| Message ID | 20200705061232.4151319-4-keescook@chromium.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 4c6614dc86ad99208e7582108669831c4ab72982 |
| Headers | show |
| Series | Check ENOSYS under tracing | expand |
On Sat, Jul 04, 2020 at 11:12:32PM -0700, Kees Cook wrote: > There should be no difference between -1 and other negative syscalls > while tracing. > > Cc: Andy Lutomirski <luto@amacapital.net> > Cc: Will Drewry <wad@chromium.org> > Cc: Will Deacon <will@kernel.org> > Cc: Keno Fischer <keno@juliacomputing.com> > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > tools/testing/selftests/seccomp/seccomp_bpf.c | 26 +++++++++++++++++++ > 1 file changed, 26 insertions(+) > > diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c > index 966dec340ea8..bf6aa06c435c 100644 > --- a/tools/testing/selftests/seccomp/seccomp_bpf.c > +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c > @@ -1973,6 +1973,32 @@ FIXTURE_TEARDOWN(TRACE_syscall) > teardown_trace_fixture(_metadata, self->tracer); > } > > +TEST(negative_ENOSYS) > +{ > + /* Untraced negative syscalls should return ENOSYS. */ > + errno = 0; > + EXPECT_EQ(-1, syscall(-1)); > + EXPECT_EQ(errno, ENOSYS); > + errno = 0; > + EXPECT_EQ(-1, syscall(-101)); > + EXPECT_EQ(errno, ENOSYS); > +} > + > +TEST_F(TRACE_syscall, negative_ENOSYS) > +{ > + /* > + * There should be no difference between an "internal" skip > + * and userspace asking for syscall "-1". > + */ > + errno = 0; > + EXPECT_EQ(-1, syscall(-1)); > + EXPECT_EQ(errno, ENOSYS); > + /* And no difference for "still not valid but not -1". */ > + errno = 0; > + EXPECT_EQ(-1, syscall(-101)); > + EXPECT_EQ(errno, ENOSYS); > +} > + I realized after sending this that the second function could just be: +TEST_F(TRACE_syscall, negative_ENOSYS) +{ + negative_ENOSYS(_metadata); +} :) > TEST_F(TRACE_syscall, syscall_allowed) > { > /* getppid works as expected (no changes). */ > -- > 2.25.1 >
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 966dec340ea8..bf6aa06c435c 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -1973,6 +1973,32 @@ FIXTURE_TEARDOWN(TRACE_syscall) teardown_trace_fixture(_metadata, self->tracer); } +TEST(negative_ENOSYS) +{ + /* Untraced negative syscalls should return ENOSYS. */ + errno = 0; + EXPECT_EQ(-1, syscall(-1)); + EXPECT_EQ(errno, ENOSYS); + errno = 0; + EXPECT_EQ(-1, syscall(-101)); + EXPECT_EQ(errno, ENOSYS); +} + +TEST_F(TRACE_syscall, negative_ENOSYS) +{ + /* + * There should be no difference between an "internal" skip + * and userspace asking for syscall "-1". + */ + errno = 0; + EXPECT_EQ(-1, syscall(-1)); + EXPECT_EQ(errno, ENOSYS); + /* And no difference for "still not valid but not -1". */ + errno = 0; + EXPECT_EQ(-1, syscall(-101)); + EXPECT_EQ(errno, ENOSYS); +} + TEST_F(TRACE_syscall, syscall_allowed) { /* getppid works as expected (no changes). */
There should be no difference between -1 and other negative syscalls while tracing. Cc: Andy Lutomirski <luto@amacapital.net> Cc: Will Drewry <wad@chromium.org> Cc: Will Deacon <will@kernel.org> Cc: Keno Fischer <keno@juliacomputing.com> Signed-off-by: Kees Cook <keescook@chromium.org> --- tools/testing/selftests/seccomp/seccomp_bpf.c | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+)