Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp898119pxk; Sat, 12 Sep 2020 04:12:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwofHhJndjKKPnD07gikgSu6OLWJgCF2ltNqdtmFS2MpuHYTHAwPWuks1wvi162hnvD+H75 X-Received: by 2002:a17:906:e4f:: with SMTP id q15mr5919538eji.155.1599909167306; Sat, 12 Sep 2020 04:12:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599909167; cv=none; d=google.com; s=arc-20160816; b=ozib+Ar7Cjr7pYskBM9Lop0UwrI+yNCP6Xv+F8MXR3WnYulkD6Dqtc/IwpSYi3EO76 YCOceJB2PEzG9C8P9l0afd2RqVJgKkfMbAtZ43lGJDxa1BbXpypkd2yBQNTAnTd902/H IRXKwpLs+lyn8oCICz2KiLWde6EGnW9N53bAC8rFwjVPqjH7eRSU9l9kFsNHT03M5sc1 vOzdzXwwSqslDEVBUsf36q58OobDNDbNn7gRUkZ33xoo6bWpdrZB+G95rN4Br94vdB+U 03X8mWbbm8oBSeltQwGrqs9eJ6K6KyP1I3f6E5imDkYdqlVejsEVwLwMTJbx36h9hI7H 6ZKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=grGRfF2oc4Mrj7QbeeTIjwfyG+77vtq6pTEp1U/ruko=; b=I2cBExrdd6NHBfLJePay8AKbxKVa0aqZgmca0dfrTiQYv9me85QhbL7Q7taWGX+yDI N+c3BLos6SSHpbPlKUdJa3nbIAgl22I3srdVwkjKJjSwOPc0aCJilXluLp87gfme0YfY O/mfXCYdPzV4n9TETrA/DHjPduewUh0TPntSPTCRCX7P3GsvUZ76i8i+zVFceVGOpPIU 4cv9dz5oGvved1pwYK6lNJlQBxbIoBtJP92t4zF9lOB9f27QylU3sw3+aalKBchSrfJL /QdeX4ICXOmG/dlmKP/ZdtIXR7h06c3g5ZHrVASUSqCxLiaDX0N5jbtbT9pXJ2JI9Fgw O6Iw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=K1BHHo1e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id rv10si3071030ejb.453.2020.09.12.04.12.24; Sat, 12 Sep 2020 04:12:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=K1BHHo1e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725911AbgILLLO (ORCPT + 99 others); Sat, 12 Sep 2020 07:11:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46850 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725837AbgILLJ3 (ORCPT ); Sat, 12 Sep 2020 07:09:29 -0400 Received: from mail-pf1-x444.google.com (mail-pf1-x444.google.com [IPv6:2607:f8b0:4864:20::444]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3CBF3C06138E for ; Sat, 12 Sep 2020 04:08:35 -0700 (PDT) Received: by mail-pf1-x444.google.com with SMTP id z19so9073010pfn.8 for ; Sat, 12 Sep 2020 04:08:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=grGRfF2oc4Mrj7QbeeTIjwfyG+77vtq6pTEp1U/ruko=; b=K1BHHo1evlP7HOYg1ZAzFN6YM48ETae3xI7p7rULuTb/67o1w2O4DRWN5Of3sP+nNA 1hp7xWjAewTidrGnugC/X0nQz1mf/c7PFnmJRbgewvDbBnJaFQM3m/iV9mMms3GpIJPH rvw0kaANVUvR5b4Wf+1UIc1c0gKVU9OgmMr6w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=grGRfF2oc4Mrj7QbeeTIjwfyG+77vtq6pTEp1U/ruko=; b=g2m07ZHsWxd0EzvY/xqJeRSpIQIdPjF+cXNqI7CZzyMVEwTj6H5/94uonNvby5kieN LJ9u4MR68iZRLqs1kNtZPpBcA+chVYH4BN3JMJThRx8wEMGzRN70fWKXwe1K5Eyy461R Ek8j4YjH+ZPEUnPjMgvZx9t+e+BPpLSqFHRA6Rylz6KKcUFEdhhjo7sf18yfBLXjYTgy JZouhgzH2khMWDD3LdVxnVomBdG5JDtnt2Isdzo8LkM4wKsTBLhERfp3H+8GHZJ7kmCq lizYUMMmlUGN2D/12e4be2/e9LVL3mJWuhG5Ar/8PU3DfJTrhvGADp38HjbvpbvdmvKj +T7Q== X-Gm-Message-State: AOAM530uPUrVx53LWA5mHF8740jJ7c1jgiD+cE8vV2m8ewCmmj5AeGT6 Ph1myWBLPTmxYOScZ1HueWmBWA== X-Received: by 2002:aa7:8084:0:b029:13f:b82a:1725 with SMTP id v4-20020aa780840000b029013fb82a1725mr3857546pff.9.1599908914782; Sat, 12 Sep 2020 04:08:34 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id j20sm4905489pfh.146.2020.09.12.04.08.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Sep 2020 04:08:31 -0700 (PDT) From: Kees Cook To: linux-kernel@vger.kernel.org Cc: Kees Cook , Thadeu Lima de Souza Cascardo , Max Filippov , Michael Ellerman , Christian Brauner , Andy Lutomirski , Will Drewry , linux-kselftest@vger.kernel.org, linux-mips@vger.kernel.org, linux-xtensa@linux-xtensa.org, linux-arm-kernel@lists.infradead.org, linuxppc-dev@lists.ozlabs.org Subject: [PATCH 13/15] selftests/seccomp: powerpc: Set syscall return during ptrace syscall exit Date: Sat, 12 Sep 2020 04:08:18 -0700 Message-Id: <20200912110820.597135-14-keescook@chromium.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200912110820.597135-1-keescook@chromium.org> References: <20200912110820.597135-1-keescook@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Some archs (like ppc) only support changing the return code during syscall exit when ptrace is used. As the syscall number might not be available anymore during syscall exit, it needs to be saved during syscall enter. Adjust the ptrace tests to do this. Reported-by: Thadeu Lima de Souza Cascardo Suggested-by: Thadeu Lima de Souza Cascardo Link: https://lore.kernel.org/linux-kselftest/20200911181012.171027-1-cascardo@canonical.com/ Fixes: 58d0a862f573 ("seccomp: add tests for ptrace hole") Signed-off-by: Kees Cook --- tools/testing/selftests/seccomp/seccomp_bpf.c | 34 +++++++++++-------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index bbab2420d708..26c712c6a575 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -1949,12 +1949,19 @@ void tracer_seccomp(struct __test_metadata *_metadata, pid_t tracee, } +FIXTURE(TRACE_syscall) { + struct sock_fprog prog; + pid_t tracer, mytid, mypid, parent; + long syscall_nr; +}; + void tracer_ptrace(struct __test_metadata *_metadata, pid_t tracee, int status, void *args) { - int ret, nr; + int ret; unsigned long msg; static bool entry; + FIXTURE_DATA(TRACE_syscall) *self = args; /* * The traditional way to tell PTRACE_SYSCALL entry/exit @@ -1968,24 +1975,23 @@ void tracer_ptrace(struct __test_metadata *_metadata, pid_t tracee, EXPECT_EQ(entry ? PTRACE_EVENTMSG_SYSCALL_ENTRY : PTRACE_EVENTMSG_SYSCALL_EXIT, msg); - if (!entry) - return; - - nr = get_syscall(_metadata, tracee); + /* + * Some architectures only support setting return values during + * syscall exit under ptrace, and on exit the syscall number may + * no longer be available. Therefore, save it here, and call + * "change syscall and set return values" on both entry and exit. + */ + if (entry) + self->syscall_nr = get_syscall(_metadata, tracee); - if (nr == __NR_getpid) + if (self->syscall_nr == __NR_getpid) change_syscall(_metadata, tracee, __NR_getppid, 0); - if (nr == __NR_gettid) + if (self->syscall_nr == __NR_gettid) change_syscall(_metadata, tracee, -1, 45000); - if (nr == __NR_openat) + if (self->syscall_nr == __NR_openat) change_syscall(_metadata, tracee, -1, -ESRCH); } -FIXTURE(TRACE_syscall) { - struct sock_fprog prog; - pid_t tracer, mytid, mypid, parent; -}; - FIXTURE_VARIANT(TRACE_syscall) { /* * All of the SECCOMP_RET_TRACE behaviors can be tested with either @@ -2044,7 +2050,7 @@ FIXTURE_SETUP(TRACE_syscall) self->tracer = setup_trace_fixture(_metadata, variant->use_ptrace ? tracer_ptrace : tracer_seccomp, - NULL, variant->use_ptrace); + self, variant->use_ptrace); ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); ASSERT_EQ(0, ret); -- 2.25.1