Re: [PATCH v2] selftests/seccomp: Fix seccomp failure by adding missing headers
From: Kees Cook
Date: Thu Feb 10 2022 - 18:58:34 EST
On Fri, Feb 11, 2022 at 04:14:17AM +0500, Muhammad Usama Anjum wrote:
> On 2/11/22 1:30 AM, Sherry Yang wrote:
> > seccomp_bpf failed on tests 47 global.user_notification_filter_empty
> > and 48 global.user_notification_filter_empty_threaded when it's
> > tested on updated kernel but with old kernel headers. Because old
> > kernel headers don't have definition of macro __NR_clone3 which is
> > required for these two tests. Since under selftests/, we can install
> > headers once for all tests (the default INSTALL_HDR_PATH is
> > usr/include), fix it by adding usr/include to the list of directories
> > to be searched. Use "-isystem" to indicate it's a system directory as
> > the real kernel headers directories are.
> >
> > Signed-off-by: Sherry Yang <sherry.yang@xxxxxxxxxx>
> > Tested-by: Sherry Yang <sherry.yang@xxxxxxxxxx>
> > ---
> > tools/testing/selftests/seccomp/Makefile | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tools/testing/selftests/seccomp/Makefile b/tools/testing/selftests/seccomp/Makefile
> > index 0ebfe8b0e147..585f7a0c10cb 100644
> > --- a/tools/testing/selftests/seccomp/Makefile
> > +++ b/tools/testing/selftests/seccomp/Makefile
> > @@ -1,5 +1,5 @@
> > # SPDX-License-Identifier: GPL-2.0
> > -CFLAGS += -Wl,-no-as-needed -Wall
> > +CFLAGS += -Wl,-no-as-needed -Wall -isystem ../../../../usr/include/
>
> "../../../../usr/include/" directory doesn't have header files if
> different output directory is used for kselftests build like "make -C
> tools/tests/selftest O=build". Can you try adding recently added
> variable, KHDR_INCLUDES here which makes this kind of headers inclusion
> easy and correct for other build combinations as well?
Ah, if that's true I think there are some other instances in the tree
that need fixing too.
--
Kees Cook