lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <87o7quflkc.fsf@redhat.com>
Date:   Thu, 19 Jan 2023 19:04:03 +0100
From:   Giuseppe Scrivano <gscrivan@...hat.com>
To:     Brian Masney <bmasney@...hat.com>
Cc:     linux-kernel@...r.kernel.org, keescook@...omium.org,
        bristot@...hat.com, ebiederm@...ssion.com, brauner@...nel.org,
        cyphar@...har.com, viro@...iv.linux.org.uk, alexl@...hat.com,
        peterz@...radead.org
Subject: Re: [PATCH v2 2/2] selftests: add tests for prctl(SET_HIDE_SELF_EXE)

Brian Masney <bmasney@...hat.com> writes:

> On Thu, Jan 19, 2023 at 06:07:18PM +0100, Giuseppe Scrivano wrote:
>> Signed-off-by: Giuseppe Scrivano <gscrivan@...hat.com>
>> ---
>>  tools/testing/selftests/prctl/Makefile        |   2 +-
>>  tools/testing/selftests/prctl/hide-self-exe.c | 101 ++++++++++++++++++
>>  2 files changed, 102 insertions(+), 1 deletion(-)
>>  create mode 100644 tools/testing/selftests/prctl/hide-self-exe.c
>> 
>> diff --git a/tools/testing/selftests/prctl/Makefile b/tools/testing/selftests/prctl/Makefile
>> index c7923b205222..024e107b26ec 100644
>> --- a/tools/testing/selftests/prctl/Makefile
>> +++ b/tools/testing/selftests/prctl/Makefile
>> @@ -5,7 +5,7 @@ ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/)
>>  
>>  ifeq ($(ARCH),x86)
>>  TEST_PROGS := disable-tsc-ctxt-sw-stress-test disable-tsc-on-off-stress-test \
>> -		disable-tsc-test
>> +		disable-tsc-test hide-self-exe
>>  all: $(TEST_PROGS)
>>  
>>  include ../lib.mk
>> diff --git a/tools/testing/selftests/prctl/hide-self-exe.c b/tools/testing/selftests/prctl/hide-self-exe.c
>> new file mode 100644
>> index 000000000000..f86cef8e061c
>> --- /dev/null
>> +++ b/tools/testing/selftests/prctl/hide-self-exe.c
>> @@ -0,0 +1,101 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * Tests for prctl(PR_GET_HIDE_SELF_EXE, ...) / prctl(PR_SET_HIDE_SELF_EXE, ...)
>> + *
>> + */
>> +
>> +#include <stdio.h>
>> +#include <stdlib.h>
>> +#include <unistd.h>
>> +#include <signal.h>
>> +#include <inttypes.h>
>> +#include <errno.h>
>> +#include <fcntl.h>
>> +#include <sys/wait.h>
>> +
>> +#include <sys/prctl.h>
>> +#include <linux/prctl.h>
>> +
>> +#ifndef PR_SET_HIDE_SELF_EXE
>> +# define PR_SET_HIDE_SELF_EXE		65
>> +# define PR_GET_HIDE_SELF_EXE		66
>> +#endif
>> +
>> +int main(void)
>> +{
>> +	int status;
>> +	pid_t pid;
>> +	int ret;
>> +
>> +	ret = open("/proc/self/exe", O_RDONLY);
>> +	if (ret < 0) {
>> +		perror("open /proc/self/exe");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +	close(ret);
>> +
>> +	ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
>> +	if (ret != 0) {
>> +		perror("prctl(PR_GET_HIDE_SELF_EXE)");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +
>> +	ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
>> +	if (ret != 0) {
>> +		perror("prctl(PR_SET_HIDE_SELF_EXE)");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +
>> +	/* check it doesn't fail a second time.  */
>> +	ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
>> +	if (ret != 0) {
>> +		perror("prctl(PR_SET_HIDE_SELF_EXE)");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +
>> +	ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
>> +	if (ret != 1) {
>> +		perror("prctl(PR_GET_HIDE_SELF_EXE)");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +
>> +	ret = open("/proc/self/exe", O_RDONLY);
>> +	if (ret >= 0 || errno != ENOENT) {
>> +		perror("open /proc/self/exe succeeded");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +
>> +	pid = fork();
>> +	if (pid < 0) {
>> +		perror("fork");
>> +		exit(EXIT_FAILURE);
>> +	}
>> +	if (pid == 0) {
>> +		/* Verify that it is still unreachable after fork().  */
>> +		ret = open("/proc/self/exe", O_RDONLY);
>> +		if (ret >= 0 || errno != ENOENT)
>> +			exit(EXIT_FAILURE);
>> +		close(ret);
>> +
>> +		/* And that it cannot be unset.  */
>> +		ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
>
> Should this be PR_SET_HIDE_SELF_EXE?

you are right, thanks for spotting it!  I should test
PR_SET_HIDE_SELF_EXE not the getter.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ