I extended your patch and merged it: https://git.kernel.org/mic/c/next&id=0302cd72fe196aee933e3fb76f6d175d1ab0e843
Thanks! On Tue, Jun 09, 2026 at 12:51:03AM +0200, Mickaël Salaün wrote: > Thanks for this patch. I merged a few fixes and I'd be interested to > know if this one fix the issue you spotted: > https://git.kernel.org/pub/scm/linux/kernel/git/mic/linux.git/commit/?h=next&id=d8dfb4c7faa87c3e41a8678f38f136c2c7c036fa > > > On Fri, May 29, 2026 at 08:03:41PM +0000, Maximilian Heyne wrote: > > I'm seeing sporadic selftest failures, such as > > > > # RUN scoped_audit.connect_to_child ... > > # scoped_abstract_unix_test.c:314:connect_to_child:Expected 0 (0) == > > records.access (8) > > # connect_to_child: Test failed > > # FAIL scoped_audit.connect_to_child > > not ok 19 scoped_audit.connect_to_child > > > > This seems similar to what commit 3647a4977fb73d ("selftests/landlock: > > Drain stale audit records on init") tried to fix. However, the added > > drain loop is not effective. When setting the AUDIT_STATUS_PID, the > > kauditd_thread is woken up starting to send messages from the hold queue > > to the netlink. Depending on scheduling of this kthread not all messages > > might be send via the netlink in the 1 us interval. > > > > Therefore, instead of trying to drain the queue, let's just disable > > audit when running non-audit tests or more precisely disable it after > > audit-tests. This way we won't generate any new audit message that could > > interfere with the other tests. > > > > The comment saying that on process exit audit will be disabled is wrong. > > The closed file descriptor just causes an auditd_reset(), not a > > disablement. So future messages will be queued in the hold queue. > > > > Cc: [email protected] > > Fixes: 6a500b22971c ("selftests/landlock: Add tests for audit flags and > > domain IDs") > > Signed-off-by: Maximilian Heyne <[email protected]> > > --- > > > > I've seen the failures on the 6.18 kernels but haven't tested on latest > > upstream. However, I still think this is an issue. > > > > --- > > tools/testing/selftests/landlock/audit.h | 13 +++++-------- > > 1 file changed, 5 insertions(+), 8 deletions(-) > > > > diff --git a/tools/testing/selftests/landlock/audit.h > > b/tools/testing/selftests/landlock/audit.h > > index 834005b2b0f09..7842330875f53 100644 > > --- a/tools/testing/selftests/landlock/audit.h > > +++ b/tools/testing/selftests/landlock/audit.h > > @@ -494,10 +494,9 @@ static int audit_init_filter_exe(struct audit_filter > > *filter, const char *path) > > static int audit_cleanup(int audit_fd, struct audit_filter *filter) > > audit_cleanup() should be called for audit_exec tests too. > > > { > > struct audit_filter new_filter; > > + int err; > > > > if (audit_fd < 0 || !filter) { > > - int err; > > - > > /* > > * Simulates audit_init_with_exe_filter() when called from > > * FIXTURE_TEARDOWN_PARENT(). > > @@ -518,12 +517,10 @@ static int audit_cleanup(int audit_fd, struct > > audit_filter *filter) > > audit_filter_exe(audit_fd, filter, AUDIT_DEL_RULE); > > audit_filter_drop(audit_fd, AUDIT_DEL_RULE); > > > > - /* > > - * Because audit_cleanup() might not be called by the test auditd > > - * process, it might not be possible to explicitly set it. Anyway, > > - * AUDIT_STATUS_ENABLED will implicitly be set to 0 when the auditd > > - * process will exit. > > - */ > > Please add a comment that explains that the audit state is not restored > but just disabled. > > > + err = audit_set_status(audit_fd, AUDIT_STATUS_ENABLED, 0); > > + if (err) > > + return err; > > + > > return close(audit_fd); > > FDs should always be closed. > > > } > > > > -- > > 2.50.1 > > > > > > > > > > Amazon Web Services Development Center Germany GmbH > > Tamara-Danz-Str. 13 > > 10243 Berlin > > Geschaeftsfuehrung: Christof Hellmis, Andreas Stieger > > Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B > > Sitz: Berlin > > Ust-ID: DE 365 538 597 > > > >
