selftests/seccomp: Add SKIP for failed unshare()

Running the seccomp tests under the kernel with "defconfig"
shouldn't fail. Because the CONFIG_USER_NS is not supported
in "defconfig". Skipping this case instead of failing it is
better.

Signed-off-by: Yang Guang <yang.guang5@zte.com.cn>
Signed-off-by: David Yang <davidcomponentone@gmail.com>
Reviewed-by: Shuah Khan <skhan@linuxfoundation.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/7f7687696a5c0a2d040a24474616e945c7cf2bb5.1648599460.git.yang.guang5@zte.com.cn

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 4da905180f89a341e7483010baf916534be689ce..38839ad939f844a18030bd80f4437fc3940227e2 100644 (file)
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -3743,7 +3743,10 @@ TEST(user_notification_fault_recv)
        struct seccomp_notif req = {};
        struct seccomp_notif_resp resp = {};
 
-       ASSERT_EQ(unshare(CLONE_NEWUSER), 0);
+       ASSERT_EQ(unshare(CLONE_NEWUSER), 0) {
+               if (errno == EINVAL)
+                       SKIP(return, "kernel missing CLONE_NEWUSER support");
+       }
 
        listener = user_notif_syscall(__NR_getppid,
                                      SECCOMP_FILTER_FLAG_NEW_LISTENER);