lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <875y0x7f1m.fsf@linaro.org> Date: Sat, 16 Dec 2023 23:12:37 -0300 From: Thiago Jung Bauermann <thiago.bauermann@...aro.org> To: Mark Brown <broonie@...nel.org> Cc: Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, Jonathan Corbet <corbet@....net>, Andrew Morton <akpm@...ux-foundation.org>, Marc Zyngier <maz@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>, James Morse <james.morse@....com>, Suzuki K Poulose <suzuki.poulose@....com>, Arnd Bergmann <arnd@...db.de>, Oleg Nesterov <oleg@...hat.com>, Eric Biederman <ebiederm@...ssion.com>, Kees Cook <keescook@...omium.org>, Shuah Khan <shuah@...nel.org>, "Rick P. Edgecombe" <rick.p.edgecombe@...el.com>, Deepak Gupta <debug@...osinc.com>, Ard Biesheuvel <ardb@...nel.org>, Szabolcs Nagy <Szabolcs.Nagy@....com>, "H.J. Lu" <hjl.tools@...il.com>, Paul Walmsley <paul.walmsley@...ive.com>, Palmer Dabbelt <palmer@...belt.com>, Albert Ou <aou@...s.berkeley.edu>, Florian Weimer <fweimer@...hat.com>, Christian Brauner <brauner@...nel.org>, linux-arm-kernel@...ts.infradead.org, linux-doc@...r.kernel.org, kvmarm@...ts.linux.dev, linux-fsdevel@...r.kernel.org, linux-arch@...r.kernel.org, linux-mm@...ck.org, linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org, linux-riscv@...ts.infradead.org Subject: Re: [PATCH v7 36/39] selftests/arm64: Add GCS signal tests Mark Brown <broonie@...nel.org> writes: > diff --git a/tools/testing/selftests/arm64/signal/testcases/gcs_exception_fault.c b/tools/testing/selftests/arm64/signal/testcases/gcs_exception_fault.c > new file mode 100644 > index 000000000000..532d533592a1 > --- /dev/null > +++ b/tools/testing/selftests/arm64/signal/testcases/gcs_exception_fault.c > @@ -0,0 +1,59 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (C) 2023 ARM Limited > + */ > + > +#include <errno.h> > +#include <signal.h> > +#include <unistd.h> > + > +#include <sys/mman.h> > +#include <sys/prctl.h> > + > +#include "test_signals_utils.h" > +#include "testcases.h" > + > +/* This should be includable from some standard header, but which? */ > +#ifndef SEGV_CPERR > +#define SEGV_CPERR 10 > +#endif One suggestion is include/uapi/asm-generic/siginfo.h. It already has SEGV_MTEAERR and SEGV_MTESERR, as well as si_codes specific to other arches. >From there, it should find its way to glibc's sysdeps/unix/sysv/linux/bits/siginfo-consts.h. > +static int gcs_regs(struct tdescr *td, siginfo_t *si, ucontext_t *uc) > +{ > + size_t offset; > + struct _aarch64_ctx *head = GET_BUF_RESV_HEAD(context); > + struct gcs_context *gcs; > + unsigned long expected, gcspr; > + int ret; > + > + ret = prctl(PR_GET_SHADOW_STACK_STATUS, &expected, 0, 0, 0); > + if (ret != 0) { > + fprintf(stderr, "Unable to query GCS status\n"); > + return 1; > + } > + > + /* We expect a cap to be added to the GCS in the signal frame */ > + gcspr = get_gcspr_el0(); > + gcspr -= 8; > + fprintf(stderr, "Expecting GCSPR_EL0 %lx\n", gcspr); > + > + if (!get_current_context(td, &context.uc, sizeof(context))) { > + fprintf(stderr, "Failed getting context\n"); > + return 1; > + } At this point, before any function call is made, can the test check that *(gcspr + 8) == 0? This would detect the issue I mentioned in patch 24 of gcs_restore_signal() not zeroing the location of the cap. > + fprintf(stderr, "Got context\n"); > + > + head = get_header(head, GCS_MAGIC, GET_BUF_RESV_SIZE(context), > + &offset); > + if (!head) { > + fprintf(stderr, "No GCS context\n"); > + return 1; > + } > + > + gcs = (struct gcs_context *)head; > + > + /* Basic size validation is done in get_current_context() */ > + > + if (gcs->features_enabled != expected) { > + fprintf(stderr, "Features enabled %llx but expected %lx\n", > + gcs->features_enabled, expected); > + return 1; > + } > + > + if (gcs->gcspr != gcspr) { > + fprintf(stderr, "Got GCSPR %llx but expected %lx\n", > + gcs->gcspr, gcspr); > + return 1; > + } I suggest adding a new check here to ensure that gcs->reserved == 0. > + fprintf(stderr, "GCS context validated\n"); > + td->pass = 1; > + > + return 0; > +} > + > +struct tdescr tde = { > + .name = "GCS basics", > + .descr = "Validate a GCS signal context", > + .feats_required = FEAT_GCS, > + .timeout = 3, > + .run = gcs_regs, > +}; > diff --git a/tools/testing/selftests/arm64/signal/testcases/gcs_write_fault.c b/tools/testing/selftests/arm64/signal/testcases/gcs_write_fault.c > new file mode 100644 > index 000000000000..126b1a294a29 > --- /dev/null > +++ b/tools/testing/selftests/arm64/signal/testcases/gcs_write_fault.c > @@ -0,0 +1,67 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (C) 2023 ARM Limited > + */ > + > +#include <errno.h> > +#include <signal.h> > +#include <unistd.h> > + > +#include <sys/mman.h> > +#include <sys/prctl.h> > + > +#include "test_signals_utils.h" > +#include "testcases.h" > + > +static uint64_t *gcs_page; > + > +#ifndef __NR_map_shadow_stack > +#define __NR_map_shadow_stack 452 > +#endif > + > +static bool alloc_gcs(struct tdescr *td) > +{ > + long page_size = sysconf(_SC_PAGE_SIZE); > + > + gcs_page = (void *)syscall(__NR_map_shadow_stack, 0, > + page_size, 0); > + if (gcs_page == MAP_FAILED) { > + fprintf(stderr, "Failed to map %ld byte GCS: %d\n", > + page_size, errno); This call is failing with EINVAL for me: # timeout set to 45 # selftests: arm64/signal: gcs_write_fault # # GCS write fault :: Normal writes to a GCS segfault # Registered handlers for all signals. # Detected MINSTKSIGSZ:4720 # Required Features: [ GCS ] supported # Incompatible Features: [] absent # Failed to map 4096 byte GCS: 22 # FAILED Testcase initialization. # ==>> completed. FAIL(0) not ok 11 selftests: arm64/signal: gcs_write_fault # exit=1 > + return false; > + } > + > + return true; > +} -- Thiago
Powered by blists - more mailing lists