Skip to content

Commit f3f60b2

Browse files
mdouchapevik
mdoucha
authored and
pevik
committed
Simplify syscalls/bind06 using new taint check API
The bug causes kernel crash when the process that performed the race exits. Now that taint checks are integrated in the LTP library, forking a child is no longer necessary. Reviewed-by: Petr Vorel <[email protected]> Signed-off-by: Martin Doucha <[email protected]>
1 parent bcdadd7 commit f3f60b2

File tree

1 file changed

+14
-32
lines changed

1 file changed

+14
-32
lines changed

testcases/kernel/syscalls/bind/bind06.c

Lines changed: 14 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,6 @@
2323
#include <sched.h>
2424
#include "tst_test.h"
2525
#include "tst_fuzzy_sync.h"
26-
#include "tst_taint.h"
2726

2827
static volatile int fd = -1;
2928
static struct sockaddr_ll addr1, addr2;
@@ -35,8 +34,6 @@ static void setup(void)
3534
int real_gid = getgid();
3635
struct ifreq ifr;
3736

38-
tst_taint_init(TST_TAINT_W | TST_TAINT_D);
39-
4037
SAFE_UNSHARE(CLONE_NEWUSER);
4138
SAFE_UNSHARE(CLONE_NEWNET);
4239
SAFE_FILE_PRINTF("/proc/self/setgroups", "deny");
@@ -51,9 +48,18 @@ static void setup(void)
5148
addr1.sll_family = AF_PACKET;
5249
addr1.sll_ifindex = ifr.ifr_ifindex;
5350
addr2.sll_family = AF_PACKET;
51+
52+
fzsync_pair.exec_loops = 10000;
53+
tst_fzsync_pair_init(&fzsync_pair);
5454
}
5555

56-
static void do_bind(void) {
56+
static void cleanup(void)
57+
{
58+
tst_fzsync_pair_cleanup(&fzsync_pair);
59+
}
60+
61+
static void do_bind(void)
62+
{
5763
bind(fd, (struct sockaddr *)&addr1, sizeof(addr1));
5864
bind(fd, (struct sockaddr *)&addr2, sizeof(addr2));
5965
}
@@ -69,12 +75,10 @@ static void *thread_run(void *arg)
6975
return arg;
7076
}
7177

72-
static void child_run(void)
78+
static void run(void)
7379
{
7480
struct ifreq ifr;
7581

76-
fzsync_pair.exec_loops = 10000;
77-
tst_fzsync_pair_init(&fzsync_pair);
7882
tst_fzsync_pair_reset(&fzsync_pair, thread_run);
7983
strcpy(ifr.ifr_name, "lo");
8084

@@ -87,39 +91,17 @@ static void child_run(void)
8791
ioctl(fd, SIOCSIFFLAGS, &ifr);
8892
tst_fzsync_end_race_a(&fzsync_pair);
8993
SAFE_CLOSE(fd);
90-
91-
}
92-
93-
tst_fzsync_pair_cleanup(&fzsync_pair);
94-
}
95-
96-
static void run(void)
97-
{
98-
pid_t child;
99-
100-
/* The kernel crash is triggered on process exit. */
101-
child = SAFE_FORK();
102-
103-
if (!child) {
104-
child_run();
105-
exit(0);
106-
}
107-
108-
SAFE_WAITPID(child, NULL, 0);
109-
110-
if (tst_taint_check()) {
111-
tst_res(TFAIL, "Kernel is vulnerable");
112-
return;
11394
}
11495

115-
tst_res(TPASS, "Nothing bad happened, probably");
96+
tst_res(TPASS, "Nothing bad happened (yet)");
11697
}
11798

11899
static struct tst_test test = {
119100
.test_all = run,
120101
.setup = setup,
102+
.cleanup = cleanup,
121103
.timeout = 600,
122-
.forks_child = 1,
104+
.taint_check = TST_TAINT_W | TST_TAINT_D,
123105
.needs_kconfigs = (const char *[]) {
124106
"CONFIG_USER_NS=y",
125107
"CONFIG_NET_NS=y",

0 commit comments

Comments
 (0)