USER_NOTIF_MAGIC is used to both initialize seccomp_notif_resp::val and
verify syscall resturn value. On 32-bit architectures syscall return
value has type long, but the value of USER_NOTIF_MAGIC has type long
long because it doesn't fit into long. As a result all syscall return
value comparisons with USER_NOTIF_MAGIC are false. This is also reported
by the compiler when '-W' is added to CFLAGS.
Add explicit type cast to USER_NOTIF_MAGIC definition.
This fixes the following seccomp_bpf tests on 32-bit architectures:
global.user_notification_basic
global.user_notification_child_pid_ns
global.user_notification_sibling_pid_ns
global.user_notification_fault_recv
Signed-off-by: Max Filippov <[email protected]>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 7f8b5c8982e3..16cc30e2ade4 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3077,7 +3077,7 @@ static int user_trap_syscall(int nr, unsigned int flags)
return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);
}
-#define USER_NOTIF_MAGIC 116983961184613L
+#define USER_NOTIF_MAGIC ((unsigned long)116983961184613L)
TEST(user_notification_basic)
{
pid_t pid;
--
2.20.1
On Thu, Nov 28, 2019 at 09:51:28PM -0800, Max Filippov wrote:
> USER_NOTIF_MAGIC is used to both initialize seccomp_notif_resp::val and
> verify syscall resturn value. On 32-bit architectures syscall return
> value has type long, but the value of USER_NOTIF_MAGIC has type long
> long because it doesn't fit into long. As a result all syscall return
> value comparisons with USER_NOTIF_MAGIC are false. This is also reported
> by the compiler when '-W' is added to CFLAGS.
Hi! Thanks for sending this. There is already a patch in the pipeline
for getting it fixed; it should show up in Linus's tree soon:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=for-next/seccomp&id=223e660bc7638d126a0e4fbace4f33f2895788c4
--
Kees Cook