Add couple of simple tests for access(2) and mprotect(2).
This commit is contained in:
parent
6b079736fe
commit
597629b945
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: mi,v 1.284 2011/03/31 23:34:48 joerg Exp $
|
||||
# $NetBSD: mi,v 1.285 2011/04/03 16:12:45 jruoho Exp $
|
||||
#
|
||||
# Note: don't delete entries from here - mark them as "obsolete" instead.
|
||||
#
|
||||
|
@ -564,10 +564,12 @@
|
|||
./usr/libdata/debug/usr/tests/sbin tests-sbin-tests
|
||||
./usr/libdata/debug/usr/tests/sbin/resize_ffs tests-sbin-tests
|
||||
./usr/libdata/debug/usr/tests/syscall tests-syscall-debug
|
||||
./usr/libdata/debug/usr/tests/syscall/t_access.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/syscall/t_cmsg.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/syscall/t_dup.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/syscall/t_fsync.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/syscall/t_mmap.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/syscall/t_mprotect.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/syscall/t_timer.debug tests-syscall-debug debug,atf
|
||||
./usr/libdata/debug/usr/tests/usr.bin tests-sbin-tests
|
||||
./usr/libdata/debug/usr/tests/usr.sbin tests-sbin-tests
|
||||
|
@ -2104,10 +2106,12 @@
|
|||
./usr/tests/sys/rc/t_rc_d_cli tests-sys-tests atf
|
||||
./usr/tests/syscall tests-syscall-tests
|
||||
./usr/tests/syscall/Atffile tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_access tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_cmsg tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_dup tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_fsync tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_mmap tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_mprotect tests-syscall-tests atf
|
||||
./usr/tests/syscall/t_timer tests-syscall-tests atf
|
||||
./usr/tests/toolchain tests-syscall-tests atf
|
||||
./usr/tests/toolchain/Atffile tests-syscall-tests atf
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
# $NetBSD: Makefile,v 1.12 2011/03/31 15:47:57 jruoho Exp $
|
||||
# $NetBSD: Makefile,v 1.13 2011/04/03 16:12:45 jruoho Exp $
|
||||
|
||||
.include <bsd.own.mk>
|
||||
|
||||
TESTSDIR= ${TESTSBASE}/syscall
|
||||
|
||||
TESTS_C+= t_cmsg t_dup t_fsync t_mmap t_timer
|
||||
TESTS_C+= t_access t_cmsg t_dup t_fsync t_mmap t_mprotect t_timer
|
||||
|
||||
LDADD.t_cmsg+= -lrumpnet_local -lrumpnet_net -lrumpnet
|
||||
LDADD.t_cmsg+= -lrumpvfs -lrump -lrumpuser -lpthread
|
||||
|
|
|
@ -0,0 +1,209 @@
|
|||
/* $NetBSD: t_access.c,v 1.1 2011/04/03 16:12:46 jruoho Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 2011 The NetBSD Foundation, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This code is derived from software contributed to The NetBSD Foundation
|
||||
* by Jukka Ruohonen.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
#include <sys/cdefs.h>
|
||||
__RCSID("$NetBSD: t_access.c,v 1.1 2011/04/03 16:12:46 jruoho Exp $");
|
||||
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <atf-c.h>
|
||||
|
||||
static const char path[] = "/tmp/access";
|
||||
static const int mode[4] = { R_OK, W_OK, X_OK, F_OK };
|
||||
|
||||
ATF_TC_WITH_CLEANUP(access_access);
|
||||
ATF_TC_HEAD(access_access, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test access(2) for EACCES");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(access_access, tc)
|
||||
{
|
||||
const int perm[3] = { 0200, 0400, 0000 };
|
||||
size_t i;
|
||||
int fd;
|
||||
|
||||
fd = open(path, O_RDONLY | O_CREAT);
|
||||
|
||||
if (fd < 0)
|
||||
return;
|
||||
|
||||
for (i = 0; i < __arraycount(mode) - 1; i++) {
|
||||
|
||||
ATF_REQUIRE(fchmod(fd, perm[i]) == 0);
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(access(path, mode[i]) != 0);
|
||||
ATF_REQUIRE(errno == EACCES);
|
||||
}
|
||||
|
||||
ATF_REQUIRE(close(fd) == 0);
|
||||
}
|
||||
|
||||
ATF_TC_CLEANUP(access_access, tc)
|
||||
{
|
||||
(void)unlink(path);
|
||||
}
|
||||
|
||||
ATF_TC(access_fault);
|
||||
ATF_TC_HEAD(access_fault, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test access(2) for EFAULT");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(access_fault, tc)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < __arraycount(mode); i++) {
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(access(NULL, mode[i]) != 0);
|
||||
ATF_REQUIRE(errno == EFAULT);
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(access((char *)-1, mode[i]) != 0);
|
||||
ATF_REQUIRE(errno == EFAULT);
|
||||
}
|
||||
}
|
||||
|
||||
ATF_TC(access_inval);
|
||||
ATF_TC_HEAD(access_inval, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test access(2) for EINVAL");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(access_inval, tc)
|
||||
{
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(access("/usr", -1) != 0);
|
||||
ATF_REQUIRE(errno == EINVAL);
|
||||
}
|
||||
|
||||
ATF_TC(access_notdir);
|
||||
ATF_TC_HEAD(access_notdir, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test access(2) for ENOTDIR");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(access_notdir, tc)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < __arraycount(mode); i++) {
|
||||
|
||||
errno = 0;
|
||||
|
||||
/*
|
||||
* IEEE Std 1003.1-2008 about ENOTDIR:
|
||||
*
|
||||
* "A component of the path prefix is not a directory,
|
||||
* or the path argument contains at least one non-<slash>
|
||||
* character and ends with one or more trailing <slash>
|
||||
* characters and the last pathname component names an
|
||||
* existing file that is neither a directory nor a symbolic
|
||||
* link to a directory."
|
||||
*/
|
||||
ATF_REQUIRE(access("/etc/passwd//", mode[i]) != 0);
|
||||
ATF_REQUIRE(errno == ENOTDIR);
|
||||
}
|
||||
}
|
||||
|
||||
ATF_TC(access_notexist);
|
||||
ATF_TC_HEAD(access_notexist, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test access(2) for ENOENT");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(access_notexist, tc)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < __arraycount(mode); i++) {
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(access("", mode[i]) != 0);
|
||||
ATF_REQUIRE(errno == ENOENT);
|
||||
}
|
||||
}
|
||||
|
||||
ATF_TC(access_toolong);
|
||||
ATF_TC_HEAD(access_toolong, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test access(2) for ENAMETOOLONG");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(access_toolong, tc)
|
||||
{
|
||||
char *buf;
|
||||
size_t i;
|
||||
|
||||
buf = malloc(PATH_MAX);
|
||||
|
||||
if (buf == NULL)
|
||||
return;
|
||||
|
||||
for (i = 0; i < PATH_MAX; i++)
|
||||
buf[i] = 'x';
|
||||
|
||||
for (i = 0; i < __arraycount(mode); i++) {
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(access(buf, mode[i]) != 0);
|
||||
ATF_REQUIRE(errno == ENAMETOOLONG);
|
||||
}
|
||||
|
||||
free(buf);
|
||||
}
|
||||
|
||||
ATF_TP_ADD_TCS(tp)
|
||||
{
|
||||
|
||||
ATF_TP_ADD_TC(tp, access_access);
|
||||
ATF_TP_ADD_TC(tp, access_fault);
|
||||
ATF_TP_ADD_TC(tp, access_inval);
|
||||
ATF_TP_ADD_TC(tp, access_notdir);
|
||||
ATF_TP_ADD_TC(tp, access_notexist);
|
||||
ATF_TP_ADD_TC(tp, access_toolong);
|
||||
|
||||
return atf_no_error();
|
||||
}
|
|
@ -0,0 +1,279 @@
|
|||
/* $NetBSD: t_mprotect.c,v 1.1 2011/04/03 16:12:46 jruoho Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 2011 The NetBSD Foundation, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This code is derived from software contributed to The NetBSD Foundation
|
||||
* by Jukka Ruohonen.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
#include <sys/cdefs.h>
|
||||
__RCSID("$NetBSD: t_mprotect.c,v 1.1 2011/04/03 16:12:46 jruoho Exp $");
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/mman.h>
|
||||
#include <sys/sysctl.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <stdio.h> /* XXX. */
|
||||
|
||||
#include <atf-c.h>
|
||||
|
||||
static long page = 0;
|
||||
static int pax_global = -1;
|
||||
static int pax_enabled = -1;
|
||||
static char path[] = "/tmp/mmap";
|
||||
|
||||
static void sighandler(int);
|
||||
static bool paxinit(void);
|
||||
static bool paxset(int, int);
|
||||
|
||||
static void
|
||||
sighandler(int signo)
|
||||
{
|
||||
exit(signo);
|
||||
}
|
||||
|
||||
static bool
|
||||
paxinit(void)
|
||||
{
|
||||
size_t len = sizeof(int);
|
||||
int rv;
|
||||
|
||||
rv = sysctlbyname("security.pax.mprotect.global",
|
||||
&pax_global, &len, NULL, 0);
|
||||
|
||||
if (rv != 0)
|
||||
return false;
|
||||
|
||||
rv = sysctlbyname("security.pax.mprotect.enabled",
|
||||
&pax_enabled, &len, NULL, 0);
|
||||
|
||||
if (rv != 0)
|
||||
return false;
|
||||
|
||||
return paxset(1, 1);
|
||||
}
|
||||
|
||||
static bool
|
||||
paxset(int global, int enabled)
|
||||
{
|
||||
size_t len = sizeof(int);
|
||||
int rv;
|
||||
|
||||
rv = sysctlbyname("security.pax.mprotect.global",
|
||||
NULL, NULL, &global, len);
|
||||
|
||||
if (rv != 0)
|
||||
return false;
|
||||
|
||||
rv = sysctlbyname("security.pax.mprotect.enabled",
|
||||
NULL, NULL, &enabled, len);
|
||||
|
||||
if (rv != 0)
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
ATF_TC_WITH_CLEANUP(mprotect_access);
|
||||
ATF_TC_HEAD(mprotect_access, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test for EACCES from mprotect(2)");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(mprotect_access, tc)
|
||||
{
|
||||
int prot[2] = { PROT_NONE, PROT_READ };
|
||||
void *map;
|
||||
size_t i;
|
||||
int fd;
|
||||
|
||||
fd = open(path, O_RDONLY | O_CREAT);
|
||||
|
||||
if (fd < 0)
|
||||
return;
|
||||
|
||||
/*
|
||||
* The call should fail with EACCES if we try to mark
|
||||
* a PROT_NONE or PROT_READ file/section as PROT_WRITE.
|
||||
*/
|
||||
for (i = 0; i < __arraycount(prot); i++) {
|
||||
|
||||
map = mmap(NULL, page, prot[i], MAP_SHARED, fd, 0);
|
||||
|
||||
if (map == MAP_FAILED)
|
||||
continue;
|
||||
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(mprotect(map, page, PROT_WRITE) != 0);
|
||||
ATF_REQUIRE(errno == EACCES);
|
||||
ATF_REQUIRE(munmap(map, page) == 0);
|
||||
}
|
||||
|
||||
ATF_REQUIRE(close(fd) == 0);
|
||||
}
|
||||
|
||||
ATF_TC_CLEANUP(mprotect_access, tc)
|
||||
{
|
||||
(void)unlink(path);
|
||||
}
|
||||
|
||||
ATF_TC(mprotect_err);
|
||||
ATF_TC_HEAD(mprotect_err, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test error conditions of mprotect(2)");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(mprotect_err, tc)
|
||||
{
|
||||
errno = 0;
|
||||
|
||||
ATF_REQUIRE(mprotect((char *)-1, 1, PROT_READ) != 0);
|
||||
ATF_REQUIRE(errno == EINVAL);
|
||||
}
|
||||
|
||||
ATF_TC(mprotect_pax);
|
||||
ATF_TC_HEAD(mprotect_pax, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "PaX restrictions and mprotect(2),");
|
||||
atf_tc_set_md_var(tc, "require.user", "root");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(mprotect_pax, tc)
|
||||
{
|
||||
const int prot[4] = { PROT_NONE, PROT_READ, PROT_WRITE };
|
||||
const char *str = NULL;
|
||||
void *map;
|
||||
size_t i;
|
||||
int rv;
|
||||
|
||||
if (paxinit() != true)
|
||||
return;
|
||||
|
||||
/*
|
||||
* As noted in the original PaX documentation [1],
|
||||
* the following restrictions should apply:
|
||||
*
|
||||
* (1) creating executable anonymous mappings
|
||||
*
|
||||
* (2) creating executable/writable file mappings
|
||||
*
|
||||
* (3) making a non-executable mapping executable
|
||||
*
|
||||
* (4) making an executable/read-only file mapping
|
||||
* writable except for performing relocations
|
||||
* on an ET_DYN ELF file (non-PIC shared library)
|
||||
*
|
||||
* The following will test only the case (3).
|
||||
*
|
||||
* [1] http://pax.grsecurity.net/docs/mprotect.txt
|
||||
*
|
||||
* (Sun Apr 3 11:06:53 EEST 2011.)
|
||||
*/
|
||||
for (i = 0; i < __arraycount(prot); i++) {
|
||||
|
||||
map = mmap(NULL, page, prot[i], MAP_ANON, -1, 0);
|
||||
|
||||
if (map == MAP_FAILED)
|
||||
continue;
|
||||
|
||||
rv = mprotect(map, 1, prot[i] | PROT_EXEC);
|
||||
|
||||
(void)munmap(map, page);
|
||||
|
||||
if (rv == 0) {
|
||||
str = "non-executable mapping made executable";
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
out:
|
||||
if (pax_global != -1 && pax_enabled != -1)
|
||||
(void)paxset(pax_global, pax_enabled);
|
||||
|
||||
if (str != NULL)
|
||||
atf_tc_fail(str);
|
||||
}
|
||||
|
||||
ATF_TC(mprotect_write);
|
||||
ATF_TC_HEAD(mprotect_write, tc)
|
||||
{
|
||||
atf_tc_set_md_var(tc, "descr", "Test mprotect(2) protections");
|
||||
}
|
||||
|
||||
ATF_TC_BODY(mprotect_write, tc)
|
||||
{
|
||||
pid_t pid;
|
||||
void *map;
|
||||
int sta;
|
||||
|
||||
/*
|
||||
* Map a page write-only, change the protection
|
||||
* to read-only with mprotect(2), and try to write
|
||||
* to the page. This should generate a SIGSEGV.
|
||||
*/
|
||||
map = mmap(NULL, page, PROT_WRITE, MAP_ANON, -1, 0);
|
||||
|
||||
if (map == MAP_FAILED)
|
||||
return;
|
||||
|
||||
ATF_REQUIRE(strlcpy(map, "XXX", 3) == 3);
|
||||
ATF_REQUIRE(mprotect(map, page, PROT_READ) == 0);
|
||||
|
||||
pid = fork();
|
||||
ATF_REQUIRE(pid >= 0);
|
||||
|
||||
if (pid == 0) {
|
||||
ATF_REQUIRE(signal(SIGSEGV, sighandler) != SIG_ERR);
|
||||
ATF_REQUIRE(strlcpy(map, "XXX", 3) == 0);
|
||||
}
|
||||
|
||||
(void)wait(&sta);
|
||||
|
||||
ATF_REQUIRE(WIFEXITED(sta) != 0);
|
||||
ATF_REQUIRE(WEXITSTATUS(sta) == SIGSEGV);
|
||||
ATF_REQUIRE(munmap(map, page) == 0);
|
||||
}
|
||||
|
||||
ATF_TP_ADD_TCS(tp)
|
||||
{
|
||||
page = sysconf(_SC_PAGESIZE);
|
||||
ATF_REQUIRE(page >= 0);
|
||||
|
||||
ATF_TP_ADD_TC(tp, mprotect_access);
|
||||
ATF_TP_ADD_TC(tp, mprotect_err);
|
||||
ATF_TP_ADD_TC(tp, mprotect_pax);
|
||||
ATF_TP_ADD_TC(tp, mprotect_write);
|
||||
|
||||
return atf_no_error();
|
||||
}
|
Loading…
Reference in New Issue