IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This patch adds a new testcase for the IFE type setting in tc. In case
of user specified the type it will check if the ife is correctly
configured to react on it. If it's not specified the default IFE type
should be used.
Signed-off-by: Alexander Aring <aring@mojatatu.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add a basic test for checking whether kernel is populating
the jited and xlated BPF images. It was used to confirm
the behaviour change from commit d777b2ddbecf ("bpf: don't
zero out the info struct in bpf_obj_get_info_by_fd()"),
which made bpf_obj_get_info_by_fd() usable for retrieving
the image dumps.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Sockmap is a bit different than normal stress tests that can run
in parallel as is. We need to reuse the same socket pool and map
pool to get good stress test cases.
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
When attaching a program to sockmap we need to check map type
is correct.
Fixes: 174a79ff9515 ("bpf: sockmap with sk redirect support")
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Tests packet read/writes and additional skb fields.
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add some more sockmap tests to cover,
- forwarding to NULL entries
- more than two maps to test list ops
- forwarding to different map
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
In the initial sockmap API we provided strparser and verdict programs
using a single attach command by extending the attach API with a the
attach_bpf_fd2 field.
However, if we add other programs in the future we will be adding a
field for every new possible type, attach_bpf_fd(3,4,..). This
seems a bit clumsy for an API. So lets push the programs using two
new type fields.
BPF_SK_SKB_STREAM_PARSER
BPF_SK_SKB_STREAM_VERDICT
This has the advantage of having a readable name and can easily be
extended in the future.
Updates to samples and sockmap included here also generalize tests
slightly to support upcoming patch for multiple map support.
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Fixes: 174a79ff9515 ("bpf: sockmap with sk redirect support")
Suggested-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
transport, improperly bringing down the link if SPADs are corrupted, and
an out-of-order issue regarding link negotiation and data passing.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJZokFeAAoJEG5mS6x6i9IjwS8P/1fFjRt6q4Xr+/PGgYZzY+OH
7Rnbhx89PuWECJuh0k2r2L0R4IsXueejTRkQyjE++AffwcuidnYdgHZwSUSgA3MR
PuOXNA7PCRe1DW6BDe+Uvwigx+RUlQltQFihopi9YITu667/YlSNu2MWplpQxbTo
RKDh2WhiI5SGsFtfS1CPkxtcvOqJEelR5yFuT6LUazw7EYbpjWBiRwTx5SovcncV
bmLQEPSvOe1+HMJza1kBXr/UrnwryGz1CeoIWQk42bJePCedzMQpNxz/K9r3gol2
Eem9Zbn+f5fAaogQiDAXi7aTObqf5LqzN3XdJjmKBq5buGGEt5+HUTkzWpYnvrlL
M2kjc8NnxBb8Nx5BsTlOhUgvT81vCVJL25QFv5tN903Bc4qQG6/DXwqcLGIKszJ4
rZw1n4dm0eWq4lPbUSLC8hKj6aV2yIwA1+nI7hbuky6vmX0rNxSHe/RRQsjUFIoP
0NNDZGuIUGHJQuVeg9xaH6EOGi0xQdfZ/rXFoTaPW7JrDr7C4gAbVQYnGt/wJwvz
cnmix+nS70VfZAW0JD9z4Qax3yyVbosQpYFMEwNfGcWqQ36A6tm0pzDpmb5M5tQp
K90kBpfEUMETeH+vqMdc0c8Rn2mgu/YH/AOXdsyeYAqo/b9iLDztBPXJjWUcoGeB
u68MYTfE+n1RUsycafn4
=qmzC
-----END PGP SIGNATURE-----
Merge tag 'ntb-4.13-bugfixes' of git://github.com/jonmason/ntb
Pull NTB fixes from Jon Mason:
"NTB bug fixes to address an incorrect ntb_mw_count reference in the
NTB transport, improperly bringing down the link if SPADs are
corrupted, and an out-of-order issue regarding link negotiation and
data passing"
* tag 'ntb-4.13-bugfixes' of git://github.com/jonmason/ntb:
ntb: ntb_test: ensure the link is up before trying to configure the mws
ntb: transport shouldn't disable link due to bogus values in SPADs
ntb: use correct mw_count function in ntb_tool and ntb_transport
Change common RUN_TESTS to print messages in user friendly TAP13 format.
This change add TAP13 header at the start of RUN_TESTS target run, and
prints the resulting pass/fail messages with test number information in
the TAP 13 format for each test in the run tests list.
This change covers test scripts as well as test programs. Test programs
have an option to use ksft_ API, however test scripts won't be able to.
With this change, test scripts can print TAP13 format output without any
changes to individual scripts.
Test programs can provide TAP13 format output as needed as some tests
already do. Tests that haven't been converted will benefit from this
change. Tests that are converted benefit from the test counts for all
the tests in each test directory.
Running firmware tests:
make --silent -C tools/testing/selftests/firmware/ run_tests
Before the change:
modprobe: ERROR: could not insert 'test_firmware': Operation not
permitted
./fw_filesystem.sh: /sys/devices/virtual/misc/test_firmware not present
You must have the following enabled in your kernel:
CONFIG_TEST_FIRMWARE=y
selftests: fw_filesystem.sh [FAIL]
modprobe: ERROR: could not insert 'test_firmware': Operation not
permitted
selftests: fw_fallback.sh [FAIL]
After the change:
TAP version 13
selftests: fw_filesystem.sh
========================================
modprobe: ERROR: could not insert 'test_firmware': Operation not
permitted
./fw_filesystem.sh: /sys/devices/virtual/misc/test_firmware not present
You must have the following enabled in your kernel:
CONFIG_TEST_FIRMWARE=y
not ok 1..1 selftests: fw_filesystem.sh [FAIL]
selftests: fw_fallback.sh
========================================
modprobe: ERROR: could not insert 'test_firmware': Operation not
permitted
not ok 1..2 selftests: fw_fallback.sh [FAIL]
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Change lib.mk RUN_TESTS to take test list as an argument. This will
allow it to be called from individual test makefiles to run additional
tests that aren't suitable for a default kselftest run. As an example,
timers test includes destructive tests that aren't included in the
common run_tests target.
Change times/Makefile to use RUN_TESTS call with destructive test list
as an argument instead of using its own RUN_TESTS target.
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Suppress "cd" output from run_tests while running tests to declutter the
test results.
Running efivarfs test:
make --silent -C tools/testing/selftests/efivarfs/ run_tests
Before the change:
skip all tests: must be run as root
selftests: efivarfs.sh [PASS]
/lkml/linux-kselftest/tools/testing/selftests/efivarfs
After the change:
skip all tests: must be run as root
selftests: efivarfs.sh [PASS]
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
When a test is skipped, instead of using a special exit code of 4, treat
it as pass condition and use exit code of 0. It makes sense to treat skip
as pass since the test couldn't be run as opposed to a failed test.
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
clocksource_list array is defined as char [10][30] so
to initialise it we only have to iterate 10 times.
Signed-off-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
The test makes a read through a map value pointer, then considers pruning
a branch where the register holds an adjusted map value pointer. It
should not prune, but currently it does.
Signed-off-by: Alexei Starovoitov <ast@fb.com>
[ecree@solarflare.com: added test-name and patch description]
Signed-off-by: Edward Cree <ecree@solarflare.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Writes in straight-line code should not prevent reads from propagating
along jumps. With current verifier code, the jump from 3 to 5 does not
add a read mark on 3:R0 (because 5:R0 has a write mark), meaning that
the jump from 1 to 3 gets pruned as safe even though R0 is NOT_INIT.
Verifier output:
0: (61) r2 = *(u32 *)(r1 +0)
1: (35) if r2 >= 0x0 goto pc+1
R1=ctx(id=0,off=0,imm=0) R2=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R10=fp0
2: (b7) r0 = 0
3: (35) if r2 >= 0x0 goto pc+1
R0=inv0 R1=ctx(id=0,off=0,imm=0) R2=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R10=fp0
4: (b7) r0 = 0
5: (95) exit
from 3 to 5: safe
from 1 to 3: safe
processed 8 insns, stack depth 0
Signed-off-by: Edward Cree <ecree@solarflare.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Validate the behavior of the combination of various timestamp socket
options, and ensure consistency across ip, udp, and tcp.
Signed-off-by: Mike Maloney <maloney@google.com>
Acked-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Remove rtctest_setdate from run_destructive_tests target. Leave it in
TEST_GEN_PROGS_EXTENDED to be included in the install targets.
Suggested-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Reviewed-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
When a test exits with skip exit code of 4, "make run_destructive_tests"
halts testing. Fix run_destructive_tests target to handle error exit codes.
Cc: stable <stable@vger.kernel.org> [4.13+]
Reported-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Change default arguments for leap-a-day to always set the time
each iteration (rather then waiting for midnight UTC), and to
only run 10 interations (rather then infinite).
If one wants to wait for midnight UTC, they can use the new -w
flag, and we add a note to the argument help that -i -1 will
run infinitely.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Miroslav Lichvar <mlichvar@redhat.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Cc: Prarit Bhargava <prarit@redhat.com>
Cc: Stephen Boyd <stephen.boyd@linaro.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: John Stultz <john.stultz@linaro.org>
Cc: stable <stable@vger.kernel.org> [4.13+]
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
There is no need to keep timers tests in sync with external timers
repo. Drop support for !KTEST to support for building and running
timers tests without kselftest framework.
Reference: https://lkml.org/lkml/2017/8/10/952
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Acked-by: John Stultz <john.stultz@linaro.org>
Pull timekeepig updates from John Stultz
- kselftest improvements
- Use the proper timekeeper in the debug code
- Prevent accessing an unavailable wakeup source in the alarmtimer sysfs
interface.
This patch makes the needed changes to allow each process of
the INNER_LRU_HASH_PREALLOC test to provide its numa node id
when creating the lru map.
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The descriptions were reversed, correct this.
Link: http://lkml.kernel.org/r/20170809234635.13443-4-mcgrof@kernel.org
Fixes: 64b671204afd71 ("test_sysctl: add generic script to expand on tests")
Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org>
Reported-by: Daniel Mentz <danielmentz@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Colin Ian King <colin.king@canonical.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Cc: David Binderman <dcb314@hotmail.com>
Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jessica Yu <jeyu@redhat.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Matt Redfearn <matt.redfearn@imgetc.com>
Cc: Matt Redfearn <matt.redfearn@imgtec.com>
Cc: Michal Marek <mmarek@suse.com>
Cc: Miroslav Benes <mbenes@suse.cz>
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Petr Mladek <pmladek@suse.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
These testcases are motivated by a recent alarmtimer regression, which
caused one-shot CLOCK_{BOOTTIME,REALTIME}_ALARM timers to become
periodic timers.
The new testcases are very similar to the existing testcases for
repeating timers. But rather than waiting for 5 alarms, they wait for 5
seconds and verify that the alarm fired exactly once.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Miroslav Lichvar <mlichvar@redhat.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Cc: Prarit Bhargava <prarit@redhat.com>
Cc: Stephen Boyd <stephen.boyd@linaro.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Rather than printing an error inside the alarm signal handler, set a
flag that we check later. This keeps the test from spamming the console
every time the alarm fires early. It also fixes the test exiting with
error code 0 if this was the only test failure.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Miroslav Lichvar <mlichvar@redhat.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Cc: Prarit Bhargava <prarit@redhat.com>
Cc: Stephen Boyd <stephen.boyd@linaro.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Fixes the following build warning:
freq-step.c: In function ‘main’:
freq-step.c:271:1: warning: control reaches end of non-void function [-Wreturn-type]
}
^
By returning the return values from ksft_success/fail.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Miroslav Lichvar <mlichvar@redhat.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Cc: Prarit Bhargava <prarit@redhat.com>
Cc: Stephen Boyd <stephen.boyd@linaro.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: John Stultz <john.stultz@linaro.org>
On some systems, the kernel headers haven't been updated to include
ADJ_SETOFFSET, so define it in the test if needed.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Miroslav Lichvar <mlichvar@redhat.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Cc: Prarit Bhargava <prarit@redhat.com>
Cc: Stephen Boyd <stephen.boyd@linaro.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Signed-off-by: John Stultz <john.stultz@linaro.org>
The actual use of TASKS_RCU is only when PREEMPT, otherwise RCU-sched
is used instead. This commit therefore makes synchronize_rcu_tasks()
and call_rcu_tasks() available always, but mapped to synchronize_sched()
and call_rcu_sched(), respectively, when !PREEMPT. This approach also
allows some #ifdefs to be removed from rcutorture.
Reported-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Reviewed-by: Masami Hiramatsu <mhiramat@kernel.org>
Acked-by: Ingo Molnar <mingo@kernel.org>
The tm-resched-dscr self test can, in some situations, run for
several minutes before being successfully interrupted by the context
switch it needs in order to perform the test. This often seems to
occur when the test is being run in a virtual machine.
Improve the test by running it under eat_cpu() to guarantee
contention for the CPU and increase the chance of a context switch.
In practice this seems to reduce the test time, in some cases, from
more than two minutes to under a second.
Also remove the "progress dots" so that if the test does run for a
long time, it doesn't produce large amounts of unnecessary output.
Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
The rtc-generic and opal-rtc are failing to run this test as they do not
support all the features. Let's treat the error returns and skip to the
following test.
Theoretically the test_DATE should be also adjusted, but as it's enabled
on demand I think it makes sense to fail in such case.
Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
For only one online cpu case, 'make run_tests' try to offline the cpu0 that will
always fail since the host can't offline this unique online cpu.
this patch will skip the test to avoid this failure.
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Previously, 'make run_tests -C cpu-hotplug' always PASS since cpu-on-off-test.sh
always exits 0 even though the test got some unexpected errors like below:
root@debian9:/home/lizhijian/chroot/linux/tools/testing/selftests/cpu-hotplug# make run_tests
pid 878's current affinity mask: 1
pid 878's new affinity mask: 1
CPU online/offline summary:
Cpus in online state: 0
Cpus in offline state: 0
Limited scope test: one hotplug cpu
(leaves cpu in the original state):
online to offline to online: cpu 0
./cpu-on-off-test.sh: line 83: /sys/devices/system/cpu/cpu0/online: Permission denied
offline_cpu_expect_success 0: unexpected fail
./cpu-on-off-test.sh: line 78: /sys/devices/system/cpu/cpu0/online: Permission denied
online_cpu_expect_success 0: unexpected fail
selftests: cpu-on-off-test.sh [PASS]
after this patch, the test will exit with failure once it occurs some unexpected behaviors
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Convert test to use ksft TAP13 framework to print user friendly
test output which is consistent across kselftest suite.
Acked-by: Darren Hart (VMware) <dvhart@infradead.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
This generates a set of sockets, attaches BPF programs, and sends some
simple traffic using basic send/recv pattern. Additionally, we do a bunch
of negative tests to ensure adding/removing socks out of the sockmap fail
correctly.
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This adds tests to access new __sk_buff members from sk skb program
type.
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This program binds a program to a cgroup and then matches hard
coded IP addresses and adds these to a sockmap.
This will receive messages from the backend and send them to
the client.
client:X <---> frontend:10000 client:X <---> backend:10001
To keep things simple this is only designed for 1:1 connections
using hard coded values. A more complete example would allow many
backends and clients.
To run,
# sockmap <cgroup2_dir>
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This update consists of important compile and run-time error fixes to
timers/freq-step, kmod, and sysctl tests.
-----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJZkx4zAAoJEAsCRMQNDUMcDgcP/0RwTUsiddWGA+k9db9giNmU
3vbeZ6iEqYN+YIVJtwVLQOdU0HXi4SwR7tG8EMED75uJhG3C/wYKwJSRmUTN4dYt
Z6R/B3WwWveNL7+g071seT7P9JGFO8gHCoj1NU0R+YKpNozf7yviFAvYO2i4yqE6
mZpFIL46dFkY4hnNc43R5CWiRqxEgn1IufUR1ot0MNCIydp7Bb3UcVbrFLPI+Mnr
menDCWciHwtVNf4ldwoxCXp6fLshK5BbD4XXvo8TZWA/68S3MnGdI8eV8ZfNTLO8
LTTmGBgnwIYsoQAix97ygU+MhBuGNPubZHhVzurCwPoKf1/K6m/D4W+7RHlSy/6x
m2+Z1RgFlE5aNy5nGqWdz23ZS77WHPKrOW4Yrc4vASlAWjMn1lD1JAsG/AturNo1
f8URCFUFR82eIrVFBngAWVRmQcNQTP4ZrBWW3a9goUiVTLzBAtfvlgTzGbrlnxrJ
ZVpxhmmBVZ5QiWAyDU6nYJ/3fG3q7SFnwRCRJAQFSSit2bsst2spy+qqGJOZAyn+
vsey1h6JIFrs7MBtb/LhkSkT5DnQRpbf55/B+MQUKuynuLZ5FzLMNHt9H7korRj5
afhjlKlk2b6GLwLjh43pmAQcEDrF7ChjZzp2j4TrxP/AFM7sN/mVexndedWhRP6o
shRYAUbfNRL0zSnkV9PK
=ZTw2
-----END PGP SIGNATURE-----
Merge tag 'linux-kselftest-4.13-rc6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
Pull kselftest fixes from Shuah Khan:
"This update consists of important compile and run-time error fixes to
timers/freq-step, kmod, and sysctl tests"
* tag 'linux-kselftest-4.13-rc6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
selftests: timers: freq-step: fix compile error
selftests: futex: fix run_tests target
test_sysctl: fix sysctl.sh by making it executable
test_kmod: fix kmod.sh by making it executable
This verifies that SECCOMP_RET_KILL_PROCESS is higher priority than
SECCOMP_RET_KILL_THREAD. (This also moves a bunch of defines up earlier
in the file to use them earlier.)
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
In preparation for adding SECCOMP_RET_KILL_PROCESS, rename SECCOMP_RET_KILL
to the more accurate SECCOMP_RET_KILL_THREAD.
The existing selftest values are intentionally left as SECCOMP_RET_KILL
just to be sure we're exercising the alias.
Signed-off-by: Kees Cook <keescook@chromium.org>
Add a new action, SECCOMP_RET_LOG, that logs a syscall before allowing
the syscall. At the implementation level, this action is identical to
the existing SECCOMP_RET_ALLOW action. However, it can be very useful when
initially developing a seccomp filter for an application. The developer
can set the default action to be SECCOMP_RET_LOG, maybe mark any
obviously needed syscalls with SECCOMP_RET_ALLOW, and then put the
application through its paces. A list of syscalls that triggered the
default action (SECCOMP_RET_LOG) can be easily gleaned from the logs and
that list can be used to build the syscall whitelist. Finally, the
developer can change the default action to the desired value.
This provides a more friendly experience than seeing the application get
killed, then updating the filter and rebuilding the app, seeing the
application get killed due to a different syscall, then updating the
filter and rebuilding the app, etc.
The functionality is similar to what's supported by the various LSMs.
SELinux has permissive mode, AppArmor has complain mode, SMACK has
bring-up mode, etc.
SECCOMP_RET_LOG is given a lower value than SECCOMP_RET_ALLOW as allow
while logging is slightly more restrictive than quietly allowing.
Unfortunately, the tests added for SECCOMP_RET_LOG are not capable of
inspecting the audit log to verify that the syscall was logged.
With this patch, the logic for deciding if an action will be logged is:
if action == RET_ALLOW:
do not log
else if action == RET_KILL && RET_KILL in actions_logged:
log
else if action == RET_LOG && RET_LOG in actions_logged:
log
else if filter-requests-logging && action in actions_logged:
log
else if audit_enabled && process-is-being-audited:
log
else:
do not log
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Add a new filter flag, SECCOMP_FILTER_FLAG_LOG, that enables logging for
all actions except for SECCOMP_RET_ALLOW for the given filter.
SECCOMP_RET_KILL actions are always logged, when "kill" is in the
actions_logged sysctl, and SECCOMP_RET_ALLOW actions are never logged,
regardless of this flag.
This flag can be used to create noisy filters that result in all
non-allowed actions to be logged. A process may have one noisy filter,
which is loaded with this flag, as well as a quiet filter that's not
loaded with this flag. This allows for the actions in a set of filters
to be selectively conveyed to the admin.
Since a system could have a large number of allocated seccomp_filter
structs, struct packing was taken in consideration. On 64 bit x86, the
new log member takes up one byte of an existing four byte hole in the
struct. On 32 bit x86, the new log member creates a new four byte hole
(unavoidable) and consumes one of those bytes.
Unfortunately, the tests added for SECCOMP_FILTER_FLAG_LOG are not
capable of inspecting the audit log to verify that the actions taken in
the filter were logged.
With this patch, the logic for deciding if an action will be logged is:
if action == RET_ALLOW:
do not log
else if action == RET_KILL && RET_KILL in actions_logged:
log
else if filter-requests-logging && action in actions_logged:
log
else if audit_enabled && process-is-being-audited:
log
else:
do not log
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Userspace needs to be able to reliably detect the support of a filter
flag. A good way of doing that is by attempting to enter filter mode,
with the flag bit(s) in question set, and a NULL pointer for the args
parameter of seccomp(2). EFAULT indicates that the flag is valid and
EINVAL indicates that the flag is invalid.
This patch adds a selftest that can be used to test this method of
detection in userspace.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Userspace code that needs to check if the kernel supports a given action
may not be able to use the /proc/sys/kernel/seccomp/actions_avail
sysctl. The process may be running in a sandbox and, therefore,
sufficient filesystem access may not be available. This patch adds an
operation to the seccomp(2) syscall that allows userspace code to ask
the kernel if a given action is available.
If the action is supported by the kernel, 0 is returned. If the action
is not supported by the kernel, -1 is returned with errno set to
-EOPNOTSUPP. If this check is attempted on a kernel that doesn't support
this new operation, -1 is returned with errno set to -EINVAL meaning
that userspace code will have the ability to differentiate between the
two error cases.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Suggested-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
This refactors the errno tests (since they all use the same pattern for
their filter) and adds a RET_DATA field ordering test.
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
