From: James Morris <jmorris@namei.org>
To: Kees Cook <keescook@chromium.org>
Cc: Tycho Andersen <tycho@tycho.ws>,
stable@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>,
Will Drewry <wad@chromium.org>,
linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] selftests/seccomp: Prepare for exclusive seccomp flags
Date: Thu, 25 Apr 2019 15:30:07 +1000 (AEST) [thread overview]
Message-ID: <alpine.LRH.2.21.1904251530010.26472@namei.org> (raw)
In-Reply-To: <20190424163756.40001-2-keescook@chromium.org>
On Wed, 24 Apr 2019, Kees Cook wrote:
> Some seccomp flags will become exclusive, so the selftest needs to
> be adjusted to mask those out and test them individually for the "all
> flags" tests.
>
> Cc: stable@vger.kernel.org # v5.0+
> Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: James Morris <jamorris@linux.microsoft.com>
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 34 ++++++++++++++-----
> 1 file changed, 25 insertions(+), 9 deletions(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index f69d2ee29742..5019cdae5d0b 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -2166,11 +2166,14 @@ TEST(detect_seccomp_filter_flags)
> SECCOMP_FILTER_FLAG_LOG,
> SECCOMP_FILTER_FLAG_SPEC_ALLOW,
> SECCOMP_FILTER_FLAG_NEW_LISTENER };
> - unsigned int flag, all_flags;
> + unsigned int exclusive[] = {
> + SECCOMP_FILTER_FLAG_TSYNC,
> + SECCOMP_FILTER_FLAG_NEW_LISTENER };
> + unsigned int flag, all_flags, exclusive_mask;
> int i;
> long ret;
>
> - /* Test detection of known-good filter flags */
> + /* Test detection of individual known-good filter flags */
> for (i = 0, all_flags = 0; i < ARRAY_SIZE(flags); i++) {
> int bits = 0;
>
> @@ -2197,16 +2200,29 @@ TEST(detect_seccomp_filter_flags)
> all_flags |= flag;
> }
>
> - /* Test detection of all known-good filter flags */
> - ret = seccomp(SECCOMP_SET_MODE_FILTER, all_flags, NULL);
> - EXPECT_EQ(-1, ret);
> - EXPECT_EQ(EFAULT, errno) {
> - TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
> - all_flags);
> + /*
> + * Test detection of all known-good filter flags combined. But
> + * for the exclusive flags we need to mask them out and try them
> + * individually for the "all flags" testing.
> + */
> + exclusive_mask = 0;
> + for (i = 0; i < ARRAY_SIZE(exclusive); i++)
> + exclusive_mask |= exclusive[i];
> + for (i = 0; i < ARRAY_SIZE(exclusive); i++) {
> + flag = all_flags & ~exclusive_mask;
> + flag |= exclusive[i];
> +
> + ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
> + EXPECT_EQ(-1, ret);
> + EXPECT_EQ(EFAULT, errno) {
> + TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
> + flag);
> + }
> }
>
> - /* Test detection of an unknown filter flag */
> + /* Test detection of an unknown filter flags, without exclusives. */
> flag = -1;
> + flag &= ~exclusive_mask;
> ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
> EXPECT_EQ(-1, ret);
> EXPECT_EQ(EINVAL, errno) {
>
--
James Morris
<jmorris@namei.org>
WARNING: multiple messages have this Message-ID (diff)
From: jmorris at namei.org (James Morris)
Subject: [PATCH 1/2] selftests/seccomp: Prepare for exclusive seccomp flags
Date: Thu, 25 Apr 2019 15:30:07 +1000 (AEST) [thread overview]
Message-ID: <alpine.LRH.2.21.1904251530010.26472@namei.org> (raw)
In-Reply-To: <20190424163756.40001-2-keescook@chromium.org>
On Wed, 24 Apr 2019, Kees Cook wrote:
> Some seccomp flags will become exclusive, so the selftest needs to
> be adjusted to mask those out and test them individually for the "all
> flags" tests.
>
> Cc: stable at vger.kernel.org # v5.0+
> Signed-off-by: Kees Cook <keescook at chromium.org>
Acked-by: James Morris <jamorris at linux.microsoft.com>
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 34 ++++++++++++++-----
> 1 file changed, 25 insertions(+), 9 deletions(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index f69d2ee29742..5019cdae5d0b 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -2166,11 +2166,14 @@ TEST(detect_seccomp_filter_flags)
> SECCOMP_FILTER_FLAG_LOG,
> SECCOMP_FILTER_FLAG_SPEC_ALLOW,
> SECCOMP_FILTER_FLAG_NEW_LISTENER };
> - unsigned int flag, all_flags;
> + unsigned int exclusive[] = {
> + SECCOMP_FILTER_FLAG_TSYNC,
> + SECCOMP_FILTER_FLAG_NEW_LISTENER };
> + unsigned int flag, all_flags, exclusive_mask;
> int i;
> long ret;
>
> - /* Test detection of known-good filter flags */
> + /* Test detection of individual known-good filter flags */
> for (i = 0, all_flags = 0; i < ARRAY_SIZE(flags); i++) {
> int bits = 0;
>
> @@ -2197,16 +2200,29 @@ TEST(detect_seccomp_filter_flags)
> all_flags |= flag;
> }
>
> - /* Test detection of all known-good filter flags */
> - ret = seccomp(SECCOMP_SET_MODE_FILTER, all_flags, NULL);
> - EXPECT_EQ(-1, ret);
> - EXPECT_EQ(EFAULT, errno) {
> - TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
> - all_flags);
> + /*
> + * Test detection of all known-good filter flags combined. But
> + * for the exclusive flags we need to mask them out and try them
> + * individually for the "all flags" testing.
> + */
> + exclusive_mask = 0;
> + for (i = 0; i < ARRAY_SIZE(exclusive); i++)
> + exclusive_mask |= exclusive[i];
> + for (i = 0; i < ARRAY_SIZE(exclusive); i++) {
> + flag = all_flags & ~exclusive_mask;
> + flag |= exclusive[i];
> +
> + ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
> + EXPECT_EQ(-1, ret);
> + EXPECT_EQ(EFAULT, errno) {
> + TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
> + flag);
> + }
> }
>
> - /* Test detection of an unknown filter flag */
> + /* Test detection of an unknown filter flags, without exclusives. */
> flag = -1;
> + flag &= ~exclusive_mask;
> ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
> EXPECT_EQ(-1, ret);
> EXPECT_EQ(EINVAL, errno) {
>
--
James Morris
<jmorris at namei.org>
WARNING: multiple messages have this Message-ID (diff)
From: jmorris@namei.org (James Morris)
Subject: [PATCH 1/2] selftests/seccomp: Prepare for exclusive seccomp flags
Date: Thu, 25 Apr 2019 15:30:07 +1000 (AEST) [thread overview]
Message-ID: <alpine.LRH.2.21.1904251530010.26472@namei.org> (raw)
Message-ID: <20190425053007.mH3dZytEW5fbO_5fWlF8m_SqGNAHnoD2-RU-wdYCJSs@z> (raw)
In-Reply-To: <20190424163756.40001-2-keescook@chromium.org>
On Wed, 24 Apr 2019, Kees Cook wrote:
> Some seccomp flags will become exclusive, so the selftest needs to
> be adjusted to mask those out and test them individually for the "all
> flags" tests.
>
> Cc: stable at vger.kernel.org # v5.0+
> Signed-off-by: Kees Cook <keescook at chromium.org>
Acked-by: James Morris <jamorris at linux.microsoft.com>
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 34 ++++++++++++++-----
> 1 file changed, 25 insertions(+), 9 deletions(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index f69d2ee29742..5019cdae5d0b 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -2166,11 +2166,14 @@ TEST(detect_seccomp_filter_flags)
> SECCOMP_FILTER_FLAG_LOG,
> SECCOMP_FILTER_FLAG_SPEC_ALLOW,
> SECCOMP_FILTER_FLAG_NEW_LISTENER };
> - unsigned int flag, all_flags;
> + unsigned int exclusive[] = {
> + SECCOMP_FILTER_FLAG_TSYNC,
> + SECCOMP_FILTER_FLAG_NEW_LISTENER };
> + unsigned int flag, all_flags, exclusive_mask;
> int i;
> long ret;
>
> - /* Test detection of known-good filter flags */
> + /* Test detection of individual known-good filter flags */
> for (i = 0, all_flags = 0; i < ARRAY_SIZE(flags); i++) {
> int bits = 0;
>
> @@ -2197,16 +2200,29 @@ TEST(detect_seccomp_filter_flags)
> all_flags |= flag;
> }
>
> - /* Test detection of all known-good filter flags */
> - ret = seccomp(SECCOMP_SET_MODE_FILTER, all_flags, NULL);
> - EXPECT_EQ(-1, ret);
> - EXPECT_EQ(EFAULT, errno) {
> - TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
> - all_flags);
> + /*
> + * Test detection of all known-good filter flags combined. But
> + * for the exclusive flags we need to mask them out and try them
> + * individually for the "all flags" testing.
> + */
> + exclusive_mask = 0;
> + for (i = 0; i < ARRAY_SIZE(exclusive); i++)
> + exclusive_mask |= exclusive[i];
> + for (i = 0; i < ARRAY_SIZE(exclusive); i++) {
> + flag = all_flags & ~exclusive_mask;
> + flag |= exclusive[i];
> +
> + ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
> + EXPECT_EQ(-1, ret);
> + EXPECT_EQ(EFAULT, errno) {
> + TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
> + flag);
> + }
> }
>
> - /* Test detection of an unknown filter flag */
> + /* Test detection of an unknown filter flags, without exclusives. */
> flag = -1;
> + flag &= ~exclusive_mask;
> ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
> EXPECT_EQ(-1, ret);
> EXPECT_EQ(EINVAL, errno) {
>
--
James Morris
<jmorris at namei.org>
next prev parent reply other threads:[~2019-04-25 5:30 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-24 16:37 [PATCH 0/2] seccomp: Make NEW_LISTENER and TSYNC flags exclusive Kees Cook
2019-04-24 16:37 ` Kees Cook
2019-04-24 16:37 ` keescook
2019-04-24 16:37 ` [PATCH 1/2] selftests/seccomp: Prepare for exclusive seccomp flags Kees Cook
2019-04-24 16:37 ` Kees Cook
2019-04-24 16:37 ` keescook
2019-04-24 17:11 ` Tycho Andersen
2019-04-24 17:11 ` Tycho Andersen
2019-04-24 17:11 ` tycho
2019-04-25 5:30 ` James Morris [this message]
2019-04-25 5:30 ` James Morris
2019-04-25 5:30 ` jmorris
2019-04-24 16:37 ` [PATCH 2/2] seccomp: Make NEW_LISTENER and TSYNC flags exclusive Kees Cook
2019-04-24 16:37 ` Kees Cook
2019-04-24 16:37 ` keescook
2019-04-25 5:30 ` James Morris
2019-04-25 5:30 ` James Morris
2019-04-25 5:30 ` jmorris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LRH.2.21.1904251530010.26472@namei.org \
--to=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=stable@vger.kernel.org \
--cc=tycho@tycho.ws \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.