linux_dsm_epyc7002/tools/testing
Kees Cook 58d0a862f5 seccomp: add tests for ptrace hole
One problem with seccomp was that ptrace could be used to change a
syscall after seccomp filtering had completed. This was a well documented
limitation, and it was recommended to block ptrace when defining a filter
to avoid this problem. This can be quite a limitation for containers or
other places where ptrace is desired even under seccomp filters.

This adds tests for both SECCOMP_RET_TRACE and PTRACE_SYSCALL manipulations.

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@kernel.org>
2016-06-14 10:54:38 -07:00
..
fault-injection fault-injection: fix failcmd.sh warning 2012-07-31 18:42:38 -07:00
ktest ktest: Place quotes around item variable 2015-02-03 15:45:13 -05:00
nvdimm Merge branch 'for-4.7/dax' into libnvdimm-for-next 2016-05-21 12:33:04 -07:00
radix-tree radix-tree: tidy up next_chunk 2016-05-20 17:58:30 -07:00
selftests seccomp: add tests for ptrace hole 2016-06-14 10:54:38 -07:00