review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	KP Singh <kpsingh@google.com>
	Tue, 17 Nov 2020 23:29:29 +0000 (23:29 +0000)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Wed, 18 Nov 2020 00:36:27 +0000 (01:36 +0100)
commit	ea87ae85c9b31303a2e9d4c769d9f3ee8a3a60d1
tree	c24c955af692e647e500359f902c3188ecbaef6e	tree \| snapshot
parent	3f6719c7b62f0327c9091e26d0da10e65668229e	commit \| diff

bpf: Add tests for bpf_bprm_opts_set helper

The test forks a child process, updates the local storage to set/unset
the securexec bit.

The BPF program in the test attaches to bprm_creds_for_exec which checks
the local storage of the current task to set the secureexec bit on the
binary parameters (bprm).

The child then execs a bash command with the environment variable
TMPDIR set in the envp. The bash command returns a different exit code
based on its observed value of the TMPDIR variable.

Since TMPDIR is one of the variables that is ignored by the dynamic
loader when the secureexec bit is set, one should expect the
child execution to not see this value when the secureexec bit is set.

Signed-off-by: KP Singh <kpsingh@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Link: https://lore.kernel.org/bpf/20201117232929.2156341-2-kpsingh@chromium.org

tools/testing/selftests/bpf/prog_tests/test_bprm_opts.c	[new file with mode: 0644]	blob
tools/testing/selftests/bpf/progs/bprm_opts.c	[new file with mode: 0644]	blob