#include <linux/elf.h>
#include <sys/uio.h>
#include <sys/utsname.h>
-@@ -3082,7 +3083,7 @@ static int user_trap_syscall(int nr, uns
+@@ -3077,7 +3078,7 @@ static int user_trap_syscall(int nr, uns
return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);
}
+++ /dev/null
-From 0eebfed2954f152259cae0ad57b91d3ea92968e8 Mon Sep 17 00:00:00 2001
-From: Christian Brauner <christian.brauner@ubuntu.com>
-Date: Fri, 20 Sep 2019 10:30:07 +0200
-Subject: seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE
-
-From: Christian Brauner <christian.brauner@ubuntu.com>
-
-commit 0eebfed2954f152259cae0ad57b91d3ea92968e8 upstream.
-
-Test whether a syscall can be performed after having been intercepted by
-the seccomp notifier. The test uses dup() and kcmp() since it allows us to
-nicely test whether the dup() syscall actually succeeded by comparing whether
-the fds refer to the same underlying struct file.
-
-Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
-Cc: Andy Lutomirski <luto@amacapital.net>
-Cc: Will Drewry <wad@chromium.org>
-Cc: Shuah Khan <shuah@kernel.org>
-Cc: Alexei Starovoitov <ast@kernel.org>
-Cc: Daniel Borkmann <daniel@iogearbox.net>
-Cc: Martin KaFai Lau <kafai@fb.com>
-Cc: Song Liu <songliubraving@fb.com>
-Cc: Yonghong Song <yhs@fb.com>
-Cc: Tycho Andersen <tycho@tycho.ws>
-CC: Tyler Hicks <tyhicks@canonical.com>
-Cc: stable@vger.kernel.org
-Cc: linux-kselftest@vger.kernel.org
-Cc: netdev@vger.kernel.org
-Cc: bpf@vger.kernel.org
-Link: https://lore.kernel.org/r/20190920083007.11475-4-christian.brauner@ubuntu.com
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- tools/testing/selftests/seccomp/seccomp_bpf.c | 107 ++++++++++++++++++++++++++
- 1 file changed, 107 insertions(+)
-
---- a/tools/testing/selftests/seccomp/seccomp_bpf.c
-+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
-@@ -43,6 +43,7 @@
- #include <sys/times.h>
- #include <sys/socket.h>
- #include <sys/ioctl.h>
-+#include <linux/kcmp.h>
-
- #include <unistd.h>
- #include <sys/syscall.h>
-@@ -166,6 +167,10 @@ struct seccomp_metadata {
-
- #define SECCOMP_RET_USER_NOTIF 0x7fc00000U
-
-+#ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
-+#define SECCOMP_USER_NOTIF_FLAG_CONTINUE 0x00000001
-+#endif
-+
- #define SECCOMP_IOC_MAGIC '!'
- #define SECCOMP_IO(nr) _IO(SECCOMP_IOC_MAGIC, nr)
- #define SECCOMP_IOR(nr, type) _IOR(SECCOMP_IOC_MAGIC, nr, type)
-@@ -3485,6 +3490,108 @@ TEST(seccomp_get_notif_sizes)
- EXPECT_EQ(sizes.seccomp_notif_resp, sizeof(struct seccomp_notif_resp));
- }
-
-+static int filecmp(pid_t pid1, pid_t pid2, int fd1, int fd2)
-+{
-+#ifdef __NR_kcmp
-+ return syscall(__NR_kcmp, pid1, pid2, KCMP_FILE, fd1, fd2);
-+#else
-+ errno = ENOSYS;
-+ return -1;
-+#endif
-+}
-+
-+TEST(user_notification_continue)
-+{
-+ pid_t pid;
-+ long ret;
-+ int status, listener;
-+ struct seccomp_notif req = {};
-+ struct seccomp_notif_resp resp = {};
-+ struct pollfd pollfd;
-+
-+ ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
-+ ASSERT_EQ(0, ret) {
-+ TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!");
-+ }
-+
-+ listener = user_trap_syscall(__NR_dup, SECCOMP_FILTER_FLAG_NEW_LISTENER);
-+ ASSERT_GE(listener, 0);
-+
-+ pid = fork();
-+ ASSERT_GE(pid, 0);
-+
-+ if (pid == 0) {
-+ int dup_fd, pipe_fds[2];
-+ pid_t self;
-+
-+ ret = pipe(pipe_fds);
-+ if (ret < 0)
-+ exit(1);
-+
-+ dup_fd = dup(pipe_fds[0]);
-+ if (dup_fd < 0)
-+ exit(1);
-+
-+ self = getpid();
-+
-+ ret = filecmp(self, self, pipe_fds[0], dup_fd);
-+ if (ret)
-+ exit(2);
-+
-+ exit(0);
-+ }
-+
-+ pollfd.fd = listener;
-+ pollfd.events = POLLIN | POLLOUT;
-+
-+ EXPECT_GT(poll(&pollfd, 1, -1), 0);
-+ EXPECT_EQ(pollfd.revents, POLLIN);
-+
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0);
-+
-+ pollfd.fd = listener;
-+ pollfd.events = POLLIN | POLLOUT;
-+
-+ EXPECT_GT(poll(&pollfd, 1, -1), 0);
-+ EXPECT_EQ(pollfd.revents, POLLOUT);
-+
-+ EXPECT_EQ(req.data.nr, __NR_dup);
-+
-+ resp.id = req.id;
-+ resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
-+
-+ /*
-+ * Verify that setting SECCOMP_USER_NOTIF_FLAG_CONTINUE enforces other
-+ * args be set to 0.
-+ */
-+ resp.error = 0;
-+ resp.val = USER_NOTIF_MAGIC;
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
-+ EXPECT_EQ(errno, EINVAL);
-+
-+ resp.error = USER_NOTIF_MAGIC;
-+ resp.val = 0;
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
-+ EXPECT_EQ(errno, EINVAL);
-+
-+ resp.error = 0;
-+ resp.val = 0;
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0) {
-+ if (errno == EINVAL)
-+ XFAIL(goto skip, "Kernel does not support SECCOMP_USER_NOTIF_FLAG_CONTINUE");
-+ }
-+
-+skip:
-+ EXPECT_EQ(waitpid(pid, &status, 0), pid);
-+ EXPECT_EQ(true, WIFEXITED(status));
-+ EXPECT_EQ(0, WEXITSTATUS(status)) {
-+ if (WEXITSTATUS(status) == 2) {
-+ XFAIL(return, "Kernel does not support kcmp() syscall");
-+ return;
-+ }
-+ }
-+}
-+
- /*
- * TODO:
- * - add microbenchmarks
powerpc-allow-flush_icache_range-to-work-across-ranges-4gb.patch
powerpc-xive-skip-ioremap-of-esb-pages-for-lsi-interrupts.patch
video-hdmi-fix-avi-bar-unpack.patch
-seccomp-test-seccomp_user_notif_flag_continue.patch
quota-check-that-quota-is-not-dirty-before-release.patch
ext2-check-err-when-partial-null.patch
seccomp-avoid-overflow-in-implicit-constant-conversion.patch
#include <linux/elf.h>
#include <sys/uio.h>
#include <sys/utsname.h>
-@@ -3082,7 +3083,7 @@ static int user_trap_syscall(int nr, uns
+@@ -3077,7 +3078,7 @@ static int user_trap_syscall(int nr, uns
return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);
}
+++ /dev/null
-From 0eebfed2954f152259cae0ad57b91d3ea92968e8 Mon Sep 17 00:00:00 2001
-From: Christian Brauner <christian.brauner@ubuntu.com>
-Date: Fri, 20 Sep 2019 10:30:07 +0200
-Subject: seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE
-
-From: Christian Brauner <christian.brauner@ubuntu.com>
-
-commit 0eebfed2954f152259cae0ad57b91d3ea92968e8 upstream.
-
-Test whether a syscall can be performed after having been intercepted by
-the seccomp notifier. The test uses dup() and kcmp() since it allows us to
-nicely test whether the dup() syscall actually succeeded by comparing whether
-the fds refer to the same underlying struct file.
-
-Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
-Cc: Andy Lutomirski <luto@amacapital.net>
-Cc: Will Drewry <wad@chromium.org>
-Cc: Shuah Khan <shuah@kernel.org>
-Cc: Alexei Starovoitov <ast@kernel.org>
-Cc: Daniel Borkmann <daniel@iogearbox.net>
-Cc: Martin KaFai Lau <kafai@fb.com>
-Cc: Song Liu <songliubraving@fb.com>
-Cc: Yonghong Song <yhs@fb.com>
-Cc: Tycho Andersen <tycho@tycho.ws>
-CC: Tyler Hicks <tyhicks@canonical.com>
-Cc: stable@vger.kernel.org
-Cc: linux-kselftest@vger.kernel.org
-Cc: netdev@vger.kernel.org
-Cc: bpf@vger.kernel.org
-Link: https://lore.kernel.org/r/20190920083007.11475-4-christian.brauner@ubuntu.com
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- tools/testing/selftests/seccomp/seccomp_bpf.c | 107 ++++++++++++++++++++++++++
- 1 file changed, 107 insertions(+)
-
---- a/tools/testing/selftests/seccomp/seccomp_bpf.c
-+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
-@@ -43,6 +43,7 @@
- #include <sys/times.h>
- #include <sys/socket.h>
- #include <sys/ioctl.h>
-+#include <linux/kcmp.h>
-
- #include <unistd.h>
- #include <sys/syscall.h>
-@@ -166,6 +167,10 @@ struct seccomp_metadata {
-
- #define SECCOMP_RET_USER_NOTIF 0x7fc00000U
-
-+#ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
-+#define SECCOMP_USER_NOTIF_FLAG_CONTINUE 0x00000001
-+#endif
-+
- #define SECCOMP_IOC_MAGIC '!'
- #define SECCOMP_IO(nr) _IO(SECCOMP_IOC_MAGIC, nr)
- #define SECCOMP_IOR(nr, type) _IOR(SECCOMP_IOC_MAGIC, nr, type)
-@@ -3485,6 +3490,108 @@ TEST(seccomp_get_notif_sizes)
- EXPECT_EQ(sizes.seccomp_notif_resp, sizeof(struct seccomp_notif_resp));
- }
-
-+static int filecmp(pid_t pid1, pid_t pid2, int fd1, int fd2)
-+{
-+#ifdef __NR_kcmp
-+ return syscall(__NR_kcmp, pid1, pid2, KCMP_FILE, fd1, fd2);
-+#else
-+ errno = ENOSYS;
-+ return -1;
-+#endif
-+}
-+
-+TEST(user_notification_continue)
-+{
-+ pid_t pid;
-+ long ret;
-+ int status, listener;
-+ struct seccomp_notif req = {};
-+ struct seccomp_notif_resp resp = {};
-+ struct pollfd pollfd;
-+
-+ ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
-+ ASSERT_EQ(0, ret) {
-+ TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!");
-+ }
-+
-+ listener = user_trap_syscall(__NR_dup, SECCOMP_FILTER_FLAG_NEW_LISTENER);
-+ ASSERT_GE(listener, 0);
-+
-+ pid = fork();
-+ ASSERT_GE(pid, 0);
-+
-+ if (pid == 0) {
-+ int dup_fd, pipe_fds[2];
-+ pid_t self;
-+
-+ ret = pipe(pipe_fds);
-+ if (ret < 0)
-+ exit(1);
-+
-+ dup_fd = dup(pipe_fds[0]);
-+ if (dup_fd < 0)
-+ exit(1);
-+
-+ self = getpid();
-+
-+ ret = filecmp(self, self, pipe_fds[0], dup_fd);
-+ if (ret)
-+ exit(2);
-+
-+ exit(0);
-+ }
-+
-+ pollfd.fd = listener;
-+ pollfd.events = POLLIN | POLLOUT;
-+
-+ EXPECT_GT(poll(&pollfd, 1, -1), 0);
-+ EXPECT_EQ(pollfd.revents, POLLIN);
-+
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0);
-+
-+ pollfd.fd = listener;
-+ pollfd.events = POLLIN | POLLOUT;
-+
-+ EXPECT_GT(poll(&pollfd, 1, -1), 0);
-+ EXPECT_EQ(pollfd.revents, POLLOUT);
-+
-+ EXPECT_EQ(req.data.nr, __NR_dup);
-+
-+ resp.id = req.id;
-+ resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
-+
-+ /*
-+ * Verify that setting SECCOMP_USER_NOTIF_FLAG_CONTINUE enforces other
-+ * args be set to 0.
-+ */
-+ resp.error = 0;
-+ resp.val = USER_NOTIF_MAGIC;
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
-+ EXPECT_EQ(errno, EINVAL);
-+
-+ resp.error = USER_NOTIF_MAGIC;
-+ resp.val = 0;
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), -1);
-+ EXPECT_EQ(errno, EINVAL);
-+
-+ resp.error = 0;
-+ resp.val = 0;
-+ EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0) {
-+ if (errno == EINVAL)
-+ XFAIL(goto skip, "Kernel does not support SECCOMP_USER_NOTIF_FLAG_CONTINUE");
-+ }
-+
-+skip:
-+ EXPECT_EQ(waitpid(pid, &status, 0), pid);
-+ EXPECT_EQ(true, WIFEXITED(status));
-+ EXPECT_EQ(0, WEXITSTATUS(status)) {
-+ if (WEXITSTATUS(status) == 2) {
-+ XFAIL(return, "Kernel does not support kcmp() syscall");
-+ return;
-+ }
-+ }
-+}
-+
- /*
- * TODO:
- * - add microbenchmarks
powerpc-allow-flush_icache_range-to-work-across-ranges-4gb.patch
powerpc-xive-skip-ioremap-of-esb-pages-for-lsi-interrupts.patch
video-hdmi-fix-avi-bar-unpack.patch
-seccomp-test-seccomp_user_notif_flag_continue.patch
quota-check-that-quota-is-not-dirty-before-release.patch
ext2-check-err-when-partial-null.patch
seccomp-avoid-overflow-in-implicit-constant-conversion.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
