From: Petr Vorel <pvorel@suse.cz>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH] Add a regression test for cve-2017-15649
Date: Mon, 14 Oct 2019 12:22:29 +0200 [thread overview]
Message-ID: <20191014102228.GA31459@dell5510> (raw)
In-Reply-To: <20190924112159.18845-1-mmoese@suse.de>
Hi,
...
> +void *task1(void *unused)
> +{
> + int fanout = 0x3;
> +
> + if (tst_fzsync_run_a(&fzsync_pair)) {
> + setsockopt(fd, 0x107, 18, &fanout, sizeof(fanout));
> + tst_fzsync_end_race_a(&fzsync_pair);
> + }
This is a bit different usage of fuzzy sync than docs and other tests do.
As you don't need to run tst_fzsync_pair_reset(&fzsync_pair, task2) here
a warning is issued. If this is a correct usage, we might want to define
tst_fzsync_pair_reset() as inline to avoid the warning.
..
> +static void run(void)
> +{
...
> + while (1) {
> + pthread_t thread1, thread2;
> +
> +
> + fd = SAFE_SOCKET(AF_PACKET, SOCK_RAW, PF_PACKET);
> +
> + strcpy((char *) &ifr.ifr_name, "lo");
> + SAFE_IOCTL(fd, SIOCGIFINDEX, &ifr);
> + index = ifr.ifr_ifindex;
> +
> + SAFE_IOCTL(fd, SIOCGIFFLAGS, &ifr);
> + ifr.ifr_flags &= ~(short) IFF_UP;
> +
> + SAFE_IOCTL(fd, SIOCSIFFLAGS, &ifr);
> +
> + addr.sll_family = AF_PACKET;
> + addr.sll_protocol = 0x0;
> + addr.sll_ifindex = index;
> +
> + SAFE_PTHREAD_CREATE(&thread1, NULL, task1, NULL);
> + SAFE_PTHREAD_CREATE(&thread2, NULL, task2, NULL);
> + SAFE_PTHREAD_JOIN(thread1, NULL);
> + SAFE_PTHREAD_JOIN(thread2, NULL);
> +
> + SAFE_CLOSE(fd);
> +
> + if (tst_capget(&hdr, after))
> + tst_brk(TBROK | TTERRNO, "tst_capget()");
> +
> + if (memcmp(before, after, sizeof(after)) || tst_taint_check())
> + tst_res(TFAIL, "kernel is vulnerable");
> +
> + clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &now);
> + if ((now.tv_sec - start.tv_sec) > TEST_RUNTIME)
> + tst_res(TPASS, "kernel seems to be not vulnerable");
You miss return/break here or it's an infinite loop :).
> + }
> +}
> +
> +static struct tst_test test = {
> + .test_all = run,
> + .setup = setup,
> + .caps = (struct tst_cap []) {
> + TST_CAP(TST_CAP_REQ, CAP_SYS_ADMIN),
> + TST_CAP(TST_CAP_REQ, CAP_NET_RAW),
> + TST_CAP(TST_CAP_DROP, CAP_SYS_ADMIN),
> + {},
> + },
> +};
Kind regards,
Petr
next prev parent reply other threads:[~2019-10-14 10:22 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-24 11:21 [LTP] [PATCH] Add a regression test for cve-2017-15649 Michael Moese
2019-10-14 10:22 ` Petr Vorel [this message]
2019-10-14 13:06 ` Richard Palethorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191014102228.GA31459@dell5510 \
--to=pvorel@suse.cz \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.