From nobody Wed Feb 11 11:28:45 2026 Received: from mail-io1-f73.google.com (mail-io1-f73.google.com [209.85.166.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D57CB625 for ; Thu, 23 May 2024 01:45:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716428756; cv=none; b=fefbF7ZsJahE6S6q/TqdiN3sVP168oAXyS/B3OJo0u2M8fT3z1Nju4zS5pd6j1ttH1uBfSTkrrYCV3WiW6MewzV0odt2qCADtdzqwiaVHImq1UqBpnlkj/vxNvTZH1cqJLPgOQwx6Jkwu8xiMPF5IjtQMUpEJDbKq5mARONZasw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716428756; c=relaxed/simple; bh=eYOoMGgbzvCTJCnFKy+NrqSVjdDcHkefzuiJfYbWVKc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=NEBLolYt2uTGSKaVPJoKnbPKK/7khhLpKJbXDu1X0cPe4ziIWQiCo+e9J9Nu9NijxlvJ4ky5WrXqQC1NFVzddPs7jG3LsRf8xxogfU/g7ju3Nsr9osqwju9zeJKGe1Qwx7Ul/uv+qZ82YtzS7fjHuK4lML2PaquHz8AklkAUYZY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--avagin.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=wQm0MiVg; arc=none smtp.client-ip=209.85.166.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--avagin.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="wQm0MiVg" Received: by mail-io1-f73.google.com with SMTP id ca18e2360f4ac-7e6ff0120a5so104835739f.1 for ; Wed, 22 May 2024 18:45:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1716428754; x=1717033554; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=90S8FVGI4lULTqLMUztGMhKEB9V78n++cDdmXcmHde0=; b=wQm0MiVgCRZN6b5SkEUaCsdGTDFIZRNpJjGYnfQZ7GZuu6Aj6Gj1zKO49omw4Xy0/d pRc7Y5exAiLMDqSO03c9mwI9/gjUpujGmi/dQ74T9Ij3XmAiCVZ86KVeAStVfykzgz2T LyaU/7LclXkwkLn2dRXR8PGoS6cuvPGK4Z8rX22cNfKiDYh2dBE1SEbPq580hU2x49up pEbcMt7Twduvsvd4y/PQ/MUNNn34IMTFpZs16pXoV4UvHRYvs+A1aR0TSK94EVQ5EHzt tbtp5f3czh8d0jpiLb2xl46l1ysb5DL0A63pY9zsb2JkA7isy9r85xyfWSm9IWnRhTSY 7tZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716428754; x=1717033554; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=90S8FVGI4lULTqLMUztGMhKEB9V78n++cDdmXcmHde0=; b=LeCPkmE01XOlYSfiHtQGNDeRfKWvLle8RcUu9cTrAojX9r3+/64kpG93vXUZF4eBJ6 wIo/fDkslBJnwcprL6R1u330swI0sAHibkmB9Q1ApCQSEXteNMPydXFs8NZingtpafdQ pviS+qMBsb++DdnHK6LxrA2qBPIAAbAkC587fc9MdVmzLCPfrDURgXRIa9tKUh+BmQZH QVeW7rE6c+uvke+ApSp/jRgS6gT/kNtwH0KYV4F7tBc7QDSz3hhhOPTZg/CM6EsySIDx sKwaBKyi+3acFyVnHw0ZVp42aYXeoT7j3mdgD8skTJOecPo5ggmq/x7n5dYxu71kf4Rr ul+w== X-Gm-Message-State: AOJu0YypIozhi1mtnOvB/volbIe9fTqsrxeiAOfpv2IbqoVFC2Leclv1 2Wqw8KRw3lNjMbd0GTfASf68q9BqvfKGBzG45DYjN04bY9qxoittMmU3hSYcj9r2UsAq0ok9ymV NEg== X-Google-Smtp-Source: AGHT+IHZaJ8h6H/2ddjKrO6kfquqpPPoXurvqapCmvW0W4Aqyae7GBmlM7UVaTTLlo1kAQ3QEekyUx4uzoY= X-Received: from avagin.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:b84]) (user=avagin job=sendgmr) by 2002:a05:6602:3408:b0:7de:e10d:34e9 with SMTP id ca18e2360f4ac-7e3a0ca1247mr15866339f.4.1716428754022; Wed, 22 May 2024 18:45:54 -0700 (PDT) Date: Thu, 23 May 2024 01:45:38 +0000 In-Reply-To: <20240523014540.372255-1-avagin@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240523014540.372255-1-avagin@google.com> X-Mailer: git-send-email 2.45.1.288.g0e0cd299f1-goog Message-ID: <20240523014540.372255-2-avagin@google.com> Subject: [PATCH 1/3] seccomp: interrupt SECCOMP_IOCTL_NOTIF_RECV when all users have exited From: Andrei Vagin To: Kees Cook , Andy Lutomirski , Will Drewry , Oleg Nesterov , Christian Brauner Cc: linux-kernel@vger.kernel.org, Tycho Andersen , Andrei Vagin , Jens Axboe Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" SECCOMP_IOCTL_NOTIF_RECV promptly returns when a seccomp filter becomes unused, as a filter without users can't trigger any events. Previously, event listeners had to rely on epoll to detect when all processes had exited. The change is based on the 'commit 99cdb8b9a573 ("seccomp: notify about unused filter")' which implemented (E)POLLHUP notifications. Reviewed-by: Christian Brauner Signed-off-by: Andrei Vagin Reviewed-by: Oleg Nesterov --- kernel/seccomp.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/kernel/seccomp.c b/kernel/seccomp.c index f70e031e06a8..35435e8f1035 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -1466,7 +1466,7 @@ static int recv_wake_function(wait_queue_entry_t *wai= t, unsigned int mode, int s void *key) { /* Avoid a wakeup if event not interesting for us. */ - if (key && !(key_to_poll(key) & (EPOLLIN | EPOLLERR))) + if (key && !(key_to_poll(key) & (EPOLLIN | EPOLLERR | EPOLLHUP))) return 0; return autoremove_wake_function(wait, mode, sync, key); } @@ -1476,6 +1476,9 @@ static int recv_wait_event(struct seccomp_filter *fil= ter) DEFINE_WAIT_FUNC(wait, recv_wake_function); int ret; =20 + if (refcount_read(&filter->users) =3D=3D 0) + return 0; + if (atomic_dec_if_positive(&filter->notif->requests) >=3D 0) return 0; =20 @@ -1484,6 +1487,8 @@ static int recv_wait_event(struct seccomp_filter *fil= ter) =20 if (atomic_dec_if_positive(&filter->notif->requests) >=3D 0) break; + if (refcount_read(&filter->users) =3D=3D 0) + break; =20 if (ret) return ret; --=20 2.45.1.288.g0e0cd299f1-goog From nobody Wed Feb 11 11:28:45 2026 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 320604690 for ; Thu, 23 May 2024 01:45:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716428757; cv=none; b=Mb2UbSlHRAMOHvLp0XTCeh98hrmbNi7gawqk2B1/Nh5RwidA8GDIYGLe6OSIUXyb5Gl5ja9gzHBua8Seso1sPtja91R+MvIv1ue3lqCBQKq4SeRBb22H4+E63zSKPqToYKIoYnni6i/8l3CQzPaQ/j3M6RZ0ZgqLvO8ijdB7hA0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716428757; c=relaxed/simple; bh=WSYL46L/nY3J3dr73k57B+B68lsssSYG6HVzprwEcOg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=oIQg8+7MM9Ls52oVtAJnK5C3Mf7yn3xw+e11hpSljO/8wa0gLlAQYCyhOKqwBUK98BxX1e/RF3cNrdZdwzskwvHn9j6YxpveuH5veSHHL8GCcUHpXw3ynjABh7O02Vd20Ltj8dtoQWSl7qu/p9U+Z+Aex2GR8UXYKvaV7u49sro= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--avagin.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=WCuFWUaz; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--avagin.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="WCuFWUaz" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-627f644882eso7929847b3.0 for ; Wed, 22 May 2024 18:45:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1716428755; x=1717033555; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=sI+JSuHl+a4DbD/5uHc0jD/fV7+8U56yFV1emFa1PRU=; b=WCuFWUazR2CLAPJ7xIrXD6C37yObRgSkb+kmm6cPttW7cKxaxI31CeGfbPECmXWc5d gi0KuWJRby+lVV/g1Zxa9SskNF0zot+PLs63Ty8Pr/YQFYd776tD6G7BWTR7lbVLSYbI ECAXeMbPblQu0XJ6WFQqJUzLKir50sX5JamGPDbDCqc01jBojjXaf7xrTV1X6s6ISvQt tpoTzmm1xv5tCArTFrWeeLHFGmHROQDACHdTtAUg333RhGt8KvW5uSxb7akIUlvX4yob ijJYMFmYaNrgqPwNeJTfvCZFMccI0STXhVE8m89/zNdTi2NLREKXxRBCPLX9o0CWYYOI /+SQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716428755; x=1717033555; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=sI+JSuHl+a4DbD/5uHc0jD/fV7+8U56yFV1emFa1PRU=; b=CV9zDVt2BWWs+TgqpEnqaNcB5R57rZhUcVhTVzxYRESmagHLA6pBu2LHWsf1rlrzgj xePT7CTWYMBjfGOERKW//HAtF/cmTEQhnEhuoyLxWFT3hghWiWXh3zADkALcIkpUvQev mRdl2DtC8tr8lS28BGy5/FgT80ciyYpoSsL4Bt94WgxfJ1VSmv0avbQb6BLabmVWyoEu GvuKf+tf7g5w1uCmINhqHYW07hW2GzP/v/AU6CCa38fulKJSfNd/T/M++Wzgfs2LK9BY khnwhTELh1QnBAIoglckAO+nOpsKe291ctv08uNF0VYYEKVOE2Se0T5S+Czu3XUmJ8ph /tBQ== X-Gm-Message-State: AOJu0YzQfxECHly4VSnSGHV0IXSBpwuWxsUP97nU4G+0QxKGnGMIVmqQ qM+zD/Mx/DQL79HuYvl7DpGwhhBjcTuM5eGTmqBX7xA69ho6D/dIXRBR26irAWr48X9h+iSdcT/ 32A== X-Google-Smtp-Source: AGHT+IGzggF9SRJa2KGxbzPde9yDh3H2RVncowhv5qumXpCIUtEWlrOKKj4O8Q2p3Qh4iGD516BE6DZWLg8= X-Received: from avagin.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:b84]) (user=avagin job=sendgmr) by 2002:a05:6902:1894:b0:dee:6a2b:5fdb with SMTP id 3f1490d57ef6-df4e0aceda8mr347665276.3.1716428755262; Wed, 22 May 2024 18:45:55 -0700 (PDT) Date: Thu, 23 May 2024 01:45:39 +0000 In-Reply-To: <20240523014540.372255-1-avagin@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240523014540.372255-1-avagin@google.com> X-Mailer: git-send-email 2.45.1.288.g0e0cd299f1-goog Message-ID: <20240523014540.372255-3-avagin@google.com> Subject: [PATCH 2/3] seccomp: release task filters when the task exits From: Andrei Vagin To: Kees Cook , Andy Lutomirski , Will Drewry , Oleg Nesterov , Christian Brauner Cc: linux-kernel@vger.kernel.org, Tycho Andersen , Andrei Vagin , Jens Axboe Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Previously, seccomp filters were released in release_task(), which required the process to exit and its zombie to be collected. However, exited threads/processes can't trigger any seccomp events, making it more logical to release filters upon task exits. This adjustment simplifies scenarios where a parent is tracing its child process. The parent process can now handle all events from a seccomp listening descriptor and then call wait to collect a child zombie. seccomp_filter_release takes the siglock to avoid races with seccomp_sync_threads. There was an idea to bypass taking the lock by checking PF_EXITING, but it can be set without holding siglock if threads have SIGNAL_GROUP_EXIT. This means it can happen concurently with seccomp_filter_release. Signed-off-by: Andrei Vagin Reviewed-by: Oleg Nesterov --- kernel/exit.c | 3 ++- kernel/seccomp.c | 22 ++++++++++++++++------ 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/kernel/exit.c b/kernel/exit.c index 41a12630cbbc..23439c021d8d 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -278,7 +278,6 @@ void release_task(struct task_struct *p) } =20 write_unlock_irq(&tasklist_lock); - seccomp_filter_release(p); proc_flush_pid(thread_pid); put_pid(thread_pid); release_thread(p); @@ -836,6 +835,8 @@ void __noreturn do_exit(long code) io_uring_files_cancel(); exit_signals(tsk); /* sets PF_EXITING */ =20 + seccomp_filter_release(tsk); + acct_update_integrals(tsk); group_dead =3D atomic_dec_and_test(&tsk->signal->live); if (group_dead) { diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 35435e8f1035..67305e776dd3 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -502,6 +502,9 @@ static inline pid_t seccomp_can_sync_threads(void) /* Skip current, since it is initiating the sync. */ if (thread =3D=3D caller) continue; + /* Skip exited threads. */ + if (thread->flags & PF_EXITING) + continue; =20 if (thread->seccomp.mode =3D=3D SECCOMP_MODE_DISABLED || (thread->seccomp.mode =3D=3D SECCOMP_MODE_FILTER && @@ -563,18 +566,18 @@ static void __seccomp_filter_release(struct seccomp_f= ilter *orig) * @tsk: task the filter should be released from. * * This function should only be called when the task is exiting as - * it detaches it from its filter tree. As such, READ_ONCE() and - * barriers are not needed here, as would normally be needed. + * it detaches it from its filter tree. PF_EXITING has to be set + * for the task. */ void seccomp_filter_release(struct task_struct *tsk) { - struct seccomp_filter *orig =3D tsk->seccomp.filter; - - /* We are effectively holding the siglock by not having any sighand. */ - WARN_ON(tsk->sighand !=3D NULL); + struct seccomp_filter *orig; =20 + spin_lock_irq(¤t->sighand->siglock); + orig =3D tsk->seccomp.filter; /* Detach task from its filter tree. */ tsk->seccomp.filter =3D NULL; + spin_unlock_irq(¤t->sighand->siglock); __seccomp_filter_release(orig); } =20 @@ -602,6 +605,13 @@ static inline void seccomp_sync_threads(unsigned long = flags) if (thread =3D=3D caller) continue; =20 + /* + * Skip exited threads. seccomp_filter_release could have + * been already called for this task. + */ + if (thread->flags & PF_EXITING) + continue; + /* Get a task reference for the new leaf node. */ get_seccomp_filter(caller); =20 --=20 2.45.1.288.g0e0cd299f1-goog From nobody Wed Feb 11 11:28:45 2026 Received: from mail-io1-f74.google.com (mail-io1-f74.google.com [209.85.166.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 392726AAD for ; Thu, 23 May 2024 01:45:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716428758; cv=none; b=CqUjKGjmIVHWsJwhoIkm35vBFYpRNtCyp0g00y/1X820Il7egSPk8DsUSrEvUpUCJMPH+GALKlct/+pwZPVC1QcNVKpDCKvWXIJkZ0DFmc/TwMVkdEEY/JoBxpst/OVOyk1RRO124ekkbvSftp+YNL34RgdZqxy+TVOLbTVgVss= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716428758; c=relaxed/simple; bh=2S6WaDA16P3nNEFVc4XPd5L9qqvHkgJjG7hZLrjRid8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=EZBu/6YQ72BFb1LNKgsPXLA5Cf4+mQJW9WAbESbjU7prZriu8Z+GeScQU/JttVk6BwZzAHIaW/C2MS7K9uyGdIJwmTENZQq9jHL80cWT4VO2WQyy1dbeyB9iDZU0gH4Yj1IytSigntTuwJhrH3atYHD0mX2G9535rlsiJYr8k5A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--avagin.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=2ODVpdtn; arc=none smtp.client-ip=209.85.166.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--avagin.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="2ODVpdtn" Received: by mail-io1-f74.google.com with SMTP id ca18e2360f4ac-7e17a8bed9eso100107439f.0 for ; Wed, 22 May 2024 18:45:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1716428756; x=1717033556; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=v1vR6mjHSHfrdNH20F11UDXUiGSe7CBzDx3Qfe5mwFA=; b=2ODVpdtnCEW/DRBUAF2ArUEz5ToG3iKhmd9vImoiMyES5uYVS6LWtA70m99LwKv6Yg wWe5jx1KN7n3MiY16z/NmXKUP0GSWPTtNWXN9TnlsZHo4zrrrZJa9jl359RIGWSSfXKr sG8LdQUnTPIavzivFPihAFtVU5PhkIOoG7ozWlFFkP/DhZ6V2lmuUdMQiv6bVQv4+Aiw XQ4/kN2bq1fpfEr9mz/dZi2y6vXEL5mcjZQZf19lYFpZ6AGPDQHQo/7lsKD4U7zSZGpQ IbM0CL+psv/86hab3ew0FfPTS5gZ8gX7AFTDlNa4e+q51LmTRxMXDNMZOXAh9vVN1Idk C+Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716428756; x=1717033556; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=v1vR6mjHSHfrdNH20F11UDXUiGSe7CBzDx3Qfe5mwFA=; b=OXvEWU8AsJZu2Bc+XVHYsmHF/EMID67PMnSoksqHJi7R8xaMQvhavW6aE+tzKPmSp1 1xcpA1QHrfYFXiKJxPrLcf0BRA5CPTxmVoOk8bvXWAAtcYY0SychnmrdYgTzKcg7EBXk sbFkATDsv9C5Up0YVdbzKqrJb5i9bp2daSF8Ket+KtyxQS+vtiGFWx7uiAQ7fn4WBCGU UEsvZupYn+aMTstLtq4/yQSLTHGgZmaVtRKLNsWeIB1dDwCTGyMQYkEZsqwOGtCNIKGC MsX/uL/SwPrkuUt8CVMmMJh5T9SOxCi4Xg/sGbY4dtaZpot2TnBAmtS09GLp93coAf4/ LdBg== X-Gm-Message-State: AOJu0Yz3snD3AvmeL9Nu+YNAmgesDvAO2f85mNCnic/af/Jb5fW/Q9Su rY49RVCy8icGMdeBhfCXnvbaQGA/tx7V/8a9TCblifmwGK7cvhs3y1GX/hvK+MA9r1X74lhc/M2 QQQ== X-Google-Smtp-Source: AGHT+IEbODWv9K2tpzg8xHV4V5D+WdJthqOhAYDkCC1u0RF5N4DiseepW/GU7rlhdv4cPVzNESRkk6f8OD8= X-Received: from avagin.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:b84]) (user=avagin job=sendgmr) by 2002:a05:6638:2c0a:b0:48a:37e1:a543 with SMTP id 8926c6da1cb9f-4afe3db6b82mr56219173.6.1716428756452; Wed, 22 May 2024 18:45:56 -0700 (PDT) Date: Thu, 23 May 2024 01:45:40 +0000 In-Reply-To: <20240523014540.372255-1-avagin@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240523014540.372255-1-avagin@google.com> X-Mailer: git-send-email 2.45.1.288.g0e0cd299f1-goog Message-ID: <20240523014540.372255-4-avagin@google.com> Subject: [PATCH 3/3] selftests/seccomp: add test for NOTIF_RECV and unused filters From: Andrei Vagin To: Kees Cook , Andy Lutomirski , Will Drewry , Oleg Nesterov , Christian Brauner Cc: linux-kernel@vger.kernel.org, Tycho Andersen , Andrei Vagin , Jens Axboe Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a new test case to check that SECCOMP_IOCTL_NOTIF_RECV returns when all tasks have gone. Signed-off-by: Andrei Vagin --- tools/testing/selftests/seccomp/seccomp_bpf.c | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/= selftests/seccomp/seccomp_bpf.c index 783ebce8c4de..390781d7c951 100644 --- a/tools/testing/selftests/seccomp/seccomp_bpf.c +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c @@ -3954,6 +3954,60 @@ TEST(user_notification_filter_empty) EXPECT_GT((pollfd.revents & POLLHUP) ?: 0, 0); } =20 +TEST(user_ioctl_notification_filter_empty) +{ + pid_t pid; + long ret; + int status, p[2]; + struct __clone_args args =3D { + .flags =3D CLONE_FILES, + .exit_signal =3D SIGCHLD, + }; + struct seccomp_notif req =3D {}; + + ret =3D prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + ASSERT_EQ(0, ret) { + TH_LOG("Kernel does not support PR_SET_NO_NEW_PRIVS!"); + } + + if (__NR_clone3 < 0) + SKIP(return, "Test not built with clone3 support"); + + ASSERT_EQ(0, pipe(p)); + + pid =3D sys_clone3(&args, sizeof(args)); + ASSERT_GE(pid, 0); + + if (pid =3D=3D 0) { + int listener; + + listener =3D user_notif_syscall(__NR_mknodat, SECCOMP_FILTER_FLAG_NEW_LI= STENER); + if (listener < 0) + _exit(EXIT_FAILURE); + + if (dup2(listener, 200) !=3D 200) + _exit(EXIT_FAILURE); + close(p[1]); + close(listener); + sleep(1); + + _exit(EXIT_SUCCESS); + } + if (read(p[0], &status, 1) !=3D 0) + _exit(EXIT_SUCCESS); + close(p[0]); + /* + * The seccomp filter has become unused so we should be notified once + * the kernel gets around to cleaning up task struct. + */ + EXPECT_EQ(ioctl(200, SECCOMP_IOCTL_NOTIF_RECV, &req), -1); + EXPECT_EQ(errno, ENOENT); + + EXPECT_EQ(waitpid(pid, &status, 0), pid); + EXPECT_EQ(true, WIFEXITED(status)); + EXPECT_EQ(0, WEXITSTATUS(status)); +} + static void *do_thread(void *data) { return NULL; --=20 2.45.1.288.g0e0cd299f1-goog