From: Petr Vorel <pvorel@suse.cz>
To: Andrea Cervesato <andrea.cervesato@suse.de>
Cc: ltp@lists.linux.it
Subject: Re: [LTP] [PATCH v3 09/11] Add landlock04 test
Date: Tue, 16 Jul 2024 19:27:25 +0200 [thread overview]
Message-ID: <20240716172725.GC549165@pevik> (raw)
In-Reply-To: <20240711-landlock-v3-9-c7b0e9edf9b0@suse.com>
Hi Andrea,
...
> +static void enable_exec_libs(const int ruleset_fd)
> +{
> + FILE *fp;
> + char line[1024];
> + char path[PATH_MAX];
> + char dependency[8][PATH_MAX];
> + int count = 0;
> + int duplicate = 0;
> +
> + fp = SAFE_FOPEN("/proc/self/maps", "r");
> +
> + while (fgets(line, sizeof(line), fp)) {
> + if (strstr(line, ".so") == NULL)
> + continue;
> +
> + SAFE_SSCANF(line, "%*x-%*x %*s %*x %*s %*d %s", path);
> +
> + for (int i = 0; i < count; i++) {
> + if (strcmp(path, dependency[i]) == 0) {
> + duplicate = 1;
> + break;
> + }
> + }
> +
> + if (duplicate) {
> + duplicate = 0;
> + continue;
> + }
> +
> + strncpy(dependency[count], path, PATH_MAX);
> + count++;
> +
> + tst_res(TINFO, "Enable read/exec permissions for %s", path);
> +
> + path_beneath_attr->allowed_access =
> + LANDLOCK_ACCESS_FS_READ_FILE |
> + LANDLOCK_ACCESS_FS_EXECUTE;
> + path_beneath_attr->parent_fd = SAFE_OPEN(path, O_PATH | O_CLOEXEC);
> +
> + SAFE_LANDLOCK_ADD_RULE(
> + ruleset_fd,
> + LANDLOCK_RULE_PATH_BENEATH,
> + path_beneath_attr,
> + 0);
Unfortunately, on 6.6.15-amd64 kernel (random Debian machine) it fails (after
fresh boot) with:
...
tst_supported_fs_types.c:97: TINFO: Kernel supports tmpfs
tst_supported_fs_types.c:49: TINFO: mkfs is not needed for tmpfs
tst_test.c:1746: TINFO: === Testing on ext2 ===
tst_test.c:1111: TINFO: Formatting /dev/loop1 with ext2 opts='' extra opts=''
mke2fs 1.47.0 (5-Feb-2023)
tst_test.c:1123: TINFO: Mounting /dev/loop1 to /tmp/LTP_lant6WbKJ/sandbox fstyp=ext2 flags=0
landlock_common.h:30: TINFO: Landlock ABI v3
landlock04.c:151: TINFO: Testing LANDLOCK_ACCESS_FS_EXECUTE
landlock04.c:123: TINFO: Enable read/exec permissions for /usr/lib/i386-linux-gnu/libc.so.6
landlock04.c:131: TBROK: landlock_add_rule(3, 1, 0xf7f13ff4, 0): EINVAL (22)
tst_test.c:1746: TINFO: === Testing on ext3 ===
It works on 6.10.0-rc7-3.g92abc10-default (Tumbleweed), 6.9.8-amd64 (Debian).
Any hint, what could be wrong?
Kind regards,
Petr
> +
> + SAFE_CLOSE(path_beneath_attr->parent_fd);
> + }
> +
> + SAFE_FCLOSE(fp);
> +}
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2024-07-16 17:27 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-11 11:18 [LTP] [PATCH v3 00/11] landlock testing suite Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 01/11] Add landlock syscalls definitions Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 02/11] Add lapi/landlock.h fallback Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 03/11] Added three more SAFE_* macros for landlock sandbox: Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 04/11] Add SAFE_PRCTL macro Andrea Cervesato
2024-07-11 20:06 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 05/11] Add landlock01 test Andrea Cervesato
2024-07-11 20:40 ` Petr Vorel
2024-07-12 2:11 ` Li Wang
2024-07-12 3:03 ` Li Wang
2024-07-12 7:57 ` Petr Vorel
2024-07-12 8:28 ` Li Wang
2024-07-12 9:22 ` Petr Vorel
2024-07-12 7:07 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 06/11] Add landlock02 test Andrea Cervesato
2024-07-11 20:32 ` Petr Vorel
2024-07-16 16:59 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 07/11] Add landlock03 test Andrea Cervesato
2024-07-16 17:15 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 08/11] Add CAP_MKNOD fallback in lapi/capability.h Andrea Cervesato
2024-07-12 7:49 ` Li Wang
2024-07-11 11:18 ` [LTP] [PATCH v3 09/11] Add landlock04 test Andrea Cervesato
2024-07-12 7:50 ` Li Wang
2024-07-16 17:27 ` Petr Vorel [this message]
2024-07-24 10:41 ` Andrea Cervesato via ltp
2024-07-24 12:12 ` Li Wang
2024-07-24 13:30 ` Petr Vorel
2024-07-24 13:37 ` Li Wang
2024-07-24 13:41 ` Petr Vorel
2024-07-24 13:41 ` Li Wang
2024-07-24 13:47 ` Andrea Cervesato via ltp
2024-07-25 7:12 ` Andrea Cervesato via ltp
2024-07-25 7:50 ` LTP landlock test is failing for all kernels <= 6.6 Andrea Cervesato
2024-07-25 9:06 ` Mickaël Salaün
2024-07-25 9:06 ` [LTP] " Mickaël Salaün
2024-07-25 9:17 ` Andrea Cervesato
2024-07-25 9:17 ` [LTP] " Andrea Cervesato via ltp
2024-07-11 11:18 ` [LTP] [PATCH v3 10/11] Add landlock05 test Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 11/11] Add landlock06 test Andrea Cervesato
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240716172725.GC549165@pevik \
--to=pvorel@suse.cz \
--cc=andrea.cervesato@suse.de \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.