| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241227015205.1375680-3-isaacmanjarres@google.com>
Date: Thu, 26 Dec 2024 17:52:00 -0800
From: "Isaac J. Manjarres" <isaacmanjarres@...gle.com>
To: Jeff Layton <jlayton@...nel.org>, Chuck Lever <chuck.lever@...cle.com>,
Alexander Aring <alex.aring@...il.com>, Andrew Morton <akpm@...ux-foundation.org>,
Shuah Khan <shuah@...nel.org>
Cc: surenb@...gle.com, kaleshsingh@...gle.com, jstultz@...gle.com,
aliceryhl@...gle.com, jeffxu@...gle.com, kees@...nel.org,
"Isaac J. Manjarres" <isaacmanjarres@...gle.com>, kernel-team@...roid.com,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org, linux-kselftest@...r.kernel.org
Subject: [RFC PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FUTURE_EXEC
Add tests to ensure that F_SEAL_FUTURE_EXEC behaves as expected.
Signed-off-by: Isaac J. Manjarres <isaacmanjarres@...gle.com>
---
tools/testing/selftests/memfd/memfd_test.c | 79 ++++++++++++++++++++++
1 file changed, 79 insertions(+)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
index c0c53451a16d..abc213a5ce99 100644
--- a/tools/testing/selftests/memfd/memfd_test.c
+++ b/tools/testing/selftests/memfd/memfd_test.c
@@ -31,6 +31,7 @@
#define STACK_SIZE 65536
#define F_SEAL_EXEC 0x0020
+#define F_SEAL_FUTURE_EXEC 0x0040
#define F_WX_SEALS (F_SEAL_SHRINK | \
F_SEAL_GROW | \
@@ -318,6 +319,37 @@ static void *mfd_assert_mmap_private(int fd)
return p;
}
+static void *mfd_fail_mmap_exec(int fd)
+{
+ void *p;
+
+ p = mmap(NULL,
+ mfd_def_size,
+ PROT_EXEC,
+ MAP_SHARED,
+ fd,
+ 0);
+ if (p != MAP_FAILED) {
+ printf("mmap() didn't fail as expected\n");
+ abort();
+ }
+
+ return p;
+}
+
+static void mfd_fail_mprotect_exec(void *p)
+{
+ int ret;
+
+ ret = mprotect(p,
+ mfd_def_size,
+ PROT_EXEC);
+ if (!ret) {
+ printf("mprotect didn't fail as expected\n");
+ abort();
+ }
+}
+
static int mfd_assert_open(int fd, int flags, mode_t mode)
{
char buf[512];
@@ -998,6 +1030,52 @@ static void test_seal_future_write(void)
close(fd);
}
+/*
+ * Test SEAL_FUTURE_EXEC_MAPPING
+ * Test whether SEAL_FUTURE_EXEC_MAPPING actually prevents executable mappings.
+ */
+static void test_seal_future_exec_mapping(void)
+{
+ int fd;
+ void *p;
+
+
+ printf("%s SEAL-FUTURE-EXEC-MAPPING\n", memfd_str);
+
+ fd = mfd_assert_new("kern_memfd_seal_future_exec_mapping",
+ mfd_def_size,
+ MFD_CLOEXEC | MFD_ALLOW_SEALING);
+
+ /*
+ * PROT_READ | PROT_WRITE mappings create VMAs with VM_MAYEXEC set.
+ * However, F_SEAL_FUTURE_EXEC applies to subsequent mappings,
+ * so it should still succeed even if this mapping is active when the
+ * seal is applied.
+ */
+ p = mfd_assert_mmap_shared(fd);
+
+ mfd_assert_has_seals(fd, 0);
+
+ mfd_assert_add_seals(fd, F_SEAL_FUTURE_EXEC);
+ mfd_assert_has_seals(fd, F_SEAL_FUTURE_EXEC);
+
+ mfd_fail_mmap_exec(fd);
+
+ munmap(p, mfd_def_size);
+
+ /* Ensure that new mappings without PROT_EXEC work. */
+ p = mfd_assert_mmap_shared(fd);
+
+ /*
+ * Ensure that mappings created after the seal was applied cannot be
+ * made executable via mprotect().
+ */
+ mfd_fail_mprotect_exec(p);
+
+ munmap(p, mfd_def_size);
+ close(fd);
+}
+
static void test_seal_write_map_read_shared(void)
{
int fd;
@@ -1639,6 +1717,7 @@ int main(int argc, char **argv)
test_seal_shrink();
test_seal_grow();
test_seal_resize();
+ test_seal_future_exec_mapping();
if (pid_ns_supported()) {
test_sysctl_simple();
--
2.47.1.613.gc27f4b7a9f-goog
Powered by blists - more mailing lists