Regression found when running LTP connect01 on next-20180301

Regression found when running LTP connect01 on next-20180301

[Anders Roxell]

Hi,

I was running LTP's testcase connect01 [1] and found a regression in linux-next
(next-20180301).  Bisect gave me this patch as the problematic patch (sha
d452930fd3b9 "selinux: Add SCTP support") on a x86 target.

Output from the test(LTP release 20180118):
$ cd /opt/ltp/
$ cat runtest/syscalls |grep connect01>runtest/connect-syscall
$ ./runltp -pq -f connect-syscall
"
Running tests.......
connect01    1  TPASS  :  bad file descriptor successful
connect01    2  TPASS  :  invalid socket buffer successful
connect01    3  TPASS  :  invalid salen successful
connect01    4  TPASS  :  invalid socket successful
connect01    5  TPASS  :  already connected successful
connect01    6  TPASS  :  connection refused successful
connect01    7  TFAIL  :  connect01.c:146: invalid address family ; returned -1 (expected -1), errno 22 (expected 97)
INFO: ltp-pan reported some tests FAIL
LTP Version: 20180118
"

The output from the test expected 97 and we received 22, can you please
elaborate on what have been changed?


Cheers,
Anders
[1] https://github.com/linux-test-project/ltp/blob/20180118/testcases/kernel/syscalls/connect/connect01.c#L146

Re: Regression found when running LTP connect01 on next-20180301

[Paul Moore]

On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@linaro.org> wrote:
> Hi,
>
> I was running LTP's testcase connect01 [1] and found a regression in linux-next
> (next-20180301).  Bisect gave me this patch as the problematic patch (sha
> d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
>
> Output from the test(LTP release 20180118):
> $ cd /opt/ltp/
> $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
> $ ./runltp -pq -f connect-syscall
> "
> Running tests.......
> connect01    1  TPASS  :  bad file descriptor successful
> connect01    2  TPASS  :  invalid socket buffer successful
> connect01    3  TPASS  :  invalid salen successful
> connect01    4  TPASS  :  invalid socket successful
> connect01    5  TPASS  :  already connected successful
> connect01    6  TPASS  :  connection refused successful
> connect01    7  TFAIL  :  connect01.c:146: invalid address family ; returned -1 (expected -1), errno 22 (expected 97)
> INFO: ltp-pan reported some tests FAIL
> LTP Version: 20180118
> "
>
> The output from the test expected 97 and we received 22, can you please
> elaborate on what have been changed?
>
> Cheers,
> Anders
> [1] https://github.com/linux-test-project/ltp/blob/20180118/testcases/kernel/syscalls/connect/connect01.c#L146

Hi Anders,

Thanks for the report.  Out of curiosity, we're you running the full
LTP test suite and this was the only failure, or did you just run the
connect01 test?  Either answer is fine, I'm just trying to understand
the scope of the regression.

Richard, are you able to look into this?  If not, let me know and I'll
dig a bit deeper (I'll likely take a quick look today, but if the
failure is subtle it might require some digging).

-- 
paul moore
www.paul-moore.com

Re: Regression found when running LTP connect01 on next-20180301

[Richard Haines]

On Thu, 2018-03-01 at 08:42 -0500, Paul Moore wrote:
> On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@linaro.o
> rg> wrote:
> > Hi,
> > 
> > I was running LTP's testcase connect01 [1] and found a regression
> > in linux-next
> > (next-20180301).  Bisect gave me this patch as the problematic
> > patch (sha
> > d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
> > 
> > Output from the test(LTP release 20180118):
> > $ cd /opt/ltp/
> > $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
> > $ ./runltp -pq -f connect-syscall
> > "
> > Running tests.......
> > connect01    1  TPASS  :  bad file descriptor successful
> > connect01    2  TPASS  :  invalid socket buffer successful
> > connect01    3  TPASS  :  invalid salen successful
> > connect01    4  TPASS  :  invalid socket successful
> > connect01    5  TPASS  :  already connected successful
> > connect01    6  TPASS  :  connection refused successful
> > connect01    7  TFAIL  :  connect01.c:146: invalid address family ;
> > returned -1 (expected -1), errno 22 (expected 97)
> > INFO: ltp-pan reported some tests FAIL
> > LTP Version: 20180118
> > "
> > 
> > The output from the test expected 97 and we received 22, can you
> > please
> > elaborate on what have been changed?
> > 
> > Cheers,
> > Anders
> > [1] https://github.com/linux-test-project/ltp/blob/20180118/testcas
> > es/kernel/syscalls/connect/connect01.c#L146
> 
> Hi Anders,
> 
> Thanks for the report.  Out of curiosity, we're you running the full
> LTP test suite and this was the only failure, or did you just run the
> connect01 test?  Either answer is fine, I'm just trying to understand
> the scope of the regression.
> 
> Richard, are you able to look into this?  If not, let me know and
> I'll
> dig a bit deeper (I'll likely take a quick look today, but if the
> failure is subtle it might require some digging).

I'll have a look today.
> 

Re: Regression found when running LTP connect01 on next-20180301

[Paul Moore]

On Thu, Mar 1, 2018 at 9:36 AM, Richard Haines
<richard_c_haines@btinternet.com> wrote:
> On Thu, 2018-03-01 at 08:42 -0500, Paul Moore wrote:
>> On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@linaro.o
>> rg> wrote:
>> > Hi,
>> >
>> > I was running LTP's testcase connect01 [1] and found a regression
>> > in linux-next
>> > (next-20180301).  Bisect gave me this patch as the problematic
>> > patch (sha
>> > d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
>> >
>> > Output from the test(LTP release 20180118):
>> > $ cd /opt/ltp/
>> > $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
>> > $ ./runltp -pq -f connect-syscall
>> > "
>> > Running tests.......
>> > connect01    1  TPASS  :  bad file descriptor successful
>> > connect01    2  TPASS  :  invalid socket buffer successful
>> > connect01    3  TPASS  :  invalid salen successful
>> > connect01    4  TPASS  :  invalid socket successful
>> > connect01    5  TPASS  :  already connected successful
>> > connect01    6  TPASS  :  connection refused successful
>> > connect01    7  TFAIL  :  connect01.c:146: invalid address family ;
>> > returned -1 (expected -1), errno 22 (expected 97)
>> > INFO: ltp-pan reported some tests FAIL
>> > LTP Version: 20180118
>> > "
>> >
>> > The output from the test expected 97 and we received 22, can you
>> > please
>> > elaborate on what have been changed?
>> >
>> > Cheers,
>> > Anders
>> > [1] https://github.com/linux-test-project/ltp/blob/20180118/testcas
>> > es/kernel/syscalls/connect/connect01.c#L146
>>
>> Hi Anders,
>>
>> Thanks for the report.  Out of curiosity, we're you running the full
>> LTP test suite and this was the only failure, or did you just run the
>> connect01 test?  Either answer is fine, I'm just trying to understand
>> the scope of the regression.
>>
>> Richard, are you able to look into this?  If not, let me know and
>> I'll
>> dig a bit deeper (I'll likely take a quick look today, but if the
>> failure is subtle it might require some digging).
>
> I'll have a look today.

Thanks.  Let me know if you get stuck.

-- 
paul moore
www.paul-moore.com

Re: Regression found when running LTP connect01 on next-20180301

[Paul Moore]

On March 1, 2018 9:36:37 AM Richard Haines <richard_c_haines@btinternet.com> wrote:
> On Thu, 2018-03-01 at 08:42 -0500, Paul Moore wrote:
>> On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@linaro.o
>> rg> wrote:
>> > Hi,
>> > 
>> > I was running LTP's testcase connect01 [1] and found a regression
>> > in linux-next
>> > (next-20180301).  Bisect gave me this patch as the problematic
>> > patch (sha
>> > d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
>> > 
>> > Output from the test(LTP release 20180118):
>> > $ cd /opt/ltp/
>> > $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
>> > $ ./runltp -pq -f connect-syscall
>> > "
>> > Running tests.......
>> > connect01    1  TPASS  :  bad file descriptor successful
>> > connect01    2  TPASS  :  invalid socket buffer successful
>> > connect01    3  TPASS  :  invalid salen successful
>> > connect01    4  TPASS  :  invalid socket successful
>> > connect01    5  TPASS  :  already connected successful
>> > connect01    6  TPASS  :  connection refused successful
>> > connect01    7  TFAIL  :  connect01.c:146: invalid address family ;
>> > returned -1 (expected -1), errno 22 (expected 97)
>> > INFO: ltp-pan reported some tests FAIL
>> > LTP Version: 20180118
>> > "
>> > 
>> > The output from the test expected 97 and we received 22, can you
>> > please
>> > elaborate on what have been changed?
>> > 
>> > Cheers,
>> > Anders
>> > [1] https://github.com/linux-test-project/ltp/blob/20180118/testcas
>> > es/kernel/syscalls/connect/connect01.c#L146
>> 
>> Hi Anders,
>> 
>> Thanks for the report.  Out of curiosity, we're you running the full
>> LTP test suite and this was the only failure, or did you just run the
>> connect01 test?  Either answer is fine, I'm just trying to understand
>> the scope of the regression.
>> 
>> Richard, are you able to look into this?  If not, let me know and
>> I'll
>> dig a bit deeper (I'll likely take a quick look today, but if the
>> failure is subtle it might require some digging).
>
> I'll have a look today.

One more thing I forgot to mention earlier, if there is a patch to fix this, could you please base it on top of the existing SELinux/SCTP patches that have already been merged, and not respin an earlier patch?

Thank you.

--
paul moore
www.paul-moore.com

Re: Regression found when running LTP connect01 on next-20180301

[Anders Roxell]

On 1 March 2018 at 14:42, Paul Moore <paul@paul-moore.com> wrote:
> On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@linaro.org> wrote:
>> Hi,
>>
>> I was running LTP's testcase connect01 [1] and found a regression in linux-next
>> (next-20180301).  Bisect gave me this patch as the problematic patch (sha
>> d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
>>
>> Output from the test(LTP release 20180118):
>> $ cd /opt/ltp/
>> $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
>> $ ./runltp -pq -f connect-syscall
>> "
>> Running tests.......
>> connect01    1  TPASS  :  bad file descriptor successful
>> connect01    2  TPASS  :  invalid socket buffer successful
>> connect01    3  TPASS  :  invalid salen successful
>> connect01    4  TPASS  :  invalid socket successful
>> connect01    5  TPASS  :  already connected successful
>> connect01    6  TPASS  :  connection refused successful
>> connect01    7  TFAIL  :  connect01.c:146: invalid address family ; returned -1 (expected -1), errno 22 (expected 97)
>> INFO: ltp-pan reported some tests FAIL
>> LTP Version: 20180118
>> "
>>
>> The output from the test expected 97 and we received 22, can you please
>> elaborate on what have been changed?
>>
>> Cheers,
>> Anders
>> [1] https://github.com/linux-test-project/ltp/blob/20180118/testcases/kernel/syscalls/connect/connect01.c#L146
>
> Hi Anders,
>
> Thanks for the report.  Out of curiosity, we're you running the full
> LTP test suite and this was the only failure, or did you just run the
> connect01 test?

Normally we run all syscalls, but when we saw this regression I did the
bisect and only ran test connect01.
On every new push we ran 19 different sets of LTP tests, where
connect01 is part of the syscalls test set.

Cheers,
Anders

>  Either answer is fine, I'm just trying to understand
> the scope of the regression.
>
> Richard, are you able to look into this?  If not, let me know and I'll
> dig a bit deeper (I'll likely take a quick look today, but if the
> failure is subtle it might require some digging).
>
> --
> paul moore
> www.paul-moore.com

Re: Regression found when running LTP connect01 on next-20180301

[Paul Moore]

On Thu, Mar 1, 2018 at 3:01 PM, Anders Roxell <anders.roxell@linaro.org> wrote:
> On 1 March 2018 at 14:42, Paul Moore <paul@paul-moore.com> wrote:
>> On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@linaro.org> wrote:
>>> Hi,
>>>
>>> I was running LTP's testcase connect01 [1] and found a regression in linux-next
>>> (next-20180301).  Bisect gave me this patch as the problematic patch (sha
>>> d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
>>>
>>> Output from the test(LTP release 20180118):
>>> $ cd /opt/ltp/
>>> $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
>>> $ ./runltp -pq -f connect-syscall
>>> "
>>> Running tests.......
>>> connect01    1  TPASS  :  bad file descriptor successful
>>> connect01    2  TPASS  :  invalid socket buffer successful
>>> connect01    3  TPASS  :  invalid salen successful
>>> connect01    4  TPASS  :  invalid socket successful
>>> connect01    5  TPASS  :  already connected successful
>>> connect01    6  TPASS  :  connection refused successful
>>> connect01    7  TFAIL  :  connect01.c:146: invalid address family ; returned -1 (expected -1), errno 22 (expected 97)
>>> INFO: ltp-pan reported some tests FAIL
>>> LTP Version: 20180118
>>> "
>>>
>>> The output from the test expected 97 and we received 22, can you please
>>> elaborate on what have been changed?
>>>
>>> Cheers,
>>> Anders
>>> [1] https://github.com/linux-test-project/ltp/blob/20180118/testcases/kernel/syscalls/connect/connect01.c#L146
>>
>> Hi Anders,
>>
>> Thanks for the report.  Out of curiosity, we're you running the full
>> LTP test suite and this was the only failure, or did you just run the
>> connect01 test?
>
> Normally we run all syscalls, but when we saw this regression I did the
> bisect and only ran test connect01.
> On every new push we ran 19 different sets of LTP tests, where
> connect01 is part of the syscalls test set.

So this means that only the connect01 test experienced failures?

>>  Either answer is fine, I'm just trying to understand
>> the scope of the regression.
>>
>> Richard, are you able to look into this?  If not, let me know and I'll
>> dig a bit deeper (I'll likely take a quick look today, but if the
>> failure is subtle it might require some digging).
>>
>> --
>> paul moore
>> www.paul-moore.com

-- 
paul moore
www.paul-moore.com

Re: Regression found when running LTP connect01 on next-20180301

[Richard Haines]

On Thu, 2018-03-01 at 13:03 -0500, Paul Moore wrote:
> On March 1, 2018 9:36:37 AM Richard Haines <richard_c_haines@btintern
> et.com> wrote:
> > On Thu, 2018-03-01 at 08:42 -0500, Paul Moore wrote:
> > > On Thu, Mar 1, 2018 at 3:33 AM, Anders Roxell <anders.roxell@lina
> > > ro.o
> > > rg> wrote:
> > > > Hi,
> > > > 
> > > > I was running LTP's testcase connect01 [1] and found a
> > > > regression
> > > > in linux-next
> > > > (next-20180301).  Bisect gave me this patch as the problematic
> > > > patch (sha
> > > > d452930fd3b9 "selinux: Add SCTP support") on a x86 target.
> > > > 
> > > > Output from the test(LTP release 20180118):
> > > > $ cd /opt/ltp/
> > > > $ cat runtest/syscalls |grep connect01>runtest/connect-syscall
> > > > $ ./runltp -pq -f connect-syscall
> > > > "
> > > > Running tests.......
> > > > connect01    1  TPASS  :  bad file descriptor successful
> > > > connect01    2  TPASS  :  invalid socket buffer successful
> > > > connect01    3  TPASS  :  invalid salen successful
> > > > connect01    4  TPASS  :  invalid socket successful
> > > > connect01    5  TPASS  :  already connected successful
> > > > connect01    6  TPASS  :  connection refused successful
> > > > connect01    7  TFAIL  :  connect01.c:146: invalid address
> > > > family ;
> > > > returned -1 (expected -1), errno 22 (expected 97)
> > > > INFO: ltp-pan reported some tests FAIL
> > > > LTP Version: 20180118
> > > > "
> > > > 
> > > > The output from the test expected 97 and we received 22, can
> > > > you
> > > > please
> > > > elaborate on what have been changed?
> > > > 
> > > > Cheers,
> > > > Anders
> > > > [1] https://github.com/linux-test-project/ltp/blob/20180118/tes
> > > > tcas
> > > > es/kernel/syscalls/connect/connect01.c#L146
> > > 
> > > Hi Anders,
> > > 
> > > Thanks for the report.  Out of curiosity, we're you running the
> > > full
> > > LTP test suite and this was the only failure, or did you just run
> > > the
> > > connect01 test?  Either answer is fine, I'm just trying to
> > > understand
> > > the scope of the regression.
> > > 
> > > Richard, are you able to look into this?  If not, let me know and
> > > I'll
> > > dig a bit deeper (I'll likely take a quick look today, but if the
> > > failure is subtle it might require some digging).
> > 
> > I'll have a look today.
> 
> One more thing I forgot to mention earlier, if there is a patch to
> fix this, could you please base it on top of the existing
> SELinux/SCTP patches that have already been merged, and not respin an
> earlier patch?
> 
> Thank you.


Just to keep you informed:

It appears that with the original hooks.c selinux_socket_connect()
function check: if (sk->sk_family == PF_INET) {, the test fell through
as sk->sk_family = 2 (AF_INET) with the error being picked up by the
caller - even though the test set an illegal family of 47 - but not on
the sk->sk_family, hence:

With the new check: if (address->sa_family == AF_INET) {, the address-
>sa_family = 47 and therefore treated it as an IPv6 address and failed
with -EINVAL. By a fluke this is what SCTP services expects when
invalid address family, however TCP and DCCP requires -EAFNOSUPPORT.

I can fix this with the following simple patch:
	switch (address->sa_family) {
	case AF_INET:
		addr4 = (struct sockaddr_in *)address;
		if (addrlen < sizeof(struct sockaddr_in))
			return -EINVAL;
		snum = ntohs(addr4->sin_port);
		break;
	case AF_INET6:
		addr6 = (struct sockaddr_in6 *)address;
		if (addrlen < SIN6_LEN_RFC2133)
			return -EINVAL;
		snum = ntohs(addr6->sin6_port);
		break;
	default:
		/* Note that SCTP services expect -EINVAL, whereas
		 * others expect -EAFNOSUPPORT.
		 */
		if (sksec->sclass == SECCLASS_SCTP_SOCKET)
			return -EINVAL;
		else
			return -EAFNOSUPPORT;
	}

This will pass the following LTP tests:
./runltp -pq -f connect-syscall
./runltp -pq -f net.sctp

The selinux-testsuite inet_socket and sctp tests all pass as well.

However: The selinux_socket_bind() function has the same issue that can
be fixed by the same type of patch.

So far I've tested three different patches to fix this problem and
this one above seems best. I'll post a patch based on this covering
the bind issue as well once I've done more testing.

I think the SCTP services should return -EAFNOSUPPORT for this (as
their sctp_connectx(3) man page states this), that will require kernel
patch and patches to their test services (plus of course may impact
some apps already out there ??).


> 
> --
> paul moore
> www.paul-moore.com
> 
>