[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20201102203706.827510-3-jannh@google.com>
Date: Mon, 2 Nov 2020 21:37:06 +0100
From: Jann Horn <jannh@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Andy Lutomirski <luto@...capital.net>,
Will Drewry <wad@...omium.org>, linux-kernel@...r.kernel.org,
Tycho Andersen <tycho@...ho.pizza>,
Christian Brauner <christian.brauner@...onical.com>,
"Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>,
Linux Containers <containers@...ts.linux-foundation.org>,
Sargun Dhillon <sargun@...gun.me>,
Giuseppe Scrivano <giuseppe@...ivano.org>,
Paul Moore <paul@...l-moore.com>
Subject: [PATCH 3/3] selftests/seccomp: Test NOTIF_RECV empty/dead errors
Test that SECCOMP_IOCTL_NOTIF_RECV on a seccomp fd with zero users returns
-ENOTCONN, both in blocking and in non-blocking mode.
Also test that SECCOMP_IOCTL_NOTIF_RECV on a seccomp fd with no active
notifications returns -ENOENT in non-blocking mode.
Signed-off-by: Jann Horn <jannh@...gle.com>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 127 ++++++++++++++++++
1 file changed, 127 insertions(+)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 5318f9cb1aec..8214c431ad4b 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -28,6 +28,7 @@
#include <linux/prctl.h>
#include <linux/ptrace.h>
#include <linux/seccomp.h>
+#include <linux/futex.h>
#include <pthread.h>
#include <semaphore.h>
#include <signal.h>
@@ -315,6 +316,35 @@ static int __filecmp(pid_t pid1, pid_t pid2, int fd1, int fd2)
} \
_ret; })
+static void store_and_wake(int *ptr, int value)
+{
+ __atomic_store(ptr, &value, __ATOMIC_RELEASE);
+ if (syscall(__NR_futex, ptr, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) == -1) {
+ perror("FUTEX_WAKE failed unexpectedly");
+ exit(EXIT_FAILURE);
+ }
+}
+
+static int wait_and_load(int *ptr, int placeholder)
+{
+ int futex_ret;
+ int value;
+
+retry:
+ futex_ret = syscall(__NR_futex, ptr, FUTEX_WAIT, placeholder, NULL,
+ NULL, 0);
+ if (futex_ret == -1 && errno != EAGAIN) {
+ if (errno == EINTR)
+ goto retry;
+ perror("FUTEX_WAIT failed unexpectedly");
+ exit(EXIT_FAILURE);
+ }
+ value = __atomic_load_n(ptr, __ATOMIC_ACQUIRE);
+ if (value == placeholder)
+ goto retry;
+ return value;
+}
+
TEST(kcmp)
{
int ret;
@@ -4160,6 +4190,103 @@ TEST(user_notification_addfd_rlimit)
close(memfd);
}
+TEST(user_notification_recv_dead)
+{
+ pid_t pid;
+ int status;
+ struct __clone_args args = {
+ .flags = CLONE_FILES,
+ .exit_signal = SIGCHLD,
+ };
+ struct seccomp_notif notif = {};
+ struct shared_data {
+ int notif_fd;
+ } *shared_data;
+
+ shared_data = mmap(NULL, sizeof(struct shared_data),
+ PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_SHARED,
+ -1, 0);
+ ASSERT_NE(NULL, shared_data);
+ ASSERT_EQ(0, prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
+ TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!");
+ }
+
+ pid = sys_clone3(&args, sizeof(args));
+ ASSERT_GE(pid, 0);
+
+ if (pid == 0) {
+ shared_data->notif_fd = user_notif_syscall(
+ __NR_mknodat, SECCOMP_FILTER_FLAG_NEW_LISTENER);
+ if (shared_data->notif_fd < 0)
+ _exit(EXIT_FAILURE);
+
+ _exit(EXIT_SUCCESS);
+ }
+
+ EXPECT_EQ(waitpid(pid, &status, 0), pid);
+ EXPECT_EQ(true, WIFEXITED(status));
+ EXPECT_EQ(0, WEXITSTATUS(status));
+
+ /* non-blocking recv */
+ EXPECT_EQ(-1, ioctl(shared_data->notif_fd, SECCOMP_IOCTL_NOTIF_RECV, ¬if));
+ EXPECT_EQ(ENOTCONN, errno);
+
+ /* blocking recv */
+ set_blocking(shared_data->notif_fd);
+ EXPECT_EQ(-1, ioctl(shared_data->notif_fd, SECCOMP_IOCTL_NOTIF_RECV, ¬if));
+ EXPECT_EQ(ENOTCONN, errno);
+}
+
+TEST(user_notification_recv_nonblock)
+{
+ pid_t pid;
+ struct __clone_args args = {
+ .flags = CLONE_FILES,
+ .exit_signal = SIGCHLD,
+ };
+ struct seccomp_notif notif = {};
+ struct shared_data {
+ int notif_fd;
+ } *shared_data;
+
+ shared_data = mmap(NULL, sizeof(struct shared_data),
+ PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_SHARED,
+ -1, 0);
+ ASSERT_NE(NULL, shared_data);
+ shared_data->notif_fd = -1;
+
+ ASSERT_EQ(0, prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
+ TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!");
+ }
+
+ pid = sys_clone3(&args, sizeof(args));
+ ASSERT_GE(pid, 0);
+
+ if (pid == 0) {
+ int fd;
+
+ fd = user_notif_syscall(__NR_mknodat,
+ SECCOMP_FILTER_FLAG_NEW_LISTENER);
+ if (fd < 0) {
+ store_and_wake(&shared_data->notif_fd, -2);
+ _exit(EXIT_FAILURE);
+ }
+ store_and_wake(&shared_data->notif_fd, fd);
+
+ while (1)
+ pause();
+ }
+
+ wait_and_load(&shared_data->notif_fd, -1);
+
+ /* non-blocking recv */
+ EXPECT_EQ(-1, ioctl(shared_data->notif_fd, SECCOMP_IOCTL_NOTIF_RECV,
+ ¬if));
+ EXPECT_EQ(ENOENT, errno);
+
+ kill(pid, SIGKILL);
+}
+
/*
* TODO:
* - expand NNP testing
--
2.29.1.341.ge80a0c044ae-goog
Powered by blists - more mailing lists