Re: [PATCH v2 3/4] selftests/mm: mseal_test add more tests for mmap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Pedro

On Fri, Aug 30, 2024 at 5:57 AM Pedro Falcato <pedro.falcato@xxxxxxxxx> wrote:
>
> On Thu, Aug 29, 2024 at 09:43:51PM GMT, jeffxu@xxxxxxxxxxxx wrote:
> > From: Jeff Xu <jeffxu@xxxxxxxxxxxx>
> >
> > Add sealing test to cover mmap for
> > Expand/shrink across vmas.
> > Reuse the same address in !MAP_FIXED case.
> >
> > Signed-off-by: Jeff Xu <jeffxu@xxxxxxxxxxxx>
> > ---
> >  tools/testing/selftests/mm/mseal_test.c | 125 +++++++++++++++++++++++-
> >  1 file changed, 124 insertions(+), 1 deletion(-)
> >
> > diff --git a/tools/testing/selftests/mm/mseal_test.c b/tools/testing/selftests/mm/mseal_test.c
> > index ae06c354220d..d83538039e76 100644
> > --- a/tools/testing/selftests/mm/mseal_test.c
> > +++ b/tools/testing/selftests/mm/mseal_test.c
> > @@ -2222,6 +2222,122 @@ static void test_munmap_free_multiple_ranges(bool seal)
> >       REPORT_TEST_PASS();
> >  }
> >
> > +static void test_seal_mmap_expand_seal_middle(bool seal)
> > +{
> > +     void *ptr;
> > +     unsigned long page_size = getpagesize();
> > +     unsigned long size = 12 * page_size;
> > +     int ret;
> > +     void *ret2;
> > +     int prot;
> > +
> > +     setup_single_address(size, &ptr);
> > +     FAIL_TEST_IF_FALSE(ptr != (void *)-1);
> > +     /* ummap last 4 pages. */
> > +     ret = sys_munmap(ptr + 8 * page_size, 4 * page_size);
> > +     FAIL_TEST_IF_FALSE(!ret);
> > +
> > +     size = get_vma_size(ptr, &prot);
> > +     FAIL_TEST_IF_FALSE(size == 8 * page_size);
> > +     FAIL_TEST_IF_FALSE(prot == 0x4);
> > +
> > +     if (seal) {
> > +             ret = sys_mseal(ptr + 4 * page_size, 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(!ret);
> > +     }
> > +
> > +     /* use mmap to expand. */
> > +     ret2 = mmap(ptr, 12 * page_size, PROT_READ,
> > +                     MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0);
>
> This is not expansion, but overwriting. Expansion is allowed through an adjacent mmap + mseal (which will merge the two VMAs).

The mmap is trying to expand the address range beginning from ptr
(size 8 * page_size) to 12 * page_size. This is overwrite + expansion.

>
> > +     if (seal) {
> > +             FAIL_TEST_IF_FALSE(ret2 == MAP_FAILED);
> > +             FAIL_TEST_IF_FALSE(errno == EPERM);
> > +
> > +             size = get_vma_size(ptr, &prot);
> > +             FAIL_TEST_IF_FALSE(size == 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(prot == 0x4);
> > +
> > +             size = get_vma_size(ptr + 4 * page_size, &prot);
> > +             FAIL_TEST_IF_FALSE(size == 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(prot == 0x4);
> > +     } else
> > +             FAIL_TEST_IF_FALSE(ret2 == ptr);
> > +
> > +     REPORT_TEST_PASS();
> > +}
> > +
> > +static void test_seal_mmap_shrink_seal_middle(bool seal)
> > +{
> > +     void *ptr;
> > +     unsigned long page_size = getpagesize();
> > +     unsigned long size = 12 * page_size;
> > +     int ret;
> > +     void *ret2;
> > +     int prot;
> > +
> > +     setup_single_address(size, &ptr);
> > +     FAIL_TEST_IF_FALSE(ptr != (void *)-1);
> > +
> > +     if (seal) {
> > +             ret = sys_mseal(ptr + 4 * page_size, 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(!ret);
> > +     }
> > +
> > +     /* use mmap to shrink. */
> > +     ret2 = mmap(ptr, 7 * page_size, PROT_READ,
> > +                     MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0);
>
> This is also a partial overwrite.
The mmap is trying to shrink the address range beginning from ptr
(size 12 * page_size) to 8 * page_size. This is overwrite + shrink.

>
> > +     if (seal) {
> > +             FAIL_TEST_IF_FALSE(ret2 == MAP_FAILED);
> > +             FAIL_TEST_IF_FALSE(errno == EPERM);
> > +
> > +             size = get_vma_size(ptr, &prot);
> > +             FAIL_TEST_IF_FALSE(size == 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(prot == 0x4);
> > +
> > +             size = get_vma_size(ptr + 4 * page_size, &prot);
> > +             FAIL_TEST_IF_FALSE(size == 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(prot == 0x4);
> > +
> > +             size = get_vma_size(ptr + 4 * page_size, &prot);
> > +             FAIL_TEST_IF_FALSE(size == 4 * page_size);
> > +             FAIL_TEST_IF_FALSE(prot == 0x4);
> > +     } else
> > +             FAIL_TEST_IF_FALSE(ret2 == ptr);
> > +
> > +     REPORT_TEST_PASS();
> > +}
> > +
> > +static void test_seal_mmap_reuse_addr(bool seal)
> > +{
> > +     void *ptr;
> > +     unsigned long page_size = getpagesize();
> > +     unsigned long size = page_size;
> > +     int ret;
> > +     void *ret2;
> > +     int prot;
> > +
> > +     setup_single_address(size, &ptr);
> > +     FAIL_TEST_IF_FALSE(ptr != (void *)-1);
> > +
> > +     if (seal) {
> > +             ret = sys_mseal(ptr, size);
> > +             FAIL_TEST_IF_FALSE(!ret);
> > +     }
> > +
> > +     /* use mmap to change protection. */
> > +     ret2 = mmap(ptr, size, PROT_NONE,
> > +                     MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
> > +
>
> This is also an overwrite. You're semantically testing the same thing, and testing the same regions of code.

This is not overwriting. MAP_FIXED is not used.

-Jeff

> These 3 tests are all kind of the same thing.
>
> --
> Pedro
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux