| Message ID | 1576641763-18305-1-git-send-email-xuyang2018.jy@cn.fujitsu.com |
|---|---|
| State | Accepted, archived |
| Headers | show |
| Series | [v2] syscalls/userfaultfd01: add hint about unprivileged_userfaultfd | expand |
Hi Ping. > Since commit cefdca0a86be ("userfaultfd/sysctl: add vm.unprivileged_userfaultfd"). > , it adds a global sysctl knob "vm.unprivileged_userfaultfd" to control whether > unprivileged users can use the userfaultfd system calls. Set this to 1 to allow > unprivileged users to use the userfaultfd system calls, or set this to 0 to > restrict userfaultfd to only privileged users (with SYS_CAP_PTRACE capability). The > default value is 1. Add hint about it. > > Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com> > --- > .../syscalls/userfaultfd/userfaultfd01.c | 19 +++++++++++++------ > 1 file changed, 13 insertions(+), 6 deletions(-) > > diff --git a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > index a5e142209..4e178b4f8 100644 > --- a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > +++ b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > @@ -82,12 +82,19 @@ static void run(void) > > set_pages(); > > - uffd = sys_userfaultfd(O_CLOEXEC | O_NONBLOCK); > - > - if (uffd == -1) > - tst_brk(TBROK | TERRNO, > - "Could not create userfault file descriptor"); > - > + TEST(sys_userfaultfd(O_CLOEXEC | O_NONBLOCK)); > + > + if (TST_RET == -1) { > + if (TST_ERR == EPERM) { > + tst_res(TCONF, "Hint: check /proc/sys/vm/unprivileged_userfaultfd"); > + tst_brk(TCONF | TTERRNO, > + "userfaultfd() requires CAP_SYS_PTRACE on this system"); > + } else > + tst_brk(TBROK | TTERRNO, > + "Could not create userfault file descriptor"); > + } > + > + uffd = TST_RET; > uffdio_api.api = UFFD_API; > uffdio_api.features = 0; > SAFE_IOCTL(uffd, UFFDIO_API, &uffdio_api); >
On Wed, Dec 18, 2019 at 12:02 PM Yang Xu <xuyang2018.jy@cn.fujitsu.com> wrote: > Since commit cefdca0a86be ("userfaultfd/sysctl: add > vm.unprivileged_userfaultfd"). > , it adds a global sysctl knob "vm.unprivileged_userfaultfd" to control > whether > unprivileged users can use the userfaultfd system calls. Set this to 1 to > allow > unprivileged users to use the userfaultfd system calls, or set this to 0 to > restrict userfaultfd to only privileged users (with SYS_CAP_PTRACE > capability). The > default value is 1. Add hint about it. > Can we do the "vm.unprivileged_userfaultfd" check in the setup() and do set to 1 if it exists? And maybe we need more tests for the global sysctl knob "vm.unprivileged_userfaultfd". > Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com> > --- > .../syscalls/userfaultfd/userfaultfd01.c | 19 +++++++++++++------ > 1 file changed, 13 insertions(+), 6 deletions(-) > > diff --git a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > index a5e142209..4e178b4f8 100644 > --- a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > +++ b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > @@ -82,12 +82,19 @@ static void run(void) > > set_pages(); > > - uffd = sys_userfaultfd(O_CLOEXEC | O_NONBLOCK); > - > - if (uffd == -1) > - tst_brk(TBROK | TERRNO, > - "Could not create userfault file descriptor"); > - > + TEST(sys_userfaultfd(O_CLOEXEC | O_NONBLOCK)); > + > + if (TST_RET == -1) { > + if (TST_ERR == EPERM) { > + tst_res(TCONF, "Hint: check > /proc/sys/vm/unprivileged_userfaultfd"); > + tst_brk(TCONF | TTERRNO, > + "userfaultfd() requires CAP_SYS_PTRACE on > this system"); > + } else > + tst_brk(TBROK | TTERRNO, > + "Could not create userfault file > descriptor"); > + } > + > + uffd = TST_RET; > uffdio_api.api = UFFD_API; > uffdio_api.features = 0; > SAFE_IOCTL(uffd, UFFDIO_API, &uffdio_api); > -- > 2.18.0 > > > > > -- > Mailing list info: https://lists.linux.it/listinfo/ltp > >
Hi Li > > > On Wed, Dec 18, 2019 at 12:02 PM Yang Xu <xuyang2018.jy@cn.fujitsu.com > <mailto:xuyang2018.jy@cn.fujitsu.com>> wrote: > > Since commit cefdca0a86be ("userfaultfd/sysctl: add > vm.unprivileged_userfaultfd"). > , it adds a global sysctl knob "vm.unprivileged_userfaultfd" to > control whether > unprivileged users can use the userfaultfd system calls. Set this to > 1 to allow > unprivileged users to use the userfaultfd system calls, or set this > to 0 to > restrict userfaultfd to only privileged users (with SYS_CAP_PTRACE > capability). The > default value is 1. Add hint about it. > > > Can we do the "vm.unprivileged_userfaultfd" check in the setup() and do > set to 1 if it exists? I remembered Jan Stancek has a patch about bpf hint about unprivileged_bpf_disabled, I do as same as that patch did. Also, month agos about acct02 discussion, Cyril points about adjusting the threshold value of resume and suppend to make case passes. So, I have a question that we have unified standards about these cases (bpf, acct02, affected by sysctl)? Report TCONF or modify argument to make case passes? @Cyril and @Jan Stancek What do you think about it? > And maybe we need more tests for the global sysctl knob > "vm.unprivileged_userfaultfd".Eeven though we don't have case to test unprivileged_bpf_disabled. I still think testing unprivileged_userfaultfd is meaningful and we can begin with it. Best Regards Yang Xu > > > Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com > <mailto:xuyang2018.jy@cn.fujitsu.com>> > --- > .../syscalls/userfaultfd/userfaultfd01.c | 19 +++++++++++++------ > 1 file changed, 13 insertions(+), 6 deletions(-) > > diff --git a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > index a5e142209..4e178b4f8 100644 > --- a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > +++ b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > @@ -82,12 +82,19 @@ static void run(void) > > set_pages(); > > - uffd = sys_userfaultfd(O_CLOEXEC | O_NONBLOCK); > - > - if (uffd == -1) > - tst_brk(TBROK | TERRNO, > - "Could not create userfault file descriptor"); > - > + TEST(sys_userfaultfd(O_CLOEXEC | O_NONBLOCK)); > + > + if (TST_RET == -1) { > + if (TST_ERR == EPERM) { > + tst_res(TCONF, "Hint: check > /proc/sys/vm/unprivileged_userfaultfd"); > + tst_brk(TCONF | TTERRNO, > + "userfaultfd() requires > CAP_SYS_PTRACE on this system"); > + } else > + tst_brk(TBROK | TTERRNO, > + "Could not create userfault file > descriptor"); > + } > + > + uffd = TST_RET; > uffdio_api.api = UFFD_API; > uffdio_api.features = 0; > SAFE_IOCTL(uffd, UFFDIO_API, &uffdio_api); > -- > 2.18.0 > > > > > -- > Mailing list info: https://lists.linux.it/listinfo/ltp > > > > -- > Regards, > Li Wang
On Mon, Jan 6, 2020 at 5:10 PM Yang Xu <xuyang2018.jy@cn.fujitsu.com> wrote: > Hi Li > > > > > > On Wed, Dec 18, 2019 at 12:02 PM Yang Xu <xuyang2018.jy@cn.fujitsu.com > > <mailto:xuyang2018.jy@cn.fujitsu.com>> wrote: > > > > Since commit cefdca0a86be ("userfaultfd/sysctl: add > > vm.unprivileged_userfaultfd"). > > , it adds a global sysctl knob "vm.unprivileged_userfaultfd" to > > control whether > > unprivileged users can use the userfaultfd system calls. Set this to > > 1 to allow > > unprivileged users to use the userfaultfd system calls, or set this > > to 0 to > > restrict userfaultfd to only privileged users (with SYS_CAP_PTRACE > > capability). The > > default value is 1. Add hint about it. > > > > > > Can we do the "vm.unprivileged_userfaultfd" check in the setup() and do > > set to 1 if it exists? > I remembered Jan Stancek has a patch about bpf hint about > unprivileged_bpf_disabled, I do as same as that patch did. > I just echo the nob file "unprivileged_bpf_disabled" and find it can't be changed at runtime. So if the "vm.unprivileged_userfaultfd" is like this behavior too, probably we can only do TCONF as your original patch. AnywayI will take a close look at the kernel commit later. # cat /proc/sys/kernel/unprivileged_bpf_disabled 1 # echo 0 > /proc/sys/kernel/unprivileged_bpf_disabled -bash: echo: write error: Invalid argument > > Also, month agos about acct02 discussion, Cyril points about adjusting > the threshold value of resume and suppend to make case passes. > > So, I have a question that we have unified standards about these cases > (bpf, acct02, affected by sysctl)? Report TCONF or modify argument to > make case passes? > > @Cyril and @Jan Stancek What do you think about it? > > > And maybe we need more tests for the global sysctl knob > > "vm.unprivileged_userfaultfd".Eeven though we don't have case to test > unprivileged_bpf_disabled. I > still think testing unprivileged_userfaultfd is meaningful and we can > begin with it. > > Best Regards > Yang Xu > > > > > > Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com > > <mailto:xuyang2018.jy@cn.fujitsu.com>> > > --- > > .../syscalls/userfaultfd/userfaultfd01.c | 19 > +++++++++++++------ > > 1 file changed, 13 insertions(+), 6 deletions(-) > > > > diff --git a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > > b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > > index a5e142209..4e178b4f8 100644 > > --- a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > > +++ b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c > > @@ -82,12 +82,19 @@ static void run(void) > > > > set_pages(); > > > > - uffd = sys_userfaultfd(O_CLOEXEC | O_NONBLOCK); > > - > > - if (uffd == -1) > > - tst_brk(TBROK | TERRNO, > > - "Could not create userfault file > descriptor"); > > - > > + TEST(sys_userfaultfd(O_CLOEXEC | O_NONBLOCK)); > > + > > + if (TST_RET == -1) { > > + if (TST_ERR == EPERM) { > > + tst_res(TCONF, "Hint: check > > /proc/sys/vm/unprivileged_userfaultfd"); > > + tst_brk(TCONF | TTERRNO, > > + "userfaultfd() requires > > CAP_SYS_PTRACE on this system"); > > + } else > > + tst_brk(TBROK | TTERRNO, > > + "Could not create userfault file > > descriptor"); > > + } > > + > > + uffd = TST_RET; > > uffdio_api.api = UFFD_API; > > uffdio_api.features = 0; > > SAFE_IOCTL(uffd, UFFDIO_API, &uffdio_api); > > -- > > 2.18.0 > > > > > > > > > > -- > > Mailing list info: https://lists.linux.it/listinfo/ltp > > > > > > > > -- > > Regards, > > Li Wang > > >
Hi Yang, On Mon, Jan 6, 2020 at 5:10 PM Yang Xu <xuyang2018.jy@cn.fujitsu.com> wrote: > ... > > Can we do the "vm.unprivileged_userfaultfd" check in the setup() and do > > set to 1 if it exists? > I remembered Jan Stancek has a patch about bpf hint about > unprivileged_bpf_disabled, I do as same as that patch did. > > Also, month agos about acct02 discussion, Cyril points about adjusting > the threshold value of resume and suppend to make case passes. > > So, I have a question that we have unified standards about these cases > (bpf, acct02, affected by sysctl)? Report TCONF or modify argument to > make case passes? > After thinking over, to report TCONF is the wise method here because this test might run with an unprivileged user and it can not modify the knob "vm.unprivileged_userfaultfd". Sorry and now I pull back my last comment. Reviewed-by: Li Wang <liwang@redhat.com>
----- Original Message ----- > > After thinking over, to report TCONF is the wise method here because this > test might run with an unprivileged user and it can not modify the knob > "vm.unprivileged_userfaultfd". > > Sorry and now I pull back my last comment. > > Reviewed-by: Li Wang <liwang@redhat.com> Pushed, thanks.
diff --git a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c index a5e142209..4e178b4f8 100644 --- a/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c +++ b/testcases/kernel/syscalls/userfaultfd/userfaultfd01.c @@ -82,12 +82,19 @@ static void run(void) set_pages(); - uffd = sys_userfaultfd(O_CLOEXEC | O_NONBLOCK); - - if (uffd == -1) - tst_brk(TBROK | TERRNO, - "Could not create userfault file descriptor"); - + TEST(sys_userfaultfd(O_CLOEXEC | O_NONBLOCK)); + + if (TST_RET == -1) { + if (TST_ERR == EPERM) { + tst_res(TCONF, "Hint: check /proc/sys/vm/unprivileged_userfaultfd"); + tst_brk(TCONF | TTERRNO, + "userfaultfd() requires CAP_SYS_PTRACE on this system"); + } else + tst_brk(TBROK | TTERRNO, + "Could not create userfault file descriptor"); + } + + uffd = TST_RET; uffdio_api.api = UFFD_API; uffdio_api.features = 0; SAFE_IOCTL(uffd, UFFDIO_API, &uffdio_api);
Since commit cefdca0a86be ("userfaultfd/sysctl: add vm.unprivileged_userfaultfd"). , it adds a global sysctl knob "vm.unprivileged_userfaultfd" to control whether unprivileged users can use the userfaultfd system calls. Set this to 1 to allow unprivileged users to use the userfaultfd system calls, or set this to 0 to restrict userfaultfd to only privileged users (with SYS_CAP_PTRACE capability). The default value is 1. Add hint about it. Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com> --- .../syscalls/userfaultfd/userfaultfd01.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-)