rcu.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Stephen Smalley <sds@tycho.nsa.gov>
To: Paul Moore <paul@paul-moore.com>, Ondrej Mosnacek <omosnace@redhat.com>
Cc: Jeff Vander Stoep <jeffv@google.com>,
	SElinux list <selinux@vger.kernel.org>,
	Will Deacon <will@kernel.org>,
	"Paul E. McKenney" <paulmck@kernel.org>,
	rcu@vger.kernel.org, Jovana Knezevic <jovanak@google.com>
Subject: Re: [PATCH v9] selinux: sidtab: reverse lookup hash table
Date: Thu, 5 Dec 2019 13:10:18 -0500	[thread overview]
Message-ID: <8257410c-025a-7250-fa78-944289e378bd@tycho.nsa.gov> (raw)
In-Reply-To: <CAHC9VhR+hYnLoMkAPuRNJygk+dOoNyhooNuz3Ma=F07b9gh=rA@mail.gmail.com>

On 12/5/19 12:41 PM, Paul Moore wrote:
> On Thu, Dec 5, 2019 at 9:08 AM Paul Moore <paul@paul-moore.com> wrote:
>> Thanks for the double check.  Unfortunately my kernel build locks my
>> test VM in early boot; it appears to be non-SELinux related and since
>> the test build is based on selinux/next+patches (which is based off
>> v5.4-rc1) I imagine there might be some unrelated problems in the
>> build.  I'm going to rebase my test build to Linus' current and try
>> this again.
> 
> Hmm.  I haven't done any debugging yet, but the BPF tests are failing
> (they pass with kernel-5.5.0-0.rc0.git5.1.2.secnext.fc32.x86_64):
> 
> 1..15
> ok 1
> Failed to load BPF prog: Invalid argument
> not ok 2
> #   Failed test at ./test line 68.
> Failed to create BPF map: Permission denied
> ok 3
> Failed to create BPF map: Permission denied
> ok 4
> Failed to create BPF map: Permission denied
> ok 5
> Failed to load BPF prog: Permission denied
> ok 6
> Failed to load BPF prog: Invalid argument
> ok 7
> client: Using a BPF map fd
> client: Connected to server via ./test_sock
> server:  Accepted a connection, receiving message
> client: Sent descriptor, waiting for reply
> server:  Received a descriptor, fd=5, sending back 0
> client: Received reply, code=0
> client: ...This implies the descriptor was received
> ok 8
> Failed to load BPF prog: Invalid argument
> client: Using a BPF prog fd
> client: Connected to server via ./test_sock
> sendmsg: Bad file descriptor
> server:  Accepted a connection, receiving message
> server:  Received no descriptor, sending back 1
> not ok 9
> #   Failed test at ./test line 118.
> Failed to load BPF prog: Invalid argument
> client: Using a BPF prog fd
> connect: Connection refused
> ok 10
> client: Using a BPF map fd
> connect: Connection refused
> ok 11
> ok 12
> Client request_service_provider_fd() failing command BR_FAILED_REPLY, exiting.
> ok 13
> ok 14
> Failed to load BPF prog: Invalid argument
> Client request_service_provider_fd() failing command BR_FAILED_REPLY, exiting.
> ok 15
> # Looks like you failed 2 tests of 15.

They all pass for me (with your next-queue branch, using the 
selinux-testsuite defconfig fragment merged with the Fedora config).

The error above doesn't look SELinux-related; it looks like your kernel 
is rejecting the trivial bpf program used in the test code as being 
invalid for some reason.



  reply	other threads:[~2019-12-05 18:10 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-22  9:33 [PATCH v9] selinux: sidtab: reverse lookup hash table Jeff Vander Stoep
2019-11-22 14:21 ` Stephen Smalley
2019-12-03  0:32 ` Paul Moore
2019-12-04  9:11   ` Ondrej Mosnacek
2019-12-04 15:48     ` Stephen Smalley
2019-12-04 23:52     ` Paul Moore
2019-12-05 11:48       ` Ondrej Mosnacek
2019-12-05 14:08         ` Paul Moore
2019-12-05 17:41           ` Paul Moore
2019-12-05 18:10             ` Stephen Smalley [this message]
2019-12-05 18:14               ` Paul Moore
2019-12-06  0:50                 ` Paul Moore
2019-12-06 13:45                   ` Stephen Smalley
2019-12-06 15:08                     ` Paul Moore
2019-12-09 21:17   ` Paul Moore

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8257410c-025a-7250-fa78-944289e378bd@tycho.nsa.gov \
    --to=sds@tycho.nsa.gov \
    --cc=jeffv@google.com \
    --cc=jovanak@google.com \
    --cc=omosnace@redhat.com \
    --cc=paul@paul-moore.com \
    --cc=paulmck@kernel.org \
    --cc=rcu@vger.kernel.org \
    --cc=selinux@vger.kernel.org \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).