Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM

[PATCH bpf-next v7 0/8] MAC and Audit policy using eBPF (KRSI) · KP Singh <hidden> · 2020-03-26
[PATCH bpf-next v7 1/8] bpf: Introduce BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 1/8] bpf: Introduce BPF_PROG_TYPE_LSM · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 2/8] security: Refactor declaration of LSM hooks · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 2/8] security: Refactor declaration of LSM hooks · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 3/8] bpf: lsm: provide attachment points for BPF LSM programs · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 3/8] bpf: lsm: provide attachment points for BPF LSM programs · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · James Morris <jmorris@namei.org> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Stephen Smalley <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Stephen Smalley <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Casey Schaufler <casey@schaufler-ca.com> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Kees Cook <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Alexei Starovoitov <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
[PATCH bpf-next v7 5/8] bpf: lsm: Initialize the BPF LSM hooks · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 5/8] bpf: lsm: Initialize the BPF LSM hooks · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 6/8] tools/libbpf: Add support for BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 6/8] tools/libbpf: Add support for BPF_PROG_TYPE_LSM · James Morris <jmorris@namei.org> · 2020-03-27

From: KP Singh <hidden>
Date: 2020-03-26 19:44:08
Also in: bpf, lkml

On 26-Mär 12:24, Andrii Nakryiko wrote:

On Thu, Mar 26, 2020 at 7:30 AM KP Singh [off-list ref] wrote:

quoted

From: KP Singh <redacted>

* Load/attach a BPF program that hooks to file_mprotect (int)
  and bprm_committed_creds (void).
* Perform an action that triggers the hook.
* Verify if the audit event was received using the shared global
  variables for the process executed.
* Verify if the mprotect returns a -EPERM.

Signed-off-by: KP Singh <redacted>
Reviewed-by: Brendan Jackman <jackmanb@google.com>
Reviewed-by: Florent Revest <redacted>
Reviewed-by: Thomas Garnier <redacted>
---

Please fix endlines below. With that:

Acked-by: Andrii Nakryiko <redacted>

quoted

 tools/testing/selftests/bpf/config            |  2 +
 .../selftests/bpf/prog_tests/test_lsm.c       | 86 +++++++++++++++++++
 tools/testing/selftests/bpf/progs/lsm.c       | 48 +++++++++++
 3 files changed, 136 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/test_lsm.c
 create mode 100644 tools/testing/selftests/bpf/progs/lsm.c

[...]

quoted

+void test_test_lsm(void)
+{
+       struct lsm *skel = NULL;
+       int err, duration = 0;
+
+       skel = lsm__open_and_load();
+       if (CHECK(!skel, "skel_load", "lsm skeleton failed\n"))
+               goto close_prog;
+
+       err = lsm__attach(skel);
+       if (CHECK(err, "attach", "lsm attach failed: %d\n", err))
+               goto close_prog;
+
+       err = exec_cmd(&skel->bss->monitored_pid);
+       if (CHECK(err < 0, "exec_cmd", "err %d errno %d\n", err, errno))
+               goto close_prog;
+
+       CHECK(skel->bss->bprm_count != 1, "bprm_count", "bprm_count = %d",

\n is missing

Done.

quoted

+             skel->bss->bprm_count);
+
+       skel->bss->monitored_pid = getpid();
+
+       err = heap_mprotect();
+       if (CHECK(errno != EPERM, "heap_mprotect", "want errno=EPERM, got %d\n",
+                 errno))
+               goto close_prog;
+
+       CHECK(skel->bss->mprotect_count != 1, "mprotect_count",
+             "mprotect_count = %d", skel->bss->mprotect_count);

\n is missing

Done.

- KP

quoted

+
+close_prog:
+       lsm__destroy(skel);
+}

[...]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help