* Re: [LTP] [PATCH v4 7/7] Add lsm_set_self_attr01 test [not found] ` <20250429-lsm-v4-7-602b7097e722@suse.com> @ 2025-06-05 8:13 ` Petr Vorel 2025-06-05 8:18 ` Petr Vorel 2025-06-05 8:25 ` Andrea Cervesato 0 siblings, 2 replies; 3+ messages in thread From: Petr Vorel @ 2025-06-05 8:13 UTC (permalink / raw) To: Andrea Cervesato Cc: ltp, Avinesh Kumar, Mickaël Salaün, Günther Noack, linux-security-module Hi Andrea, all, > Verify that lsm_set_self_attr syscall is raising errors when invalid > data is provided. ... > diff --git a/testcases/kernel/syscalls/lsm/lsm_set_self_attr01.c b/testcases/kernel/syscalls/lsm/lsm_set_self_attr01.c > new file mode 100644 > index 0000000000000000000000000000000000000000..caccdda7ecf2edaac1fa8e2dc2ccdd0aff020804 > --- /dev/null > +++ b/testcases/kernel/syscalls/lsm/lsm_set_self_attr01.c > @@ -0,0 +1,110 @@ > +// SPDX-License-Identifier: GPL-2.0-or-later > +/* > + * Copyright (C) 2024 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com> > + */ > + > +/*\ > + * Verify that lsm_set_self_attr syscall is raising errors when invalid data is > + * provided. > + */ > + > +#include "lsm_common.h" > + > +static struct lsm_ctx *ctx; > +static struct lsm_ctx *ctx_orig; > +static struct lsm_ctx *ctx_null; > +static uint32_t ctx_size; > +static uint32_t ctx_size_small; > +static uint32_t ctx_size_big; > +static uint32_t page_size; > + > +static struct tcase { > + uint32_t attr; > + struct lsm_ctx **ctx; > + uint32_t *size; > + uint32_t flags; > + int exp_errno; > + char *msg; > +} tcases[] = { > + { > + .attr = LSM_ATTR_CURRENT, > + .ctx = &ctx_null, > + .size = &ctx_size, > + .exp_errno = EFAULT, > + .msg = "ctx is NULL", > + }, > + { > + .attr = LSM_ATTR_CURRENT, > + .ctx = &ctx, > + .size = &ctx_size_small, > + .exp_errno = EINVAL, > + .msg = "size is too small", > + }, > + { > + .attr = LSM_ATTR_CURRENT, > + .ctx = &ctx, > + .size = &ctx_size_big, > + .exp_errno = E2BIG, > + .msg = "size is too big", > + }, > + { > + .attr = LSM_ATTR_CURRENT, > + .ctx = &ctx, > + .size = &ctx_size, > + .flags = 1, > + .exp_errno = EINVAL, > + .msg = "flags must be zero", > + }, > + { > + .attr = LSM_ATTR_CURRENT | LSM_ATTR_EXEC, > + .ctx = &ctx, > + .size = &ctx_size, > + .exp_errno = EINVAL, > + .msg = "attr is overset", FYI The test fails on this check on current Tumbleweed with new 6.15.0-1-default. It worked on 6.14. Looking at 6.15 landlock related changes (added Landlock audit support and Landlock signal scope fixes) test might needs to be updated. https://kernelnewbies.org/Linux_6.15#Security @Andrea could you please have a look? Kind regards, Petr ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LTP] [PATCH v4 7/7] Add lsm_set_self_attr01 test 2025-06-05 8:13 ` [LTP] [PATCH v4 7/7] Add lsm_set_self_attr01 test Petr Vorel @ 2025-06-05 8:18 ` Petr Vorel 2025-06-05 8:25 ` Andrea Cervesato 1 sibling, 0 replies; 3+ messages in thread From: Petr Vorel @ 2025-06-05 8:18 UTC (permalink / raw) To: Andrea Cervesato, Mickaël Salaün, Günther Noack, linux-security-module, ltp > Hi Andrea, all, > > Verify that lsm_set_self_attr syscall is raising errors when invalid > > data is provided. > ... > > diff --git a/testcases/kernel/syscalls/lsm/lsm_set_self_attr01.c b/testcases/kernel/syscalls/lsm/lsm_set_self_attr01.c > > new file mode 100644 > > index 0000000000000000000000000000000000000000..caccdda7ecf2edaac1fa8e2dc2ccdd0aff020804 > > --- /dev/null > > +++ b/testcases/kernel/syscalls/lsm/lsm_set_self_attr01.c > > @@ -0,0 +1,110 @@ > > +// SPDX-License-Identifier: GPL-2.0-or-later > > +/* > > + * Copyright (C) 2024 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com> > > + */ > > + > > +/*\ > > + * Verify that lsm_set_self_attr syscall is raising errors when invalid data is > > + * provided. > > + */ > > + > > +#include "lsm_common.h" > > + > > +static struct lsm_ctx *ctx; > > +static struct lsm_ctx *ctx_orig; > > +static struct lsm_ctx *ctx_null; > > +static uint32_t ctx_size; > > +static uint32_t ctx_size_small; > > +static uint32_t ctx_size_big; > > +static uint32_t page_size; > > + > > +static struct tcase { > > + uint32_t attr; > > + struct lsm_ctx **ctx; > > + uint32_t *size; > > + uint32_t flags; > > + int exp_errno; > > + char *msg; > > +} tcases[] = { > > + { > > + .attr = LSM_ATTR_CURRENT, > > + .ctx = &ctx_null, > > + .size = &ctx_size, > > + .exp_errno = EFAULT, > > + .msg = "ctx is NULL", > > + }, > > + { > > + .attr = LSM_ATTR_CURRENT, > > + .ctx = &ctx, > > + .size = &ctx_size_small, > > + .exp_errno = EINVAL, > > + .msg = "size is too small", > > + }, > > + { > > + .attr = LSM_ATTR_CURRENT, > > + .ctx = &ctx, > > + .size = &ctx_size_big, > > + .exp_errno = E2BIG, > > + .msg = "size is too big", > > + }, > > + { > > + .attr = LSM_ATTR_CURRENT, > > + .ctx = &ctx, > > + .size = &ctx_size, > > + .flags = 1, > > + .exp_errno = EINVAL, > > + .msg = "flags must be zero", > > + }, > > + { > > + .attr = LSM_ATTR_CURRENT | LSM_ATTR_EXEC, > > + .ctx = &ctx, > > + .size = &ctx_size, > > + .exp_errno = EINVAL, > > + .msg = "attr is overset", > FYI The test fails on this check on current Tumbleweed with new > 6.15.0-1-default. It worked on 6.14. > Looking at 6.15 landlock related changes (added Landlock audit support and > Landlock signal scope fixes) test might needs to be updated. > https://kernelnewbies.org/Linux_6.15#Security @Mickaël @Günther I'm sorry, replying to wrong people. This is not a landlock related, the syscall is lsm_set_self_attr(). Kind regards, Petr > @Andrea could you please have a look? > Kind regards, > Petr ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LTP] [PATCH v4 7/7] Add lsm_set_self_attr01 test 2025-06-05 8:13 ` [LTP] [PATCH v4 7/7] Add lsm_set_self_attr01 test Petr Vorel 2025-06-05 8:18 ` Petr Vorel @ 2025-06-05 8:25 ` Andrea Cervesato 1 sibling, 0 replies; 3+ messages in thread From: Andrea Cervesato @ 2025-06-05 8:25 UTC (permalink / raw) To: Petr Vorel, Andrea Cervesato Cc: ltp, Avinesh Kumar, Mickaël Salaün, Günther Noack, linux-security-module > FYI The test fails on this check on current Tumbleweed with new > 6.15.0-1-default. It worked on 6.14. > > Looking at 6.15 landlock related changes (added Landlock audit support and > Landlock signal scope fixes) test might needs to be updated. > https://kernelnewbies.org/Linux_6.15#Security > > @Andrea could you please have a look? > > Kind regards, > Petr There's already a patch in queue fixing the way we are checking errors. About Tumbleweed: I'm already working on it. - Andrea ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-06-05 8:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20250429-lsm-v4-0-602b7097e722@suse.com>
[not found] ` <20250429-lsm-v4-7-602b7097e722@suse.com>
2025-06-05 8:13 ` [LTP] [PATCH v4 7/7] Add lsm_set_self_attr01 test Petr Vorel
2025-06-05 8:18 ` Petr Vorel
2025-06-05 8:25 ` Andrea Cervesato
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).