Received: by 2002:a89:2c3:0:b0:1ed:23cc:44d1 with SMTP id d3csp663929lqs; Tue, 5 Mar 2024 12:33:18 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXbQ2SVu/Fj0Heldpg/RwPta9UrZ57FfUCM6wJ+CSEean51hSP2IXf1ITwa8EmEhxjKFsFcuSJ0SpB+ySB3TFFQI/66wUANXTCQPib7dw== X-Google-Smtp-Source: AGHT+IEWR7TU56X/juV5nNHqq16ZHZ2GR30yqsGrJ8v4rh7OyFWhu1fO+zlOcoq3y3l0VoFhbWMF X-Received: by 2002:a05:620a:94f:b0:787:ec39:8210 with SMTP id w15-20020a05620a094f00b00787ec398210mr2956757qkw.52.1709670797789; Tue, 05 Mar 2024 12:33:17 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709670797; cv=pass; d=google.com; s=arc-20160816; b=EJIBDNVnbQsCqY5kg6gh9ZNWs4dnyLusARREz8AfjrBeljTbDE5/exe6+a2035MKdw gZ2MrvIZaWlndCd9boa0AQ4F2eUFP/l2R9E+w24TWQ+9adFqpFuERTDvMzzCioIu4Abk JnOnTxU18UeDU1FNMbL9SzOTfAy2e7UQT8plAYHSQSWXuo2blarrmaciZ56+p3Qbz1Bx lKXVMLfrAsBNqGAqsn7hwZ6tHyz5BDEqwa7QiueRMpHsSGYUk14WcCmuLPDi20yW5tkm nv6bH4/QVwbiJ7OcX9eW0IrvPeFXzvb/i64ZerOqezI1C7/dBiCObmBotxM1sB/gEjon 2cPg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=4EwXdmdUlhrJr7UjQPFyD/UJ5/e0VwSFBZlmIPUM/vk=; fh=hnJVR2pn7poLYJqnggBE6JAOIrOmRMFq8Iaf2gUYaC4=; b=kR+WcqoUXb8tyvsh9iKTeNRxuws/7eRqz3lf8eUFZlkJ8DbMpv/nwKdPwsFsUgFsj2 9elnQt6gByqKFN4iACvW5HZSVakJxxiXjnaVn2pa9VmZgASGbMi0G3vbC6Gv8m5mWgVo sROqVJXqZs2B7CfyEUOtDqBmS1s3Gri7mDZdQSVzcCNiqQMIiH0cgVGRYWjbgDNEowWL 5HX7xkCuwU51hkyp5UCWKgVEvFjF2AAQ0B1gd7TKLR8XvqfHQEeDYXuAoYDudMeWYWdN ie7czTXJK20nN2J1TSiqT4MaSilS7IM9KlBWaub1OMlcttdIyem1rWfhNBPN70O2OhXY 44Ew==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=JhjhrrLe; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-92968-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-92968-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id wk5-20020a05620a578500b00788370b7c55si1655159qkn.461.2024.03.05.12.33.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Mar 2024 12:33:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-92968-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=JhjhrrLe; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-92968-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-92968-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 95B071C28CFB for ; Tue, 5 Mar 2024 20:32:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E5568128829; Tue, 5 Mar 2024 20:31:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="JhjhrrLe" Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7ACDF12A144 for ; Tue, 5 Mar 2024 20:31:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.177 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709670711; cv=none; b=CQm+bF3OreaQglRDJnEWL7lWxQPrYtHI01pWCIW81vlzxL5wBpV1IOoYetoRBy8xbJ9jOnMkcLnYwnhsGxFk7G1jTSSbx1MNQoMq6EDtGVnQvZ7B737u6Yn8DUUI8h/rBT5SNouMuHgKW5VDueSYaxETQqMcNtoCSOcfw/k6UPg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709670711; c=relaxed/simple; bh=pw3G19sacPvgxxjDa+F7GfDDZnTry5voAGRccl7XUhw=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=qaDAagCTorUU5LoIqS8dtVMru9MCKELcjZtUkrlKXMuZJMWBYTV4gpp8Ihq/7WqIE3vmbBwjZPyPpG+Hw1+n4rk/DCYImTbh0ffcffiznu6sDVQI4UJjMAudXt21q2D6u+BaIQTHz7VCHvCh8nJoLW6EaLFjxdXIQaNA3kWpAx8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org; spf=pass smtp.mailfrom=chromium.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b=JhjhrrLe; arc=none smtp.client-ip=209.85.210.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-6e5760eeb7aso149731b3a.1 for ; Tue, 05 Mar 2024 12:31:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1709670709; x=1710275509; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=4EwXdmdUlhrJr7UjQPFyD/UJ5/e0VwSFBZlmIPUM/vk=; b=JhjhrrLekNSFp/aKxTSWqR/6QpEKkt+GqwB7duR/KKTqfD2CKo5HNLMkIlR8zas4Td m/DhF3HpVAomF5iWm/eIqwxxKv9ew5oSSBW7BtIsgNz7ed5K4j4S9Qix1IyJofElVw1z fH0C8lejeJK2S98fleJvSV4GvXSbtElR4jpOw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709670709; x=1710275509; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4EwXdmdUlhrJr7UjQPFyD/UJ5/e0VwSFBZlmIPUM/vk=; b=E3K3huXFUR2zfgRf7WnKwfueMBwjik1JmtZI8WlIpPmuaRoqerQhoh4T0s/vDqbaFH kJ3kNr4NJWogU3OpzSXGb5sGCdLMko8roOHYFXrPgcpMZGoHLZXQP2puV/Nu01Y19oTd XXVbRcIT0nrCwgGCSOw9yvEfMB1o6LpPG875QgShpbZDofL7Qcmy2LifiACSZM+JFBnJ /DsRVemFk09T8C6ihFZDasfJGPBJ4oVAUQu44aJr8Lj5hEu2R6wf3Qax9Z5T6iFyZT7/ 8sToyM2hwYzoSmBojLTaBX4yWMOQtTvIdoW4+m/uwhlqt9KY7n65YkE5ofTVo6/yivBV Nrdg== X-Forwarded-Encrypted: i=1; AJvYcCUu+LW7NCKqSW5LLF7MJXQJA+jzAMi9IxPi3p/q+PzJN4sfNZOPwWpC1iSl6MonV0Fy/7RLHuuVTz4Wa/q0uBAD5/nOTstzWfW+NPLh X-Gm-Message-State: AOJu0YzR8QIe7Ikxw+SWeCkPGpSETQV8M6U/oytXG0uLouo0NbvYo5Tj J3L291A+HPSS3NSPAoUQMpFR4CvjDI8j35X1e/A++vmFPOYCtoad8D6skAhERQ== X-Received: by 2002:a05:6a20:85a7:b0:1a0:e1b6:4306 with SMTP id s39-20020a056a2085a700b001a0e1b64306mr2544108pzd.57.1709670708732; Tue, 05 Mar 2024 12:31:48 -0800 (PST) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id p20-20020a62ab14000000b006e47e57d976sm9354568pff.166.2024.03.05.12.31.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 Mar 2024 12:31:48 -0800 (PST) Date: Tue, 5 Mar 2024 12:31:47 -0800 From: Kees Cook To: =?iso-8859-1?Q?Micka=EBl_Sala=FCn?= Cc: "David S . Miller" , Jakub Kicinski , Mark Brown , Shuah Khan , =?iso-8859-1?Q?G=FCnther?= Noack , Will Drewry , edumazet@google.com, jakub@cloudflare.com, pabeni@redhat.com, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-security-module@vger.kernel.org, netdev@vger.kernel.org Subject: Re: [PATCH] selftests/harness: Fix TEST_F()'s vfork handling Message-ID: <202403051225.B2ABAC80A@keescook> References: <20240305.sheeF9yain1O@digikod.net> <20240305201029.1331333-1-mic@digikod.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20240305201029.1331333-1-mic@digikod.net> On Tue, Mar 05, 2024 at 09:10:29PM +0100, Micka?l Sala?n wrote: > Always run fixture setup in the grandchild process, and by default also > run the teardown in the same process. However, this change makes it > possible to run the teardown in a parent process when > _metadata->teardown_parent is set to true (e.g. in fixture setup). > > Fix TEST_SIGNAL() by forwarding grandchild's signal to its parent. Fix > seccomp tests by running the test setup in the parent of the test > thread, as expected by the related test code. Fix Landlock tests by > waiting for the grandchild before processing _metadata. > > Use of exit(3) in tests should be OK because the environment in which > the vfork(2) call happen is already dedicated to the running test (with > flushed stdio, setpgrp() call), see __run_test() and the call to fork(2) > just before running the setup/test/teardown. Even if the test > configures its own exit handlers, they will not be run by the parent > because it never calls exit(3), and the test function either ends with a > call to _exit(2) or a signal. > > Cc: David S. Miller > Cc: G?nther Noack > Cc: Jakub Kicinski > Cc: Kees Cook > Cc: Mark Brown > Cc: Shuah Khan > Cc: Will Drewry > Fixes: 0710a1a73fb4 ("selftests/harness: Merge TEST_F_FORK() into TEST_F()") > Link: https://lore.kernel.org/r/20240305201029.1331333-1-mic@digikod.net Sanity-check run of seccomp tests before: # # Totals: pass:70 fail:21 xfail:0 xpass:0 skip:5 error:0 After: # # Totals: pass:91 fail:0 xfail:0 xpass:0 skip:5 error:0 Reviewed-by: Kees Cook Tested-by: Kees Cook Thanks for a quick fix! -Kees -- Kees Cook