LinuxLists.cc - [PATCH] selftests/seccomp: Add SKIP for failed unshare()

2022-03-29 09:09:05

Subject: [PATCH] selftests/seccomp: Add SKIP for failed unshare()

From: Yang Guang <[email protected]>

Running the seccomp tests under the kernel with "defconfig"
shouldn't fail. Because the CONFIG_USER_NS is not support
in "defconfig". So skip this test case is better.

Signed-off-by: Yang Guang <[email protected]>
Signed-off-by: David Yang <[email protected]>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 313bb0cbfb1e..e9a61cb2eb88 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3742,7 +3742,10 @@ TEST(user_notification_fault_recv)
struct seccomp_notif req = {};
struct seccomp_notif_resp resp = {};

- ASSERT_EQ(unshare(CLONE_NEWUSER), 0);
+ ASSERT_EQ(unshare(CLONE_NEWUSER), 0) {
+ if (errno == EINVAL)
+ SKIP(return, "kernel missing CLONE_NEWUSER support");
+ }

listener = user_notif_syscall(__NR_getppid,
SECCOMP_FILTER_FLAG_NEW_LISTENER);
--
2.30.2

2022-03-30 12:00:00

by Shuah Khan

[permalink] [raw]

Subject: Re: [PATCH] selftests/seccomp: Add SKIP for failed unshare()

On 3/29/22 12:03 AM, [email protected] wrote:
> From: Yang Guang <[email protected]>
>
> Running the seccomp tests under the kernel with "defconfig"
> shouldn't fail. Because the CONFIG_USER_NS is not support

Nit - supported

> in "defconfig". So skip this test case is better.

Nit: "skipping this case instead if failing it."
>
> Signed-off-by: Yang Guang <[email protected]>
> Signed-off-by: David Yang <[email protected]>
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index 313bb0cbfb1e..e9a61cb2eb88 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -3742,7 +3742,10 @@ TEST(user_notification_fault_recv)
> struct seccomp_notif req = {};
> struct seccomp_notif_resp resp = {};
>
> - ASSERT_EQ(unshare(CLONE_NEWUSER), 0);
> + ASSERT_EQ(unshare(CLONE_NEWUSER), 0) {
> + if (errno == EINVAL)
> + SKIP(return, "kernel missing CLONE_NEWUSER support");> + }
>
> listener = user_notif_syscall(__NR_getppid,
> SECCOMP_FILTER_FLAG_NEW_LISTENER);
>
Looks good to me. Looks like this patch is for Linux 5.18 repo.
With the requested changes to commit log

Reviewed-by: Shuah Khan <[email protected]>

thanks,
-- Shuah