Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp89642iob; Wed, 27 Apr 2022 20:03:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwNRspf3r/u2mdN4LmB48SCMhhUN+jJ9TOeBhaQjCuHrr4tnxKe6eMCU+e++vynUDiv9B2n X-Received: by 2002:a17:907:7f93:b0:6db:7634:f214 with SMTP id qk19-20020a1709077f9300b006db7634f214mr29149378ejc.3.1651115007843; Wed, 27 Apr 2022 20:03:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651115007; cv=none; d=google.com; s=arc-20160816; b=qQ+H1A6pkZ2Q9bmQGB4sYXucoSvgk/lxo2TvvQ/csTrw4jQMuQDUCZOh7yHc5lQqlY oLfx+VAaetI8oqtpTFNX6ra8ls4kyYGt66nPuy6Ykz7kFPzjbKx09Bo34cdm+upLnSXW 9Vapi8abomDPSrCFHyIwdVoF59Vbb8S45v4TSM+rds/PjaTxQUKMjx3dQCej7GsRxAJG FZMPR/xNYsTURTvoHTh7H8X02aWhqBkfPbJc7F7KoS1Ulh30VJgkSO4vFMDyKGLQ4v65 G53LwMrQFjdtI674Np5poWhHJE3rhS33+6FjPP3mXbQVVZ9f0LoNFDmxzTSDykO2ol9v aBqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=uEcNSiaDgqCQTOD0WHJ5CmXveRjV7YkdAup8UYWATQA=; b=C9mV8Tv5Y4xc8V98ELzZaADVUSPsXsbtYcfF4d8piYVF0sMhtiephnFJOR4tUXdmFR wN/BDLc2k6Cl3xo3b/hi1iq1jsUkFRbPq8z1jdQ0C1jwBW9V60KG1+nkcYFHZYFYuwv7 +7fG+H5r62kl6f8FqPLnJVyHsZNmvHaM5JtjW19GRKrNSKdD6gDcf84SmgHUF2GxQK3r h1GhmQiOUh8mwcPEXLZ1e+QOqvknoIyeQr9l4gXg24gPAkqQpMx97uaEZrmUhPYfdrDj ObYEjN1UF+R7wmZqNBdCwWFXlT7I9SwUJKzC5xOzMpsBJQhGWoL4vftqMBJmoNpJLU2t 35QA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=CQ81ynmm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sargun.me Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u9-20020a05640207c900b00425c55e748fsi2866092edy.402.2022.04.27.20.03.03; Wed, 27 Apr 2022 20:03:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=CQ81ynmm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sargun.me Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240958AbiD1B7l (ORCPT + 99 others); Wed, 27 Apr 2022 21:59:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46140 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240950AbiD1B7g (ORCPT ); Wed, 27 Apr 2022 21:59:36 -0400 Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 96EA746646 for ; Wed, 27 Apr 2022 18:56:22 -0700 (PDT) Received: by mail-pj1-x1035.google.com with SMTP id cx11-20020a17090afd8b00b001d9fe5965b3so4485644pjb.3 for ; Wed, 27 Apr 2022 18:56:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uEcNSiaDgqCQTOD0WHJ5CmXveRjV7YkdAup8UYWATQA=; b=CQ81ynmmkryn0ZoG2mZWOm/YOBgsz/sPSKCuZXy2qvyQj1AvsNu7edzdJudne1VcOu U5ZvctWsFrJ5LuwflBMasuGCA8ftt8drTqHu0m7BAgMfuAl50CORS2VbQxc+E4nb2izY fJY+n8GhNnbdZyhjA4H64Ir8RqAmYZ+iKgkb0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uEcNSiaDgqCQTOD0WHJ5CmXveRjV7YkdAup8UYWATQA=; b=Vg6VEH4rLLq5wEhGjPmGrE+UD+wWPNnF+RcC3Ks6zmPxAuqxTAKVyCFcc4OhBABfLH 24SJnqAygmHHWyJVt4pQ7ykRZGPaJGeiM2HAuSu7dzWRJcLFUbcbWrZXWbhIjtyrRaMs 9Zx/+LH8EELz8mQSG4egvoDOifol5ZJ6peE0KPvBTKuP4LPXJfn4fJ2XHB3oMZdub/m/ MHt6GJMKaeSP9mRJ28pd9TmVEuGr1bhKpFrj3pIKFt/MibA9x1cXSt20EUeD5AxIKBEm iUcryJekE+xLVFwQ2gGaGf/JmtHghvngn8sY8A7N2qyF5MA4IVXJ5hbmjwzBtK+GAf5o L1iA== X-Gm-Message-State: AOAM531og1J1K3Tj+WHrO/AwsxhxRrVxutlj3U5ItK81f5vdXN5ZO3hh xMp/o79qjpYgaP06Ok/Og1WXhQ== X-Received: by 2002:a17:903:20f:b0:158:d86a:f473 with SMTP id r15-20020a170903020f00b00158d86af473mr31568087plh.92.1651110981954; Wed, 27 Apr 2022 18:56:21 -0700 (PDT) Received: from localhost.localdomain ([69.53.254.5]) by smtp.gmail.com with ESMTPSA id y14-20020a63ce0e000000b003c14af505edsm637814pgf.5.2022.04.27.18.56.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Apr 2022 18:56:20 -0700 (PDT) From: Sargun Dhillon To: Kees Cook , LKML , Tycho Andersen , Andy Lutomirski Cc: Sargun Dhillon , Christian Brauner , linux-kselftest@vger.kernel.org Subject: [PATCH 2/2] selftests/seccomp: Ensure that notifications come in FIFO order Date: Wed, 27 Apr 2022 18:54:47 -0700 Message-Id: <20220428015447.13661-2-sargun@sargun.me> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220428015447.13661-1-sargun@sargun.me> References: <20220428015447.13661-1-sargun@sargun.me> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When multiple notifications are waiting, ensure they show up in order, as defined by the (predictable) seccomp notification ID. This ensures FIFO ordering of notification delivery as notification ids are monitonic and decided when the notification is generated (as opposed to received). Signed-off-by: Sargun Dhillon Cc: linux-kselftest@vger.kernel.org --- tools/testing/selftests/seccomp/seccomp_bpf.c | 109 ++++++++++++++++++ 1 file changed, 109 insertions(+) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 9d126d7fabdb..33fb3d0c3347 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -4231,6 +4231,115 @@ TEST(user_notification_addfd_rlimit) close(memfd); } +static char get_proc_stat(int pid) +{ + char proc_path[100] = {0}; + char *line = NULL; + size_t len = 0; + ssize_t nread; + char status; + FILE *f; + int i; + + snprintf(proc_path, sizeof(proc_path), "/proc/%d/stat", pid); + f = fopen(proc_path, "r"); + if (f == NULL) + ksft_exit_fail_msg("%s - Could not open %s\n", + strerror(errno), proc_path); + + for (i = 0; i < 3; i++) { + nread = getdelim(&line, &len, ' ', f); + if (nread <= 0) + ksft_exit_fail_msg("Failed to read status: %s\n", + strerror(errno)); + } + + status = *line; + free(line); + fclose(f); + + return status; +} + +TEST(user_notification_fifo) +{ + struct seccomp_notif_resp resp = {}; + struct seccomp_notif req = {}; + int i, status, listener; + pid_t pid, pids[3]; + __u64 baseid; + long ret; + /* 100 ms */ + struct timespec delay = { .tv_nsec = 100000000 }; + + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + + /* Setup a listener */ + listener = user_notif_syscall(__NR_getppid, + SECCOMP_FILTER_FLAG_NEW_LISTENER); + ASSERT_GE(listener, 0); + + pid = fork(); + ASSERT_GE(pid, 0); + + if (pid == 0) { + ret = syscall(__NR_getppid); + exit(ret != USER_NOTIF_MAGIC); + } + + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0); + baseid = req.id + 1; + + resp.id = req.id; + resp.error = 0; + resp.val = USER_NOTIF_MAGIC; + + /* check that we make sure flags == 0 */ + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0); + + EXPECT_EQ(waitpid(pid, &status, 0), pid); + EXPECT_EQ(true, WIFEXITED(status)); + EXPECT_EQ(0, WEXITSTATUS(status)); + + /* Start children, and them generate notifications */ + for (i = 0; i < ARRAY_SIZE(pids); i++) { + pid = fork(); + if (pid == 0) { + ret = syscall(__NR_getppid); + exit(ret != USER_NOTIF_MAGIC); + } + pids[i] = pid; + } + + /* This spins until all of the children are sleeping */ +restart_wait: + for (i = 0; i < ARRAY_SIZE(pids); i++) { + if (get_proc_stat(pids[i]) != 'S') { + nanosleep(&delay, NULL); + goto restart_wait; + } + } + + /* Read the notifications in order (and respond) */ + for (i = 0; i < ARRAY_SIZE(pids); i++) { + memset(&req, 0, sizeof(req)); + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0); + EXPECT_EQ(req.id, baseid + i); + resp.id = req.id; + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0); + } + + /* Make sure notifications were received */ + for (i = 0; i < ARRAY_SIZE(pids); i++) { + EXPECT_EQ(waitpid(pids[i], &status, 0), pids[i]); + EXPECT_EQ(true, WIFEXITED(status)); + EXPECT_EQ(0, WEXITSTATUS(status)); + } +} + /* * TODO: * - expand NNP testing -- 2.25.1