[PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[limin]

Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
trace parent return -1 when child== 0
How to reproduce warning:
$ make -C tools/testing/selftests TARGETS=landlock run_tests

Signed-off-by: limin <limin100@huawei.com>
---
 tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/landlock/ptrace_test.c b/tools/testing/selftests/landlock/ptrace_test.c
index c28ef98ff3ac..88c4dc63eea0 100644
--- a/tools/testing/selftests/landlock/ptrace_test.c
+++ b/tools/testing/selftests/landlock/ptrace_test.c
@@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
 		/* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent. */
 		err_proc_read = test_ptrace_read(parent);
 		ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
+		EXPECT_EQ(-1, ret);
+		EXPECT_EQ(EPERM, errno);
 		if (variant->domain_child) {
-			EXPECT_EQ(-1, ret);
-			EXPECT_EQ(EPERM, errno);
 			EXPECT_EQ(EACCES, err_proc_read);
 		} else {
-			EXPECT_EQ(0, ret);
 			EXPECT_EQ(0, err_proc_read);
 		}
 		if (ret == 0) {
-- 
2.33.0

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[Mickaël Salaün]

This patch changes the test semantic and then cannot work on my test 
environment. On which kernel did you run test? Do you use Yama or 
something similar?

On 28/11/2022 03:04, limin wrote:
> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
> trace parent return -1 when child== 0
> How to reproduce warning:
> $ make -C tools/testing/selftests TARGETS=landlock run_tests
> 
> Signed-off-by: limin <limin100@huawei.com>
> ---
>   tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
>   1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/tools/testing/selftests/landlock/ptrace_test.c b/tools/testing/selftests/landlock/ptrace_test.c
> index c28ef98ff3ac..88c4dc63eea0 100644
> --- a/tools/testing/selftests/landlock/ptrace_test.c
> +++ b/tools/testing/selftests/landlock/ptrace_test.c
> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
>   		/* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent. */
>   		err_proc_read = test_ptrace_read(parent);
>   		ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
> +		EXPECT_EQ(-1, ret);
> +		EXPECT_EQ(EPERM, errno);
>   		if (variant->domain_child) {
> -			EXPECT_EQ(-1, ret);
> -			EXPECT_EQ(EPERM, errno);
>   			EXPECT_EQ(EACCES, err_proc_read);
>   		} else {
> -			EXPECT_EQ(0, ret);
>   			EXPECT_EQ(0, err_proc_read);
>   		}
>   		if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[limin]

I run test on Linux ubuntu2204 6.1.0-next-20221116

I did't use yama.

you can reproduce by this step:

cd kernel_src

cd tools/testing/selftests/landlock/
make
./ptrace_test




On 2022/11/29 3:44, Mickaël Salaün wrote:
> This patch changes the test semantic and then cannot work on my test 
> environment. On which kernel did you run test? Do you use Yama or 
> something similar?
>
> On 28/11/2022 03:04, limin wrote:
>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
>> trace parent return -1 when child== 0
>> How to reproduce warning:
>> $ make -C tools/testing/selftests TARGETS=landlock run_tests
>>
>> Signed-off-by: limin <limin100@huawei.com>
>> ---
>>   tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
>>   1 file changed, 2 insertions(+), 3 deletions(-)
>>
>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c 
>> b/tools/testing/selftests/landlock/ptrace_test.c
>> index c28ef98ff3ac..88c4dc63eea0 100644
>> --- a/tools/testing/selftests/landlock/ptrace_test.c
>> +++ b/tools/testing/selftests/landlock/ptrace_test.c
>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
>>           /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent. */
>>           err_proc_read = test_ptrace_read(parent);
>>           ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
>> +        EXPECT_EQ(-1, ret);
>> +        EXPECT_EQ(EPERM, errno);
>>           if (variant->domain_child) {
>> -            EXPECT_EQ(-1, ret);
>> -            EXPECT_EQ(EPERM, errno);
>>               EXPECT_EQ(EACCES, err_proc_read);
>>           } else {
>> -            EXPECT_EQ(0, ret);
>>               EXPECT_EQ(0, err_proc_read);
>>           }
>>           if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[Mickaël Salaün]

I tested with next-20221116 and all tests are OK. Could you share your 
kernel configuration with a link? What is the content of /proc/cmdline?

On 29/11/2022 02:42, limin wrote:
> I run test on Linux ubuntu2204 6.1.0-next-20221116
> 
> I did't use yama.
> 
> you can reproduce by this step:
> 
> cd kernel_src
> 
> cd tools/testing/selftests/landlock/
> make
> ./ptrace_test
> 
> 
> 
> 
> On 2022/11/29 3:44, Mickaël Salaün wrote:
>> This patch changes the test semantic and then cannot work on my test
>> environment. On which kernel did you run test? Do you use Yama or
>> something similar?
>>
>> On 28/11/2022 03:04, limin wrote:
>>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
>>> trace parent return -1 when child== 0
>>> How to reproduce warning:
>>> $ make -C tools/testing/selftests TARGETS=landlock run_tests
>>>
>>> Signed-off-by: limin <limin100@huawei.com>
>>> ---
>>>    tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
>>>    1 file changed, 2 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c
>>> b/tools/testing/selftests/landlock/ptrace_test.c
>>> index c28ef98ff3ac..88c4dc63eea0 100644
>>> --- a/tools/testing/selftests/landlock/ptrace_test.c
>>> +++ b/tools/testing/selftests/landlock/ptrace_test.c
>>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
>>>            /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent. */
>>>            err_proc_read = test_ptrace_read(parent);
>>>            ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
>>> +        EXPECT_EQ(-1, ret);
>>> +        EXPECT_EQ(EPERM, errno);
>>>            if (variant->domain_child) {
>>> -            EXPECT_EQ(-1, ret);
>>> -            EXPECT_EQ(EPERM, errno);
>>>                EXPECT_EQ(EACCES, err_proc_read);
>>>            } else {
>>> -            EXPECT_EQ(0, ret);
>>>                EXPECT_EQ(0, err_proc_read);
>>>            }
>>>            if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[limin]

cat /proc/cmdline

BOOT_IMAGE=/vmlinuz-6.1.0-next-20221116 
root=UUID=a65b3a79-dc02-4728-8a0c-5cf24f4ae08b ro 
systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all


On 2022/11/29 19:03, Mickaël Salaün wrote:
> I tested with next-20221116 and all tests are OK. Could you share your 
> kernel configuration with a link? What is the content of /proc/cmdline?
>
> On 29/11/2022 02:42, limin wrote:
>> I run test on Linux ubuntu2204 6.1.0-next-20221116
>>
>> I did't use yama.
>>
>> you can reproduce by this step:
>>
>> cd kernel_src
>>
>> cd tools/testing/selftests/landlock/
>> make
>> ./ptrace_test
>>
>>
>>
>>
>> On 2022/11/29 3:44, Mickaël Salaün wrote:
>>> This patch changes the test semantic and then cannot work on my test
>>> environment. On which kernel did you run test? Do you use Yama or
>>> something similar?
>>>
>>> On 28/11/2022 03:04, limin wrote:
>>>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
>>>> trace parent return -1 when child== 0
>>>> How to reproduce warning:
>>>> $ make -C tools/testing/selftests TARGETS=landlock run_tests
>>>>
>>>> Signed-off-by: limin <limin100@huawei.com>
>>>> ---
>>>>    tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
>>>>    1 file changed, 2 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c
>>>> b/tools/testing/selftests/landlock/ptrace_test.c
>>>> index c28ef98ff3ac..88c4dc63eea0 100644
>>>> --- a/tools/testing/selftests/landlock/ptrace_test.c
>>>> +++ b/tools/testing/selftests/landlock/ptrace_test.c
>>>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
>>>>            /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the 
>>>> parent. */
>>>>            err_proc_read = test_ptrace_read(parent);
>>>>            ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
>>>> +        EXPECT_EQ(-1, ret);
>>>> +        EXPECT_EQ(EPERM, errno);
>>>>            if (variant->domain_child) {
>>>> -            EXPECT_EQ(-1, ret);
>>>> -            EXPECT_EQ(EPERM, errno);
>>>>                EXPECT_EQ(EACCES, err_proc_read);
>>>>            } else {
>>>> -            EXPECT_EQ(0, ret);
>>>>                EXPECT_EQ(0, err_proc_read);
>>>>            }
>>>>            if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[limin]

configuration 
https://gitee.com/openeuler/kernel/blob/openEuler-22.09/arch/x86/configs/openeuler_defconfig


On 2022/11/29 19:03, Mickaël Salaün wrote:
> I tested with next-20221116 and all tests are OK. Could you share your 
> kernel configuration with a link? What is the content of /proc/cmdline?
>
> On 29/11/2022 02:42, limin wrote:
>> I run test on Linux ubuntu2204 6.1.0-next-20221116
>>
>> I did't use yama.
>>
>> you can reproduce by this step:
>>
>> cd kernel_src
>>
>> cd tools/testing/selftests/landlock/
>> make
>> ./ptrace_test
>>
>>
>>
>>
>> On 2022/11/29 3:44, Mickaël Salaün wrote:
>>> This patch changes the test semantic and then cannot work on my test
>>> environment. On which kernel did you run test? Do you use Yama or
>>> something similar?
>>>
>>> On 28/11/2022 03:04, limin wrote:
>>>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
>>>> trace parent return -1 when child== 0
>>>> How to reproduce warning:
>>>> $ make -C tools/testing/selftests TARGETS=landlock run_tests
>>>>
>>>> Signed-off-by: limin <limin100@huawei.com>
>>>> ---
>>>>    tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
>>>>    1 file changed, 2 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c
>>>> b/tools/testing/selftests/landlock/ptrace_test.c
>>>> index c28ef98ff3ac..88c4dc63eea0 100644
>>>> --- a/tools/testing/selftests/landlock/ptrace_test.c
>>>> +++ b/tools/testing/selftests/landlock/ptrace_test.c
>>>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
>>>>            /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the 
>>>> parent. */
>>>>            err_proc_read = test_ptrace_read(parent);
>>>>            ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
>>>> +        EXPECT_EQ(-1, ret);
>>>> +        EXPECT_EQ(EPERM, errno);
>>>>            if (variant->domain_child) {
>>>> -            EXPECT_EQ(-1, ret);
>>>> -            EXPECT_EQ(EPERM, errno);
>>>>                EXPECT_EQ(EACCES, err_proc_read);
>>>>            } else {
>>>> -            EXPECT_EQ(0, ret);
>>>>                EXPECT_EQ(0, err_proc_read);
>>>>            }
>>>>            if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[Mickaël Salaün]

I checked and the Landlock ptrace test failed because Yama is enabled, 
which is expected. You can check that with 
/proc/sys/kernel/yama/ptrace_scope

Jeff Xu sent a patch to fix this case but it is not ready yet: 
https://lore.kernel.org/r/20220628222941.2642917-1-jeffxu@google.com

Could you please send a new patch Jeff, and add Limin in Cc?


On 29/11/2022 12:26, limin wrote:
> cat /proc/cmdline
> BOOT_IMAGE=/vmlinuz-6.1.0-next-20221116
> root=UUID=a65b3a79-dc02-4728-8a0c-5cf24f4ae08b ro
> systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all
> 
> 
> config
> 
> #
> # Automatically generated file; DO NOT EDIT.
> # Linux/x86 6.1.0-rc6 Kernel Configuration
> #

[...]

> CONFIG_SECURITY_YAMA=y

[...]

> CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor"
[...]
> 
> On 2022/11/29 19:03, Mickaël Salaün wrote:
>> I tested with next-20221116 and all tests are OK. Could you share your
>> kernel configuration with a link? What is the content of /proc/cmdline?
>>
>> On 29/11/2022 02:42, limin wrote:
>>> I run test on Linux ubuntu2204 6.1.0-next-20221116
>>>
>>> I did't use yama.
>>>
>>> you can reproduce by this step:
>>>
>>> cd kernel_src
>>>
>>> cd tools/testing/selftests/landlock/
>>> make
>>> ./ptrace_test
>>>
>>>
>>>
>>>
>>> On 2022/11/29 3:44, Mickaël Salaün wrote:
>>>> This patch changes the test semantic and then cannot work on my test
>>>> environment. On which kernel did you run test? Do you use Yama or
>>>> something similar?
>>>>
>>>> On 28/11/2022 03:04, limin wrote:
>>>>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
>>>>> trace parent return -1 when child== 0
>>>>> How to reproduce warning:
>>>>> $ make -C tools/testing/selftests TARGETS=landlock run_tests
>>>>>
>>>>> Signed-off-by: limin <limin100@huawei.com>
>>>>> ---
>>>>>     tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
>>>>>     1 file changed, 2 insertions(+), 3 deletions(-)
>>>>>
>>>>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c
>>>>> b/tools/testing/selftests/landlock/ptrace_test.c
>>>>> index c28ef98ff3ac..88c4dc63eea0 100644
>>>>> --- a/tools/testing/selftests/landlock/ptrace_test.c
>>>>> +++ b/tools/testing/selftests/landlock/ptrace_test.c
>>>>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
>>>>>             /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the
>>>>> parent. */
>>>>>             err_proc_read = test_ptrace_read(parent);
>>>>>             ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
>>>>> +        EXPECT_EQ(-1, ret);
>>>>> +        EXPECT_EQ(EPERM, errno);
>>>>>             if (variant->domain_child) {
>>>>> -            EXPECT_EQ(-1, ret);
>>>>> -            EXPECT_EQ(EPERM, errno);
>>>>>                 EXPECT_EQ(EACCES, err_proc_read);
>>>>>             } else {
>>>>> -            EXPECT_EQ(0, ret);
>>>>>                 EXPECT_EQ(0, err_proc_read);
>>>>>             }
>>>>>             if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[Jeff Xu]

On Wed, Nov 30, 2022 at 11:32 AM Mickaël Salaün <mic@digikod.net> wrote:
>
> I checked and the Landlock ptrace test failed because Yama is enabled,
> which is expected. You can check that with
> /proc/sys/kernel/yama/ptrace_scope
>
> Jeff Xu sent a patch to fix this case but it is not ready yet:
> https://lore.kernel.org/r/20220628222941.2642917-1-jeffxu@google.com
>
> Could you please send a new patch Jeff, and add Limin in Cc?
>
Yes. This work is planned for Dec. I will start working on it soon.
Jeff

>
> On 29/11/2022 12:26, limin wrote:
> > cat /proc/cmdline
> > BOOT_IMAGE=/vmlinuz-6.1.0-next-20221116
> > root=UUID=a65b3a79-dc02-4728-8a0c-5cf24f4ae08b ro
> > systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all
> >
> >
> > config
> >
> > #
> > # Automatically generated file; DO NOT EDIT.
> > # Linux/x86 6.1.0-rc6 Kernel Configuration
> > #
>
> [...]
>
> > CONFIG_SECURITY_YAMA=y
>
> [...]
>
> > CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor"
> [...]
> >
> > On 2022/11/29 19:03, Mickaël Salaün wrote:
> >> I tested with next-20221116 and all tests are OK. Could you share your
> >> kernel configuration with a link? What is the content of /proc/cmdline?
> >>
> >> On 29/11/2022 02:42, limin wrote:
> >>> I run test on Linux ubuntu2204 6.1.0-next-20221116
> >>>
> >>> I did't use yama.
> >>>
> >>> you can reproduce by this step:
> >>>
> >>> cd kernel_src
> >>>
> >>> cd tools/testing/selftests/landlock/
> >>> make
> >>> ./ptrace_test
> >>>
> >>>
> >>>
> >>>
> >>> On 2022/11/29 3:44, Mickaël Salaün wrote:
> >>>> This patch changes the test semantic and then cannot work on my test
> >>>> environment. On which kernel did you run test? Do you use Yama or
> >>>> something similar?
> >>>>
> >>>> On 28/11/2022 03:04, limin wrote:
> >>>>> Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
> >>>>> trace parent return -1 when child== 0
> >>>>> How to reproduce warning:
> >>>>> $ make -C tools/testing/selftests TARGETS=landlock run_tests
> >>>>>
> >>>>> Signed-off-by: limin <limin100@huawei.com>
> >>>>> ---
> >>>>>     tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
> >>>>>     1 file changed, 2 insertions(+), 3 deletions(-)
> >>>>>
> >>>>> diff --git a/tools/testing/selftests/landlock/ptrace_test.c
> >>>>> b/tools/testing/selftests/landlock/ptrace_test.c
> >>>>> index c28ef98ff3ac..88c4dc63eea0 100644
> >>>>> --- a/tools/testing/selftests/landlock/ptrace_test.c
> >>>>> +++ b/tools/testing/selftests/landlock/ptrace_test.c
> >>>>> @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
> >>>>>             /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the
> >>>>> parent. */
> >>>>>             err_proc_read = test_ptrace_read(parent);
> >>>>>             ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
> >>>>> +        EXPECT_EQ(-1, ret);
> >>>>> +        EXPECT_EQ(EPERM, errno);
> >>>>>             if (variant->domain_child) {
> >>>>> -            EXPECT_EQ(-1, ret);
> >>>>> -            EXPECT_EQ(EPERM, errno);
> >>>>>                 EXPECT_EQ(EACCES, err_proc_read);
> >>>>>             } else {
> >>>>> -            EXPECT_EQ(0, ret);
> >>>>>                 EXPECT_EQ(0, err_proc_read);
> >>>>>             }
> >>>>>             if (ret == 0) {

Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail

[Mickaël Salaün]

Hi limin,

Just to let you know that Jeff's patch was merged and is available since
Linux 6.3:
https://lore.kernel.org/all/20230114020306.1407195-1-jeffxu@google.com/

Regards,
 Mickaël

On Wed, Nov 30, 2022 at 08:32:41PM +0100, Mickaël Salaün wrote:
> I checked and the Landlock ptrace test failed because Yama is enabled, which
> is expected. You can check that with /proc/sys/kernel/yama/ptrace_scope
> 
> Jeff Xu sent a patch to fix this case but it is not ready yet:
> https://lore.kernel.org/r/20220628222941.2642917-1-jeffxu@google.com
> 
> Could you please send a new patch Jeff, and add Limin in Cc?
> 
> 
> On 29/11/2022 12:26, limin wrote:
> > cat /proc/cmdline
> > BOOT_IMAGE=/vmlinuz-6.1.0-next-20221116
> > root=UUID=a65b3a79-dc02-4728-8a0c-5cf24f4ae08b ro
> > systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all
> > 
> > 
> > config
> > 
> > #
> > # Automatically generated file; DO NOT EDIT.
> > # Linux/x86 6.1.0-rc6 Kernel Configuration
> > #
> 
> [...]
> 
> > CONFIG_SECURITY_YAMA=y
> 
> [...]
> 
> > CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor"
> [...]
> > 
> > On 2022/11/29 19:03, Mickaël Salaün wrote:
> > > I tested with next-20221116 and all tests are OK. Could you share your
> > > kernel configuration with a link? What is the content of /proc/cmdline?
> > > 
> > > On 29/11/2022 02:42, limin wrote:
> > > > I run test on Linux ubuntu2204 6.1.0-next-20221116
> > > > 
> > > > I did't use yama.
> > > > 
> > > > you can reproduce by this step:
> > > > 
> > > > cd kernel_src
> > > > 
> > > > cd tools/testing/selftests/landlock/
> > > > make
> > > > ./ptrace_test
> > > > 
> > > > 
> > > > 
> > > > 
> > > > On 2022/11/29 3:44, Mickaël Salaün wrote:
> > > > > This patch changes the test semantic and then cannot work on my test
> > > > > environment. On which kernel did you run test? Do you use Yama or
> > > > > something similar?
> > > > > 
> > > > > On 28/11/2022 03:04, limin wrote:
> > > > > > Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent,
> > > > > > trace parent return -1 when child== 0
> > > > > > How to reproduce warning:
> > > > > > $ make -C tools/testing/selftests TARGETS=landlock run_tests
> > > > > > 
> > > > > > Signed-off-by: limin <limin100@huawei.com>
> > > > > > ---
> > > > > >     tools/testing/selftests/landlock/ptrace_test.c | 5 ++---
> > > > > >     1 file changed, 2 insertions(+), 3 deletions(-)
> > > > > > 
> > > > > > diff --git a/tools/testing/selftests/landlock/ptrace_test.c
> > > > > > b/tools/testing/selftests/landlock/ptrace_test.c
> > > > > > index c28ef98ff3ac..88c4dc63eea0 100644
> > > > > > --- a/tools/testing/selftests/landlock/ptrace_test.c
> > > > > > +++ b/tools/testing/selftests/landlock/ptrace_test.c
> > > > > > @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace)
> > > > > >             /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the
> > > > > > parent. */
> > > > > >             err_proc_read = test_ptrace_read(parent);
> > > > > >             ret = ptrace(PTRACE_ATTACH, parent, NULL, 0);
> > > > > > +        EXPECT_EQ(-1, ret);
> > > > > > +        EXPECT_EQ(EPERM, errno);
> > > > > >             if (variant->domain_child) {
> > > > > > -            EXPECT_EQ(-1, ret);
> > > > > > -            EXPECT_EQ(EPERM, errno);
> > > > > >                 EXPECT_EQ(EACCES, err_proc_read);
> > > > > >             } else {
> > > > > > -            EXPECT_EQ(0, ret);
> > > > > >                 EXPECT_EQ(0, err_proc_read);
> > > > > >             }
> > > > > >             if (ret == 0) {