Mirrors/criu
1
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu.git synced 2026-01-23 10:16:41 +00:00
Code Issues Projects Releases Wiki Activity

prctl: test prctl(NO_NEW_PRIVS) setting

Browse source 
Signed-off-by: Michał Mirosław <emmir@google.com>
This commit is contained in:
Michał Mirosław 2023-07-19 18:57:09 +02:00 committed by Andrei Vagin
parent a605cc9f36
commit fe4be19de4
2 changed files with 43 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
test/zdtm/static/Makefile
View file

@ -215,6 +215,7 @@ TST_NOFILE := \
seccomp_filter_tsync \
seccomp_filter_threads \
seccomp_filter_inheritance \
seccomp_no_new_privs \
different_creds \
vsx \
bridge \

42
test/zdtm/static/seccomp_no_new_privs.c Normal file
View file

@ -0,0 +1,42 @@
#include <stdlib.h>
#include <sys/prctl.h>
#include "zdtmtst.h"
const char *test_doc = "Check that NO_NEW_PRIVS attribute is restored";
const char *test_author = "Michał Mirosław <emmir@google.com>";
int main(int argc, char **argv)
{
int ret;
test_init(argc, argv);
ret = prctl(PR_GET_NO_NEW_PRIVS, 0, 0, 0, 0);
if (ret < 0) {
pr_perror("Can't read NO_NEW_PRIVS attribute");
return 1;
}
if (ret != 0)
fail("initial NO_NEW_PRIVS = %d != 0", ret);
ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
if (ret) {
pr_perror("Can't set NO_NEW_PRIVS attribute");
return 1;
}
test_daemon();
test_waitsig();
ret = prctl(PR_GET_NO_NEW_PRIVS, 0, 0, 0, 0);
if (ret < 0) {
pr_perror("Can't read NO_NEW_PRIVS attribute");
return 1;
}
if (ret != 1)
fail("restored NO_NEW_PRIVS = %d != 1", ret);
pass();
return 0;
}