Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp2851775rwb; Wed, 30 Nov 2022 11:46:07 -0800 (PST) X-Google-Smtp-Source: AA0mqf5zqelw11820IqfBEz6n9ed0KBrKt/dCEJtmG5uwX4TpE8DascIBdii+b5B/RXkkcRpgM2e X-Received: by 2002:a50:ef04:0:b0:46b:a74:b3d5 with SMTP id m4-20020a50ef04000000b0046b0a74b3d5mr16819525eds.155.1669837566924; Wed, 30 Nov 2022 11:46:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669837566; cv=none; d=google.com; s=arc-20160816; b=OyFjVW0Qljvn++Hs1RwuZdZ8au2fRXGhgRChrfPBWKFNoa1BicBLyNAe1BCbwt0H83 56scIPfTs0CU0O8wkJSsFLC7GMpltucCRH+n5TL89VLxQmenH+uDBWpNN8PcZzxRCXpO JTkWY1ND/qYkk0w8Q6/GN2UeSLjzbRYeWtviFGwAkd7y3Eg77ixcHD/fbt58aNVxDxqE pCSxDx1WS/WUlmP61NR/7upH7mkvDQoCs7pHFl47dVvAQrFgJtLdYsRgpUkmZGPYqm5A fRNlb+xR10HxQnwTJ9MbdLrT9cjImv4TSwB6Dgc4uLtkLuKCZ7dkBNZu3BcPWK0yy/9k zCIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=BqNG17t7XBYeLpDeXsZhfIDOLMJUsldrwek2qtzKZo8=; b=om+/qrTM12pGl2vRBLHbfQQSqjC8kGSD7q5bS7y1wnpcb96CpLFRTV75UU3Fms/NEt ghSc7IKEsIXM++3Lbcl7DOQIH2iWY4KLSGFs6LExMxiubuq5BaeXNNQ63ImFvEJ0ZDA7 +aC4SsgncbsXxCvbO0G8jbB1plIcMKqvm34l7WNTAteT55UeB6bpmyN8l/4U7l3Tb3yJ jP30w/QvzbNyyL6fAqvJyySk9EjUeYBUAuBbacZ6k9uOLLrDXL3xZy5laQhNKfumqr/j UYUA2tqF42AZGEm7N1xprM5WsVSwGmcOt/xwclQYMPCsIfw9ubaQQJqiC5TQsAJqF1Me tPrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@digikod.net header.s=20191114 header.b=dNqxO5+V; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id qw31-20020a1709066a1f00b007c08a2c2406si2068679ejc.85.2022.11.30.11.45.39; Wed, 30 Nov 2022 11:46:06 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@digikod.net header.s=20191114 header.b=dNqxO5+V; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229701AbiK3Tcv (ORCPT + 84 others); Wed, 30 Nov 2022 14:32:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45536 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229653AbiK3Tcu (ORCPT ); Wed, 30 Nov 2022 14:32:50 -0500 Received: from smtp-42ad.mail.infomaniak.ch (smtp-42ad.mail.infomaniak.ch [IPv6:2001:1600:3:17::42ad]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E037B23383 for ; Wed, 30 Nov 2022 11:32:48 -0800 (PST) Received: from smtp-3-0000.mail.infomaniak.ch (unknown [10.4.36.107]) by smtp-2-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4NMq9S1yfrzMqM90; Wed, 30 Nov 2022 20:32:44 +0100 (CET) Received: from ns3096276.ip-94-23-54.eu (unknown [23.97.221.149]) by smtp-3-0000.mail.infomaniak.ch (Postfix) with ESMTPA id 4NMq9Q3pMbzxf; Wed, 30 Nov 2022 20:32:42 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digikod.net; s=20191114; t=1669836764; bh=cubmng6cm1zv4ZAZR8kkO4CZXUOrwBMha88pqHrbkDw=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=dNqxO5+V4oCjH4Adng9IcbS6WnrqsgiXA6YYyvIjnMbc99EDzNWH2qPTPaA927r6g 28B7s94c6rVD39WGJz8aF3va22V6f1/RyKDV87A5BKgydJOikcBVTlrCG6o4dpXBGP uGKtwaciwx6iOTKfy3ndDdk3Md6EAsEQuwxlRDTQ= Message-ID: Date: Wed, 30 Nov 2022 20:32:41 +0100 MIME-Version: 1.0 User-Agent: Subject: Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail Content-Language: en-US To: limin , Jeff Xu Cc: hannes@cmpxchg.org, mhocko@kernel.org, roman.gushchin@linux.dev, shakeelb@google.com, songmuchun@bytedance.com, tj@kernel.org, lizefan.x@bytedance.com, shuah@kernel.org, linux-kselftest@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Jorge Lucangeli Obes , Guenter Roeck , Kees Cook References: <20221128020409.1545717-1-limin100@huawei.com> <1232e4f3-e4b8-ff23-61e8-5465c8406f6e@digikod.net> <7379a5fd-5593-c6ce-40fd-c543dcf70d2b@huawei.com> <2bc18685-f975-497f-9c20-da99dbc296c0@huawei.com> From: =?UTF-8?Q?Micka=c3=abl_Sala=c3=bcn?= In-Reply-To: <2bc18685-f975-497f-9c20-da99dbc296c0@huawei.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Infomaniak-Routing: alpha X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org I checked and the Landlock ptrace test failed because Yama is enabled, which is expected. You can check that with /proc/sys/kernel/yama/ptrace_scope Jeff Xu sent a patch to fix this case but it is not ready yet: https://lore.kernel.org/r/20220628222941.2642917-1-jeffxu@google.com Could you please send a new patch Jeff, and add Limin in Cc? On 29/11/2022 12:26, limin wrote: > cat /proc/cmdline > BOOT_IMAGE=/vmlinuz-6.1.0-next-20221116 > root=UUID=a65b3a79-dc02-4728-8a0c-5cf24f4ae08b ro > systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all > > > config > > # > # Automatically generated file; DO NOT EDIT. > # Linux/x86 6.1.0-rc6 Kernel Configuration > # [...] > CONFIG_SECURITY_YAMA=y [...] > CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor" [...] > > On 2022/11/29 19:03, Mickaël Salaün wrote: >> I tested with next-20221116 and all tests are OK. Could you share your >> kernel configuration with a link? What is the content of /proc/cmdline? >> >> On 29/11/2022 02:42, limin wrote: >>> I run test on Linux ubuntu2204 6.1.0-next-20221116 >>> >>> I did't use yama. >>> >>> you can reproduce by this step: >>> >>> cd kernel_src >>> >>> cd tools/testing/selftests/landlock/ >>> make >>> ./ptrace_test >>> >>> >>> >>> >>> On 2022/11/29 3:44, Mickaël Salaün wrote: >>>> This patch changes the test semantic and then cannot work on my test >>>> environment. On which kernel did you run test? Do you use Yama or >>>> something similar? >>>> >>>> On 28/11/2022 03:04, limin wrote: >>>>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent, >>>>> trace parent return -1 when child== 0 >>>>> How to reproduce warning: >>>>> $ make -C tools/testing/selftests TARGETS=landlock run_tests >>>>> >>>>> Signed-off-by: limin >>>>> --- >>>>>    tools/testing/selftests/landlock/ptrace_test.c | 5 ++--- >>>>>    1 file changed, 2 insertions(+), 3 deletions(-) >>>>> >>>>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c >>>>> b/tools/testing/selftests/landlock/ptrace_test.c >>>>> index c28ef98ff3ac..88c4dc63eea0 100644 >>>>> --- a/tools/testing/selftests/landlock/ptrace_test.c >>>>> +++ b/tools/testing/selftests/landlock/ptrace_test.c >>>>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace) >>>>>            /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the >>>>> parent. */ >>>>>            err_proc_read = test_ptrace_read(parent); >>>>>            ret = ptrace(PTRACE_ATTACH, parent, NULL, 0); >>>>> +        EXPECT_EQ(-1, ret); >>>>> +        EXPECT_EQ(EPERM, errno); >>>>>            if (variant->domain_child) { >>>>> -            EXPECT_EQ(-1, ret); >>>>> -            EXPECT_EQ(EPERM, errno); >>>>>                EXPECT_EQ(EACCES, err_proc_read); >>>>>            } else { >>>>> -            EXPECT_EQ(0, ret); >>>>>                EXPECT_EQ(0, err_proc_read); >>>>>            } >>>>>            if (ret == 0) {