From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A24EFC001E0 for ; Mon, 31 Jul 2023 14:38:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232420AbjGaOiF (ORCPT ); Mon, 31 Jul 2023 10:38:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232532AbjGaOhv (ORCPT ); Mon, 31 Jul 2023 10:37:51 -0400 Received: from smtp-8fa8.mail.infomaniak.ch (smtp-8fa8.mail.infomaniak.ch [IPv6:2001:1600:4:17::8fa8]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E8150D3 for ; Mon, 31 Jul 2023 07:37:49 -0700 (PDT) Received: from smtp-2-0001.mail.infomaniak.ch (unknown [10.5.36.108]) by smtp-3-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4RF1701BX8zMpnpP; Mon, 31 Jul 2023 14:37:48 +0000 (UTC) Received: from unknown by smtp-2-0001.mail.infomaniak.ch (Postfix) with ESMTPA id 4RF16z0yMvzMppKq; Mon, 31 Jul 2023 16:37:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digikod.net; s=20191114; t=1690814268; bh=FbRoEBv4cNjlnd0vcW71aYM/IRrHo21jzhNdZDTwq44=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=CI1ICo9+HLi8IwHyaakN7dRo7jCy4c8k/q5rNIwffnSaoAXy2SAXvnnS2+1SjcMH4 zQ5+mvMj9525CZTVCpdZWpTxAgv+rpfeUS0ojwF0GQgEfiTksXFa1IMDbxOrTnUhpI oTxnsQk3SHXxB5tDW2DW5uGk0lOcfk/oOFURevGc= Date: Mon, 31 Jul 2023 16:37:53 +0200 From: =?utf-8?Q?Micka=C3=ABl_Sala=C3=BCn?= To: limin , Jeff Xu Cc: hannes@cmpxchg.org, mhocko@kernel.org, roman.gushchin@linux.dev, shakeelb@google.com, songmuchun@bytedance.com, tj@kernel.org, lizefan.x@bytedance.com, shuah@kernel.org, linux-kselftest@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Jorge Lucangeli Obes , Guenter Roeck , Kees Cook Subject: Re: [PATCH -next] selftests/landlock: Fix selftest ptrace_test run fail Message-ID: <20230731.ahcei5eP4aef@digikod.net> References: <20221128020409.1545717-1-limin100@huawei.com> <1232e4f3-e4b8-ff23-61e8-5465c8406f6e@digikod.net> <7379a5fd-5593-c6ce-40fd-c543dcf70d2b@huawei.com> <2bc18685-f975-497f-9c20-da99dbc296c0@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Infomaniak-Routing: alpha Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi limin, Just to let you know that Jeff's patch was merged and is available since Linux 6.3: https://lore.kernel.org/all/20230114020306.1407195-1-jeffxu@google.com/ Regards, Mickaël On Wed, Nov 30, 2022 at 08:32:41PM +0100, Mickaël Salaün wrote: > I checked and the Landlock ptrace test failed because Yama is enabled, which > is expected. You can check that with /proc/sys/kernel/yama/ptrace_scope > > Jeff Xu sent a patch to fix this case but it is not ready yet: > https://lore.kernel.org/r/20220628222941.2642917-1-jeffxu@google.com > > Could you please send a new patch Jeff, and add Limin in Cc? > > > On 29/11/2022 12:26, limin wrote: > > cat /proc/cmdline > > BOOT_IMAGE=/vmlinuz-6.1.0-next-20221116 > > root=UUID=a65b3a79-dc02-4728-8a0c-5cf24f4ae08b ro > > systemd.unified_cgroup_hierarchy=1 cgroup_no_v1=all > > > > > > config > > > > # > > # Automatically generated file; DO NOT EDIT. > > # Linux/x86 6.1.0-rc6 Kernel Configuration > > # > > [...] > > > CONFIG_SECURITY_YAMA=y > > [...] > > > CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor" > [...] > > > > On 2022/11/29 19:03, Mickaël Salaün wrote: > > > I tested with next-20221116 and all tests are OK. Could you share your > > > kernel configuration with a link? What is the content of /proc/cmdline? > > > > > > On 29/11/2022 02:42, limin wrote: > > > > I run test on Linux ubuntu2204 6.1.0-next-20221116 > > > > > > > > I did't use yama. > > > > > > > > you can reproduce by this step: > > > > > > > > cd kernel_src > > > > > > > > cd tools/testing/selftests/landlock/ > > > > make > > > > ./ptrace_test > > > > > > > > > > > > > > > > > > > > On 2022/11/29 3:44, Mickaël Salaün wrote: > > > > > This patch changes the test semantic and then cannot work on my test > > > > > environment. On which kernel did you run test? Do you use Yama or > > > > > something similar? > > > > > > > > > > On 28/11/2022 03:04, limin wrote: > > > > > > Tests PTRACE_ATTACH and PTRACE_MODE_READ on the parent, > > > > > > trace parent return -1 when child== 0 > > > > > > How to reproduce warning: > > > > > > $ make -C tools/testing/selftests TARGETS=landlock run_tests > > > > > > > > > > > > Signed-off-by: limin > > > > > > --- > > > > > >    tools/testing/selftests/landlock/ptrace_test.c | 5 ++--- > > > > > >    1 file changed, 2 insertions(+), 3 deletions(-) > > > > > > > > > > > > diff --git a/tools/testing/selftests/landlock/ptrace_test.c > > > > > > b/tools/testing/selftests/landlock/ptrace_test.c > > > > > > index c28ef98ff3ac..88c4dc63eea0 100644 > > > > > > --- a/tools/testing/selftests/landlock/ptrace_test.c > > > > > > +++ b/tools/testing/selftests/landlock/ptrace_test.c > > > > > > @@ -267,12 +267,11 @@ TEST_F(hierarchy, trace) > > > > > >            /* Tests PTRACE_ATTACH and PTRACE_MODE_READ on the > > > > > > parent. */ > > > > > >            err_proc_read = test_ptrace_read(parent); > > > > > >            ret = ptrace(PTRACE_ATTACH, parent, NULL, 0); > > > > > > +        EXPECT_EQ(-1, ret); > > > > > > +        EXPECT_EQ(EPERM, errno); > > > > > >            if (variant->domain_child) { > > > > > > -            EXPECT_EQ(-1, ret); > > > > > > -            EXPECT_EQ(EPERM, errno); > > > > > >                EXPECT_EQ(EACCES, err_proc_read); > > > > > >            } else { > > > > > > -            EXPECT_EQ(0, ret); > > > > > >                EXPECT_EQ(0, err_proc_read); > > > > > >            } > > > > > >            if (ret == 0) {