From: Cyril Hrubis <chrubis@suse.cz>
To: Andrea Cervesato <andrea.cervesato@suse.de>
Cc: ltp@lists.linux.it
Subject: Re: [LTP] [PATCH v2 4/7] Add lsm_get_self_attr03 test
Date: Tue, 4 Mar 2025 14:11:36 +0100 [thread overview]
Message-ID: <Z8b8CLkKbrRkkt9P@yuki.lan> (raw)
In-Reply-To: <20250110-lsm-v2-4-bd38035f86bc@suse.com>
Hi!
> index 0000000000000000000000000000000000000000..b432006650bff697eb60eb7ad6fdd62dbe0eb984
> --- /dev/null
> +++ b/testcases/kernel/syscalls/lsm/lsm_get_self_attr03.c
> @@ -0,0 +1,70 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2024 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com>
> + */
> +
> +/*\
> + * [Description]
> + *
> + * Verify that LSM_ATTR_CURRENT attribute is correctly recognizing
> + * the current, active security context of the process. This is done by
> + * checking that /proc/self/attr/current matches with the obtained value.
> + */
> +
> +#include "lsm_common.h"
> +
> +static struct lsm_ctx *ctx;
> +static uint32_t page_size;
> +
> +static void run(void)
> +{
> + tst_res(TINFO, "Verifying 'LSM_ATTR_CURRENT' attribute");
> +
> + uint32_t count;
> + uint32_t size = page_size;
> + char attr[size];
> +
> + memset(attr, 0, size);
> + memset(ctx, 0, sizeof(struct lsm_ctx));
> +
> + count = TST_EXP_POSITIVE(
> + lsm_get_self_attr(LSM_ATTR_CURRENT, ctx, &size, 0));
^
This does not
look right.
Shouldn't we pass size initialized to size of the ctx->ctx[] there?
You are mixing the size of the attr[] array and the size of the ctx
into a single variable which isn't right at all. The attr[] size can
also be much smaller, since it's just a single string.
Looking back at the lapi/lsm.h the definition of the lsm_ctx structure
is wrong there too. You define the ctx[] as an array of 4096 bytes. That
is wrong because it does not match the system definition where it's
defined as a flexible array.
The correct solution is to:
1) change the ctx[4096] in the lapi/lsm.h to just ctx[]
(so that we match the system definition)
2) define CTX_DATA_SIZE to something sensible, e.g. 4096
3) the size for allocation of the ctx must be sizeof(struct lsm_ctx) + CTX_DATA_SIZE
(since the size passed to the syscall is the size of the ctx flexible array)
4) the size passed to the lsm_get_self_attr() must be then initialized to CTX_DATA_SIZE
--
Cyril Hrubis
chrubis@suse.cz
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2025-03-04 13:11 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-10 12:55 [LTP] [PATCH v2 0/7] LSM testing suite Andrea Cervesato
2025-01-10 12:55 ` [LTP] [PATCH v2 1/7] Add fallback definitions of LSM syscalls Andrea Cervesato
2025-03-04 12:00 ` Cyril Hrubis
2025-01-10 12:55 ` [LTP] [PATCH v2 2/7] Add lsm_get_self_attr01 test Andrea Cervesato
2025-03-04 12:21 ` Cyril Hrubis
2025-01-10 12:55 ` [LTP] [PATCH v2 3/7] Add lsm_get_self_attr02 test Andrea Cervesato
2025-03-04 12:29 ` Cyril Hrubis
2025-01-10 12:55 ` [LTP] [PATCH v2 4/7] Add lsm_get_self_attr03 test Andrea Cervesato
2025-03-04 13:11 ` Cyril Hrubis [this message]
2025-03-21 12:23 ` Andrea Cervesato via ltp
2025-04-28 14:50 ` Cyril Hrubis
2025-01-10 12:55 ` [LTP] [PATCH v2 5/7] Add lsm_list_modules01 test Andrea Cervesato
2025-01-10 12:55 ` [LTP] [PATCH v2 6/7] Add lsm_list_modules02 test Andrea Cervesato
2025-03-04 13:24 ` Cyril Hrubis
2025-01-10 12:55 ` [LTP] [PATCH v2 7/7] Add lsm_set_self_attr01 test Andrea Cervesato
2025-03-04 13:26 ` Cyril Hrubis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z8b8CLkKbrRkkt9P@yuki.lan \
--to=chrubis@suse.cz \
--cc=andrea.cervesato@suse.de \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.