From: Kees Cook <keescook@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
Will Drewry <wad@chromium.org>, Kees Cook <keescook@chromium.org>,
linux-xtensa@linux-xtensa.org, linux-mips@vger.kernel.org,
Andy Lutomirski <luto@amacapital.net>,
Max Filippov <jcmvbkbc@gmail.com>,
linux-arm-kernel@lists.infradead.org,
linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
Christian Brauner <christian@brauner.io>
Subject: [PATCH v2 2/4] selftests/seccomp: Allow syscall nr and ret value to be set separately
Date: Sat, 19 Sep 2020 01:06:35 -0700 [thread overview]
Message-ID: <20200919080637.259478-3-keescook@chromium.org> (raw)
In-Reply-To: <20200919080637.259478-1-keescook@chromium.org>
In preparation for setting syscall nr and ret values separately, refactor
the helpers to take a pointer to a value, so that a NULL can indicate
"do not change this respective value". This is done to keep the regset
read/write happening once and in one code path.
Signed-off-by: Kees Cook <keescook@chromium.org>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 59 +++++++++++++++----
1 file changed, 47 insertions(+), 12 deletions(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index c0311b4c736b..98ce5e8a6398 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -1888,27 +1888,47 @@ int get_syscall(struct __test_metadata *_metadata, pid_t tracee)
}
/* Architecture-specific syscall changing routine. */
-void change_syscall(struct __test_metadata *_metadata,
- pid_t tracee, int syscall, int result)
+void __change_syscall(struct __test_metadata *_metadata,
+ pid_t tracee, long *syscall, long *ret)
{
ARCH_REGS orig, regs;
+ /* Do not get/set registers if we have nothing to do. */
+ if (!syscall && !ret)
+ return;
+
EXPECT_EQ(0, ARCH_GETREGS(regs)) {
return;
}
orig = regs;
- SYSCALL_NUM_SET(regs, syscall);
+ if (syscall)
+ SYSCALL_NUM_SET(regs, *syscall);
- /* If syscall is skipped, change return value. */
- if (syscall == -1)
- SYSCALL_RET_SET(regs, result);
+ if (ret)
+ SYSCALL_RET_SET(regs, *ret);
/* Flush any register changes made. */
if (memcmp(&orig, ®s, sizeof(orig)) != 0)
EXPECT_EQ(0, ARCH_SETREGS(regs));
}
+/* Change only syscall number. */
+void change_syscall_nr(struct __test_metadata *_metadata,
+ pid_t tracee, long syscall)
+{
+ __change_syscall(_metadata, tracee, &syscall, NULL);
+}
+
+/* Change syscall return value (and set syscall number to -1). */
+void change_syscall_ret(struct __test_metadata *_metadata,
+ pid_t tracee, long ret)
+{
+ long syscall = -1;
+
+ __change_syscall(_metadata, tracee, &syscall, &ret);
+}
+
void tracer_seccomp(struct __test_metadata *_metadata, pid_t tracee,
int status, void *args)
{
@@ -1924,17 +1944,17 @@ void tracer_seccomp(struct __test_metadata *_metadata, pid_t tracee,
case 0x1002:
/* change getpid to getppid. */
EXPECT_EQ(__NR_getpid, get_syscall(_metadata, tracee));
- change_syscall(_metadata, tracee, __NR_getppid, 0);
+ change_syscall_nr(_metadata, tracee, __NR_getppid);
break;
case 0x1003:
/* skip gettid with valid return code. */
EXPECT_EQ(__NR_gettid, get_syscall(_metadata, tracee));
- change_syscall(_metadata, tracee, -1, 45000);
+ change_syscall_ret(_metadata, tracee, 45000);
break;
case 0x1004:
/* skip openat with error. */
EXPECT_EQ(__NR_openat, get_syscall(_metadata, tracee));
- change_syscall(_metadata, tracee, -1, -ESRCH);
+ change_syscall_ret(_metadata, tracee, -ESRCH);
break;
case 0x1005:
/* do nothing (allow getppid) */
@@ -1961,6 +1981,8 @@ void tracer_ptrace(struct __test_metadata *_metadata, pid_t tracee,
int ret;
unsigned long msg;
static bool entry;
+ long syscall_nr_val, syscall_ret_val;
+ long *syscall_nr = NULL, *syscall_ret = NULL;
FIXTURE_DATA(TRACE_syscall) *self = args;
/*
@@ -1987,17 +2009,30 @@ void tracer_ptrace(struct __test_metadata *_metadata, pid_t tracee,
else
return;
+ syscall_nr = &syscall_nr_val;
+ syscall_ret = &syscall_ret_val;
+
+ /* Now handle the actual rewriting cases. */
switch (self->syscall_nr) {
case __NR_getpid:
- change_syscall(_metadata, tracee, __NR_getppid, 0);
+ syscall_nr_val = __NR_getppid;
+ /* Never change syscall return for this case. */
+ syscall_ret = NULL;
break;
case __NR_gettid:
- change_syscall(_metadata, tracee, -1, 45000);
+ syscall_nr_val = -1;
+ syscall_ret_val = 45000;
break;
case __NR_openat:
- change_syscall(_metadata, tracee, -1, -ESRCH);
+ syscall_nr_val = -1;
+ syscall_ret_val = -ESRCH;
break;
+ default:
+ /* Unhandled, do nothing. */
+ return;
}
+
+ __change_syscall(_metadata, tracee, syscall_nr, syscall_ret);
}
FIXTURE_VARIANT(TRACE_syscall) {
--
2.25.1
next prev parent reply other threads:[~2020-09-19 8:10 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-19 8:06 [PATCH v2 0/4] selftests/seccomp: Refactor change_syscall() Kees Cook
2020-09-19 8:06 ` [PATCH v2 1/4] selftests/seccomp: Record syscall during ptrace entry Kees Cook
2020-09-21 7:43 ` Christian Brauner
2020-09-19 8:06 ` Kees Cook [this message]
2020-09-21 7:50 ` [PATCH v2 2/4] selftests/seccomp: Allow syscall nr and ret value to be set separately Christian Brauner
2020-09-19 8:06 ` [PATCH v2 3/4] selftests/seccomp: powerpc: Set syscall return during ptrace syscall exit Kees Cook
2020-09-21 7:53 ` Christian Brauner
2020-09-19 8:06 ` [PATCH v2 4/4] selftests/clone3: Avoid OS-defined clone_args Kees Cook
2020-09-21 7:54 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200919080637.259478-3-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=cascardo@canonical.com \
--cc=christian@brauner.io \
--cc=jcmvbkbc@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-xtensa@linux-xtensa.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=luto@amacapital.net \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).