From patchwork Thu Jan 2 23:32:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Isaac Manjarres X-Patchwork-Id: 13925060 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6665AE77197 for ; Thu, 2 Jan 2025 23:33:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D7C066B0088; Thu, 2 Jan 2025 18:33:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D04CE6B0089; Thu, 2 Jan 2025 18:33:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BA5C46B008A; Thu, 2 Jan 2025 18:33:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 967D76B0088 for ; Thu, 2 Jan 2025 18:33:10 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 450A480523 for ; Thu, 2 Jan 2025 23:33:10 +0000 (UTC) X-FDA: 82964112546.08.4269068 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by imf06.hostedemail.com (Postfix) with ESMTP id AAC9F180004 for ; Thu, 2 Jan 2025 23:32:32 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=TrziV3wu; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf06.hostedemail.com: domain of 3MyJ3Zw4KCJY8I002C0D90HH4I6EE6B4.2ECB8DKN-CCAL02A.EH6@flex--isaacmanjarres.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=3MyJ3Zw4KCJY8I002C0D90HH4I6EE6B4.2ECB8DKN-CCAL02A.EH6@flex--isaacmanjarres.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1735860764; a=rsa-sha256; cv=none; b=pkWfWVStge5nzVH6yE8UJbhxNlKwj3WWfX7HZe1d0wA4aixfLskw0knGcvwn6C/WHgZ5fQ eELl8iUXC7LA7Y2it2YojIT6XCU1RR7HeZ2bPoITCsIb0xRHy0eT0RxYJ8lIVUF6LJgQQ0 wLfwMlFOy9E/MOF1voBogmZnNZ1QRVc= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=TrziV3wu; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf06.hostedemail.com: domain of 3MyJ3Zw4KCJY8I002C0D90HH4I6EE6B4.2ECB8DKN-CCAL02A.EH6@flex--isaacmanjarres.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=3MyJ3Zw4KCJY8I002C0D90HH4I6EE6B4.2ECB8DKN-CCAL02A.EH6@flex--isaacmanjarres.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1735860764; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9DO6BLM5CMOo/wBOU4R18TkGC6gkh5CUUEjeVIIwslA=; b=7wx5cNgT2P9oWg6Xn+qRdH+KLTH7P/Eqel4jcTOr/P/x2thEkbNRnjAqKZFfmjCCPloYQs 3JGixTM0IkHhraFL/MUKqrVHeN1joMh8YYgHUzLKKE42ZaZnn5xp4ZheYZLmSQsKNJemJw RL7MlV2V2Bo4oP445LbHN2pxEndWn5Y= Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2ef9e4c5343so26044071a91.0 for ; Thu, 02 Jan 2025 15:33:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1735860787; x=1736465587; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=9DO6BLM5CMOo/wBOU4R18TkGC6gkh5CUUEjeVIIwslA=; b=TrziV3wuTgX1eW9DXYzrTZk3UuKSbUuYpV/7URDUCIuOe2ra5AMrSSu4Q5F/IYHFh1 yOZWAtJ2mQqxSPr18Z7NMO7b2PSzSqI8Arq0/Mgbmm7mjdIA7K3rddu9NS1bmuLVpYtM Wy9gxk91rejkk4z9zhD06WfMLHCmT7gSF+scJ7PRTQc0w2lgjm7kmU1NTlTXLllY8lo8 +p3iDjXsTBme0TNIAfDHq91fPirhPGow43456+USGbjrsP8HXFd4xX2aW2xmAKjluzsc X8nWxYYALuZO6E4JgmURsS3iNc3ZIUoMlhWfontsRm37pJyyykBMNhARU+BNpc5IRgZN +YEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735860787; x=1736465587; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9DO6BLM5CMOo/wBOU4R18TkGC6gkh5CUUEjeVIIwslA=; b=t/4zAEOLKEwvQ5hDfKkGGLfA41XQ3zfIs8FyoaSjhTHDc0Nhk93lGyWIqjZRQdHxb8 GQ/JZ1iRx2H/BuKNm14+zfjdkoG7HaPcbFOOBPnxDaEEN11TOZWh30CBCnaphE470kzg v4MN23xPqbtcWaK+BfR32mfvC26xodH7hS8R8Y7K/PE3p82Q5Q9+5reJtco4dAZEZl2p phPg3BFMihyo3ZKThaJxEoCayNBjbsCz2VR+eW/7ZjIwD+EvxfqOZRaX5RtRXG/HkHbL CsBkgYF9KoexNDwPLAXqz8nbm5PM3Do1pditaB9qlEUz/pA2zOIL8tH4Rd6aWCyIgIVd LKyA== X-Forwarded-Encrypted: i=1; AJvYcCUepKo9vhFO+K+Yg4mh986TqHYP7EbWVqMIMdaa7AwnQRouPoCkg0ETz8nFfp7Q3Kw32FQ258vz7Q==@kvack.org X-Gm-Message-State: AOJu0YyE4x+DwUftCVVw+l0Xetjiv+uuGHTzJxgLgZtPHHYGfIqqvl2t pO/DN1f/3gbVsPSl+jD/L5dcFSvlyjUbiJageMh2ZLO9jYkJ/lCQYuvRfBLFPrP/ep5USgRywzd ehzrwEpw7nJoNN/DyxUrsy/GWk5xbXClqXQ== X-Google-Smtp-Source: AGHT+IGn4ET5k3Rw4jazgCpM0o7s4VxY7D3G9HLPKKDi9G1NhugDfSye1BKW8ZRtwa2K9tuUnnUmyyKAttJLjZ0jGRqBSQ== X-Received: from pfd7.prod.google.com ([2002:a05:6a00:a807:b0:727:2d74:d385]) (user=isaacmanjarres job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:2d05:b0:1e1:a647:8a54 with SMTP id adf61e73a8af0-1e5e05ac4cbmr72878987637.20.1735860787347; Thu, 02 Jan 2025 15:33:07 -0800 (PST) Date: Thu, 2 Jan 2025 15:32:51 -0800 In-Reply-To: <20250102233255.1180524-1-isaacmanjarres@google.com> Mime-Version: 1.0 References: <20250102233255.1180524-1-isaacmanjarres@google.com> X-Mailer: git-send-email 2.47.1.613.gc27f4b7a9f-goog Message-ID: <20250102233255.1180524-3-isaacmanjarres@google.com> Subject: [RFC PATCH RESEND v2 2/2] selftests/memfd: Add tests for F_SEAL_FUTURE_EXEC From: "Isaac J. Manjarres" To: lorenzo.stoakes@oracle.com, Jeff Layton , Chuck Lever , Alexander Aring , Andrew Morton , Shuah Khan Cc: surenb@google.com, kaleshsingh@google.com, jstultz@google.com, aliceryhl@google.com, jeffxu@google.com, kees@kernel.org, "Isaac J. Manjarres" , kernel-team@android.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org X-Rspam-User: X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: AAC9F180004 X-Stat-Signature: 3kqyroyoi4kgitbuw7sngykq9uwuorrj X-HE-Tag: 1735860752-807664 X-HE-Meta: U2FsdGVkX1/nDnBrJ1PIg90T6PD8MAEcGbBv+VOsMZKziQoa0eoZTjJzPW74KY3LEaQJQTPl07Gr8vpEOVSts3ecyoPx0udxOMAdKS+/mAPr8oH9YYr2i2UjLqAFrmnKoqwEPMSvkdMqvWkimsF5MrucxB8t7gxvSkWrDuVG5pe6RyeKoy6Hdys2FXjQSw9pSoXnOb+h/q6zVPPd/CEUL+M98vBtbuSINoHZifSRYmY+Dw5KXtS6M9jdiL4H4O68O8Qjj7mUU6ZSkW1qKM/piI43GH5jsnrCJBcxZ5ylDkARiVaOQfzwDQFy4BSkz1kMDvSO5I9og+v+KVYd8NxPWcZS1hcTPbDBgKYe8kACY4VCljsf/EAgy08tGXWAM2mAAyW0MeLbwP7q8OhJm5ZkrP45NvQkRHrMmsHTG7ieAQ4or3n5sMeRCodguMjNUN6CeY167uTg/eBWD/ZCqftfguetRfpSdnVefc/wdtBhfzDrQgql4hnES1NCqFldn9ErPFpss7mScvHSPZZBEtPephNywa6wMPoBEC0XlRF6z7WOJih6h5N2/tsUp2azKqixpkR8XeQCErkIYtLhCxLYsp7X9HNwL7lBaKpfSqVlEEnCI+zo7yJR7ZO5LfTl8koXX1Eto3MSCP7UhSPyyglwcxM6+r10mEFZ/tUB0aXBT+SnSp8N48KIWtnmdiAfQNqxLv9udwPR6wYkGb6z8BMLtsQYlBrhP4POSpVqM97KwLchT0s8hSmTepl/ZlN0aomDkX7x81bl7exBY0dmBwdo1UeyV3ODhJPsP0A745By6kwQHR3K/AHE0V/ez3n6G4MH9ZHbM88WOmp3vyhousqAsmWlysuUkcrQltAaIJWrT6WKD8mVcE/pz3r7xwOpBtGa4Aff5kvykbHFJWN7WgU0iWmqKH/rStgHAsDiCd/w3bR7zGeSgYtgMtzf2JZi3cJYB6JVcwb76f/RjVu+sPP CC7Lishy 63e1gyr5CGBr9QRRfw9SA7VUXYCgbH57bO8dCXcE5Rl7ExE4uOM0doTe8EF6H7ip82vuZZe6GzLVntUlG4LZXCdWRFg0d0YftosFER8iOvMSI5Qn21oQuhEE+K4uE626Thkup7lOfMiZ/vCmkV8w7/VsNKT+7LEBbWKc7B5ZWiL553iu5mHjqdqOw73u/9Um1Jgv9lYoXz6oBa7sUoZD/xklQChdNMT1+QTQ/QMsQVgGqCyK4/FXP/nEGFptuo3JSlBLCZp13Q3AfxLYaPLGRJrlaRkeTZ0zc/5N6aOOFUw4ishnq3cGrFoqjXzFZvMjyb+jUCOnSJHKMhaW9mqUe/uugBg5+vcKwjSOw21HAm6DbYYF+gnQwPmKbGUN7gIE1T44U+hXpD14kFLRuzKPzB1t6un43FCKgGac6z0FFy67p2tEVUUow4amyYF5nEH/Espjb0sm9Bq18f6iphDwMK0rR2HC67GMLQ9aBaDNqQKgWRfN+dffE6DXm1GI+zojIbXEgcxB9wIAbcKzkniDAUHqZNDguIUG5wtvyLEHelqi8QweEXtT7FuYFWVsqg89Qi1wpZN/XQ8sd4B3koOw6/RTJhZO5ZNcfiKDwb2E9Jf95xmARD1sPvIqlzHyLIb3jFB/9rDhjxXkj+Z8Zv9atY1UxpyTqYZtvuIOHhIUfHMkTsODyi3vAU/qpUMFzs0wJbYeIJqKq5ZJuzdLSEgZu6xuixZM7nRWy5cVx X-Bogosity: Ham, tests=bogofilter, spamicity=0.007679, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Add tests to ensure that F_SEAL_FUTURE_EXEC behaves as expected. Signed-off-by: Isaac J. Manjarres --- tools/testing/selftests/memfd/memfd_test.c | 79 ++++++++++++++++++++++ 1 file changed, 79 insertions(+) diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index c0c53451a16d..abc213a5ce99 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -31,6 +31,7 @@ #define STACK_SIZE 65536 #define F_SEAL_EXEC 0x0020 +#define F_SEAL_FUTURE_EXEC 0x0040 #define F_WX_SEALS (F_SEAL_SHRINK | \ F_SEAL_GROW | \ @@ -318,6 +319,37 @@ static void *mfd_assert_mmap_private(int fd) return p; } +static void *mfd_fail_mmap_exec(int fd) +{ + void *p; + + p = mmap(NULL, + mfd_def_size, + PROT_EXEC, + MAP_SHARED, + fd, + 0); + if (p != MAP_FAILED) { + printf("mmap() didn't fail as expected\n"); + abort(); + } + + return p; +} + +static void mfd_fail_mprotect_exec(void *p) +{ + int ret; + + ret = mprotect(p, + mfd_def_size, + PROT_EXEC); + if (!ret) { + printf("mprotect didn't fail as expected\n"); + abort(); + } +} + static int mfd_assert_open(int fd, int flags, mode_t mode) { char buf[512]; @@ -998,6 +1030,52 @@ static void test_seal_future_write(void) close(fd); } +/* + * Test SEAL_FUTURE_EXEC_MAPPING + * Test whether SEAL_FUTURE_EXEC_MAPPING actually prevents executable mappings. + */ +static void test_seal_future_exec_mapping(void) +{ + int fd; + void *p; + + + printf("%s SEAL-FUTURE-EXEC-MAPPING\n", memfd_str); + + fd = mfd_assert_new("kern_memfd_seal_future_exec_mapping", + mfd_def_size, + MFD_CLOEXEC | MFD_ALLOW_SEALING); + + /* + * PROT_READ | PROT_WRITE mappings create VMAs with VM_MAYEXEC set. + * However, F_SEAL_FUTURE_EXEC applies to subsequent mappings, + * so it should still succeed even if this mapping is active when the + * seal is applied. + */ + p = mfd_assert_mmap_shared(fd); + + mfd_assert_has_seals(fd, 0); + + mfd_assert_add_seals(fd, F_SEAL_FUTURE_EXEC); + mfd_assert_has_seals(fd, F_SEAL_FUTURE_EXEC); + + mfd_fail_mmap_exec(fd); + + munmap(p, mfd_def_size); + + /* Ensure that new mappings without PROT_EXEC work. */ + p = mfd_assert_mmap_shared(fd); + + /* + * Ensure that mappings created after the seal was applied cannot be + * made executable via mprotect(). + */ + mfd_fail_mprotect_exec(p); + + munmap(p, mfd_def_size); + close(fd); +} + static void test_seal_write_map_read_shared(void) { int fd; @@ -1639,6 +1717,7 @@ int main(int argc, char **argv) test_seal_shrink(); test_seal_grow(); test_seal_resize(); + test_seal_future_exec_mapping(); if (pid_ns_supported()) { test_sysctl_simple();