| Message ID | 20190424163756.40001-2-keescook@chromium.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 4ee0776760af03f181e6b80baf5fb1cc1a980f50 |
| Headers | show |
| Series | seccomp: Make NEW_LISTENER and TSYNC flags exclusive | expand |
On Wed, Apr 24, 2019 at 09:37:55AM -0700, Kees Cook wrote: > Some seccomp flags will become exclusive, so the selftest needs to > be adjusted to mask those out and test them individually for the "all > flags" tests. > > Cc: stable@vger.kernel.org # v5.0+ > Signed-off-by: Kees Cook <keescook@chromium.org> Whoops, thanks for this too. Reviewed-by: Tycho Andersen <tycho@tycho.ws>
On Wed, 24 Apr 2019, Kees Cook wrote: > Some seccomp flags will become exclusive, so the selftest needs to > be adjusted to mask those out and test them individually for the "all > flags" tests. > > Cc: stable@vger.kernel.org # v5.0+ > Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: James Morris <jamorris@linux.microsoft.com> > --- > tools/testing/selftests/seccomp/seccomp_bpf.c | 34 ++++++++++++++----- > 1 file changed, 25 insertions(+), 9 deletions(-) > > diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c > index f69d2ee29742..5019cdae5d0b 100644 > --- a/tools/testing/selftests/seccomp/seccomp_bpf.c > +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c > @@ -2166,11 +2166,14 @@ TEST(detect_seccomp_filter_flags) > SECCOMP_FILTER_FLAG_LOG, > SECCOMP_FILTER_FLAG_SPEC_ALLOW, > SECCOMP_FILTER_FLAG_NEW_LISTENER }; > - unsigned int flag, all_flags; > + unsigned int exclusive[] = { > + SECCOMP_FILTER_FLAG_TSYNC, > + SECCOMP_FILTER_FLAG_NEW_LISTENER }; > + unsigned int flag, all_flags, exclusive_mask; > int i; > long ret; > > - /* Test detection of known-good filter flags */ > + /* Test detection of individual known-good filter flags */ > for (i = 0, all_flags = 0; i < ARRAY_SIZE(flags); i++) { > int bits = 0; > > @@ -2197,16 +2200,29 @@ TEST(detect_seccomp_filter_flags) > all_flags |= flag; > } > > - /* Test detection of all known-good filter flags */ > - ret = seccomp(SECCOMP_SET_MODE_FILTER, all_flags, NULL); > - EXPECT_EQ(-1, ret); > - EXPECT_EQ(EFAULT, errno) { > - TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!", > - all_flags); > + /* > + * Test detection of all known-good filter flags combined. But > + * for the exclusive flags we need to mask them out and try them > + * individually for the "all flags" testing. > + */ > + exclusive_mask = 0; > + for (i = 0; i < ARRAY_SIZE(exclusive); i++) > + exclusive_mask |= exclusive[i]; > + for (i = 0; i < ARRAY_SIZE(exclusive); i++) { > + flag = all_flags & ~exclusive_mask; > + flag |= exclusive[i]; > + > + ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL); > + EXPECT_EQ(-1, ret); > + EXPECT_EQ(EFAULT, errno) { > + TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!", > + flag); > + } > } > > - /* Test detection of an unknown filter flag */ > + /* Test detection of an unknown filter flags, without exclusives. */ > flag = -1; > + flag &= ~exclusive_mask; > ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL); > EXPECT_EQ(-1, ret); > EXPECT_EQ(EINVAL, errno) { >
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index f69d2ee29742..5019cdae5d0b 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -2166,11 +2166,14 @@ TEST(detect_seccomp_filter_flags) SECCOMP_FILTER_FLAG_LOG, SECCOMP_FILTER_FLAG_SPEC_ALLOW, SECCOMP_FILTER_FLAG_NEW_LISTENER }; - unsigned int flag, all_flags; + unsigned int exclusive[] = { + SECCOMP_FILTER_FLAG_TSYNC, + SECCOMP_FILTER_FLAG_NEW_LISTENER }; + unsigned int flag, all_flags, exclusive_mask; int i; long ret; - /* Test detection of known-good filter flags */ + /* Test detection of individual known-good filter flags */ for (i = 0, all_flags = 0; i < ARRAY_SIZE(flags); i++) { int bits = 0; @@ -2197,16 +2200,29 @@ TEST(detect_seccomp_filter_flags) all_flags |= flag; } - /* Test detection of all known-good filter flags */ - ret = seccomp(SECCOMP_SET_MODE_FILTER, all_flags, NULL); - EXPECT_EQ(-1, ret); - EXPECT_EQ(EFAULT, errno) { - TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!", - all_flags); + /* + * Test detection of all known-good filter flags combined. But + * for the exclusive flags we need to mask them out and try them + * individually for the "all flags" testing. + */ + exclusive_mask = 0; + for (i = 0; i < ARRAY_SIZE(exclusive); i++) + exclusive_mask |= exclusive[i]; + for (i = 0; i < ARRAY_SIZE(exclusive); i++) { + flag = all_flags & ~exclusive_mask; + flag |= exclusive[i]; + + ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL); + EXPECT_EQ(-1, ret); + EXPECT_EQ(EFAULT, errno) { + TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!", + flag); + } } - /* Test detection of an unknown filter flag */ + /* Test detection of an unknown filter flags, without exclusives. */ flag = -1; + flag &= ~exclusive_mask; ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL); EXPECT_EQ(-1, ret); EXPECT_EQ(EINVAL, errno) {
Some seccomp flags will become exclusive, so the selftest needs to be adjusted to mask those out and test them individually for the "all flags" tests. Cc: stable@vger.kernel.org # v5.0+ Signed-off-by: Kees Cook <keescook@chromium.org> --- tools/testing/selftests/seccomp/seccomp_bpf.c | 34 ++++++++++++++----- 1 file changed, 25 insertions(+), 9 deletions(-)