzdwLA+pslY51UkTa1rKYcsFDjuCKChqaFdnQEFH mQrej5Iwpmt34lz28apM1I+3+ts+sHmcW9Dyys7CLyoHlERzNOW95Cr8XFWVVPQamJbn iuN7K0xmb4VnqMVFwtmr0I3UOoHmHQYu3cWmAnClCWOkP8c+Wl3Wl6DAa2uVxfO0iuhd o0kfABuqmOw1apBAzxO+PTcJ3RD1Z5/K69Zcj7gfO8OsVKJ2hxhjOG4ocnOCBgbCnPJy 8cP5ghXTcEAr2e5+Vx5rFhzVMVO6ctkkzM7x2djFSSq1C+5xIJBbK0ZUMKMVxhRkeiPk 3y3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=PHPeHYkiG+kt+yg/KDYa6TT6vm5cw8+nKFhtmOsn/MY=; b=p/ZKycg8UNh38OhFkxaEzleX+saCYNvshDKpknvDwUxpEROsBTpMhyZ9feKjOC7FSP mvKtlH7axBqRtlD9+uP/By5dGp8YHQsyNjnNRz8VhH0W50QcczI4i2KruU8acWyHsLXO g6hOdjmGF7cC/De496JQJpx+BdXvum1M4HIXAh8hOrpjUlX8vaccsFkzi1yVPk+Iu4eD 7X6M8QOiXkWERP5H7V+aM/JSd33pXtqxst89Gm35fk7Sh1swWCbpAUiV1ZKdTW5oC41k tVJu2nVgnr/YVad293vUcCeQrZRBdMtqLVB4XTZ3ZNcvvLc0xeobrtSROqvwEUj6Ox15 HFMg== X-Gm-Message-State: AJcUuke+BeYepz4nYLsYBmca6RBcpE+blVXgK1Jl0uQ3Rlupn/kiyFGc MNKlCLXt3rfgz9D6fvqQMqaadw== X-Google-Smtp-Source: ALg8bN7GjBMjkRDGx0h5oKPePAucbY53bsa6D7FKrFdkkpk9z7VisjAj6GXq0T4pq9X6J3Do8nl/SA== X-Received: by 2002:a37:b46:: with SMTP id 67mr17474806qkl.256.1547856769251; Fri, 18 Jan 2019 16:12:49 -0800 (PST) Received: from localhost.localdomain ([64.125.109.186]) by smtp.gmail.com with ESMTPSA id m14sm41140501qka.21.2019.01.18.16.12.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 16:12:48 -0800 (PST) From: Tycho Andersen To: Shuah Khan , Kees Cook Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Tycho Andersen Subject: [PATCH 2/6] selftests: fix typo in seccomp_bpf.c Date: Fri, 18 Jan 2019 17:12:13 -0700 Message-Id: <20190119001217.12660-3-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190119001217.12660-1-tycho@tycho.ws> References: <20190119001217.12660-1-tycho@tycho.ws> MIME-Version: 1.0 Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP There used to be an explanation here because it could trigger lockdep previously, but now we're not doing recursive locking, so it really is just for grins. Signed-off-by: Tycho Andersen --- tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 9aba1b904089..912a2a5430dc 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3035,7 +3035,7 @@ TEST(user_notification_basic) EXPECT_EQ(true, WIFEXITED(status)); EXPECT_EQ(0, WEXITSTATUS(status)); - /* Add some no-op filters so for grins. */ + /* Add some no-op filters for grins. */ EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0); EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0); EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0); From patchwork Sat Jan 19 00:12:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10771857 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D8C55139A for ; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C8F4630764 for ; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BD0DB307A4; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6F9CD30764 for ; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730223AbfASAMw (ORCPT ); Fri, 18 Jan 2019 19:12:52 -0500 Received: from mail-qt1-f196.google.com ([209.85.160.196]:33831 "EHLO mail-qt1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730209AbfASAMw (ORCPT ); Fri, 18 Jan 2019 19:12:52 -0500 Received: by mail-qt1-f196.google.com with SMTP id r14so17286323qtp.1 for ; Fri, 18 Jan 2019 16:12:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=SAuIFgVpW37RZZ1WH4D7tVeEC8yoaQHwn0FsTHDsXEs=; b=ECJqMrzUAW/ndBvP11sS46URJwX1QvujnyWdZI69fhkT6satXKdTPZ4WUiCeRDSkkG wkRLC2z8w4W2DEurvNQXcph+xmMhuxp40ygyE80IRKfQ3SXI3guWbIts2YhDajq7g656 4ukDrkfUHtYTu1q7bm4qVDMiNdhTVryCF4Ip96gothQLowxoPUfa/m/mI0TTISDRPx1Z WsXSsPyELkj8WCp1tm5ugwQ5ZADXq35l4ZqoBTwg1SpJ6e3GxRo24EAU7MUKr5rLx322 t6Rket1CWFZdiS7QybX6K/DeOm8Dj7mE8fZU+wuL0FwgQVasbPNuULKgWhZhQ8VSKdx0 zX7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=SAuIFgVpW37RZZ1WH4D7tVeEC8yoaQHwn0FsTHDsXEs=; b=VL/VNmzHDIiVzCkpn4Wh2TRVbNcEPCFDq3yYSBHpO1uwSwPPrxIiEqlRNrAjtxOSA5 Mmr0EyzoMbxBYmZUq/piDytN3CP+mddir5X4APuvhderPaFy29ks1rn9bH0iFBVjik/r nt0FIF89QcLpWnNtu/bqxfNIJfD+IHuyICQ95tPWktlxTXHyQ66NNpTRVf3DTfqTnbHA 7gYnn4P5MRLcU8QRiYBHp28pQJu/I/PI+X0g0F4nk2Iq/KU5MVRIdXbiD8nA9dtyoj+u OnPLaNaG78gkmBJgOdssacWRxwTO1caLblYvma6psMCoD90zBNhs2Sgy34uT3QB4ji/u SjWw== X-Gm-Message-State: AJcUukdoJNDYkSBTIC/n4TsMVK3Ybf8onUS4FpfVLKj7UkcPp9KHKFB3 i0lE/COk1cdnjdB5vI2eZQVgSw== X-Google-Smtp-Source: ALg8bN6QwjUGkSVfULEAAzxvC1V1wF6ljlvFkdOn+LEsqG6UkWw+NgCm+fjYZYL606ccTNHjQEVbFA== X-Received: by 2002:ac8:6606:: with SMTP id c6mr18011899qtp.376.1547856770822; Fri, 18 Jan 2019 16:12:50 -0800 (PST) Received: from localhost.localdomain ([64.125.109.186]) by smtp.gmail.com with ESMTPSA id m14sm41140501qka.21.2019.01.18.16.12.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 16:12:50 -0800 (PST) From: Tycho Andersen To: Shuah Khan , Kees Cook Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Tycho Andersen Subject: [PATCH 3/6] selftest: include stdio.h in kselftest.h Date: Fri, 18 Jan 2019 17:12:14 -0700 Message-Id: <20190119001217.12660-4-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190119001217.12660-1-tycho@tycho.ws> References: <20190119001217.12660-1-tycho@tycho.ws> MIME-Version: 1.0 Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP While playing around with a way to skip the seccomp get_metadata test, I noticed that this header uses printf() without defining it, leading to, ../kselftest.h: In function ‘ksft_print_header’: ../kselftest.h:61:3: warning: implicit declaration of function ‘printf’ [-Wimplicit-function-declaration] printf("TAP version 13\n"); ^~~~~~ ../kselftest.h:61:3: warning: incompatible implicit declaration of built-in function ‘printf’ ../kselftest.h:61:3: note: include ‘’ or provide a declaration of ‘printf’ if user code doesn't also use printf. Signed-off-by: Tycho Andersen --- tools/testing/selftests/kselftest.h | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/kselftest.h b/tools/testing/selftests/kselftest.h index a3edb2c8e43d..47e1d995c182 100644 --- a/tools/testing/selftests/kselftest.h +++ b/tools/testing/selftests/kselftest.h @@ -13,6 +13,7 @@ #include #include #include +#include /* define kselftest exit codes */ #define KSFT_PASS 0 From patchwork Sat Jan 19 00:12:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10771855 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 48E1D13BF for ; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 38A5E30784 for ; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2CC5D30764; Sat, 19 Jan 2019 00:13:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CF4EA30764 for ; Sat, 19 Jan 2019 00:13:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730241AbfASANR (ORCPT ); Fri, 18 Jan 2019 19:13:17 -0500 Received: from mail-qt1-f194.google.com ([209.85.160.194]:36920 "EHLO mail-qt1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730225AbfASAMx (ORCPT ); Fri, 18 Jan 2019 19:12:53 -0500 Received: by mail-qt1-f194.google.com with SMTP id t33so17195236qtt.4 for ; Fri, 18 Jan 2019 16:12:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=8jItW+uLvTQKdFnkClt3MYaSALrSUtjdvWxFm2Tp+V0=; b=bQ8O+JdJk1X0CF7iLtOfUpCBekB4305Uki+lD67KBlRIRFieL653YusBS493IosQoR 1ZFVyoA3CdY2ojprp1a6L5V52u+ML03r8jZEj0yvDJlPDUNrDF/4tvjUKingM1+TDqwt Is9jL9VkOuPJ1T1e72Mt8Tjk2ABw45hef4SG7wiAjgdQliq2gTnQk4fM5jYURO4KD1Oh s/eHsuPbseJHcy8lgkJ/ifyF3RHwlB2TEkp2L7STJY7rOide7a0ljIAwE490vIBmIo8R WEHRCRnvcp/+ikCl7O1cWgeBW04DVvV10TuRie07IdFp2cQipwUKls9YfErkxevfLsJZ tLrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=8jItW+uLvTQKdFnkClt3MYaSALrSUtjdvWxFm2Tp+V0=; b=Bz3Lx3m3ayZsquAWYve57h8Eat29Wh0NNGtZSJ/PqiFH3HJnix0msQ538/bXhw8Sr8 tvFjuGyu5YOSO3NDwRc4q7bAJNhE9bi+3s/8CpOwmvEkyL8/zzaW7nUBOzeOD9h3mG9Y cS6gtI3x+gPTaVjrEtLXr/p2SwGP7By8CS7U2QkDDb9doxvNda1LiDO8QcGYCBf2X5bR W2629R4Q2F3WHi5lGvTifJ6GG3WVfbKxFCCB+CQQGLKDrCVOf8KQzjFub72qfYMOkilD gF+6+wEAXJPmV7Aly6ekzU0PV3CBXvlYH0f8klXRZ9WUqLaPi3s/mI+HUEFvW6j1hvxc jSUw== X-Gm-Message-State: AJcUukcfL3rFG/QNMDImTPL1Bsm89o/mDDq6q76OOX8T1PyZ5w3QsFAY TfSCk6Hz6W/5lsOA2FiIAz96Hw== X-Google-Smtp-Source: ALg8bN5xF7YwqxNt5eBLPsVuK+1XD27YPDIMSsNo+pgqTX3SkYj1w2XBiSgsVlUACKH1tm7G7JvPlg== X-Received: by 2002:ac8:17f0:: with SMTP id r45mr17946900qtk.206.1547856772225; Fri, 18 Jan 2019 16:12:52 -0800 (PST) Received: from localhost.localdomain ([64.125.109.186]) by smtp.gmail.com with ESMTPSA id m14sm41140501qka.21.2019.01.18.16.12.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 16:12:51 -0800 (PST) From: Tycho Andersen To: Shuah Khan , Kees Cook Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Tycho Andersen Subject: [PATCH 4/6] selftests: skip seccomp get_metadata test if not real root Date: Fri, 18 Jan 2019 17:12:15 -0700 Message-Id: <20190119001217.12660-5-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190119001217.12660-1-tycho@tycho.ws> References: <20190119001217.12660-1-tycho@tycho.ws> MIME-Version: 1.0 Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The get_metadata() test requires real root, so let's skip it if we're not real root. Note that I used XFAIL here because that's what the test does later if CONFIG_CHEKCKPOINT_RESTORE happens to not be enabled. After looking at the code, there doesn't seem to be a nice way to skip tests defined as TEST(), since there's no return code (I tried exit(KSFT_SKIP), but that didn't work either...). So let's do it this way to be consistent, and easier to fix when someone comes along and fixes it. Signed-off-by: Tycho Andersen --- tools/testing/selftests/seccomp/seccomp_bpf.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 912a2a5430dc..ab6b6620f522 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -2929,6 +2929,12 @@ TEST(get_metadata) struct seccomp_metadata md; long ret; + /* Only real root can get metadata. */ + if (geteuid()) { + XFAIL(return, "get_metadata requires real root"); + return; + } + ASSERT_EQ(0, pipe(pipefd)); pid = fork(); From patchwork Sat Jan 19 00:12:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10771853 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5372013BF for ; Sat, 19 Jan 2019 00:13:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 436DF30764 for ; Sat, 19 Jan 2019 00:13:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 358CC307A4; Sat, 19 Jan 2019 00:13:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CD66930764 for ; Sat, 19 Jan 2019 00:13:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730248AbfASANQ (ORCPT ); Fri, 18 Jan 2019 19:13:16 -0500 Received: from mail-qt1-f194.google.com ([209.85.160.194]:36129 "EHLO mail-qt1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730241AbfASAMy (ORCPT ); Fri, 18 Jan 2019 19:12:54 -0500 Received: by mail-qt1-f194.google.com with SMTP id t13so17225502qtn.3 for ; Fri, 18 Jan 2019 16:12:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4xYyUhHddUIYM/qVhIDdz28Cxrw9f+oJSbudf679vJA=; b=Tj4U5JIdYV5Zdhy33wHxsxGsLIp7ac1oDRlYsBWgr4RBgbAEwto+lVomOViEK+6+/d VwOzM7/ufX17prkUwcsJyXPf/SXLRIhufHIGk4MP+uqFW3AJjz1cAmsemVtOtW1RWouE Wy87UK0jk0dxmaYgbkKg66UCnkO4YF7gb5cHVYMCJpkh4p771WEqYkGJNp26Y8CJPABo F1SXiqwHZOeoAbQmubP+9TPCFnwYWbPpcJ7wBJCvNf1OwekYx1MBOEGHDe4Qzm61kYqH HIJWShQUaX5fbCE6ISy8WOvpE8ZrnWMcOWPjFoLiBTXHONdZWwbyHkXmDxPjEv1yZhvE 39tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4xYyUhHddUIYM/qVhIDdz28Cxrw9f+oJSbudf679vJA=; b=Ws4DQVcJNuskSwmzFcZDyCbSqB2x/F6fQQn8idNF+ZT9IwDS5wWUNeMIa0qaHGkAEF FGyVSBMy2ScEoi/E9dTavMKcYaj9m1CdgJ4HlSKLEFuVnjSLHekgbJy7hjduANBmvV2b 30Ioh2j+4agXqnQuTYAcOS6QvTUyF6Ey9qn7Zu+4QX7QjIpHpFpEhn70WmKFBQUd7QBt X7m2rJSgJh2GeOkTl8EnqgIOJfdMFn7qmNeaDAeBjg167kxWRIP8fTfoXditQRwYuPsp VbD3Pu3sxG5Z8CX0rPQKjRwxiOG0UIJTDkCK81RcU3xeSZ10jtXCVrXcMRf+U61fJ2wY 6Enw== X-Gm-Message-State: AJcUukfPQdX3EbDmPFNQC6AhYokLg4f/XJP7XIwqRZHS7exJUdCcjPDi 6q+GKW0XliKrzYERsI5L/T4MIg== X-Google-Smtp-Source: ALg8bN79Iu3vj7HxoY6RJSVdIIaOABF51ItMX6RQiNJ+s5Ho4VEm7NAcTzM3xLtYdtQ/vT3p7fwxZA== X-Received: by 2002:aed:2044:: with SMTP id 62mr18135646qta.11.1547856773475; Fri, 18 Jan 2019 16:12:53 -0800 (PST) Received: from localhost.localdomain ([64.125.109.186]) by smtp.gmail.com with ESMTPSA id m14sm41140501qka.21.2019.01.18.16.12.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 16:12:52 -0800 (PST) From: Tycho Andersen To: Shuah Khan , Kees Cook Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Tycho Andersen Subject: [PATCH 5/6] selftests: set NO_NEW_PRIVS bit in seccomp user tests Date: Fri, 18 Jan 2019 17:12:16 -0700 Message-Id: <20190119001217.12660-6-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190119001217.12660-1-tycho@tycho.ws> References: <20190119001217.12660-1-tycho@tycho.ws> MIME-Version: 1.0 Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP seccomp() doesn't allow users who aren't root in their userns to attach filters unless they have the nnp bit set, so let's set it so that these tests can pass when run as an unprivileged user. This idea stolen from the other seccomp tests, which use this trick :) Signed-off-by: Tycho Andersen --- tools/testing/selftests/seccomp/seccomp_bpf.c | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index ab6b6620f522..a4a7dce1a91b 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3026,6 +3026,11 @@ TEST(user_notification_basic) .filter = filter, }; + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + pid = fork(); ASSERT_GE(pid, 0); @@ -3107,6 +3112,11 @@ TEST(user_notification_kill_in_middle) struct seccomp_notif req = {}; struct seccomp_notif_resp resp = {}; + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + listener = user_trap_syscall(__NR_getpid, SECCOMP_FILTER_FLAG_NEW_LISTENER); ASSERT_GE(listener, 0); @@ -3154,6 +3164,11 @@ TEST(user_notification_signal) struct seccomp_notif_resp resp = {}; char c; + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + ASSERT_EQ(socketpair(PF_LOCAL, SOCK_SEQPACKET, 0, sk_pair), 0); listener = user_trap_syscall(__NR_gettid, @@ -3219,6 +3234,11 @@ TEST(user_notification_closed_listener) long ret; int status, listener; + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + listener = user_trap_syscall(__NR_getpid, SECCOMP_FILTER_FLAG_NEW_LISTENER); ASSERT_GE(listener, 0); @@ -3350,6 +3370,10 @@ TEST(user_notification_fault_recv) struct seccomp_notif req = {}; struct seccomp_notif_resp resp = {}; + ASSERT_EQ(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), 0) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + listener = user_trap_syscall(__NR_getpid, SECCOMP_FILTER_FLAG_NEW_LISTENER); ASSERT_GE(listener, 0); From patchwork Sat Jan 19 00:12:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10771851 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 10269139A for ; Sat, 19 Jan 2019 00:13:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F14D130764 for ; Sat, 19 Jan 2019 00:13:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E261A307A4; Sat, 19 Jan 2019 00:13:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7A1A930764 for ; Sat, 19 Jan 2019 00:13:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730142AbfASANI (ORCPT ); Fri, 18 Jan 2019 19:13:08 -0500 Received: from mail-qk1-f195.google.com ([209.85.222.195]:44388 "EHLO mail-qk1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730249AbfASAMz (ORCPT ); Fri, 18 Jan 2019 19:12:55 -0500 Received: by mail-qk1-f195.google.com with SMTP id o8so9032249qkk.11 for ; Fri, 18 Jan 2019 16:12:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9RQC9GQYGMjS04/OX/HL+1Aa64AraxU97YP1oqqM470=; b=SxMKlJgEiEDCapbrsD7h9fDUHr4ZdgsvQWwYnG+8/dMDxLVeXt/X4Q15j8z+j5ZBej HUMUmy+NnO2Wrs+YHlso4gznpG3au2PA7hUNdSzR5RZhCLBb8RH79xedrLYYXr+Cp4WU 4fz7A/x9XTP4HKWJLgjtfGMjxYuSIs/Hz9uPQwJmzXi5by5L5blp6twGBvBLecxQnBJn otOqvsd04zWcxfotypx/KKsItiUpWwpFgDXUvt/YE8tylaApmFVIXoW2aZu1JRCkyhG/ vSQYe8gp86Kgh0Wu/7Llxk8X7YAfc1X96soH7Cmpduv783sH2yKBzqjot5Hck1wMwqFW e6dw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9RQC9GQYGMjS04/OX/HL+1Aa64AraxU97YP1oqqM470=; b=EKNB1/OL9e96XxGY/luPcrkUUHhEprfSg+X+iNX+q9t5WgSa2jhCTf4NQSSFsdc6Me AynGGc3xVS70aEYcpF7zVyfN/dVbwoO/2abdVq9wXr0ByBrRUEj9afQBiwD04yGVPSCK q0fiaIXY8fZti/m23DQaDKmFZjpUIO5rUsrt8BFyfI63BMC8sL9SokSDv1Hgml318mpR 6vB1KLZrXcB+SYF9FdumjFuJ1x1E+v6SQBTsWBK8afwUW45PbzfbMvkAvQ4Iv2i5soQQ 8dncekQAX1bUcNRAewKnliuWPaJQ2FivsL35T0rluti9oVcMzmy7zomYeKCkkwHxdLE/ KUVw== X-Gm-Message-State: AJcUukeXqYTWnWA156IlE6KNYa9AakwwWy5cNILItepHOj3R8Toa9Ah7 Oo0n4uyndQJEpYF4M3IFg+Xraw== X-Google-Smtp-Source: ALg8bN6jksQLcJVrddEiaIYydzlZ/pxAS0QyRVnrLKRgJB+XFO3L/3l2G2w+2Iy1HQ2OA523S/VvPw== X-Received: by 2002:a37:b381:: with SMTP id c123mr16849070qkf.346.1547856774668; Fri, 18 Jan 2019 16:12:54 -0800 (PST) Received: from localhost.localdomain ([64.125.109.186]) by smtp.gmail.com with ESMTPSA id m14sm41140501qka.21.2019.01.18.16.12.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 16:12:54 -0800 (PST) From: Tycho Andersen To: Shuah Khan , Kees Cook Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Tycho Andersen Subject: [PATCH 6/6] selftests: unshare userns in seccomp pidns testcases Date: Fri, 18 Jan 2019 17:12:17 -0700 Message-Id: <20190119001217.12660-7-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190119001217.12660-1-tycho@tycho.ws> References: <20190119001217.12660-1-tycho@tycho.ws> MIME-Version: 1.0 Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The pid ns cannot be unshare()d as an unprivileged user without owning the userns as well. Let's unshare the userns so that we can subsequently unshare the pidns. This also means that we don't need to set the no new privs bit as in the other test cases, since we're unsharing the userns. Signed-off-by: Tycho Andersen --- tools/testing/selftests/seccomp/seccomp_bpf.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index a4a7dce1a91b..8f6e95773225 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3271,7 +3271,7 @@ TEST(user_notification_child_pid_ns) struct seccomp_notif req = {}; struct seccomp_notif_resp resp = {}; - ASSERT_EQ(unshare(CLONE_NEWPID), 0); + ASSERT_EQ(unshare(CLONE_NEWUSER | CLONE_NEWPID), 0); listener = user_trap_syscall(__NR_getpid, SECCOMP_FILTER_FLAG_NEW_LISTENER); ASSERT_GE(listener, 0); @@ -3308,6 +3308,8 @@ TEST(user_notification_sibling_pid_ns) struct seccomp_notif req = {}; struct seccomp_notif_resp resp = {}; + ASSERT_EQ(unshare(CLONE_NEWUSER), 0); + listener = user_trap_syscall(__NR_getpid, SECCOMP_FILTER_FLAG_NEW_LISTENER); ASSERT_GE(listener, 0);