summaryrefslogtreecommitdiffstats
path: root/tools/testing/selftests/seccomp
diff options
context:
space:
mode:
authorTerry Tritton <terry.tritton@linaro.org>2024-01-24 15:13:55 +0100
committerKees Cook <keescook@chromium.org>2024-02-01 19:16:03 +0100
commitecaaa55c9fa5e8058445a8b891070b12208cdb6d (patch)
tree97846584c70471b987504c9f62a312b324ef201c /tools/testing/selftests/seccomp
parentLinux 6.8-rc2 (diff)
downloadlinux-ecaaa55c9fa5e8058445a8b891070b12208cdb6d.tar.xz
linux-ecaaa55c9fa5e8058445a8b891070b12208cdb6d.zip
selftests/seccomp: Handle EINVAL on unshare(CLONE_NEWPID)
unshare(CLONE_NEWPID) can return EINVAL if the kernel does not have the CONFIG_PID_NS option enabled. Add a check on these calls to skip the test if we receive EINVAL. Signed-off-by: Terry Tritton <terry.tritton@linaro.org> Link: https://lore.kernel.org/r/20240124141357.1243457-2-terry.tritton@linaro.org Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'tools/testing/selftests/seccomp')
-rw-r--r--tools/testing/selftests/seccomp/seccomp_bpf.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 38f651469968..5e705674b706 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3709,7 +3709,12 @@ TEST(user_notification_sibling_pid_ns)
ASSERT_GE(pid, 0);
if (pid == 0) {
- ASSERT_EQ(unshare(CLONE_NEWPID), 0);
+ ASSERT_EQ(unshare(CLONE_NEWPID), 0) {
+ if (errno == EPERM)
+ SKIP(return, "CLONE_NEWPID requires CAP_SYS_ADMIN");
+ else if (errno == EINVAL)
+ SKIP(return, "CLONE_NEWPID is invalid (missing CONFIG_PID_NS?)");
+ }
pid2 = fork();
ASSERT_GE(pid2, 0);
@@ -3727,6 +3732,8 @@ TEST(user_notification_sibling_pid_ns)
ASSERT_EQ(unshare(CLONE_NEWPID), 0) {
if (errno == EPERM)
SKIP(return, "CLONE_NEWPID requires CAP_SYS_ADMIN");
+ else if (errno == EINVAL)
+ SKIP(return, "CLONE_NEWPID is invalid (missing CONFIG_PID_NS?)");
}
ASSERT_EQ(errno, 0);