lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Oct 2022 16:04:57 +0100 From: Joey Gouly <joey.gouly@....com> To: Catalin Marinas <catalin.marinas@....com>, Andrew Morton <akpm@...ux-foundation.org>, Lennart Poettering <lennart@...ttering.net>, Zbigniew Jędrzejewski-Szmek <zbyszek@...waw.pl> CC: Alexander Viro <viro@...iv.linux.org.uk>, Kees Cook <keescook@...omium.org>, Szabolcs Nagy <szabolcs.nagy@....com>, Mark Brown <broonie@...nel.org>, Jeremy Linton <jeremy.linton@....com>, Topi Miettinen <toiwoton@...il.com>, <linux-mm@...ck.org>, <linux-arm-kernel@...ts.infradead.org>, <linux-kernel@...r.kernel.org>, <linux-abi-devel@...ts.sourceforge.net>, <nd@....com>, <joey.gouly@....com>, <shuah@...nel.org> Subject: [PATCH v1 2/2] kselftest: vm: add tests for memory-deny-write-execute Add some tests to cover the new PR_SET_MDWE prctl. Signed-off-by: Joey Gouly <joey.gouly@....com> Cc: Shuah Khan <shuah@...nel.org> --- tools/testing/selftests/vm/mdwe_test.c | 194 +++++++++++++++++++++++++ 1 file changed, 194 insertions(+) create mode 100644 tools/testing/selftests/vm/mdwe_test.c diff --git a/tools/testing/selftests/vm/mdwe_test.c b/tools/testing/selftests/vm/mdwe_test.c new file mode 100644 index 000000000000..67f3fc06d069 --- /dev/null +++ b/tools/testing/selftests/vm/mdwe_test.c @@ -0,0 +1,194 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include <asm/hwcap.h> +#include <stdio.h> +#include <stdlib.h> +#include <sys/auxv.h> +#include <sys/mman.h> +#include <sys/prctl.h> +#include <sys/wait.h> +#include <unistd.h> + +#include <linux/prctl.h> + +#include "../kselftest.h" + +#define PR_SET_MDWE 65 +# define PR_MDWE_FLAG_MMAP 1 + +#define PR_GET_MDWE 66 + +#ifdef __aarch64__ +#define PROT_BTI 0x10 /* BTI guarded page */ +#endif + +#define TEST1 "mmap(PROT_WRITE | PROT_EXEC)\n" +#define TEST2 "mmap(PROT_WRITE); mprotect(PROT_EXEC)\n" +#define TEST3 "mmap(PROT_EXEC); mprotect(PROT_EXEC | PROT_READ)\n" +#define TEST4 "mmap(PROT_EXEC); mprotect(PROT_EXEC | PROT_BTI)\n" + +int fork_test(int (*func)(int)) +{ + pid_t pid; + int status; + + pid = fork(); + if (pid < 0) { + printf("fork failed\n"); + return KSFT_FAIL; + } + + if (pid == 0) + exit(func(1)); + + waitpid(pid, &status, 0); + + if (WIFEXITED(status)) + return WEXITSTATUS(status); + + return 0; +} + +static inline void test_result(int err, const char *msg) +{ + switch (err) { + case KSFT_PASS: + ksft_test_result_pass(msg); + break; + case KSFT_FAIL: + ksft_test_result_fail(msg); + break; + case KSFT_SKIP: + ksft_test_result_skip(msg); + break; + default: + ksft_test_result_error("Unknown return code %d from %s", + err, msg); + break; + } +} + +int test1(int mdwe_enabled) +{ + void *p; + + int size = getpagesize(); + int mmap_flags = MAP_SHARED | MAP_ANONYMOUS; + + p = mmap(0, size, PROT_WRITE | PROT_EXEC, mmap_flags, 0, 0); + + if (mdwe_enabled) + return p == MAP_FAILED ? KSFT_PASS : KSFT_FAIL; + else + return p != MAP_FAILED ? KSFT_PASS : KSFT_FAIL; +} + +int test2(int mdwe_enabled) +{ + void *p; + int ret; + + int size = getpagesize(); + int mmap_flags = MAP_SHARED | MAP_ANONYMOUS; + + p = mmap(0, size, PROT_WRITE, mmap_flags, 0, 0); + if (p == MAP_FAILED) + return 0; + ret = mprotect(p, size, PROT_EXEC); + + if (mdwe_enabled) + return ret < 0 ? KSFT_PASS : KSFT_FAIL; + else + return ret == 0 ? KSFT_PASS : KSFT_FAIL; +} + +int test3(int mdwe_enabled) +{ + void *p; + int ret; + + int size = getpagesize(); + int mmap_flags = MAP_SHARED | MAP_ANONYMOUS; + + p = mmap(0, size, PROT_EXEC, mmap_flags, 0, 0); + if (p == MAP_FAILED) + return 0; + + ret = mprotect(p, size, PROT_EXEC | PROT_READ); + + return ret == 0 ? KSFT_PASS : KSFT_FAIL; +} + +#ifdef __aarch64__ +int test4(int mdwe_enabled) +{ + void *p; + int ret; + + int size = getpagesize(); + int mmap_flags = MAP_SHARED | MAP_ANONYMOUS; + + if (!(getauxval(AT_HWCAP2) & HWCAP2_BTI)) + return KSFT_SKIP; + + p = mmap(0, size, PROT_EXEC, mmap_flags, 0, 0); + if (p == MAP_FAILED) + return KSFT_FAIL; + + ret = mprotect(p, size, PROT_EXEC | PROT_BTI); + + return ret == 0 ? KSFT_PASS : KSFT_FAIL; +} +#endif + +int main(void) +{ + int ret; + + ksft_print_header(); +#ifdef __aarch64__ + ksft_set_plan(12); +#else + ksft_set_plan(9); +#endif + + // First run the tests without MDWE + test_result(test1(0), TEST1); + test_result(test2(0), TEST2); + test_result(test3(0), TEST3); +#ifdef __aarch64__ + test_result(test4(0), TEST4); +#endif + + // Enable MDWE and then run the tests again. + ret = prctl(PR_SET_MDWE, PR_MDWE_FLAG_MMAP, 0, 0, 0); + if (ret < 0) { + ksft_print_msg("PR_SET_MDWE failed or unsupported!\n"); + goto exit; + } + + ret = prctl(PR_GET_MDWE, PR_MDWE_FLAG_MMAP, 0, 0, 0); + if (ret == 0) + ksft_exit_fail_msg("PR_GET_MDWE failed!"); + + test_result(test1(1), "MDWE: " TEST1); + test_result(test2(1), "MDWE: " TEST2); + test_result(test3(1), "MDWE: " TEST3); +#ifdef __aarch64__ + test_result(test4(1), "MDWE: " TEST4); +#endif + + // Verify the MDWE setting is transferred when fork()ing + test_result(fork_test(test1), "MDWE+fork: " TEST1); + test_result(fork_test(test2), "MDWE+fork: " TEST2); + test_result(fork_test(test3), "MDWE+fork: " TEST3); +#ifdef __aarch64__ + test_result(fork_test(test4), "MDWE+fork: " TEST4); +#endif + +exit: + ksft_finished(); + + return 0; +} + -- 2.17.1
Powered by blists - more mailing lists