* [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd
@ 2021-01-28 16:17 Seth Forshee
2021-02-09 0:13 ` Shuah Khan
2021-02-10 0:33 ` Kees Cook
0 siblings, 2 replies; 4+ messages in thread
From: Seth Forshee @ 2021-01-28 16:17 UTC (permalink / raw)
To: Kees Cook; +Cc: Andy Lutomirski, Will Drewry, Shuah Khan, bpf, linux-kselftest
This test expects fds to have specific values, which works fine
when the test is run standalone. However, the kselftest runner
consumes a couple of extra fds for redirection when running
tests, so the test fails when run via kselftest.
Change the test to pass on any valid fd number.
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 26c72f2b61b1..9338df6f4ca8 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -4019,18 +4019,14 @@ TEST(user_notification_addfd)
/* Verify we can set an arbitrary remote fd */
fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd);
- /*
- * The child has fds 0(stdin), 1(stdout), 2(stderr), 3(memfd),
- * 4(listener), so the newly allocated fd should be 5.
- */
- EXPECT_EQ(fd, 5);
+ EXPECT_GE(fd, 0);
EXPECT_EQ(filecmp(getpid(), pid, memfd, fd), 0);
/* Verify we can set an arbitrary remote fd with large size */
memset(&big, 0x0, sizeof(big));
big.addfd = addfd;
fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big);
- EXPECT_EQ(fd, 6);
+ EXPECT_GE(fd, 0);
/* Verify we can set a specific remote fd */
addfd.newfd = 42;
--
2.29.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd
2021-01-28 16:17 [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd Seth Forshee
@ 2021-02-09 0:13 ` Shuah Khan
2021-02-10 0:33 ` Kees Cook
1 sibling, 0 replies; 4+ messages in thread
From: Shuah Khan @ 2021-02-09 0:13 UTC (permalink / raw)
To: Seth Forshee, Kees Cook
Cc: Andy Lutomirski, Will Drewry, Shuah Khan, bpf, linux-kselftest,
Shuah Khan
On 1/28/21 9:17 AM, Seth Forshee wrote:
> This test expects fds to have specific values, which works fine
> when the test is run standalone. However, the kselftest runner
> consumes a couple of extra fds for redirection when running
> tests, so the test fails when run via kselftest.
>
> Change the test to pass on any valid fd number.
>
> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index 26c72f2b61b1..9338df6f4ca8 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -4019,18 +4019,14 @@ TEST(user_notification_addfd)
>
> /* Verify we can set an arbitrary remote fd */
> fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd);
> - /*
> - * The child has fds 0(stdin), 1(stdout), 2(stderr), 3(memfd),
> - * 4(listener), so the newly allocated fd should be 5.
> - */
> - EXPECT_EQ(fd, 5);
> + EXPECT_GE(fd, 0);
> EXPECT_EQ(filecmp(getpid(), pid, memfd, fd), 0);
>
> /* Verify we can set an arbitrary remote fd with large size */
> memset(&big, 0x0, sizeof(big));
> big.addfd = addfd;
> fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big);
> - EXPECT_EQ(fd, 6);
> + EXPECT_GE(fd, 0);
>
> /* Verify we can set a specific remote fd */
> addfd.newfd = 42;
>
Here is my Ack if Kees wants to take it through seccomp.
Acked-by: Shuah Khan <skhan@linuxfoundation.org>
thanks,
-- Shuah
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd
2021-01-28 16:17 [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd Seth Forshee
2021-02-09 0:13 ` Shuah Khan
@ 2021-02-10 0:33 ` Kees Cook
2021-02-10 0:35 ` Shuah Khan
1 sibling, 1 reply; 4+ messages in thread
From: Kees Cook @ 2021-02-10 0:33 UTC (permalink / raw)
To: Seth Forshee
Cc: Andy Lutomirski, Will Drewry, Shuah Khan, bpf, linux-kselftest
On Thu, Jan 28, 2021 at 10:17:21AM -0600, Seth Forshee wrote:
> This test expects fds to have specific values, which works fine
> when the test is run standalone. However, the kselftest runner
> consumes a couple of extra fds for redirection when running
> tests, so the test fails when run via kselftest.
>
> Change the test to pass on any valid fd number.
>
> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Thanks!
Acked-by: Kees Cook <keescook@chromium.org>
I'll snag this if Shuah doesn't first. :)
-Kees
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index 26c72f2b61b1..9338df6f4ca8 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -4019,18 +4019,14 @@ TEST(user_notification_addfd)
>
> /* Verify we can set an arbitrary remote fd */
> fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd);
> - /*
> - * The child has fds 0(stdin), 1(stdout), 2(stderr), 3(memfd),
> - * 4(listener), so the newly allocated fd should be 5.
> - */
> - EXPECT_EQ(fd, 5);
> + EXPECT_GE(fd, 0);
> EXPECT_EQ(filecmp(getpid(), pid, memfd, fd), 0);
>
> /* Verify we can set an arbitrary remote fd with large size */
> memset(&big, 0x0, sizeof(big));
> big.addfd = addfd;
> fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big);
> - EXPECT_EQ(fd, 6);
> + EXPECT_GE(fd, 0);
>
> /* Verify we can set a specific remote fd */
> addfd.newfd = 42;
> --
> 2.29.2
>
--
Kees Cook
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd
2021-02-10 0:33 ` Kees Cook
@ 2021-02-10 0:35 ` Shuah Khan
0 siblings, 0 replies; 4+ messages in thread
From: Shuah Khan @ 2021-02-10 0:35 UTC (permalink / raw)
To: Kees Cook, Seth Forshee
Cc: Andy Lutomirski, Will Drewry, Shuah Khan, bpf, linux-kselftest,
Shuah Khan
On 2/9/21 5:33 PM, Kees Cook wrote:
> On Thu, Jan 28, 2021 at 10:17:21AM -0600, Seth Forshee wrote:
>> This test expects fds to have specific values, which works fine
>> when the test is run standalone. However, the kselftest runner
>> consumes a couple of extra fds for redirection when running
>> tests, so the test fails when run via kselftest.
>>
>> Change the test to pass on any valid fd number.
>>
>> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
>
> Thanks!
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> I'll snag this if Shuah doesn't first. :)
>
I will apply this. I have several queued for 5.12-rc1 anyway.
thanks,
-- Shuah
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-02-10 0:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-28 16:17 [PATCH] selftests/seccomp: Accept any valid fd in user_notification_addfd Seth Forshee
2021-02-09 0:13 ` Shuah Khan
2021-02-10 0:33 ` Kees Cook
2021-02-10 0:35 ` Shuah Khan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).