Skip to content

Commit b5014ad

Browse files
jstancekjstancek
committed
syscalls/clone302: drop CLONE_CHILD_SETTID and CLONE_PARENT_SETTID
Per https://lore.kernel.org/linux-m68k/20200627122332.ki2otaiw3v7wndbl@wittgenstein/T/#u EFAULT isn't propagated back to userspace so these will always appear to succeed. Also issue is that multiple flags are tested together and some arguments persisted between calls, because they were set only when argument != NULL. Cc: Christian Brauner <[email protected]> Reported-by: Naresh Kamboju <[email protected]> Signed-off-by: Jan Stancek <[email protected]> Acked-by: Viresh Kumar <[email protected]> Acked-by: Christian Brauner <[email protected]>
1 parent 21721a3 commit b5014ad

File tree

1 file changed

+23
-19
lines changed

1 file changed

+23
-19
lines changed

testcases/kernel/syscalls/clone3/clone302.c

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -21,27 +21,33 @@ static struct tcase {
2121
size_t size;
2222
uint64_t flags;
2323
int **pidfd;
24-
int **child_tid;
25-
int **parent_tid;
2624
int exit_signal;
2725
unsigned long stack;
2826
unsigned long stack_size;
2927
unsigned long tls;
3028
int exp_errno;
3129
} tcases[] = {
32-
{"invalid args", &invalid_args, sizeof(*valid_args), 0, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EFAULT},
33-
{"zero size", &valid_args, 0, 0, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EINVAL},
34-
{"short size", &valid_args, sizeof(*valid_args) - 1, 0, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EINVAL},
35-
{"extra size", &valid_args, sizeof(*valid_args) + 1, 0, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EFAULT},
36-
{"sighand-no-VM", &valid_args, sizeof(*valid_args), CLONE_SIGHAND, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EINVAL},
37-
{"thread-no-sighand", &valid_args, sizeof(*valid_args), CLONE_THREAD, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EINVAL},
38-
{"fs-newns", &valid_args, sizeof(*valid_args), CLONE_FS | CLONE_NEWNS, NULL, NULL, NULL, SIGCHLD, 0, 0, 0, EINVAL},
39-
{"invalid pidfd", &valid_args, sizeof(*valid_args), CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_PIDFD, &invalid_address, NULL, NULL, SIGCHLD, 0, 0, 0, EFAULT},
40-
{"invalid childtid", &valid_args, sizeof(*valid_args), CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_PIDFD, NULL, &invalid_address, NULL, SIGCHLD, 0, 0, 0, EFAULT},
41-
{"invalid parenttid", &valid_args, sizeof(*valid_args), CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_PIDFD, NULL, NULL, &invalid_address, SIGCHLD, 0, 0, 0, EFAULT},
42-
{"invalid signal", &valid_args, sizeof(*valid_args), 0, NULL, NULL, NULL, CSIGNAL + 1, 0, 0, 0, EINVAL},
43-
{"zero-stack-size", &valid_args, sizeof(*valid_args), 0, NULL, NULL, NULL, SIGCHLD, (unsigned long)&stack, 0, 0, EINVAL},
44-
{"invalid-stack", &valid_args, sizeof(*valid_args), 0, NULL, NULL, NULL, SIGCHLD, 0, 4, 0, EINVAL},
30+
{"invalid args", &invalid_args, sizeof(*valid_args), 0, NULL, SIGCHLD, 0, 0, 0, EFAULT},
31+
{"zero size", &valid_args, 0, 0, NULL, SIGCHLD, 0, 0, 0, EINVAL},
32+
{"short size", &valid_args, sizeof(*valid_args) - 1, 0, NULL, SIGCHLD, 0, 0, 0, EINVAL},
33+
{"extra size", &valid_args, sizeof(*valid_args) + 1, 0, NULL, SIGCHLD, 0, 0, 0, EFAULT},
34+
{"sighand-no-VM", &valid_args, sizeof(*valid_args), CLONE_SIGHAND, NULL, SIGCHLD, 0, 0, 0, EINVAL},
35+
{"thread-no-sighand", &valid_args, sizeof(*valid_args), CLONE_THREAD, NULL, SIGCHLD, 0, 0, 0, EINVAL},
36+
{"fs-newns", &valid_args, sizeof(*valid_args), CLONE_FS | CLONE_NEWNS, NULL, SIGCHLD, 0, 0, 0, EINVAL},
37+
{"invalid pidfd", &valid_args, sizeof(*valid_args), CLONE_PIDFD, &invalid_address, SIGCHLD, 0, 0, 0, EFAULT},
38+
{"invalid signal", &valid_args, sizeof(*valid_args), 0, NULL, CSIGNAL + 1, 0, 0, 0, EINVAL},
39+
{"zero-stack-size", &valid_args, sizeof(*valid_args), 0, NULL, SIGCHLD, (unsigned long)&stack, 0, 0, EINVAL},
40+
{"invalid-stack", &valid_args, sizeof(*valid_args), 0, NULL, SIGCHLD, 0, 4, 0, EINVAL},
41+
/*
42+
* Don't test CLONE_CHILD_SETTID and CLONE_PARENT_SETTID:
43+
* When the parent tid is written to the memory location for
44+
* CLONE_PARENT_SETTID we're past the point of no return of process
45+
* creation, i.e. the return value from put_user() isn't checked and
46+
* can't be checked anymore so you'd never receive EFAULT for a bogus
47+
* parent_tid memory address.
48+
*
49+
* https://lore.kernel.org/linux-m68k/20200627122332.ki2otaiw3v7wndbl@wittgenstein/T/#u
50+
*/
4551
};
4652

4753
static void setup(void)
@@ -63,10 +69,8 @@ static void run(unsigned int n)
6369
args->flags = tc->flags;
6470
if (tc->pidfd)
6571
args->pidfd = (uint64_t)(*tc->pidfd);
66-
if (tc->child_tid)
67-
args->child_tid = (uint64_t)(*tc->child_tid);
68-
if (tc->parent_tid)
69-
args->parent_tid = (uint64_t)(*tc->parent_tid);
72+
else
73+
args->pidfd = 0;
7074
args->exit_signal = tc->exit_signal;
7175
args->stack = tc->stack;
7276
args->stack_size = tc->stack_size;

0 commit comments

Comments
 (0)