On Wed, Dec 07, 2022 at 03:49:35PM +0000, jeffxu@chromium.org wrote:
From: Daniel Verkamp dverkamp@chromium.org
Basic tests to ensure that user/group/other execute bits cannot be changed after applying F_SEAL_EXEC to a memfd.
Signed-off-by: Daniel Verkamp dverkamp@chromium.org Co-developed-by: Jeff Xu jeffxu@google.com Signed-off-by: Jeff Xu jeffxu@google.com
tools/testing/selftests/memfd/memfd_test.c | 129 ++++++++++++++++++++- 1 file changed, 128 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index 94df2692e6e4..1d7e7b36bbdd 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -28,12 +28,44 @@ #define MFD_DEF_SIZE 8192 #define STACK_SIZE 65536 +#ifndef F_SEAL_EXEC +#define F_SEAL_EXEC 0x0020 +#endif
+#ifndef MAX_PATH +#define MAX_PATH 256 +#endif
I'd expect this to be named PATH_MAX, and it shouldn't need to have an #ifdef? That's a regular POSIX define.
Otherwise, looks good. Though it'd be nice if this test use kselftest_harness.h, but that's not your problem. :)
Reviewed-by: Kees Cook keescook@chromium.org