| Message ID | f60daf00d0de49e54a5389c73c90994e7711a7d1.1704868967.git.pengfei.xu@intel.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [v1,1/1] keyctl05: increase dns_res_payload data due to kernel code changes | expand |
Hi Xu, Good catch, merged. BTW any change how to trigger autoload of dns_resolver ? # ./keyctl05 ... keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' ... # modprobe dns_resolver # ./keyctl05 ... keyctl05.c:143: TPASS: updating 'dns_resolver' key expectedly failed with EOPNOTSUPP ... We consider modprobe as the last result. Kind regards, Petr
Hi Petr, On 2024-01-10 at 18:59:31 +0100, Petr Vorel wrote: > Hi Xu, > > Good catch, merged. > > BTW any change how to trigger autoload of dns_resolver ? > > # ./keyctl05 > ... > keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' > ... > > # modprobe dns_resolver > # ./keyctl05 > ... > keyctl05.c:143: TPASS: updating 'dns_resolver' key expectedly failed with EOPNOTSUPP > ... > > We consider modprobe as the last result. Yes, it needs to load dns_resolver module to test it. Or set kconfig CONFIG_DNS_RESOLVER=y. Due to the bundary issue fixed patch as follows, I will send another patch to set to 6 bytes coming data for add_key syscall for passed boundary checking: https://lore.kernel.org/all/1784441.1704907412@warthog.procyon.org.uk/ BR, Thanks! > > Kind regards, > Petr
On 2024-01-11 at 09:25:49 +0100, Petr Vorel wrote: > > Hi Petr, > > > On 2024-01-10 at 18:59:31 +0100, Petr Vorel wrote: > > > Hi Xu, > > > > Good catch, merged. > > > > BTW any change how to trigger autoload of dns_resolver ? > > > > # ./keyctl05 > > > ... > > > keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' > > > ... > > > > # modprobe dns_resolver > > > # ./keyctl05 > > > ... > > > keyctl05.c:143: TPASS: updating 'dns_resolver' key expectedly failed with EOPNOTSUPP > > > ... > > > > We consider modprobe as the last result. > > > Yes, it needs to load dns_resolver module to test it. > > Or set kconfig CONFIG_DNS_RESOLVER=y. > > Well, that would not work for kernels in linux distros. > Therefore I'll send a patch to add modprobe functionality. Ah, ok, yes, it's better to check the module before the test. > > > Due to the bundary issue fixed patch as follows, I will send another patch to > > set to 6 bytes coming data for add_key syscall for passed boundary checking: > > https://lore.kernel.org/all/1784441.1704907412@warthog.procyon.org.uk/ > > Thank you! > > FYI we're planning LTP release in the end of month, it'd be great if you send > patch soon so that fix is included. Thanks for your info, and here is the link for new patch: https://lore.kernel.org/ltp/48efcb1293a682182fc5db23f01be7af2889e26c.1704949719.git.pengfei.xu@intel.com/T/#u Thanks! > > Kind regards, > Petr > > > BR, > > Thanks! > > > > > Kind regards, > > > Petr
> Hi Petr, > On 2024-01-10 at 18:59:31 +0100, Petr Vorel wrote: > > Hi Xu, > > Good catch, merged. > > BTW any change how to trigger autoload of dns_resolver ? > > # ./keyctl05 > > ... > > keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' > > ... > > # modprobe dns_resolver > > # ./keyctl05 > > ... > > keyctl05.c:143: TPASS: updating 'dns_resolver' key expectedly failed with EOPNOTSUPP > > ... > > We consider modprobe as the last result. > Yes, it needs to load dns_resolver module to test it. > Or set kconfig CONFIG_DNS_RESOLVER=y. Well, that would not work for kernels in linux distros. Therefore I'll send a patch to add modprobe functionality. > Due to the bundary issue fixed patch as follows, I will send another patch to > set to 6 bytes coming data for add_key syscall for passed boundary checking: > https://lore.kernel.org/all/1784441.1704907412@warthog.procyon.org.uk/ Thank you! FYI we're planning LTP release in the end of month, it'd be great if you send patch soon so that fix is included. Kind regards, Petr > BR, > Thanks! > > Kind regards, > > Petr
diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c index 7d7c076c0..90cf1ef06 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl05.c +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c @@ -198,8 +198,12 @@ static void do_test(unsigned int i) /* * We need to pass check in dns_resolver_preparse(), * give it dummy server list request. + * From v6.7-rc8 commit 1997b3cb4217b09e49659b634c94da47f0340409: + * the incoming data for add_key syscall should be larger than 6 bytes, + * because struct dns_server_list_v1_header without body is 6 bytes. */ - static char dns_res_payload[] = { 0x00, 0x00, 0x01, 0xff, 0x00 }; + static char dns_res_payload[] = { 0x00, 0x00, 0x01, 0xff, 0x00, \ + 0x00, 0x00 }; switch (i) { case 0:
keyctl05 was failed in v6.7-rc8 kernel, related discussion link: https://lore.kernel.org/all/ZZ4vaJMN2w%2FilkR3@xpf.sh.intel.com/ From v6.7-rc8 commit 1997b3cb4217b09e49659b634c94da47f0340409: the incoming data for add_key syscall should be larger than 6 bytes, because struct dns_server_list_v1_header without body after kernel v6.7-rc8 is 6 bytes. Fixes: 9662d802a0 ("keyctl05: use data that passes dns_resolver_preparse() check") Signed-off-by: Pengfei Xu <pengfei.xu@intel.com> --- testcases/kernel/syscalls/keyctl/keyctl05.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)