All of lore.kernel.org
 help / color / mirror / Atom feed
* [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function
@ 2021-08-25 10:42 Martin Doucha
  2021-08-25 10:42 ` [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE() Martin Doucha
  2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
  0 siblings, 2 replies; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 10:42 UTC (permalink / raw)
  To: ltp

Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
 doc/network-c-api.txt   |  4 ++++
 include/tst_netdevice.h |  5 +++++
 lib/tst_netdevice.c     | 44 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 53 insertions(+)

diff --git a/doc/network-c-api.txt b/doc/network-c-api.txt
index 145836a81..f24614fd8 100644
--- a/doc/network-c-api.txt
+++ b/doc/network-c-api.txt
@@ -162,6 +162,10 @@ stage.
   on success, 0 on error. Add +"CONFIG_VETH"+ to +test.needs_kconfigs+ if your
   test calls this function.
 
+- +int NETDEV_ADD_DEVICE(const char *ifname, const char *devtype)+ - Creates
+  a new network device named +ifname+ of specified device type. Returns 1 on
+  success, 0 on error.
+
 - +int REMOVE_NETDEV(const char *ifname)+ ? Removes network device +ifname+.
   Returns 1 on success, 0 on error.
 
diff --git a/include/tst_netdevice.h b/include/tst_netdevice.h
index 3a6698731..0bd33765b 100644
--- a/include/tst_netdevice.h
+++ b/include/tst_netdevice.h
@@ -23,6 +23,11 @@ int tst_create_veth_pair(const char *file, const int lineno,
 #define CREATE_VETH_PAIR(ifname1, ifname2) \
 	tst_create_veth_pair(__FILE__, __LINE__, (ifname1), (ifname2))
 
+int tst_netdev_add_device(const char *file, const int lineno,
+	const char *ifname, const char *devtype);
+#define NETDEV_ADD_DEVICE(ifname, devtype) \
+	tst_netdev_add_device(__FILE__, __LINE__, (ifname), (devtype))
+
 int tst_remove_netdev(const char *file, const int lineno, const char *ifname);
 #define REMOVE_NETDEV(ifname) tst_remove_netdev(__FILE__, __LINE__, (ifname))
 
diff --git a/lib/tst_netdevice.c b/lib/tst_netdevice.c
index a4bc22635..9a8c622e2 100644
--- a/lib/tst_netdevice.c
+++ b/lib/tst_netdevice.c
@@ -157,6 +157,50 @@ int tst_create_veth_pair(const char *file, const int lineno,
 	return ret;
 }
 
+int tst_netdev_add_device(const char *file, const int lineno,
+	const char *ifname, const char *devtype)
+{
+	int ret;
+	struct ifinfomsg info = { .ifi_family = AF_UNSPEC };
+	struct tst_rtnl_context *ctx;
+	struct tst_rtnl_attr_list attrs[] = {
+		{IFLA_IFNAME, ifname, strlen(ifname) + 1, NULL},
+		{IFLA_LINKINFO, NULL, 0, (const struct tst_rtnl_attr_list[]){
+			{IFLA_INFO_KIND, devtype, strlen(devtype), NULL},
+			{0, NULL, -1, NULL}
+		}},
+		{0, NULL, -1, NULL}
+	};
+
+	if (strlen(ifname) >= IFNAMSIZ) {
+		tst_brk_(file, lineno, TBROK,
+			"Network device name \"%s\" too long", ifname);
+		return 0;
+	}
+
+	ctx = create_request(file, lineno, RTM_NEWLINK,
+		NLM_F_CREATE | NLM_F_EXCL, &info, sizeof(info));
+
+	if (!ctx)
+		return 0;
+
+	if (tst_rtnl_add_attr_list(file, lineno, ctx, attrs) != 2) {
+		tst_rtnl_destroy_context(file, lineno, ctx);
+		return 0;
+	}
+
+	ret = tst_rtnl_send_validate(file, lineno, ctx);
+	tst_rtnl_destroy_context(file, lineno, ctx);
+
+	if (!ret) {
+		tst_brk_(file, lineno, TBROK,
+			"Failed to create %s device %s: %s", devtype, ifname,
+			tst_strerrno(tst_rtnl_errno));
+	}
+
+	return ret;
+}
+
 int tst_remove_netdev(const char *file, const int lineno, const char *ifname)
 {
 	struct ifinfomsg info = { .ifi_family = AF_UNSPEC };
-- 
2.32.0


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE()
  2021-08-25 10:42 [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function Martin Doucha
@ 2021-08-25 10:42 ` Martin Doucha
  2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
  1 sibling, 0 replies; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 10:42 UTC (permalink / raw)
  To: ltp

Use the same naming style as in the rest of netdevice library.

Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
 doc/network-c-api.txt   | 4 ++--
 include/tst_netdevice.h | 6 ++++--
 lib/tst_netdevice.c     | 3 ++-
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/doc/network-c-api.txt b/doc/network-c-api.txt
index f24614fd8..e910d159f 100644
--- a/doc/network-c-api.txt
+++ b/doc/network-c-api.txt
@@ -166,8 +166,8 @@ stage.
   a new network device named +ifname+ of specified device type. Returns 1 on
   success, 0 on error.
 
-- +int REMOVE_NETDEV(const char *ifname)+ ? Removes network device +ifname+.
-  Returns 1 on success, 0 on error.
+- +int NETDEV_REMOVE_DEVICE(const char *ifname)+ ? Removes network device
+  +ifname+. Returns 1 on success, 0 on error.
 
 2.2 Network address management
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/include/tst_netdevice.h b/include/tst_netdevice.h
index 0bd33765b..f02661208 100644
--- a/include/tst_netdevice.h
+++ b/include/tst_netdevice.h
@@ -28,8 +28,10 @@ int tst_netdev_add_device(const char *file, const int lineno,
 #define NETDEV_ADD_DEVICE(ifname, devtype) \
 	tst_netdev_add_device(__FILE__, __LINE__, (ifname), (devtype))
 
-int tst_remove_netdev(const char *file, const int lineno, const char *ifname);
-#define REMOVE_NETDEV(ifname) tst_remove_netdev(__FILE__, __LINE__, (ifname))
+int tst_netdev_remove_device(const char *file, const int lineno,
+	const char *ifname);
+#define NETDEV_REMOVE_DEVICE(ifname) \
+	tst_netdev_remove_device(__FILE__, __LINE__, (ifname))
 
 int tst_netdev_add_address(const char *file, const int lineno,
 	const char *ifname, unsigned int family, const void *address,
diff --git a/lib/tst_netdevice.c b/lib/tst_netdevice.c
index 9a8c622e2..ba9a55b70 100644
--- a/lib/tst_netdevice.c
+++ b/lib/tst_netdevice.c
@@ -201,7 +201,8 @@ int tst_netdev_add_device(const char *file, const int lineno,
 	return ret;
 }
 
-int tst_remove_netdev(const char *file, const int lineno, const char *ifname)
+int tst_netdev_remove_device(const char *file, const int lineno,
+	const char *ifname)
 {
 	struct ifinfomsg info = { .ifi_family = AF_UNSPEC };
 	struct tst_rtnl_context *ctx;
-- 
2.32.0


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
  2021-08-25 10:42 [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function Martin Doucha
  2021-08-25 10:42 ` [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE() Martin Doucha
@ 2021-08-25 10:43 ` Martin Doucha
  2021-08-25 11:40   ` Richard Palethorpe
  1 sibling, 1 reply; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 10:43 UTC (permalink / raw)
  To: ltp

Fixes #863

Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
 runtest/can                           |   1 +
 runtest/cve                           |   1 +
 testcases/network/can/cve/.gitignore  |   1 +
 testcases/network/can/cve/Makefile    |  10 ++
 testcases/network/can/cve/can_bcm01.c | 161 ++++++++++++++++++++++++++
 5 files changed, 174 insertions(+)
 create mode 100644 testcases/network/can/cve/.gitignore
 create mode 100644 testcases/network/can/cve/Makefile
 create mode 100644 testcases/network/can/cve/can_bcm01.c

diff --git a/runtest/can b/runtest/can
index b637183c6..23cbf9acd 100644
--- a/runtest/can
+++ b/runtest/can
@@ -1,2 +1,3 @@
 can_filter can_filter
 can_rcv_own_msgs can_rcv_own_msgs
+can_bcm01 can_bcm01
diff --git a/runtest/cve b/runtest/cve
index c27f58d8d..449f5ad7e 100644
--- a/runtest/cve
+++ b/runtest/cve
@@ -66,6 +66,7 @@ cve-2020-14416 pty03
 cve-2020-25705 icmp_rate_limit01
 cve-2020-29373 io_uring02
 cve-2021-3444 bpf_prog05
+cve-2021-6309 can_bcm01
 cve-2021-22555 setsockopt08 -i 100
 cve-2021-26708 vsock01
 # Tests below may cause kernel memory leak
diff --git a/testcases/network/can/cve/.gitignore b/testcases/network/can/cve/.gitignore
new file mode 100644
index 000000000..3d138b0b4
--- /dev/null
+++ b/testcases/network/can/cve/.gitignore
@@ -0,0 +1 @@
+/can_bcm01
diff --git a/testcases/network/can/cve/Makefile b/testcases/network/can/cve/Makefile
new file mode 100644
index 000000000..86f84e9f2
--- /dev/null
+++ b/testcases/network/can/cve/Makefile
@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+top_srcdir		?= ../../../..
+
+include $(top_srcdir)/include/mk/testcases.mk
+
+can_bcm01: CFLAGS += -pthread
+can_bcm01: LDLIBS += -lrt
+
+include $(top_srcdir)/include/mk/generic_leaf_target.mk
diff --git a/testcases/network/can/cve/can_bcm01.c b/testcases/network/can/cve/can_bcm01.c
new file mode 100644
index 000000000..b1816e6c2
--- /dev/null
+++ b/testcases/network/can/cve/can_bcm01.c
@@ -0,0 +1,161 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2020 SUSE LLC <mdoucha@suse.cz>
+ *
+ * CVE-2021-3609
+ *
+ * Test for race condition vulnerability in CAN BCM. Fixed in:
+ *
+ *  commit d5f9023fa61ee8b94f37a93f08e94b136cf1e463
+ *  Author: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
+ *  Date:   Sat Jun 19 13:18:13 2021 -0300
+ *
+ *  can: bcm: delay release of struct bcm_op after synchronize_rcu()
+ */
+
+#include "config.h"
+#include "tst_test.h"
+
+#ifdef HAVE_LINUX_CAN_H
+
+#include <linux/can.h>
+#include <linux/can/bcm.h>
+
+#include "tst_netdevice.h"
+#include "tst_fuzzy_sync.h"
+
+#define LTP_DEVICE "ltp_vcan0"
+
+struct test_payload {
+	struct bcm_msg_head head;
+	struct can_frame frame;
+};
+
+static int sock1 = -1, sock2 = -1;
+static struct tst_fzsync_pair fzsync_pair;
+
+static void setup(void)
+{
+	struct sockaddr_can addr = { .can_family = AF_CAN };
+
+	/*
+	 * Older kernels require explicit modprobe of vcan. Newer kernels
+	 * will load the modules automatically and support CAN in network
+	 * namespace which would eliminate the need for running the test
+	 * with root privileges.
+	 */
+	tst_cmd((const char*[]){"modprobe", "vcan", NULL}, NULL, NULL, 0);
+
+	NETDEV_ADD_DEVICE(LTP_DEVICE, "vcan");
+	NETDEV_SET_STATE(LTP_DEVICE, 1);
+	addr.can_ifindex = NETDEV_INDEX_BY_NAME(LTP_DEVICE);
+	addr.can_addr.tp.rx_id = 1;
+	sock1 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
+	SAFE_CONNECT(sock1, (struct sockaddr *)&addr, sizeof(addr));
+
+	fzsync_pair.exec_loops = 100000;
+	tst_fzsync_pair_init(&fzsync_pair);
+}
+
+static void *thread_run(void *arg)
+{
+	struct test_payload data = {
+		{
+			.opcode = TX_SEND,
+			.flags = RX_NO_AUTOTIMER,
+			.count = -1,
+			.nframes = 1
+		},
+		{0}
+	};
+	struct iovec iov = {
+		.iov_base = &data,
+		.iov_len = sizeof(data)
+	};
+	struct msghdr msg = {
+		.msg_iov = &iov,
+		.msg_iovlen = 1
+	};
+
+	while (tst_fzsync_run_b(&fzsync_pair)) {
+		tst_fzsync_start_race_b(&fzsync_pair);
+		SAFE_SENDMSG(iov.iov_len, sock1, &msg, 0);
+		tst_fzsync_end_race_b(&fzsync_pair);
+	}
+
+	return arg;
+}
+
+static void run(void)
+{
+	struct sockaddr_can addr = { .can_family = AF_CAN };
+	struct bcm_msg_head data = {
+		.opcode = RX_SETUP,
+		.flags = RX_FILTER_ID | SETTIMER | STARTTIMER,
+		.ival1.tv_sec = 1,
+		.ival2.tv_sec = 1
+	};
+	struct iovec iov = {
+		.iov_base = &data,
+		.iov_len = sizeof(data)
+	};
+	struct msghdr msg = {
+		.msg_iov = &iov,
+		.msg_iovlen = 1,
+	};
+
+	tst_fzsync_pair_reset(&fzsync_pair, thread_run);
+
+	while (tst_fzsync_run_a(&fzsync_pair)) {
+		sock2 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
+		SAFE_CONNECT(sock2, (struct sockaddr *)&addr, sizeof(addr));
+		SAFE_SENDMSG(iov.iov_len, sock2, &msg, 0);
+		tst_fzsync_start_race_a(&fzsync_pair);
+		SAFE_CLOSE(sock2);
+		tst_fzsync_end_race_a(&fzsync_pair);
+	}
+
+	tst_res(TPASS, "Nothing bad happened, probably");
+}
+
+static void cleanup(void)
+{
+	tst_fzsync_pair_cleanup(&fzsync_pair);
+
+	if (sock1 >= 0)
+		SAFE_CLOSE(sock1);
+
+	if (sock2 >= 0)
+		SAFE_CLOSE(sock2);
+
+	NETDEV_REMOVE_DEVICE(LTP_DEVICE);
+}
+
+static struct tst_test test = {
+	.test_all = run,
+	.setup = setup,
+	.cleanup = cleanup,
+	.taint_check = TST_TAINT_W | TST_TAINT_D,
+	.needs_root = 1,
+	.needs_kconfigs = (const char *[]) {
+		"CONFIG_USER_NS=y",
+		"CONFIG_NET_NS=y",
+		NULL
+	},
+	.needs_drivers = (const char *const[]) {
+		"vcan",
+		"can-bcm",
+		NULL
+	},
+	.tags = (const struct tst_tag[]) {
+		{"linux-git", "d5f9023fa61e"},
+		{"CVE", "2021-3609"},
+		{}
+	}
+};
+
+#else
+
+TST_TEST_TCONF("The test was built without <linux/can.h>");
+
+#endif /* HAVE_LINUX_CAN_H */
-- 
2.32.0


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
  2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
@ 2021-08-25 11:40   ` Richard Palethorpe
  2021-08-25 11:43     ` Martin Doucha
  0 siblings, 1 reply; 8+ messages in thread
From: Richard Palethorpe @ 2021-08-25 11:40 UTC (permalink / raw)
  To: ltp

Hello Martin,

Martin Doucha <mdoucha@suse.cz> writes:

> Fixes #863
>
> Signed-off-by: Martin Doucha <mdoucha@suse.cz>
> ---
>  runtest/can                           |   1 +
>  runtest/cve                           |   1 +
>  testcases/network/can/cve/.gitignore  |   1 +
>  testcases/network/can/cve/Makefile    |  10 ++
>  testcases/network/can/cve/can_bcm01.c | 161 ++++++++++++++++++++++++++
>  5 files changed, 174 insertions(+)
>  create mode 100644 testcases/network/can/cve/.gitignore
>  create mode 100644 testcases/network/can/cve/Makefile
>  create mode 100644 testcases/network/can/cve/can_bcm01.c
>
> diff --git a/runtest/can b/runtest/can
> index b637183c6..23cbf9acd 100644
> --- a/runtest/can
> +++ b/runtest/can
> @@ -1,2 +1,3 @@
>  can_filter can_filter
>  can_rcv_own_msgs can_rcv_own_msgs
> +can_bcm01 can_bcm01
> diff --git a/runtest/cve b/runtest/cve
> index c27f58d8d..449f5ad7e 100644
> --- a/runtest/cve
> +++ b/runtest/cve
> @@ -66,6 +66,7 @@ cve-2020-14416 pty03
>  cve-2020-25705 icmp_rate_limit01
>  cve-2020-29373 io_uring02
>  cve-2021-3444 bpf_prog05
> +cve-2021-6309 can_bcm01
>  cve-2021-22555 setsockopt08 -i 100
>  cve-2021-26708 vsock01
>  # Tests below may cause kernel memory leak
> diff --git a/testcases/network/can/cve/.gitignore b/testcases/network/can/cve/.gitignore
> new file mode 100644
> index 000000000..3d138b0b4
> --- /dev/null
> +++ b/testcases/network/can/cve/.gitignore
> @@ -0,0 +1 @@
> +/can_bcm01
> diff --git a/testcases/network/can/cve/Makefile b/testcases/network/can/cve/Makefile
> new file mode 100644
> index 000000000..86f84e9f2
> --- /dev/null
> +++ b/testcases/network/can/cve/Makefile
> @@ -0,0 +1,10 @@
> +# SPDX-License-Identifier: GPL-2.0-or-later
> +
> +top_srcdir		?= ../../../..
> +
> +include $(top_srcdir)/include/mk/testcases.mk
> +
> +can_bcm01: CFLAGS += -pthread
> +can_bcm01: LDLIBS += -lrt
> +
> +include $(top_srcdir)/include/mk/generic_leaf_target.mk
> diff --git a/testcases/network/can/cve/can_bcm01.c b/testcases/network/can/cve/can_bcm01.c
> new file mode 100644
> index 000000000..b1816e6c2
> --- /dev/null
> +++ b/testcases/network/can/cve/can_bcm01.c
> @@ -0,0 +1,161 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2020 SUSE LLC <mdoucha@suse.cz>
> + *
> + * CVE-2021-3609
> + *
> + * Test for race condition vulnerability in CAN BCM. Fixed in:
> + *
> + *  commit d5f9023fa61ee8b94f37a93f08e94b136cf1e463
> + *  Author: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
> + *  Date:   Sat Jun 19 13:18:13 2021 -0300
> + *
> + *  can: bcm: delay release of struct bcm_op after synchronize_rcu()
> + */
> +
> +#include "config.h"
> +#include "tst_test.h"
> +
> +#ifdef HAVE_LINUX_CAN_H
> +
> +#include <linux/can.h>
> +#include <linux/can/bcm.h>
> +
> +#include "tst_netdevice.h"
> +#include "tst_fuzzy_sync.h"
> +
> +#define LTP_DEVICE "ltp_vcan0"
> +
> +struct test_payload {
> +	struct bcm_msg_head head;
> +	struct can_frame frame;
> +};
> +
> +static int sock1 = -1, sock2 = -1;
> +static struct tst_fzsync_pair fzsync_pair;
> +
> +static void setup(void)
> +{
> +	struct sockaddr_can addr = { .can_family = AF_CAN };
> +
> +	/*
> +	 * Older kernels require explicit modprobe of vcan. Newer kernels
> +	 * will load the modules automatically and support CAN in network
> +	 * namespace which would eliminate the need for running the test
> +	 * with root privileges.
> +	 */
> +	tst_cmd((const char*[]){"modprobe", "vcan", NULL}, NULL, NULL, 0);
> +
> +	NETDEV_ADD_DEVICE(LTP_DEVICE, "vcan");
> +	NETDEV_SET_STATE(LTP_DEVICE, 1);
> +	addr.can_ifindex = NETDEV_INDEX_BY_NAME(LTP_DEVICE);
> +	addr.can_addr.tp.rx_id = 1;
> +	sock1 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
> +	SAFE_CONNECT(sock1, (struct sockaddr *)&addr, sizeof(addr));
> +
> +	fzsync_pair.exec_loops = 100000;
> +	tst_fzsync_pair_init(&fzsync_pair);
> +}
> +
> +static void *thread_run(void *arg)
> +{
> +	struct test_payload data = {
> +		{
> +			.opcode = TX_SEND,
> +			.flags = RX_NO_AUTOTIMER,
> +			.count = -1,
> +			.nframes = 1
> +		},
> +		{0}
> +	};
> +	struct iovec iov = {
> +		.iov_base = &data,
> +		.iov_len = sizeof(data)
> +	};
> +	struct msghdr msg = {
> +		.msg_iov = &iov,
> +		.msg_iovlen = 1
> +	};
> +
> +	while (tst_fzsync_run_b(&fzsync_pair)) {
> +		tst_fzsync_start_race_b(&fzsync_pair);
> +		SAFE_SENDMSG(iov.iov_len, sock1, &msg, 0);
> +		tst_fzsync_end_race_b(&fzsync_pair);
> +	}
> +
> +	return arg;
> +}
> +
> +static void run(void)
> +{
> +	struct sockaddr_can addr = { .can_family = AF_CAN };
> +	struct bcm_msg_head data = {
> +		.opcode = RX_SETUP,
> +		.flags = RX_FILTER_ID | SETTIMER | STARTTIMER,
> +		.ival1.tv_sec = 1,
> +		.ival2.tv_sec = 1
> +	};
> +	struct iovec iov = {
> +		.iov_base = &data,
> +		.iov_len = sizeof(data)
> +	};
> +	struct msghdr msg = {
> +		.msg_iov = &iov,
> +		.msg_iovlen = 1,
> +	};
> +
> +	tst_fzsync_pair_reset(&fzsync_pair, thread_run);
> +
> +	while (tst_fzsync_run_a(&fzsync_pair)) {
> +		sock2 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
> +		SAFE_CONNECT(sock2, (struct sockaddr *)&addr, sizeof(addr));
> +		SAFE_SENDMSG(iov.iov_len, sock2, &msg, 0);
> +		tst_fzsync_start_race_a(&fzsync_pair);
> +		SAFE_CLOSE(sock2);
> +		tst_fzsync_end_race_a(&fzsync_pair);
> +	}
> +
> +	tst_res(TPASS, "Nothing bad happened, probably");
> +}
> +
> +static void cleanup(void)
> +{
> +	tst_fzsync_pair_cleanup(&fzsync_pair);
> +
> +	if (sock1 >= 0)
> +		SAFE_CLOSE(sock1);
> +
> +	if (sock2 >= 0)
> +		SAFE_CLOSE(sock2);
> +
> +	NETDEV_REMOVE_DEVICE(LTP_DEVICE);
> +}
> +
> +static struct tst_test test = {
> +	.test_all = run,
> +	.setup = setup,
> +	.cleanup = cleanup,
> +	.taint_check = TST_TAINT_W | TST_TAINT_D,
> +	.needs_root = 1,
> +	.needs_kconfigs = (const char *[]) {
> +		"CONFIG_USER_NS=y",
> +		"CONFIG_NET_NS=y",

I think you dropped NS due to lack of CAN support on older kernels?

Otherwise LGTM!

-- 
Thank you,
Richard.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
  2021-08-25 11:40   ` Richard Palethorpe
@ 2021-08-25 11:43     ` Martin Doucha
  2021-08-25 12:20       ` Cyril Hrubis
  0 siblings, 1 reply; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 11:43 UTC (permalink / raw)
  To: ltp

On 25. 08. 21 13:40, Richard Palethorpe wrote:
> Hello Martin,
> 
> I think you dropped NS due to lack of CAN support on older kernels?

Exactly. If I create a new network namespace, SAFE_SOCKET() will fail
with EAFNOSUPPORT on kernel 4.4.

-- 
Martin Doucha   mdoucha@suse.cz
QA Engineer for Software Maintenance
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
  2021-08-25 11:43     ` Martin Doucha
@ 2021-08-25 12:20       ` Cyril Hrubis
  2021-08-25 14:15         ` Martin Doucha
  0 siblings, 1 reply; 8+ messages in thread
From: Cyril Hrubis @ 2021-08-25 12:20 UTC (permalink / raw)
  To: ltp

Hi!
> > I think you dropped NS due to lack of CAN support on older kernels?
> 
> Exactly. If I create a new network namespace, SAFE_SOCKET() will fail
> with EAFNOSUPPORT on kernel 4.4.

Then I guess that we have to remove the needs_kconfig before pushing,
right?

-- 
Cyril Hrubis
chrubis@suse.cz

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
  2021-08-25 12:20       ` Cyril Hrubis
@ 2021-08-25 14:15         ` Martin Doucha
  2021-08-26 11:43           ` Cyril Hrubis
  0 siblings, 1 reply; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 14:15 UTC (permalink / raw)
  To: ltp

On 25. 08. 21 14:20, Cyril Hrubis wrote:
> Hi!
>>> I think you dropped NS due to lack of CAN support on older kernels?
>>
>> Exactly. If I create a new network namespace, SAFE_SOCKET() will fail
>> with EAFNOSUPPORT on kernel 4.4.
> 
> Then I guess that we have to remove the needs_kconfig before pushing,
> right?

Yes, please. I forgot to remove needs_kconfig after rewriting setup()
and cleanup() 5 times...

-- 
Martin Doucha   mdoucha@suse.cz
QA Engineer for Software Maintenance
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
  2021-08-25 14:15         ` Martin Doucha
@ 2021-08-26 11:43           ` Cyril Hrubis
  0 siblings, 0 replies; 8+ messages in thread
From: Cyril Hrubis @ 2021-08-26 11:43 UTC (permalink / raw)
  To: ltp

Hi!
> > Then I guess that we have to remove the needs_kconfig before pushing,
> > right?
> 
> Yes, please. I forgot to remove needs_kconfig after rewriting setup()
> and cleanup() 5 times...

Pushed with the namspace requirements removed, thanks.

-- 
Cyril Hrubis
chrubis@suse.cz

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2021-08-26 11:43 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-25 10:42 [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function Martin Doucha
2021-08-25 10:42 ` [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE() Martin Doucha
2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
2021-08-25 11:40   ` Richard Palethorpe
2021-08-25 11:43     ` Martin Doucha
2021-08-25 12:20       ` Cyril Hrubis
2021-08-25 14:15         ` Martin Doucha
2021-08-26 11:43           ` Cyril Hrubis

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.