[PATCH 3/3] selftests/seccomp: Check ENOSYS under tracing
From: Kees Cook
Date: Sun Jul 05 2020 - 02:12:59 EST
There should be no difference between -1 and other negative syscalls
while tracing.
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
Cc: Will Drewry <wad@xxxxxxxxxxxx>
Cc: Will Deacon <will@xxxxxxxxxx>
Cc: Keno Fischer <keno@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 26 +++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 966dec340ea8..bf6aa06c435c 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -1973,6 +1973,32 @@ FIXTURE_TEARDOWN(TRACE_syscall)
teardown_trace_fixture(_metadata, self->tracer);
}
+TEST(negative_ENOSYS)
+{
+ /* Untraced negative syscalls should return ENOSYS. */
+ errno = 0;
+ EXPECT_EQ(-1, syscall(-1));
+ EXPECT_EQ(errno, ENOSYS);
+ errno = 0;
+ EXPECT_EQ(-1, syscall(-101));
+ EXPECT_EQ(errno, ENOSYS);
+}
+
+TEST_F(TRACE_syscall, negative_ENOSYS)
+{
+ /*
+ * There should be no difference between an "internal" skip
+ * and userspace asking for syscall "-1".
+ */
+ errno = 0;
+ EXPECT_EQ(-1, syscall(-1));
+ EXPECT_EQ(errno, ENOSYS);
+ /* And no difference for "still not valid but not -1". */
+ errno = 0;
+ EXPECT_EQ(-1, syscall(-101));
+ EXPECT_EQ(errno, ENOSYS);
+}
+
TEST_F(TRACE_syscall, syscall_allowed)
{
/* getppid works as expected (no changes). */
--
2.25.1