938984fdc6d2bb2360c8efcb1409ea55066954a1 |
|
30-Jan-2018 |
Steve Muckle <smuckle@google.com> |
Merge kselftest from Linux 4.15 Bug: 72110410 Test: run vts-kernel -m VtsKernelLinuxKselftest on 3.18, 4.4, 4.9 Change-Id: Ief7f9536bd337a74feafaab0162925ad72e3b201 Signed-off-by: Steve Muckle <smuckle@google.com>
|
ce845e0a25d77c8cf0fae539d4596b83e65e3e70 |
|
24-Oct-2017 |
Steve Muckle <smuckle@google.com> |
seccomp: detect compat mode in ARM64 Compat mode on ARM64 reports syscall numbering differently. Test: run vts-kernel -m VtsKernelLinuxKselftestStaging Bug: 33027081 Change-Id: Ifc02bb48573b4a40f1857b41a7735a6e3d7a06e8 Signed-off-by: Steve Muckle <smuckle@google.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
16a09c0d879525707a03d3d7c6d3e659753b1e16 |
|
24-Oct-2017 |
Steve Muckle <smuckle@google.com> |
seccomp: disable tests broken on kernels < 4.8 The skip_after_RET_TRACE, kill_after_RET_TRACE, skip_after_ptrace, and kill_after_ptrace tests do not work on kernels earlier than 4.8. Bug: 33027081 Test: run vts-kernel -m VtsKernelLinuxKselftestStaging Change-Id: I3ac43d8ed9ca2a9e463001e72ca4dc5d72d81283 Signed-off-by: Steve Muckle <smuckle@google.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
225d3b67482930ff5a9f49ad307deffd97ce04c1 |
|
27-Sep-2017 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge tag 'linux-kselftest-4.14-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest fixes from Shuah Khan: "This update consists of: - fixes to several existing tests - a test for regression introduced by b9470c27607b ("inet: kill smallest_size and smallest_port") - seccomp support for glibc 2.26 siginfo_t.h - fixes to kselftest framework and tests to run make O=dir use-case - fixes to silence unnecessary test output to de-clutter test results" * tag 'linux-kselftest-4.14-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: (28 commits) selftests: timers: set-timer-lat: Fix hang when testing unsupported alarms selftests: timers: set-timer-lat: fix hang when std out/err are redirected selftests/memfd: correct run_tests.sh permission selftests/seccomp: Support glibc 2.26 siginfo_t.h selftests: futex: Makefile: fix for loops in targets to run silently selftests: Makefile: fix for loops in targets to run silently selftests: mqueue: Use full path to run tests from Makefile selftests: futex: copy sub-dir test scripts for make O=dir run selftests: lib.mk: copy test scripts and test files for make O=dir run selftests: sync: kselftest and kselftest-clean fail for make O=dir case selftests: sync: use TEST_CUSTOM_PROGS instead of TEST_PROGS selftests: lib.mk: add TEST_CUSTOM_PROGS to allow custom test run/install selftests: watchdog: fix to use TEST_GEN_PROGS and remove clean selftests: lib.mk: fix test executable status check to use full path selftests: Makefile: clear LDFLAGS for make O=dir use-case selftests: lib.mk: kselftest and kselftest-clean fail for make O=dir case Makefile: kselftest and kselftest-clean fail for make O=dir case selftests/net: msg_zerocopy enable build with older kernel headers selftests: actually run the various net selftests selftest: add a reuseaddr test ...
|
10859f3855db4c6f10dc7974ff4b3a292f3de8e0 |
|
08-Sep-2017 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: Support glibc 2.26 siginfo_t.h The 2.26 release of glibc changed how siginfo_t is defined, and the earlier work-around to using the kernel definition are no longer needed. The old way needs to stay around for a while, though. Reported-by: Seth Forshee <seth.forshee@canonical.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Will Drewry <wad@chromium.org> Cc: Shuah Khan <shuah@kernel.org> Cc: linux-kselftest@vger.kernel.org Cc: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Tested-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
c0a3a64e723324ae6dda53214061a71de63808c3 |
|
23-Sep-2017 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull seccomp updates from Kees Cook: "Major additions: - sysctl and seccomp operation to discover available actions (tyhicks) - new per-filter configurable logging infrastructure and sysctl (tyhicks) - SECCOMP_RET_LOG to log allowed syscalls (tyhicks) - SECCOMP_RET_KILL_PROCESS as the new strictest possible action - self-tests for new behaviors" [ This is the seccomp part of the security pull request during the merge window that was nixed due to unrelated problems - Linus ] * tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: samples: Unrename SECCOMP_RET_KILL selftests/seccomp: Test thread vs process killing seccomp: Implement SECCOMP_RET_KILL_PROCESS action seccomp: Introduce SECCOMP_RET_KILL_PROCESS seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD seccomp: Action to log before allowing seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW seccomp: Selftest for detection of filter flag support seccomp: Sysctl to configure actions that are allowed to be logged seccomp: Operation for checking if an action is available seccomp: Sysctl to display available actions seccomp: Provide matching filter for introspection selftests/seccomp: Refactor RET_ERRNO tests selftests/seccomp: Add simple seccomp overhead benchmark selftests/seccomp: Add tests for basic ptrace actions
|
369130b63178e0e2f863a2da2a5ad0238ded6d9d |
|
07-Aug-2017 |
Mickaël Salaün <mic@digikod.net> |
selftests: Enhance kselftest_harness.h to print which assert failed When a test process is not able to write to TH_LOG_STREAM, this step mechanism enable to print the assert number which triggered the failure. This can be enabled by setting _metadata->no_print to true at the beginning of the test sequence. Update the seccomp-bpf test to return 0 if a test succeeded. This feature is needed for the Landlock tests. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuah@kernel.org> Cc: Will Drewry <wad@chromium.org> Link: https://lkml.kernel.org/r/CAGXu5j+D-FP8Kt9unNOqKrQJP4DYTpmgkJxWykZyrYiVPz3Y3Q@mail.gmail.com Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
f3e1821d9e1cc3fb434d7763001791dcd6720c90 |
|
11-Aug-2017 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: Test thread vs process killing This verifies that SECCOMP_RET_KILL_PROCESS is higher priority than SECCOMP_RET_KILL_THREAD. (This also moves a bunch of defines up earlier in the file to use them earlier.) Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
fd76875ca289a3d4722f266fd2d5532a27083903 |
|
11-Aug-2017 |
Kees Cook <keescook@chromium.org> |
seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD In preparation for adding SECCOMP_RET_KILL_PROCESS, rename SECCOMP_RET_KILL to the more accurate SECCOMP_RET_KILL_THREAD. The existing selftest values are intentionally left as SECCOMP_RET_KILL just to be sure we're exercising the alias. Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
59f5cf44a38284eb9e76270c786fb6cc62ef8ac4 |
|
11-Aug-2017 |
Tyler Hicks <tyhicks@canonical.com> |
seccomp: Action to log before allowing Add a new action, SECCOMP_RET_LOG, that logs a syscall before allowing the syscall. At the implementation level, this action is identical to the existing SECCOMP_RET_ALLOW action. However, it can be very useful when initially developing a seccomp filter for an application. The developer can set the default action to be SECCOMP_RET_LOG, maybe mark any obviously needed syscalls with SECCOMP_RET_ALLOW, and then put the application through its paces. A list of syscalls that triggered the default action (SECCOMP_RET_LOG) can be easily gleaned from the logs and that list can be used to build the syscall whitelist. Finally, the developer can change the default action to the desired value. This provides a more friendly experience than seeing the application get killed, then updating the filter and rebuilding the app, seeing the application get killed due to a different syscall, then updating the filter and rebuilding the app, etc. The functionality is similar to what's supported by the various LSMs. SELinux has permissive mode, AppArmor has complain mode, SMACK has bring-up mode, etc. SECCOMP_RET_LOG is given a lower value than SECCOMP_RET_ALLOW as allow while logging is slightly more restrictive than quietly allowing. Unfortunately, the tests added for SECCOMP_RET_LOG are not capable of inspecting the audit log to verify that the syscall was logged. With this patch, the logic for deciding if an action will be logged is: if action == RET_ALLOW: do not log else if action == RET_KILL && RET_KILL in actions_logged: log else if action == RET_LOG && RET_LOG in actions_logged: log else if filter-requests-logging && action in actions_logged: log else if audit_enabled && process-is-being-audited: log else: do not log Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
e66a39977985b1e69e17c4042cb290768eca9b02 |
|
11-Aug-2017 |
Tyler Hicks <tyhicks@canonical.com> |
seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW Add a new filter flag, SECCOMP_FILTER_FLAG_LOG, that enables logging for all actions except for SECCOMP_RET_ALLOW for the given filter. SECCOMP_RET_KILL actions are always logged, when "kill" is in the actions_logged sysctl, and SECCOMP_RET_ALLOW actions are never logged, regardless of this flag. This flag can be used to create noisy filters that result in all non-allowed actions to be logged. A process may have one noisy filter, which is loaded with this flag, as well as a quiet filter that's not loaded with this flag. This allows for the actions in a set of filters to be selectively conveyed to the admin. Since a system could have a large number of allocated seccomp_filter structs, struct packing was taken in consideration. On 64 bit x86, the new log member takes up one byte of an existing four byte hole in the struct. On 32 bit x86, the new log member creates a new four byte hole (unavoidable) and consumes one of those bytes. Unfortunately, the tests added for SECCOMP_FILTER_FLAG_LOG are not capable of inspecting the audit log to verify that the actions taken in the filter were logged. With this patch, the logic for deciding if an action will be logged is: if action == RET_ALLOW: do not log else if action == RET_KILL && RET_KILL in actions_logged: log else if filter-requests-logging && action in actions_logged: log else if audit_enabled && process-is-being-audited: log else: do not log Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
2b7ea5b5b5799f2878ed454bb48032bed6d101d3 |
|
11-Aug-2017 |
Tyler Hicks <tyhicks@canonical.com> |
seccomp: Selftest for detection of filter flag support Userspace needs to be able to reliably detect the support of a filter flag. A good way of doing that is by attempting to enter filter mode, with the flag bit(s) in question set, and a NULL pointer for the args parameter of seccomp(2). EFAULT indicates that the flag is valid and EINVAL indicates that the flag is invalid. This patch adds a selftest that can be used to test this method of detection in userspace. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
d612b1fd8010d0d67b5287fe146b8b55bcbb8655 |
|
11-Aug-2017 |
Tyler Hicks <tyhicks@canonical.com> |
seccomp: Operation for checking if an action is available Userspace code that needs to check if the kernel supports a given action may not be able to use the /proc/sys/kernel/seccomp/actions_avail sysctl. The process may be running in a sandbox and, therefore, sufficient filesystem access may not be available. This patch adds an operation to the seccomp(2) syscall that allows userspace code to ask the kernel if a given action is available. If the action is supported by the kernel, 0 is returned. If the action is not supported by the kernel, -1 is returned with errno set to -EOPNOTSUPP. If this check is attempted on a kernel that doesn't support this new operation, -1 is returned with errno set to -EINVAL meaning that userspace code will have the ability to differentiate between the two error cases. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Suggested-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
f3f6e30669c048f47d51ea59df9946a91f551c4c |
|
02-Aug-2017 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: Refactor RET_ERRNO tests This refactors the errno tests (since they all use the same pattern for their filter) and adds a RET_DATA field ordering test. Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
a33b2d0359a0aae25d5ac7a26b85a5682485ebbb |
|
09-Aug-2016 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: Add tests for basic ptrace actions This adds tests for using only ptrace to perform syscall changes, just to validate matching behavior between seccomp events and ptrace events. Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
ef3ad0898a60d30da7f170032992914998c366e5 |
|
07-Jul-2017 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge tag 'linux-kselftest-4.13-rc1-update' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull Kselftest updates from Shuah Khan: "This update consists of: - TAP13 framework and changes to some tests to convert to TAP13. Converting kselftest output to standard format will help identify run to run differences and pin point failures easily. TAP13 format has been in use for several years and the output is human friendly. Please find the specification: https://testanything.org/tap-version-13-specification.html Credit goes to Tim Bird for recommending TAP13 as a suitable format, and to Grag KH for kick starting the work with help from Paul Elder and Alice Ferrazzi The first phase of the TAp13 conversion is included in this update. Future updates will include updates to rest of the tests. - Masami Hiramatsu fixed ftrace to run on 4.9 stable kernels. - Kselftest documnetation has been converted to ReST format. Document now has a new home under Documentation/dev-tools. - kselftest_harness.h is now available for general use as a result of Mickaël Salaün's work. - Several fixes to skip and/or fail tests gracefully on older releases" * tag 'linux-kselftest-4.13-rc1-update' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: (48 commits) selftests: membarrier: use ksft_* var arg msg api selftests: breakpoints: breakpoint_test_arm64: convert test to use TAP13 selftests: breakpoints: step_after_suspend_test use ksft_* var arg msg api selftests: breakpoint_test: use ksft_* var arg msg api kselftest: add ksft_print_msg() function to output general information kselftest: make ksft_* output functions variadic selftests/capabilities: Fix the test_execve test selftests: intel_pstate: add .gitignore selftests: fix memory-hotplug test selftests: add missing test name in memory-hotplug test selftests: check percentage range for memory-hotplug test selftests: check hot-pluggagble memory for memory-hotplug test selftests: typo correction for memory-hotplug test selftests: ftrace: Use md5sum to take less time of checking logs tools/testing/selftests/sysctl: Add pre-check to the value of writes_strict kselftest.rst: do some adjustments after ReST conversion selftest/net/Makefile: Specify output with $(OUTPUT) selftest/intel_pstate/aperf: Use LDLIBS instead of LDFLAGS selftest/memfd/Makefile: Fix build error selftests: lib: Skip tests on missing test modules ...
|
93bd70e3330be45542c455dde11d8dc657ab3044 |
|
21-Mar-2017 |
Kees Cook <keescook@chromium.org> |
seccomp: Adjust selftests to avoid double-join While glibc's pthread implementation is rather forgiving about repeat thread joining, Bionic has recently become much more strict. To deal with this, actually track which threads have been successfully joined and kill the rest at teardown. Based on a patch from Paul Lawrence. Cc: Paul Lawrence <paullawrence@google.com> Signed-off-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
34a048cc06802556e5f96f325dc32cc2f6a11225 |
|
11-Jun-2017 |
Mickaël Salaün <mic@digikod.net> |
selftests: kselftest_harness: Fix compile warning Do not confuse the compiler with a semicolon preceding a block. Replace the semicolon with an empty block to avoid a warning: gcc -Wl,-no-as-needed -Wall -lpthread seccomp_bpf.c -o /.../linux/tools/testing/selftests/seccomp/seccomp_bpf In file included from seccomp_bpf.c:40:0: seccomp_bpf.c: In function ‘change_syscall’: ../kselftest_harness.h:558:2: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation] for (; _metadata->trigger; _metadata->trigger = __bail(_assert)) ^ ../kselftest_harness.h:574:14: note: in expansion of macro ‘OPTIONAL_HANDLER’ } while (0); OPTIONAL_HANDLER(_assert) ^~~~~~~~~~~~~~~~ ../kselftest_harness.h:440:2: note: in expansion of macro ‘__EXPECT’ __EXPECT(expected, seen, ==, 0) ^~~~~~~~ seccomp_bpf.c:1313:2: note: in expansion of macro ‘EXPECT_EQ’ EXPECT_EQ(0, ret); ^~~~~~~~~ seccomp_bpf.c:1317:2: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’ { ^ Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
0b40808a10842131742b1646a465b877a277168a |
|
26-May-2017 |
Mickaël Salaün <mic@digikod.net> |
selftests: Make test_harness.h more generally available The seccomp/test_harness.h file contains useful helpers to build tests. Moving it to the selftest directory should benefit to other test components. Keep seccomp maintainers for this file. Signed-off-by: Mickaël Salaün <mic@digikod.net> Acked-by: Kees Cook <keescook@chromium.org> Acked-by: Will Drewry <wad@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Shuah Khan <shuah@kernel.org> Link: https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=PTENe88XYHzFYidUQ@mail.gmail.com Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
58d0a862f573c3354fa912603ef5a4db188774e7 |
|
26-May-2016 |
Kees Cook <keescook@chromium.org> |
seccomp: add tests for ptrace hole One problem with seccomp was that ptrace could be used to change a syscall after seccomp filtering had completed. This was a well documented limitation, and it was recommended to block ptrace when defining a filter to avoid this problem. This can be quite a limitation for containers or other places where ptrace is desired even under seccomp filters. This adds tests for both SECCOMP_RET_TRACE and PTRACE_SYSCALL manipulations. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@kernel.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
64e2a42bca12e408f0258c56adcf3595bcd116e7 |
|
01-Apr-2016 |
Helge Deller <deller@gmx.de> |
parisc: Add ARCH_TRACEHOOK and regset support By adding TRACEHOOK support we now get a clean user interface to access registers via PTRACE_GETREGS, PTRACE_SETREGS, PTRACE_GETFPREGS and PTRACE_SETFPREGS. The user-visible regset struct user_regs_struct and user_fp_struct are modelled similiar to x86 and can be accessed via PTRACE_GETREGSET. Signed-off-by: Helge Deller <deller@gmx.de>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
0ce105bf9723e9a2dc7ec0a1e164c1b63aa64546 |
|
29-Mar-2016 |
Matt Redfearn <matt.redfearn@imgtec.com> |
selftests/seccomp: add MIPS self-test support This adds self-test support on MIPS, based on RFC patch from Kees Cook. Modifications from the RFC: - support the O32 syscall which passes the real syscall number in a0. - Use PTRACE_{GET,SET}REGS - Because SYSCALL_NUM and SYSCALL_RET are the same register, it is not possible to test modifying the syscall return value when skipping, since both would need to set the same register. Therefore modify that test case to just detect the skipped test. Tested on MIPS32r2 / MIPS64r2 with O32, N32 and N64 userlands. Signed-off-by: Matt Redfearn <matt.redfearn@imgtec.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Cc: IMG-MIPSLinuxKerneldevelopers@imgtec.com Cc: linux-kernel@vger.kernel.org Cc: linux-kselftest@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/12977/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
505ce68c6da3432454c62e43c24a22ea5b1d754b |
|
29-Mar-2016 |
Mickaël Salaün <mic@digikod.net> |
selftest/seccomp: Fix the seccomp(2) signature Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
6c045d07bb305c527140bdec4cf8ab50f7c980d8 |
|
29-Mar-2016 |
Mickaël Salaün <mic@digikod.net> |
selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC Rename SECCOMP_FLAG_FILTER_TSYNC to SECCOMP_FILTER_FLAG_TSYNC to match the UAPI. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Kees Cook <keescook@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
4a0b88070406323487bad730d8945f482151a145 |
|
29-Dec-2015 |
Mickaël Salaün <mic@digikod.net> |
selftests/seccomp: Remove the need for HAVE_ARCH_TRACEHOOK Some architectures do not implement PTRACE_GETREGSET nor PTRACE_SETREGSET (required by HAVE_ARCH_TRACEHOOK) but only implement PTRACE_GETREGS and PTRACE_SETREGS (e.g. User-mode Linux). This improve seccomp selftest portability for architectures without HAVE_ARCH_TRACEHOOK support by defining a new trigger HAVE_GETREGS. For now, this is only enabled for i386 and x86_64 architectures. This is required to be able to run this tests on User-mode Linux. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Jeff Dike <jdike@addtoit.com> Cc: Richard Weinberger <richard@nod.at> Cc: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Will Drewry <wad@chromium.org> Cc: Shuah Khan <shuahkh@osg.samsung.com> Cc: Meredydd Luff <meredydd@senatehouse.org> Cc: David Drysdale <drysdale@google.com> Signed-off-by: Richard Weinberger <richard@nod.at> Acked-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
2ce47b44b25d8fb0114ff117813742adbefec8ff |
|
13-Nov-2015 |
Bamvor Jian Zhang <bamvor.zhangjian@linaro.org> |
selftests/seccomp: Get page size from sysconf The commit fd88d16c58c2 ("selftests/seccomp: Be more precise with syscall arguments.") use PAGE_SIZE directly which lead to build failure on arm64. Replace it with generic interface(sysconf(_SC_PAGESIZE)) to fix this failure. Build and test successful on x86_64 and arm64. Signed-off-by: Bamvor Jian Zhang <bamvor.zhangjian@linaro.org> Acked-by: Kees Cook <keescook@chromium.org> Tested-by: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
fd88d16c58c2ad689a68d6790c789e7d5be3fc5b |
|
02-Nov-2015 |
Robert Sesek <rsesek@google.com> |
selftests/seccomp: Be more precise with syscall arguments. Certain syscall emulation layers strictly check that the number of arguments match what the syscall handler expects. The KILL_one_arg_one and KILL_one_arg_six tests passed more parameters than expected to various syscalls, causing failures in this emulation mode. Instead, test using syscalls that take the appropriate number of arguments. Signed-off-by: Robert Sesek <rsesek@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
256d0afb11d6e878e8c793e4a6e3bbfb81f9aae8 |
|
06-Oct-2015 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: build and pass on arm64 Changing arm64 syscalls is done via a specific register set, more like s390 than like arm (specific ptrace call) and x86 (part of general registers). Since (restarting) poll doesn't exist on arm64, switch to using nanosleep for testing restart_syscall. And since it looks like the syscall ABI is inconsistent on arm-compat, so we must work around it (and document it) in the test. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
b623c4daadb5a4bfaef62783085b95bd9ba5a77c |
|
21-Aug-2015 |
Kees Cook <keescook@chromium.org> |
selftests/seccomp: add support for s390 This adds support for s390 to the seccomp selftests. Some improvements were made to enhance the accuracy of failure reporting, and additional tests were added to validate assumptions about the currently traced syscall. Also adds early asserts for running on older kernels to avoid noise when the seccomp syscall is not implemented. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
5d83c2b37d435b88452bc88a2a47672346efb2b4 |
|
23-Jul-2015 |
Michael Ellerman <mpe@ellerman.id.au> |
selftests/seccomp: Add powerpc support Wire up the syscall number and regs so the tests work on powerpc. With the powerpc kernel support just merged, all tests pass on ppc64, ppc64 (compat), ppc64le, ppc, ppc64e and ppc64e (compat). Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
c385d0db30f3c0bf687a080c38e8088c342116a3 |
|
23-Jul-2015 |
Michael Ellerman <mpe@ellerman.id.au> |
selftests/seccomp: Make seccomp tests work on big endian The seccomp_bpf test uses BPF_LD|BPF_W|BPF_ABS to load 32-bit values from seccomp_data->args. On big endian machines this will load the high word of the argument, which is not what the test wants. Borrow a hack from samples/seccomp/bpf-helper.h which changes the offset on big endian to account for this. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Kees Cook <keescook@chromium.org>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|
c99ee51a9d9716fe33f5022c763728a565e3bd08 |
|
16-Jun-2015 |
Kees Cook <keescook@chromium.org> |
selftests: add seccomp suite This imports the existing seccomp test suite into the kernel's selftests tree. It contains extensive testing of seccomp features and corner cases. There remain additional tests to move into the kernel tree, but they have not yet been ported to all the architectures seccomp supports: https://github.com/redpig/seccomp/tree/master/tests Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
/external/linux-kselftest/tools/testing/selftests/seccomp/seccomp_bpf.c
|