Re: [PATCH] selftests/seccomp/seccomp_bpf: update for PTRACE_GET_SYSCALL_INFO
From: Kees Cook
Date: Tue Jul 09 2019 - 00:24:30 EST
On Mon, Jul 08, 2019 at 09:29:04PM +0300, Dmitry V. Levin wrote:
> The syscall entry/exit is now exposed via PTRACE_GETEVENTMSG,
> update the test accordingly.
Oh yes, thank you!
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
-Kees
>
> Reported-by: kernel test robot <rong.a.chen@xxxxxxxxx>
> Signed-off-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index dc66fe852768..6ef7f16c4cf5 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -1775,13 +1775,18 @@ void tracer_ptrace(struct __test_metadata *_metadata, pid_t tracee,
> unsigned long msg;
> static bool entry;
>
> - /* Make sure we got an empty message. */
> + /*
> + * The traditional way to tell PTRACE_SYSCALL entry/exit
> + * is by counting.
> + */
> + entry = !entry;
> +
> + /* Make sure we got an appropriate message. */
> ret = ptrace(PTRACE_GETEVENTMSG, tracee, NULL, &msg);
> EXPECT_EQ(0, ret);
> - EXPECT_EQ(0, msg);
> + EXPECT_EQ(entry ? PTRACE_EVENTMSG_SYSCALL_ENTRY
> + : PTRACE_EVENTMSG_SYSCALL_EXIT, msg);
>
> - /* The only way to tell PTRACE_SYSCALL entry/exit is by counting. */
> - entry = !entry;
> if (!entry)
> return;
>
> --
> ldv
--
Kees Cook