Hi,
The test outputs of those failures in seccomp_bpf as below: --- m3ulcb:/opt/kselftest/seccomp# ./seccomp_bpf 61 [ RUN ] global.syscall_restart seccomp_bpf.c:2754:global.syscall_restart:Expected 0x200 (512) == msg (256) global.syscall_restart: Test terminated by assertion [ FAIL ] global.syscall_restart m3ulcb:/opt/kselftest/seccomp# seccomp_bpf.c:2685:global.syscall_restart:Expected 0 (0) == nanosleep(&timeout, ((void *)0)) (-1) seccomp_bpf.c:2686:global.syscall_restart:Call to nanosleep() failed (errno 38) seccomp_bpf.c:2690:global.syscall_restart:Expected 1 (1) == read(pipefd[0], &buf, 1) (0) seccomp_bpf.c:2691:global.syscall_restart:Failed final read() from parent seccomp_bpf.c:2693:global.syscall_restart:Expected '!' (33) == buf (46) seccomp_bpf.c:2694:global.syscall_restart:Failed to get final data from read()
m3ulcb:/opt/kselftest/seccomp# ./seccomp_bpf 53 [ RUN ] global.detect_seccomp_filter_flags seccomp_bpf.c:2104:global.detect_seccomp_filter_flags:Expected 14 (14) == (*__errno_location ()) (22) seccomp_bpf.c:2106:global.detect_seccomp_filter_flags:Failed to detect that a known-good filter flag (0x4) is supported! seccomp_bpf.c:2115:global.detect_seccomp_filter_flags:Expected 14 (14) == (*__errno_location ()) (22) seccomp_bpf.c:2117:global.detect_seccomp_filter_flags:Failed to detect that all known-good filter flags (0x7) are supported! global.detect_seccomp_filter_flags: Test failed at step #6 [ FAIL ] global.detect_seccomp_filter_flags
m3ulcb:/opt/kselftest/seccomp# ./seccomp_bpf 64 [ RUN ] global.get_metadata seccomp_bpf.c:2914:global.get_metadata:Expected sizeof(md) (16) == ptrace(0x420d, pid, sizeof(md), &md) (-1) global.get_metadata: Test terminated by assertion [ FAIL ] global.get_metadata
--- Although I am not so familiar with SECCOMP and BPF, I checked some related documents and codes. About the failures above, what the most confused me is that why it always give ENOSYS.
Am I missing something? Thanks in advance.
PS: I didn't run "make kselftest-merge" before compiling the kernel that I'm using.
--- The Test Environment: - Kernel version: v4.14.0
The following configs were enabled. - CONFIG_HAVE_ARCH_SECCOMP_FILTER=y - CONFIG_SECCOMP_FILTER=y - CONFIG_SECCOMP=y
Best regards Liu
On Thu, Nov 29, 2018 at 6:52 PM Liu, Wenlong liuwl.fnst@cn.fujitsu.com wrote:
m3ulcb:/opt/kselftest/seccomp# ./seccomp_bpf 64 [ RUN ] global.get_metadata seccomp_bpf.c:2914:global.get_metadata:Expected sizeof(md) (16) == ptrace(0x420d, pid, sizeof(md), &md) (-1) global.get_metadata: Test terminated by assertion [ FAIL ] global.get_metadata
Although I am not so familiar with SECCOMP and BPF, I checked some related documents and codes. About the failures above, what the most confused me is that why it always give ENOSYS.
Am I missing something? Thanks in advance.
PS: I didn't run "make kselftest-merge" before compiling the kernel that I'm using.
The Test Environment:
- Kernel version: v4.14.0
Hi!
It appears you're attempting to use a newer seccomp selftest on an older kernel. That isn't a supported way to test seccomp. You'll need to build 4.14's seccomp_bpf test binary and run it instead.
-----Original Message----- From: Kees Cook [mailto:keescook@chromium.org] Sent: Friday, November 30, 2018 10:58 AM To: Liu, Wenlong/刘 文龙 liuwl.fnst@cn.fujitsu.com Cc: Andy Lutomirski luto@amacapital.net; Will Drewry wad@chromium.org; Shuah Khan shuah@kernel.org; open list:KERNEL SELFTEST FRAMEWORK linux-kselftest@vger.kernel.org; yuichi.kusakabe@denso-ten.com; kisuke.kawamura@denso-ten.com Subject: Re: seccomp/seccomp_bpf: test terminated by the not expected behavior
Although I am not so familiar with SECCOMP and BPF, I checked some related
documents and codes.
About the failures above, what the most confused me is that why it always
give ENOSYS.
Am I missing something? Thanks in advance.
PS: I didn't run "make kselftest-merge" before compiling the kernel that I'm
using.
The Test Environment:
- Kernel version: v4.14.0
Hi!
It appears you're attempting to use a newer seccomp selftest on an older kernel. That isn't a supported way to test seccomp. You'll need to build 4.14's seccomp_bpf test binary and run it instead.
Thanks for your reply.
Indeed, there is little difference between the version of kernel and kselftest.
Someone(or doc) tells me that, If you run a kernel xyz, then always run the BPF kernel selftests from that kernel xyz as well. Do not expect that the BPF selftest from the latest mainline tree will pass all the time.
But I forget that, the little difference in my case is different "z". :-) My fault.
Thanks again.
Best regards Liu
-- Kees Cook
[Fixed] Have found the cause, and I think I should report back to this mailing list about my real problem and its solution.
Problem: [ARCH: aarch64, Version: 4.14.35] The second in_syscall() based on the updated pt_regs(syscall nr has been emptied) instead of the original pt_regs. But it should use the original one, otherwise, it cannot trigger the restart_syscall as our expected.
... (arch/arm64/kernel/signal.c) /* * Handle restarting a different system call. As above, if a debugger * has chosen to restart at a different PC, ignore the restart. */ if (in_syscall(regs) && regs->pc == restart_addr) { if (retval == -ERESTART_RESTARTBLOCK) setup_restart_syscall(regs); user_rewind_single_step(current); } ...
Fixed commit: 0fe4251 [1]
This commit has already been backport/merged to 4.14.53, but didn't apply to the BSP I'm using.
Thanks.
[1] https://github.com/torvalds/linux/commit/0fe42512b2f03f9e5a20b9f55ef1013a68b...
Best regards Liu
-----Original Message----- From: Kees Cook [mailto:keescook@chromium.org] Sent: Friday, November 30, 2018 10:58 AM To: Liu, Wenlong/刘 文龙 liuwl.fnst@cn.fujitsu.com Cc: Andy Lutomirski luto@amacapital.net; Will Drewry wad@chromium.org; Shuah Khan shuah@kernel.org; open list:KERNEL SELFTEST FRAMEWORK linux-kselftest@vger.kernel.org; yuichi.kusakabe@denso-ten.com; kisuke.kawamura@denso-ten.com Subject: Re: seccomp/seccomp_bpf: test terminated by the not expected behavior
On Thu, Nov 29, 2018 at 6:52 PM Liu, Wenlong liuwl.fnst@cn.fujitsu.com wrote:
m3ulcb:/opt/kselftest/seccomp# ./seccomp_bpf 64 [ RUN ] global.get_metadata seccomp_bpf.c:2914:global.get_metadata:Expected sizeof(md) (16) == ptrace(0x420d, pid, sizeof(md), &md) (-1) global.get_metadata: Test terminated by assertion [ FAIL ] global.get_metadata
Although I am not so familiar with SECCOMP and BPF, I checked some related
documents and codes.
About the failures above, what the most confused me is that why it always
give ENOSYS.
Am I missing something? Thanks in advance.
PS: I didn't run "make kselftest-merge" before compiling the kernel that I'm
using.
The Test Environment:
- Kernel version: v4.14.0
Hi!
It appears you're attempting to use a newer seccomp selftest on an older kernel. That isn't a supported way to test seccomp. You'll need to build 4.14's seccomp_bpf test binary and run it instead.
-- Kees Cook
linux-kselftest-mirror@lists.linaro.org
-
Kees Cook -
Liu, Wenlong