From: Yang Guang <[email protected]>
Running the seccomp tests under the kernel with "defconfig"
shouldn't fail. Because the CONFIG_USER_NS is not supported
in "defconfig". Skipping this case instead of failing it is
better.
Signed-off-by: Yang Guang <[email protected]>
Signed-off-by: David Yang <[email protected]>
Reviewed-by: Shuah Khan <[email protected]>
---
Changes from v1->v2:
- Modify the commit message to better understand.
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 313bb0cbfb1e..e9a61cb2eb88 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3742,7 +3742,10 @@ TEST(user_notification_fault_recv)
struct seccomp_notif req = {};
struct seccomp_notif_resp resp = {};
- ASSERT_EQ(unshare(CLONE_NEWUSER), 0);
+ ASSERT_EQ(unshare(CLONE_NEWUSER), 0) {
+ if (errno == EINVAL)
+ SKIP(return, "kernel missing CLONE_NEWUSER support");
+ }
listener = user_notif_syscall(__NR_getppid,
SECCOMP_FILTER_FLAG_NEW_LISTENER);
--
2.30.2
On Wed, 30 Mar 2022 08:22:10 +0800, [email protected] wrote:
> From: Yang Guang <[email protected]>
>
> Running the seccomp tests under the kernel with "defconfig"
> shouldn't fail. Because the CONFIG_USER_NS is not supported
> in "defconfig". Skipping this case instead of failing it is
> better.
>
> [...]
Applied to for-next/seccomp, thanks!
[1/1] selftests/seccomp: Add SKIP for failed unshare()
https://git.kernel.org/kees/c/8a3d3ea66f0d
--
Kees Cook