Received: by 2002:a5d:9c59:0:0:0:0:0 with SMTP id 25csp2266600iof;
        Wed, 8 Jun 2022 00:55:08 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzyBGAw1woL/Zfap7JH3osMSlAcF4LQ7b7dQDKFJm9d4k/Xq3YDPba2KHBrUYOsDoVq10Ie
X-Received: by 2002:a17:90a:550d:b0:1e2:eb94:588e with SMTP id b13-20020a17090a550d00b001e2eb94588emr37272959pji.15.1654674907888;
        Wed, 08 Jun 2022 00:55:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1654674907; cv=none;
        d=google.com; s=arc-20160816;
        b=qoNAKIdNDFpVg1iOu/5AZob7l+rgvnNlmmq+fJU+I9JRyMPoLj5bzhy/wJ9t0DVjrX
         dnnNu4ng0HRPdBV+fXVehYXHMKpENUk6l8Ov8sBqwoIkdwwMfWUveDPa9m3mSO6DuSKk
         R0TFXH1+ZkW1CgbBIjwXNBr8fvz6DLHNuaymffBE9AlImRyfntl8+VQ+lxLMXmH0C+L0
         rU3dRrhmqCHOfFhxG35CPTQrE57ft43MdYpgkLMrNim3kR8K7jg5d8kvQK/77RVEtorY
         lOpqI0LQaxzaw2ADPEr/xxqalSHiLMqKPAQZuSx6Ph3+sPhSuUx0RC2LTFdP/SWShExz
         v3dw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=k//y4pHv4JLYNYBlIBBbmAeiVpDmQZTGgQUzL2sFR9M=;
        b=OwjbU8RPOYiAA9oC8YUXur+8gZFm72G/r+j/CHCFNLXzq4EjgP9knTLviKGw8Z9Ru/
         UUHvgYB2xBOZNjwa+jEu8+6dU/6rKkTL2VcC5XnbNtGkSlubhSfQnSEjo/PYAiFrmqU0
         FKQy5VGLfwapI7FGQgJL7VWoPAM8V1V7jYkcrnnsMmA3YkNBbpTm8XFF8MO+6drqvjSB
         NqMYWF6Ten+Luq/2hFKUrs1twEje4rY48h3lB9zJNzmqgrxWyK16gWpQqEO1S8uLe7TV
         1yUl507esywCmCivflOyohJqAVGr6g1jOh0TtF7DC+CaZBqBadsspa/RQ0xsXEwDOoiv
         8/dA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=FnixDBPe;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id 7-20020a621707000000b005184f87b172si23320019pfx.268.2022.06.08.00.54.56;
        Wed, 08 Jun 2022 00:55:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=FnixDBPe;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S237386AbiFHCsG (ORCPT <rfc822;abrown110010@gmail.com>
        + 99 others); Tue, 7 Jun 2022 22:48:06 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59704 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1447787AbiFHCoF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 7 Jun 2022 22:44:05 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EB23D26855B;
        Tue,  7 Jun 2022 12:21:43 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 4359B60A54;
        Tue,  7 Jun 2022 19:21:43 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4C633C385A2;
        Tue,  7 Jun 2022 19:21:42 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1654629702;
        bh=5eZbs3RUyx8krHHab6EXWvD9mRyJfw/nCvHv1W7UiA4=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=FnixDBPe+KhUQBj054s3qDlfByDfVFkS8nBjri+a5tY70AgOV7Zv6lGjYKBXMq04u
         PV+PS+3iytTHvxXYC0Xxo786zU/CNem8Re7Y7gDa4ObRhJ4FDb7MV8N/zeb5fzoR6R
         HpbhXFUAMbL0r8VRrD4THUhyFHJTsa6dIrqZsPKU=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        =?UTF-8?q?Micka=C3=ABl=20Sala=C3=BCn?= <mic@digikod.net>
Subject: [PATCH 5.18 786/879] selftests/landlock: Test landlock_create_ruleset(2) argument check ordering
Date:   Tue,  7 Jun 2022 19:05:04 +0200
Message-Id: <20220607165025.682786588@linuxfoundation.org>
X-Mailer: git-send-email 2.36.1
In-Reply-To: <20220607165002.659942637@linuxfoundation.org>
References: <20220607165002.659942637@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-8.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Mickaël Salaün <mic@digikod.net>

commit 6533d0c3a86ee1cc74ff37ac92ca597deb87015c upstream.

Add inval_create_ruleset_arguments, extension of
inval_create_ruleset_flags, to also check error ordering for
landlock_create_ruleset(2).

This is similar to the previous commit checking landlock_add_rule(2).

Test coverage for security/landlock is 94.4% of 504 lines accorging to
gcc/gcov-11.

Link: https://lore.kernel.org/r/20220506160820.524344-11-mic@digikod.net
Cc: stable@vger.kernel.org
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 tools/testing/selftests/landlock/base_test.c |   21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

--- a/tools/testing/selftests/landlock/base_test.c
+++ b/tools/testing/selftests/landlock/base_test.c
@@ -97,14 +97,17 @@ TEST(abi_version)
 	ASSERT_EQ(EINVAL, errno);
 }
 
-TEST(inval_create_ruleset_flags)
+/* Tests ordering of syscall argument checks. */
+TEST(create_ruleset_checks_ordering)
 {
 	const int last_flag = LANDLOCK_CREATE_RULESET_VERSION;
 	const int invalid_flag = last_flag << 1;
+	int ruleset_fd;
 	const struct landlock_ruleset_attr ruleset_attr = {
 		.handled_access_fs = LANDLOCK_ACCESS_FS_READ_FILE,
 	};
 
+	/* Checks priority for invalid flags. */
 	ASSERT_EQ(-1, landlock_create_ruleset(NULL, 0, invalid_flag));
 	ASSERT_EQ(EINVAL, errno);
 
@@ -119,6 +122,22 @@ TEST(inval_create_ruleset_flags)
 		  landlock_create_ruleset(&ruleset_attr, sizeof(ruleset_attr),
 					  invalid_flag));
 	ASSERT_EQ(EINVAL, errno);
+
+	/* Checks too big ruleset_attr size. */
+	ASSERT_EQ(-1, landlock_create_ruleset(&ruleset_attr, -1, 0));
+	ASSERT_EQ(E2BIG, errno);
+
+	/* Checks too small ruleset_attr size. */
+	ASSERT_EQ(-1, landlock_create_ruleset(&ruleset_attr, 0, 0));
+	ASSERT_EQ(EINVAL, errno);
+	ASSERT_EQ(-1, landlock_create_ruleset(&ruleset_attr, 1, 0));
+	ASSERT_EQ(EINVAL, errno);
+
+	/* Checks valid call. */
+	ruleset_fd =
+		landlock_create_ruleset(&ruleset_attr, sizeof(ruleset_attr), 0);
+	ASSERT_LE(0, ruleset_fd);
+	ASSERT_EQ(0, close(ruleset_fd));
 }
 
 /* Tests ordering of syscall argument checks. */