From patchwork Wed Jan 24 14:13:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Terry Tritton X-Patchwork-Id: 13529268 Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D133C77F2E for ; Wed, 24 Jan 2024 14:15:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706105717; cv=none; b=nldJSUyyMsNcS8P3YYSsMdROnRFBRXYeVjHLeDjknUyEgzQQdLXpJah+MPpduIX0JoePL86JG8a4g49VEIyBLl/xudxdZDj4X550ROhfEvqp3z2nq2EVQ7BX7pzUqFJFY+SLQhM2a5EBgJU6kAFmx5rvakasLxdI7QRRwo4fJ0Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706105717; c=relaxed/simple; bh=cE2W5KfsS/6abmLqZjvi1Wi0V0vV3k55AMuKwFWLxQQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Hsh9NIcJ+9lrFDqFkygUONnmiuXU/iyLiMsDElYPgo/tZzqyRiUMavSl17mKM1mZ6UHn4VIQ+bHCTYkIfPERKTQ0qMu0dnzm/3M8xFAv1av/WuGS38+dSXadK8kxbL1Fhr39N5foapmZIynRaQxfnDha3s1sl3SjgNbVoLSWJJI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=uoHhygbg; arc=none smtp.client-ip=209.85.167.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="uoHhygbg" Received: by mail-lf1-f41.google.com with SMTP id 2adb3069b0e04-50e7ddd999bso6316158e87.1 for ; Wed, 24 Jan 2024 06:15:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1706105714; x=1706710514; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kXWpKvuuFDRe0zzHcqHQWgdjThR4TPIPgqd6iq0g85c=; b=uoHhygbgkRGKW0AOymPGmBPfX+S8edJ2CS3+AQkFdE4A4dzLgoDwtON3QVLisH6zIc oQALN+yZSjNjlYOfSpYmNwsDbEpj4YkD2RnveO3UZEqS/lQUlso29Rgmd7ez0L4SZh3Z M1OUB4POLJ2Z/FKVgM84h4oQwqDjylVlJvNTCGAcAHrPMlGO4bN8HDj7zvrE127IIL6L IWtIQWvZbTlRaJcWzX9AZlDyAPdCdRXJKrC8lhuvR2DwfAQhT6MqZqWnO9ZhpGrPTBZh /DrhFyyDRyLBu+V/Sl5+/heE3LHNNjswkaT6B/NGM7N4pUH2GNqdZZ7p2OMDBAgz9Z5o fEsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706105714; x=1706710514; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kXWpKvuuFDRe0zzHcqHQWgdjThR4TPIPgqd6iq0g85c=; b=aKZx87Q8WRKICe2nkB2iddk4lIFY1aiU+o5S17Sz50x4XFQAvnAiNL0T3VgJKuW1ZH nSU7/4Bj+YTkMBHqma+ldXIZvyOfvT5aLhggI88XIT3Ao11b038q1/zSLSQxX4pkM8be qtACUaDP7mkhKtq+rilQWeaPCxYA3seWP+XTv8lO1ACsvxYA35sCdH56HKojeGwJfmYe NOZtYnID/5dCeVr0cT2t5Xxj7n2Xj1YDuLzAznlWgOxuCgpEHoklnz83JHo5fBxdq3aC PAY6JOge0oK7i2/TYP+Mu8a/hxc2mKDPd9P2xTubQlvafUTmQDF/77hTR3xtQEAGRBJF HFJw== X-Gm-Message-State: AOJu0YwURt7WL6tlg6SnKucEhqpCkHn+EYLIlNHebXZY6cUZcnBOKtl2 QqxspkEFGmWud5iflmSwX46GUTWM+EWG+eCCtSbiDbH7ubhA5m9GRBDYH3jrC4fpg65O4nxOZHF lLPn4nA== X-Google-Smtp-Source: AGHT+IH1z0g9TaKz1LWxOeu/E1gh1nmHd+p/Mcap/m+sFaxrPQm/m1RYdgfMqihKVInodCKSpHNIkw== X-Received: by 2002:a05:6512:2210:b0:50e:74ea:525c with SMTP id h16-20020a056512221000b0050e74ea525cmr3950398lfu.3.1706105713953; Wed, 24 Jan 2024 06:15:13 -0800 (PST) Received: from ttritton.c.googlers.com.com (64.227.90.34.bc.googleusercontent.com. [34.90.227.64]) by smtp.gmail.com with ESMTPSA id vu3-20020a170907a64300b00a2d7f63dd71sm12399097ejc.29.2024.01.24.06.15.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jan 2024 06:15:13 -0800 (PST) From: Terry Tritton To: keescook@chromium.org, luto@amacapital.net, wad@chromium.org, shuah@kernel.org Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, peter.griffin@linaro.org, kernel-team@android.com, bettyzhou@google.com, Terry Tritton Subject: [PATCH 1/3] selftests/seccomp: Handle EINVAL on unshare(CLONE_NEWPID) Date: Wed, 24 Jan 2024 14:13:55 +0000 Message-ID: <20240124141357.1243457-2-terry.tritton@linaro.org> X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog In-Reply-To: <20240124141357.1243457-1-terry.tritton@linaro.org> References: <20240124141357.1243457-1-terry.tritton@linaro.org> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 unshare(CLONE_NEWPID) can return EINVAL if the kernel does not have the CONFIG_PID_NS option enabled. Add a check on these calls to skip the test if we receive EINVAL. Signed-off-by: Terry Tritton --- tools/testing/selftests/seccomp/seccomp_bpf.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 38f651469968..5e705674b706 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3709,7 +3709,12 @@ TEST(user_notification_sibling_pid_ns) ASSERT_GE(pid, 0); if (pid == 0) { - ASSERT_EQ(unshare(CLONE_NEWPID), 0); + ASSERT_EQ(unshare(CLONE_NEWPID), 0) { + if (errno == EPERM) + SKIP(return, "CLONE_NEWPID requires CAP_SYS_ADMIN"); + else if (errno == EINVAL) + SKIP(return, "CLONE_NEWPID is invalid (missing CONFIG_PID_NS?)"); + } pid2 = fork(); ASSERT_GE(pid2, 0); @@ -3727,6 +3732,8 @@ TEST(user_notification_sibling_pid_ns) ASSERT_EQ(unshare(CLONE_NEWPID), 0) { if (errno == EPERM) SKIP(return, "CLONE_NEWPID requires CAP_SYS_ADMIN"); + else if (errno == EINVAL) + SKIP(return, "CLONE_NEWPID is invalid (missing CONFIG_PID_NS?)"); } ASSERT_EQ(errno, 0); From patchwork Wed Jan 24 14:13:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Terry Tritton X-Patchwork-Id: 13529269 Received: from mail-ej1-f52.google.com (mail-ej1-f52.google.com [209.85.218.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C5BC677629 for ; Wed, 24 Jan 2024 14:15:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.52 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706105723; cv=none; b=uy3kEbXw1uZcni+fpOIQRg+3eXS90XowFfRyYV/+3jE3mygwBbCw3xSYJ4ZNlHHdyDx2prdokeqhRlqqXhLbd5Ncu7yznMwQ/OGtjALPnryDOpdZV7+Je33s269GqLtGF5jszEE2G97xmOxNy2Z5h1biWI/dNdBBwr3iYHhDVS4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706105723; c=relaxed/simple; bh=0UEj8Oof/abgmDFcrUPI79i5BHVw6bCbAYsJDPU2SAM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=TzUPkqRG/KEx9pFl7G/j+oid6gEtKoAE03917PvVgA0IILyr2s2ujdKBspL9DEaM9FIz9JrmZQvALPuHSacx/dZZnMBSbRzbHVnYwCiemeitUz7KHNKG7Eiq1LUTBU1y6e9/kPJ2/1n7eo1drW6ql45lez/C9a+tjF0lTDDvorU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=DSINa5t3; arc=none smtp.client-ip=209.85.218.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="DSINa5t3" Received: by mail-ej1-f52.google.com with SMTP id a640c23a62f3a-a310409589aso117266266b.3 for ; Wed, 24 Jan 2024 06:15:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1706105720; x=1706710520; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kinIyrY0DiVL9FjvsbU90IrpJuAQN+qhOmTSZHZdLpE=; b=DSINa5t3MmDC8b2fbZ/xUX2D2ctlZnXEZf1qMjsrZPQmF1Chq0+fBQPztuxKmSTYzl jlPVPKICQBJThTEyqE2APseDp/9idHUSrfvC07LuCyJBJjNKn0IGMxMI28Yj8SeY2nv4 AARfcbe6g+zH5MSAffVrD+5g1KUsNjIJapezxudwGujChqw2I/2Bqh8eAjQ5AYpUwN7H omJgIPvIBfEnsicWt5Fi5lxfRnFxcoob5lHp/7dy9sm8LGlKyjA9WZNahRGK3oZ44CX2 QFI59jvPophJ2WO7t3tF5okxVF1PMcgk3D8bUIrkJ+I+4mctPB3p8Ig1iRCVwRtx3Cv8 9u3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706105720; x=1706710520; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kinIyrY0DiVL9FjvsbU90IrpJuAQN+qhOmTSZHZdLpE=; b=Uzb0Cx0BMwJNjY5JpiuIQ+ovmj5m7u6LnTI6kDPrMFXFNTFOYENs00i7AcJQmYX34N 7xdHfQHVL83zs/uO3Ret5t/JsggilG8uxTCxrQ/3p7F/xwSnNOFate0kPO29xe9U1tbd 80EAcBWNEk8YIHHKtJlCV3fuJStevfFuGS7BYxbodH4rStEkg+8/WVjrZb693Pd6AE9K DczMaBw4z2759R/6gKkvKhePDU1TroWBTeUQ/LESR0oJChrCFNAfFzrVDDticC61taSo a2wqZfDTfdyV36nxI5LcQrwlo1Cj27ebrrla8rrn1bJaOAzdnix+CXF04Qx1UN57jgxF ReAA== X-Gm-Message-State: AOJu0YxjsWfD82i85g6DMkT90hxyHb1fAws2ag8fFRWFTwfThSMaWaoF TpFY4GJLCv+9zJ3SJqfp4AdlMTf0A92tANxt4u4F53aJksCIiRgqspOJZEELe5k= X-Google-Smtp-Source: AGHT+IF4+LUhP0g/9YJ7YhuuFE5ZYZEhnJFlqdsUbpxgT5uNDQ/9YEAlGlL6+jOgnpmMApQnrgCtdA== X-Received: by 2002:a17:907:30cd:b0:a30:de41:2c with SMTP id vl13-20020a17090730cd00b00a30de41002cmr447163ejb.161.1706105720026; Wed, 24 Jan 2024 06:15:20 -0800 (PST) Received: from ttritton.c.googlers.com.com (64.227.90.34.bc.googleusercontent.com. [34.90.227.64]) by smtp.gmail.com with ESMTPSA id vu3-20020a170907a64300b00a2d7f63dd71sm12399097ejc.29.2024.01.24.06.15.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jan 2024 06:15:19 -0800 (PST) From: Terry Tritton To: keescook@chromium.org, luto@amacapital.net, wad@chromium.org, shuah@kernel.org Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, peter.griffin@linaro.org, kernel-team@android.com, bettyzhou@google.com, Terry Tritton Subject: [PATCH 2/3] selftests/seccomp: Change the syscall used in KILL_THREAD test Date: Wed, 24 Jan 2024 14:13:56 +0000 Message-ID: <20240124141357.1243457-3-terry.tritton@linaro.org> X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog In-Reply-To: <20240124141357.1243457-1-terry.tritton@linaro.org> References: <20240124141357.1243457-1-terry.tritton@linaro.org> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The Bionic version of pthread_create used on Android calls the prctl function to give the stack and thread local storage a useful name. This will cause the KILL_THREAD test to fail as it will kill the thread as soon as it is created. change the test to use getpid instead of prctl. Signed-off-by: Terry Tritton --- tools/testing/selftests/seccomp/seccomp_bpf.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 5e705674b706..da11b95b8872 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -784,7 +784,7 @@ void *kill_thread(void *data) bool die = (bool)data; if (die) { - prctl(PR_GET_SECCOMP, 0, 0, 0, 0); + syscall(__NR_getpid); return (void *)SIBLING_EXIT_FAILURE; } @@ -803,11 +803,11 @@ void kill_thread_or_group(struct __test_metadata *_metadata, { pthread_t thread; void *status; - /* Kill only when calling __NR_prctl. */ + /* Kill only when calling __NR_getpid. */ struct sock_filter filter_thread[] = { BPF_STMT(BPF_LD|BPF_W|BPF_ABS, offsetof(struct seccomp_data, nr)), - BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_prctl, 0, 1), + BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_getpid, 0, 1), BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_KILL_THREAD), BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), }; @@ -819,7 +819,7 @@ void kill_thread_or_group(struct __test_metadata *_metadata, struct sock_filter filter_process[] = { BPF_STMT(BPF_LD|BPF_W|BPF_ABS, offsetof(struct seccomp_data, nr)), - BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_prctl, 0, 1), + BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_getpid, 0, 1), BPF_STMT(BPF_RET|BPF_K, kill), BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), }; From patchwork Wed Jan 24 14:13:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Terry Tritton X-Patchwork-Id: 13529270 Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 244B97C08F for ; Wed, 24 Jan 2024 14:15:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706105728; cv=none; b=TnsYnFG7JQlRIz0Z8MoaRMH+EOQHbQeSgQ1j2lTF46y036CXOkEEsRhPwJG190YRSvxgjs8GTDMkPLe9CLEdbgE0vY/rRvx0JGZrDNtRq0Uk1QhM7qliCEDT/BLkLCB4fl5xsFEX1FhTXI0kiyrSmFbTo3c0z2zvEtwpY7CDPsg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706105728; c=relaxed/simple; bh=SXgjaHAj6mc5bUoF/0ublXUVySE2uQcKr8Ju/E+GUFI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XUlnU0Fl+/nXHtlT6xVGCw6KDQGM5Aki0Qw86fwDjkS4T+n7eKfjqdi7KVddEh+nlu5GhJ/exIHKJwXLZQgUS2/SCNX9UJqq4hMDdVopnWmcH1ctEnd1qLYvSXY/aGY/Ms8cX+LdaW5z7n7q6jsegQRJu6Yk6TJ+2c0+R+ONDH4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=dCtjoMkB; arc=none smtp.client-ip=209.85.167.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="dCtjoMkB" Received: by mail-lf1-f41.google.com with SMTP id 2adb3069b0e04-5101055a16fso871443e87.2 for ; Wed, 24 Jan 2024 06:15:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1706105725; x=1706710525; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Emu9TGmELjy3ceHR0soeUQYq/a/KfpUveoio5V7U5Xk=; b=dCtjoMkBZiBnh1uqZqVSrH5uPUKKQEMZfoCYRJxAVUm9K6DVIuFeFoR/2eyzy6QEpq VW40pmawSkIQZbq4pyM20SSLWo2sEYrUrPUcv51OTcZzbGrQ6mixVLZv/wiZlfxs57A5 7wla1NLiBOoMg8nqJRkhWJ0kdaxzuqmFCUmAdTkJveYj0rFCWyiiRCkXIi7iTelCeWpm 5XMX2NEBCljrCdN7/uySTJg9dkcvOKiHfvUF8RcIEiyEBW6Q+6VapzYjnsEBcY75Yp9u z4jK7dt+st47mf3Zb0nXmifzAuctHiovfXDc+wFn+7Nipi6AcJLdavecTPPkYAvwD9wZ Bshg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706105725; x=1706710525; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Emu9TGmELjy3ceHR0soeUQYq/a/KfpUveoio5V7U5Xk=; b=Ixd+EW4o6Qg5Z315GRI44bk9UWo7NCtX8dcvZluspsR117Yk+o5BpQsGmBW7ovEBTO 79y/K6v0InYo7vKU48obBA651rujRketXmxJg/a179WtNoe3agKu7TFbMFc97x9U1/No bDKv2X+Npoq/sAq2mWXUYS/9zaAGLhJAHHZx0a0k1aNMa18PbaXgKU2NUdteVaR1F+A2 fEEmWOw4QZw+cZcOsAj41pkQkXi0Lwzpw7sa7yl/9yZq4Q6IwvS954+5I4MZ75gwLB3E o/quSJpCIfA/o3Y+XxkSZh+iNzIs3rY+IKm58s8pKmLa6jJLRQtdkdS9Rg6qYFicW3et NZXQ== X-Gm-Message-State: AOJu0Yx/By7VZ+Au9RxwZ4SWrXaoZo+L0iX5TLsIxmRx80lFk2j3YeWd VCQvAEB98eb30XUvcOfGNJga22H4f3L/MnBAsLzY1Vd0Me7bQmK1Eg9/lu1bnD4= X-Google-Smtp-Source: AGHT+IHc46rAxq1R2suh/qkOcv105YlkAEWHIOmow9ewHTYWO5FRW47hScfpHJ8HFVuGgx0owI33Fw== X-Received: by 2002:a05:6512:2808:b0:50e:ccfa:56c3 with SMTP id cf8-20020a056512280800b0050eccfa56c3mr4497154lfb.34.1706105725323; Wed, 24 Jan 2024 06:15:25 -0800 (PST) Received: from ttritton.c.googlers.com.com (64.227.90.34.bc.googleusercontent.com. [34.90.227.64]) by smtp.gmail.com with ESMTPSA id vu3-20020a170907a64300b00a2d7f63dd71sm12399097ejc.29.2024.01.24.06.15.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jan 2024 06:15:25 -0800 (PST) From: Terry Tritton To: keescook@chromium.org, luto@amacapital.net, wad@chromium.org, shuah@kernel.org Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, peter.griffin@linaro.org, kernel-team@android.com, bettyzhou@google.com, Terry Tritton Subject: [PATCH 3/3] selftests/seccomp: user_notification_addfd check nextfd is available Date: Wed, 24 Jan 2024 14:13:57 +0000 Message-ID: <20240124141357.1243457-4-terry.tritton@linaro.org> X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog In-Reply-To: <20240124141357.1243457-1-terry.tritton@linaro.org> References: <20240124141357.1243457-1-terry.tritton@linaro.org> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Currently the user_notification_addfd test checks what the next expected file descriptor will be by incrementing a variable nextfd. This does not account for file descriptors that may already be open before the test is started and will cause the test to fail if any exist. Replace nextfd++ with a function get_next_fd which will check and return the next available file descriptor. Signed-off-by: Terry Tritton --- tools/testing/selftests/seccomp/seccomp_bpf.c | 24 +++++++++++++++---- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index da11b95b8872..cacf6507f690 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -4044,6 +4044,16 @@ TEST(user_notification_filter_empty_threaded) EXPECT_GT((pollfd.revents & POLLHUP) ?: 0, 0); } + +int get_next_fd(int prev_fd) +{ + for (int i = prev_fd + 1; i < FD_SETSIZE; ++i) { + if (fcntl(i, F_GETFD) == -1) + return i; + } + _exit(EXIT_FAILURE); +} + TEST(user_notification_addfd) { pid_t pid; @@ -4060,7 +4070,7 @@ TEST(user_notification_addfd) /* There may be arbitrary already-open fds at test start. */ memfd = memfd_create("test", 0); ASSERT_GE(memfd, 0); - nextfd = memfd + 1; + nextfd = get_next_fd(memfd); ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); ASSERT_EQ(0, ret) { @@ -4071,7 +4081,8 @@ TEST(user_notification_addfd) /* Check that the basic notification machinery works */ listener = user_notif_syscall(__NR_getppid, SECCOMP_FILTER_FLAG_NEW_LISTENER); - ASSERT_EQ(listener, nextfd++); + ASSERT_EQ(listener, nextfd); + nextfd = get_next_fd(nextfd); pid = fork(); ASSERT_GE(pid, 0); @@ -4126,14 +4137,16 @@ TEST(user_notification_addfd) /* Verify we can set an arbitrary remote fd */ fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd); - EXPECT_EQ(fd, nextfd++); + EXPECT_EQ(fd, nextfd); + nextfd = get_next_fd(nextfd); EXPECT_EQ(filecmp(getpid(), pid, memfd, fd), 0); /* Verify we can set an arbitrary remote fd with large size */ memset(&big, 0x0, sizeof(big)); big.addfd = addfd; fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big); - EXPECT_EQ(fd, nextfd++); + EXPECT_EQ(fd, nextfd); + nextfd = get_next_fd(nextfd); /* Verify we can set a specific remote fd */ addfd.newfd = 42; @@ -4171,7 +4184,8 @@ TEST(user_notification_addfd) * Child has earlier "low" fds and now 42, so we expect the next * lowest available fd to be assigned here. */ - EXPECT_EQ(fd, nextfd++); + EXPECT_EQ(fd, nextfd); + nextfd = get_next_fd(nextfd); ASSERT_EQ(filecmp(getpid(), pid, memfd, fd), 0); /*