* [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup @ 2017-08-23 11:00 Guangwen Feng 2017-08-23 11:00 ` [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng 2017-08-23 14:13 ` [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup Cyril Hrubis 0 siblings, 2 replies; 16+ messages in thread From: Guangwen Feng @ 2017-08-23 11:00 UTC (permalink / raw) To: ltp Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- testcases/kernel/syscalls/keyctl/keyctl01.c | 150 ++++++++++------------------ 1 file changed, 50 insertions(+), 100 deletions(-) diff --git a/testcases/kernel/syscalls/keyctl/keyctl01.c b/testcases/kernel/syscalls/keyctl/keyctl01.c index 6af8001..30d51bd 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl01.c +++ b/testcases/kernel/syscalls/keyctl/keyctl01.c @@ -1,121 +1,71 @@ -/****************************************************************************** - * Copyright (c) Crackerjack Project., 2007 * - * * - * This program is free software; you can redistribute it and/or modify * - * it under the terms of the GNU General Public License as published by * - * the Free Software Foundation; either version 2 of the License, or * - * (at your option) any later version. * - * * - * This program is distributed in the hope that it will be useful, * - * but WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * - * the GNU General Public License for more details. * - * * - * You should have received a copy of the GNU General Public License * - * along with this program; if not, write to the Free Software Foundation, * - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * - * * - ******************************************************************************/ +/* + * Copyright (c) Crackerjack Project., 2007 + * Copyright (c) 2017 Fujitsu Ltd. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See + * the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program, if not, see <http://www.gnu.org/licenses/>. + */ + /* * Description: This tests the keyctl() syscall * Manipulate the kernel's key management facility * - * History: Porting from Crackerjack to LTP is done by - * Manas Kumar Nayak maknayak@in.ibm.com> + * Ported by Manas Kumar Nayak maknayak@in.ibm.com> + * Modified by Guangwen Feng <fenggw-fnst@cn.fujitsu.com> */ -#include "config.h" -#include <sys/types.h> #include <errno.h> -#include <limits.h> -#include <stdio.h> #include <stdint.h> -#ifdef HAVE_LINUX_KEYCTL_H -# include <linux/keyctl.h> -#endif -#include "test.h" +#include "tst_test.h" #include "lapi/syscalls.h" +#include "lapi/keyctl.h" -char *TCID = "keyctl01"; -int testno; -int TST_TOTAL = 2; - -#ifdef HAVE_LINUX_KEYCTL_H - -static void cleanup(void) -{ - tst_rmdir(); -} - -static void setup(void) -{ - TEST_PAUSE; - tst_tmpdir(); -} +typedef int32_t key_serial_t; -int main(int ac, char **av) +static void do_test(void) { - int ret; - int lc; - int32_t ne_key; - - tst_parse_opts(ac, av, NULL, NULL); - - setup(); - - for (lc = 0; TEST_LOOPING(lc); lc++) { - - tst_count = 0; - - for (testno = 1; testno < TST_TOTAL; ++testno) { + key_serial_t key; - /* Call keyctl() and ask for a keyring's ID. */ - ret = ltp_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_USER_SESSION_KEYRING); - if (ret != -1) { - tst_resm(TPASS, - "KEYCTL_GET_KEYRING_ID succeeded"); - } else { - tst_resm(TFAIL | TERRNO, - "KEYCTL_GET_KEYRING_ID"); - } + TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, + KEY_SPEC_USER_SESSION_KEYRING)); - for (ne_key = INT32_MAX; ne_key > INT32_MIN; ne_key--) { - ret = ltp_syscall(__NR_keyctl, KEYCTL_READ, - ne_key); - if (ret == -1 && errno == ENOKEY) - break; - } + if (TEST_RETURN != -1) + tst_res(TPASS, "KEYCTL_GET_KEYRING_ID succeeded"); + else + tst_res(TFAIL | TTERRNO, "KEYCTL_GET_KEYRING_ID failed"); - /* Call keyctl. */ - ret = ltp_syscall(__NR_keyctl, KEYCTL_REVOKE, ne_key); - if (ret != -1) { - tst_resm(TFAIL | TERRNO, - "KEYCTL_REVOKE succeeded unexpectedly"); - } else { - /* Check for the correct error num. */ - if (errno == ENOKEY) { - tst_resm(TPASS | TERRNO, - "KEYCTL_REVOKE got expected " - "errno"); - } else { - tst_resm(TFAIL | TERRNO, - "KEYCTL_REVOKE got unexpected " - "errno"); - } + for (key = INT32_MAX; key > INT32_MIN; key--) { + TEST(tst_syscall(__NR_keyctl, KEYCTL_READ, key)); + if (TEST_RETURN == -1 && TEST_ERRNO == ENOKEY) + break; + } - } + TEST(tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key)); - } + if (TEST_RETURN != -1) { + tst_res(TFAIL, "KEYCTL_REVOKE succeeded unexpectedly"); + return; + } + if (TEST_ERRNO != ENOKEY) { + tst_res(TFAIL | TTERRNO, "KEYCTL_REVOKE failed unexpectedly"); + return; } - cleanup(); - tst_exit(); -} -#else -int main(void) -{ - tst_brkm(TCONF, NULL, "keyctl syscall support not available on system"); + + tst_res(TPASS | TTERRNO, "KEYCTL_REVOKE failed as expected"); } -#endif /* HAVE_LINUX_KEYCTL_H */ + +static struct tst_test test = { + .test_all = do_test, +}; -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-23 11:00 [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup Guangwen Feng @ 2017-08-23 11:00 ` Guangwen Feng 2017-08-23 14:18 ` Cyril Hrubis 2017-08-23 14:13 ` [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup Cyril Hrubis 1 sibling, 1 reply; 16+ messages in thread From: Guangwen Feng @ 2017-08-23 11:00 UTC (permalink / raw) To: ltp * keyctl02 and keyctl03 make use of lapi/keyctl.h * Add keyctl02 to the CVE runtest file as cve-2015-7550 Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- runtest/cve | 1 + testcases/kernel/syscalls/keyctl/Makefile | 3 +-- testcases/kernel/syscalls/keyctl/keyctl02.c | 21 ++++++++------------- testcases/kernel/syscalls/keyctl/keyctl03.c | 22 ++++++++++------------ 4 files changed, 20 insertions(+), 27 deletions(-) diff --git a/runtest/cve b/runtest/cve index 468f0b2..602f858 100644 --- a/runtest/cve +++ b/runtest/cve @@ -5,6 +5,7 @@ cve-2011-2496 vma03 cve-2012-0957 cve-2012-0957 cve-2014-0196 cve-2014-0196 cve-2015-0235 gethostbyname_r01 +cve-2015-7550 keyctl02 cve-2016-4997 cve-2016-4997 cve-2016-5195 dirtyc0w cve-2016-7042 cve-2016-7042 diff --git a/testcases/kernel/syscalls/keyctl/Makefile b/testcases/kernel/syscalls/keyctl/Makefile index bb3d3a4..b3f4f9a 100644 --- a/testcases/kernel/syscalls/keyctl/Makefile +++ b/testcases/kernel/syscalls/keyctl/Makefile @@ -18,8 +18,7 @@ top_srcdir ?= ../../../.. -keyctl02: LDLIBS +=-lpthread $(KEYUTILS_LIBS) -keyctl03: LDLIBS +=$(KEYUTILS_LIBS) +keyctl02: LDLIBS +=-lpthread include $(top_srcdir)/include/mk/testcases.mk diff --git a/testcases/kernel/syscalls/keyctl/keyctl02.c b/testcases/kernel/syscalls/keyctl/keyctl02.c index b783bf7..73ba25a 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl02.c +++ b/testcases/kernel/syscalls/keyctl/keyctl02.c @@ -35,17 +35,16 @@ * KEYS: Fix race between read and revoke */ -#include "config.h" #include <errno.h> #include <pthread.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif + #include "tst_safe_pthread.h" #include "tst_test.h" +#include "lapi/syscalls.h" +#include "lapi/keyctl.h" -#ifdef HAVE_KEYUTILS_H +typedef int32_t key_serial_t; #define LOOPS 20000 #define PATH_KEY_COUNT_QUOTA "/proc/sys/kernel/keys/root_maxkeys" @@ -57,7 +56,7 @@ static void *do_read(void *arg) key_serial_t key = (unsigned long)arg; char buffer[4] = { 0 }; - keyctl(KEYCTL_READ, key, buffer, 4); + tst_syscall(__NR_keyctl, KEYCTL_READ, key, buffer, 4); return NULL; } @@ -66,7 +65,7 @@ static void *do_revoke(void *arg) { key_serial_t key = (unsigned long)arg; - keyctl(KEYCTL_REVOKE, key); + tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key); return NULL; } @@ -78,8 +77,8 @@ static void do_test(void) pthread_t pth[4]; for (i = 0; i < LOOPS; i++) { - key = add_key("user", "ltptestkey", "foo", 3, - KEY_SPEC_PROCESS_KEYRING); + key = tst_syscall(__NR_add_key, "user", "ltptestkey", + "foo", 3, KEY_SPEC_PROCESS_KEYRING); if (key == -1) tst_brk(TBROK | TERRNO, "Failed to add key"); @@ -119,7 +118,3 @@ static struct tst_test test = { .cleanup = cleanup, .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl03.c b/testcases/kernel/syscalls/keyctl/keyctl03.c index 41d062e..bdc4b29 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl03.c +++ b/testcases/kernel/syscalls/keyctl/keyctl03.c @@ -28,27 +28,29 @@ * an uninstantiated keyring */ -#include "config.h" #include <errno.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif + #include "tst_test.h" +#include "lapi/syscalls.h" +#include "lapi/keyctl.h" -#ifdef HAVE_KEYUTILS_H +typedef int32_t key_serial_t; static void do_test(void) { key_serial_t key; - key = add_key("user", "ltptestkey", "a", 1, KEY_SPEC_SESSION_KEYRING); + key = tst_syscall(__NR_add_key, + "user", "ltptestkey", "a", 1, KEY_SPEC_SESSION_KEYRING); if (key == -1) tst_brk(TBROK, "Failed to add key"); - request_key("keyring", "foo", "bar", KEY_SPEC_THREAD_KEYRING); + tst_syscall(__NR_request_key, + "keyring", "foo", "bar", KEY_SPEC_THREAD_KEYRING); - TEST(keyctl(KEYCTL_UNLINK, key, KEY_SPEC_SESSION_KEYRING)); + TEST(tst_syscall(__NR_keyctl, + KEYCTL_UNLINK, key, KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN) tst_res(TFAIL | TTERRNO, "keyctl unlink failed"); else @@ -58,7 +60,3 @@ static void do_test(void) static struct tst_test test = { .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-23 11:00 ` [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng @ 2017-08-23 14:18 ` Cyril Hrubis 2017-08-24 13:25 ` Guangwen Feng 0 siblings, 1 reply; 16+ messages in thread From: Cyril Hrubis @ 2017-08-23 14:18 UTC (permalink / raw) To: ltp Hi! > - keyctl(KEYCTL_READ, key, buffer, 4); > + tst_syscall(__NR_keyctl, KEYCTL_READ, key, buffer, 4); What about we, instead of using raw syscall, defined fallback keyctl() and add_key() in the lapi/keyctl.h that would call the syscall? That way we would test the keyutils library if present but these tests will not be disabled otherwise. -- Cyril Hrubis chrubis@suse.cz ^ permalink raw reply [flat|nested] 16+ messages in thread
* [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-23 14:18 ` Cyril Hrubis @ 2017-08-24 13:25 ` Guangwen Feng 2017-08-24 13:28 ` [LTP] [PATCH v2 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng 0 siblings, 1 reply; 16+ messages in thread From: Guangwen Feng @ 2017-08-24 13:25 UTC (permalink / raw) To: ltp Hi! Thanks for your review! 在 08/23/2017 10:18 PM, Cyril Hrubis 写道: > Hi! >> - keyctl(KEYCTL_READ, key, buffer, 4); >> + tst_syscall(__NR_keyctl, KEYCTL_READ, key, buffer, 4); > > What about we, instead of using raw syscall, defined fallback keyctl() > and add_key() in the lapi/keyctl.h that would call the syscall? That way > we would test the keyutils library if present but these tests will not > be disabled otherwise. > Yes, that sounds good, thanks! Best Regards, Guangwen Feng ^ permalink raw reply [flat|nested] 16+ messages in thread
* [LTP] [PATCH v2 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h 2017-08-24 13:25 ` Guangwen Feng @ 2017-08-24 13:28 ` Guangwen Feng 2017-08-24 13:28 ` [LTP] [PATCH v2 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng 0 siblings, 1 reply; 16+ messages in thread From: Guangwen Feng @ 2017-08-24 13:28 UTC (permalink / raw) To: ltp Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- include/lapi/keyctl.h | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/include/lapi/keyctl.h b/include/lapi/keyctl.h index ed3b7bd..e761be8 100644 --- a/include/lapi/keyctl.h +++ b/include/lapi/keyctl.h @@ -23,6 +23,55 @@ # include <linux/keyctl.h> #endif /* HAVE_LINUX_KEYCTL_H */ +#ifdef HAVE_KEYUTILS_H +# include <keyutils.h> +#else +# include <stdarg.h> +# include <stdint.h> +# include "lapi/syscalls.h" +# ifdef __TEST_H__ +# define TST_SYSCALL_WRAPPER ltp_syscall +# else +# define TST_SYSCALL_WRAPPER tst_syscall +# endif /* __TEST_H__ */ +typedef int32_t key_serial_t; + +static inline key_serial_t add_key(const char *type, + const char *description, + const void *payload, + size_t plen, + key_serial_t ringid) +{ + return TST_SYSCALL_WRAPPER(__NR_add_key, + type, description, payload, plen, ringid); +} + +static inline key_serial_t request_key(const char *type, + const char *description, + const char *callout_info, + key_serial_t destringid) +{ + return TST_SYSCALL_WRAPPER(__NR_request_key, + type, description, callout_info, destringid); +} + +static inline long keyctl(int cmd, ...) +{ + va_list va; + unsigned long arg2, arg3, arg4, arg5; + + va_start(va, cmd); + arg2 = va_arg(va, unsigned long); + arg3 = va_arg(va, unsigned long); + arg4 = va_arg(va, unsigned long); + arg5 = va_arg(va, unsigned long); + va_end(va); + + return TST_SYSCALL_WRAPPER(__NR_keyctl, + cmd, arg2, arg3, arg4, arg5); +} +#endif /* HAVE_KEYUTILS_H */ + #ifndef KEYCTL_GET_KEYRING_ID # define KEYCTL_GET_KEYRING_ID 0 #endif -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v2 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-24 13:28 ` [LTP] [PATCH v2 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng @ 2017-08-24 13:28 ` Guangwen Feng 2017-08-25 3:14 ` Guangwen Feng 0 siblings, 1 reply; 16+ messages in thread From: Guangwen Feng @ 2017-08-24 13:28 UTC (permalink / raw) To: ltp 1.syscalls/keyctl02 and syscalls/keyctl03 make use of lapi/keyctl.h 2.syscalls/keyctl0* use keyutils.h fallback definition in lapi/keyctl.h instead of raw syscall, thus we would test the keyutils library if the header is present and these tests will not be disabled otherwise. 3.Add syscalls/keyctl02 and commands/keyctl01 to the CVE runtest file as cve-2015-7550 and cve-2016-4470 respectively. Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- runtest/cve | 2 ++ testcases/kernel/syscalls/keyctl/Makefile | 4 ++-- testcases/kernel/syscalls/keyctl/keyctl01.c | 20 +++++++++++--------- testcases/kernel/syscalls/keyctl/keyctl02.c | 16 ++++++---------- testcases/kernel/syscalls/keyctl/keyctl03.c | 20 ++++++++++---------- testcases/kernel/syscalls/keyctl/keyctl04.c | 20 +++++++++++--------- testcases/kernel/syscalls/keyctl/keyctl05.c | 29 ++++++++++++++++------------- 7 files changed, 58 insertions(+), 53 deletions(-) diff --git a/runtest/cve b/runtest/cve index 468f0b2..5b16e9e 100644 --- a/runtest/cve +++ b/runtest/cve @@ -5,6 +5,8 @@ cve-2011-2496 vma03 cve-2012-0957 cve-2012-0957 cve-2014-0196 cve-2014-0196 cve-2015-0235 gethostbyname_r01 +cve-2015-7550 keyctl02 +cve-2016-4470 keyctl01.sh cve-2016-4997 cve-2016-4997 cve-2016-5195 dirtyc0w cve-2016-7042 cve-2016-7042 diff --git a/testcases/kernel/syscalls/keyctl/Makefile b/testcases/kernel/syscalls/keyctl/Makefile index bb3d3a4..dd1f6b4 100644 --- a/testcases/kernel/syscalls/keyctl/Makefile +++ b/testcases/kernel/syscalls/keyctl/Makefile @@ -18,8 +18,8 @@ top_srcdir ?= ../../../.. -keyctl02: LDLIBS +=-lpthread $(KEYUTILS_LIBS) -keyctl03: LDLIBS +=$(KEYUTILS_LIBS) +LDLIBS += $(KEYUTILS_LIBS) +keyctl02: LDLIBS += -lpthread include $(top_srcdir)/include/mk/testcases.mk diff --git a/testcases/kernel/syscalls/keyctl/keyctl01.c b/testcases/kernel/syscalls/keyctl/keyctl01.c index 30d51bd..345fa8c 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl01.c +++ b/testcases/kernel/syscalls/keyctl/keyctl01.c @@ -28,31 +28,25 @@ #include <stdint.h> #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - static void do_test(void) { key_serial_t key; - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_USER_SESSION_KEYRING)); - + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_USER_SESSION_KEYRING)); if (TEST_RETURN != -1) tst_res(TPASS, "KEYCTL_GET_KEYRING_ID succeeded"); else tst_res(TFAIL | TTERRNO, "KEYCTL_GET_KEYRING_ID failed"); for (key = INT32_MAX; key > INT32_MIN; key--) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_READ, key)); + TEST(keyctl(KEYCTL_READ, key)); if (TEST_RETURN == -1 && TEST_ERRNO == ENOKEY) break; } - TEST(tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key)); - + TEST(keyctl(KEYCTL_REVOKE, key)); if (TEST_RETURN != -1) { tst_res(TFAIL, "KEYCTL_REVOKE succeeded unexpectedly"); return; @@ -66,6 +60,14 @@ static void do_test(void) tst_res(TPASS | TTERRNO, "KEYCTL_REVOKE failed as expected"); } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { + .setup = setup, .test_all = do_test, }; diff --git a/testcases/kernel/syscalls/keyctl/keyctl02.c b/testcases/kernel/syscalls/keyctl/keyctl02.c index b783bf7..f285212 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl02.c +++ b/testcases/kernel/syscalls/keyctl/keyctl02.c @@ -35,17 +35,13 @@ * KEYS: Fix race between read and revoke */ -#include "config.h" #include <errno.h> #include <pthread.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif + #include "tst_safe_pthread.h" #include "tst_test.h" - -#ifdef HAVE_KEYUTILS_H +#include "lapi/keyctl.h" #define LOOPS 20000 #define PATH_KEY_COUNT_QUOTA "/proc/sys/kernel/keys/root_maxkeys" @@ -103,6 +99,10 @@ static void do_test(void) static void setup(void) { +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ + SAFE_FILE_SCANF(PATH_KEY_COUNT_QUOTA, "%d", &orig_maxkeys); SAFE_FILE_PRINTF(PATH_KEY_COUNT_QUOTA, "%d", orig_maxkeys + LOOPS); } @@ -119,7 +119,3 @@ static struct tst_test test = { .cleanup = cleanup, .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl03.c b/testcases/kernel/syscalls/keyctl/keyctl03.c index 41d062e..aa560f0 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl03.c +++ b/testcases/kernel/syscalls/keyctl/keyctl03.c @@ -28,15 +28,11 @@ * an uninstantiated keyring */ -#include "config.h" #include <errno.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif -#include "tst_test.h" -#ifdef HAVE_KEYUTILS_H +#include "tst_test.h" +#include "lapi/keyctl.h" static void do_test(void) { @@ -55,10 +51,14 @@ static void do_test(void) tst_res(TPASS, "Bug not reproduced"); } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { + .setup = setup, .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl04.c b/testcases/kernel/syscalls/keyctl/keyctl04.c index 3fef1ea..9a57dcf 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl04.c +++ b/testcases/kernel/syscalls/keyctl/keyctl04.c @@ -27,28 +27,22 @@ */ #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - static void do_test(void) { key_serial_t tid_keyring; - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_THREAD_KEYRING, 1)); + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 1)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to create thread keyring"); tid_keyring = TEST_RETURN; - TEST(tst_syscall(__NR_keyctl, KEYCTL_SET_REQKEY_KEYRING, - KEY_REQKEY_DEFL_THREAD_KEYRING)); + TEST(keyctl(KEYCTL_SET_REQKEY_KEYRING, KEY_REQKEY_DEFL_THREAD_KEYRING)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to set reqkey keyring"); - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_THREAD_KEYRING, 0)); + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 0)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to get thread keyring ID"); if (TEST_RETURN == tid_keyring) @@ -57,6 +51,14 @@ static void do_test(void) tst_res(TFAIL, "thread keyring was leaked!"); } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { + .setup = setup, .test_all = do_test, }; diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c index 922d2b4..1ec73a8 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl05.c +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c @@ -39,11 +39,8 @@ #include <stdlib.h> #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - #define KEY_POS_WRITE 0x04000000 #define KEY_POS_ALL 0x3f000000 @@ -89,7 +86,7 @@ static const char x509_cert[] = static void new_session_keyring(void) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_JOIN_SESSION_KEYRING, NULL)); + TEST(keyctl(KEYCTL_JOIN_SESSION_KEYRING, NULL)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to join new session keyring"); } @@ -101,8 +98,7 @@ static void test_update_nonupdatable(const char *type, new_session_keyring(); - TEST(tst_syscall(__NR_add_key, type, "desc", payload, plen, - KEY_SPEC_SESSION_KEYRING)); + TEST(add_key(type, "desc", payload, plen, KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN < 0) { if (TEST_ERRNO == ENODEV) { tst_res(TCONF, "kernel doesn't support key type '%s'", @@ -130,7 +126,7 @@ static void test_update_nonupdatable(const char *type, * Non-updatable keys don't start with write permission, so we must * explicitly grant it. */ - TEST(tst_syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, KEY_POS_ALL)); + TEST(keyctl(KEYCTL_SETPERM, keyid, KEY_POS_ALL)); if (TEST_RETURN != 0) { tst_res(TBROK | TTERRNO, "failed to grant write permission to '%s' key", type); @@ -138,7 +134,7 @@ static void test_update_nonupdatable(const char *type, } tst_res(TINFO, "Try to update the '%s' key...", type); - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, payload, plen)); + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, plen)); if (TEST_RETURN == 0) { tst_res(TBROK, "updating '%s' key unexpectedly succeeded", type); @@ -165,8 +161,8 @@ static void test_update_setperm_race(void) new_session_keyring(); - TEST(tst_syscall(__NR_add_key, "user", "desc", payload, sizeof(payload), - KEY_SPEC_SESSION_KEYRING)); + TEST(add_key("user", "desc", payload, sizeof(payload), + KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN < 0) { tst_res(TBROK | TTERRNO, "failed to add 'user' key"); return; @@ -178,7 +174,7 @@ static void test_update_setperm_race(void) for (i = 0; i < 10000; i++) { perm ^= KEY_POS_WRITE; - TEST(syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, perm)); + TEST(keyctl(KEYCTL_SETPERM, keyid, perm)); if (TEST_RETURN != 0) tst_brk(TBROK | TTERRNO, "setperm failed"); } @@ -187,8 +183,7 @@ static void test_update_setperm_race(void) tst_res(TINFO, "Try to update the 'user' key..."); for (i = 0; i < 10000; i++) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, - payload, sizeof(payload))); + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, sizeof(payload))); if (TEST_RETURN != 0 && TEST_ERRNO != EACCES) { tst_res(TBROK | TTERRNO, "failed to update 'user' key"); return; @@ -218,8 +213,16 @@ static void do_test(unsigned int i) } } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { .tcnt = 3, + .setup = setup, .test = do_test, .forks_child = 1, }; -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v2 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-24 13:28 ` [LTP] [PATCH v2 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng @ 2017-08-25 3:14 ` Guangwen Feng 2017-08-25 3:24 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng 0 siblings, 1 reply; 16+ messages in thread From: Guangwen Feng @ 2017-08-25 3:14 UTC (permalink / raw) To: ltp Hi! Please ignore the v2, I found there are some problem, sorry. I will send a v3 soon. Best Regards, Guangwen Feng 在 08/24/2017 09:28 PM, Guangwen Feng 写道: > 1.syscalls/keyctl02 and syscalls/keyctl03 make use of lapi/keyctl.h > > 2.syscalls/keyctl0* use keyutils.h fallback definition in lapi/keyctl.h > instead of raw syscall, thus we would test the keyutils library if the > header is present and these tests will not be disabled otherwise. > > 3.Add syscalls/keyctl02 and commands/keyctl01 to the CVE runtest file as > cve-2015-7550 and cve-2016-4470 respectively. > > Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> > --- > runtest/cve | 2 ++ > testcases/kernel/syscalls/keyctl/Makefile | 4 ++-- > testcases/kernel/syscalls/keyctl/keyctl01.c | 20 +++++++++++--------- > testcases/kernel/syscalls/keyctl/keyctl02.c | 16 ++++++---------- > testcases/kernel/syscalls/keyctl/keyctl03.c | 20 ++++++++++---------- > testcases/kernel/syscalls/keyctl/keyctl04.c | 20 +++++++++++--------- > testcases/kernel/syscalls/keyctl/keyctl05.c | 29 ++++++++++++++++------------- > 7 files changed, 58 insertions(+), 53 deletions(-) > > diff --git a/runtest/cve b/runtest/cve > index 468f0b2..5b16e9e 100644 > --- a/runtest/cve > +++ b/runtest/cve > @@ -5,6 +5,8 @@ cve-2011-2496 vma03 > cve-2012-0957 cve-2012-0957 > cve-2014-0196 cve-2014-0196 > cve-2015-0235 gethostbyname_r01 > +cve-2015-7550 keyctl02 > +cve-2016-4470 keyctl01.sh > cve-2016-4997 cve-2016-4997 > cve-2016-5195 dirtyc0w > cve-2016-7042 cve-2016-7042 > diff --git a/testcases/kernel/syscalls/keyctl/Makefile b/testcases/kernel/syscalls/keyctl/Makefile > index bb3d3a4..dd1f6b4 100644 > --- a/testcases/kernel/syscalls/keyctl/Makefile > +++ b/testcases/kernel/syscalls/keyctl/Makefile > @@ -18,8 +18,8 @@ > > top_srcdir ?= ../../../.. > > -keyctl02: LDLIBS +=-lpthread $(KEYUTILS_LIBS) > -keyctl03: LDLIBS +=$(KEYUTILS_LIBS) > +LDLIBS += $(KEYUTILS_LIBS) > +keyctl02: LDLIBS += -lpthread > > include $(top_srcdir)/include/mk/testcases.mk > > diff --git a/testcases/kernel/syscalls/keyctl/keyctl01.c b/testcases/kernel/syscalls/keyctl/keyctl01.c > index 30d51bd..345fa8c 100644 > --- a/testcases/kernel/syscalls/keyctl/keyctl01.c > +++ b/testcases/kernel/syscalls/keyctl/keyctl01.c > @@ -28,31 +28,25 @@ > #include <stdint.h> > > #include "tst_test.h" > -#include "lapi/syscalls.h" > #include "lapi/keyctl.h" > > -typedef int32_t key_serial_t; > - > static void do_test(void) > { > key_serial_t key; > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, > - KEY_SPEC_USER_SESSION_KEYRING)); > - > + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_USER_SESSION_KEYRING)); > if (TEST_RETURN != -1) > tst_res(TPASS, "KEYCTL_GET_KEYRING_ID succeeded"); > else > tst_res(TFAIL | TTERRNO, "KEYCTL_GET_KEYRING_ID failed"); > > for (key = INT32_MAX; key > INT32_MIN; key--) { > - TEST(tst_syscall(__NR_keyctl, KEYCTL_READ, key)); > + TEST(keyctl(KEYCTL_READ, key)); > if (TEST_RETURN == -1 && TEST_ERRNO == ENOKEY) > break; > } > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key)); > - > + TEST(keyctl(KEYCTL_REVOKE, key)); > if (TEST_RETURN != -1) { > tst_res(TFAIL, "KEYCTL_REVOKE succeeded unexpectedly"); > return; > @@ -66,6 +60,14 @@ static void do_test(void) > tst_res(TPASS | TTERRNO, "KEYCTL_REVOKE failed as expected"); > } > > +static void setup(void) > +{ > +#ifndef HAVE_KEYUTILS_H > + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); > +#endif /* HAVE_KEYUTILS_H */ > +} > + > static struct tst_test test = { > + .setup = setup, > .test_all = do_test, > }; > diff --git a/testcases/kernel/syscalls/keyctl/keyctl02.c b/testcases/kernel/syscalls/keyctl/keyctl02.c > index b783bf7..f285212 100644 > --- a/testcases/kernel/syscalls/keyctl/keyctl02.c > +++ b/testcases/kernel/syscalls/keyctl/keyctl02.c > @@ -35,17 +35,13 @@ > * KEYS: Fix race between read and revoke > */ > > -#include "config.h" > #include <errno.h> > #include <pthread.h> > #include <sys/types.h> > -#ifdef HAVE_KEYUTILS_H > -# include <keyutils.h> > -#endif > + > #include "tst_safe_pthread.h" > #include "tst_test.h" > - > -#ifdef HAVE_KEYUTILS_H > +#include "lapi/keyctl.h" > > #define LOOPS 20000 > #define PATH_KEY_COUNT_QUOTA "/proc/sys/kernel/keys/root_maxkeys" > @@ -103,6 +99,10 @@ static void do_test(void) > > static void setup(void) > { > +#ifndef HAVE_KEYUTILS_H > + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); > +#endif /* HAVE_KEYUTILS_H */ > + > SAFE_FILE_SCANF(PATH_KEY_COUNT_QUOTA, "%d", &orig_maxkeys); > SAFE_FILE_PRINTF(PATH_KEY_COUNT_QUOTA, "%d", orig_maxkeys + LOOPS); > } > @@ -119,7 +119,3 @@ static struct tst_test test = { > .cleanup = cleanup, > .test_all = do_test, > }; > - > -#else > - TST_TEST_TCONF("keyutils.h does not exist"); > -#endif /* HAVE_KEYUTILS_H */ > diff --git a/testcases/kernel/syscalls/keyctl/keyctl03.c b/testcases/kernel/syscalls/keyctl/keyctl03.c > index 41d062e..aa560f0 100644 > --- a/testcases/kernel/syscalls/keyctl/keyctl03.c > +++ b/testcases/kernel/syscalls/keyctl/keyctl03.c > @@ -28,15 +28,11 @@ > * an uninstantiated keyring > */ > > -#include "config.h" > #include <errno.h> > #include <sys/types.h> > -#ifdef HAVE_KEYUTILS_H > -# include <keyutils.h> > -#endif > -#include "tst_test.h" > > -#ifdef HAVE_KEYUTILS_H > +#include "tst_test.h" > +#include "lapi/keyctl.h" > > static void do_test(void) > { > @@ -55,10 +51,14 @@ static void do_test(void) > tst_res(TPASS, "Bug not reproduced"); > } > > +static void setup(void) > +{ > +#ifndef HAVE_KEYUTILS_H > + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); > +#endif /* HAVE_KEYUTILS_H */ > +} > + > static struct tst_test test = { > + .setup = setup, > .test_all = do_test, > }; > - > -#else > - TST_TEST_TCONF("keyutils.h does not exist"); > -#endif /* HAVE_KEYUTILS_H */ > diff --git a/testcases/kernel/syscalls/keyctl/keyctl04.c b/testcases/kernel/syscalls/keyctl/keyctl04.c > index 3fef1ea..9a57dcf 100644 > --- a/testcases/kernel/syscalls/keyctl/keyctl04.c > +++ b/testcases/kernel/syscalls/keyctl/keyctl04.c > @@ -27,28 +27,22 @@ > */ > > #include "tst_test.h" > -#include "lapi/syscalls.h" > #include "lapi/keyctl.h" > > -typedef int32_t key_serial_t; > - > static void do_test(void) > { > key_serial_t tid_keyring; > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, > - KEY_SPEC_THREAD_KEYRING, 1)); > + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 1)); > if (TEST_RETURN < 0) > tst_brk(TBROK | TTERRNO, "failed to create thread keyring"); > tid_keyring = TEST_RETURN; > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_SET_REQKEY_KEYRING, > - KEY_REQKEY_DEFL_THREAD_KEYRING)); > + TEST(keyctl(KEYCTL_SET_REQKEY_KEYRING, KEY_REQKEY_DEFL_THREAD_KEYRING)); > if (TEST_RETURN < 0) > tst_brk(TBROK | TTERRNO, "failed to set reqkey keyring"); > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, > - KEY_SPEC_THREAD_KEYRING, 0)); > + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 0)); > if (TEST_RETURN < 0) > tst_brk(TBROK | TTERRNO, "failed to get thread keyring ID"); > if (TEST_RETURN == tid_keyring) > @@ -57,6 +51,14 @@ static void do_test(void) > tst_res(TFAIL, "thread keyring was leaked!"); > } > > +static void setup(void) > +{ > +#ifndef HAVE_KEYUTILS_H > + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); > +#endif /* HAVE_KEYUTILS_H */ > +} > + > static struct tst_test test = { > + .setup = setup, > .test_all = do_test, > }; > diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c > index 922d2b4..1ec73a8 100644 > --- a/testcases/kernel/syscalls/keyctl/keyctl05.c > +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c > @@ -39,11 +39,8 @@ > > #include <stdlib.h> > #include "tst_test.h" > -#include "lapi/syscalls.h" > #include "lapi/keyctl.h" > > -typedef int32_t key_serial_t; > - > #define KEY_POS_WRITE 0x04000000 > #define KEY_POS_ALL 0x3f000000 > > @@ -89,7 +86,7 @@ static const char x509_cert[] = > > static void new_session_keyring(void) > { > - TEST(tst_syscall(__NR_keyctl, KEYCTL_JOIN_SESSION_KEYRING, NULL)); > + TEST(keyctl(KEYCTL_JOIN_SESSION_KEYRING, NULL)); > if (TEST_RETURN < 0) > tst_brk(TBROK | TTERRNO, "failed to join new session keyring"); > } > @@ -101,8 +98,7 @@ static void test_update_nonupdatable(const char *type, > > new_session_keyring(); > > - TEST(tst_syscall(__NR_add_key, type, "desc", payload, plen, > - KEY_SPEC_SESSION_KEYRING)); > + TEST(add_key(type, "desc", payload, plen, KEY_SPEC_SESSION_KEYRING)); > if (TEST_RETURN < 0) { > if (TEST_ERRNO == ENODEV) { > tst_res(TCONF, "kernel doesn't support key type '%s'", > @@ -130,7 +126,7 @@ static void test_update_nonupdatable(const char *type, > * Non-updatable keys don't start with write permission, so we must > * explicitly grant it. > */ > - TEST(tst_syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, KEY_POS_ALL)); > + TEST(keyctl(KEYCTL_SETPERM, keyid, KEY_POS_ALL)); > if (TEST_RETURN != 0) { > tst_res(TBROK | TTERRNO, > "failed to grant write permission to '%s' key", type); > @@ -138,7 +134,7 @@ static void test_update_nonupdatable(const char *type, > } > > tst_res(TINFO, "Try to update the '%s' key...", type); > - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, payload, plen)); > + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, plen)); > if (TEST_RETURN == 0) { > tst_res(TBROK, > "updating '%s' key unexpectedly succeeded", type); > @@ -165,8 +161,8 @@ static void test_update_setperm_race(void) > > new_session_keyring(); > > - TEST(tst_syscall(__NR_add_key, "user", "desc", payload, sizeof(payload), > - KEY_SPEC_SESSION_KEYRING)); > + TEST(add_key("user", "desc", payload, sizeof(payload), > + KEY_SPEC_SESSION_KEYRING)); > if (TEST_RETURN < 0) { > tst_res(TBROK | TTERRNO, "failed to add 'user' key"); > return; > @@ -178,7 +174,7 @@ static void test_update_setperm_race(void) > > for (i = 0; i < 10000; i++) { > perm ^= KEY_POS_WRITE; > - TEST(syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, perm)); > + TEST(keyctl(KEYCTL_SETPERM, keyid, perm)); > if (TEST_RETURN != 0) > tst_brk(TBROK | TTERRNO, "setperm failed"); > } > @@ -187,8 +183,7 @@ static void test_update_setperm_race(void) > > tst_res(TINFO, "Try to update the 'user' key..."); > for (i = 0; i < 10000; i++) { > - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, > - payload, sizeof(payload))); > + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, sizeof(payload))); > if (TEST_RETURN != 0 && TEST_ERRNO != EACCES) { > tst_res(TBROK | TTERRNO, "failed to update 'user' key"); > return; > @@ -218,8 +213,16 @@ static void do_test(unsigned int i) > } > } > > +static void setup(void) > +{ > +#ifndef HAVE_KEYUTILS_H > + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); > +#endif /* HAVE_KEYUTILS_H */ > +} > + > static struct tst_test test = { > .tcnt = 3, > + .setup = setup, > .test = do_test, > .forks_child = 1, > }; > ^ permalink raw reply [flat|nested] 16+ messages in thread
* [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h 2017-08-25 3:14 ` Guangwen Feng @ 2017-08-25 3:24 ` Guangwen Feng 2017-08-25 3:24 ` [LTP] [PATCH v3 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng 2017-08-28 11:02 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis 0 siblings, 2 replies; 16+ messages in thread From: Guangwen Feng @ 2017-08-25 3:24 UTC (permalink / raw) To: ltp Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- include/lapi/keyctl.h | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/include/lapi/keyctl.h b/include/lapi/keyctl.h index ed3b7bd..e761be8 100644 --- a/include/lapi/keyctl.h +++ b/include/lapi/keyctl.h @@ -23,6 +23,55 @@ # include <linux/keyctl.h> #endif /* HAVE_LINUX_KEYCTL_H */ +#ifdef HAVE_KEYUTILS_H +# include <keyutils.h> +#else +# include <stdarg.h> +# include <stdint.h> +# include "lapi/syscalls.h" +# ifdef __TEST_H__ +# define TST_SYSCALL_WRAPPER ltp_syscall +# else +# define TST_SYSCALL_WRAPPER tst_syscall +# endif /* __TEST_H__ */ +typedef int32_t key_serial_t; + +static inline key_serial_t add_key(const char *type, + const char *description, + const void *payload, + size_t plen, + key_serial_t ringid) +{ + return TST_SYSCALL_WRAPPER(__NR_add_key, + type, description, payload, plen, ringid); +} + +static inline key_serial_t request_key(const char *type, + const char *description, + const char *callout_info, + key_serial_t destringid) +{ + return TST_SYSCALL_WRAPPER(__NR_request_key, + type, description, callout_info, destringid); +} + +static inline long keyctl(int cmd, ...) +{ + va_list va; + unsigned long arg2, arg3, arg4, arg5; + + va_start(va, cmd); + arg2 = va_arg(va, unsigned long); + arg3 = va_arg(va, unsigned long); + arg4 = va_arg(va, unsigned long); + arg5 = va_arg(va, unsigned long); + va_end(va); + + return TST_SYSCALL_WRAPPER(__NR_keyctl, + cmd, arg2, arg3, arg4, arg5); +} +#endif /* HAVE_KEYUTILS_H */ + #ifndef KEYCTL_GET_KEYRING_ID # define KEYCTL_GET_KEYRING_ID 0 #endif -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v3 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-25 3:24 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng @ 2017-08-25 3:24 ` Guangwen Feng 2017-08-28 11:04 ` Cyril Hrubis 2017-08-28 11:02 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis 1 sibling, 1 reply; 16+ messages in thread From: Guangwen Feng @ 2017-08-25 3:24 UTC (permalink / raw) To: ltp 1.syscalls/keyctl02 and syscalls/keyctl03 make use of lapi/keyctl.h 2.syscalls/keyctl0* use keyutils.h fallback definition in lapi/keyctl.h instead of raw syscall, thus we would test the keyutils library if the header is present and these tests will not be disabled otherwise. 3.Add syscalls/keyctl02 and commands/keyctl01 to the CVE runtest file as cve-2015-7550 and cve-2016-4470 respectively. Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- runtest/cve | 2 ++ testcases/kernel/syscalls/keyctl/Makefile | 6 +++--- testcases/kernel/syscalls/keyctl/keyctl01.c | 20 ++++++++++--------- testcases/kernel/syscalls/keyctl/keyctl02.c | 16 ++++++--------- testcases/kernel/syscalls/keyctl/keyctl03.c | 20 +++++++++---------- testcases/kernel/syscalls/keyctl/keyctl04.c | 22 +++++++++++--------- testcases/kernel/syscalls/keyctl/keyctl05.c | 31 +++++++++++++++++------------ 7 files changed, 63 insertions(+), 54 deletions(-) diff --git a/runtest/cve b/runtest/cve index 468f0b2..5b16e9e 100644 --- a/runtest/cve +++ b/runtest/cve @@ -5,6 +5,8 @@ cve-2011-2496 vma03 cve-2012-0957 cve-2012-0957 cve-2014-0196 cve-2014-0196 cve-2015-0235 gethostbyname_r01 +cve-2015-7550 keyctl02 +cve-2016-4470 keyctl01.sh cve-2016-4997 cve-2016-4997 cve-2016-5195 dirtyc0w cve-2016-7042 cve-2016-7042 diff --git a/testcases/kernel/syscalls/keyctl/Makefile b/testcases/kernel/syscalls/keyctl/Makefile index bb3d3a4..9ccb357 100644 --- a/testcases/kernel/syscalls/keyctl/Makefile +++ b/testcases/kernel/syscalls/keyctl/Makefile @@ -18,9 +18,9 @@ top_srcdir ?= ../../../.. -keyctl02: LDLIBS +=-lpthread $(KEYUTILS_LIBS) -keyctl03: LDLIBS +=$(KEYUTILS_LIBS) - include $(top_srcdir)/include/mk/testcases.mk +LDLIBS += $(KEYUTILS_LIBS) +keyctl02: LDLIBS += -lpthread + include $(top_srcdir)/include/mk/generic_leaf_target.mk diff --git a/testcases/kernel/syscalls/keyctl/keyctl01.c b/testcases/kernel/syscalls/keyctl/keyctl01.c index 30d51bd..345fa8c 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl01.c +++ b/testcases/kernel/syscalls/keyctl/keyctl01.c @@ -28,31 +28,25 @@ #include <stdint.h> #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - static void do_test(void) { key_serial_t key; - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_USER_SESSION_KEYRING)); - + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_USER_SESSION_KEYRING)); if (TEST_RETURN != -1) tst_res(TPASS, "KEYCTL_GET_KEYRING_ID succeeded"); else tst_res(TFAIL | TTERRNO, "KEYCTL_GET_KEYRING_ID failed"); for (key = INT32_MAX; key > INT32_MIN; key--) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_READ, key)); + TEST(keyctl(KEYCTL_READ, key)); if (TEST_RETURN == -1 && TEST_ERRNO == ENOKEY) break; } - TEST(tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key)); - + TEST(keyctl(KEYCTL_REVOKE, key)); if (TEST_RETURN != -1) { tst_res(TFAIL, "KEYCTL_REVOKE succeeded unexpectedly"); return; @@ -66,6 +60,14 @@ static void do_test(void) tst_res(TPASS | TTERRNO, "KEYCTL_REVOKE failed as expected"); } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { + .setup = setup, .test_all = do_test, }; diff --git a/testcases/kernel/syscalls/keyctl/keyctl02.c b/testcases/kernel/syscalls/keyctl/keyctl02.c index b783bf7..f285212 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl02.c +++ b/testcases/kernel/syscalls/keyctl/keyctl02.c @@ -35,17 +35,13 @@ * KEYS: Fix race between read and revoke */ -#include "config.h" #include <errno.h> #include <pthread.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif + #include "tst_safe_pthread.h" #include "tst_test.h" - -#ifdef HAVE_KEYUTILS_H +#include "lapi/keyctl.h" #define LOOPS 20000 #define PATH_KEY_COUNT_QUOTA "/proc/sys/kernel/keys/root_maxkeys" @@ -103,6 +99,10 @@ static void do_test(void) static void setup(void) { +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ + SAFE_FILE_SCANF(PATH_KEY_COUNT_QUOTA, "%d", &orig_maxkeys); SAFE_FILE_PRINTF(PATH_KEY_COUNT_QUOTA, "%d", orig_maxkeys + LOOPS); } @@ -119,7 +119,3 @@ static struct tst_test test = { .cleanup = cleanup, .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl03.c b/testcases/kernel/syscalls/keyctl/keyctl03.c index 41d062e..aa560f0 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl03.c +++ b/testcases/kernel/syscalls/keyctl/keyctl03.c @@ -28,15 +28,11 @@ * an uninstantiated keyring */ -#include "config.h" #include <errno.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif -#include "tst_test.h" -#ifdef HAVE_KEYUTILS_H +#include "tst_test.h" +#include "lapi/keyctl.h" static void do_test(void) { @@ -55,10 +51,14 @@ static void do_test(void) tst_res(TPASS, "Bug not reproduced"); } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { + .setup = setup, .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl04.c b/testcases/kernel/syscalls/keyctl/keyctl04.c index 3fef1ea..59476fa 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl04.c +++ b/testcases/kernel/syscalls/keyctl/keyctl04.c @@ -26,29 +26,25 @@ * keyring was leaked). */ +#include <errno.h> + #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - static void do_test(void) { key_serial_t tid_keyring; - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_THREAD_KEYRING, 1)); + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 1)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to create thread keyring"); tid_keyring = TEST_RETURN; - TEST(tst_syscall(__NR_keyctl, KEYCTL_SET_REQKEY_KEYRING, - KEY_REQKEY_DEFL_THREAD_KEYRING)); + TEST(keyctl(KEYCTL_SET_REQKEY_KEYRING, KEY_REQKEY_DEFL_THREAD_KEYRING)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to set reqkey keyring"); - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_THREAD_KEYRING, 0)); + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 0)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to get thread keyring ID"); if (TEST_RETURN == tid_keyring) @@ -57,6 +53,14 @@ static void do_test(void) tst_res(TFAIL, "thread keyring was leaked!"); } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { + .setup = setup, .test_all = do_test, }; diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c index 922d2b4..70d3ba9 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl05.c +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c @@ -37,13 +37,12 @@ * laid out the crash may not actually occur. */ +#include <errno.h> #include <stdlib.h> + #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - #define KEY_POS_WRITE 0x04000000 #define KEY_POS_ALL 0x3f000000 @@ -89,7 +88,7 @@ static const char x509_cert[] = static void new_session_keyring(void) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_JOIN_SESSION_KEYRING, NULL)); + TEST(keyctl(KEYCTL_JOIN_SESSION_KEYRING, NULL)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to join new session keyring"); } @@ -101,8 +100,7 @@ static void test_update_nonupdatable(const char *type, new_session_keyring(); - TEST(tst_syscall(__NR_add_key, type, "desc", payload, plen, - KEY_SPEC_SESSION_KEYRING)); + TEST(add_key(type, "desc", payload, plen, KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN < 0) { if (TEST_ERRNO == ENODEV) { tst_res(TCONF, "kernel doesn't support key type '%s'", @@ -130,7 +128,7 @@ static void test_update_nonupdatable(const char *type, * Non-updatable keys don't start with write permission, so we must * explicitly grant it. */ - TEST(tst_syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, KEY_POS_ALL)); + TEST(keyctl(KEYCTL_SETPERM, keyid, KEY_POS_ALL)); if (TEST_RETURN != 0) { tst_res(TBROK | TTERRNO, "failed to grant write permission to '%s' key", type); @@ -138,7 +136,7 @@ static void test_update_nonupdatable(const char *type, } tst_res(TINFO, "Try to update the '%s' key...", type); - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, payload, plen)); + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, plen)); if (TEST_RETURN == 0) { tst_res(TBROK, "updating '%s' key unexpectedly succeeded", type); @@ -165,8 +163,8 @@ static void test_update_setperm_race(void) new_session_keyring(); - TEST(tst_syscall(__NR_add_key, "user", "desc", payload, sizeof(payload), - KEY_SPEC_SESSION_KEYRING)); + TEST(add_key("user", "desc", payload, sizeof(payload), + KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN < 0) { tst_res(TBROK | TTERRNO, "failed to add 'user' key"); return; @@ -178,7 +176,7 @@ static void test_update_setperm_race(void) for (i = 0; i < 10000; i++) { perm ^= KEY_POS_WRITE; - TEST(syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, perm)); + TEST(keyctl(KEYCTL_SETPERM, keyid, perm)); if (TEST_RETURN != 0) tst_brk(TBROK | TTERRNO, "setperm failed"); } @@ -187,8 +185,7 @@ static void test_update_setperm_race(void) tst_res(TINFO, "Try to update the 'user' key..."); for (i = 0; i < 10000; i++) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, - payload, sizeof(payload))); + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, sizeof(payload))); if (TEST_RETURN != 0 && TEST_ERRNO != EACCES) { tst_res(TBROK | TTERRNO, "failed to update 'user' key"); return; @@ -218,8 +215,16 @@ static void do_test(unsigned int i) } } +static void setup(void) +{ +#ifndef HAVE_KEYUTILS_H + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); +#endif /* HAVE_KEYUTILS_H */ +} + static struct tst_test test = { .tcnt = 3, + .setup = setup, .test = do_test, .forks_child = 1, }; -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v3 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve 2017-08-25 3:24 ` [LTP] [PATCH v3 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng @ 2017-08-28 11:04 ` Cyril Hrubis 0 siblings, 0 replies; 16+ messages in thread From: Cyril Hrubis @ 2017-08-28 11:04 UTC (permalink / raw) To: ltp Hi! > 1.syscalls/keyctl02 and syscalls/keyctl03 make use of lapi/keyctl.h > > 2.syscalls/keyctl0* use keyutils.h fallback definition in lapi/keyctl.h > instead of raw syscall, thus we would test the keyutils library if the > header is present and these tests will not be disabled otherwise. > > 3.Add syscalls/keyctl02 and commands/keyctl01 to the CVE runtest file as > cve-2015-7550 and cve-2016-4470 respectively. It would be a bit cleaner if the part 3. was send in a separate part. > static void do_test(void) > { > key_serial_t key; > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, > - KEY_SPEC_USER_SESSION_KEYRING)); > - > + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_USER_SESSION_KEYRING)); > if (TEST_RETURN != -1) > tst_res(TPASS, "KEYCTL_GET_KEYRING_ID succeeded"); > else > tst_res(TFAIL | TTERRNO, "KEYCTL_GET_KEYRING_ID failed"); > > for (key = INT32_MAX; key > INT32_MIN; key--) { > - TEST(tst_syscall(__NR_keyctl, KEYCTL_READ, key)); > + TEST(keyctl(KEYCTL_READ, key)); > if (TEST_RETURN == -1 && TEST_ERRNO == ENOKEY) > break; > } > > - TEST(tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key)); > - > + TEST(keyctl(KEYCTL_REVOKE, key)); > if (TEST_RETURN != -1) { > tst_res(TFAIL, "KEYCTL_REVOKE succeeded unexpectedly"); > return; > @@ -66,6 +60,14 @@ static void do_test(void) > tst_res(TPASS | TTERRNO, "KEYCTL_REVOKE failed as expected"); > } > > +static void setup(void) > +{ > +#ifndef HAVE_KEYUTILS_H > + tst_res(TINFO, "keyutils.h does not exist, using fallback definition"); > +#endif /* HAVE_KEYUTILS_H */ > +} And I do not think that this message is necessary and if it is we should probably print it from the lapi call rather than adding it into each of the testcases. Otherwise it looks fine. -- Cyril Hrubis chrubis@suse.cz ^ permalink raw reply [flat|nested] 16+ messages in thread
* [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h 2017-08-25 3:24 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng 2017-08-25 3:24 ` [LTP] [PATCH v3 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng @ 2017-08-28 11:02 ` Cyril Hrubis 2017-08-29 3:37 ` [LTP] [PATCH v4 1/3] " Guangwen Feng 1 sibling, 1 reply; 16+ messages in thread From: Cyril Hrubis @ 2017-08-28 11:02 UTC (permalink / raw) To: ltp Hi! > +#ifdef HAVE_KEYUTILS_H > +# include <keyutils.h> We should also make sure we do not include both linux/keyctl.h and keyutils.h they both define KEY_* and KEYCTL_* constants. So the <linux/keyctl.h> include should be in the else branch of the HAVE_KEYUTILS_H. > +#else > +# include <stdarg.h> > +# include <stdint.h> > +# include "lapi/syscalls.h" > +# ifdef __TEST_H__ > +# define TST_SYSCALL_WRAPPER ltp_syscall > +# else > +# define TST_SYSCALL_WRAPPER tst_syscall > +# endif /* __TEST_H__ */ What do we need these ifdefs for? I've checked all the keyctl tests and they are all converted to new library and so we can call tst_syscall() directly. > +typedef int32_t key_serial_t; > + > +static inline key_serial_t add_key(const char *type, > + const char *description, > + const void *payload, > + size_t plen, > + key_serial_t ringid) > +{ > + return TST_SYSCALL_WRAPPER(__NR_add_key, > + type, description, payload, plen, ringid); > +} > + > +static inline key_serial_t request_key(const char *type, > + const char *description, > + const char *callout_info, > + key_serial_t destringid) > +{ > + return TST_SYSCALL_WRAPPER(__NR_request_key, > + type, description, callout_info, destringid); > +} > + > +static inline long keyctl(int cmd, ...) > +{ > + va_list va; > + unsigned long arg2, arg3, arg4, arg5; > + > + va_start(va, cmd); > + arg2 = va_arg(va, unsigned long); > + arg3 = va_arg(va, unsigned long); > + arg4 = va_arg(va, unsigned long); > + arg5 = va_arg(va, unsigned long); > + va_end(va); > + > + return TST_SYSCALL_WRAPPER(__NR_keyctl, > + cmd, arg2, arg3, arg4, arg5); > +} > +#endif /* HAVE_KEYUTILS_H */ > + > #ifndef KEYCTL_GET_KEYRING_ID > # define KEYCTL_GET_KEYRING_ID 0 > #endif > -- > 2.9.4 > > > -- Cyril Hrubis chrubis@suse.cz ^ permalink raw reply [flat|nested] 16+ messages in thread
* [LTP] [PATCH v4 1/3] lapi/keyctl.h: Add fallback definition of keyutil.h 2017-08-28 11:02 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis @ 2017-08-29 3:37 ` Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 2/3] syscalls/keyctl: Make use of lapi/keyctl.h Guangwen Feng ` (2 more replies) 0 siblings, 3 replies; 16+ messages in thread From: Guangwen Feng @ 2017-08-29 3:37 UTC (permalink / raw) To: ltp Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- include/lapi/keyctl.h | 48 +++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/include/lapi/keyctl.h b/include/lapi/keyctl.h index ed3b7bd..3e7ce47 100644 --- a/include/lapi/keyctl.h +++ b/include/lapi/keyctl.h @@ -19,9 +19,51 @@ #define KEYCTL_H__ #include "config.h" -#ifdef HAVE_LINUX_KEYCTL_H -# include <linux/keyctl.h> -#endif /* HAVE_LINUX_KEYCTL_H */ +#ifdef HAVE_KEYUTILS_H +# include <keyutils.h> +#else +# ifdef HAVE_LINUX_KEYCTL_H +# include <linux/keyctl.h> +# endif /* HAVE_LINUX_KEYCTL_H */ +# include <stdarg.h> +# include <stdint.h> +# include "lapi/syscalls.h" +typedef int32_t key_serial_t; + +static inline key_serial_t add_key(const char *type, + const char *description, + const void *payload, + size_t plen, + key_serial_t ringid) +{ + return tst_syscall(__NR_add_key, + type, description, payload, plen, ringid); +} + +static inline key_serial_t request_key(const char *type, + const char *description, + const char *callout_info, + key_serial_t destringid) +{ + return tst_syscall(__NR_request_key, + type, description, callout_info, destringid); +} + +static inline long keyctl(int cmd, ...) +{ + va_list va; + unsigned long arg2, arg3, arg4, arg5; + + va_start(va, cmd); + arg2 = va_arg(va, unsigned long); + arg3 = va_arg(va, unsigned long); + arg4 = va_arg(va, unsigned long); + arg5 = va_arg(va, unsigned long); + va_end(va); + + return tst_syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5); +} +#endif /* HAVE_KEYUTILS_H */ #ifndef KEYCTL_GET_KEYRING_ID # define KEYCTL_GET_KEYRING_ID 0 -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v4 2/3] syscalls/keyctl: Make use of lapi/keyctl.h 2017-08-29 3:37 ` [LTP] [PATCH v4 1/3] " Guangwen Feng @ 2017-08-29 3:37 ` Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 3/3] CVE: Add some existing tests to runtest/cve Guangwen Feng 2017-08-29 11:47 ` [LTP] [PATCH v4 1/3] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis 2 siblings, 0 replies; 16+ messages in thread From: Guangwen Feng @ 2017-08-29 3:37 UTC (permalink / raw) To: ltp 1.syscalls/keyctl02 and syscalls/keyctl03 make use of lapi/keyctl.h 2.syscalls/keyctl0* use keyutils.h fallback definition in lapi/keyctl.h instead of raw syscall, thus we would test the keyutils library if the header is present and these tests will not be disabled otherwise. Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- testcases/kernel/syscalls/keyctl/Makefile | 6 +++--- testcases/kernel/syscalls/keyctl/keyctl01.c | 12 +++--------- testcases/kernel/syscalls/keyctl/keyctl02.c | 12 ++---------- testcases/kernel/syscalls/keyctl/keyctl03.c | 12 ++---------- testcases/kernel/syscalls/keyctl/keyctl04.c | 14 +++++--------- testcases/kernel/syscalls/keyctl/keyctl05.c | 23 ++++++++++------------- 6 files changed, 25 insertions(+), 54 deletions(-) diff --git a/testcases/kernel/syscalls/keyctl/Makefile b/testcases/kernel/syscalls/keyctl/Makefile index bb3d3a4..9ccb357 100644 --- a/testcases/kernel/syscalls/keyctl/Makefile +++ b/testcases/kernel/syscalls/keyctl/Makefile @@ -18,9 +18,9 @@ top_srcdir ?= ../../../.. -keyctl02: LDLIBS +=-lpthread $(KEYUTILS_LIBS) -keyctl03: LDLIBS +=$(KEYUTILS_LIBS) - include $(top_srcdir)/include/mk/testcases.mk +LDLIBS += $(KEYUTILS_LIBS) +keyctl02: LDLIBS += -lpthread + include $(top_srcdir)/include/mk/generic_leaf_target.mk diff --git a/testcases/kernel/syscalls/keyctl/keyctl01.c b/testcases/kernel/syscalls/keyctl/keyctl01.c index 30d51bd..5719d55 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl01.c +++ b/testcases/kernel/syscalls/keyctl/keyctl01.c @@ -28,31 +28,25 @@ #include <stdint.h> #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - static void do_test(void) { key_serial_t key; - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_USER_SESSION_KEYRING)); - + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_USER_SESSION_KEYRING)); if (TEST_RETURN != -1) tst_res(TPASS, "KEYCTL_GET_KEYRING_ID succeeded"); else tst_res(TFAIL | TTERRNO, "KEYCTL_GET_KEYRING_ID failed"); for (key = INT32_MAX; key > INT32_MIN; key--) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_READ, key)); + TEST(keyctl(KEYCTL_READ, key)); if (TEST_RETURN == -1 && TEST_ERRNO == ENOKEY) break; } - TEST(tst_syscall(__NR_keyctl, KEYCTL_REVOKE, key)); - + TEST(keyctl(KEYCTL_REVOKE, key)); if (TEST_RETURN != -1) { tst_res(TFAIL, "KEYCTL_REVOKE succeeded unexpectedly"); return; diff --git a/testcases/kernel/syscalls/keyctl/keyctl02.c b/testcases/kernel/syscalls/keyctl/keyctl02.c index b783bf7..515da96 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl02.c +++ b/testcases/kernel/syscalls/keyctl/keyctl02.c @@ -35,17 +35,13 @@ * KEYS: Fix race between read and revoke */ -#include "config.h" #include <errno.h> #include <pthread.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif + #include "tst_safe_pthread.h" #include "tst_test.h" - -#ifdef HAVE_KEYUTILS_H +#include "lapi/keyctl.h" #define LOOPS 20000 #define PATH_KEY_COUNT_QUOTA "/proc/sys/kernel/keys/root_maxkeys" @@ -119,7 +115,3 @@ static struct tst_test test = { .cleanup = cleanup, .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl03.c b/testcases/kernel/syscalls/keyctl/keyctl03.c index 41d062e..5c066f7 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl03.c +++ b/testcases/kernel/syscalls/keyctl/keyctl03.c @@ -28,15 +28,11 @@ * an uninstantiated keyring */ -#include "config.h" #include <errno.h> #include <sys/types.h> -#ifdef HAVE_KEYUTILS_H -# include <keyutils.h> -#endif -#include "tst_test.h" -#ifdef HAVE_KEYUTILS_H +#include "tst_test.h" +#include "lapi/keyctl.h" static void do_test(void) { @@ -58,7 +54,3 @@ static void do_test(void) static struct tst_test test = { .test_all = do_test, }; - -#else - TST_TEST_TCONF("keyutils.h does not exist"); -#endif /* HAVE_KEYUTILS_H */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl04.c b/testcases/kernel/syscalls/keyctl/keyctl04.c index 3fef1ea..be9ceeb 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl04.c +++ b/testcases/kernel/syscalls/keyctl/keyctl04.c @@ -26,29 +26,25 @@ * keyring was leaked). */ +#include <errno.h> + #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - static void do_test(void) { key_serial_t tid_keyring; - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_THREAD_KEYRING, 1)); + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 1)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to create thread keyring"); tid_keyring = TEST_RETURN; - TEST(tst_syscall(__NR_keyctl, KEYCTL_SET_REQKEY_KEYRING, - KEY_REQKEY_DEFL_THREAD_KEYRING)); + TEST(keyctl(KEYCTL_SET_REQKEY_KEYRING, KEY_REQKEY_DEFL_THREAD_KEYRING)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to set reqkey keyring"); - TEST(tst_syscall(__NR_keyctl, KEYCTL_GET_KEYRING_ID, - KEY_SPEC_THREAD_KEYRING, 0)); + TEST(keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_THREAD_KEYRING, 0)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to get thread keyring ID"); if (TEST_RETURN == tid_keyring) diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c index 922d2b4..9ba6120 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl05.c +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c @@ -37,13 +37,12 @@ * laid out the crash may not actually occur. */ +#include <errno.h> #include <stdlib.h> + #include "tst_test.h" -#include "lapi/syscalls.h" #include "lapi/keyctl.h" -typedef int32_t key_serial_t; - #define KEY_POS_WRITE 0x04000000 #define KEY_POS_ALL 0x3f000000 @@ -89,7 +88,7 @@ static const char x509_cert[] = static void new_session_keyring(void) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_JOIN_SESSION_KEYRING, NULL)); + TEST(keyctl(KEYCTL_JOIN_SESSION_KEYRING, NULL)); if (TEST_RETURN < 0) tst_brk(TBROK | TTERRNO, "failed to join new session keyring"); } @@ -101,8 +100,7 @@ static void test_update_nonupdatable(const char *type, new_session_keyring(); - TEST(tst_syscall(__NR_add_key, type, "desc", payload, plen, - KEY_SPEC_SESSION_KEYRING)); + TEST(add_key(type, "desc", payload, plen, KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN < 0) { if (TEST_ERRNO == ENODEV) { tst_res(TCONF, "kernel doesn't support key type '%s'", @@ -130,7 +128,7 @@ static void test_update_nonupdatable(const char *type, * Non-updatable keys don't start with write permission, so we must * explicitly grant it. */ - TEST(tst_syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, KEY_POS_ALL)); + TEST(keyctl(KEYCTL_SETPERM, keyid, KEY_POS_ALL)); if (TEST_RETURN != 0) { tst_res(TBROK | TTERRNO, "failed to grant write permission to '%s' key", type); @@ -138,7 +136,7 @@ static void test_update_nonupdatable(const char *type, } tst_res(TINFO, "Try to update the '%s' key...", type); - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, payload, plen)); + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, plen)); if (TEST_RETURN == 0) { tst_res(TBROK, "updating '%s' key unexpectedly succeeded", type); @@ -165,8 +163,8 @@ static void test_update_setperm_race(void) new_session_keyring(); - TEST(tst_syscall(__NR_add_key, "user", "desc", payload, sizeof(payload), - KEY_SPEC_SESSION_KEYRING)); + TEST(add_key("user", "desc", payload, sizeof(payload), + KEY_SPEC_SESSION_KEYRING)); if (TEST_RETURN < 0) { tst_res(TBROK | TTERRNO, "failed to add 'user' key"); return; @@ -178,7 +176,7 @@ static void test_update_setperm_race(void) for (i = 0; i < 10000; i++) { perm ^= KEY_POS_WRITE; - TEST(syscall(__NR_keyctl, KEYCTL_SETPERM, keyid, perm)); + TEST(keyctl(KEYCTL_SETPERM, keyid, perm)); if (TEST_RETURN != 0) tst_brk(TBROK | TTERRNO, "setperm failed"); } @@ -187,8 +185,7 @@ static void test_update_setperm_race(void) tst_res(TINFO, "Try to update the 'user' key..."); for (i = 0; i < 10000; i++) { - TEST(tst_syscall(__NR_keyctl, KEYCTL_UPDATE, keyid, - payload, sizeof(payload))); + TEST(keyctl(KEYCTL_UPDATE, keyid, payload, sizeof(payload))); if (TEST_RETURN != 0 && TEST_ERRNO != EACCES) { tst_res(TBROK | TTERRNO, "failed to update 'user' key"); return; -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v4 3/3] CVE: Add some existing tests to runtest/cve 2017-08-29 3:37 ` [LTP] [PATCH v4 1/3] " Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 2/3] syscalls/keyctl: Make use of lapi/keyctl.h Guangwen Feng @ 2017-08-29 3:37 ` Guangwen Feng 2017-08-29 11:47 ` [LTP] [PATCH v4 1/3] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis 2 siblings, 0 replies; 16+ messages in thread From: Guangwen Feng @ 2017-08-29 3:37 UTC (permalink / raw) To: ltp Add syscalls/keyctl02 and commands/keyctl01 to the CVE runtest file as cve-2015-7550 and cve-2016-4470 respectively. Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> --- runtest/cve | 2 ++ 1 file changed, 2 insertions(+) diff --git a/runtest/cve b/runtest/cve index 468f0b2..5b16e9e 100644 --- a/runtest/cve +++ b/runtest/cve @@ -5,6 +5,8 @@ cve-2011-2496 vma03 cve-2012-0957 cve-2012-0957 cve-2014-0196 cve-2014-0196 cve-2015-0235 gethostbyname_r01 +cve-2015-7550 keyctl02 +cve-2016-4470 keyctl01.sh cve-2016-4997 cve-2016-4997 cve-2016-5195 dirtyc0w cve-2016-7042 cve-2016-7042 -- 2.9.4 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* [LTP] [PATCH v4 1/3] lapi/keyctl.h: Add fallback definition of keyutil.h 2017-08-29 3:37 ` [LTP] [PATCH v4 1/3] " Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 2/3] syscalls/keyctl: Make use of lapi/keyctl.h Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 3/3] CVE: Add some existing tests to runtest/cve Guangwen Feng @ 2017-08-29 11:47 ` Cyril Hrubis 2 siblings, 0 replies; 16+ messages in thread From: Cyril Hrubis @ 2017-08-29 11:47 UTC (permalink / raw) To: ltp Hi! Patchset pushed, thanks. -- Cyril Hrubis chrubis@suse.cz ^ permalink raw reply [flat|nested] 16+ messages in thread
* [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup 2017-08-23 11:00 [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup Guangwen Feng 2017-08-23 11:00 ` [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng @ 2017-08-23 14:13 ` Cyril Hrubis 1 sibling, 0 replies; 16+ messages in thread From: Cyril Hrubis @ 2017-08-23 14:13 UTC (permalink / raw) To: ltp Hi! Pushed, thanks. -- Cyril Hrubis chrubis@suse.cz ^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2017-08-29 11:47 UTC | newest] Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2017-08-23 11:00 [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup Guangwen Feng 2017-08-23 11:00 ` [LTP] [PATCH 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng 2017-08-23 14:18 ` Cyril Hrubis 2017-08-24 13:25 ` Guangwen Feng 2017-08-24 13:28 ` [LTP] [PATCH v2 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng 2017-08-24 13:28 ` [LTP] [PATCH v2 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng 2017-08-25 3:14 ` Guangwen Feng 2017-08-25 3:24 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Guangwen Feng 2017-08-25 3:24 ` [LTP] [PATCH v3 2/2] syscalls/keyctl: Make use of lapi/keyctl.h && Add existing test to runtest/cve Guangwen Feng 2017-08-28 11:04 ` Cyril Hrubis 2017-08-28 11:02 ` [LTP] [PATCH v3 1/2] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis 2017-08-29 3:37 ` [LTP] [PATCH v4 1/3] " Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 2/3] syscalls/keyctl: Make use of lapi/keyctl.h Guangwen Feng 2017-08-29 3:37 ` [LTP] [PATCH v4 3/3] CVE: Add some existing tests to runtest/cve Guangwen Feng 2017-08-29 11:47 ` [LTP] [PATCH v4 1/3] lapi/keyctl.h: Add fallback definition of keyutil.h Cyril Hrubis 2017-08-23 14:13 ` [LTP] [PATCH 1/2] syscalls/keyctl01: Convert to the new library && Cleanup Cyril Hrubis
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.