From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2161) id 33721385382F; Fri, 29 Jul 2022 17:26:39 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 33721385382F Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Mark Wielaard To: glibc-cvs@sourceware.org Subject: [glibc] tst-pidfd.c: UNSUPPORTED if we get EPERM on valid pidfd_getfd call X-Act-Checkin: glibc X-Git-Author: Mark Wielaard X-Git-Refname: refs/heads/master X-Git-Oldrev: 35363b53cef00c3b9886b2c1f45612869f304960 X-Git-Newrev: 325ba824b0611e14e96b38dbc486acf255f9e568 Message-Id: <20220729172639.33721385382F@sourceware.org> Date: Fri, 29 Jul 2022 17:26:39 +0000 (GMT) X-BeenThere: glibc-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2022 17:26:39 -0000 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=325ba824b0611e14e96b38dbc486acf255f9e568 commit 325ba824b0611e14e96b38dbc486acf255f9e568 Author: Mark Wielaard Date: Sun Jun 26 22:17:17 2022 +0200 tst-pidfd.c: UNSUPPORTED if we get EPERM on valid pidfd_getfd call pidfd_getfd can fail for a valid pidfd with errno EPERM for various reasons in a restricted environment. Use FAIL_UNSUPPORTED in that case. Reviewed-by: Adhemerval Zanella Reviewed-by: Carlos O'Donell Diff: --- sysdeps/unix/sysv/linux/tst-pidfd.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sysdeps/unix/sysv/linux/tst-pidfd.c b/sysdeps/unix/sysv/linux/tst-pidfd.c index d93b6faa6f..037af22290 100644 --- a/sysdeps/unix/sysv/linux/tst-pidfd.c +++ b/sysdeps/unix/sysv/linux/tst-pidfd.c @@ -142,6 +142,13 @@ do_test (void) xrecvfrom (sockets[0], &remote_fd, sizeof (remote_fd), 0, NULL, 0); int fd = pidfd_getfd (pidfd, remote_fd, 0); + /* pidfd_getfd may fail with EPERM if the process does not have + PTRACE_MODE_ATTACH_REALCREDS permissions. This means the call + may be denied if the process doesn't have CAP_SYS_PTRACE or + if a LSM security_ptrace_access_check denies access. */ + if (fd == -1 && errno == EPERM) + FAIL_UNSUPPORTED ("don't have permission to use pidfd_getfd on pidfd, " + "skipping test"); TEST_VERIFY (fd > 0); char *path = xasprintf ("/proc/%d/fd/%d", pid, remote_fd);