On Mon, Feb 26, 2024 at 11:04:12AM -0800, Kees Cook wrote:
On Mon, Feb 26, 2024 at 05:23:35PM +0100, Mickaël Salaün wrote:
Remplace Landlock-specific TEST_F_FORK() with an improved TEST_F() which brings four related changes:
Run TEST_F()'s tests in a grandchild process to make it possible to drop privileges and delegate teardown to the parent.
Compared to TEST_F_FORK(), simplify handling of the test grandchild process thanks to vfork(2), and makes it generic (e.g. no explicit conversion between exit code and _metadata).
Compared to TEST_F_FORK(), run teardown even when tests failed with an assert thanks to commit 63e6b2a42342 ("selftests/harness: Run TEARDOWN for ASSERT failures").
Simplify the test harness code by removing the no_print and step fields which are not used. I added this feature just after I made kselftest_harness.h more broadly available but this step counter remained even though it wasn't needed after all. See commit 369130b63178 ("selftests: Enhance kselftest_harness.h to print which assert failed").
I'm personally fine dropping the step counter. (I do wonder if that removal should be split from the grandchild launching.)
I thought about that but it was not worth it to add more lines to review.
Replace spaces with tabs in one line of __TEST_F_IMPL().
Cc: Günther Noack gnoack@google.com Cc: Jakub Kicinski kuba@kernel.org Cc: Kees Cook keescook@chromium.org Cc: Shuah Khan shuah@kernel.org Cc: Will Drewry wad@chromium.org Signed-off-by: Mickaël Salaün mic@digikod.net
One typo below, but otherwise seems good to me:
Reviewed-by: Kees Cook keescook@chromium.org
[...] _metadata->setup_completed = true; \
fixture_name##_##test_name(_metadata, &self, variant->data); \
/* Use the same _metadata. */ \child = vfork(); \if (child == 0) { \fixture_name##_##test_name(_metadata, &self, variant->data); \_exit(0); \} \if (child < 0) { \ksft_print_msg("ERROR SPAWNING TEST GANDCHILD\n"); \typo: GAND -> GRAND
Good catch!
Jakub, please fix this with the next combined+rebased series. Thanks!
-- Kees Cook