| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c99ea33e-3aac-fe60-da1c-22acbf1392dc@huawei.com>
Date: Sat, 10 Sep 2022 23:48:08 +0300
From: "Konstantin Meskhidze (A)" <konstantin.meskhidze@...wei.com>
To: Mickaël Salaün <mic@...ikod.net>
CC: <willemdebruijn.kernel@...il.com>, <gnoack3000@...il.com>,
<linux-security-module@...r.kernel.org>, <netdev@...r.kernel.org>,
<netfilter-devel@...r.kernel.org>, <anton.sirazetdinov@...wei.com>
Subject: Re: [PATCH v7 13/18] seltests/landlock: add AF_UNSPEC family test
9/6/2022 11:09 AM, Mickaël Salaün пишет:
>
> On 29/08/2022 19:03, Konstantin Meskhidze wrote:
>> Adds two selftests for connect() action with AF_UNSPEC family flag.
>> The one is with no landlock restrictions allows to disconnect already
>> connected socket with connect(..., AF_UNSPEC, ...):
>> - connect_afunspec_no_restictions;
>
> Typo: "restrictions" (everywhere)
>
My mistake. Thanks.
>
>> The second one refuses landlocked process to disconnect already
>> connected socket:
>> - connect_afunspec_with_restictions;
>>
>> Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze@...wei.com>
>> ---
>>
>> Changes since v6:
>> * None.
>>
>> Changes since v5:
>> * Formats code with clang-format-14.
>>
>> Changes since v4:
>> * Refactors code with self->port, self->addr4 variables.
>> * Adds bind() hook check for with AF_UNSPEC family.
>>
>> Changes since v3:
>> * Adds connect_afunspec_no_restictions test.
>> * Adds connect_afunspec_with_restictions test.
>>
>> ---
>> tools/testing/selftests/landlock/net_test.c | 113 ++++++++++++++++++++
>> 1 file changed, 113 insertions(+)
>>
>> diff --git a/tools/testing/selftests/landlock/net_test.c b/tools/testing/selftests/landlock/net_test.c
>> index 9c3d1e425439..40aef7c683af 100644
>> --- a/tools/testing/selftests/landlock/net_test.c
>> +++ b/tools/testing/selftests/landlock/net_test.c
>> @@ -351,4 +351,117 @@ TEST_F(socket, connect_with_restrictions)
>> ASSERT_EQ(1, WIFEXITED(status));
>> ASSERT_EQ(EXIT_SUCCESS, WEXITSTATUS(status));
>> }
>> +
>> +TEST_F(socket, connect_afunspec_no_restictions)
>> +{
>> + int sockfd;
>> + pid_t child;
>> + int status;
>> +
>> + /* Creates a server socket 1. */
>> + sockfd = create_socket_variant(variant, SOCK_STREAM);
>> + ASSERT_LE(0, sockfd);
>> +
>> + /* Binds the socket 1 to address with port[0]. */
>> + ASSERT_EQ(0, bind_variant(variant, sockfd, self, 0));
>> +
>> + /* Makes connection to the socket with port[0]. */
>> + ASSERT_EQ(0, connect_variant(variant, sockfd, self, 0));
>> +
>> + child = fork();
>> + ASSERT_LE(0, child);
>> + if (child == 0) {
>> + struct sockaddr addr_unspec = { .sa_family = AF_UNSPEC };
>
> You can constify several variable like this one (in all tests).
Got it. thanks.
>
> .
Powered by blists - more mailing lists