[kernel-tests] 05/73: first pass at paxtest results checking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is an automated email from the git hooks/post-receive script.

jforbes pushed a commit to branch master
in repository kernel-tests.

commit ea4eb46b91f2d832a84c9f8f9df73c73d2bffda9
Author: Dave Jones <davej@xxxxxxxxxx>
Date:   Tue Jun 12 12:31:15 2012 -0400

    first pass at paxtest results checking
---
 default/paxtest/runtest.sh | 48 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/default/paxtest/runtest.sh b/default/paxtest/runtest.sh
index 0014e78..1f87001 100755
--- a/default/paxtest/runtest.sh
+++ b/default/paxtest/runtest.sh
@@ -1,5 +1,16 @@
 #!/bin/sh
 
+check_kill()
+{
+	str="$*"
+
+	C=$(grep "$str" results.txt | grep Killed | wc -l)
+	if [ $C -eq 0 ]; then
+		grep "$str" results.txt
+		exit -1
+	fi
+}
+
 # Build.
 make linux >/dev/null 2>/dev/null
 if [ ! -f ./paxtest ]; then
@@ -11,7 +22,42 @@ fi
 ./paxtest blackhat > results.txt
 
 # Parse results
-## TODO
+
+ARCH=$(uname -m)
+
+if [ "$ARCH" == "x86_64" ]; then
+
+	check_kill "Executable anonymous mapping"
+	check_kill "Executable bss"
+	check_kill "Executable data"
+	check_kill "Executable heap"
+	check_kill "Executable stack"
+	check_kill "Executable shared library bss"
+	check_kill "Executable shared library data"
+
+	# as long as SELinux is enabled, this test will pass.
+	check_kill "Executable heap (mprotect)"
+
+#	check_kill "Executable anonymous mapping (mprotect)"
+#	check_kill "Executable bss (mprotect))"
+#	check_kill "Executable data (mprotect)"
+#	check_kill "Executable stack (mprotect))"
+#	check_kill "Executable shared library bss (mprotect)"
+#	check_kill "Executable shared library data (mprotect)"
+
+#	check_kill "Writable text segments"
+
+#	check("Return to function (strcpy)")              : paxtest: return address contains a NULL byte.
+#	check("Return to function (strcpy, PIE)")         : paxtest: return address contains a NULL byte.
+
+	check_kill "Return to function (memcpy)"
+	check_kill "Return to function (memcpy, PIE)"
+
+else
+	echo FIXME: Unsupported ARCH: $(uname -m)
+	cat results.txt
+	exit -1
+fi
 
 
 # Clean up.

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora General Discussion]     [Older Fedora Users Archive]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Coolkey]     [Yum Users]     [Tux]     [Yosemite News]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [USB]     [Asterisk PBX]

  Powered by Linux