2023-01-19 16:03:44 +00:00
|
|
|
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
|
|
|
|
|
|
#ifdef __aarch64__
|
|
|
|
|
#include <asm/hwcap.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#include <linux/mman.h>
|
|
|
|
|
#include <linux/prctl.h>
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <sys/auxv.h>
|
|
|
|
|
#include <sys/prctl.h>
|
|
|
|
|
#include <sys/wait.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
|
|
|
|
|
#include "../kselftest_harness.h"
|
|
|
|
|
|
|
|
|
|
#ifndef __aarch64__
|
|
|
|
|
# define PROT_BTI 0
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
TEST(prctl_flags)
|
|
|
|
|
{
|
2023-08-28 17:08:58 +02:00
|
|
|
EXPECT_LT(prctl(PR_SET_MDWE, PR_MDWE_NO_INHERIT, 0L, 0L, 7L), 0);
|
|
|
|
|
EXPECT_EQ(errno, EINVAL);
|
|
|
|
|
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_SET_MDWE, 7L, 0L, 0L, 0L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_SET_MDWE, 0L, 7L, 0L, 0L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_SET_MDWE, 0L, 0L, 7L, 0L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_SET_MDWE, 0L, 0L, 0L, 7L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
|
|
|
|
|
EXPECT_LT(prctl(PR_GET_MDWE, 7L, 0L, 0L, 0L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_GET_MDWE, 0L, 7L, 0L, 0L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_GET_MDWE, 0L, 0L, 7L, 0L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(prctl(PR_GET_MDWE, 0L, 0L, 0L, 7L), 0);
|
2023-08-28 17:08:55 +02:00
|
|
|
EXPECT_EQ(errno, EINVAL);
|
2023-01-19 16:03:44 +00:00
|
|
|
}
|
|
|
|
|
|
2023-08-28 17:08:58 +02:00
|
|
|
FIXTURE(consecutive_prctl_flags) {};
|
|
|
|
|
FIXTURE_SETUP(consecutive_prctl_flags) {}
|
|
|
|
|
FIXTURE_TEARDOWN(consecutive_prctl_flags) {}
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT(consecutive_prctl_flags)
|
|
|
|
|
{
|
|
|
|
|
unsigned long first_flags;
|
|
|
|
|
unsigned long second_flags;
|
|
|
|
|
bool should_work;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, can_keep_no_flags)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = 0,
|
|
|
|
|
.second_flags = 0,
|
|
|
|
|
.should_work = true,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, can_keep_exec_gain)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = PR_MDWE_REFUSE_EXEC_GAIN,
|
|
|
|
|
.second_flags = PR_MDWE_REFUSE_EXEC_GAIN,
|
|
|
|
|
.should_work = true,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, can_keep_both_flags)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT,
|
|
|
|
|
.second_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT,
|
|
|
|
|
.should_work = true,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_disable_mdwe)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = PR_MDWE_REFUSE_EXEC_GAIN,
|
|
|
|
|
.second_flags = 0,
|
|
|
|
|
.should_work = false,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_disable_mdwe_no_inherit)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT,
|
|
|
|
|
.second_flags = 0,
|
|
|
|
|
.should_work = false,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_disable_no_inherit)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT,
|
|
|
|
|
.second_flags = PR_MDWE_REFUSE_EXEC_GAIN,
|
|
|
|
|
.should_work = false,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_enable_no_inherit)
|
|
|
|
|
{
|
|
|
|
|
.first_flags = PR_MDWE_REFUSE_EXEC_GAIN,
|
|
|
|
|
.second_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT,
|
|
|
|
|
.should_work = false,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
TEST_F(consecutive_prctl_flags, two_prctls)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
EXPECT_EQ(prctl(PR_SET_MDWE, variant->first_flags, 0L, 0L, 0L), 0);
|
|
|
|
|
|
|
|
|
|
ret = prctl(PR_SET_MDWE, variant->second_flags, 0L, 0L, 0L);
|
|
|
|
|
if (variant->should_work) {
|
|
|
|
|
EXPECT_EQ(ret, 0);
|
|
|
|
|
|
|
|
|
|
ret = prctl(PR_GET_MDWE, 0L, 0L, 0L, 0L);
|
|
|
|
|
ASSERT_EQ(ret, variant->second_flags);
|
|
|
|
|
} else {
|
|
|
|
|
EXPECT_NE(ret, 0);
|
|
|
|
|
ASSERT_EQ(errno, EPERM);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-19 16:03:44 +00:00
|
|
|
FIXTURE(mdwe)
|
|
|
|
|
{
|
|
|
|
|
void *p;
|
|
|
|
|
int flags;
|
|
|
|
|
size_t size;
|
|
|
|
|
pid_t pid;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT(mdwe)
|
|
|
|
|
{
|
|
|
|
|
bool enabled;
|
|
|
|
|
bool forked;
|
2023-08-28 17:08:58 +02:00
|
|
|
bool inherit;
|
2023-01-19 16:03:44 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(mdwe, stock)
|
|
|
|
|
{
|
2023-08-28 17:08:53 +02:00
|
|
|
.enabled = false,
|
2023-01-19 16:03:44 +00:00
|
|
|
.forked = false,
|
2023-08-28 17:08:58 +02:00
|
|
|
.inherit = false,
|
2023-01-19 16:03:44 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
FIXTURE_VARIANT_ADD(mdwe, enabled)
|
|
|
|
|
{
|
2023-08-28 17:08:53 +02:00
|
|
|
.enabled = true,
|
2023-01-19 16:03:44 +00:00
|
|
|
.forked = false,
|
2023-08-28 17:08:58 +02:00
|
|
|
.inherit = true,
|
2023-01-19 16:03:44 +00:00
|
|
|
};
|
|
|
|
|
|
2023-08-28 17:08:58 +02:00
|
|
|
FIXTURE_VARIANT_ADD(mdwe, inherited)
|
2023-01-19 16:03:44 +00:00
|
|
|
{
|
2023-08-28 17:08:53 +02:00
|
|
|
.enabled = true,
|
2023-01-19 16:03:44 +00:00
|
|
|
.forked = true,
|
2023-08-28 17:08:58 +02:00
|
|
|
.inherit = true,
|
2023-01-19 16:03:44 +00:00
|
|
|
};
|
|
|
|
|
|
2023-08-28 17:08:58 +02:00
|
|
|
FIXTURE_VARIANT_ADD(mdwe, not_inherited)
|
|
|
|
|
{
|
|
|
|
|
.enabled = true,
|
|
|
|
|
.forked = true,
|
|
|
|
|
.inherit = false,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static bool executable_map_should_fail(const FIXTURE_VARIANT(mdwe) *variant)
|
|
|
|
|
{
|
|
|
|
|
return variant->enabled && (!variant->forked || variant->inherit);
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-19 16:03:44 +00:00
|
|
|
FIXTURE_SETUP(mdwe)
|
|
|
|
|
{
|
2023-08-28 17:08:58 +02:00
|
|
|
unsigned long mdwe_flags;
|
2023-01-19 16:03:44 +00:00
|
|
|
int ret, status;
|
|
|
|
|
|
|
|
|
|
self->p = NULL;
|
|
|
|
|
self->flags = MAP_SHARED | MAP_ANONYMOUS;
|
|
|
|
|
self->size = getpagesize();
|
|
|
|
|
|
|
|
|
|
if (!variant->enabled)
|
|
|
|
|
return;
|
|
|
|
|
|
2023-08-28 17:08:58 +02:00
|
|
|
mdwe_flags = PR_MDWE_REFUSE_EXEC_GAIN;
|
|
|
|
|
if (!variant->inherit)
|
|
|
|
|
mdwe_flags |= PR_MDWE_NO_INHERIT;
|
|
|
|
|
|
|
|
|
|
ret = prctl(PR_SET_MDWE, mdwe_flags, 0L, 0L, 0L);
|
2023-01-19 16:03:44 +00:00
|
|
|
ASSERT_EQ(ret, 0) {
|
|
|
|
|
TH_LOG("PR_SET_MDWE failed or unsupported");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = prctl(PR_GET_MDWE, 0L, 0L, 0L, 0L);
|
2023-08-28 17:08:58 +02:00
|
|
|
ASSERT_EQ(ret, mdwe_flags);
|
2023-01-19 16:03:44 +00:00
|
|
|
|
|
|
|
|
if (variant->forked) {
|
|
|
|
|
self->pid = fork();
|
|
|
|
|
ASSERT_GE(self->pid, 0) {
|
|
|
|
|
TH_LOG("fork failed\n");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (self->pid > 0) {
|
|
|
|
|
ret = waitpid(self->pid, &status, 0);
|
|
|
|
|
ASSERT_TRUE(WIFEXITED(status));
|
|
|
|
|
exit(WEXITSTATUS(status));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
FIXTURE_TEARDOWN(mdwe)
|
|
|
|
|
{
|
|
|
|
|
if (self->p && self->p != MAP_FAILED)
|
|
|
|
|
munmap(self->p, self->size);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, mmap_READ_EXEC)
|
|
|
|
|
{
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_READ | PROT_EXEC, self->flags, 0, 0);
|
|
|
|
|
EXPECT_NE(self->p, MAP_FAILED);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, mmap_WRITE_EXEC)
|
|
|
|
|
{
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_WRITE | PROT_EXEC, self->flags, 0, 0);
|
2023-08-28 17:08:58 +02:00
|
|
|
if (executable_map_should_fail(variant)) {
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_EQ(self->p, MAP_FAILED);
|
|
|
|
|
} else {
|
|
|
|
|
EXPECT_NE(self->p, MAP_FAILED);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, mprotect_stay_EXEC)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_READ | PROT_EXEC, self->flags, 0, 0);
|
|
|
|
|
ASSERT_NE(self->p, MAP_FAILED);
|
|
|
|
|
|
|
|
|
|
ret = mprotect(self->p, self->size, PROT_READ | PROT_EXEC);
|
|
|
|
|
EXPECT_EQ(ret, 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, mprotect_add_EXEC)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_READ, self->flags, 0, 0);
|
|
|
|
|
ASSERT_NE(self->p, MAP_FAILED);
|
|
|
|
|
|
|
|
|
|
ret = mprotect(self->p, self->size, PROT_READ | PROT_EXEC);
|
2023-08-28 17:08:58 +02:00
|
|
|
if (executable_map_should_fail(variant)) {
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(ret, 0);
|
|
|
|
|
} else {
|
|
|
|
|
EXPECT_EQ(ret, 0);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, mprotect_WRITE_EXEC)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_WRITE, self->flags, 0, 0);
|
|
|
|
|
ASSERT_NE(self->p, MAP_FAILED);
|
|
|
|
|
|
|
|
|
|
ret = mprotect(self->p, self->size, PROT_WRITE | PROT_EXEC);
|
2023-08-28 17:08:58 +02:00
|
|
|
if (executable_map_should_fail(variant)) {
|
2023-01-19 16:03:44 +00:00
|
|
|
EXPECT_LT(ret, 0);
|
|
|
|
|
} else {
|
|
|
|
|
EXPECT_EQ(ret, 0);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, mmap_FIXED)
|
|
|
|
|
{
|
2023-03-08 19:04:22 +00:00
|
|
|
void *p;
|
2023-01-19 16:03:44 +00:00
|
|
|
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_READ, self->flags, 0, 0);
|
|
|
|
|
ASSERT_NE(self->p, MAP_FAILED);
|
|
|
|
|
|
2023-08-28 17:08:54 +02:00
|
|
|
/* MAP_FIXED unmaps the existing page before mapping which is allowed */
|
|
|
|
|
p = mmap(self->p, self->size, PROT_READ | PROT_EXEC,
|
2023-01-19 16:03:44 +00:00
|
|
|
self->flags | MAP_FIXED, 0, 0);
|
2023-08-28 17:08:54 +02:00
|
|
|
EXPECT_EQ(p, self->p);
|
2023-01-19 16:03:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_F(mdwe, arm64_BTI)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
#ifdef __aarch64__
|
|
|
|
|
if (!(getauxval(AT_HWCAP2) & HWCAP2_BTI))
|
|
|
|
|
#endif
|
|
|
|
|
SKIP(return, "HWCAP2_BTI not supported");
|
|
|
|
|
|
|
|
|
|
self->p = mmap(NULL, self->size, PROT_EXEC, self->flags, 0, 0);
|
|
|
|
|
ASSERT_NE(self->p, MAP_FAILED);
|
|
|
|
|
|
|
|
|
|
ret = mprotect(self->p, self->size, PROT_EXEC | PROT_BTI);
|
|
|
|
|
EXPECT_EQ(ret, 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST_HARNESS_MAIN
|
