diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-04-29 13:07:47 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-04-29 13:07:47 +0200 |
commit | 7e6bfa52323e060cadeb5a3df5876c11ef623546 (patch) | |
tree | 095a9d7b77c30d65a007c78d31eed282b2671ea5 | |
parent | 187695329699f58c98a261b2b478c9d8c08ebbdc (diff) | |
download | stable-queue-7e6bfa52323e060cadeb5a3df5876c11ef623546.tar.gz |
6.6-stable patches
added patches:
selftests-seccomp-change-the-syscall-used-in-kill_thread-test.patch
selftests-seccomp-handle-einval-on-unshare-clone_newpid.patch
selftests-seccomp-user_notification_addfd-check-nextfd-is-available.patch
4 files changed, 200 insertions, 0 deletions
diff --git a/queue-6.6/selftests-seccomp-change-the-syscall-used-in-kill_thread-test.patch b/queue-6.6/selftests-seccomp-change-the-syscall-used-in-kill_thread-test.patch new file mode 100644 index 0000000000..a92efed459 --- /dev/null +++ b/queue-6.6/selftests-seccomp-change-the-syscall-used-in-kill_thread-test.patch @@ -0,0 +1,58 @@ +From 471dbc547612adeaa769e48498ef591c6c95a57a Mon Sep 17 00:00:00 2001 +From: Terry Tritton <terry.tritton@linaro.org> +Date: Wed, 24 Jan 2024 14:13:56 +0000 +Subject: selftests/seccomp: Change the syscall used in KILL_THREAD test + +From: Terry Tritton <terry.tritton@linaro.org> + +commit 471dbc547612adeaa769e48498ef591c6c95a57a upstream. + +The Bionic version of pthread_create used on Android calls the prctl +function to give the stack and thread local storage a useful name. This +will cause the KILL_THREAD test to fail as it will kill the thread as +soon as it is created. + +change the test to use getpid instead of prctl. + +Signed-off-by: Terry Tritton <terry.tritton@linaro.org> +Link: https://lore.kernel.org/r/20240124141357.1243457-3-terry.tritton@linaro.org +Signed-off-by: Kees Cook <keescook@chromium.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + tools/testing/selftests/seccomp/seccomp_bpf.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/tools/testing/selftests/seccomp/seccomp_bpf.c ++++ b/tools/testing/selftests/seccomp/seccomp_bpf.c +@@ -784,7 +784,7 @@ void *kill_thread(void *data) + bool die = (bool)data; + + if (die) { +- prctl(PR_GET_SECCOMP, 0, 0, 0, 0); ++ syscall(__NR_getpid); + return (void *)SIBLING_EXIT_FAILURE; + } + +@@ -803,11 +803,11 @@ void kill_thread_or_group(struct __test_ + { + pthread_t thread; + void *status; +- /* Kill only when calling __NR_prctl. */ ++ /* Kill only when calling __NR_getpid. */ + struct sock_filter filter_thread[] = { + BPF_STMT(BPF_LD|BPF_W|BPF_ABS, + offsetof(struct seccomp_data, nr)), +- BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_prctl, 0, 1), ++ BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_getpid, 0, 1), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_KILL_THREAD), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), + }; +@@ -819,7 +819,7 @@ void kill_thread_or_group(struct __test_ + struct sock_filter filter_process[] = { + BPF_STMT(BPF_LD|BPF_W|BPF_ABS, + offsetof(struct seccomp_data, nr)), +- BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_prctl, 0, 1), ++ BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, __NR_getpid, 0, 1), + BPF_STMT(BPF_RET|BPF_K, kill), + BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), + }; diff --git a/queue-6.6/selftests-seccomp-handle-einval-on-unshare-clone_newpid.patch b/queue-6.6/selftests-seccomp-handle-einval-on-unshare-clone_newpid.patch new file mode 100644 index 0000000000..87b8819233 --- /dev/null +++ b/queue-6.6/selftests-seccomp-handle-einval-on-unshare-clone_newpid.patch @@ -0,0 +1,47 @@ +From ecaaa55c9fa5e8058445a8b891070b12208cdb6d Mon Sep 17 00:00:00 2001 +From: Terry Tritton <terry.tritton@linaro.org> +Date: Wed, 24 Jan 2024 14:13:55 +0000 +Subject: selftests/seccomp: Handle EINVAL on unshare(CLONE_NEWPID) + +From: Terry Tritton <terry.tritton@linaro.org> + +commit ecaaa55c9fa5e8058445a8b891070b12208cdb6d upstream. + +unshare(CLONE_NEWPID) can return EINVAL if the kernel does not have the +CONFIG_PID_NS option enabled. + +Add a check on these calls to skip the test if we receive EINVAL. + +Signed-off-by: Terry Tritton <terry.tritton@linaro.org> +Link: https://lore.kernel.org/r/20240124141357.1243457-2-terry.tritton@linaro.org +Signed-off-by: Kees Cook <keescook@chromium.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + tools/testing/selftests/seccomp/seccomp_bpf.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +--- a/tools/testing/selftests/seccomp/seccomp_bpf.c ++++ b/tools/testing/selftests/seccomp/seccomp_bpf.c +@@ -3709,7 +3709,12 @@ TEST(user_notification_sibling_pid_ns) + ASSERT_GE(pid, 0); + + if (pid == 0) { +- ASSERT_EQ(unshare(CLONE_NEWPID), 0); ++ ASSERT_EQ(unshare(CLONE_NEWPID), 0) { ++ if (errno == EPERM) ++ SKIP(return, "CLONE_NEWPID requires CAP_SYS_ADMIN"); ++ else if (errno == EINVAL) ++ SKIP(return, "CLONE_NEWPID is invalid (missing CONFIG_PID_NS?)"); ++ } + + pid2 = fork(); + ASSERT_GE(pid2, 0); +@@ -3727,6 +3732,8 @@ TEST(user_notification_sibling_pid_ns) + ASSERT_EQ(unshare(CLONE_NEWPID), 0) { + if (errno == EPERM) + SKIP(return, "CLONE_NEWPID requires CAP_SYS_ADMIN"); ++ else if (errno == EINVAL) ++ SKIP(return, "CLONE_NEWPID is invalid (missing CONFIG_PID_NS?)"); + } + ASSERT_EQ(errno, 0); + diff --git a/queue-6.6/selftests-seccomp-user_notification_addfd-check-nextfd-is-available.patch b/queue-6.6/selftests-seccomp-user_notification_addfd-check-nextfd-is-available.patch new file mode 100644 index 0000000000..c39af4d613 --- /dev/null +++ b/queue-6.6/selftests-seccomp-user_notification_addfd-check-nextfd-is-available.patch @@ -0,0 +1,92 @@ +From 8e3c9f9f3a0742cd12b682a1766674253b33fcf0 Mon Sep 17 00:00:00 2001 +From: Terry Tritton <terry.tritton@linaro.org> +Date: Wed, 24 Jan 2024 14:13:57 +0000 +Subject: selftests/seccomp: user_notification_addfd check nextfd is available + +From: Terry Tritton <terry.tritton@linaro.org> + +commit 8e3c9f9f3a0742cd12b682a1766674253b33fcf0 upstream. + +Currently the user_notification_addfd test checks what the next expected +file descriptor will be by incrementing a variable nextfd. This does not +account for file descriptors that may already be open before the test is +started and will cause the test to fail if any exist. + +Replace nextfd++ with a function get_next_fd which will check and return +the next available file descriptor. + +Signed-off-by: Terry Tritton <terry.tritton@linaro.org> +Link: https://lore.kernel.org/r/20240124141357.1243457-4-terry.tritton@linaro.org +Signed-off-by: Kees Cook <keescook@chromium.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + tools/testing/selftests/seccomp/seccomp_bpf.c | 24 +++++++++++++++++++----- + 1 file changed, 19 insertions(+), 5 deletions(-) + +--- a/tools/testing/selftests/seccomp/seccomp_bpf.c ++++ b/tools/testing/selftests/seccomp/seccomp_bpf.c +@@ -4037,6 +4037,16 @@ TEST(user_notification_filter_empty_thre + EXPECT_GT((pollfd.revents & POLLHUP) ?: 0, 0); + } + ++ ++int get_next_fd(int prev_fd) ++{ ++ for (int i = prev_fd + 1; i < FD_SETSIZE; ++i) { ++ if (fcntl(i, F_GETFD) == -1) ++ return i; ++ } ++ _exit(EXIT_FAILURE); ++} ++ + TEST(user_notification_addfd) + { + pid_t pid; +@@ -4053,7 +4063,7 @@ TEST(user_notification_addfd) + /* There may be arbitrary already-open fds at test start. */ + memfd = memfd_create("test", 0); + ASSERT_GE(memfd, 0); +- nextfd = memfd + 1; ++ nextfd = get_next_fd(memfd); + + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { +@@ -4064,7 +4074,8 @@ TEST(user_notification_addfd) + /* Check that the basic notification machinery works */ + listener = user_notif_syscall(__NR_getppid, + SECCOMP_FILTER_FLAG_NEW_LISTENER); +- ASSERT_EQ(listener, nextfd++); ++ ASSERT_EQ(listener, nextfd); ++ nextfd = get_next_fd(nextfd); + + pid = fork(); + ASSERT_GE(pid, 0); +@@ -4119,14 +4130,16 @@ TEST(user_notification_addfd) + + /* Verify we can set an arbitrary remote fd */ + fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd); +- EXPECT_EQ(fd, nextfd++); ++ EXPECT_EQ(fd, nextfd); ++ nextfd = get_next_fd(nextfd); + EXPECT_EQ(filecmp(getpid(), pid, memfd, fd), 0); + + /* Verify we can set an arbitrary remote fd with large size */ + memset(&big, 0x0, sizeof(big)); + big.addfd = addfd; + fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big); +- EXPECT_EQ(fd, nextfd++); ++ EXPECT_EQ(fd, nextfd); ++ nextfd = get_next_fd(nextfd); + + /* Verify we can set a specific remote fd */ + addfd.newfd = 42; +@@ -4164,7 +4177,8 @@ TEST(user_notification_addfd) + * Child has earlier "low" fds and now 42, so we expect the next + * lowest available fd to be assigned here. + */ +- EXPECT_EQ(fd, nextfd++); ++ EXPECT_EQ(fd, nextfd); ++ nextfd = get_next_fd(nextfd); + ASSERT_EQ(filecmp(getpid(), pid, memfd, fd), 0); + + /* diff --git a/queue-6.6/series b/queue-6.6/series index 6788759beb..a56a14339f 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -104,3 +104,6 @@ mm-treewide-introduce-nr_page_orders.patch drm-ttm-stop-pooling-cached-numa-pages-v2.patch squashfs-convert-to-new-timestamp-accessors.patch squashfs-check-the-inode-number-is-not-the-invalid-v.patch +selftests-seccomp-user_notification_addfd-check-nextfd-is-available.patch +selftests-seccomp-change-the-syscall-used-in-kill_thread-test.patch +selftests-seccomp-handle-einval-on-unshare-clone_newpid.patch |