On Sun, Dec 29, 2019 at 11:43 AM Christian Brauner <christian.brauner@xxxxxxxxxx> wrote: > > On Sun, Dec 29, 2019 at 11:06:25AM -0800, Sargun Dhillon wrote: > > On Sun, Dec 29, 2019 at 12:14 PM Christian Brauner > > <christian.brauner@xxxxxxxxxx> wrote: > > > Does that even work if no dup() syscall has been made and trapped? > > Yes, the first check that occurs is the check which checks if > > seccom_notif has been > > zeroed out. This happens before any of the other work. > > Ah, then sure I don't mind doing it this way. Though plumbing it > directly into TEST(user_notification_basic) like I did below seems > cleaner to me. > > > > > > This looks like it would give you ENOENT... > > This ioctl is a blocking ioctl. It'll block until there is a wakeup. > > In this case, the wakeup > > will never come, but that doesn't mean we get an ENOENT. > > Yeah, but that wold mean the test will hang weirdly if it bypasses the > check. Sure it'll timeout but meh. I think I would prefer to have this > done as part of the basic test where we know that there is an event but > _shrug_. > > Christian My one worry about this is that the behaviour should be if the input (seccomp_notif) is invalid, it should immediately bail out, whether or not there is an event waiting. If we add it to basic_test, then it would hide the erroneous behaviour if bailout isn't immediate. I'm not sure if that's a worry or not.
