Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v6.17 2025-05-20T20:16:39Z 2025-05-20T20:16:39Z Sumanth Gavini sumanth.gavini@yahoo.com 2025-05-17T01:17:22Z urn:sha1:a9b33aae79cea2e55fd9204069a29b2e59f012a5 Fix misspelling reported by codespell Signed-off-by: Sumanth Gavini <sumanth.gavini@yahoo.com> Link: https://lore.kernel.org/r/20250517011725.1149510-1-sumanth.gavini@yahoo.com Signed-off-by: Kees Cook <kees@kernel.org> 2025-05-09T19:15:43Z Terry Tritton terry.tritton@linaro.org 2025-05-09T11:56:22Z urn:sha1:73989c998814d82c71d523c104c398925470d59e TRACE_syscall.ptrace.negative_ENOSYS and TRACE_syscall.seccomp.negative_ENOSYS on arm32 are being reported as failures instead of skipping. The teardown_trace_fixture function sets the test to KSFT_FAIL in case of a non 0 return value from the tracer process. Due to _metadata now being shared between the forked processes the tracer is returning the KSFT_SKIP value set by the tracee which is non 0. Remove the setting of the _metadata.exit_code in teardown_trace_fixture. Fixes: 24cf65a62266 ("selftests/harness: Share _metadata between forked processes") Signed-off-by: Terry Tritton <terry.tritton@linaro.org> Link: https://lore.kernel.org/r/20250509115622.64775-1-terry.tritton@linaro.org Signed-off-by: Kees Cook <kees@kernel.org> 2025-04-30T21:21:03Z Neill Kapron nkapron@google.com 2025-04-27T09:40:58Z urn:sha1:797002deed03491215a352ace891749b39741b69 The inconsistencies in the systcall ABI between arm and arm-compat can can cause a failure in the syscall_restart test due to the logic attempting to work around the differences. The 'machine' field for an ARM64 device running in compat mode can report 'armv8l' or 'armv8b' which matches with the string 'arm' when only examining the first three characters of the string. This change adds additional validation to the workaround logic to make sure we only take the arm path when running natively, not in arm-compat. Fixes: 256d0afb11d6 ("selftests/seccomp: build and pass on arm64") Signed-off-by: Neill Kapron <nkapron@google.com> Link: https://lore.kernel.org/r/20250427094103.3488304-2-nkapron@google.com Signed-off-by: Kees Cook <kees@kernel.org> 2025-02-10T17:26:19Z Kees Cook kees@kernel.org 2025-02-10T17:22:50Z urn:sha1:18f7686a1ce6b72e0ac61aa16f167eb931185cf1 Since headers don't always follow the selftests around correct, explicitly include the __NR_uretprobe syscall for better test coverage. Signed-off-by: Kees Cook <kees@kernel.org> 2025-02-06T21:19:14Z Eyal Birger eyal.birger@gmail.com 2025-02-02T16:29:21Z urn:sha1:c2debdb8544f415eaf9292a866d4073912eeb561 The uretprobe syscall is implemented as a performance enhancement on x86_64 by having the kernel inject a call to it on function exit; User programs cannot call this system call explicitly. As such, this syscall is considered a kernel implementation detail and should not be filtered by seccomp. Enhance the seccomp bpf test suite to check that uretprobes can be attached to processes without the killing the process regardless of seccomp policy. Signed-off-by: Eyal Birger <eyal.birger@gmail.com> Link: https://lore.kernel.org/r/20250202162921.335813-3-eyal.birger@gmail.com [kees: Skip archs without __NR_uretprobe] Signed-off-by: Kees Cook <kees@kernel.org> 2024-07-28T22:49:18Z Linus Torvalds torvalds@linux-foundation.org 2024-07-28T22:49:18Z urn:sha1:1a251f52cfdc417c84411a056bc142cbd77baef4 This just standardizes the use of MIN() and MAX() macros, with the very traditional semantics. The goal is to use these for C constant expressions and for top-level / static initializers, and so be able to simplify the min()/max() macros. These macro names were used by various kernel code - they are very traditional, after all - and all such users have been fixed up, with a few different approaches: - trivial duplicated macro definitions have been removed Note that 'trivial' here means that it's obviously kernel code that already included all the major kernel headers, and thus gets the new generic MIN/MAX macros automatically. - non-trivial duplicated macro definitions are guarded with #ifndef This is the "yes, they define their own versions, but no, the include situation is not entirely obvious, and maybe they don't get the generic version automatically" case. - strange use case #1 A couple of drivers decided that the way they want to describe their versioning is with #define MAJ 1 #define MIN 2 #define DRV_VERSION __stringify(MAJ) "." __stringify(MIN) which adds zero value and I just did my Alexander the Great impersonation, and rewrote that pointless Gordian knot as #define DRV_VERSION "1.2" instead. - strange use case #2 A couple of drivers thought that it's a good idea to have a random 'MIN' or 'MAX' define for a value or index into a table, rather than the traditional macro that takes arguments. These values were re-written as C enum's instead. The new function-line macros only expand when followed by an open parenthesis, and thus don't clash with enum use. Happily, there weren't really all that many of these cases, and a lot of users already had the pattern of using '#ifndef' guarding (or in one case just using '#undef MIN') before defining their own private version that does the same thing. I left such cases alone. Cc: David Laight <David.Laight@aculab.com> Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2024-07-16T20:12:16Z Linus Torvalds torvalds@linux-foundation.org 2024-07-16T20:12:16Z urn:sha1:1ca995edf838a70c7c0aba2de7fc6da57e22cbf3 Pull seccomp updates from Kees Cook: - interrupt SECCOMP_IOCTL_NOTIF_RECV when all users exit (Andrei Vagin) - Update selftests to check for expected NOTIF_RECV exits (Andrei Vagin) * tag 'seccomp-v6.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: selftests/seccomp: check that a zombie leader doesn't affect others selftests/seccomp: add test for NOTIF_RECV and unused filters seccomp: release task filters when the task exits seccomp: interrupt SECCOMP_IOCTL_NOTIF_RECV when all users have exited 2024-06-28T16:37:11Z Andrei Vagin avagin@google.com 2024-06-28T02:10:14Z urn:sha1:f0c508faea645da58d6ae6b644a1b68020d5a9d2 Ensure that a dead thread leader doesn't prevent installing new filters with SECCOMP_FILTER_FLAG_TSYNC from other threads. Signed-off-by: Andrei Vagin <avagin@google.com> Link: https://lore.kernel.org/r/20240628021014.231976-5-avagin@google.com Reviewed-by: Tycho Andersen <tandersen@netflix.com> Signed-off-by: Kees Cook <kees@kernel.org> 2024-06-28T16:37:11Z Andrei Vagin avagin@google.com 2024-06-28T02:10:13Z urn:sha1:39a73b4aa69aeb1adcf9960710c12842a4092b7a Add a new test case to check that SECCOMP_IOCTL_NOTIF_RECV returns when all tasks have gone. Signed-off-by: Andrei Vagin <avagin@google.com> Link: https://lore.kernel.org/r/20240628021014.231976-4-avagin@google.com Reviewed-by: Tycho Andersen <tandersen@netflix.com> Signed-off-by: Kees Cook <kees@kernel.org> 2024-06-11T15:25:43Z Amer Al Shanawany amer.shanawany@gmail.com 2024-06-11T15:16:08Z urn:sha1:04e1f99afe8bec27ad2d2726897ac8185bf0532c fix the following errors by using string format specifier and an empty parameter: seccomp_benchmark.c:197:24: warning: zero-length gnu_printf format string [-Wformat-zero-length] 197 | ksft_print_msg(""); | ^~ seccomp_benchmark.c:202:24: warning: zero-length gnu_printf format string [-Wformat-zero-length] 202 | ksft_print_msg(""); | ^~ seccomp_benchmark.c:204:24: warning: zero-length gnu_printf format string [-Wformat-zero-length] 204 | ksft_print_msg(""); | ^~ Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202312260235.Uj5ug8K9-lkp@intel.com/ Suggested-by: Kees Cook <kees@kernel.org> Signed-off-by: Amer Al Shanawany <amer.shanawany@gmail.com> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>