On 4/1/22 4:08 PM, Daniel Verkamp wrote:
Tests that ensure MFD_NOEXEC memfds have the appropriate mode bits and cannot be chmod-ed into being executable.
Signed-off-by: Daniel Verkamp dverkamp@chromium.org
tools/testing/selftests/memfd/memfd_test.c | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index fdb0e46e9df9..a79567161cdf 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -32,6 +32,10 @@ #define F_SEAL_EXEC 0x0020 #endif +#ifndef MFD_NOEXEC +#define MFD_NOEXEC 0x0008U +#endif
- /*
*/
- Default is not to test hugetlbfs
@@ -959,6 +963,35 @@ static void test_seal_exec(void) close(fd); } +/*
- Test memfd_create with MFD_NOEXEC flag
- Test that MFD_NOEXEC applies F_SEAL_EXEC and prevents change of exec bits
- */
+static void test_noexec(void) +{
- int fd;
- printf("%s NOEXEC\n", memfd_str);
- /* Create with NOEXEC and ALLOW_SEALING */
- fd = mfd_assert_new("kern_memfd_noexec",
mfd_def_size,MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_NOEXEC);
Don't we need to check fd here?
- mfd_assert_mode(fd, 0666);
- mfd_assert_has_seals(fd, F_SEAL_EXEC);
- mfd_fail_chmod(fd, 0777);
- close(fd);
- /* Create with NOEXEC but without ALLOW_SEALING */
- fd = mfd_assert_new("kern_memfd_noexec",
mfd_def_size,MFD_CLOEXEC | MFD_NOEXEC);
What happens when mfd_assert_new() fails - don't we need to check fd?
- mfd_assert_mode(fd, 0666);
- mfd_assert_has_seals(fd, F_SEAL_EXEC | F_SEAL_SEAL);
- mfd_fail_chmod(fd, 0777);
- close(fd);
+}
- /*
- Test sharing via dup()
- Test that seals are shared between dupped FDs and they're all equal.
@@ -1132,6 +1165,7 @@ int main(int argc, char **argv) test_create(); test_basic();
- test_noexec();
test_seal_write(); test_seal_future_write();
fd isn't checked in the other test F_SEAL_EXEC in the 3/4 patch.
thanks, -- Shuah