[PATCH 0/3][SRU][DISCO] seccomp: fix selftests compilation

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH 0/3][SRU][DISCO] seccomp: fix selftests compilation

Manoj Iyer
Please consider these patches to Eoan that fixes bug:
https://bugs.launchpad.net/bug/1849281

I built a test kernel and it built successfully with no errors.

Thanks
Manoj Iyer



--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

[PATCH 1/3] seccomp: avoid overflow in implicit constant conversion

Manoj Iyer
From: Christian Brauner <[hidden email]>

USER_NOTIF_MAGIC is assigned to int variables in this test so set it to INT_MAX
to avoid warnings:

seccomp_bpf.c: In function ‘user_notification_continue’:
seccomp_bpf.c:3088:26: warning: overflow in implicit constant conversion [-Woverflow]
 #define USER_NOTIF_MAGIC 116983961184613L
                          ^
seccomp_bpf.c:3572:15: note: in expansion of macro ‘USER_NOTIF_MAGIC’
  resp.error = USER_NOTIF_MAGIC;
               ^~~~~~~~~~~~~~~~

BugLink: https://bugs.launchpad.net/bugs/1849281

Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace")
Signed-off-by: Christian Brauner <[hidden email]>
Reviewed-by: Tyler Hicks <[hidden email]>
Cc: Andy Lutomirski <[hidden email]>
Cc: Will Drewry <[hidden email]>
Cc: Shuah Khan <[hidden email]>
Cc: Alexei Starovoitov <[hidden email]>
Cc: Daniel Borkmann <[hidden email]>
Cc: Martin KaFai Lau <[hidden email]>
Cc: Song Liu <[hidden email]>
Cc: Yonghong Song <[hidden email]>
Cc: Tycho Andersen <[hidden email]>
Cc: [hidden email]
Cc: [hidden email]
Cc: [hidden email]
Cc: [hidden email]
Reviewed-by: Tycho Andersen <[hidden email]>
Link: https://lore.kernel.org/r/20190920083007.11475-3-christian.brauner@...
Signed-off-by: Kees Cook <[hidden email]>
(cherry picked from commit 223e660bc7638d126a0e4fbace4f33f2895788c4
 git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git)
Signed-off-by: Manoj Iyer <[hidden email]>
---
 tools/testing/selftests/seccomp/seccomp_bpf.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 6021baecb386..2e9ce7b65e76 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -35,6 +35,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include <time.h>
+#include <limits.h>
 #include <linux/elf.h>
 #include <sys/uio.h>
 #include <sys/utsname.h>
@@ -3076,7 +3077,7 @@ static int user_trap_syscall(int nr, unsigned int flags)
  return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);
 }
 
-#define USER_NOTIF_MAGIC 116983961184613L
+#define USER_NOTIF_MAGIC INT_MAX
 TEST(user_notification_basic)
 {
  pid_t pid;
--
2.20.1


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

[PATCH 2/3] seccomp: rework define for SECCOMP_USER_NOTIF_FLAG_CONTINUE

Manoj Iyer
In reply to this post by Manoj Iyer
From: Christian Brauner <[hidden email]>

Switch from BIT(0) to (1UL << 0).
First, there are already two different forms used in the header, so there's
no need to add a third. Second, the BIT() macros is kernel internal and
afaict not actually exposed to userspace. Maybe there's some magic there
I'm missing but it definitely causes issues when compiling a program that
tries to use SECCOMP_USER_NOTIF_FLAG_CONTINUE. It currently fails in the
following way:

        # github.com/lxc/lxd/lxd
        /usr/bin/ld: $WORK/b001/_x003.o: in function
        `__do_user_notification_continue':
        lxd/main_checkfeature.go:240: undefined reference to `BIT'
        collect2: error: ld returned 1 exit status

Switching to (1UL << 0) should prevent that and is more in line what is
already done in the rest of the header.

BugLink: https://bugs.launchpad.net/bugs/1849281

Cc: Kees Cook <[hidden email]>
Cc: Andy Lutomirski <[hidden email]>
Signed-off-by: Christian Brauner <[hidden email]>
Link: https://lore.kernel.org/r/20191024212539.4059-1-christian.brauner@...
Signed-off-by: Kees Cook <[hidden email]>
(cherry picked from commit 23b2c96fad21886c53f5e1a4ffedd45ddd2e85ba
 git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git)
Signed-off-by: Manoj Iyer <[hidden email]>
---
 include/uapi/linux/seccomp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/uapi/linux/seccomp.h b/include/uapi/linux/seccomp.h
index e48e2fa2d248..be84d87f1f46 100644
--- a/include/uapi/linux/seccomp.h
+++ b/include/uapi/linux/seccomp.h
@@ -103,7 +103,7 @@ struct seccomp_notif {
  * SECCOMP_USER_NOTIF_FLAG_CONTINUE. Note that SECCOMP_RET_TRACE can equally
  * be overriden by SECCOMP_USER_NOTIF_FLAG_CONTINUE.
  */
-#define SECCOMP_USER_NOTIF_FLAG_CONTINUE BIT(0)
+#define SECCOMP_USER_NOTIF_FLAG_CONTINUE (1UL << 0)
 
 struct seccomp_notif_resp {
  __u64 id;
--
2.20.1


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

[PATCH 3/3] UBUNTU: SAUCE: seccomp: fix SECCOMP_USER_NOTIF_FLAG_CONTINUE test

Manoj Iyer
In reply to this post by Manoj Iyer
From: Christian Brauner <[hidden email]>

The ifndef for SECCOMP_USER_NOTIF_FLAG_CONTINUE was placed under the
ifndef for the SECCOMP_FILTER_FLAG_NEW_LISTENER feature. This will not
work on systems that do support SECCOMP_FILTER_FLAG_NEW_LISTENER but do not
support SECCOMP_USER_NOTIF_FLAG_CONTINUE. So move the latter ifndef out of
the former ifndef's scope.

2019-10-20 11:14:01 make run_tests -C seccomp
make: Entering directory '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
gcc -Wl,-no-as-needed -Wall  seccomp_bpf.c -lpthread -o seccomp_bpf
seccomp_bpf.c: In function ‘user_notification_continue’:
seccomp_bpf.c:3562:15: error: ‘SECCOMP_USER_NOTIF_FLAG_CONTINUE’ undeclared (first use in this function)
  resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
seccomp_bpf.c:3562:15: note: each undeclared identifier is reported only once for each function it appears in
Makefile:12: recipe for target 'seccomp_bpf' failed
make: *** [seccomp_bpf] Error 1
make: Leaving directory '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'

BugLink: https://bugs.launchpad.net/bugs/1849281

Reported-by: kernel test robot <[hidden email]>
Fixes: 0eebfed2954f ("seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE")
Cc: [hidden email]
Signed-off-by: Christian Brauner <[hidden email]>
Reviewed-by: Tycho Andersen <[hidden email]>
Signed-off-by: Manoj Iyer <[hidden email]>
---
 tools/testing/selftests/seccomp/seccomp_bpf.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 2e9ce7b65e76..45df29b7feb8 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -168,10 +168,6 @@ struct seccomp_metadata {
 
 #define SECCOMP_RET_USER_NOTIF 0x7fc00000U
 
-#ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
-#define SECCOMP_USER_NOTIF_FLAG_CONTINUE 0x00000001
-#endif
-
 #define SECCOMP_IOC_MAGIC '!'
 #define SECCOMP_IO(nr) _IO(SECCOMP_IOC_MAGIC, nr)
 #define SECCOMP_IOR(nr, type) _IOR(SECCOMP_IOC_MAGIC, nr, type)
@@ -205,6 +201,10 @@ struct seccomp_notif_sizes {
 };
 #endif
 
+#ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
+#define SECCOMP_USER_NOTIF_FLAG_CONTINUE 0x00000001
+#endif
+
 #ifndef PTRACE_EVENTMSG_SYSCALL_ENTRY
 #define PTRACE_EVENTMSG_SYSCALL_ENTRY 1
 #define PTRACE_EVENTMSG_SYSCALL_EXIT 2
--
2.20.1


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

ACK: [PATCH 0/3][SRU][DISCO] seccomp: fix selftests compilation

Connor Kuehl
In reply to this post by Manoj Iyer
On 11/7/19 1:24 PM, Manoj Iyer wrote:
> Please consider these patches to Eoan that fixes bug:

Both Eoan and Disco, right?

> https://bugs.launchpad.net/bug/1849281
>
> I built a test kernel and it built successfully with no errors. >
> Thanks
> Manoj Iyer
>
>
>

Acked-by: Connor Kuehl <[hidden email]>

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

ACK: [PATCH 0/3][SRU][DISCO] seccomp: fix selftests compilation

Stefan Bader-2
In reply to this post by Manoj Iyer
On 07.11.19 22:24, Manoj Iyer wrote:

> Please consider these patches to Eoan that fixes bug:
> https://bugs.launchpad.net/bug/1849281
>
> I built a test kernel and it built successfully with no errors.
>
> Thanks
> Manoj Iyer
>
>
>
Acked-by: Stefan Bader <[hidden email]>


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

APPLIED: [PATCH 0/3][SRU][DISCO] seccomp: fix selftests compilation

Stefan Bader-2
In reply to this post by Manoj Iyer
On 07.11.19 22:24, Manoj Iyer wrote:

> Please consider these patches to Eoan that fixes bug:
> https://bugs.launchpad.net/bug/1849281
>
> I built a test kernel and it built successfully with no errors.
>
> Thanks
> Manoj Iyer
>
>
>
Applied to disco/master-next. Thanks.

-Stefan


--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team

signature.asc (849 bytes) Download Attachment