selftests/landlock: Test audit with restrict flags

Add audit_exec tests to filter Landlock denials according to
cross-execution or muted subdomains.

Add a wait-pipe-sandbox.c test program to sandbo

selftests/landlock: Test audit with restrict flags

Add audit_exec tests to filter Landlock denials according to
cross-execution or muted subdomains.

Add a wait-pipe-sandbox.c test program to sandbox itself and send a
(denied) signals to its parent.

Cc: Günther Noack <[email protected]>
Cc: Paul Moore <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Mickaël Salaün <[email protected]>

show more ...

selftests/landlock: Add layout1.umount_sandboxer tests

Check that a domain is not tied to the executable file that created it.
For instance, that could happen if a Landlock domain took a reference t

selftests/landlock: Add layout1.umount_sandboxer tests

Check that a domain is not tied to the executable file that created it.
For instance, that could happen if a Landlock domain took a reference to
a struct path.

Move global path names to common.h and replace copy_binary() with a more
generic copy_file() helper.

Test coverage for security/landlock is 92.7% of 1133 lines according to
gcc/gcov-14.

Cc: Günther Noack <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
[mic: Update date and add test coverage]
Signed-off-by: Mickaël Salaün <[email protected]>

show more ...

selftests/landlock: Fix build with non-default pthread linking

Old toolchains require explicit -lpthread (e.g. on Debian 11).

Cc: Nathan Chancellor <[email protected]>
Cc: Tahera Fahimi <fahimitahe

selftests/landlock: Fix build with non-default pthread linking

Old toolchains require explicit -lpthread (e.g. on Debian 11).

Cc: Nathan Chancellor <[email protected]>
Cc: Tahera Fahimi <[email protected]>
Fixes: c8994965013e ("selftests/landlock: Test signal scoping for threads")
Reviewed-by: Günther Noack <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Mickaël Salaün <[email protected]>

show more ...

selftests/landlock: Build without static libraries

The only (forced) static test binary doesn't depend on libcap. Because
using -lcap on systems that don't have such static library would fail
(e.g.

selftests/landlock: Build without static libraries

The only (forced) static test binary doesn't depend on libcap. Because
using -lcap on systems that don't have such static library would fail
(e.g. on Arch Linux), let's be more specific and require only dynamic
libcap linking.

Fixes: a52540522c95 ("selftests/landlock: Fix out-of-tree builds")
Cc: Anders Roxell <[email protected]>
Cc: Guillaume Tucker <[email protected]>
Cc: Mark Brown <[email protected]>
Cc: Shuah Khan <[email protected]>
Cc: [email protected]
Signed-off-by: Mickaël Salaün <[email protected]>
Link: https://lore.kernel.org/r/[email protected]

show more ...

selftests/landlock: Fix out-of-tree builds

These changes simplify the Makefile and handle these 5 ways to build
Landlock tests:
- make -C tools/testing/selftests/landlock
- make -C tools/testing/sel

selftests/landlock: Fix out-of-tree builds

These changes simplify the Makefile and handle these 5 ways to build
Landlock tests:
- make -C tools/testing/selftests/landlock
- make -C tools/testing/selftests TARGETS=landlock gen_tar
- make TARGETS=landlock kselftest-gen_tar
- make TARGETS=landlock O=build kselftest-gen_tar
- make -C /tmp/linux TARGETS=landlock O=/tmp/build kselftest-gen_tar

This also makes $(KHDR_INCLUDES) available to other test collections
when building in their directory.

Fixes: f1227dc7d041 ("selftests/landlock: fix broken include of linux/landlock.h")
Fixes: 3bb267a36185 ("selftests: drop khdr make target")
Cc: Anders Roxell <[email protected]>
Cc: Guillaume Tucker <[email protected]>
Cc: Mark Brown <[email protected]>
Cc: Shuah Khan <[email protected]>
Signed-off-by: Mickaël Salaün <[email protected]>
Link: https://lore.kernel.org/r/[email protected]

show more ...

selftests/landlock: fix broken include of linux/landlock.h

Revert part of the earlier changes to fix the kselftest build when
using a sub-directory from the top of the tree as this broke the
landloc

selftests/landlock: fix broken include of linux/landlock.h

Revert part of the earlier changes to fix the kselftest build when
using a sub-directory from the top of the tree as this broke the
landlock test build as a side-effect when building with "make -C
tools/testing/selftests/landlock".

Reported-by: Mickaël Salaün <[email protected]>
Fixes: a917dd94b832 ("selftests/landlock: drop deprecated headers dependency")
Fixes: f2745dc0ba3d ("selftests: stop using KSFT_KHDR_INSTALL")
Signed-off-by: Guillaume Tucker <[email protected]>
Signed-off-by: Shuah Khan <[email protected]>

show more ...

selftests/landlock: drop deprecated headers dependency

The khdr make target has been removed, so drop it from the landlock
Makefile dependencies as well as related include paths that are
standard fo

selftests/landlock: drop deprecated headers dependency

The khdr make target has been removed, so drop it from the landlock
Makefile dependencies as well as related include paths that are
standard for headers in the kernel tree.

Signed-off-by: Guillaume Tucker <[email protected]>
Reported-by: Anders Roxell <[email protected]>
Signed-off-by: Shuah Khan <[email protected]>

show more ...

selftests: stop using KSFT_KHDR_INSTALL

Stop using the KSFT_KHDR_INSTALL flag as installing the kernel headers
from the kselftest Makefile is causing some issues. Instead, rely on
the headers to be

selftests: stop using KSFT_KHDR_INSTALL

Stop using the KSFT_KHDR_INSTALL flag as installing the kernel headers
from the kselftest Makefile is causing some issues. Instead, rely on
the headers to be installed directly by the top-level Makefile
"headers_install" make target prior to building kselftest.

Signed-off-by: Guillaume Tucker <[email protected]>
Tested-by: Anders Roxell <[email protected]>
Signed-off-by: Shuah Khan <[email protected]>

show more ...

selftests: landlock: Add the uapi headers include variable

Out of tree build of this test fails if relative path of the output
directory is specified. Add the KHDR_INCLUDES to correctly reach the
he

selftests: landlock: Add the uapi headers include variable

Out of tree build of this test fails if relative path of the output
directory is specified. Add the KHDR_INCLUDES to correctly reach the
headers.

Signed-off-by: Muhammad Usama Anjum <[email protected]>
Reviewed-by: Mickaël Salaün <[email protected]>
Signed-off-by: Shuah Khan <[email protected]>

show more ...

selftests/landlock: Add user space tests

Test all Landlock system calls, ptrace hooks semantic and filesystem
access-control with multiple layouts.

Test coverage for security/landlock/ is 93.6% of

selftests/landlock: Add user space tests

Test all Landlock system calls, ptrace hooks semantic and filesystem
access-control with multiple layouts.

Test coverage for security/landlock/ is 93.6% of lines. The code not
covered only deals with internal kernel errors (e.g. memory allocation)
and race conditions.

Cc: James Morris <[email protected]>
Cc: Jann Horn <[email protected]>
Cc: Serge E. Hallyn <[email protected]>
Cc: Shuah Khan <[email protected]>
Signed-off-by: Mickaël Salaün <[email protected]>
Reviewed-by: Vincent Dagonneau <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: James Morris <[email protected]>

show more ...