| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Dec 2022 11:19:13 +0100
From: Giuseppe Scrivano <gscrivan@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: ebiederm@...ssion.com, brauner@...nel.org, cyphar@...har.com,
viro@...iv.linux.org.uk, alexl@...hat.com, peterz@...radead.org,
gscrivan@...hat.com
Subject: [PATCH 2/2] selftests: add tests for prctl(SET_HIDE_SELF_EXE)
Signed-off-by: Giuseppe Scrivano <gscrivan@...hat.com>
---
tools/testing/selftests/prctl/Makefile | 2 +-
tools/testing/selftests/prctl/hide-self-exe.c | 94 +++++++++++++++++++
2 files changed, 95 insertions(+), 1 deletion(-)
create mode 100644 tools/testing/selftests/prctl/hide-self-exe.c
diff --git a/tools/testing/selftests/prctl/Makefile b/tools/testing/selftests/prctl/Makefile
index c7923b205222..024e107b26ec 100644
--- a/tools/testing/selftests/prctl/Makefile
+++ b/tools/testing/selftests/prctl/Makefile
@@ -5,7 +5,7 @@ ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/)
ifeq ($(ARCH),x86)
TEST_PROGS := disable-tsc-ctxt-sw-stress-test disable-tsc-on-off-stress-test \
- disable-tsc-test
+ disable-tsc-test hide-self-exe
all: $(TEST_PROGS)
include ../lib.mk
diff --git a/tools/testing/selftests/prctl/hide-self-exe.c b/tools/testing/selftests/prctl/hide-self-exe.c
new file mode 100644
index 000000000000..4085a473eadf
--- /dev/null
+++ b/tools/testing/selftests/prctl/hide-self-exe.c
@@ -0,0 +1,94 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Tests for prctl(PR_GET_HIDE_SELF_EXE, ...) / prctl(PR_SET_HIDE_SELF_EXE, ...)
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <signal.h>
+#include <inttypes.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/wait.h>
+
+#include <sys/prctl.h>
+#include <linux/prctl.h>
+
+#ifndef PR_SET_HIDE_SELF_EXE
+# define PR_SET_HIDE_SELF_EXE 65
+# define PR_GET_HIDE_SELF_EXE 66
+#endif
+
+int main(void)
+{
+ int status;
+ pid_t pid;
+ int ret;
+
+ ret = open("/proc/self/exe", O_RDONLY);
+ if (ret < 0) {
+ perror("open /proc/self/exe");
+ exit(EXIT_FAILURE);
+ }
+ close(ret);
+
+ ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
+ if (ret != 0) {
+ perror("prctl(PR_GET_HIDE_SELF_EXE)");
+ exit(EXIT_FAILURE);
+ }
+
+ ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
+ if (ret != 0) {
+ perror("prctl(PR_SET_HIDE_SELF_EXE)");
+ exit(EXIT_FAILURE);
+ }
+
+ /* check it doesn't fail a second time. */
+ ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
+ if (ret != 0) {
+ perror("prctl(PR_SET_HIDE_SELF_EXE)");
+ exit(EXIT_FAILURE);
+ }
+
+ ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
+ if (ret != 1) {
+ perror("prctl(PR_GET_HIDE_SELF_EXE)");
+ exit(EXIT_FAILURE);
+ }
+
+ ret = open("/proc/self/exe", O_RDONLY);
+ if (ret >= 0 || errno != ENOENT) {
+ perror("open /proc/self/exe succeeded");
+ exit(EXIT_FAILURE);
+ }
+
+ pid = fork();
+ if (pid < 0) {
+ perror("fork");
+ exit(EXIT_FAILURE);
+ }
+ if (pid == 0) {
+ /* Verify that it is still unreachable after fork(). */
+ ret = open("/proc/self/exe", O_RDONLY);
+ if (ret >= 0 || errno != ENOENT)
+ exit(EXIT_FAILURE);
+ close(ret);
+
+ /* HIDE_SELF_EXE is cleared after execve. */
+ ret = system("cat /proc/self/exe > /dev/null");
+ exit(ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE);
+ }
+ if (waitpid(pid, &status, 0) != pid) {
+ perror("waitpid");
+ exit(EXIT_FAILURE);
+ }
+ if (status != 0) {
+ perror("child failed");
+ exit(EXIT_FAILURE);
+ }
+ exit(EXIT_SUCCESS);
+}
+
--
2.38.1
Powered by blists - more mailing lists