Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1EBB8C433EF for ; Mon, 15 Nov 2021 16:52:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0C52960174 for ; Mon, 15 Nov 2021 16:52:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231624AbhKOQzu (ORCPT ); Mon, 15 Nov 2021 11:55:50 -0500 Received: from smtp-relay-internal-0.canonical.com ([185.125.188.122]:58386 "EHLO smtp-relay-internal-0.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231862AbhKOQz3 (ORCPT ); Mon, 15 Nov 2021 11:55:29 -0500 Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id BC9873F1B0 for ; Mon, 15 Nov 2021 16:52:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1636995150; bh=PNH2v6es8O5TOQZzDLjEqkCgdBVGSVqHubwT7Cy+HTU=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=CU4CBpfM4YuPt/teKruLLRKucAGjvddKhKs1PGKICag8ROjQ95O2lu1R3wvendmG9 +6b0rLoida6drtws2TQo+e8lRq7kVW9KuB0+FHMIaKX0cMI8WX+DzTKfOY9RQ4i5QI p2D0PDEW56XVSyDXKovtpc88+ucxjDEXoUnpQ/tx15pwefANHx2R1/2dOKBKhYqyG3 8f+3R+0i91Gf5L1Fbi/Amg4Uo5Zt30PbRyffWdx73jLcGcsjgax+4FBzt0aScygyae mRCm8d+lbfAljLXw+z9F2GdhkMWFMaor0ZiX84dJ8y1lSJyT8pVBL4olWV/GtIozQ5 UiyMdC2GLp+uA== Received: by mail-ed1-f69.google.com with SMTP id i9-20020a508709000000b003dd4b55a3caso14606664edb.19 for ; Mon, 15 Nov 2021 08:52:30 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=PNH2v6es8O5TOQZzDLjEqkCgdBVGSVqHubwT7Cy+HTU=; b=YFwJNcvTUZAKM5mpcIgEaL0YE8haNqCx+TsI+xiMiBWd4Osi1Z3XZyvhYLUeGe6QvW tyHDuP5MMq96Gx7oUx89FoNvbUtp/6FfTXj9TSkys+fJRRbkAvGHQVUixHAkMBQOocs5 GuVYHrkupImP+A++EfXBLKYamRPyxww7fXEQso5eOqoqYU/eyKpxj45cWJpcdpCiMtiE RhCBO/ltN8TJK814Bh234YC47LBHy2iPnoJM06bLEbyjsrHtloX0Vh0ECZUm6odSY5rc 5M/yw5GP9P7COMjDLAFFAp6H5ABRJnuPWu/JCy3iUqiXHR8p6XI0Qjhwxbnfl+/zCBDa CslA== X-Gm-Message-State: AOAM532lz0dJXBANUOseoJIjqYh4EdAS1FotX1mvHt5E85bl5SeiGhXV B2VOaj5h2PcFb9e28kz0WMaJVoEviiFpaHEmxFW/IlYDoLKHeYeD3QMvEzb9+EIqomNTtzom6om dz/aPsqbO5ZP6IA+xxqImtcRDozhAuxSeJFM7N6+lmQ== X-Received: by 2002:a17:906:4099:: with SMTP id u25mr447161ejj.453.1636995150309; Mon, 15 Nov 2021 08:52:30 -0800 (PST) X-Google-Smtp-Source: ABdhPJz1ddN8Ya6WZiEz3nrE5A7ROfH6GkWWKrtT46rgA6RW+xJPsLTeHGOQjE2zXjDLcd9AVi28lQ== X-Received: by 2002:a17:906:4099:: with SMTP id u25mr447122ejj.453.1636995150100; Mon, 15 Nov 2021 08:52:30 -0800 (PST) Received: from arighi-desktop.homenet.telecomitalia.it ([2001:67c:1560:8007::aac:c1b6]) by smtp.gmail.com with ESMTPSA id o14sm7770903edj.15.2021.11.15.08.52.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Nov 2021 08:52:29 -0800 (PST) From: Andrea Righi To: Kees Cook Cc: Andy Lutomirski , Will Drewry , Shuah Khan , Christian Brauner , Alexei Starovoitov , linux-kselftest@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] selftests/seccomp: fix check of fds being assigned Date: Mon, 15 Nov 2021 17:52:27 +0100 Message-Id: <20211115165227.101124-1-andrea.righi@canonical.com> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org There might be an arbitrary free open fd slot when we run the addfd sub-test, so checking for progressive numbers of file descriptors starting from memfd is not always a reliable check and we could get the following failure: # RUN global.user_notification_addfd ... # seccomp_bpf.c:3989:user_notification_addfd:Expected listener (18) == nextfd++ (9) # user_notification_addfd: Test terminated by assertion Simply check if memfd and listener are valid file descriptors and start counting for progressive file checking with the listener fd. Fixes: 93e720d710df ("selftests/seccomp: More closely track fds being assigned") Signed-off-by: Andrea Righi --- tools/testing/selftests/seccomp/seccomp_bpf.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index d425688cf59c..4f37153378a1 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3975,18 +3975,17 @@ TEST(user_notification_addfd) /* There may be arbitrary already-open fds at test start. */ memfd = memfd_create("test", 0); ASSERT_GE(memfd, 0); - nextfd = memfd + 1; ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); ASSERT_EQ(0, ret) { TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); } - /* fd: 4 */ /* Check that the basic notification machinery works */ listener = user_notif_syscall(__NR_getppid, SECCOMP_FILTER_FLAG_NEW_LISTENER); - ASSERT_EQ(listener, nextfd++); + ASSERT_GE(listener, 0); + nextfd = listener + 1; pid = fork(); ASSERT_GE(pid, 0); -- 2.32.0