Re: [PATCH] seccomp: fix SECCOMP_USER_NOTIF_FLAG_CONTINUE test

2019-10-21 Thread Kees Cook 
On Mon, Oct 21, 2019 at 07:50:13AM -0600, Tycho Andersen wrote:
> On Mon, Oct 21, 2019 at 11:10:55AM +0200, Christian Brauner wrote:
> > The ifndef for SECCOMP_USER_NOTIF_FLAG_CONTINUE was placed under the
> > ifndef for the SECCOMP_FILTER_FLAG_NEW_LISTENER feature. This will not
> > work on systems that do support SECCOMP_FILTER_FLAG_NEW_LISTENER but do not
> > support SECCOMP_USER_NOTIF_FLAG_CONTINUE. So move the latter ifndef out of
> > the former ifndef's scope.
> > 
> > 2019-10-20 11:14:01 make run_tests -C seccomp
> > make: Entering directory 
> > '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
> > gcc -Wl,-no-as-needed -Wall  seccomp_bpf.c -lpthread -o seccomp_bpf
> > seccomp_bpf.c: In function ‘user_notification_continue’:
> > seccomp_bpf.c:3562:15: error: ‘SECCOMP_USER_NOTIF_FLAG_CONTINUE’ undeclared 
> > (first use in this function)
> >   resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
> >^~~~
> > seccomp_bpf.c:3562:15: note: each undeclared identifier is reported only 
> > once for each function it appears in
> > Makefile:12: recipe for target 'seccomp_bpf' failed
> > make: *** [seccomp_bpf] Error 1
> > make: Leaving directory 
> > '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
> > 
> > Reported-by: kernel test robot 
> > Fixes: 0eebfed2954f ("seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE")
> > Cc: linux-kselft...@vger.kernel.org
> > Signed-off-by: Christian Brauner 
> 
> Reviewed-by: Tycho Andersen 

Thanks! Applied to my for-next/seccomp tree.

-- 
Kees Cook

Re: [PATCH] seccomp: fix SECCOMP_USER_NOTIF_FLAG_CONTINUE test

2019-10-21 Thread Tycho Andersen 
On Mon, Oct 21, 2019 at 11:10:55AM +0200, Christian Brauner wrote:
> The ifndef for SECCOMP_USER_NOTIF_FLAG_CONTINUE was placed under the
> ifndef for the SECCOMP_FILTER_FLAG_NEW_LISTENER feature. This will not
> work on systems that do support SECCOMP_FILTER_FLAG_NEW_LISTENER but do not
> support SECCOMP_USER_NOTIF_FLAG_CONTINUE. So move the latter ifndef out of
> the former ifndef's scope.
> 
> 2019-10-20 11:14:01 make run_tests -C seccomp
> make: Entering directory 
> '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
> gcc -Wl,-no-as-needed -Wall  seccomp_bpf.c -lpthread -o seccomp_bpf
> seccomp_bpf.c: In function ‘user_notification_continue’:
> seccomp_bpf.c:3562:15: error: ‘SECCOMP_USER_NOTIF_FLAG_CONTINUE’ undeclared 
> (first use in this function)
>   resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
>^~~~
> seccomp_bpf.c:3562:15: note: each undeclared identifier is reported only once 
> for each function it appears in
> Makefile:12: recipe for target 'seccomp_bpf' failed
> make: *** [seccomp_bpf] Error 1
> make: Leaving directory 
> '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
> 
> Reported-by: kernel test robot 
> Fixes: 0eebfed2954f ("seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE")
> Cc: linux-kselft...@vger.kernel.org
> Signed-off-by: Christian Brauner 

Reviewed-by: Tycho Andersen

[PATCH] seccomp: fix SECCOMP_USER_NOTIF_FLAG_CONTINUE test

2019-10-21 Thread Christian Brauner 
The ifndef for SECCOMP_USER_NOTIF_FLAG_CONTINUE was placed under the
ifndef for the SECCOMP_FILTER_FLAG_NEW_LISTENER feature. This will not
work on systems that do support SECCOMP_FILTER_FLAG_NEW_LISTENER but do not
support SECCOMP_USER_NOTIF_FLAG_CONTINUE. So move the latter ifndef out of
the former ifndef's scope.

2019-10-20 11:14:01 make run_tests -C seccomp
make: Entering directory 
'/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
gcc -Wl,-no-as-needed -Wall  seccomp_bpf.c -lpthread -o seccomp_bpf
seccomp_bpf.c: In function ‘user_notification_continue’:
seccomp_bpf.c:3562:15: error: ‘SECCOMP_USER_NOTIF_FLAG_CONTINUE’ undeclared 
(first use in this function)
  resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
   ^~~~
seccomp_bpf.c:3562:15: note: each undeclared identifier is reported only once 
for each function it appears in
Makefile:12: recipe for target 'seccomp_bpf' failed
make: *** [seccomp_bpf] Error 1
make: Leaving directory 
'/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'

Reported-by: kernel test robot 
Fixes: 0eebfed2954f ("seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE")
Cc: linux-kselft...@vger.kernel.org
Signed-off-by: Christian Brauner 
---
 tools/testing/selftests/seccomp/seccomp_bpf.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c 
b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 2519377ebda3..9669b81086cf 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -168,10 +168,6 @@ struct seccomp_metadata {
 
 #define SECCOMP_RET_USER_NOTIF 0x7fc0U
 
-#ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
-#define SECCOMP_USER_NOTIF_FLAG_CONTINUE 0x0001
-#endif
-
 #define SECCOMP_IOC_MAGIC  '!'
 #define SECCOMP_IO(nr) _IO(SECCOMP_IOC_MAGIC, nr)
 #define SECCOMP_IOR(nr, type)  _IOR(SECCOMP_IOC_MAGIC, nr, type)
@@ -205,6 +201,10 @@ struct seccomp_notif_sizes {
 };
 #endif
 
+#ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
+#define SECCOMP_USER_NOTIF_FLAG_CONTINUE 0x0001
+#endif
+
 #ifndef seccomp
 int seccomp(unsigned int op, unsigned int flags, void *args)
 {
-- 
2.23.0