Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp5685ybl; Tue, 7 Jan 2020 13:01:31 -0800 (PST) X-Google-Smtp-Source: APXvYqxE46stMU/Cdl8bbsSlhgHBlChYFaqrdM/8pYUWVDdNoPZLzUcJ9ZME0Pw1SnfKfmCJojX4 X-Received: by 2002:aca:c5ca:: with SMTP id v193mr300117oif.77.1578430891325; Tue, 07 Jan 2020 13:01:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578430891; cv=none; d=google.com; s=arc-20160816; b=GyT7oaOQ3J1Hw6G+P4ReG7bG2JkJMFutsufbLsP9aTzPcyiEkfgA3WTtp9etosdu5h 58MS2aHo4rGWDUV/UBM4ZGe1+wQquTTSIgSih/W7hMDy+Cp/FhLwtHbjopN835WpX4xE 5oVeJ/9U6XjVGdo4/riCv2sQR8/D3lC1mYY+HWGlTIshH4V64ZDqRLxT9qj2HjIO1y2x Ms+EWsN/qjr+72IsYTQO/Yb9FCHsBvSGPdJ6/mo4XxKa5VbjggAxGyt9UsBTWMwwj6zO +K7pk/jL5nBv+0ASNOsLGzsMMrhUO7ycykbU8KdyDJlubt8YV+4II5MLgiTpYOp3oD6W gusA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=wH86ybJ0xMgJe4hcDDqKXZWp7xpW5fDsZ2tac0UHfsA=; b=njcnqyuXBMtkNTpTdK2+OWkmDSJjlhwG4G8uuY6d8zQwCfRtPbY9zo4qZqvX6GuHWp xW8fRwhjJFBwchwxeEJKiljrYfzLL78MJgk4wHbXK4qDg7WIhPJL79txvcbHr5fDzRu9 9CvuqRI4C6SmEcBpOkXXhPf4HK1JswVjaxfveicoUwBE0j+hgKDiQbZDVUew6dc/3vJ+ Qp2CMpB4mbzfs0dVkJoeN/5e4dbFzf2UCqPIaH+N25vLjmmrFK1568qZTu7NvfzvdOlb NElwEOUpI+33jfRii1U7R0/w4C7Ub5Sm/80mB+w6Wh3W1xgq+uUiifMhFy/cnovn0OO0 jEVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=KJGUqJWt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e5si539359oti.104.2020.01.07.13.00.55; Tue, 07 Jan 2020 13:01:31 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=KJGUqJWt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728198AbgAGU7u (ORCPT + 99 others); Tue, 7 Jan 2020 15:59:50 -0500 Received: from mail.kernel.org ([198.145.29.99]:33260 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728174AbgAGU7q (ORCPT ); Tue, 7 Jan 2020 15:59:46 -0500 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2193B2087F; Tue, 7 Jan 2020 20:59:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578430785; bh=44x2w1OX8PyamDGDNVHFPXS7thF5220wNWK62MHi+ps=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KJGUqJWtwru8WcAiin7QBjFPnR7nuXXXWcnQRUW9isWGrAfN8yWbhdjB7aYWtrAZ9 NwwDRnjnjrNt/R9qPjqB5gVz7gVJ6lUrmnzSPGnBP7iJOIXmjPxVwdC1BLG/Kcnmkh SuLfeB0t5nrepz7LbQr4B8GA7mc1jfvlKKaT+wwg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sargun Dhillon , Christian Brauner , Kees Cook Subject: [PATCH 5.4 096/191] selftests/seccomp: Catch garbage on SECCOMP_IOCTL_NOTIF_RECV Date: Tue, 7 Jan 2020 21:53:36 +0100 Message-Id: <20200107205338.129972282@linuxfoundation.org> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200107205332.984228665@linuxfoundation.org> References: <20200107205332.984228665@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sargun Dhillon commit e4ab5ccc357b978999328fadae164e098c26fa40 upstream. This adds logic to the user_notification_basic test to set a member of struct seccomp_notif to an invalid value to ensure that the kernel returns EINVAL if any of the struct seccomp_notif members are set to invalid values. Signed-off-by: Sargun Dhillon Suggested-by: Christian Brauner Link: https://lore.kernel.org/r/20191230203811.4996-1-sargun@sargun.me Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook Signed-off-by: Greg Kroah-Hartman --- tools/testing/selftests/seccomp/seccomp_bpf.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3147,7 +3147,18 @@ TEST(user_notification_basic) EXPECT_GT(poll(&pollfd, 1, -1), 0); EXPECT_EQ(pollfd.revents, POLLIN); - EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0); + /* Test that we can't pass garbage to the kernel. */ + memset(&req, 0, sizeof(req)); + req.pid = -1; + errno = 0; + ret = ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req); + EXPECT_EQ(-1, ret); + EXPECT_EQ(EINVAL, errno); + + if (ret) { + req.pid = 0; + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0); + } pollfd.fd = listener; pollfd.events = POLLIN | POLLOUT;