selftests/seccomp: Ensure that notifications come in FIFO order

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When multiple notifications are waiting, ensure they show up in order, as
defined by the (predictable) seccomp notification ID. This ensures FIFO
ordering of notification delivery as notification ids are monitonic and
decided when the notification is generated (as opposed to received).

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Cc: linux-kselftest@vger.kernel.org
Acked-by: Tycho Andersen <tycho@tycho.pizza>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220428015447.13661-2-sargun@sargun.me

authored by

Sargun Dhillon and committed by

Kees Cook 3 years ago 662340ef 4cbf6f62

+109

1 changed file

expand all

tools

testing

selftests

seccomp

seccomp_bpf.c

+109

tools/testing/selftests/seccomp/seccomp_bpf.c

··· 4297 4297 ASSERT_EQ(EPERM, errno); 4298 4298 } 4299 4299 4300 + static char get_proc_stat(int pid) 4301 + { 4302 + char proc_path[100] = {0}; 4303 + char *line = NULL; 4304 + size_t len = 0; 4305 + ssize_t nread; 4306 + char status; 4307 + FILE *f; 4308 + int i; 4309 + 4310 + snprintf(proc_path, sizeof(proc_path), "/proc/%d/stat", pid); 4311 + f = fopen(proc_path, "r"); 4312 + if (f == NULL) 4313 + ksft_exit_fail_msg("%s - Could not open %s\n", 4314 + strerror(errno), proc_path); 4315 + 4316 + for (i = 0; i < 3; i++) { 4317 + nread = getdelim(&line, &len, ' ', f); 4318 + if (nread <= 0) 4319 + ksft_exit_fail_msg("Failed to read status: %s\n", 4320 + strerror(errno)); 4321 + } 4322 + 4323 + status = *line; 4324 + free(line); 4325 + fclose(f); 4326 + 4327 + return status; 4328 + } 4329 + 4330 + TEST(user_notification_fifo) 4331 + { 4332 + struct seccomp_notif_resp resp = {}; 4333 + struct seccomp_notif req = {}; 4334 + int i, status, listener; 4335 + pid_t pid, pids[3]; 4336 + __u64 baseid; 4337 + long ret; 4338 + /* 100 ms */ 4339 + struct timespec delay = { .tv_nsec = 100000000 }; 4340 + 4341 + ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); 4342 + ASSERT_EQ(0, ret) { 4343 + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); 4344 + } 4345 + 4346 + /* Setup a listener */ 4347 + listener = user_notif_syscall(__NR_getppid, 4348 + SECCOMP_FILTER_FLAG_NEW_LISTENER); 4349 + ASSERT_GE(listener, 0); 4350 + 4351 + pid = fork(); 4352 + ASSERT_GE(pid, 0); 4353 + 4354 + if (pid == 0) { 4355 + ret = syscall(__NR_getppid); 4356 + exit(ret != USER_NOTIF_MAGIC); 4357 + } 4358 + 4359 + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0); 4360 + baseid = req.id + 1; 4361 + 4362 + resp.id = req.id; 4363 + resp.error = 0; 4364 + resp.val = USER_NOTIF_MAGIC; 4365 + 4366 + /* check that we make sure flags == 0 */ 4367 + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0); 4368 + 4369 + EXPECT_EQ(waitpid(pid, &status, 0), pid); 4370 + EXPECT_EQ(true, WIFEXITED(status)); 4371 + EXPECT_EQ(0, WEXITSTATUS(status)); 4372 + 4373 + /* Start children, and generate notifications */ 4374 + for (i = 0; i < ARRAY_SIZE(pids); i++) { 4375 + pid = fork(); 4376 + if (pid == 0) { 4377 + ret = syscall(__NR_getppid); 4378 + exit(ret != USER_NOTIF_MAGIC); 4379 + } 4380 + pids[i] = pid; 4381 + } 4382 + 4383 + /* This spins until all of the children are sleeping */ 4384 + restart_wait: 4385 + for (i = 0; i < ARRAY_SIZE(pids); i++) { 4386 + if (get_proc_stat(pids[i]) != 'S') { 4387 + nanosleep(&delay, NULL); 4388 + goto restart_wait; 4389 + } 4390 + } 4391 + 4392 + /* Read the notifications in order (and respond) */ 4393 + for (i = 0; i < ARRAY_SIZE(pids); i++) { 4394 + memset(&req, 0, sizeof(req)); 4395 + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0); 4396 + EXPECT_EQ(req.id, baseid + i); 4397 + resp.id = req.id; 4398 + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0); 4399 + } 4400 + 4401 + /* Make sure notifications were received */ 4402 + for (i = 0; i < ARRAY_SIZE(pids); i++) { 4403 + EXPECT_EQ(waitpid(pids[i], &status, 0), pids[i]); 4404 + EXPECT_EQ(true, WIFEXITED(status)); 4405 + EXPECT_EQ(0, WEXITSTATUS(status)); 4406 + } 4407 + } 4408 + 4300 4409 /* 4301 4410 * TODO: 4302 4411 * - expand NNP testing