From patchwork Fri Dec 27 01:52:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Isaac Manjarres X-Patchwork-Id: 13921505 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42962E7718E for ; Fri, 27 Dec 2024 01:52:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B44276B008C; Thu, 26 Dec 2024 20:52:24 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id ACBA86B0092; Thu, 26 Dec 2024 20:52:24 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 96DA96B0093; Thu, 26 Dec 2024 20:52:24 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 76EC26B008C for ; Thu, 26 Dec 2024 20:52:24 -0500 (EST) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 110811601B5 for ; Fri, 27 Dec 2024 01:52:24 +0000 (UTC) X-FDA: 82939062570.13.B2EB33B Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) by imf22.hostedemail.com (Postfix) with ESMTP id 4A613C0003 for ; Fri, 27 Dec 2024 01:51:38 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=V0ZzFQkg; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf22.hostedemail.com: domain of 3VQhuZw4KCGAGQ88AK8LH8PPCQEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--isaacmanjarres.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=3VQhuZw4KCGAGQ88AK8LH8PPCQEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--isaacmanjarres.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1735264323; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9DO6BLM5CMOo/wBOU4R18TkGC6gkh5CUUEjeVIIwslA=; b=Ksn/DMxPrHwCEdRNbizyGk/5/Y95az9uEvCI521r9AL2Ch08WFWekLKW4hC4ba+bj0dkwX 8cRKG4W4r1kVQxb9uxBQ5SxqvMzA2s/ptxDdFnTl1cQpjbd8c+F+wiUKK7IfVUqUxw7Xj3 tMmF9TImsr6LZd0QJuKdo4tgt3+zB7w= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1735264323; a=rsa-sha256; cv=none; b=FE+wBLb+Em1oTWRhxFwv/25fjXf+fhdcYjoaYVq3f5wR+Omr+n3+dIBSK7EmulFkK8JMov nagUjJbiGgMGBxMR2icBAX+sg/JHeqURNOLFOVxP+A+dYn5iuc8qPF7GuAyPyTw7C+EgIO ue2B6N7j8jUqDFtsnW+GzL00XcgEkl0= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=V0ZzFQkg; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf22.hostedemail.com: domain of 3VQhuZw4KCGAGQ88AK8LH8PPCQEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--isaacmanjarres.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=3VQhuZw4KCGAGQ88AK8LH8PPCQEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--isaacmanjarres.bounces.google.com Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef909597d9so13220429a91.3 for ; Thu, 26 Dec 2024 17:52:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1735264341; x=1735869141; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=9DO6BLM5CMOo/wBOU4R18TkGC6gkh5CUUEjeVIIwslA=; b=V0ZzFQkg3PR4oV4rz6JXcSFEAzLgFHLeut/iPpK8BrCdLPp7oLBQ+bPQKDt+H6NHdb EywjPaapTJdZIV8Cx6D7dxZa+kv9jfCFriz71rA1Dv12eqy9JM8WdxPlkpnIZPRRaAHb PX0FjQykiAw0D+AXWWo2j6NWHwks40G2/NyRwpYrZnanxKxtOnfxQjoL3Y47c12tKPKA vxyenFbcMV9FjPDzsgUPaUuacdtBT+nc+w5HtaSdVZtEtU0VaxDnhJxsdr6VAgS7LJGl ENFRL6QGFcGhXBcbvjJ6O1ng3RxpSA/y/h7iqbKhlrSvlP5D4hIdI0Lp2ikxg3wTCzhz HK5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735264341; x=1735869141; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9DO6BLM5CMOo/wBOU4R18TkGC6gkh5CUUEjeVIIwslA=; b=DKjCducMMPeDP7J/KTgy+jv1uxkEzpvRE0Ay1Ner/2ff6wsbQPPlGqOS4umKhwaV7H 7mDe/zdLuknzqd2FV2HyN2TMrhJtrQdZAqL8pt4WQtECpLBaK2CBDx54WksiTIwug3BC KV966a3p8vURsCY7QWOuHxvmOMmNrj8D4RUgOUxWF2Y9844NhEAH8z1/qB/3PBwcbd69 HiuXBoTCxmv1xA1i00LIbdOf8nTxCHqjoLz+PvF9Pkcbprko1TTZlwNFZa2V59ceAxfX VjQD4p0fcO6NxNtNeamzXoYjEYuXrRuxzzB8RFrlU+LynfhIils8Op8T/3cD6raGpL66 eY3Q== X-Forwarded-Encrypted: i=1; AJvYcCXZhFuukR4EflK3xNlMem3caZrpPYaSD1nv2wuZmjYVuMqffwb9FQudNs3oa1XK6t95RG+B2K/0kg==@kvack.org X-Gm-Message-State: AOJu0YyY6muhDPlEW1ZIJLxGSY18RcXfsLK+HRFGLPcp4HCdihAHlkly bAItOLhFjuNgowXd9KSZAmPH5nghleDg48Qo/asrTKIpC6Yvvu1SOpTNe81f6/i3TXYhYjsNyxq Uk5yvwf7/r4Q+T9liWbR00IF5gjz+4gqXBA== X-Google-Smtp-Source: AGHT+IH4sl3E4JdQ3Zzj9j9rlWOFgu6cDoaF1zsaqwb/U//n/TSWDC0MOEarXx8wBC5QemWNASyhP4U5bzLV21KlRPbd6w== X-Received: from pfbbx13.prod.google.com ([2002:a05:6a00:428d:b0:725:a760:4c72]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:680b:b0:1e1:a0b6:9872 with SMTP id adf61e73a8af0-1e5e045a333mr37386543637.11.1735264341098; Thu, 26 Dec 2024 17:52:21 -0800 (PST) Date: Thu, 26 Dec 2024 17:52:00 -0800 In-Reply-To: <20241227015205.1375680-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20241227015205.1375680-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20241227015205.1375680-3-isaacmanjarres@google.com> Subject: [RFC PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FUTURE_EXEC From: "Isaac J. Manjarres" To: Jeff Layton , Chuck Lever , Alexander Aring , Andrew Morton , Shuah Khan Cc: surenb@google.com, kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, jeffxu@google.com, kees@kernel.org, "Isaac J. Manjarres" , kernel-team@android.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org X-Stat-Signature: z3u9f1gz8i6asdjji8o9d4zwibisuk1h X-Rspamd-Queue-Id: 4A613C0003 X-Rspam-User: X-Rspamd-Server: rspam01 X-HE-Tag: 1735264298-198701 X-HE-Meta: U2FsdGVkX196Ee7C/LXE6K0NCgxtzETDajor6K6iYqf7GubMxOCwel3TNAuLRwZi3bW4CSvtbNJ9v22TdBiBjPlyKXFUFRke2pA8A4kmFvnMbw7UTkYS0uSRwJ7nA+6t5BzFtbj3VhwqPLvp5B+SYpEGgkmAGAl0qH7MG8qfjrOZrmG8Inqt+PXFp+hSl11pUjNtUgDn69aWM0Tz5pBuG7xS8rPrnlcAETJLswGP/lvUyLIiz9pAAZNDRoX9G7CJpNQVGpdjia9HOhQX8/JvQZjKCCWPUTHxBBAuTRIYO8/cWjSIfivxkuSxt0Th/Pews9ESjHtGqw3Hgp+LtjfpUY3qtHdV746qbuUseuQN+QPP7zoaGHENmuQAsyYVmvE1GduCQSGxeKMQZQFz5e0Yn49QJNdWUk36C7rEQ44OrWgBcmif3vnnOTigDvT+Fh3XosS8mgW7VOS9qj3XtLDQrgTDIIWUCrtk+4nM+xRUs9ZTfC8pgK7wt0Wxq0PW1KvD5797iN2/qmFMgN/gWNGY9WBa3K3VsvAuqjt3XKHPvhG/J/MAg/8SKw89mMjf6qwU8DdWXze5fOkqSdyMuBhbAId3ozKyje0ihfmWyCJNUpBsJBuaXb4ZTERkDYgFDCz6iBxdzcWjqJZYHW0laTwopm3F6c3h1PowWk9qwuBJeFNPELuNdgJ99ronlpc+vLp3vP2BKTtmsrlZixIqnjd11QuAnp9+z991N+dQ1Qdpq2VpTWis7Ai9Wt6pl6WQNRG7ZzV/uF98X8bocEYIIUC9dIL3G5jmeb+Z7rOxawGeBmXYuaoB30Rui5f3FM8uDffWLqGBuqTWoIjpBa5WDvB19K2b31DNkllRbAuoAZP5uEat7eDBZQTDov6oIzotW6F01sdGx1vlAoLegwTKyB2EtnPtS+t6NM1c4i3W4LAoWcPJppFrhi6SQfQhe4/nAbDXIMN6n4mUgXYnun+ihVt tSb5QK3r Kmnx3Rkkbntr+GUJpDX086pV6ZVJZWg/PjVdx1Y+lOpF7ixRWmCwiaQdy342Wh9+5yw7ouXz6UguSCZCp5C9yGvmOaiXQ3wLhZwBugIntu/DOHTyCK+BmegJyX+gHvQ4WERUlzcUfi4ooOI0BL/k3cKfoQKkf+l0gRla/uaZxF5TdRzu5/m/yWg/xKNA5RbrOoXeqPYgFGHd8MAdkZ90aJfJ9zaKTy507Rj9RYcZ7ZVrmMy+Bn0ixZvhT5AiteFMjNjhoi64IsYdjLWxDnNOo+wiNF9XeE/bz/Ve2sdB+s+JqnJRh3bLHtsV8pWvsDWEniXSOOPs1XUBBPH8aXMxyeL0rGe3bhGsJs2EaNx0Xf6XL7Xo/TD0eVsIIJdHO66d3UcwJ3YxY/GbiJpLelZ6+iogKzpr42/PSSzGq/9PbDob8+kK1amH4N+vDiSHc4p3/9MEA8qAB+/UDyl0rGydstL5FiIPt0XMAHlXFsXzahSChoUf1NyugVyYjMsOU0qqwgd4g5PBe/tjJZR+Q/oUuztKzGyv1dZkayXVZpKjdAFHQJxk7rblk2QCgk/syfcju5h/kyK0tMrKjED1ebGVxpTAsPA4pIFKS7iVcgR7ZvwW4zhGmtaVd+rZl7ww7iScADo/P5UzCL5irt3PTTmr68WBcqRTqklHbQl79EC1XApa8LsNunWb6PJ32pVI9usksbSXliwv5hO2nPFp2v6g9bAJXTnWKnvs1QtKp X-Bogosity: Ham, tests=bogofilter, spamicity=0.000193, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Add tests to ensure that F_SEAL_FUTURE_EXEC behaves as expected. Signed-off-by: Isaac J. Manjarres Reviewed-by: Alice Ryhl --- tools/testing/selftests/memfd/memfd_test.c | 79 ++++++++++++++++++++++ 1 file changed, 79 insertions(+) diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index c0c53451a16d..abc213a5ce99 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -31,6 +31,7 @@ #define STACK_SIZE 65536 #define F_SEAL_EXEC 0x0020 +#define F_SEAL_FUTURE_EXEC 0x0040 #define F_WX_SEALS (F_SEAL_SHRINK | \ F_SEAL_GROW | \ @@ -318,6 +319,37 @@ static void *mfd_assert_mmap_private(int fd) return p; } +static void *mfd_fail_mmap_exec(int fd) +{ + void *p; + + p = mmap(NULL, + mfd_def_size, + PROT_EXEC, + MAP_SHARED, + fd, + 0); + if (p != MAP_FAILED) { + printf("mmap() didn't fail as expected\n"); + abort(); + } + + return p; +} + +static void mfd_fail_mprotect_exec(void *p) +{ + int ret; + + ret = mprotect(p, + mfd_def_size, + PROT_EXEC); + if (!ret) { + printf("mprotect didn't fail as expected\n"); + abort(); + } +} + static int mfd_assert_open(int fd, int flags, mode_t mode) { char buf[512]; @@ -998,6 +1030,52 @@ static void test_seal_future_write(void) close(fd); } +/* + * Test SEAL_FUTURE_EXEC_MAPPING + * Test whether SEAL_FUTURE_EXEC_MAPPING actually prevents executable mappings. + */ +static void test_seal_future_exec_mapping(void) +{ + int fd; + void *p; + + + printf("%s SEAL-FUTURE-EXEC-MAPPING\n", memfd_str); + + fd = mfd_assert_new("kern_memfd_seal_future_exec_mapping", + mfd_def_size, + MFD_CLOEXEC | MFD_ALLOW_SEALING); + + /* + * PROT_READ | PROT_WRITE mappings create VMAs with VM_MAYEXEC set. + * However, F_SEAL_FUTURE_EXEC applies to subsequent mappings, + * so it should still succeed even if this mapping is active when the + * seal is applied. + */ + p = mfd_assert_mmap_shared(fd); + + mfd_assert_has_seals(fd, 0); + + mfd_assert_add_seals(fd, F_SEAL_FUTURE_EXEC); + mfd_assert_has_seals(fd, F_SEAL_FUTURE_EXEC); + + mfd_fail_mmap_exec(fd); + + munmap(p, mfd_def_size); + + /* Ensure that new mappings without PROT_EXEC work. */ + p = mfd_assert_mmap_shared(fd); + + /* + * Ensure that mappings created after the seal was applied cannot be + * made executable via mprotect(). + */ + mfd_fail_mprotect_exec(p); + + munmap(p, mfd_def_size); + close(fd); +} + static void test_seal_write_map_read_shared(void) { int fd; @@ -1639,6 +1717,7 @@ int main(int argc, char **argv) test_seal_shrink(); test_seal_grow(); test_seal_resize(); + test_seal_future_exec_mapping(); if (pid_ns_supported()) { test_sysctl_simple();