Re: [PATCH v1] selftests/memfd: Run sysctl tests when PID namespace support is enabled

Jeff Xu <jeffxu@xxxxxxxxxx> · Thu, 5 Dec 2024 11:53:57 -0800



On Thu, Dec 5, 2024 at 11:29 AM Isaac J. Manjarres
<isaacmanjarres@xxxxxxxxxx> wrote:
>
> The sysctl tests for vm.memfd_noexec rely on the kernel to support PID
> namespaces (i.e. the kernel is built with CONFIG_PID_NS=y). If the
> kernel the test runs on does not support PID namespaces, the first
> sysctl test will fail when attempting to spawn a new thread in a new
> PID namespace, abort the test, preventing the remaining tests from
> being run.
>
> This is not desirable, as not all kernels need PID namespaces, but can
> still use the other features provided by memfd. Therefore, only run the
> sysctl tests if the kernel supports PID namespaces. Otherwise, skip
> those tests and emit an informative message to let the user know why
> the sysctl tests are not being run.
>
Thanks for fixing this.

> Fixes: 11f75a01448f ("selftests/memfd: add tests for MFD_NOEXEC_SEAL MFD_EXEC")
> Cc: stable@xxxxxxxxxxxxxxx # v6.6+
> Cc: Jeff Xu <jeffxu@xxxxxxxxxx>
> Cc: Suren Baghdasaryan <surenb@xxxxxxxxxx>
> Cc: Kalesh Singh <kaleshsingh@xxxxxxxxxx>
> Signed-off-by: Isaac J. Manjarres <isaacmanjarres@xxxxxxxxxx>
> ---
>  tools/testing/selftests/memfd/memfd_test.c | 14 ++++++++++++--
>  1 file changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
> index 95af2d78fd31..0a0b55516028 100644
> --- a/tools/testing/selftests/memfd/memfd_test.c
> +++ b/tools/testing/selftests/memfd/memfd_test.c
> @@ -9,6 +9,7 @@
>  #include <fcntl.h>
>  #include <linux/memfd.h>
>  #include <sched.h>
> +#include <stdbool.h>
>  #include <stdio.h>
>  #include <stdlib.h>
>  #include <signal.h>
> @@ -1557,6 +1558,11 @@ static void test_share_fork(char *banner, char *b_suffix)
>         close(fd);
>  }
>
> +static bool pid_ns_supported(void)
> +{
> +       return access("/proc/self/ns/pid", F_OK) == 0;
> +}
> +
>  int main(int argc, char **argv)
>  {
>         pid_t pid;
> @@ -1591,8 +1597,12 @@ int main(int argc, char **argv)
>         test_seal_grow();
>         test_seal_resize();
>
> -       test_sysctl_simple();
> -       test_sysctl_nested();
> +       if (pid_ns_supported()) {
> +               test_sysctl_simple();
> +               test_sysctl_nested();
> +       } else {
> +               printf("PID namespaces are not supported; skipping sysctl tests\n");
> +       }
>
>         test_share_dup("SHARE-DUP", "");
>         test_share_mmap("SHARE-MMAP", "");
> --
> 2.47.0.338.g60cca15819-goog
>
Reviewed-by: Jeff Xu <jeffxu@xxxxxxxxxx>