Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp809160pxj; Thu, 27 May 2021 12:08:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzuWCtnNy29GuGphFyS4FQaGJ7h7lwtnXjF9W1XDLi4HNNTU4dTPFDC7dpFzVethc1MB0fQ X-Received: by 2002:a02:aa85:: with SMTP id u5mr4941560jai.75.1622142486872; Thu, 27 May 2021 12:08:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622142486; cv=none; d=google.com; s=arc-20160816; b=QcaghoGSZ6tO5oda5urasTVTiul1wjOu9BvWTFYUpqNKQtJxmu5U35iFbTJiOdgvd8 gG5E3jLGCSzP0oKOus4KF3fTLSxeRIqake30rV8e78WfzK6VWemBnz7KxQ5zl8SaEPa1 fpNyVzdu7+ByFy0c+YLKSv6Wjq+M5y3soIFYKUYvW4WvDBCD3NTRfirm3pcWq8NFGmiy +mkoVlCcIbYETrtqbW2HqPcwfUbxDh80RiNwreiXUjLETk0GFj+cahu9A5l9RJeUQQFQ Q2nRJh6bvogbQP2HhKOfmQRrm6DHh4FVV6DXS8im8Mwh6ZZrwE4FvRr1jB8HangA8w/S 2qrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=wo61vuP8itAsZbt2t1dPCmKidBoeF2uLqMWDtAxwKzg=; b=fSY2Vaaf1XtMR+xY90X5hQk1reohnrS2tojuotHrB2BnSj0IlDQhGkv7fm55LF3Lgy fM19X9KqyVbRjRQAW9sVWlDFL+976dhdhVqqRO2nSC1ovs9ii1vcMuWlIt05zsSlTF2S AELlX2mpu52FZjrj3vz7wC7zVDrxBs9XFdGRW5aGAtnHMxIHhcdAz+439VR4vytNxjIk FZ9p7fvMLYHb2U++25R/350gJ07cl69eH9CRcuPG8y1E/piHSk9UyQY9Ln5yIBH3sTHU TvmtQFtWJmEykuaDBB1xcDZ5y7ANsfwq8915nZl2T5cfg3s/HhPOTLIBWcvu3+NmMSeg By7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Pyn+69PD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w11si3710562ilq.20.2021.05.27.12.07.53; Thu, 27 May 2021 12:08:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Pyn+69PD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235787AbhE0SjX (ORCPT + 99 others); Thu, 27 May 2021 14:39:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48712 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232565AbhE0SjW (ORCPT ); Thu, 27 May 2021 14:39:22 -0400 Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 97728C061574 for ; Thu, 27 May 2021 11:37:49 -0700 (PDT) Received: by mail-pj1-x1029.google.com with SMTP id g6-20020a17090adac6b029015d1a9a6f1aso5869847pjx.1 for ; Thu, 27 May 2021 11:37:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=wo61vuP8itAsZbt2t1dPCmKidBoeF2uLqMWDtAxwKzg=; b=Pyn+69PDHkODviT5Ornz6p2X8/CXaFeyRyt/FTNk7L408ugYRNR/1y341aGCjilncc WdZLfizUfUDIAIe77e8hMEQEhCy//CgKsmcWhn7ThIX8qR+azD+RqTUMTHynK2NS0qhe w2mr/gmsaVNv3zMjGs/EGpImpmVp/SfyZvPLQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=wo61vuP8itAsZbt2t1dPCmKidBoeF2uLqMWDtAxwKzg=; b=HWLXTSVptJV3tPCU2AA4gAX6NIBclV45mlWA9hvwUvGEpQ/tqdFho6QhI8nbRgWgPM ybOJdq19tFy1DNWc9V+4FL2KNpOF63buHMuayYSaCTBI0tWSJW/UHADDbFaRebZaNKeL bXG4PGWlcsJ4wFpDL+r2uHmNmOYRtWsbXg6IcRU4nAgAoZMBXgkmomwkqe+yAMEvG6eR CvD7WMsBP46WHHuoOAEqptflePy25JxpD9iBygegTIz/HJLZTV1MbWwftYegwkwC00hM QsMx0Xngi46QUK2TE54tES1/ZwuexVqK8YkzFraKS6BcXzOiJwjSeeuun/LKR00mxmXa 2deg== X-Gm-Message-State: AOAM531VUVDgqbDv97UdM4jb6+kkG2wDfU9yv17wK1M9G4PM3qB3ueP/ zD8OUqlk1mS7hriiM0xS2NlfQQ== X-Received: by 2002:a17:902:bf46:b029:ee:b949:bd0 with SMTP id u6-20020a170902bf46b02900eeb9490bd0mr4383042pls.14.1622140669177; Thu, 27 May 2021 11:37:49 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id h3sm2296385pgp.10.2021.05.27.11.37.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 May 2021 11:37:48 -0700 (PDT) Date: Thu, 27 May 2021 11:37:47 -0700 From: Kees Cook To: Rodrigo Campos Cc: LKML , Sargun Dhillon , containers@lists.linux.dev, Tycho Andersen , Mauricio =?iso-8859-1?Q?V=E1squez?= Bernal , Giuseppe Scrivano , Christian Brauner , =?iso-8859-1?Q?Micka=EBl_Sala=FCn?= , Andy Lutomirski , Will Drewry Subject: Re: [PATCH] selftests/seccomp: More closely track fds being assigned Message-ID: <202105271137.251E14ACB2@keescook> References: <20210527032948.3730953-1-keescook@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 27, 2021 at 02:45:26PM +0200, Rodrigo Campos wrote: > On Thu, May 27, 2021 at 5:29 AM Kees Cook wrote: > > > > Since the open fds might not always start at "4" (especially when > > running under kselftest, etc), start counting from the first assigned > > fd, rather than using the more permissive EXPECT_GE(fd, 0). > > > > Signed-off-by: Kees Cook > > Nice cleanup, thanks! Just in case, tested it here, works fine. Feel > free to add: > > Reviewed-by: Rodrigo Campos Thanks! > I can improve the selftest to test the new addfd flag we just added > also in combination existing flags (like setting the fd number to > use), and maybe also split the big chunk test, if you think that is > valuable. Yeah, I was pondering splitting the test up, but I think it's okay how it is for now. -- Kees Cook