From patchwork Wed Dec 11 05:33:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13902942 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B0D86E7717D for ; Wed, 11 Dec 2024 05:33:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2425F8D0016; Wed, 11 Dec 2024 00:33:18 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2186A8D0013; Wed, 11 Dec 2024 00:33:18 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0B8A38D0016; Wed, 11 Dec 2024 00:33:17 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id B962D8D0013 for ; Wed, 11 Dec 2024 00:33:17 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 635CA1601BC for ; Wed, 11 Dec 2024 05:33:17 +0000 (UTC) X-FDA: 82881558690.09.97A77FA Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by imf19.hostedemail.com (Postfix) with ESMTP id 425BF1A000B for ; Wed, 11 Dec 2024 05:32:51 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="bdbL/dqD"; spf=pass (imf19.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.181 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1733895180; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=iL0S77s8sue7wDSiMx9oEAzjFbMEM/4/98X0yr6AQos=; b=vM4WO7jLudl0F/m7koWVSj6L0SHcDp+fG/QXKnanUTwvlfdMFWwlTm2lR2mn2wZTeC6cMc 7EbZ1tRQaTsRD7U5HB1/KLijRglgJn56eVKWQ2dX8KGZYh11ZRshir2EIXT95yv+izP3sJ OcfqgzciCozvbey5DghczwpfLF7ggGM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1733895180; a=rsa-sha256; cv=none; b=r67Zsp5Xq2BivxdTLeySoBgCS7JqqbF8iIRVmjZCtGUoBLAQM7Sq3oo4SUePBna5404kr8 28k1KStuLXKTDA7cxhZmsapcAfsj06xhDXcuWu7p46i6O5hoYk3OqBQpcGxY+aEq9Tltsz TigCcSv+JS57gZcajgNw/rl9/1/cygw= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="bdbL/dqD"; spf=pass (imf19.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.181 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-21564262babso6755755ad.3 for ; Tue, 10 Dec 2024 21:33:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1733895194; x=1734499994; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=iL0S77s8sue7wDSiMx9oEAzjFbMEM/4/98X0yr6AQos=; b=bdbL/dqDYS9I0cfLxXk8bKvtOwK/26NMDwKkSQM5UFdXBj0aXKlt68N/DkGYtKKWWQ M899mej1eerkN1nNJ6fqOeBJGYH5eAGLCf0qGFFj8in5fD1AD+tJF4XkGllpmnjo2/d/ TBzTFF0YMIUJtGU5LfWfdHigdh3Ts89SKZVA4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733895194; x=1734499994; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iL0S77s8sue7wDSiMx9oEAzjFbMEM/4/98X0yr6AQos=; b=sjRFeeULwZx5bvOHXuoMo/yUouTr5YjQFDB3JiweYiH1QtzDSIzUIBkcBc2GJdhisa kGCOweVPC2OM8STOFMb2Mkb6pZzAQacrMunJFZVDlfUi+YxhPQMHrTBrnjXAwXYuxWjc C/Qdw4BBDFVSp9gZ9/KGHcyFKdhd8PMZI9EhQqgKahz9RQ62DZOJEuZoklWD484eqh90 OkKokEGpIVXiFfu1mx0k5+lOod/+KpgP4vkcpjejsTQSCil/vYq2mqiku5PLGsG4shLC nvhL7IU0UfvJH2Href9QUdo39bu/AxsC+iAMWPinHbuX5Q/M6fsEH3SR4bO+VXSURBD6 uS8A== X-Forwarded-Encrypted: i=1; AJvYcCVosI9icwF8f2V9x4cpor4gm7RWccg4vtGZF1tXF7B7tUqSUVlTLRYBVpZPCS+Wczg+v+VoPa5OoQ==@kvack.org X-Gm-Message-State: AOJu0YwgEasjAa4oJ8Q5rtsdVcikJJx3Uo2S1s1bKnisrDF9VY6aap5k jLPJXXl6fD8KBejr4orvoLflPeMSb/FG08WLKUR4/cy+/lqdiP64as4rajIQvg== X-Gm-Gg: ASbGncsUIrRD3KoqA4+GzNC+T/M8YCaHXEpiggcX69sfM2jqUmjFiBlzpvcmvf24tsz VngToxJtB0ihQUoyaPDS8jbtIME9gURuzKbrsuh2jR6Qe061y2c/Pm5VgmR7QOw5klks2Gpiyrn sXKPp3TwCtaC31y+CNkLUbm9BgpvjYjSExUidGQPF9rZJUkFpQf906xXcGq0pnMOltPPoCxOAhH lQ3pVF8g/hlFsatkqz1JJlVR1LeOWSGBFBWKzSgaGhjBkPzCZrzL2jZ+uhbAqX9EB4F4mr5NGcq dWd7aX/I4Ajlig0= X-Google-Smtp-Source: AGHT+IEodioB8WIDbacAHjqbGik1UB8Zl0dTrnRUlOKRwzSo0V/bCLKhgz9DK/mJjkSKbCn4PnTMlA== X-Received: by 2002:a17:902:ec84:b0:215:5926:2db2 with SMTP id d9443c01a7336-2177851de76mr10375475ad.7.1733895194123; Tue, 10 Dec 2024 21:33:14 -0800 (PST) Received: from localhost (238.76.127.34.bc.googleusercontent.com. [34.127.76.238]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-2162b13d486sm66496625ad.191.2024.12.10.21.33.13 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 10 Dec 2024 21:33:13 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, broonie@kernel.org, skhan@linuxfoundation.org Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, keescook@chromium.org, pedro.falcato@gmail.com, rdunlap@infradead.org, jannh@google.com, Jeff Xu Subject: [RFC PATCH v1 1/1] selftest/mm: refactor mseal_test Date: Wed, 11 Dec 2024 05:33:11 +0000 Message-ID: <20241211053311.245636-2-jeffxu@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog In-Reply-To: <20241211053311.245636-1-jeffxu@google.com> References: <20241211053311.245636-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 425BF1A000B X-Stat-Signature: wxhf7mmtz7kq1fudgpt33gs9357rzaza X-Rspam-User: X-HE-Tag: 1733895171-233476 X-HE-Meta: U2FsdGVkX1+9c9WHD4nIq7EUvwcdRxRYk/Aq+ohcE6UZ1KiUxvhjIyUW7xTgyE8gbl+tEeVM8lCbjjOAkolDTeaUo3WNJ4WXKGYpo6HWmaRBFa0tK0Qh3gm2jFqiFGwDTKH/LdflLumqmTwuzYLefZx+cPzKwa1tW5rR2eLcPmeW3dCkgPjNT7yRi/rF9wtZmJqV4hHXG6TBv/LM5hqeYLdemJwjb0HOmgMiVAikTj/bndonm36Q83MROEazBDhR0OjH/zbwqFBrDJSHJ5niUuzd5/oKqM2JHMYO9Isr8NT8GkTJkBybl49ePxEjDq5QBag/nauj/xIWPd1rZV/9fPHiY/8/kFObJr4ZrD2ixha11R+0M4f6GcPOV5ZZ4+9uVcnJzkMsj+LAAu4Z2pIaDQ11wKpLvVprSjZebGTHmyN7QKLatYk3twNFDlkLJ9yCStqvzHqzVll9lM8brb3yPDrhd8ehabKM7i+2vxow+z0GF+9liC9zt4f3fj+5r47CaABhNXPQP2O85EP6p1hdDDLI5chm96szJn5ewrT2sad5ZPL9l3ggrzlDeAIflH8LbBOzzSUDgb+u3azCuHmYuB2TIg9NODYuxXOcT6nx50RjxCYXSk854VFhPpH/IgqNyyKOuDFDFy7Y3/obEN1sqZ0cWIPVWKG3w6l40sU+QUZzZzh7+LS9fdOHbQKX1DZ0OCqDihLj29U7uAPyIECsR8np6aemzMhLGWzSYyqteuAlCjRV8MO1krrtLC9VjMozZ2b0P7n2yXKWidl11+2KyIu1dd3sa4KvfThxXG8hJucikPv+xSl4/24r1j5imG2QTPxIQgTm/pum/St69rIBPXSPvqvAV98Y1rEjpu1Tpt8WYoLY1Za/sdYtSgiwIepfOBJUIesMNavputrygrJcIk/Ut9DUT3vgGCRATObFgmET3LHBDR2GJjOARmqAq6nJcIFC5A3aeHjFh0vZcgG PTT+26fj KhjRMlu/qWvgaMqsRgCs9YdN8DATZX4lI1Zw0nnrx1uPK+ZPN0HJ5r+Db76ZN7P7rS8zn9oD99aJAIsNYiW2xKLA5Xe3C4NvPzNn99S8QkVaY6PjU+itXlIJfDfeUvYqDe6b7N6+/8wLib4EnB0sU//n1Rvd1m5C2afn7mQnlNvppxkuf2nuroqksm3OhQq6FHySs15agMTp3EZpyJFj4MtiVKkyDE6gbHPAYf/USHwItIck4z0tZ1k6uA5lBZtORqp8HqXwSWKzrAibS542MMJ4oAIanmc8GIsE4VKao3SBsQ5m4kJ7XWHpIYHIG+36PR3pIU0JH3Yu9bk9NP3rtWaL8pNU17e6P3gRVqxPcE/Ydh//htFcVutUGB4kYpNb8hoolO/BacfuYSLZmo9Zum0BCPERZilcBkee5E2RA5Y6eQbArDlMmuO4tVKH22kv+pku6NIifBJt1ffA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000002, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu This change creates the initial version of memorysealing.c. The introduction of memorysealing.c, which replaces mseal_test.c and uses the kselftest_harness, aims to initiate a discussion on using the selftest harness for memory sealing tests. Upon approval of this approach, the migration of tests from mseal_test.c to memorysealing.c can be implemented in a step-by-step manner. This tests addresses following feedback from previous reviews: 1> Use kselftest_harness instead of custom macro, such as EXPECT_XX, ASSERT_XX, etc. (Lorenzo Stoakes, Mark Brown) [1] 2> Use MAP_FAILED to check the return of mmap (Lorenzo Stoakes). 3> Adding a check for vma size and prot bits. The discussion for this can be found in [2] [3], here is a brief summary: This is to follow up on Pedro’s in-loop change (from can_modify_mm to can_modify_vma). When mseal_test is initially created, they have a common pattern: setup memory layout, seal the memory, perform a few mm-api steps, verify return code (not zero). Because of the nature of out-of-loop, it is sufficient to just verify the error code in a few cases. With Pedro's in-loop change, the sealing check happens later in the stack, thus there are more things and scenarios to verify. And there was feedbacks to me that mseal_test should be extensive enough to discover all regressions. Hence I'm adding check for vma size and prot bits. In this change: we created two fixtures: Fixture basic: This creates a single VMA, the VMA has a PROT_NONE page at each end to prevent auto-merging. Fixture wo_vma: Two VMAs back to end, a PROT_NONE page at each end to prevent auto-merging. In addition, I add one test (mprotec) in each fixture to demo the tests. [1] https://lore.kernel.org/all/20240830180237.1220027-5-jeffxu@chromium.org/ [2] https://lore.kernel.org/all/CABi2SkUgDZtJtRJe+J9UNdtZn=EQzZcbMB685P=1rR7DUhg=6Q@mail.gmail.com/ [3] https://lore.kernel.org/all/2qywbjb5ebtgwkh354w3lj3vhaothvubjokxq5fhyri5jeeton@duqngzo3swjz/ Signed-off-by: Jeff Xu --- tools/testing/selftests/mm/.gitignore | 1 + tools/testing/selftests/mm/Makefile | 1 + tools/testing/selftests/mm/memorysealing.c | 182 +++++++++++++++++++++ tools/testing/selftests/mm/memorysealing.h | 116 +++++++++++++ tools/testing/selftests/mm/mseal_test.c | 67 +------- 5 files changed, 301 insertions(+), 66 deletions(-) create mode 100644 tools/testing/selftests/mm/memorysealing.c create mode 100644 tools/testing/selftests/mm/memorysealing.h diff --git a/tools/testing/selftests/mm/.gitignore b/tools/testing/selftests/mm/.gitignore index a51a947b2d1d..982234a99f20 100644 --- a/tools/testing/selftests/mm/.gitignore +++ b/tools/testing/selftests/mm/.gitignore @@ -57,3 +57,4 @@ hugetlb_dio pkey_sighandler_tests_32 pkey_sighandler_tests_64 guard-pages +memorysealing diff --git a/tools/testing/selftests/mm/Makefile b/tools/testing/selftests/mm/Makefile index 93a46ac633df..08876624f46d 100644 --- a/tools/testing/selftests/mm/Makefile +++ b/tools/testing/selftests/mm/Makefile @@ -67,6 +67,7 @@ TEST_GEN_FILES += map_populate ifneq (,$(filter $(ARCH),arm64 riscv riscv64 x86 x86_64)) TEST_GEN_FILES += memfd_secret endif +TEST_GEN_FILES += memorysealing TEST_GEN_FILES += migration TEST_GEN_FILES += mkdirty TEST_GEN_FILES += mlock-random-test diff --git a/tools/testing/selftests/mm/memorysealing.c b/tools/testing/selftests/mm/memorysealing.c new file mode 100644 index 000000000000..e10032528b64 --- /dev/null +++ b/tools/testing/selftests/mm/memorysealing.c @@ -0,0 +1,182 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +#define _GNU_SOURCE +#include "../kselftest_harness.h" +#include +#include +#include +#include "memorysealing.h" + +/* + * To avoid auto-merging, create a VMA with PROT_NONE pages at each end. + * If unsuccessful, return MAP_FAILED. + */ +static void *setup_single_address(int size, int prot) +{ + int ret; + void *ptr; + unsigned long page_size = getpagesize(); + + ptr = mmap(NULL, size + 2 * page_size, prot, + MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + + if (ptr == MAP_FAILED) + return MAP_FAILED; + + /* To avoid auto-merging, change to PROT_NONE at each end. */ + ret = sys_mprotect(ptr, page_size, PROT_NONE); + if (ret != 0) + return MAP_FAILED; + + ret = sys_mprotect(ptr + size + page_size, page_size, PROT_NONE); + if (ret != 0) + return MAP_FAILED; + + return ptr + page_size; +} + +FIXTURE(basic) +{ + unsigned long page_size; + unsigned long size; + void *ptr; +}; + +/* + * Setup for basic: + * Single VMA with 4 pages, prot = (PROT_READ | PROT_WRITE). + */ +FIXTURE_SETUP(basic) +{ + int prot; + + self->page_size = getpagesize(); + + if (!mseal_supported()) + SKIP(return, "mseal is not supported"); + + /* Create a single VMA with 4 pages, prot as PROT_READ | PROT_WRITE. */ + self->size = self->page_size * 4; + self->ptr = setup_single_address(self->size, PROT_READ | PROT_WRITE); + EXPECT_NE(self->ptr, MAP_FAILED); + + EXPECT_EQ(self->size, get_vma_size(self->ptr, &prot)); + EXPECT_EQ(PROT_READ | PROT_WRITE, prot); +}; + +FIXTURE_TEARDOWN(basic) +{ +} + +FIXTURE(two_vma) +{ + unsigned long page_size; + unsigned long size; + void *ptr; +}; + +/* + * Setup for two_vma: + * Two consecutive VMAs, each with 2 pages. + * The first VMA: prot = PROT_READ. + * The second VMA: prot = (PROT_READ | PROT_WRITE). + */ +FIXTURE_SETUP(two_vma) +{ + int prot; + int ret; + + self->page_size = getpagesize(); + + if (!mseal_supported()) + SKIP(return, "mseal is not supported"); + + /* Create a single VMA with 4 pages, prot as PROT_READ | PROT_WRITE. */ + self->size = getpagesize() * 4; + self->ptr = setup_single_address(self->size, PROT_READ | PROT_WRITE); + EXPECT_NE(self->ptr, MAP_FAILED); + + /* Use mprotect to split as two VMA. */ + ret = sys_mprotect(self->ptr, self->page_size * 2, PROT_READ); + ASSERT_EQ(ret, 0); + + /* Verify the first VMA is 2 pages and prot bits */ + EXPECT_EQ(self->page_size * 2, get_vma_size(self->ptr, &prot)); + EXPECT_EQ(PROT_READ, prot); + + /* Verify the second VMA is 2 pages and prot bits */ + EXPECT_EQ(self->page_size * 2, + get_vma_size(self->ptr + self->page_size * 2, &prot)); + EXPECT_EQ(PROT_READ | PROT_WRITE, prot); +}; + +FIXTURE_TEARDOWN(two_vma) +{ +} + +/* + * Verify mprotect is blocked. + */ +TEST_F(basic, mprotect_basic) +{ + int ret; + unsigned long size; + int prot; + + /* Seal the mapping. */ + ret = sys_mseal(self->ptr, self->size, 0); + ASSERT_EQ(ret, 0); + + /* Verify mprotect is blocked. */ + ret = sys_mprotect(self->ptr, self->size, PROT_READ); + EXPECT_GT(0, ret); + EXPECT_EQ(EPERM, errno); + + /* Verify the VMA (sealed) isn't changed */ + size = get_vma_size(self->ptr, &prot); + EXPECT_EQ(self->size, size); + EXPECT_EQ(PROT_READ | PROT_WRITE, prot); +} + +/* + * Seal both VMAs in one mseal call. + * Verify mprotect is blocked on both VMAs in various cases. + */ +TEST_F(two_vma, mprotect) +{ + int ret; + int prot; + unsigned long size; + + /* Seal both VMAs in one mseal call. */ + ret = sys_mseal(self->ptr, self->size, 0); + ASSERT_EQ(ret, 0); + + /* Verify mprotect is rejected on the first VMA. */ + ret = sys_mprotect(self->ptr, self->page_size * 2, + PROT_READ | PROT_EXEC); + EXPECT_GT(0, ret); + EXPECT_EQ(EPERM, errno); + + /* Verify mprotect is rejected on the second VMA. */ + ret = sys_mprotect(self->ptr, self->page_size * 2, + PROT_READ | PROT_EXEC); + EXPECT_GT(0, ret); + EXPECT_EQ(EPERM, errno); + + /* Attempt of mprotect two VMAs at the same call is blocked */ + ret = sys_mprotect(self->ptr, self->size, + PROT_READ | PROT_EXEC); + EXPECT_GT(0, ret); + EXPECT_EQ(EPERM, errno); + + /* Verify both VMAs aren't changed. */ + size = get_vma_size(self->ptr, &prot); + EXPECT_EQ(self->page_size * 2, size); + EXPECT_EQ(PROT_READ, prot); + + size = get_vma_size(self->ptr + self->page_size * 2, &prot); + EXPECT_EQ(self->page_size * 2, size); + EXPECT_EQ(PROT_READ | PROT_WRITE, prot); +} + +TEST_HARNESS_MAIN diff --git a/tools/testing/selftests/mm/memorysealing.h b/tools/testing/selftests/mm/memorysealing.h new file mode 100644 index 000000000000..aee6e6700028 --- /dev/null +++ b/tools/testing/selftests/mm/memorysealing.h @@ -0,0 +1,116 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#include + +/* + * Define sys_xyx to call syscall directly. + * This is needed because we want to avoid calling glibc and + * test syscall directly. + * The only exception is mmap, which _NR_mmap2 is not defined for + * some ARM architecture. + */ +static inline int sys_mseal(void *start, size_t len, unsigned long flags) +{ + int sret; + + errno = 0; + sret = syscall(__NR_mseal, start, len, flags); + return sret; +} + +static inline int sys_mprotect(void *ptr, size_t size, unsigned long prot) +{ + int sret; + + errno = 0; + sret = syscall(__NR_mprotect, ptr, size, prot); + return sret; +} + +static inline int sys_mprotect_pkey(void *ptr, size_t size, + unsigned long orig_prot, unsigned long pkey) +{ + int sret; + + errno = 0; + sret = syscall(__NR_pkey_mprotect, ptr, size, orig_prot, pkey); + return sret; +} + +static inline int sys_munmap(void *ptr, size_t size) +{ + int sret; + + errno = 0; + sret = syscall(__NR_munmap, ptr, size); + return sret; +} + +static inline int sys_madvise(void *start, size_t len, int types) +{ + int sret; + + errno = 0; + sret = syscall(__NR_madvise, start, len, types); + return sret; +} + +static inline void *sys_mremap(void *addr, size_t old_len, size_t new_len, + unsigned long flags, void *new_addr) +{ + void *sret; + + errno = 0; + sret = (void *) syscall(__NR_mremap, addr, old_len, new_len, flags, new_addr); + return sret; +} + +/* + * Parsing /proc/self/maps to get VMA's size and prot bit. + */ +static unsigned long get_vma_size(void *addr, int *prot) +{ + FILE *maps; + char line[256]; + int size = 0; + uintptr_t addr_start, addr_end; + char protstr[5]; + *prot = 0; + + maps = fopen("/proc/self/maps", "r"); + if (!maps) + return 0; + + while (fgets(line, sizeof(line), maps)) { + if (sscanf(line, "%lx-%lx %4s", &addr_start, &addr_end, protstr) == 3) { + if (addr_start == (uintptr_t) addr) { + size = addr_end - addr_start; + if (protstr[0] == 'r') + *prot |= PROT_READ; + if (protstr[1] == 'w') + *prot |= PROT_WRITE; + if (protstr[2] == 'x') + *prot |= PROT_EXEC; + break; + } + } + } + fclose(maps); + return size; +} + +static inline bool mseal_supported(void) +{ + int ret; + void *ptr; + unsigned long page_size = getpagesize(); + + ptr = mmap(NULL, page_size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + if (ptr == MAP_FAILED) + return false; + + ret = sys_mseal(ptr, page_size, 0); + if (ret < 0) + return false; + + return true; +} diff --git a/tools/testing/selftests/mm/mseal_test.c b/tools/testing/selftests/mm/mseal_test.c index ad17005521a8..8dd20341de3d 100644 --- a/tools/testing/selftests/mm/mseal_test.c +++ b/tools/testing/selftests/mm/mseal_test.c @@ -517,30 +517,6 @@ static void test_seal_twice(void) REPORT_TEST_PASS(); } -static void test_seal_mprotect(bool seal) -{ - void *ptr; - unsigned long page_size = getpagesize(); - unsigned long size = 4 * page_size; - int ret; - - setup_single_address(size, &ptr); - FAIL_TEST_IF_FALSE(ptr != (void *)-1); - - if (seal) { - ret = seal_single_address(ptr, size); - FAIL_TEST_IF_FALSE(!ret); - } - - ret = sys_mprotect(ptr, size, PROT_READ | PROT_WRITE); - if (seal) - FAIL_TEST_IF_FALSE(ret < 0); - else - FAIL_TEST_IF_FALSE(!ret); - - REPORT_TEST_PASS(); -} - static void test_seal_start_mprotect(bool seal) { void *ptr; @@ -658,41 +634,6 @@ static void test_seal_mprotect_unalign_len_variant_2(bool seal) REPORT_TEST_PASS(); } -static void test_seal_mprotect_two_vma(bool seal) -{ - void *ptr; - unsigned long page_size = getpagesize(); - unsigned long size = 4 * page_size; - int ret; - - setup_single_address(size, &ptr); - FAIL_TEST_IF_FALSE(ptr != (void *)-1); - - /* use mprotect to split */ - ret = sys_mprotect(ptr, page_size * 2, PROT_READ | PROT_WRITE); - FAIL_TEST_IF_FALSE(!ret); - - if (seal) { - ret = seal_single_address(ptr, page_size * 4); - FAIL_TEST_IF_FALSE(!ret); - } - - ret = sys_mprotect(ptr, page_size * 2, PROT_READ | PROT_WRITE); - if (seal) - FAIL_TEST_IF_FALSE(ret < 0); - else - FAIL_TEST_IF_FALSE(!ret); - - ret = sys_mprotect(ptr + page_size * 2, page_size * 2, - PROT_READ | PROT_WRITE); - if (seal) - FAIL_TEST_IF_FALSE(ret < 0); - else - FAIL_TEST_IF_FALSE(!ret); - - REPORT_TEST_PASS(); -} - static void test_seal_mprotect_two_vma_with_split(bool seal) { void *ptr; @@ -1876,7 +1817,7 @@ int main(void) if (!pkey_supported()) ksft_print_msg("PKEY not supported\n"); - ksft_set_plan(88); + ksft_set_plan(84); test_seal_addseal(); test_seal_unmapped_start(); @@ -1889,9 +1830,6 @@ int main(void) test_seal_zero_length(); test_seal_twice(); - test_seal_mprotect(false); - test_seal_mprotect(true); - test_seal_start_mprotect(false); test_seal_start_mprotect(true); @@ -1904,9 +1842,6 @@ int main(void) test_seal_mprotect_unalign_len_variant_2(false); test_seal_mprotect_unalign_len_variant_2(true); - test_seal_mprotect_two_vma(false); - test_seal_mprotect_two_vma(true); - test_seal_mprotect_two_vma_with_split(false); test_seal_mprotect_two_vma_with_split(true);