From: "Mickaël Salaün" <mic@digikod.net> To: linux-security-module@vger.kernel.org Cc: "Mickaël Salaün" <mic@digikod.net>, "Andreas Gruenbacher" <agruenba@redhat.com>, "Andy Lutomirski" <luto@amacapital.net>, "Andy Lutomirski" <luto@kernel.org>, "Arnd Bergmann" <arnd@arndb.de>, "Casey Schaufler" <casey@schaufler-ca.com>, "Daniel Borkmann" <daniel@iogearbox.net>, "David Drysdale" <drysdale@google.com>, "Eric Paris" <eparis@redhat.com>, "James Morris" <james.l.morris@oracle.com>, "Jeff Dike" <jdike@addtoit.com>, "Julien Tinnes" <jln@google.com>, "Kees Cook" <keescook@chromium.org>, "Michael Kerrisk" <mtk@man7.org>, "Paul Moore" <pmoore@redhat.com>, "Richard Weinberger" <richard@nod.at>, "Serge E . Hallyn" <serge@hallyn.com>, "Shuah Khan" <shuahkh@osg.samsung.com>, "Stephen Smalley" <sds@tycho.nsa.gov>, "Tetsuo Handa" <penguin-kernel@I-love.SAKURA.ne.jp>, "Will Drewry" <wad@chromium.org>, linux-api@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH 1/2] selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC Date: Tue, 29 Mar 2016 20:46:07 +0200 [thread overview] Message-ID: <1459277167-9973-1-git-send-email-mic@digikod.net> (raw) In-Reply-To: <56FAA0CC.2050201@osg.samsung.com> Rename SECCOMP_FLAG_FILTER_TSYNC to SECCOMP_FILTER_FLAG_TSYNC to match the UAPI. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> --- tools/testing/selftests/seccomp/seccomp_bpf.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index b9453b838162..9c1460f277c2 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -1497,8 +1497,8 @@ TEST_F(TRACE_syscall, syscall_dropped) #define SECCOMP_SET_MODE_FILTER 1 #endif -#ifndef SECCOMP_FLAG_FILTER_TSYNC -#define SECCOMP_FLAG_FILTER_TSYNC 1 +#ifndef SECCOMP_FILTER_FLAG_TSYNC +#define SECCOMP_FILTER_FLAG_TSYNC 1 #endif #ifndef seccomp @@ -1613,7 +1613,7 @@ TEST(TSYNC_first) TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &prog); ASSERT_NE(ENOSYS, errno) { TH_LOG("Kernel does not support seccomp syscall!"); @@ -1831,7 +1831,7 @@ TEST_F(TSYNC, two_siblings_with_ancestor) self->sibling_count++; } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(0, ret) { TH_LOG("Could install filter on all threads!"); @@ -1892,7 +1892,7 @@ TEST_F(TSYNC, two_siblings_with_no_filter) TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_NE(ENOSYS, errno) { TH_LOG("Kernel does not support seccomp syscall!"); @@ -1940,7 +1940,7 @@ TEST_F(TSYNC, two_siblings_with_one_divergence) self->sibling_count++; } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(self->sibling[0].system_tid, ret) { TH_LOG("Did not fail on diverged sibling."); @@ -1992,7 +1992,7 @@ TEST_F(TSYNC, two_siblings_not_under_filter) TH_LOG("Kernel does not support SECCOMP_SET_MODE_FILTER!"); } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(ret, self->sibling[0].system_tid) { TH_LOG("Did not fail on diverged sibling."); @@ -2021,7 +2021,7 @@ TEST_F(TSYNC, two_siblings_not_under_filter) /* Switch to the remaining sibling */ sib = !sib; - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(0, ret) { TH_LOG("Expected the remaining sibling to sync"); @@ -2044,7 +2044,7 @@ TEST_F(TSYNC, two_siblings_not_under_filter) while (!kill(self->sibling[sib].system_tid, 0)) sleep(0.1); - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(0, ret); /* just us chickens */ } -- 2.8.0.rc3
WARNING: multiple messages have this Message-ID (diff)
From: "Mickaël Salaün" <mic@digikod.net> To: linux-security-module@vger.kernel.org Cc: "Mickaël Salaün" <mic@digikod.net>, "Andreas Gruenbacher" <agruenba@redhat.com>, "Andy Lutomirski" <luto@amacapital.net>, "Andy Lutomirski" <luto@kernel.org>, "Arnd Bergmann" <arnd@arndb.de>, "Casey Schaufler" <casey@schaufler-ca.com>, "Daniel Borkmann" <daniel@iogearbox.net>, "David Drysdale" <drysdale@google.com>, "Eric Paris" <eparis@redhat.com>, "James Morris" <james.l.morris@oracle.com>, "Jeff Dike" <jdike@addtoit.com>, "Julien Tinnes" <jln@google.com>, "Kees Cook" <keescook@chromium.org>, "Michael Kerrisk" <mtk@man7.org>, "Paul Moore" <pmoore@redhat.com>, "Richard Weinberger" <richard@nod.at>, "Serge E . Hallyn" <serge@hallyn.com>, "Shuah Khan" <shuahkh@osg.samsung.com>, "Stephen Smalley" <sds@tycho.nsa.gov>, "Tetsuo Handa" <penguin-kernel@I-love.SAKURA.ne.jp>, "Will Drewry" <wad@chromium.org>, linux-api@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [kernel-hardening] [PATCH 1/2] selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC Date: Tue, 29 Mar 2016 20:46:07 +0200 [thread overview] Message-ID: <1459277167-9973-1-git-send-email-mic@digikod.net> (raw) In-Reply-To: <56FAA0CC.2050201@osg.samsung.com> Rename SECCOMP_FLAG_FILTER_TSYNC to SECCOMP_FILTER_FLAG_TSYNC to match the UAPI. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> --- tools/testing/selftests/seccomp/seccomp_bpf.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index b9453b838162..9c1460f277c2 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -1497,8 +1497,8 @@ TEST_F(TRACE_syscall, syscall_dropped) #define SECCOMP_SET_MODE_FILTER 1 #endif -#ifndef SECCOMP_FLAG_FILTER_TSYNC -#define SECCOMP_FLAG_FILTER_TSYNC 1 +#ifndef SECCOMP_FILTER_FLAG_TSYNC +#define SECCOMP_FILTER_FLAG_TSYNC 1 #endif #ifndef seccomp @@ -1613,7 +1613,7 @@ TEST(TSYNC_first) TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &prog); ASSERT_NE(ENOSYS, errno) { TH_LOG("Kernel does not support seccomp syscall!"); @@ -1831,7 +1831,7 @@ TEST_F(TSYNC, two_siblings_with_ancestor) self->sibling_count++; } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(0, ret) { TH_LOG("Could install filter on all threads!"); @@ -1892,7 +1892,7 @@ TEST_F(TSYNC, two_siblings_with_no_filter) TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_NE(ENOSYS, errno) { TH_LOG("Kernel does not support seccomp syscall!"); @@ -1940,7 +1940,7 @@ TEST_F(TSYNC, two_siblings_with_one_divergence) self->sibling_count++; } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(self->sibling[0].system_tid, ret) { TH_LOG("Did not fail on diverged sibling."); @@ -1992,7 +1992,7 @@ TEST_F(TSYNC, two_siblings_not_under_filter) TH_LOG("Kernel does not support SECCOMP_SET_MODE_FILTER!"); } - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(ret, self->sibling[0].system_tid) { TH_LOG("Did not fail on diverged sibling."); @@ -2021,7 +2021,7 @@ TEST_F(TSYNC, two_siblings_not_under_filter) /* Switch to the remaining sibling */ sib = !sib; - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(0, ret) { TH_LOG("Expected the remaining sibling to sync"); @@ -2044,7 +2044,7 @@ TEST_F(TSYNC, two_siblings_not_under_filter) while (!kill(self->sibling[sib].system_tid, 0)) sleep(0.1); - ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FLAG_FILTER_TSYNC, + ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &self->apply_prog); ASSERT_EQ(0, ret); /* just us chickens */ } -- 2.8.0.rc3
next prev parent reply other threads:[~2016-03-29 18:46 UTC|newest] Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-03-24 1:46 [RFC v1 00/17] seccomp-object: From attack surface reduction to sandboxing Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 1:46 ` [RFC v1 01/17] um: Export the sys_call_table Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 1:46 ` [RFC v1 02/17] seccomp: Fix typo Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 1:46 ` [RFC v1 03/17] selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün [not found] ` <1458784008-16277-4-git-send-email-mic-WFhQfpSGs3bR7s880joybQ@public.gmane.org> 2016-03-24 4:35 ` Kees Cook 2016-03-24 4:35 ` [kernel-hardening] " Kees Cook 2016-03-29 15:35 ` Shuah Khan 2016-03-29 15:35 ` [kernel-hardening] " Shuah Khan 2016-03-29 18:46 ` Mickaël Salaün [this message] 2016-03-29 18:46 ` [kernel-hardening] [PATCH 1/2] " Mickaël Salaün 2016-03-29 19:06 ` Shuah Khan 2016-03-29 19:06 ` [kernel-hardening] " Shuah Khan 2016-03-24 1:46 ` [RFC v1 04/17] selftest/seccomp: Fix the seccomp(2) signature Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün [not found] ` <1458784008-16277-5-git-send-email-mic-WFhQfpSGs3bR7s880joybQ@public.gmane.org> 2016-03-24 4:36 ` Kees Cook 2016-03-24 4:36 ` [kernel-hardening] " Kees Cook 2016-03-29 15:38 ` Shuah Khan 2016-03-29 15:38 ` [kernel-hardening] " Shuah Khan 2016-03-29 18:51 ` [PATCH 2/2] " Mickaël Salaün 2016-03-29 18:51 ` [kernel-hardening] " Mickaël Salaün [not found] ` <1459277509-10666-1-git-send-email-mic-WFhQfpSGs3bR7s880joybQ@public.gmane.org> 2016-03-29 19:07 ` Shuah Khan 2016-03-29 19:07 ` [kernel-hardening] " Shuah Khan 2016-03-24 1:46 ` [RFC v1 05/17] security/seccomp: Add LSM and create arrays of syscall metadata Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 15:47 ` Casey Schaufler 2016-03-24 15:47 ` [kernel-hardening] " Casey Schaufler 2016-03-24 16:01 ` Casey Schaufler 2016-03-24 16:01 ` [kernel-hardening] " Casey Schaufler [not found] ` <56F40F3F.90708-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org> 2016-03-24 21:31 ` Mickaël Salaün 2016-03-24 21:31 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 1:46 ` [RFC v1 06/17] seccomp: Add the SECCOMP_ADD_CHECKER_GROUP command Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 1:46 ` [RFC v1 07/17] seccomp: Add seccomp object checker evaluation Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 1:46 ` [RFC v1 08/17] selftest/seccomp: Remove unknown_ret_is_kill_above_allow test Mickaël Salaün 2016-03-24 1:46 ` [kernel-hardening] " Mickaël Salaün 2016-04-20 18:21 ` [RFC v1 00/17] seccomp-object: From attack surface reduction to sandboxing Mickaël Salaün 2016-04-20 18:21 ` [kernel-hardening] " Mickaël Salaün 2016-04-26 22:46 ` Kees Cook 2016-04-26 22:46 ` [kernel-hardening] " Kees Cook [not found] ` <1458784008-16277-1-git-send-email-mic-WFhQfpSGs3bR7s880joybQ@public.gmane.org> 2016-03-24 2:53 ` [RFC v1 09/17] selftest/seccomp: Extend seccomp_data until matches[6] Mickaël Salaün 2016-03-24 2:53 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:53 ` [RFC v1 11/17] selftest/seccomp: Add argeval_open_whitelist test Mickaël Salaün 2016-03-24 2:53 ` [kernel-hardening] " Mickaël Salaün [not found] ` <1458788042-26173-1-git-send-email-mic-WFhQfpSGs3bR7s880joybQ@public.gmane.org> 2016-03-24 2:53 ` [RFC v1 10/17] selftest/seccomp: Add field_is_valid_syscall test Mickaël Salaün 2016-03-24 2:53 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:53 ` [RFC v1 12/17] audit,seccomp: Extend audit with seccomp state Mickaël Salaün 2016-03-24 2:53 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:53 ` [RFC v1 13/17] selftest/seccomp: Rename TRACE_poke to TRACE_poke_sys_read Mickaël Salaün 2016-03-24 2:53 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:53 ` [RFC v1 14/17] selftest/seccomp: Make tracer_poke() more generic Mickaël Salaün 2016-03-24 2:53 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:54 ` [RFC v1 15/17] selftest/seccomp: Add argeval_toctou_argument test Mickaël Salaün 2016-03-24 2:54 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:54 ` [RFC v1 16/17] security/seccomp: Protect against filesystem TOCTOU Mickaël Salaün 2016-03-24 2:54 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 2:54 ` [RFC v1 17/17] selftest/seccomp: Add argeval_toctou_filesystem test Mickaël Salaün 2016-03-24 2:54 ` [kernel-hardening] " Mickaël Salaün 2016-03-24 16:24 ` [RFC v1 00/17] seccomp-object: From attack surface reduction to sandboxing Kees Cook 2016-03-24 16:24 ` [kernel-hardening] " Kees Cook [not found] ` <CAGXu5jLModth62F8PsFfNVCL=7PrAd+kT_NEsMP5WwOJvLS8EQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2016-03-27 5:03 ` Loganaden Velvindron 2016-03-27 5:03 ` Loganaden Velvindron 2016-04-28 2:36 ` Kees Cook 2016-04-28 2:36 ` [kernel-hardening] " Kees Cook 2016-04-28 23:45 ` Mickaël Salaün 2016-04-28 23:45 ` [kernel-hardening] " Mickaël Salaün 2016-05-21 12:58 ` Mickaël Salaün 2016-05-21 12:58 ` [kernel-hardening] " Mickaël Salaün 2016-05-02 22:19 ` James Morris 2016-05-02 22:19 ` [kernel-hardening] " James Morris [not found] ` <CAGXu5jK1U12vMk11HD_x_gNz3Rk4ZgEfdThY7DHvm4e4sPRh4g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2016-05-21 15:19 ` Daniel Borkmann 2016-05-21 15:19 ` [kernel-hardening] " Daniel Borkmann [not found] ` <57407C98.3090508-FeC+5ew28dpmcu3hnIyYJQ@public.gmane.org> 2016-05-22 21:30 ` Mickaël Salaün 2016-05-22 21:30 ` [kernel-hardening] " Mickaël Salaün
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1459277167-9973-1-git-send-email-mic@digikod.net \ --to=mic@digikod.net \ --cc=agruenba@redhat.com \ --cc=arnd@arndb.de \ --cc=casey@schaufler-ca.com \ --cc=daniel@iogearbox.net \ --cc=drysdale@google.com \ --cc=eparis@redhat.com \ --cc=james.l.morris@oracle.com \ --cc=jdike@addtoit.com \ --cc=jln@google.com \ --cc=keescook@chromium.org \ --cc=kernel-hardening@lists.openwall.com \ --cc=linux-api@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=luto@amacapital.net \ --cc=luto@kernel.org \ --cc=mtk@man7.org \ --cc=penguin-kernel@I-love.SAKURA.ne.jp \ --cc=pmoore@redhat.com \ --cc=richard@nod.at \ --cc=sds@tycho.nsa.gov \ --cc=serge@hallyn.com \ --cc=shuahkh@osg.samsung.com \ --cc=wad@chromium.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.