e53db3e57647468627ae5733ec726916a45d39c6 |
|
22-Mar-2017 |
Tri Vo <trong@google.com> |
Enable all test cases for seccomp. Test: mmma external/linux-kselftest Change-Id: Ic5c313067412a0576c40dc15f9abc1119cf685a1
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
a439e2d570f986e102751b5e2d1d8a2e0dbba6f1 |
|
21-Sep-2016 |
Tri Vo <trong@google.com> |
Disable failing testcases for seccomp_bpf test. Change-Id: Id29462a6140a861c4a5bb75c5132b0a45c7bd570
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
58d0a862f573c3354fa912603ef5a4db188774e7 |
|
26-May-2016 |
Kees Cook <keescook@chromium.org> |
seccomp: add tests for ptrace hole One problem with seccomp was that ptrace could be used to change a syscall after seccomp filtering had completed. This was a well documented limitation, and it was recommended to block ptrace when defining a filter to avoid this problem. This can be quite a limitation for containers or other places where ptrace is desired even under seccomp filters. This adds tests for both SECCOMP_RET_TRACE and PTRACE_SYSCALL manipulations. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@kernel.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
64e2a42bca12e408f0258c56adcf3595bcd116e7 |
|
01-Apr-2016 |
Helge Deller <deller@gmx.de> |
parisc: Add ARCH_TRACEHOOK and regset support By adding TRACEHOOK support we now get a clean user interface to access registers via PTRACE_GETREGS, PTRACE_SETREGS, PTRACE_GETFPREGS and PTRACE_SETFPREGS. The user-visible regset struct user_regs_struct and user_fp_struct are modelled similiar to x86 and can be accessed via PTRACE_GETREGSET. Signed-off-by: Helge Deller <deller@gmx.de>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
0ce105bf9723e9a2dc7ec0a1e164c1b63aa64546 |
|
29-Mar-2016 |
Matt Redfearn <matt.redfearn@imgtec.com> |
selftests/seccomp: add MIPS self-test support This adds self-test support on MIPS, based on RFC patch from Kees Cook. Modifications from the RFC: - support the O32 syscall which passes the real syscall number in a0. - Use PTRACE_{GET,SET}REGS - Because SYSCALL_NUM and SYSCALL_RET are the same register, it is not possible to test modifying the syscall return value when skipping, since both would need to set the same register. Therefore modify that test case to just detect the skipped test. Tested on MIPS32r2 / MIPS64r2 with O32, N32 and N64 userlands. Signed-off-by: Matt Redfearn <matt.redfearn@imgtec.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Cc: IMG-MIPSLinuxKerneldevelopers@imgtec.com Cc: linux-kernel@vger.kernel.org Cc: linux-kselftest@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/12977/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
505ce68c6da3432454c62e43c24a22ea5b1d754b |
|
29-Mar-2016 |
Mickaël Salaün <mic@digikod.net> |
selftest/seccomp: Fix the seccomp(2) signature Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
6c045d07bb305c527140bdec4cf8ab50f7c980d8 |
|
29-Mar-2016 |
Mickaël Salaün <mic@digikod.net> |
selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC Rename SECCOMP_FLAG_FILTER_TSYNC to SECCOMP_FILTER_FLAG_TSYNC to match the UAPI. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
4a0b88070406323487bad730d8945f482151a145 |
|
29-Dec-2015 |
Mickaël Salaün <mic@digikod.net> |
selftests/seccomp: Remove the need for HAVE_ARCH_TRACEHOOK Some architectures do not implement PTRACE_GETREGSET nor PTRACE_SETREGSET (required by HAVE_ARCH_TRACEHOOK) but only implement PTRACE_GETREGS and PTRACE_SETREGS (e.g. User-mode Linux). This improve seccomp selftest portability for architectures without HAVE_ARCH_TRACEHOOK support by defining a new trigger HAVE_GETREGS. For now, this is only enabled for i386 and x86_64 architectures. This is required to be able to run this tests on User-mode Linux. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Jeff Dike <jdike@addtoit.com> Cc: Richard Weinberger <richard@nod.at> Cc: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Will Drewry <wad@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Meredydd Luff <meredydd@senatehouse.org> Cc: David Drysdale <drysdale@google.com> Signed-off-by: Richard Weinberger <richard@nod.at> Acked-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
2ce47b44b25d8fb0114ff117813742adbefec8ff |
|
13-Nov-2015 |
Bamvor Jian Zhang <bamvor.zhangjian@linaro.org> |
selftests/seccomp: Get page size from sysconf The commit fd88d16c58c2 ("selftests/seccomp: Be more precise with syscall arguments.") use PAGE_SIZE directly which lead to build failure on arm64. Replace it with generic interface(sysconf(_SC_PAGESIZE)) to fix this failure. Build and test successful on x86_64 and arm64. Signed-off-by: Bamvor Jian Zhang <bamvor.zhangjian@linaro.org> Acked-by: Kees Cook <keescook@chromium.org> Tested-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
fd88d16c58c2ad689a68d6790c789e7d5be3fc5b |
|
02-Nov-2015 |
Robert Sesek <rsesek@google.com> |
selftests/seccomp: Be more precise with syscall arguments. Certain syscall emulation layers strictly check that the number of arguments match what the syscall handler expects. The KILL_one_arg_one and KILL_one_arg_six tests passed more parameters than expected to various syscalls, causing failures in this emulation mode. Instead, test using syscalls that take the appropriate number of arguments. Signed-off-by: Robert Sesek <rsesek@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
256d0afb11d6e878e8c793e4a6e3bbfb81f9aae8 |
|
06-Oct-2015 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: build and pass on arm64 Changing arm64 syscalls is done via a specific register set, more like s390 than like arm (specific ptrace call) and x86 (part of general registers). Since (restarting) poll doesn't exist on arm64, switch to using nanosleep for testing restart_syscall. And since it looks like the syscall ABI is inconsistent on arm-compat, so we must work around it (and document it) in the test. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
b623c4daadb5a4bfaef62783085b95bd9ba5a77c |
|
21-Aug-2015 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: add support for s390 This adds support for s390 to the seccomp selftests. Some improvements were made to enhance the accuracy of failure reporting, and additional tests were added to validate assumptions about the currently traced syscall. Also adds early asserts for running on older kernels to avoid noise when the seccomp syscall is not implemented. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
5d83c2b37d435b88452bc88a2a47672346efb2b4 |
|
23-Jul-2015 |
Michael Ellerman <mpe@ellerman.id.au> |
selftests/seccomp: Add powerpc support Wire up the syscall number and regs so the tests work on powerpc. With the powerpc kernel support just merged, all tests pass on ppc64, ppc64 (compat), ppc64le, ppc, ppc64e and ppc64e (compat). Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
c385d0db30f3c0bf687a080c38e8088c342116a3 |
|
23-Jul-2015 |
Michael Ellerman <mpe@ellerman.id.au> |
selftests/seccomp: Make seccomp tests work on big endian The seccomp_bpf test uses BPF_LD|BPF_W|BPF_ABS to load 32-bit values from seccomp_data->args. On big endian machines this will load the high word of the argument, which is not what the test wants. Borrow a hack from samples/seccomp/bpf-helper.h which changes the offset on big endian to account for this. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
c99ee51a9d9716fe33f5022c763728a565e3bd08 |
|
16-Jun-2015 |
Kees Cook <keescook@chromium.org> |
selftests: add seccomp suite This imports the existing seccomp test suite into the kernel's selftests tree. It contains extensive testing of seccomp features and corner cases. There remain additional tests to move into the kernel tree, but they have not yet been ported to all the architectures seccomp supports: https://github.com/redpig/seccomp/tree/master/tests Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|