tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

selftests/seccomp: user_notification_addfd check nextfd is available

Currently the user_notification_addfd test checks what the next expected
file descriptor will be by incrementing a variable nextfd. This does not
account for file descriptors that may already be open before the test is
started and will cause the test to fail if any exist.

Replace nextfd++ with a function get_next_fd which will check and return
the next available file descriptor.

Signed-off-by: Terry Tritton <terry.tritton@linaro.org>
Link: https://lore.kernel.org/r/20240124141357.1243457-4-terry.tritton@linaro.org
Signed-off-by: Kees Cook <keescook@chromium.org>

authored by

Terry Tritton and committed by
Kees Cook 8e3c9f9f 471dbc54

+19 -5
+19 -5
tools/testing/selftests/seccomp/seccomp_bpf.c
··· 4044 4044 EXPECT_GT((pollfd.revents & POLLHUP) ?: 0, 0); 4045 4045 } 4046 4046 4047 + 4048 + int get_next_fd(int prev_fd) 4049 + { 4050 + for (int i = prev_fd + 1; i < FD_SETSIZE; ++i) { 4051 + if (fcntl(i, F_GETFD) == -1) 4052 + return i; 4053 + } 4054 + _exit(EXIT_FAILURE); 4055 + } 4056 + 4047 4057 TEST(user_notification_addfd) 4048 4058 { 4049 4059 pid_t pid; ··· 4070 4060 /* There may be arbitrary already-open fds at test start. */ 4071 4061 memfd = memfd_create("test", 0); 4072 4062 ASSERT_GE(memfd, 0); 4073 - nextfd = memfd + 1; 4063 + nextfd = get_next_fd(memfd); 4074 4064 4075 4065 ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); 4076 4066 ASSERT_EQ(0, ret) { ··· 4081 4071 /* Check that the basic notification machinery works */ 4082 4072 listener = user_notif_syscall(__NR_getppid, 4083 4073 SECCOMP_FILTER_FLAG_NEW_LISTENER); 4084 - ASSERT_EQ(listener, nextfd++); 4074 + ASSERT_EQ(listener, nextfd); 4075 + nextfd = get_next_fd(nextfd); 4085 4076 4086 4077 pid = fork(); 4087 4078 ASSERT_GE(pid, 0); ··· 4137 4126 4138 4127 /* Verify we can set an arbitrary remote fd */ 4139 4128 fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD, &addfd); 4140 - EXPECT_EQ(fd, nextfd++); 4129 + EXPECT_EQ(fd, nextfd); 4130 + nextfd = get_next_fd(nextfd); 4141 4131 EXPECT_EQ(filecmp(getpid(), pid, memfd, fd), 0); 4142 4132 4143 4133 /* Verify we can set an arbitrary remote fd with large size */ 4144 4134 memset(&big, 0x0, sizeof(big)); 4145 4135 big.addfd = addfd; 4146 4136 fd = ioctl(listener, SECCOMP_IOCTL_NOTIF_ADDFD_BIG, &big); 4147 - EXPECT_EQ(fd, nextfd++); 4137 + EXPECT_EQ(fd, nextfd); 4138 + nextfd = get_next_fd(nextfd); 4148 4139 4149 4140 /* Verify we can set a specific remote fd */ 4150 4141 addfd.newfd = 42; ··· 4184 4171 * Child has earlier "low" fds and now 42, so we expect the next 4185 4172 * lowest available fd to be assigned here. 4186 4173 */ 4187 - EXPECT_EQ(fd, nextfd++); 4174 + EXPECT_EQ(fd, nextfd); 4175 + nextfd = get_next_fd(nextfd); 4188 4176 ASSERT_EQ(filecmp(getpid(), pid, memfd, fd), 0); 4189 4177 4190 4178 /*