lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230310112554.1261731-3-gscrivan@redhat.com>
Date:   Fri, 10 Mar 2023 12:25:54 +0100
From:   Giuseppe Scrivano <gscrivan@...hat.com>
To:     linux-kernel@...r.kernel.org
Cc:     keescook@...omium.org, bristot@...hat.com, ebiederm@...ssion.com,
        brauner@...nel.org, cyphar@...har.com, viro@...iv.linux.org.uk,
        walters@...bum.org, avagin@...il.com, alexl@...hat.com,
        peterz@...radead.org, bmasney@...hat.com, gscrivan@...hat.com
Subject: [PATCH v4 3/3] selftests: add tests for prctl(SET_HIDE_SELF_EXE)

Signed-off-by: Giuseppe Scrivano <gscrivan@...hat.com>
---
 tools/testing/selftests/prctl/Makefile        |   2 +-
 tools/testing/selftests/prctl/hide-self-exe.c | 193 ++++++++++++++++++
 2 files changed, 194 insertions(+), 1 deletion(-)
 create mode 100644 tools/testing/selftests/prctl/hide-self-exe.c

diff --git a/tools/testing/selftests/prctl/Makefile b/tools/testing/selftests/prctl/Makefile
index c7923b205222..024e107b26ec 100644
--- a/tools/testing/selftests/prctl/Makefile
+++ b/tools/testing/selftests/prctl/Makefile
@@ -5,7 +5,7 @@ ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/)
 
 ifeq ($(ARCH),x86)
 TEST_PROGS := disable-tsc-ctxt-sw-stress-test disable-tsc-on-off-stress-test \
-		disable-tsc-test
+		disable-tsc-test hide-self-exe
 all: $(TEST_PROGS)
 
 include ../lib.mk
diff --git a/tools/testing/selftests/prctl/hide-self-exe.c b/tools/testing/selftests/prctl/hide-self-exe.c
new file mode 100644
index 000000000000..d95a7671c1ab
--- /dev/null
+++ b/tools/testing/selftests/prctl/hide-self-exe.c
@@ -0,0 +1,193 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Tests for prctl(PR_GET_HIDE_SELF_EXE, ...) / prctl(PR_SET_HIDE_SELF_EXE, ...)
+ *
+ */
+
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <linux/prctl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/prctl.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+#ifndef PR_SET_HIDE_SELF_EXE
+# define PR_SET_HIDE_SELF_EXE		67
+# define PR_GET_HIDE_SELF_EXE		68
+#endif
+
+int main(void)
+{
+	char path[PATH_MAX];
+	struct dirent *ent;
+	int status;
+	pid_t pid;
+	DIR *dir;
+	int ret;
+
+	ret = open("/proc/self/exe", O_RDONLY);
+	if (ret < 0) {
+		perror("open /proc/self/exe");
+		exit(EXIT_FAILURE);
+	}
+	close(ret);
+
+	ret = prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_SET_DUMPABLE, SUID_DUMP_DISABLE)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_SET_DUMPABLE, SUID_DUMP_USER)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_GET_HIDE_SELF_EXE)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_SET_HIDE_SELF_EXE)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = prctl(PR_GET_DUMPABLE, 0, 0, 0, 0);
+	if (ret != 1) {
+		perror("prctl(PR_GET_DUMPABLE)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_SET_DUMPABLE, SUID_DUMP_DISABLE)");
+		exit(EXIT_FAILURE);
+	}
+
+	/* It is not permitted anymore.  */
+	ret = prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
+	if (ret == 0) {
+		perror("prctl(PR_SET_DUMPABLE, SUID_DUMP_USER)");
+		exit(EXIT_FAILURE);
+	}
+	/* It can only be disabled.  */
+	ret = prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_SET_DUMPABLE, SUID_DUMP_DISABLE)");
+		exit(EXIT_FAILURE);
+	}
+
+	/* check it doesn't fail a second time.  */
+	ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
+	if (ret != 0) {
+		perror("prctl(PR_SET_HIDE_SELF_EXE)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
+	if (ret != 1) {
+		perror("prctl(PR_GET_HIDE_SELF_EXE)");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = open("/proc/self/exe", O_RDONLY);
+	if (ret >= 0 || errno != EPERM) {
+		perror("open /proc/self/exe succeeded");
+		exit(EXIT_FAILURE);
+	}
+
+	ret = execl("/proc/self/exe", "/proc/self/exe", NULL);
+	if (ret >= 0 || errno != EPERM) {
+		perror("execl /proc/self/exe succeeded or wrong error");
+		exit(EXIT_FAILURE);
+	}
+
+	pid = fork();
+	if (pid < 0) {
+		perror("fork");
+		exit(EXIT_FAILURE);
+	}
+	if (pid == 0) {
+		/* It cannot be unset after a fork().  */
+		ret = prctl(PR_SET_HIDE_SELF_EXE, 0, 0, 0, 0);
+		if (ret == 0) {
+			perror("prctl(PR_SET_HIDE_SELF_EXE)");
+			exit(EXIT_FAILURE);
+		}
+
+		/* The getter still return the correct value.  */
+		ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0);
+		if (ret != 1) {
+			perror("prctl(PR_GET_HIDE_SELF_EXE)");
+			exit(EXIT_FAILURE);
+		}
+
+		/* It must be unreachable after fork().  */
+		ret = open("/proc/self/exe", O_RDONLY);
+		if (ret >= 0 || errno != EPERM) {
+			perror("open /proc/self/exe succeeded or wrong error");
+			exit(EXIT_FAILURE);
+		}
+
+		ret = execl("/proc/self/exe", "/proc/self/exe", NULL);
+		if (ret >= 0 || errno != EPERM) {
+			perror("execl /proc/self/exe succeeded wrong error");
+			exit(EXIT_FAILURE);
+		}
+
+		dir = opendir("/proc/self/map_files");
+		if (dir == NULL) {
+			perror("opendir /proc/self/map_files");
+			exit(EXIT_FAILURE);
+		}
+
+		while ((ent = readdir(dir)) != NULL) {
+			if (ent->d_name[0] == '.')
+				continue;
+
+			sprintf(path, "/proc/self/map_files/%s", ent->d_name);
+			ret = open(path, O_RDONLY);
+			if (ret >= 0 || errno != EPERM) {
+				perror("open /proc/self/map_files file succeeded or wrong error");
+				exit(EXIT_FAILURE);
+			}
+		}
+		closedir(dir);
+
+		/* It can be set again.  */
+		ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0);
+		if (ret != 0) {
+			perror("prctl(PR_SET_HIDE_SELF_EXE)");
+			exit(EXIT_FAILURE);
+		}
+
+		/* PR_SET_DUMPABLE must not be permitted.  */
+		ret = prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
+		if (ret == 0) {
+			perror("prctl(PR_SET_DUMPABLE, SUID_DUMP_USER)");
+			exit(EXIT_FAILURE);
+		}
+
+		/* HIDE_SELF_EXE is cleared after execve.  */
+		ret = system("cat /proc/self/exe > /dev/null");
+		exit(ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE);
+	}
+	if (waitpid(pid, &status, 0) != pid) {
+		perror("waitpid");
+		exit(EXIT_FAILURE);
+	}
+	if (status != 0) {
+		perror("child failed");
+		exit(EXIT_FAILURE);
+	}
+	exit(EXIT_SUCCESS);
+}
-- 
2.39.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ