[PATCH] selftests/seccomp: Test kernel catches garbage on SECCOMP_IOCTL_NOTIF_RECV
From: Sargun Dhillon
Date: Mon Dec 30 2019 - 15:39:35 EST
This adds to the user_notification_basic to set a field of seccomp_notif
to an invalid value to ensure that the kernel returns EINVAL if any of the
seccomp_notif fields are set to invalid values.
Signed-off-by: Sargun Dhillon <sargun@xxxxxxxxx>
Suggested-by: Christian Brauner <christian.brauner@xxxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxxxx>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index f53f14971bff..393578a78dbc 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3158,6 +3158,13 @@ TEST(user_notification_basic)
EXPECT_GT(poll(&pollfd, 1, -1), 0);
EXPECT_EQ(pollfd.revents, POLLIN);
+ /* Test that we can't pass garbage to the kernel. */
+ memset(&req, 0, sizeof(req));
+ req.pid = -1;
+ EXPECT_EQ(-1, ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req));
+ EXPECT_EQ(EINVAL, errno);
+
+ req.pid = 0;
EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_RECV, &req), 0);
pollfd.fd = listener;
--
2.20.1