[LTP] [RFC PATCH] landlock: fix minimal required size for landlock_ruleset_attr copying

Andrea Cervesato andrea.cervesato@suse.com
Tue Jul 2 15:45:44 CEST 2024 

On 7/2/24 15:34, Li Wang wrote:
>
>
> On Tue, Jul 2, 2024 at 9:00 PM Mickaël Salaün <mic@digikod.net> wrote:
>
>     On Tue, Jul 02, 2024 at 05:47:45PM +0800, Li Wang wrote:
>     > As kernel commit fff69fb03dde ("landlock: Support network rules
>     with TCP bind and connect")
>     > introducing a new field 'handled_access_net' in the structure
>     landlock_ruleset_attr,
>     > but in the landlock_create_ruleset() it still uses the first
>     field 'handled_access_fs'
>     > to calculate minimal size, so that made decrease 1 is useless in
>     LTP landlock01.c to
>     > test the too-small-size.
>     >
>     > Test code:
>     >    rule_small_size = sizeof(struct landlock_ruleset_attr) - 1;
>     >    tst_syscall(__NR_landlock_create_ruleset, ...,
>     rule_small_size, 0)
>     >
>     > Result:
>     >   landlock01.c:49: TFAIL: Size is too small expected EINVAL:
>     ENOMSG (42)
>
>     Interesting, this looks like a bug in these LTP tests.
>
>
> Yes, Andrea drafted a series of landlock tests for LTP.
>
> FYI - 
> https://patchwork.ozlabs.org/project/ltp/list/?series=&submitter=&state=&q=landlock&archive=&delegate= 
> <https://patchwork.ozlabs.org/project/ltp/list/?series=&submitter=&state=&q=landlock&archive=&delegate=>
>
>
>     >
>     > Signed-off-by: Li Wang <liwang@redhat.com>
>     > Cc: Mickaël Salaün <mic@digikod.net>
>     > Cc: Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
>     > Cc: Paul Moore <paul@paul-moore.com>
>     > ---
>     >
>     > Notes:
>     >     Hi Mickael,
>     >        I'm not quite sure if that is on purpose to use the first
>     field or kernel
>     >        bug, can you take a look?
>
>     Hi Li,
>
>     Yes this is on purpose.  The handled_access_fs minimal size check
>     should
>     never change for backward compatibility reason.  User space built with
>     old headers must still work with new kernels.  This is tested with the
>     "inconsistent_attr" test in
>     tools/testing/selftests/landlock/base_test.c
>
>
> Thanks for the confirmation, very helpful.
>
> @Andrea Cervesato <mailto:acervesato@suse.de>, seems we have to adjust 
> the test to use a real small
> rule size which is at least small than sizeof(__u64).
>
Sure, thanks for checking.
>
> -- 
> Regards,
> Li Wang

Andrea

More information about the ltp mailing list