From: Petr Vorel <pvorel@suse.cz>
To: Andrea Cervesato <andrea.cervesato@suse.de>
Cc: ltp@lists.linux.it
Subject: Re: [LTP] [PATCH v3 09/11] Add landlock04 test
Date: Tue, 16 Jul 2024 19:27:25 +0200 [thread overview]
Message-ID: <20240716172725.GC549165@pevik> (raw)
In-Reply-To: <20240711-landlock-v3-9-c7b0e9edf9b0@suse.com>
Hi Andrea,
...
> +static void enable_exec_libs(const int ruleset_fd)
> +{
> + FILE *fp;
> + char line[1024];
> + char path[PATH_MAX];
> + char dependency[8][PATH_MAX];
> + int count = 0;
> + int duplicate = 0;
> +
> + fp = SAFE_FOPEN("/proc/self/maps", "r");
> +
> + while (fgets(line, sizeof(line), fp)) {
> + if (strstr(line, ".so") == NULL)
> + continue;
> +
> + SAFE_SSCANF(line, "%*x-%*x %*s %*x %*s %*d %s", path);
> +
> + for (int i = 0; i < count; i++) {
> + if (strcmp(path, dependency[i]) == 0) {
> + duplicate = 1;
> + break;
> + }
> + }
> +
> + if (duplicate) {
> + duplicate = 0;
> + continue;
> + }
> +
> + strncpy(dependency[count], path, PATH_MAX);
> + count++;
> +
> + tst_res(TINFO, "Enable read/exec permissions for %s", path);
> +
> + path_beneath_attr->allowed_access =
> + LANDLOCK_ACCESS_FS_READ_FILE |
> + LANDLOCK_ACCESS_FS_EXECUTE;
> + path_beneath_attr->parent_fd = SAFE_OPEN(path, O_PATH | O_CLOEXEC);
> +
> + SAFE_LANDLOCK_ADD_RULE(
> + ruleset_fd,
> + LANDLOCK_RULE_PATH_BENEATH,
> + path_beneath_attr,
> + 0);
Unfortunately, on 6.6.15-amd64 kernel (random Debian machine) it fails (after
fresh boot) with:
...
tst_supported_fs_types.c:97: TINFO: Kernel supports tmpfs
tst_supported_fs_types.c:49: TINFO: mkfs is not needed for tmpfs
tst_test.c:1746: TINFO: === Testing on ext2 ===
tst_test.c:1111: TINFO: Formatting /dev/loop1 with ext2 opts='' extra opts=''
mke2fs 1.47.0 (5-Feb-2023)
tst_test.c:1123: TINFO: Mounting /dev/loop1 to /tmp/LTP_lant6WbKJ/sandbox fstyp=ext2 flags=0
landlock_common.h:30: TINFO: Landlock ABI v3
landlock04.c:151: TINFO: Testing LANDLOCK_ACCESS_FS_EXECUTE
landlock04.c:123: TINFO: Enable read/exec permissions for /usr/lib/i386-linux-gnu/libc.so.6
landlock04.c:131: TBROK: landlock_add_rule(3, 1, 0xf7f13ff4, 0): EINVAL (22)
tst_test.c:1746: TINFO: === Testing on ext3 ===
It works on 6.10.0-rc7-3.g92abc10-default (Tumbleweed), 6.9.8-amd64 (Debian).
Any hint, what could be wrong?
Kind regards,
Petr
> +
> + SAFE_CLOSE(path_beneath_attr->parent_fd);
> + }
> +
> + SAFE_FCLOSE(fp);
> +}
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2024-07-16 17:27 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-11 11:18 [LTP] [PATCH v3 00/11] landlock testing suite Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 01/11] Add landlock syscalls definitions Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 02/11] Add lapi/landlock.h fallback Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 03/11] Added three more SAFE_* macros for landlock sandbox: Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 04/11] Add SAFE_PRCTL macro Andrea Cervesato
2024-07-11 20:06 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 05/11] Add landlock01 test Andrea Cervesato
2024-07-11 20:40 ` Petr Vorel
2024-07-12 2:11 ` Li Wang
2024-07-12 3:03 ` Li Wang
2024-07-12 7:57 ` Petr Vorel
2024-07-12 8:28 ` Li Wang
2024-07-12 9:22 ` Petr Vorel
2024-07-12 7:07 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 06/11] Add landlock02 test Andrea Cervesato
2024-07-11 20:32 ` Petr Vorel
2024-07-16 16:59 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 07/11] Add landlock03 test Andrea Cervesato
2024-07-16 17:15 ` Petr Vorel
2024-07-11 11:18 ` [LTP] [PATCH v3 08/11] Add CAP_MKNOD fallback in lapi/capability.h Andrea Cervesato
2024-07-12 7:49 ` Li Wang
2024-07-11 11:18 ` [LTP] [PATCH v3 09/11] Add landlock04 test Andrea Cervesato
2024-07-12 7:50 ` Li Wang
2024-07-16 17:27 ` Petr Vorel [this message]
2024-07-24 10:41 ` Andrea Cervesato via ltp
2024-07-24 12:12 ` Li Wang
2024-07-24 13:30 ` Petr Vorel
2024-07-24 13:37 ` Li Wang
2024-07-24 13:41 ` Petr Vorel
2024-07-24 13:41 ` Li Wang
2024-07-24 13:47 ` Andrea Cervesato via ltp
2024-07-25 7:12 ` Andrea Cervesato via ltp
[not found] ` <54317d90-ec53-49ff-bbff-15200f09c8d2@suse.com>
2024-07-25 9:06 ` [LTP] LTP landlock test is failing for all kernels <= 6.6 Mickaël Salaün
2024-07-25 9:17 ` Andrea Cervesato via ltp
2024-07-11 11:18 ` [LTP] [PATCH v3 10/11] Add landlock05 test Andrea Cervesato
2024-07-11 11:18 ` [LTP] [PATCH v3 11/11] Add landlock06 test Andrea Cervesato
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240716172725.GC549165@pevik \
--to=pvorel@suse.cz \
--cc=andrea.cervesato@suse.de \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox