Re: Fw: seccomp selftest on s390
From: Jan Willeke
Date: Fri Aug 21 2015 - 08:21:12 EST
On Fri, 2015-08-20 at 23:33 , Kees Cook wrote:
> Hi!
>
> I don't have access to s390 running a modern kernel, so I've not been able
> to meaningfully run the seccomp selftest suite. In a quick review, I think
> the following is close to the missing pieces, but I can't verify it. :)
>
> Can someone let me know if this works, or otherwise check that the
> tools/testing/selftests/seccomp suite passes on s390?
>
> Thanks!
>
> -Kees
>
> --- seccomp_bpf.c.orig 2015-08-20 21:13:17.735789007 +0000
> +++ seccomp_bpf.c 2015-08-20 21:09:49.547879621 +0000
> @@ -1210,6 +1211,10 @@
> # define ARCH_REGS struct pt_regs
> # define SYSCALL_NUM gpr[0]
> # define SYSCALL_RET gpr[3]
> +#elif defined(__s390__)
> +# define ARCH_REGS s390_regs
> +# define SYSCALL_NUM gprs[1]
> +# define SYSCALL_RET gprs[2]
> #else
> # error "Do not know how to find your architecture's registers and
> syscalls"
> #endif
> @@ -1243,7 +1248,7 @@
> ret = ptrace(PTRACE_GETREGSET, tracee, NT_PRSTATUS, &iov);
> EXPECT_EQ(0, ret);
>
> -#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) ||
> defined(__powerpc__)
> +#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) ||
> defined(__powerpc__) || defined(__s390__)
> {
> regs.SYSCALL_NUM = syscall;
> }
>
> --
> Kees Cook
> Chrome OS Security
>
>
Hi Kees,
to compile the code warning free I added:
@@ -1409,6 +1413,8 @@ TEST_F(TRACE_syscall, syscall_dropped)
# define __NR_seccomp 277
# elif defined(__powerpc__)
# define __NR_seccomp 358
+# elif defined(__s390__)
+# define __NR_seccomp 348
# else
# warning "seccomp syscall number unknown for this architecture"
# define __NR_seccomp 0xffff
than I run the testcase on the linux next kernel, result:
./seccomp_bpf
[==========] Running 48 tests from 1 test cases.
...
[ OK ] TRACE_syscall.syscall_allowed
[ RUN ] TRACE_syscall.syscall_redirected
seccomp_bpf.c:1386:TRACE_syscall.syscall_redirected:Expected
self->parent (2774548873216) == syscall(20) (686)
seccomp_bpf.c:1387:TRACE_syscall.syscall_redirected:Expected self->mypid
(2946347565056) != syscall(20) (686)
[ FAIL ] TRACE_syscall.syscall_redirected
[ RUN ] TRACE_syscall.syscall_dropped
[ OK ] TRACE_syscall.syscall_dropped
...
[ RUN ] TSYNC.two_siblings_not_under_filter
[ OK ] TSYNC.two_siblings_not_under_filter
[ RUN ] global.syscall_restart
seccomp_bpf.c:2063:global.syscall_restart:Expected 168 (721554505728) ==
get_syscall(_metadata, child_pid) (14965540365812105216)
seccomp_bpf.c:2104:global.syscall_restart:Expected 7 (30064771072) ==
ret (18446744072899020716)
[ FAIL ] global.syscall_restart
[==========] 46 / 48 tests passed.
[ FAILED ]
I hope that helps you.
regards Jan
Linux on z Systems Development
----------------------------------------------------
IBM Deutschland Research & Development GmbH, Vorsitzende des
Aufsichtsrats:
Martina Koederitz, GeschÃftsfÃhrung: Dirk WittkoppSitz der Gesellschaft:
BÃblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/