| Message ID | 20250303050921.3033083-3-jeffxu@google.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | mseal system mappings | expand |
* jeffxu@chromium.org <jeffxu@chromium.org> [250303 00:09]: > From: Jeff Xu <jeffxu@chromium.org> > > Add code to detect if the vdso is memory sealed, skip the test > if it is. > > Signed-off-by: Jeff Xu <jeffxu@chromium.org> > Reviewed-by: Kees Cook <kees@kernel.org> > Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> > --- > .../testing/selftests/x86/test_mremap_vdso.c | 43 +++++++++++++++++++ > 1 file changed, 43 insertions(+) > > diff --git a/tools/testing/selftests/x86/test_mremap_vdso.c b/tools/testing/selftests/x86/test_mremap_vdso.c > index d53959e03593..94bee6e0c813 100644 > --- a/tools/testing/selftests/x86/test_mremap_vdso.c > +++ b/tools/testing/selftests/x86/test_mremap_vdso.c > @@ -14,6 +14,7 @@ > #include <errno.h> > #include <unistd.h> > #include <string.h> > +#include <stdbool.h> > > #include <sys/mman.h> > #include <sys/auxv.h> > @@ -55,13 +56,55 @@ static int try_to_remap(void *vdso_addr, unsigned long size) > > } > > +#define VDSO_NAME "[vdso]" > +#define VMFLAGS "VmFlags:" > +#define MSEAL_FLAGS "sl" > +#define MAX_LINE_LEN 512 > + > +bool vdso_sealed(FILE *maps) > +{ > + char line[MAX_LINE_LEN]; > + bool has_vdso = false; > + > + while (fgets(line, sizeof(line), maps)) { > + if (strstr(line, VDSO_NAME)) > + has_vdso = true; > + > + if (has_vdso && !strncmp(line, VMFLAGS, strlen(VMFLAGS))) { > + if (strstr(line, MSEAL_FLAGS)) > + return true; > + > + return false; > + } > + } > + > + return false; > +} > + > int main(int argc, char **argv, char **envp) > { > pid_t child; > + FILE *maps; > > ksft_print_header(); > ksft_set_plan(1); > > + maps = fopen("/proc/self/smaps", "r"); > + if (!maps) { > + ksft_test_result_skip( > + "Could not open /proc/self/smaps, errno=%d\n", > + errno); > + > + return 0; > + } > + > + if (vdso_sealed(maps)) { > + ksft_test_result_skip("vdso is sealed\n"); > + return 0; > + } > + > + fclose(maps); > + > child = fork(); > if (child == -1) > ksft_exit_fail_msg("failed to fork (%d): %m\n", errno); > -- > 2.48.1.711.g2feabab25a-goog >
diff --git a/tools/testing/selftests/x86/test_mremap_vdso.c b/tools/testing/selftests/x86/test_mremap_vdso.c index d53959e03593..94bee6e0c813 100644 --- a/tools/testing/selftests/x86/test_mremap_vdso.c +++ b/tools/testing/selftests/x86/test_mremap_vdso.c @@ -14,6 +14,7 @@ #include <errno.h> #include <unistd.h> #include <string.h> +#include <stdbool.h> #include <sys/mman.h> #include <sys/auxv.h> @@ -55,13 +56,55 @@ static int try_to_remap(void *vdso_addr, unsigned long size) } +#define VDSO_NAME "[vdso]" +#define VMFLAGS "VmFlags:" +#define MSEAL_FLAGS "sl" +#define MAX_LINE_LEN 512 + +bool vdso_sealed(FILE *maps) +{ + char line[MAX_LINE_LEN]; + bool has_vdso = false; + + while (fgets(line, sizeof(line), maps)) { + if (strstr(line, VDSO_NAME)) + has_vdso = true; + + if (has_vdso && !strncmp(line, VMFLAGS, strlen(VMFLAGS))) { + if (strstr(line, MSEAL_FLAGS)) + return true; + + return false; + } + } + + return false; +} + int main(int argc, char **argv, char **envp) { pid_t child; + FILE *maps; ksft_print_header(); ksft_set_plan(1); + maps = fopen("/proc/self/smaps", "r"); + if (!maps) { + ksft_test_result_skip( + "Could not open /proc/self/smaps, errno=%d\n", + errno); + + return 0; + } + + if (vdso_sealed(maps)) { + ksft_test_result_skip("vdso is sealed\n"); + return 0; + } + + fclose(maps); + child = fork(); if (child == -1) ksft_exit_fail_msg("failed to fork (%d): %m\n", errno);