kernel/tools/testing/selftests/landlock/net_test.c, branch linux-rolling-stable

selftests/landlock: Add missing connect(minimal AF_UNSPEC) test

2025-12-26T19:38:57Z

connect_variant(unspec_any0) is called twice. Both calls end up in connect_variant_addrlen() with an address length of get_addrlen(minimal=false). However, the connect() syscall and its variants (e.g. iouring/compat) accept much shorter addresses of 4 bytes and that behaviour was not tested. Replace one of these calls with one using a minimal address length (just a bare sa_family=AF_UNSPEC field with no actual address). Also add a call using a truncated address for good measure. Signed-off-by: Matthieu Buffet Link: https://lore.kernel.org/r/20251027190726.626244-3-matthieu@buffet.re Signed-off-by: Mickaël Salaün

selftests/landlock: Fix TCP bind(AF_UNSPEC) test case

2025-12-26T19:38:57Z

The nominal error code for bind(AF_UNSPEC) on an IPv6 socket is -EAFNOSUPPORT, not -EINVAL. -EINVAL is only returned when the supplied address struct is too short, which happens to be the case in current selftests because they treat AF_UNSPEC like IPv4 sockets do: as an alias for AF_INET (which is a 16-byte struct instead of the 24 bytes required by IPv6 sockets). Make the union large enough for any address (by adding struct sockaddr_storage to the union), and make AF_UNSPEC addresses large enough for any family. Test for -EAFNOSUPPORT instead, and add a dedicated test case for truncated inputs with -EINVAL. Fixes: a549d055a22e ("selftests/landlock: Add network tests") Signed-off-by: Matthieu Buffet Link: https://lore.kernel.org/r/20251027190726.626244-2-matthieu@buffet.re Signed-off-by: Mickaël Salaün

selftests/landlock: Add audit tests for network

2025-03-26T12:59:48Z

Test all network blockers: - net.bind_tcp - net.connect_tcp Test coverage for security/landlock is 94.0% of 1525 lines according to gcc/gcov-14. Cc: Günther Noack Cc: Paul Moore Link: https://lore.kernel.org/r/20250320190717.2287696-28-mic@digikod.net [mic: Update test coverage] Signed-off-by: Mickaël Salaün

selftests/landlock: Test that MPTCP actions are not restricted

2025-02-14T08:23:10Z

Extend protocol fixture with test suits for MPTCP protocol. Add CONFIG_MPTCP and CONFIG_MPTCP_IPV6 options in config. Signed-off-by: Mikhail Ivanov Link: https://lore.kernel.org/r/20250205093651.1424339-4-ivanov.mikhail1@huawei-partners.com Cc: # 6.7.x Signed-off-by: Mickaël Salaün

selftests/landlock: Test TCP accesses with protocol=IPPROTO_TCP

2025-02-14T08:23:09Z

Extend protocol_variant structure with protocol field (Cf. socket(2)). Extend protocol fixture with TCP test suits with protocol=IPPROTO_TCP which can be used as an alias for IPPROTO_IP (=0) in socket(2). Signed-off-by: Mikhail Ivanov Link: https://lore.kernel.org/r/20250205093651.1424339-3-ivanov.mikhail1@huawei-partners.com Cc: # 6.7.x Signed-off-by: Mickaël Salaün

selftests/landlock: Test abstract UNIX socket scoping

2024-09-16T21:50:48Z

Add three tests that examine different scenarios for abstract UNIX socket: 1) scoped_domains: Base tests of the abstract socket scoping mechanism for a landlocked process, same as the ptrace test. 2) scoped_vs_unscoped: Generates three processes with different domains and tests if a process with a non-scoped domain can connect to other processes. 3) outside_socket: Since the socket's creator credentials are used for scoping sockets, this test examines the cases where the socket's credentials are different from the process using it. Move protocol_variant, service_fixture, and sys_gettid() from net_test.c to common.h, and factor out code into a new set_unix_address() helper. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/9321c3d3bcd9212ceb4b50693e29349f8d625e16.1725494372.git.fahimitahera@gmail.com [mic: Fix commit message, remove useless clang-format tags, move drop_caps() calls, move and rename variables, rename variants, use more EXPECT, improve comments, simplify the outside_socket test] Signed-off-by: Mickaël Salaün

selftests: kselftest_harness: save full exit code in metadata

2024-03-01T10:30:28Z

Instead of tracking passed = 0/1 rename the field to exit_code and invert the values so that they match the KSFT_* exit codes. This will allow us to fold SKIP / XFAIL into the same value. Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller

selftests/landlock: Fix capability for net_test

2024-02-02T09:32:09Z

CAP_NET_ADMIN allows to configure network interfaces, not CAP_SYS_ADMIN which only allows to call unshare(2). Without this change, running network tests as a non-root user but with all capabilities would fail at the setup_loopback() step with "RTNETLINK answers: Operation not permitted". The issue is only visible when running tests with non-root users (i.e. only relying on ambient capabilities). Indeed, when configuring the network interface, the "ip" command is called, which may lead to the special handling of capabilities for the root user by execve(2). If root is the caller, then the inherited, permitted and effective capabilities are all reset, which then includes CAP_NET_ADMIN. However, if a non-root user is the caller, then ambient capabilities are masked by the inherited ones, which were explicitly dropped. To make execution deterministic whatever users are running the tests, set the noroot secure bit for each test, and set the inheritable and ambient capabilities to CAP_NET_ADMIN, the only capability that may be required after an execve(2). Factor out _effective_cap() into _change_cap(), and use it to manage ambient capabilities with the new set_ambient_cap() and clear_ambient_cap() helpers. This makes it possible to run all Landlock tests with check-linux.sh from https://github.com/landlock-lsm/landlock-test-tools Cc: Konstantin Meskhidze Fixes: a549d055a22e ("selftests/landlock: Add network tests") Link: https://lore.kernel.org/r/20240125153230.3817165-2-mic@digikod.net [mic: Make sure SECBIT_NOROOT_LOCKED is set] Signed-off-by: Mickaël Salaün

selftests/landlock: Fix net_test build with old libc

2024-01-25T15:49:04Z

One issue comes up while building selftest/landlock/net_test on my side (gcc 7.3/glibc-2.28/kernel-4.19). net_test.c: In function ‘set_service’: net_test.c:91:45: warning: implicit declaration of function ‘gettid’; [-Wimplicit-function-declaration] "_selftests-landlock-net-tid%d-index%d", gettid(), ^~~~~~ getgid net_test.c:(.text+0x4e0): undefined reference to `gettid' Signed-off-by: Hu Yadi Suggested-by: Jiao Reviewed-by: Berlin Fixes: a549d055a22e ("selftests/landlock: Add network tests") Link: https://lore.kernel.org/r/20240123062621.25082-1-hu.yadi@h3c.com [mic: Cosmetic fixes] Signed-off-by: Mickaël Salaün

selftests/landlock: Add tests to check unhandled rule's access rights

2023-12-22T15:35:22Z

Add two tests to make sure that we cannot add a rule to a ruleset if the rule's access rights that are not handled by the ruleset: * fs: layout1.rule_with_unhandled_access * net: mini.rule_with_unhandled_access Cc: Konstantin Meskhidze Reviewed-by: Günther Noack Link: https://lore.kernel.org/r/20231130093616.67340-3-mic@digikod.net Signed-off-by: Mickaël Salaün