selftests/seccomp: Abort without user notification support

In the face of missing user notification support, the self test needs to stop executing a test (ASSERT_*) instead of just reporting and continuing (EXPECT_*). This adjusts the user notification tests to do that where needed. Reported-by: Shuah Khan <shuah@kernel.org> Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace") Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Tycho Andersen <tycho@tycho.ws> Tested-by: Shuah Khan <shuah@kernel.org> Signed-off-by: Shuah Khan <shuah@kernel.org>
author: Kees Cook <keescook@chromium.org> 2019-01-16 19:35:25 -0500
committer: Shuah Khan <shuah@kernel.org> 2019-01-17 13:00:23 -0500
commit: 3d244c192afeee7dd4f5fb1b916ea4e47420d401 (patch)
tree: eac7f01bb07996a0c0a8ff42283e8106a138a5d4 /tools
parent: 508cacd7da6659ae7b7bdd0a335f675422277758 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 067cb4607d6c..496a9a8c773a 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3044,7 +3044,7 @@ TEST(user_notification_basic)
        /* Check that the basic notification machinery works */
        listener = user_trap_syscall(__NR_getpid,
                                     SECCOMP_FILTER_FLAG_NEW_LISTENER);
-        EXPECT_GE(listener, 0);
+        ASSERT_GE(listener, 0);
        /* Installing a second listener in the chain should EBUSY */
        EXPECT_EQ(user_trap_syscall(__NR_getpid,
@@ -3103,7 +3103,7 @@ TEST(user_notification_kill_in_middle)
        listener = user_trap_syscall(__NR_getpid,
                                     SECCOMP_FILTER_FLAG_NEW_LISTENER);
-        EXPECT_GE(listener, 0);
+        ASSERT_GE(listener, 0);
        /*
         * Check that nothing bad happens when we kill the task in the middle
@@ -3152,7 +3152,7 @@ TEST(user_notification_signal)
        listener = user_trap_syscall(__NR_gettid,
                                     SECCOMP_FILTER_FLAG_NEW_LISTENER);
-        EXPECT_GE(listener, 0);
+        ASSERT_GE(listener, 0);
        pid = fork();
        ASSERT_GE(pid, 0);
@@ -3215,7 +3215,7 @@ TEST(user_notification_closed_listener)
        listener = user_trap_syscall(__NR_getpid,
                                     SECCOMP_FILTER_FLAG_NEW_LISTENER);
-        EXPECT_GE(listener, 0);
+        ASSERT_GE(listener, 0);
        /*
         * Check that we get an ENOSYS when the listener is closed.
@@ -3376,7 +3376,7 @@ TEST(seccomp_get_notif_sizes)
 {
        struct seccomp_notif_sizes sizes;
-        EXPECT_EQ(seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes), 0);
+        ASSERT_EQ(seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes), 0);
        EXPECT_EQ(sizes.seccomp_notif, sizeof(struct seccomp_notif));
        EXPECT_EQ(sizes.seccomp_notif_resp, sizeof(struct seccomp_notif_resp));
 }
author	Kees Cook <keescook@chromium.org>	2019-01-16 19:35:25 -0500
committer	Shuah Khan <shuah@kernel.org>	2019-01-17 13:00:23 -0500
commit	3d244c192afeee7dd4f5fb1b916ea4e47420d401 (patch)
tree	eac7f01bb07996a0c0a8ff42283e8106a138a5d4 /tools
parent	508cacd7da6659ae7b7bdd0a335f675422277758 (diff)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c index 067cb4607d6c..496a9a8c773a 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3044,7 +3044,7 @@ TEST(user_notification_basic)
3044	/* Check that the basic notification machinery works */	3044	/* Check that the basic notification machinery works */
3045	listener = user_trap_syscall(__NR_getpid,	3045	listener = user_trap_syscall(__NR_getpid,
3046	SECCOMP_FILTER_FLAG_NEW_LISTENER);	3046	SECCOMP_FILTER_FLAG_NEW_LISTENER);
3047	EXPECT_GE(listener, 0);	3047	ASSERT_GE(listener, 0);
3048		3048
3049	/* Installing a second listener in the chain should EBUSY */	3049	/* Installing a second listener in the chain should EBUSY */
3050	EXPECT_EQ(user_trap_syscall(__NR_getpid,	3050	EXPECT_EQ(user_trap_syscall(__NR_getpid,
@@ -3103,7 +3103,7 @@ TEST(user_notification_kill_in_middle)
3103		3103
3104	listener = user_trap_syscall(__NR_getpid,	3104	listener = user_trap_syscall(__NR_getpid,
3105	SECCOMP_FILTER_FLAG_NEW_LISTENER);	3105	SECCOMP_FILTER_FLAG_NEW_LISTENER);
3106	EXPECT_GE(listener, 0);	3106	ASSERT_GE(listener, 0);
3107		3107
3108	/*	3108	/*
3109	* Check that nothing bad happens when we kill the task in the middle	3109	* Check that nothing bad happens when we kill the task in the middle
@@ -3152,7 +3152,7 @@ TEST(user_notification_signal)
3152		3152
3153	listener = user_trap_syscall(__NR_gettid,	3153	listener = user_trap_syscall(__NR_gettid,
3154	SECCOMP_FILTER_FLAG_NEW_LISTENER);	3154	SECCOMP_FILTER_FLAG_NEW_LISTENER);
3155	EXPECT_GE(listener, 0);	3155	ASSERT_GE(listener, 0);
3156		3156
3157	pid = fork();	3157	pid = fork();
3158	ASSERT_GE(pid, 0);	3158	ASSERT_GE(pid, 0);
@@ -3215,7 +3215,7 @@ TEST(user_notification_closed_listener)
3215		3215
3216	listener = user_trap_syscall(__NR_getpid,	3216	listener = user_trap_syscall(__NR_getpid,
3217	SECCOMP_FILTER_FLAG_NEW_LISTENER);	3217	SECCOMP_FILTER_FLAG_NEW_LISTENER);
3218	EXPECT_GE(listener, 0);	3218	ASSERT_GE(listener, 0);
3219		3219
3220	/*	3220	/*
3221	* Check that we get an ENOSYS when the listener is closed.	3221	* Check that we get an ENOSYS when the listener is closed.
@@ -3376,7 +3376,7 @@ TEST(seccomp_get_notif_sizes)
3376	{	3376	{
3377	struct seccomp_notif_sizes sizes;	3377	struct seccomp_notif_sizes sizes;
3378		3378
3379	EXPECT_EQ(seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes), 0);	3379	ASSERT_EQ(seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes), 0);
3380	EXPECT_EQ(sizes.seccomp_notif, sizeof(struct seccomp_notif));	3380	EXPECT_EQ(sizes.seccomp_notif, sizeof(struct seccomp_notif));
3381	EXPECT_EQ(sizes.seccomp_notif_resp, sizeof(struct seccomp_notif_resp));	3381	EXPECT_EQ(sizes.seccomp_notif_resp, sizeof(struct seccomp_notif_resp));
3382	}	3382	}