From patchwork Fri Dec 6 01:09:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Isaac J. Manjarres" X-Patchwork-Id: 13896200 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D27F8E77171 for ; Fri, 6 Dec 2024 01:09:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5DD996B0092; Thu, 5 Dec 2024 20:09:47 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 566D16B0145; Thu, 5 Dec 2024 20:09:47 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3B9EF6B00FC; Thu, 5 Dec 2024 20:09:47 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 1B33B6B0145 for ; Thu, 5 Dec 2024 20:09:47 -0500 (EST) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id B802F14196D for ; Fri, 6 Dec 2024 01:09:46 +0000 (UTC) X-FDA: 82862751258.03.6F0FF49 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) by imf30.hostedemail.com (Postfix) with ESMTP id E430180004 for ; Fri, 6 Dec 2024 01:09:13 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=IE8eg+KA; spf=pass (imf30.hostedemail.com: domain of 3105SZw4KCP4oyggisgtpgxxkymuumrk.iusrot03-ssq1giq.uxm@flex--isaacmanjarres.bounces.google.com designates 209.85.210.202 as permitted sender) smtp.mailfrom=3105SZw4KCP4oyggisgtpgxxkymuumrk.iusrot03-ssq1giq.uxm@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1733447368; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=+0EsM99SG3hihzaaNKgE6hFc9Vf2sd6rRNj6I2ZBeAU=; b=FF+Azk6Kfk271mJcAtCHzxqHyKYaqMO7YNjDEliZkPZXojSO7q73nFiTYB0fkoLtwgSW3v ldF4bDOeZjzVH3AORxmrxOJTEfitM6qdUaWPe30BAoZO8mmTC9AgMSCZ9M3aVfKWNBT15s AX4owVl6FCo2C9ogw2jTxgQaAa8Z47s= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1733447368; a=rsa-sha256; cv=none; b=CZQQZZT60ZcsbeOEvv9qKSHbSRjdhobtI4LJxXybnBRDR/tcdvYLFJEpf3b/NxWK3kSzAq PW7uOWlJ4+Wr/7EvccSuXiwkUFkqsIC+G93+Uo6gBdEduiwyxWbIo98Euun531/d3cRu3n XOFKDhfobOaZpxoBz7KtDoKQ8NdYXIs= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=IE8eg+KA; spf=pass (imf30.hostedemail.com: domain of 3105SZw4KCP4oyggisgtpgxxkymuumrk.iusrot03-ssq1giq.uxm@flex--isaacmanjarres.bounces.google.com designates 209.85.210.202 as permitted sender) smtp.mailfrom=3105SZw4KCP4oyggisgtpgxxkymuumrk.iusrot03-ssq1giq.uxm@flex--isaacmanjarres.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-724d6a812b6so1415603b3a.3 for ; Thu, 05 Dec 2024 17:09:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1733447383; x=1734052183; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=+0EsM99SG3hihzaaNKgE6hFc9Vf2sd6rRNj6I2ZBeAU=; b=IE8eg+KARFmwcnWVYygkCwd6+4LNavosCY8isHh2epjl85s5C2yYv+wmqKmlhl+mv+ zBixO32e8H9aqb0M3A9NKOWEKz1WM8AbpeSZ9Aap8PxNey+lPt5BDeM/nsYxHBOKnGti g6I8LTVL+qzbPV6WPKt/f3CE3Nhkv1lu8jG6cDIKTfrbsY9ze5g5PKLpKpgbbN3JbYbu VMfm012AU/64drwdCQ0W4rzi7A1SWueFct8pS+KdaFmmTHwiXbCVs6JAlQu0fbpO+0lS QZjnlVuVDjG65HzyWm17eGv7ietk1BwKKyI0aqEP65Qj2V990Iq+eloMDOcjsuFIA+MU YXAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733447383; x=1734052183; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+0EsM99SG3hihzaaNKgE6hFc9Vf2sd6rRNj6I2ZBeAU=; b=Eo3QQBLUh0s8//jwgr2Pf9Ejrv0US9oRlEOFe7fvN8C1trGWtiNdxHMYwlAsjUGgK2 OGVTW2HzHtvoUlDXV/hqWD2iC3YcVvqjERN/zRwLjqVEOhsYAdcehfcwg5OdkLlDEK5l PTgMOY159zECFExD3JDBzIxo0uXCxV830GJJI7FEH2h/nZRHRqlLN33BACPj7b2i1ldY VT6QTnAJPdDGVxpVD910jSH5SaskcIslutB0rojJgDoF1HmycSnEsyrNKTV2sLt6TG7z hjW/gwqAEL8pWqQX45iX0Jf87dNDnn8P34jvWtOw77ca/Jm0MifpvviITE+ZTPWY8GT+ Ts+A== X-Forwarded-Encrypted: i=1; AJvYcCUnO0YTcNIkYTbXBY2OQNIJwJdSat/sQSNwrlHJejfa1bWDbeeWvGMwG28/+/6wtILvF8eSffc3Yw==@kvack.org X-Gm-Message-State: AOJu0Yx4dWZvmjhiVsHeqm2Frl8Ar0o4HII5fvdOmvesKu4x8zPUX2wB 0rAnZXgFkU7fHZB9Bbh3QyO5fsOq1BOPcf0yxUEHRU1Uj4KLo0g2sIk82djwXpGwXss9I8sUy06 XYuAnrpHJoYJRGwdi3KayYSLaJq54d3IUHw== X-Google-Smtp-Source: AGHT+IE+lZFMJ73v6jAW7BqzJ/0k/ho2hBMCiLFRGaWMMqnKpTaEahh/l5AmKSSMZElIcLOMWDH9HUGgB92p8rghNCEnXw== X-Received: from pfbca23.prod.google.com ([2002:a05:6a00:4197:b0:725:20c8:96dc]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:140d:b0:720:9a03:b6dc with SMTP id d2e1a72fcca58-725b81f2d4cmr2040786b3a.18.1733447383706; Thu, 05 Dec 2024 17:09:43 -0800 (PST) Date: Thu, 5 Dec 2024 17:09:23 -0800 In-Reply-To: <20241206010930.3871336-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20241206010930.3871336-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.0.338.g60cca15819-goog Message-ID: <20241206010930.3871336-3-isaacmanjarres@google.com> Subject: [RFC PATCH v1 2/2] selftests/memfd: Add tests for F_SEAL_FUTURE_EXEC From: "Isaac J. Manjarres" To: Andrew Morton , Jeff Layton , Chuck Lever , Alexander Aring , "Liam R. Howlett" , Lorenzo Stoakes , Vlastimil Babka , Jann Horn , Shuah Khan Cc: "Isaac J. Manjarres" , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kselftest@vger.kernel.org, Suren Baghdasaryan , Kalesh Singh , John Stultz X-Rspamd-Queue-Id: E430180004 X-Rspam-User: X-Rspamd-Server: rspam07 X-Stat-Signature: 4acmmrg59gkepzsz737bt16zqtz5k1wb X-HE-Tag: 1733447353-742528 X-HE-Meta: U2FsdGVkX1+mHgMMhOJQQxdLjpu3pwCZPF4CUL2lYLink6RhqCWcs5DFnrRLLXk9K8uCv96qH4mtHellM4b1crieq7kvih1V910w01fAqcIBQ6xfYpj8Pph1P0476+3BXC6OIwRGj2vUwzgKrGP17dtfxM8I8rPs/D0hKzvHKbHvcRiPleoDnYpcQupkmV/GCM/1tfM4Tl8gBUh8bjGGkOsE+I+Cw2cPyF/fzN5qGdlU3AsqBn4HPp0SEYqTO5iktz2Oy9edmRb+M8kCB3YjflCRNJueF3ZcZaooEN978B0SvVQnZ1VLUFbUVw2I3MOnQiUFjDhHFxxZivSu6W5eWXFakVNNi9JiPMZ9nll9xNKpyKzeYry2w80OqNyUHaAwQtqHsl9yM5MMcBIvydImg8p8DUEOl7yxnDoFi8wrW713C8/+E/TuZMvjh7hykyJJcbaT422mBTXqTA0+Gd4iQ1Zjkh4HkPrFDGZ7pLcSppHsZ+yGtlYoDv+RsQYs5w7etxWp+XKbU68aWv8zHIsgc+UirHS6W7v/bHcVmKBO6WwnWdnCmNyxxJ8FkG4urO0yYIdOdzNkgMYVfiAhkIa11BftnMJuaDxQLYqkVxJEp8wzPt8ZjFqHA1WBWWI110Eg1Vg0LKB1tK0l37ctFS9F//MqHpfGGjJOwhBF8Bm3OisltSd4G+5JtKLGQ67YDTnOWKPFeRtorJKwCpmU3fnUZXq1IFwVsBlsrX8bzkVm5+LlG1qWnipVbHl3R+KrKTXPZSwamYSX6sFLirPTJCYzzUmQnkU2MCYFgdl8E12dYfCqxPHhWZsed+GXmsQIn8G8GNwYYJMhJksTWLscXO5y9HGbqk2MF1XTS0X5W1jg9Jh0Xbf107P/OmP+VM6CRA5InM+0OVdHY9C7RyJ4lUb1AV2ipd9y3frcxl+Ir+K2PYlge7rWA1nNDhtEWpWxW1D4kAAXu1LCZrnlifE6i9Q kZPuPUXU e1EZVwQHfFRC5kGyCExlJUvI0G9GtRnhKr9a7qLm5XD7EM/UzX76ixlHf3x/TfkURFr16oIPpl7AILnmP8oRY5W1VqOsMbfWY3TzoY+vNDPiglEAmG+alqduPYhyK0Lab7TXPA9eWx+9/6lcqQSJ7CsE3iCnsq/VPZ6IXkGTYZbM7QuhJcA2uNUcdEopMzAvO40DKult9it4Kxsg0PuT0MqRtcuZJKGO/IQIq9+fLgxkCVz6e09f+iUXAt1wHQXOZO7wi6+xQH6v+Q0ShAyWk8o2ma0BAuPvgYn+uJLMUMcvKmCZNt0pMnDCwxAnpPcUVzbJfVEBgxZGuO/xTOee87f/N80eVf1w/H6k/VAPrZVDKdtsSorz76MdpyBAYNowGTZ5A9qk7DWSGfsFgaWoQfbmmsnvRZ5O4yoY4zO1/Nh/q21+JppoCp+j5DGYrzssVfTOyFnJnB0pGkKxlrpP946UzppOLufjJvTIr0N5vhu9bjRi+NCcfAGoEWgeYs6admhF6+Nu+t2HftH0zNCEZ3t4JsQwErIzyOQKYKAy/gilePMpgwpONB6uVD1fGm4/Z8eZL2E3WJg+e+vriFL4SiT39+CkrCWRK7xHMQCBdB+QFn0USXSmMLDcjXl2lnRk5SwimbokKQkitl8oM3pq4ENYrbiQSBa7P09mnTJL3/cu/YeWdb4ZHpfQRM5yIeLFXfdmv+KuwwJek/qHoaadD91GVSHtTg41zHz9nvgZGl3OcUQiEZmfDxLt2Ey3W9duzar9m X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Add tests to ensure that F_SEAL_FUTURE_EXEC behaves as expected. Cc: Suren Baghdasaryan Cc: Kalesh Singh Cc: John Stultz Signed-off-by: Isaac J. Manjarres --- tools/testing/selftests/memfd/memfd_test.c | 79 ++++++++++++++++++++++ 1 file changed, 79 insertions(+) diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index 46027c889e74..12c82af406b3 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -30,6 +30,7 @@ #define STACK_SIZE 65536 #define F_SEAL_EXEC 0x0020 +#define F_SEAL_FUTURE_EXEC 0x0040 #define F_WX_SEALS (F_SEAL_SHRINK | \ F_SEAL_GROW | \ @@ -317,6 +318,37 @@ static void *mfd_assert_mmap_private(int fd) return p; } +static void *mfd_fail_mmap_exec(int fd) +{ + void *p; + + p = mmap(NULL, + mfd_def_size, + PROT_EXEC, + MAP_SHARED, + fd, + 0); + if (p != MAP_FAILED) { + printf("mmap() didn't fail as expected\n"); + abort(); + } + + return p; +} + +static void mfd_fail_mprotect_exec(void *p) +{ + int ret; + + ret = mprotect(p, + mfd_def_size, + PROT_EXEC); + if (!ret) { + printf("mprotect didn't fail as expected\n"); + abort(); + } +} + static int mfd_assert_open(int fd, int flags, mode_t mode) { char buf[512]; @@ -997,6 +1029,52 @@ static void test_seal_future_write(void) close(fd); } +/* + * Test SEAL_FUTURE_EXEC_MAPPING + * Test whether SEAL_FUTURE_EXEC_MAPPING actually prevents executable mappings. + */ +static void test_seal_future_exec_mapping(void) +{ + int fd; + void *p; + + + printf("%s SEAL-FUTURE-EXEC-MAPPING\n", memfd_str); + + fd = mfd_assert_new("kern_memfd_seal_future_exec_mapping", + mfd_def_size, + MFD_CLOEXEC | MFD_ALLOW_SEALING); + + /* + * PROT_READ | PROT_WRITE mappings create VMAs with VM_MAYEXEC set. + * However, F_SEAL_FUTURE_EXEC applies to subsequent mappings, + * so it should still succeed even if this mapping is active when the + * seal is applied. + */ + p = mfd_assert_mmap_shared(fd); + + mfd_assert_has_seals(fd, 0); + + mfd_assert_add_seals(fd, F_SEAL_FUTURE_EXEC); + mfd_assert_has_seals(fd, F_SEAL_FUTURE_EXEC); + + mfd_fail_mmap_exec(fd); + + munmap(p, mfd_def_size); + + /* Ensure that new mappings without PROT_EXEC work. */ + p = mfd_assert_mmap_shared(fd); + + /* + * Ensure that mappings created after the seal was applied cannot be + * made executable via mprotect(). + */ + mfd_fail_mprotect_exec(p); + + munmap(p, mfd_def_size); + close(fd); +} + static void test_seal_write_map_read_shared(void) { int fd; @@ -1633,6 +1711,7 @@ int main(int argc, char **argv) test_seal_shrink(); test_seal_grow(); test_seal_resize(); + test_seal_future_exec_mapping(); test_sysctl_simple(); test_sysctl_nested();