* [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function
@ 2021-08-25 10:42 Martin Doucha
2021-08-25 10:42 ` [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE() Martin Doucha
2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
0 siblings, 2 replies; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 10:42 UTC (permalink / raw)
To: ltp
Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
doc/network-c-api.txt | 4 ++++
include/tst_netdevice.h | 5 +++++
lib/tst_netdevice.c | 44 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 53 insertions(+)
diff --git a/doc/network-c-api.txt b/doc/network-c-api.txt
index 145836a81..f24614fd8 100644
--- a/doc/network-c-api.txt
+++ b/doc/network-c-api.txt
@@ -162,6 +162,10 @@ stage.
on success, 0 on error. Add +"CONFIG_VETH"+ to +test.needs_kconfigs+ if your
test calls this function.
+- +int NETDEV_ADD_DEVICE(const char *ifname, const char *devtype)+ - Creates
+ a new network device named +ifname+ of specified device type. Returns 1 on
+ success, 0 on error.
+
- +int REMOVE_NETDEV(const char *ifname)+ ? Removes network device +ifname+.
Returns 1 on success, 0 on error.
diff --git a/include/tst_netdevice.h b/include/tst_netdevice.h
index 3a6698731..0bd33765b 100644
--- a/include/tst_netdevice.h
+++ b/include/tst_netdevice.h
@@ -23,6 +23,11 @@ int tst_create_veth_pair(const char *file, const int lineno,
#define CREATE_VETH_PAIR(ifname1, ifname2) \
tst_create_veth_pair(__FILE__, __LINE__, (ifname1), (ifname2))
+int tst_netdev_add_device(const char *file, const int lineno,
+ const char *ifname, const char *devtype);
+#define NETDEV_ADD_DEVICE(ifname, devtype) \
+ tst_netdev_add_device(__FILE__, __LINE__, (ifname), (devtype))
+
int tst_remove_netdev(const char *file, const int lineno, const char *ifname);
#define REMOVE_NETDEV(ifname) tst_remove_netdev(__FILE__, __LINE__, (ifname))
diff --git a/lib/tst_netdevice.c b/lib/tst_netdevice.c
index a4bc22635..9a8c622e2 100644
--- a/lib/tst_netdevice.c
+++ b/lib/tst_netdevice.c
@@ -157,6 +157,50 @@ int tst_create_veth_pair(const char *file, const int lineno,
return ret;
}
+int tst_netdev_add_device(const char *file, const int lineno,
+ const char *ifname, const char *devtype)
+{
+ int ret;
+ struct ifinfomsg info = { .ifi_family = AF_UNSPEC };
+ struct tst_rtnl_context *ctx;
+ struct tst_rtnl_attr_list attrs[] = {
+ {IFLA_IFNAME, ifname, strlen(ifname) + 1, NULL},
+ {IFLA_LINKINFO, NULL, 0, (const struct tst_rtnl_attr_list[]){
+ {IFLA_INFO_KIND, devtype, strlen(devtype), NULL},
+ {0, NULL, -1, NULL}
+ }},
+ {0, NULL, -1, NULL}
+ };
+
+ if (strlen(ifname) >= IFNAMSIZ) {
+ tst_brk_(file, lineno, TBROK,
+ "Network device name \"%s\" too long", ifname);
+ return 0;
+ }
+
+ ctx = create_request(file, lineno, RTM_NEWLINK,
+ NLM_F_CREATE | NLM_F_EXCL, &info, sizeof(info));
+
+ if (!ctx)
+ return 0;
+
+ if (tst_rtnl_add_attr_list(file, lineno, ctx, attrs) != 2) {
+ tst_rtnl_destroy_context(file, lineno, ctx);
+ return 0;
+ }
+
+ ret = tst_rtnl_send_validate(file, lineno, ctx);
+ tst_rtnl_destroy_context(file, lineno, ctx);
+
+ if (!ret) {
+ tst_brk_(file, lineno, TBROK,
+ "Failed to create %s device %s: %s", devtype, ifname,
+ tst_strerrno(tst_rtnl_errno));
+ }
+
+ return ret;
+}
+
int tst_remove_netdev(const char *file, const int lineno, const char *ifname)
{
struct ifinfomsg info = { .ifi_family = AF_UNSPEC };
--
2.32.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE()
2021-08-25 10:42 [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function Martin Doucha
@ 2021-08-25 10:42 ` Martin Doucha
2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
1 sibling, 0 replies; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 10:42 UTC (permalink / raw)
To: ltp
Use the same naming style as in the rest of netdevice library.
Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
doc/network-c-api.txt | 4 ++--
include/tst_netdevice.h | 6 ++++--
lib/tst_netdevice.c | 3 ++-
3 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/doc/network-c-api.txt b/doc/network-c-api.txt
index f24614fd8..e910d159f 100644
--- a/doc/network-c-api.txt
+++ b/doc/network-c-api.txt
@@ -166,8 +166,8 @@ stage.
a new network device named +ifname+ of specified device type. Returns 1 on
success, 0 on error.
-- +int REMOVE_NETDEV(const char *ifname)+ ? Removes network device +ifname+.
- Returns 1 on success, 0 on error.
+- +int NETDEV_REMOVE_DEVICE(const char *ifname)+ ? Removes network device
+ +ifname+. Returns 1 on success, 0 on error.
2.2 Network address management
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/include/tst_netdevice.h b/include/tst_netdevice.h
index 0bd33765b..f02661208 100644
--- a/include/tst_netdevice.h
+++ b/include/tst_netdevice.h
@@ -28,8 +28,10 @@ int tst_netdev_add_device(const char *file, const int lineno,
#define NETDEV_ADD_DEVICE(ifname, devtype) \
tst_netdev_add_device(__FILE__, __LINE__, (ifname), (devtype))
-int tst_remove_netdev(const char *file, const int lineno, const char *ifname);
-#define REMOVE_NETDEV(ifname) tst_remove_netdev(__FILE__, __LINE__, (ifname))
+int tst_netdev_remove_device(const char *file, const int lineno,
+ const char *ifname);
+#define NETDEV_REMOVE_DEVICE(ifname) \
+ tst_netdev_remove_device(__FILE__, __LINE__, (ifname))
int tst_netdev_add_address(const char *file, const int lineno,
const char *ifname, unsigned int family, const void *address,
diff --git a/lib/tst_netdevice.c b/lib/tst_netdevice.c
index 9a8c622e2..ba9a55b70 100644
--- a/lib/tst_netdevice.c
+++ b/lib/tst_netdevice.c
@@ -201,7 +201,8 @@ int tst_netdev_add_device(const char *file, const int lineno,
return ret;
}
-int tst_remove_netdev(const char *file, const int lineno, const char *ifname)
+int tst_netdev_remove_device(const char *file, const int lineno,
+ const char *ifname)
{
struct ifinfomsg info = { .ifi_family = AF_UNSPEC };
struct tst_rtnl_context *ctx;
--
2.32.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
2021-08-25 10:42 [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function Martin Doucha
2021-08-25 10:42 ` [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE() Martin Doucha
@ 2021-08-25 10:43 ` Martin Doucha
2021-08-25 11:40 ` Richard Palethorpe
1 sibling, 1 reply; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 10:43 UTC (permalink / raw)
To: ltp
Fixes #863
Signed-off-by: Martin Doucha <mdoucha@suse.cz>
---
runtest/can | 1 +
runtest/cve | 1 +
testcases/network/can/cve/.gitignore | 1 +
testcases/network/can/cve/Makefile | 10 ++
testcases/network/can/cve/can_bcm01.c | 161 ++++++++++++++++++++++++++
5 files changed, 174 insertions(+)
create mode 100644 testcases/network/can/cve/.gitignore
create mode 100644 testcases/network/can/cve/Makefile
create mode 100644 testcases/network/can/cve/can_bcm01.c
diff --git a/runtest/can b/runtest/can
index b637183c6..23cbf9acd 100644
--- a/runtest/can
+++ b/runtest/can
@@ -1,2 +1,3 @@
can_filter can_filter
can_rcv_own_msgs can_rcv_own_msgs
+can_bcm01 can_bcm01
diff --git a/runtest/cve b/runtest/cve
index c27f58d8d..449f5ad7e 100644
--- a/runtest/cve
+++ b/runtest/cve
@@ -66,6 +66,7 @@ cve-2020-14416 pty03
cve-2020-25705 icmp_rate_limit01
cve-2020-29373 io_uring02
cve-2021-3444 bpf_prog05
+cve-2021-6309 can_bcm01
cve-2021-22555 setsockopt08 -i 100
cve-2021-26708 vsock01
# Tests below may cause kernel memory leak
diff --git a/testcases/network/can/cve/.gitignore b/testcases/network/can/cve/.gitignore
new file mode 100644
index 000000000..3d138b0b4
--- /dev/null
+++ b/testcases/network/can/cve/.gitignore
@@ -0,0 +1 @@
+/can_bcm01
diff --git a/testcases/network/can/cve/Makefile b/testcases/network/can/cve/Makefile
new file mode 100644
index 000000000..86f84e9f2
--- /dev/null
+++ b/testcases/network/can/cve/Makefile
@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+top_srcdir ?= ../../../..
+
+include $(top_srcdir)/include/mk/testcases.mk
+
+can_bcm01: CFLAGS += -pthread
+can_bcm01: LDLIBS += -lrt
+
+include $(top_srcdir)/include/mk/generic_leaf_target.mk
diff --git a/testcases/network/can/cve/can_bcm01.c b/testcases/network/can/cve/can_bcm01.c
new file mode 100644
index 000000000..b1816e6c2
--- /dev/null
+++ b/testcases/network/can/cve/can_bcm01.c
@@ -0,0 +1,161 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2020 SUSE LLC <mdoucha@suse.cz>
+ *
+ * CVE-2021-3609
+ *
+ * Test for race condition vulnerability in CAN BCM. Fixed in:
+ *
+ * commit d5f9023fa61ee8b94f37a93f08e94b136cf1e463
+ * Author: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
+ * Date: Sat Jun 19 13:18:13 2021 -0300
+ *
+ * can: bcm: delay release of struct bcm_op after synchronize_rcu()
+ */
+
+#include "config.h"
+#include "tst_test.h"
+
+#ifdef HAVE_LINUX_CAN_H
+
+#include <linux/can.h>
+#include <linux/can/bcm.h>
+
+#include "tst_netdevice.h"
+#include "tst_fuzzy_sync.h"
+
+#define LTP_DEVICE "ltp_vcan0"
+
+struct test_payload {
+ struct bcm_msg_head head;
+ struct can_frame frame;
+};
+
+static int sock1 = -1, sock2 = -1;
+static struct tst_fzsync_pair fzsync_pair;
+
+static void setup(void)
+{
+ struct sockaddr_can addr = { .can_family = AF_CAN };
+
+ /*
+ * Older kernels require explicit modprobe of vcan. Newer kernels
+ * will load the modules automatically and support CAN in network
+ * namespace which would eliminate the need for running the test
+ * with root privileges.
+ */
+ tst_cmd((const char*[]){"modprobe", "vcan", NULL}, NULL, NULL, 0);
+
+ NETDEV_ADD_DEVICE(LTP_DEVICE, "vcan");
+ NETDEV_SET_STATE(LTP_DEVICE, 1);
+ addr.can_ifindex = NETDEV_INDEX_BY_NAME(LTP_DEVICE);
+ addr.can_addr.tp.rx_id = 1;
+ sock1 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
+ SAFE_CONNECT(sock1, (struct sockaddr *)&addr, sizeof(addr));
+
+ fzsync_pair.exec_loops = 100000;
+ tst_fzsync_pair_init(&fzsync_pair);
+}
+
+static void *thread_run(void *arg)
+{
+ struct test_payload data = {
+ {
+ .opcode = TX_SEND,
+ .flags = RX_NO_AUTOTIMER,
+ .count = -1,
+ .nframes = 1
+ },
+ {0}
+ };
+ struct iovec iov = {
+ .iov_base = &data,
+ .iov_len = sizeof(data)
+ };
+ struct msghdr msg = {
+ .msg_iov = &iov,
+ .msg_iovlen = 1
+ };
+
+ while (tst_fzsync_run_b(&fzsync_pair)) {
+ tst_fzsync_start_race_b(&fzsync_pair);
+ SAFE_SENDMSG(iov.iov_len, sock1, &msg, 0);
+ tst_fzsync_end_race_b(&fzsync_pair);
+ }
+
+ return arg;
+}
+
+static void run(void)
+{
+ struct sockaddr_can addr = { .can_family = AF_CAN };
+ struct bcm_msg_head data = {
+ .opcode = RX_SETUP,
+ .flags = RX_FILTER_ID | SETTIMER | STARTTIMER,
+ .ival1.tv_sec = 1,
+ .ival2.tv_sec = 1
+ };
+ struct iovec iov = {
+ .iov_base = &data,
+ .iov_len = sizeof(data)
+ };
+ struct msghdr msg = {
+ .msg_iov = &iov,
+ .msg_iovlen = 1,
+ };
+
+ tst_fzsync_pair_reset(&fzsync_pair, thread_run);
+
+ while (tst_fzsync_run_a(&fzsync_pair)) {
+ sock2 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
+ SAFE_CONNECT(sock2, (struct sockaddr *)&addr, sizeof(addr));
+ SAFE_SENDMSG(iov.iov_len, sock2, &msg, 0);
+ tst_fzsync_start_race_a(&fzsync_pair);
+ SAFE_CLOSE(sock2);
+ tst_fzsync_end_race_a(&fzsync_pair);
+ }
+
+ tst_res(TPASS, "Nothing bad happened, probably");
+}
+
+static void cleanup(void)
+{
+ tst_fzsync_pair_cleanup(&fzsync_pair);
+
+ if (sock1 >= 0)
+ SAFE_CLOSE(sock1);
+
+ if (sock2 >= 0)
+ SAFE_CLOSE(sock2);
+
+ NETDEV_REMOVE_DEVICE(LTP_DEVICE);
+}
+
+static struct tst_test test = {
+ .test_all = run,
+ .setup = setup,
+ .cleanup = cleanup,
+ .taint_check = TST_TAINT_W | TST_TAINT_D,
+ .needs_root = 1,
+ .needs_kconfigs = (const char *[]) {
+ "CONFIG_USER_NS=y",
+ "CONFIG_NET_NS=y",
+ NULL
+ },
+ .needs_drivers = (const char *const[]) {
+ "vcan",
+ "can-bcm",
+ NULL
+ },
+ .tags = (const struct tst_tag[]) {
+ {"linux-git", "d5f9023fa61e"},
+ {"CVE", "2021-3609"},
+ {}
+ }
+};
+
+#else
+
+TST_TEST_TCONF("The test was built without <linux/can.h>");
+
+#endif /* HAVE_LINUX_CAN_H */
--
2.32.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
@ 2021-08-25 11:40 ` Richard Palethorpe
2021-08-25 11:43 ` Martin Doucha
0 siblings, 1 reply; 8+ messages in thread
From: Richard Palethorpe @ 2021-08-25 11:40 UTC (permalink / raw)
To: ltp
Hello Martin,
Martin Doucha <mdoucha@suse.cz> writes:
> Fixes #863
>
> Signed-off-by: Martin Doucha <mdoucha@suse.cz>
> ---
> runtest/can | 1 +
> runtest/cve | 1 +
> testcases/network/can/cve/.gitignore | 1 +
> testcases/network/can/cve/Makefile | 10 ++
> testcases/network/can/cve/can_bcm01.c | 161 ++++++++++++++++++++++++++
> 5 files changed, 174 insertions(+)
> create mode 100644 testcases/network/can/cve/.gitignore
> create mode 100644 testcases/network/can/cve/Makefile
> create mode 100644 testcases/network/can/cve/can_bcm01.c
>
> diff --git a/runtest/can b/runtest/can
> index b637183c6..23cbf9acd 100644
> --- a/runtest/can
> +++ b/runtest/can
> @@ -1,2 +1,3 @@
> can_filter can_filter
> can_rcv_own_msgs can_rcv_own_msgs
> +can_bcm01 can_bcm01
> diff --git a/runtest/cve b/runtest/cve
> index c27f58d8d..449f5ad7e 100644
> --- a/runtest/cve
> +++ b/runtest/cve
> @@ -66,6 +66,7 @@ cve-2020-14416 pty03
> cve-2020-25705 icmp_rate_limit01
> cve-2020-29373 io_uring02
> cve-2021-3444 bpf_prog05
> +cve-2021-6309 can_bcm01
> cve-2021-22555 setsockopt08 -i 100
> cve-2021-26708 vsock01
> # Tests below may cause kernel memory leak
> diff --git a/testcases/network/can/cve/.gitignore b/testcases/network/can/cve/.gitignore
> new file mode 100644
> index 000000000..3d138b0b4
> --- /dev/null
> +++ b/testcases/network/can/cve/.gitignore
> @@ -0,0 +1 @@
> +/can_bcm01
> diff --git a/testcases/network/can/cve/Makefile b/testcases/network/can/cve/Makefile
> new file mode 100644
> index 000000000..86f84e9f2
> --- /dev/null
> +++ b/testcases/network/can/cve/Makefile
> @@ -0,0 +1,10 @@
> +# SPDX-License-Identifier: GPL-2.0-or-later
> +
> +top_srcdir ?= ../../../..
> +
> +include $(top_srcdir)/include/mk/testcases.mk
> +
> +can_bcm01: CFLAGS += -pthread
> +can_bcm01: LDLIBS += -lrt
> +
> +include $(top_srcdir)/include/mk/generic_leaf_target.mk
> diff --git a/testcases/network/can/cve/can_bcm01.c b/testcases/network/can/cve/can_bcm01.c
> new file mode 100644
> index 000000000..b1816e6c2
> --- /dev/null
> +++ b/testcases/network/can/cve/can_bcm01.c
> @@ -0,0 +1,161 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2020 SUSE LLC <mdoucha@suse.cz>
> + *
> + * CVE-2021-3609
> + *
> + * Test for race condition vulnerability in CAN BCM. Fixed in:
> + *
> + * commit d5f9023fa61ee8b94f37a93f08e94b136cf1e463
> + * Author: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
> + * Date: Sat Jun 19 13:18:13 2021 -0300
> + *
> + * can: bcm: delay release of struct bcm_op after synchronize_rcu()
> + */
> +
> +#include "config.h"
> +#include "tst_test.h"
> +
> +#ifdef HAVE_LINUX_CAN_H
> +
> +#include <linux/can.h>
> +#include <linux/can/bcm.h>
> +
> +#include "tst_netdevice.h"
> +#include "tst_fuzzy_sync.h"
> +
> +#define LTP_DEVICE "ltp_vcan0"
> +
> +struct test_payload {
> + struct bcm_msg_head head;
> + struct can_frame frame;
> +};
> +
> +static int sock1 = -1, sock2 = -1;
> +static struct tst_fzsync_pair fzsync_pair;
> +
> +static void setup(void)
> +{
> + struct sockaddr_can addr = { .can_family = AF_CAN };
> +
> + /*
> + * Older kernels require explicit modprobe of vcan. Newer kernels
> + * will load the modules automatically and support CAN in network
> + * namespace which would eliminate the need for running the test
> + * with root privileges.
> + */
> + tst_cmd((const char*[]){"modprobe", "vcan", NULL}, NULL, NULL, 0);
> +
> + NETDEV_ADD_DEVICE(LTP_DEVICE, "vcan");
> + NETDEV_SET_STATE(LTP_DEVICE, 1);
> + addr.can_ifindex = NETDEV_INDEX_BY_NAME(LTP_DEVICE);
> + addr.can_addr.tp.rx_id = 1;
> + sock1 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
> + SAFE_CONNECT(sock1, (struct sockaddr *)&addr, sizeof(addr));
> +
> + fzsync_pair.exec_loops = 100000;
> + tst_fzsync_pair_init(&fzsync_pair);
> +}
> +
> +static void *thread_run(void *arg)
> +{
> + struct test_payload data = {
> + {
> + .opcode = TX_SEND,
> + .flags = RX_NO_AUTOTIMER,
> + .count = -1,
> + .nframes = 1
> + },
> + {0}
> + };
> + struct iovec iov = {
> + .iov_base = &data,
> + .iov_len = sizeof(data)
> + };
> + struct msghdr msg = {
> + .msg_iov = &iov,
> + .msg_iovlen = 1
> + };
> +
> + while (tst_fzsync_run_b(&fzsync_pair)) {
> + tst_fzsync_start_race_b(&fzsync_pair);
> + SAFE_SENDMSG(iov.iov_len, sock1, &msg, 0);
> + tst_fzsync_end_race_b(&fzsync_pair);
> + }
> +
> + return arg;
> +}
> +
> +static void run(void)
> +{
> + struct sockaddr_can addr = { .can_family = AF_CAN };
> + struct bcm_msg_head data = {
> + .opcode = RX_SETUP,
> + .flags = RX_FILTER_ID | SETTIMER | STARTTIMER,
> + .ival1.tv_sec = 1,
> + .ival2.tv_sec = 1
> + };
> + struct iovec iov = {
> + .iov_base = &data,
> + .iov_len = sizeof(data)
> + };
> + struct msghdr msg = {
> + .msg_iov = &iov,
> + .msg_iovlen = 1,
> + };
> +
> + tst_fzsync_pair_reset(&fzsync_pair, thread_run);
> +
> + while (tst_fzsync_run_a(&fzsync_pair)) {
> + sock2 = SAFE_SOCKET(AF_CAN, SOCK_DGRAM, CAN_BCM);
> + SAFE_CONNECT(sock2, (struct sockaddr *)&addr, sizeof(addr));
> + SAFE_SENDMSG(iov.iov_len, sock2, &msg, 0);
> + tst_fzsync_start_race_a(&fzsync_pair);
> + SAFE_CLOSE(sock2);
> + tst_fzsync_end_race_a(&fzsync_pair);
> + }
> +
> + tst_res(TPASS, "Nothing bad happened, probably");
> +}
> +
> +static void cleanup(void)
> +{
> + tst_fzsync_pair_cleanup(&fzsync_pair);
> +
> + if (sock1 >= 0)
> + SAFE_CLOSE(sock1);
> +
> + if (sock2 >= 0)
> + SAFE_CLOSE(sock2);
> +
> + NETDEV_REMOVE_DEVICE(LTP_DEVICE);
> +}
> +
> +static struct tst_test test = {
> + .test_all = run,
> + .setup = setup,
> + .cleanup = cleanup,
> + .taint_check = TST_TAINT_W | TST_TAINT_D,
> + .needs_root = 1,
> + .needs_kconfigs = (const char *[]) {
> + "CONFIG_USER_NS=y",
> + "CONFIG_NET_NS=y",
I think you dropped NS due to lack of CAN support on older kernels?
Otherwise LGTM!
--
Thank you,
Richard.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
2021-08-25 11:40 ` Richard Palethorpe
@ 2021-08-25 11:43 ` Martin Doucha
2021-08-25 12:20 ` Cyril Hrubis
0 siblings, 1 reply; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 11:43 UTC (permalink / raw)
To: ltp
On 25. 08. 21 13:40, Richard Palethorpe wrote:
> Hello Martin,
>
> I think you dropped NS due to lack of CAN support on older kernels?
Exactly. If I create a new network namespace, SAFE_SOCKET() will fail
with EAFNOSUPPORT on kernel 4.4.
--
Martin Doucha mdoucha@suse.cz
QA Engineer for Software Maintenance
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic
^ permalink raw reply [flat|nested] 8+ messages in thread
* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
2021-08-25 11:43 ` Martin Doucha
@ 2021-08-25 12:20 ` Cyril Hrubis
2021-08-25 14:15 ` Martin Doucha
0 siblings, 1 reply; 8+ messages in thread
From: Cyril Hrubis @ 2021-08-25 12:20 UTC (permalink / raw)
To: ltp
Hi!
> > I think you dropped NS due to lack of CAN support on older kernels?
>
> Exactly. If I create a new network namespace, SAFE_SOCKET() will fail
> with EAFNOSUPPORT on kernel 4.4.
Then I guess that we have to remove the needs_kconfig before pushing,
right?
--
Cyril Hrubis
chrubis@suse.cz
^ permalink raw reply [flat|nested] 8+ messages in thread
* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
2021-08-25 12:20 ` Cyril Hrubis
@ 2021-08-25 14:15 ` Martin Doucha
2021-08-26 11:43 ` Cyril Hrubis
0 siblings, 1 reply; 8+ messages in thread
From: Martin Doucha @ 2021-08-25 14:15 UTC (permalink / raw)
To: ltp
On 25. 08. 21 14:20, Cyril Hrubis wrote:
> Hi!
>>> I think you dropped NS due to lack of CAN support on older kernels?
>>
>> Exactly. If I create a new network namespace, SAFE_SOCKET() will fail
>> with EAFNOSUPPORT on kernel 4.4.
>
> Then I guess that we have to remove the needs_kconfig before pushing,
> right?
Yes, please. I forgot to remove needs_kconfig after rewriting setup()
and cleanup() 5 times...
--
Martin Doucha mdoucha@suse.cz
QA Engineer for Software Maintenance
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic
^ permalink raw reply [flat|nested] 8+ messages in thread
* [LTP] [PATCH 3/3] Add test for CVE 2021-3609
2021-08-25 14:15 ` Martin Doucha
@ 2021-08-26 11:43 ` Cyril Hrubis
0 siblings, 0 replies; 8+ messages in thread
From: Cyril Hrubis @ 2021-08-26 11:43 UTC (permalink / raw)
To: ltp
Hi!
> > Then I guess that we have to remove the needs_kconfig before pushing,
> > right?
>
> Yes, please. I forgot to remove needs_kconfig after rewriting setup()
> and cleanup() 5 times...
Pushed with the namspace requirements removed, thanks.
--
Cyril Hrubis
chrubis@suse.cz
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2021-08-26 11:43 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-25 10:42 [LTP] [PATCH 1/3] Add NETDEV_ADD_DEVICE() helper function Martin Doucha
2021-08-25 10:42 ` [LTP] [PATCH 2/3] Rename REMOVE_NETDEV() to NETDEV_REMOVE_DEVICE() Martin Doucha
2021-08-25 10:43 ` [LTP] [PATCH 3/3] Add test for CVE 2021-3609 Martin Doucha
2021-08-25 11:40 ` Richard Palethorpe
2021-08-25 11:43 ` Martin Doucha
2021-08-25 12:20 ` Cyril Hrubis
2021-08-25 14:15 ` Martin Doucha
2021-08-26 11:43 ` Cyril Hrubis
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.