releases/5.10.50/selftests-lkdtm-avoid-needing-explicit-sub-shell.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From 04831e892b41618914b2123ae3b4fa77252e8656 Mon Sep 17 00:00:00 2001
 From: Kees Cook <keescook@chromium.org>
 Date: Wed, 23 Jun 2021 13:39:28 -0700
 Subject: selftests/lkdtm: Avoid needing explicit sub-shell

 From: Kees Cook <keescook@chromium.org>

 commit 04831e892b41618914b2123ae3b4fa77252e8656 upstream.

 Some environments do not set $SHELL when running tests. There's no
 need to use $SHELL here anyway, since "cat" can be used to receive any
 delivered signals from the kernel. Additionally avoid using bash-isms
 in the command, and record stderr for posterity.

 Fixes: 46d1a0f03d66 ("selftests/lkdtm: Add tests for LKDTM targets")
 Cc: stable@vger.kernel.org
 Suggested-by: Guillaume Tucker <guillaume.tucker@collabora.com>
 Suggested-by: David Laight <David.Laight@ACULAB.COM>
 Signed-off-by: Kees Cook <keescook@chromium.org>
 Link: https://lore.kernel.org/r/20210623203936.3151093-2-keescook@chromium.org
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 ---
  tools/testing/selftests/lkdtm/run.sh |   12 ++++++++----
  1 file changed, 8 insertions(+), 4 deletions(-)

 --- a/tools/testing/selftests/lkdtm/run.sh
 +++ b/tools/testing/selftests/lkdtm/run.sh
 @@ -76,10 +76,14 @@ fi
  # Save existing dmesg so we can detect new content below
  dmesg > "$DMESG"

 -# Most shells yell about signals and we're expecting the "cat" process
 -# to usually be killed by the kernel. So we have to run it in a sub-shell
 -# and silence errors.
 -($SHELL -c 'cat <(echo '"$test"') >'"$TRIGGER" 2>/dev/null) || true
 +# Since the kernel is likely killing the process writing to the trigger
 +# file, it must not be the script's shell itself. i.e. we cannot do:
 +#     echo "$test" >"$TRIGGER"
 +# Instead, use "cat" to take the signal. Since the shell will yell about
 +# the signal that killed the subprocess, we must ignore the failure and
 +# continue. However we don't silence stderr since there might be other
 +# useful details reported there in the case of other unexpected conditions.
 +echo "$test" | cat >"$TRIGGER" || true

  # Record and dump the results
  dmesg | comm --nocheck-order -13 "$DMESG" - > "$LOG" || true
	From 04831e892b41618914b2123ae3b4fa77252e8656 Mon Sep 17 00:00:00 2001
	From: Kees Cook <keescook@chromium.org>
	Date: Wed, 23 Jun 2021 13:39:28 -0700
	Subject: selftests/lkdtm: Avoid needing explicit sub-shell

	From: Kees Cook <keescook@chromium.org>

	commit 04831e892b41618914b2123ae3b4fa77252e8656 upstream.

	Some environments do not set $SHELL when running tests. There's no
	need to use $SHELL here anyway, since "cat" can be used to receive any
	delivered signals from the kernel. Additionally avoid using bash-isms
	in the command, and record stderr for posterity.

	Fixes: 46d1a0f03d66 ("selftests/lkdtm: Add tests for LKDTM targets")
	Cc: stable@vger.kernel.org
	Suggested-by: Guillaume Tucker <guillaume.tucker@collabora.com>
	Suggested-by: David Laight <David.Laight@ACULAB.COM>
	Signed-off-by: Kees Cook <keescook@chromium.org>
	Link: https://lore.kernel.org/r/20210623203936.3151093-2-keescook@chromium.org
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

	---
	tools/testing/selftests/lkdtm/run.sh \| 12 ++++++++----
	1 file changed, 8 insertions(+), 4 deletions(-)

	--- a/tools/testing/selftests/lkdtm/run.sh
	+++ b/tools/testing/selftests/lkdtm/run.sh
	@@ -76,10 +76,14 @@ fi
	# Save existing dmesg so we can detect new content below
	dmesg > "$DMESG"

	-# Most shells yell about signals and we're expecting the "cat" process
	-# to usually be killed by the kernel. So we have to run it in a sub-shell
	-# and silence errors.
	-($SHELL -c 'cat <(echo '"$test"') >'"$TRIGGER" 2>/dev/null) \|\| true
	+# Since the kernel is likely killing the process writing to the trigger
	+# file, it must not be the script's shell itself. i.e. we cannot do:
	+# echo "$test" >"$TRIGGER"
	+# Instead, use "cat" to take the signal. Since the shell will yell about
	+# the signal that killed the subprocess, we must ignore the failure and
	+# continue. However we don't silence stderr since there might be other
	+# useful details reported there in the case of other unexpected conditions.
	+echo "$test" \| cat >"$TRIGGER" \|\| true

	# Record and dump the results
	dmesg \| comm --nocheck-order -13 "$DMESG" - > "$LOG" \|\| true