162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 262306a36Sopenharmony_ci#define _GNU_SOURCE 362306a36Sopenharmony_ci#define __EXPORTED_HEADERS__ 462306a36Sopenharmony_ci 562306a36Sopenharmony_ci#include <errno.h> 662306a36Sopenharmony_ci#include <inttypes.h> 762306a36Sopenharmony_ci#include <limits.h> 862306a36Sopenharmony_ci#include <linux/falloc.h> 962306a36Sopenharmony_ci#include <fcntl.h> 1062306a36Sopenharmony_ci#include <linux/memfd.h> 1162306a36Sopenharmony_ci#include <sched.h> 1262306a36Sopenharmony_ci#include <stdio.h> 1362306a36Sopenharmony_ci#include <stdlib.h> 1462306a36Sopenharmony_ci#include <signal.h> 1562306a36Sopenharmony_ci#include <string.h> 1662306a36Sopenharmony_ci#include <sys/mman.h> 1762306a36Sopenharmony_ci#include <sys/stat.h> 1862306a36Sopenharmony_ci#include <sys/syscall.h> 1962306a36Sopenharmony_ci#include <sys/wait.h> 2062306a36Sopenharmony_ci#include <unistd.h> 2162306a36Sopenharmony_ci#include <ctype.h> 2262306a36Sopenharmony_ci 2362306a36Sopenharmony_ci#include "common.h" 2462306a36Sopenharmony_ci 2562306a36Sopenharmony_ci#define MEMFD_STR "memfd:" 2662306a36Sopenharmony_ci#define MEMFD_HUGE_STR "memfd-hugetlb:" 2762306a36Sopenharmony_ci#define SHARED_FT_STR "(shared file-table)" 2862306a36Sopenharmony_ci 2962306a36Sopenharmony_ci#define MFD_DEF_SIZE 8192 3062306a36Sopenharmony_ci#define STACK_SIZE 65536 3162306a36Sopenharmony_ci 3262306a36Sopenharmony_ci#define F_SEAL_EXEC 0x0020 3362306a36Sopenharmony_ci 3462306a36Sopenharmony_ci#define F_WX_SEALS (F_SEAL_SHRINK | \ 3562306a36Sopenharmony_ci F_SEAL_GROW | \ 3662306a36Sopenharmony_ci F_SEAL_WRITE | \ 3762306a36Sopenharmony_ci F_SEAL_FUTURE_WRITE | \ 3862306a36Sopenharmony_ci F_SEAL_EXEC) 3962306a36Sopenharmony_ci 4062306a36Sopenharmony_ci#define MFD_NOEXEC_SEAL 0x0008U 4162306a36Sopenharmony_ci 4262306a36Sopenharmony_ci/* 4362306a36Sopenharmony_ci * Default is not to test hugetlbfs 4462306a36Sopenharmony_ci */ 4562306a36Sopenharmony_cistatic size_t mfd_def_size = MFD_DEF_SIZE; 4662306a36Sopenharmony_cistatic const char *memfd_str = MEMFD_STR; 4762306a36Sopenharmony_cistatic int newpid_thread_fn2(void *arg); 4862306a36Sopenharmony_cistatic void join_newpid_thread(pid_t pid); 4962306a36Sopenharmony_ci 5062306a36Sopenharmony_cistatic ssize_t fd2name(int fd, char *buf, size_t bufsize) 5162306a36Sopenharmony_ci{ 5262306a36Sopenharmony_ci char buf1[PATH_MAX]; 5362306a36Sopenharmony_ci int size; 5462306a36Sopenharmony_ci ssize_t nbytes; 5562306a36Sopenharmony_ci 5662306a36Sopenharmony_ci size = snprintf(buf1, PATH_MAX, "/proc/self/fd/%d", fd); 5762306a36Sopenharmony_ci if (size < 0) { 5862306a36Sopenharmony_ci printf("snprintf(%d) failed on %m\n", fd); 5962306a36Sopenharmony_ci abort(); 6062306a36Sopenharmony_ci } 6162306a36Sopenharmony_ci 6262306a36Sopenharmony_ci /* 6362306a36Sopenharmony_ci * reserver one byte for string termination. 6462306a36Sopenharmony_ci */ 6562306a36Sopenharmony_ci nbytes = readlink(buf1, buf, bufsize-1); 6662306a36Sopenharmony_ci if (nbytes == -1) { 6762306a36Sopenharmony_ci printf("readlink(%s) failed %m\n", buf1); 6862306a36Sopenharmony_ci abort(); 6962306a36Sopenharmony_ci } 7062306a36Sopenharmony_ci buf[nbytes] = '\0'; 7162306a36Sopenharmony_ci return nbytes; 7262306a36Sopenharmony_ci} 7362306a36Sopenharmony_ci 7462306a36Sopenharmony_cistatic int mfd_assert_new(const char *name, loff_t sz, unsigned int flags) 7562306a36Sopenharmony_ci{ 7662306a36Sopenharmony_ci int r, fd; 7762306a36Sopenharmony_ci 7862306a36Sopenharmony_ci fd = sys_memfd_create(name, flags); 7962306a36Sopenharmony_ci if (fd < 0) { 8062306a36Sopenharmony_ci printf("memfd_create(\"%s\", %u) failed: %m\n", 8162306a36Sopenharmony_ci name, flags); 8262306a36Sopenharmony_ci abort(); 8362306a36Sopenharmony_ci } 8462306a36Sopenharmony_ci 8562306a36Sopenharmony_ci r = ftruncate(fd, sz); 8662306a36Sopenharmony_ci if (r < 0) { 8762306a36Sopenharmony_ci printf("ftruncate(%llu) failed: %m\n", (unsigned long long)sz); 8862306a36Sopenharmony_ci abort(); 8962306a36Sopenharmony_ci } 9062306a36Sopenharmony_ci 9162306a36Sopenharmony_ci return fd; 9262306a36Sopenharmony_ci} 9362306a36Sopenharmony_ci 9462306a36Sopenharmony_cistatic void sysctl_assert_write(const char *val) 9562306a36Sopenharmony_ci{ 9662306a36Sopenharmony_ci int fd = open("/proc/sys/vm/memfd_noexec", O_WRONLY | O_CLOEXEC); 9762306a36Sopenharmony_ci 9862306a36Sopenharmony_ci if (fd < 0) { 9962306a36Sopenharmony_ci printf("open sysctl failed: %m\n"); 10062306a36Sopenharmony_ci abort(); 10162306a36Sopenharmony_ci } 10262306a36Sopenharmony_ci 10362306a36Sopenharmony_ci if (write(fd, val, strlen(val)) < 0) { 10462306a36Sopenharmony_ci printf("write sysctl %s failed: %m\n", val); 10562306a36Sopenharmony_ci abort(); 10662306a36Sopenharmony_ci } 10762306a36Sopenharmony_ci} 10862306a36Sopenharmony_ci 10962306a36Sopenharmony_cistatic void sysctl_fail_write(const char *val) 11062306a36Sopenharmony_ci{ 11162306a36Sopenharmony_ci int fd = open("/proc/sys/vm/memfd_noexec", O_WRONLY | O_CLOEXEC); 11262306a36Sopenharmony_ci 11362306a36Sopenharmony_ci if (fd < 0) { 11462306a36Sopenharmony_ci printf("open sysctl failed: %m\n"); 11562306a36Sopenharmony_ci abort(); 11662306a36Sopenharmony_ci } 11762306a36Sopenharmony_ci 11862306a36Sopenharmony_ci if (write(fd, val, strlen(val)) >= 0) { 11962306a36Sopenharmony_ci printf("write sysctl %s succeeded, but failure expected\n", 12062306a36Sopenharmony_ci val); 12162306a36Sopenharmony_ci abort(); 12262306a36Sopenharmony_ci } 12362306a36Sopenharmony_ci} 12462306a36Sopenharmony_ci 12562306a36Sopenharmony_cistatic void sysctl_assert_equal(const char *val) 12662306a36Sopenharmony_ci{ 12762306a36Sopenharmony_ci char *p, buf[128] = {}; 12862306a36Sopenharmony_ci int fd = open("/proc/sys/vm/memfd_noexec", O_RDONLY | O_CLOEXEC); 12962306a36Sopenharmony_ci 13062306a36Sopenharmony_ci if (fd < 0) { 13162306a36Sopenharmony_ci printf("open sysctl failed: %m\n"); 13262306a36Sopenharmony_ci abort(); 13362306a36Sopenharmony_ci } 13462306a36Sopenharmony_ci 13562306a36Sopenharmony_ci if (read(fd, buf, sizeof(buf)) < 0) { 13662306a36Sopenharmony_ci printf("read sysctl failed: %m\n"); 13762306a36Sopenharmony_ci abort(); 13862306a36Sopenharmony_ci } 13962306a36Sopenharmony_ci 14062306a36Sopenharmony_ci /* Strip trailing whitespace. */ 14162306a36Sopenharmony_ci p = buf; 14262306a36Sopenharmony_ci while (!isspace(*p)) 14362306a36Sopenharmony_ci p++; 14462306a36Sopenharmony_ci *p = '\0'; 14562306a36Sopenharmony_ci 14662306a36Sopenharmony_ci if (strcmp(buf, val) != 0) { 14762306a36Sopenharmony_ci printf("unexpected sysctl value: expected %s, got %s\n", val, buf); 14862306a36Sopenharmony_ci abort(); 14962306a36Sopenharmony_ci } 15062306a36Sopenharmony_ci} 15162306a36Sopenharmony_ci 15262306a36Sopenharmony_cistatic int mfd_assert_reopen_fd(int fd_in) 15362306a36Sopenharmony_ci{ 15462306a36Sopenharmony_ci int fd; 15562306a36Sopenharmony_ci char path[100]; 15662306a36Sopenharmony_ci 15762306a36Sopenharmony_ci sprintf(path, "/proc/self/fd/%d", fd_in); 15862306a36Sopenharmony_ci 15962306a36Sopenharmony_ci fd = open(path, O_RDWR); 16062306a36Sopenharmony_ci if (fd < 0) { 16162306a36Sopenharmony_ci printf("re-open of existing fd %d failed\n", fd_in); 16262306a36Sopenharmony_ci abort(); 16362306a36Sopenharmony_ci } 16462306a36Sopenharmony_ci 16562306a36Sopenharmony_ci return fd; 16662306a36Sopenharmony_ci} 16762306a36Sopenharmony_ci 16862306a36Sopenharmony_cistatic void mfd_fail_new(const char *name, unsigned int flags) 16962306a36Sopenharmony_ci{ 17062306a36Sopenharmony_ci int r; 17162306a36Sopenharmony_ci 17262306a36Sopenharmony_ci r = sys_memfd_create(name, flags); 17362306a36Sopenharmony_ci if (r >= 0) { 17462306a36Sopenharmony_ci printf("memfd_create(\"%s\", %u) succeeded, but failure expected\n", 17562306a36Sopenharmony_ci name, flags); 17662306a36Sopenharmony_ci close(r); 17762306a36Sopenharmony_ci abort(); 17862306a36Sopenharmony_ci } 17962306a36Sopenharmony_ci} 18062306a36Sopenharmony_ci 18162306a36Sopenharmony_cistatic unsigned int mfd_assert_get_seals(int fd) 18262306a36Sopenharmony_ci{ 18362306a36Sopenharmony_ci int r; 18462306a36Sopenharmony_ci 18562306a36Sopenharmony_ci r = fcntl(fd, F_GET_SEALS); 18662306a36Sopenharmony_ci if (r < 0) { 18762306a36Sopenharmony_ci printf("GET_SEALS(%d) failed: %m\n", fd); 18862306a36Sopenharmony_ci abort(); 18962306a36Sopenharmony_ci } 19062306a36Sopenharmony_ci 19162306a36Sopenharmony_ci return (unsigned int)r; 19262306a36Sopenharmony_ci} 19362306a36Sopenharmony_ci 19462306a36Sopenharmony_cistatic void mfd_assert_has_seals(int fd, unsigned int seals) 19562306a36Sopenharmony_ci{ 19662306a36Sopenharmony_ci char buf[PATH_MAX]; 19762306a36Sopenharmony_ci int nbytes; 19862306a36Sopenharmony_ci unsigned int s; 19962306a36Sopenharmony_ci fd2name(fd, buf, PATH_MAX); 20062306a36Sopenharmony_ci 20162306a36Sopenharmony_ci s = mfd_assert_get_seals(fd); 20262306a36Sopenharmony_ci if (s != seals) { 20362306a36Sopenharmony_ci printf("%u != %u = GET_SEALS(%s)\n", seals, s, buf); 20462306a36Sopenharmony_ci abort(); 20562306a36Sopenharmony_ci } 20662306a36Sopenharmony_ci} 20762306a36Sopenharmony_ci 20862306a36Sopenharmony_cistatic void mfd_assert_add_seals(int fd, unsigned int seals) 20962306a36Sopenharmony_ci{ 21062306a36Sopenharmony_ci int r; 21162306a36Sopenharmony_ci unsigned int s; 21262306a36Sopenharmony_ci 21362306a36Sopenharmony_ci s = mfd_assert_get_seals(fd); 21462306a36Sopenharmony_ci r = fcntl(fd, F_ADD_SEALS, seals); 21562306a36Sopenharmony_ci if (r < 0) { 21662306a36Sopenharmony_ci printf("ADD_SEALS(%d, %u -> %u) failed: %m\n", fd, s, seals); 21762306a36Sopenharmony_ci abort(); 21862306a36Sopenharmony_ci } 21962306a36Sopenharmony_ci} 22062306a36Sopenharmony_ci 22162306a36Sopenharmony_cistatic void mfd_fail_add_seals(int fd, unsigned int seals) 22262306a36Sopenharmony_ci{ 22362306a36Sopenharmony_ci int r; 22462306a36Sopenharmony_ci unsigned int s; 22562306a36Sopenharmony_ci 22662306a36Sopenharmony_ci r = fcntl(fd, F_GET_SEALS); 22762306a36Sopenharmony_ci if (r < 0) 22862306a36Sopenharmony_ci s = 0; 22962306a36Sopenharmony_ci else 23062306a36Sopenharmony_ci s = (unsigned int)r; 23162306a36Sopenharmony_ci 23262306a36Sopenharmony_ci r = fcntl(fd, F_ADD_SEALS, seals); 23362306a36Sopenharmony_ci if (r >= 0) { 23462306a36Sopenharmony_ci printf("ADD_SEALS(%d, %u -> %u) didn't fail as expected\n", 23562306a36Sopenharmony_ci fd, s, seals); 23662306a36Sopenharmony_ci abort(); 23762306a36Sopenharmony_ci } 23862306a36Sopenharmony_ci} 23962306a36Sopenharmony_ci 24062306a36Sopenharmony_cistatic void mfd_assert_size(int fd, size_t size) 24162306a36Sopenharmony_ci{ 24262306a36Sopenharmony_ci struct stat st; 24362306a36Sopenharmony_ci int r; 24462306a36Sopenharmony_ci 24562306a36Sopenharmony_ci r = fstat(fd, &st); 24662306a36Sopenharmony_ci if (r < 0) { 24762306a36Sopenharmony_ci printf("fstat(%d) failed: %m\n", fd); 24862306a36Sopenharmony_ci abort(); 24962306a36Sopenharmony_ci } else if (st.st_size != size) { 25062306a36Sopenharmony_ci printf("wrong file size %lld, but expected %lld\n", 25162306a36Sopenharmony_ci (long long)st.st_size, (long long)size); 25262306a36Sopenharmony_ci abort(); 25362306a36Sopenharmony_ci } 25462306a36Sopenharmony_ci} 25562306a36Sopenharmony_ci 25662306a36Sopenharmony_cistatic int mfd_assert_dup(int fd) 25762306a36Sopenharmony_ci{ 25862306a36Sopenharmony_ci int r; 25962306a36Sopenharmony_ci 26062306a36Sopenharmony_ci r = dup(fd); 26162306a36Sopenharmony_ci if (r < 0) { 26262306a36Sopenharmony_ci printf("dup(%d) failed: %m\n", fd); 26362306a36Sopenharmony_ci abort(); 26462306a36Sopenharmony_ci } 26562306a36Sopenharmony_ci 26662306a36Sopenharmony_ci return r; 26762306a36Sopenharmony_ci} 26862306a36Sopenharmony_ci 26962306a36Sopenharmony_cistatic void *mfd_assert_mmap_shared(int fd) 27062306a36Sopenharmony_ci{ 27162306a36Sopenharmony_ci void *p; 27262306a36Sopenharmony_ci 27362306a36Sopenharmony_ci p = mmap(NULL, 27462306a36Sopenharmony_ci mfd_def_size, 27562306a36Sopenharmony_ci PROT_READ | PROT_WRITE, 27662306a36Sopenharmony_ci MAP_SHARED, 27762306a36Sopenharmony_ci fd, 27862306a36Sopenharmony_ci 0); 27962306a36Sopenharmony_ci if (p == MAP_FAILED) { 28062306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 28162306a36Sopenharmony_ci abort(); 28262306a36Sopenharmony_ci } 28362306a36Sopenharmony_ci 28462306a36Sopenharmony_ci return p; 28562306a36Sopenharmony_ci} 28662306a36Sopenharmony_ci 28762306a36Sopenharmony_cistatic void *mfd_assert_mmap_private(int fd) 28862306a36Sopenharmony_ci{ 28962306a36Sopenharmony_ci void *p; 29062306a36Sopenharmony_ci 29162306a36Sopenharmony_ci p = mmap(NULL, 29262306a36Sopenharmony_ci mfd_def_size, 29362306a36Sopenharmony_ci PROT_READ, 29462306a36Sopenharmony_ci MAP_PRIVATE, 29562306a36Sopenharmony_ci fd, 29662306a36Sopenharmony_ci 0); 29762306a36Sopenharmony_ci if (p == MAP_FAILED) { 29862306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 29962306a36Sopenharmony_ci abort(); 30062306a36Sopenharmony_ci } 30162306a36Sopenharmony_ci 30262306a36Sopenharmony_ci return p; 30362306a36Sopenharmony_ci} 30462306a36Sopenharmony_ci 30562306a36Sopenharmony_cistatic int mfd_assert_open(int fd, int flags, mode_t mode) 30662306a36Sopenharmony_ci{ 30762306a36Sopenharmony_ci char buf[512]; 30862306a36Sopenharmony_ci int r; 30962306a36Sopenharmony_ci 31062306a36Sopenharmony_ci sprintf(buf, "/proc/self/fd/%d", fd); 31162306a36Sopenharmony_ci r = open(buf, flags, mode); 31262306a36Sopenharmony_ci if (r < 0) { 31362306a36Sopenharmony_ci printf("open(%s) failed: %m\n", buf); 31462306a36Sopenharmony_ci abort(); 31562306a36Sopenharmony_ci } 31662306a36Sopenharmony_ci 31762306a36Sopenharmony_ci return r; 31862306a36Sopenharmony_ci} 31962306a36Sopenharmony_ci 32062306a36Sopenharmony_cistatic void mfd_fail_open(int fd, int flags, mode_t mode) 32162306a36Sopenharmony_ci{ 32262306a36Sopenharmony_ci char buf[512]; 32362306a36Sopenharmony_ci int r; 32462306a36Sopenharmony_ci 32562306a36Sopenharmony_ci sprintf(buf, "/proc/self/fd/%d", fd); 32662306a36Sopenharmony_ci r = open(buf, flags, mode); 32762306a36Sopenharmony_ci if (r >= 0) { 32862306a36Sopenharmony_ci printf("open(%s) didn't fail as expected\n", buf); 32962306a36Sopenharmony_ci abort(); 33062306a36Sopenharmony_ci } 33162306a36Sopenharmony_ci} 33262306a36Sopenharmony_ci 33362306a36Sopenharmony_cistatic void mfd_assert_read(int fd) 33462306a36Sopenharmony_ci{ 33562306a36Sopenharmony_ci char buf[16]; 33662306a36Sopenharmony_ci void *p; 33762306a36Sopenharmony_ci ssize_t l; 33862306a36Sopenharmony_ci 33962306a36Sopenharmony_ci l = read(fd, buf, sizeof(buf)); 34062306a36Sopenharmony_ci if (l != sizeof(buf)) { 34162306a36Sopenharmony_ci printf("read() failed: %m\n"); 34262306a36Sopenharmony_ci abort(); 34362306a36Sopenharmony_ci } 34462306a36Sopenharmony_ci 34562306a36Sopenharmony_ci /* verify PROT_READ *is* allowed */ 34662306a36Sopenharmony_ci p = mmap(NULL, 34762306a36Sopenharmony_ci mfd_def_size, 34862306a36Sopenharmony_ci PROT_READ, 34962306a36Sopenharmony_ci MAP_PRIVATE, 35062306a36Sopenharmony_ci fd, 35162306a36Sopenharmony_ci 0); 35262306a36Sopenharmony_ci if (p == MAP_FAILED) { 35362306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 35462306a36Sopenharmony_ci abort(); 35562306a36Sopenharmony_ci } 35662306a36Sopenharmony_ci munmap(p, mfd_def_size); 35762306a36Sopenharmony_ci 35862306a36Sopenharmony_ci /* verify MAP_PRIVATE is *always* allowed (even writable) */ 35962306a36Sopenharmony_ci p = mmap(NULL, 36062306a36Sopenharmony_ci mfd_def_size, 36162306a36Sopenharmony_ci PROT_READ | PROT_WRITE, 36262306a36Sopenharmony_ci MAP_PRIVATE, 36362306a36Sopenharmony_ci fd, 36462306a36Sopenharmony_ci 0); 36562306a36Sopenharmony_ci if (p == MAP_FAILED) { 36662306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 36762306a36Sopenharmony_ci abort(); 36862306a36Sopenharmony_ci } 36962306a36Sopenharmony_ci munmap(p, mfd_def_size); 37062306a36Sopenharmony_ci} 37162306a36Sopenharmony_ci 37262306a36Sopenharmony_ci/* Test that PROT_READ + MAP_SHARED mappings work. */ 37362306a36Sopenharmony_cistatic void mfd_assert_read_shared(int fd) 37462306a36Sopenharmony_ci{ 37562306a36Sopenharmony_ci void *p; 37662306a36Sopenharmony_ci 37762306a36Sopenharmony_ci /* verify PROT_READ and MAP_SHARED *is* allowed */ 37862306a36Sopenharmony_ci p = mmap(NULL, 37962306a36Sopenharmony_ci mfd_def_size, 38062306a36Sopenharmony_ci PROT_READ, 38162306a36Sopenharmony_ci MAP_SHARED, 38262306a36Sopenharmony_ci fd, 38362306a36Sopenharmony_ci 0); 38462306a36Sopenharmony_ci if (p == MAP_FAILED) { 38562306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 38662306a36Sopenharmony_ci abort(); 38762306a36Sopenharmony_ci } 38862306a36Sopenharmony_ci munmap(p, mfd_def_size); 38962306a36Sopenharmony_ci} 39062306a36Sopenharmony_ci 39162306a36Sopenharmony_cistatic void mfd_assert_fork_private_write(int fd) 39262306a36Sopenharmony_ci{ 39362306a36Sopenharmony_ci int *p; 39462306a36Sopenharmony_ci pid_t pid; 39562306a36Sopenharmony_ci 39662306a36Sopenharmony_ci p = mmap(NULL, 39762306a36Sopenharmony_ci mfd_def_size, 39862306a36Sopenharmony_ci PROT_READ | PROT_WRITE, 39962306a36Sopenharmony_ci MAP_PRIVATE, 40062306a36Sopenharmony_ci fd, 40162306a36Sopenharmony_ci 0); 40262306a36Sopenharmony_ci if (p == MAP_FAILED) { 40362306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 40462306a36Sopenharmony_ci abort(); 40562306a36Sopenharmony_ci } 40662306a36Sopenharmony_ci 40762306a36Sopenharmony_ci p[0] = 22; 40862306a36Sopenharmony_ci 40962306a36Sopenharmony_ci pid = fork(); 41062306a36Sopenharmony_ci if (pid == 0) { 41162306a36Sopenharmony_ci p[0] = 33; 41262306a36Sopenharmony_ci exit(0); 41362306a36Sopenharmony_ci } else { 41462306a36Sopenharmony_ci waitpid(pid, NULL, 0); 41562306a36Sopenharmony_ci 41662306a36Sopenharmony_ci if (p[0] != 22) { 41762306a36Sopenharmony_ci printf("MAP_PRIVATE copy-on-write failed: %m\n"); 41862306a36Sopenharmony_ci abort(); 41962306a36Sopenharmony_ci } 42062306a36Sopenharmony_ci } 42162306a36Sopenharmony_ci 42262306a36Sopenharmony_ci munmap(p, mfd_def_size); 42362306a36Sopenharmony_ci} 42462306a36Sopenharmony_ci 42562306a36Sopenharmony_cistatic void mfd_assert_write(int fd) 42662306a36Sopenharmony_ci{ 42762306a36Sopenharmony_ci ssize_t l; 42862306a36Sopenharmony_ci void *p; 42962306a36Sopenharmony_ci int r; 43062306a36Sopenharmony_ci 43162306a36Sopenharmony_ci /* 43262306a36Sopenharmony_ci * huegtlbfs does not support write, but we want to 43362306a36Sopenharmony_ci * verify everything else here. 43462306a36Sopenharmony_ci */ 43562306a36Sopenharmony_ci if (!hugetlbfs_test) { 43662306a36Sopenharmony_ci /* verify write() succeeds */ 43762306a36Sopenharmony_ci l = write(fd, "\0\0\0\0", 4); 43862306a36Sopenharmony_ci if (l != 4) { 43962306a36Sopenharmony_ci printf("write() failed: %m\n"); 44062306a36Sopenharmony_ci abort(); 44162306a36Sopenharmony_ci } 44262306a36Sopenharmony_ci } 44362306a36Sopenharmony_ci 44462306a36Sopenharmony_ci /* verify PROT_READ | PROT_WRITE is allowed */ 44562306a36Sopenharmony_ci p = mmap(NULL, 44662306a36Sopenharmony_ci mfd_def_size, 44762306a36Sopenharmony_ci PROT_READ | PROT_WRITE, 44862306a36Sopenharmony_ci MAP_SHARED, 44962306a36Sopenharmony_ci fd, 45062306a36Sopenharmony_ci 0); 45162306a36Sopenharmony_ci if (p == MAP_FAILED) { 45262306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 45362306a36Sopenharmony_ci abort(); 45462306a36Sopenharmony_ci } 45562306a36Sopenharmony_ci *(char *)p = 0; 45662306a36Sopenharmony_ci munmap(p, mfd_def_size); 45762306a36Sopenharmony_ci 45862306a36Sopenharmony_ci /* verify PROT_WRITE is allowed */ 45962306a36Sopenharmony_ci p = mmap(NULL, 46062306a36Sopenharmony_ci mfd_def_size, 46162306a36Sopenharmony_ci PROT_WRITE, 46262306a36Sopenharmony_ci MAP_SHARED, 46362306a36Sopenharmony_ci fd, 46462306a36Sopenharmony_ci 0); 46562306a36Sopenharmony_ci if (p == MAP_FAILED) { 46662306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 46762306a36Sopenharmony_ci abort(); 46862306a36Sopenharmony_ci } 46962306a36Sopenharmony_ci *(char *)p = 0; 47062306a36Sopenharmony_ci munmap(p, mfd_def_size); 47162306a36Sopenharmony_ci 47262306a36Sopenharmony_ci /* verify PROT_READ with MAP_SHARED is allowed and a following 47362306a36Sopenharmony_ci * mprotect(PROT_WRITE) allows writing */ 47462306a36Sopenharmony_ci p = mmap(NULL, 47562306a36Sopenharmony_ci mfd_def_size, 47662306a36Sopenharmony_ci PROT_READ, 47762306a36Sopenharmony_ci MAP_SHARED, 47862306a36Sopenharmony_ci fd, 47962306a36Sopenharmony_ci 0); 48062306a36Sopenharmony_ci if (p == MAP_FAILED) { 48162306a36Sopenharmony_ci printf("mmap() failed: %m\n"); 48262306a36Sopenharmony_ci abort(); 48362306a36Sopenharmony_ci } 48462306a36Sopenharmony_ci 48562306a36Sopenharmony_ci r = mprotect(p, mfd_def_size, PROT_READ | PROT_WRITE); 48662306a36Sopenharmony_ci if (r < 0) { 48762306a36Sopenharmony_ci printf("mprotect() failed: %m\n"); 48862306a36Sopenharmony_ci abort(); 48962306a36Sopenharmony_ci } 49062306a36Sopenharmony_ci 49162306a36Sopenharmony_ci *(char *)p = 0; 49262306a36Sopenharmony_ci munmap(p, mfd_def_size); 49362306a36Sopenharmony_ci 49462306a36Sopenharmony_ci /* verify PUNCH_HOLE works */ 49562306a36Sopenharmony_ci r = fallocate(fd, 49662306a36Sopenharmony_ci FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, 49762306a36Sopenharmony_ci 0, 49862306a36Sopenharmony_ci mfd_def_size); 49962306a36Sopenharmony_ci if (r < 0) { 50062306a36Sopenharmony_ci printf("fallocate(PUNCH_HOLE) failed: %m\n"); 50162306a36Sopenharmony_ci abort(); 50262306a36Sopenharmony_ci } 50362306a36Sopenharmony_ci} 50462306a36Sopenharmony_ci 50562306a36Sopenharmony_cistatic void mfd_fail_write(int fd) 50662306a36Sopenharmony_ci{ 50762306a36Sopenharmony_ci ssize_t l; 50862306a36Sopenharmony_ci void *p; 50962306a36Sopenharmony_ci int r; 51062306a36Sopenharmony_ci 51162306a36Sopenharmony_ci /* verify write() fails */ 51262306a36Sopenharmony_ci l = write(fd, "data", 4); 51362306a36Sopenharmony_ci if (l != -EPERM) { 51462306a36Sopenharmony_ci printf("expected EPERM on write(), but got %d: %m\n", (int)l); 51562306a36Sopenharmony_ci abort(); 51662306a36Sopenharmony_ci } 51762306a36Sopenharmony_ci 51862306a36Sopenharmony_ci /* verify PROT_READ | PROT_WRITE is not allowed */ 51962306a36Sopenharmony_ci p = mmap(NULL, 52062306a36Sopenharmony_ci mfd_def_size, 52162306a36Sopenharmony_ci PROT_READ | PROT_WRITE, 52262306a36Sopenharmony_ci MAP_SHARED, 52362306a36Sopenharmony_ci fd, 52462306a36Sopenharmony_ci 0); 52562306a36Sopenharmony_ci if (p != MAP_FAILED) { 52662306a36Sopenharmony_ci printf("mmap() didn't fail as expected\n"); 52762306a36Sopenharmony_ci abort(); 52862306a36Sopenharmony_ci } 52962306a36Sopenharmony_ci 53062306a36Sopenharmony_ci /* verify PROT_WRITE is not allowed */ 53162306a36Sopenharmony_ci p = mmap(NULL, 53262306a36Sopenharmony_ci mfd_def_size, 53362306a36Sopenharmony_ci PROT_WRITE, 53462306a36Sopenharmony_ci MAP_SHARED, 53562306a36Sopenharmony_ci fd, 53662306a36Sopenharmony_ci 0); 53762306a36Sopenharmony_ci if (p != MAP_FAILED) { 53862306a36Sopenharmony_ci printf("mmap() didn't fail as expected\n"); 53962306a36Sopenharmony_ci abort(); 54062306a36Sopenharmony_ci } 54162306a36Sopenharmony_ci 54262306a36Sopenharmony_ci /* Verify PROT_READ with MAP_SHARED with a following mprotect is not 54362306a36Sopenharmony_ci * allowed. Note that for r/w the kernel already prevents the mmap. */ 54462306a36Sopenharmony_ci p = mmap(NULL, 54562306a36Sopenharmony_ci mfd_def_size, 54662306a36Sopenharmony_ci PROT_READ, 54762306a36Sopenharmony_ci MAP_SHARED, 54862306a36Sopenharmony_ci fd, 54962306a36Sopenharmony_ci 0); 55062306a36Sopenharmony_ci if (p != MAP_FAILED) { 55162306a36Sopenharmony_ci r = mprotect(p, mfd_def_size, PROT_READ | PROT_WRITE); 55262306a36Sopenharmony_ci if (r >= 0) { 55362306a36Sopenharmony_ci printf("mmap()+mprotect() didn't fail as expected\n"); 55462306a36Sopenharmony_ci abort(); 55562306a36Sopenharmony_ci } 55662306a36Sopenharmony_ci munmap(p, mfd_def_size); 55762306a36Sopenharmony_ci } 55862306a36Sopenharmony_ci 55962306a36Sopenharmony_ci /* verify PUNCH_HOLE fails */ 56062306a36Sopenharmony_ci r = fallocate(fd, 56162306a36Sopenharmony_ci FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, 56262306a36Sopenharmony_ci 0, 56362306a36Sopenharmony_ci mfd_def_size); 56462306a36Sopenharmony_ci if (r >= 0) { 56562306a36Sopenharmony_ci printf("fallocate(PUNCH_HOLE) didn't fail as expected\n"); 56662306a36Sopenharmony_ci abort(); 56762306a36Sopenharmony_ci } 56862306a36Sopenharmony_ci} 56962306a36Sopenharmony_ci 57062306a36Sopenharmony_cistatic void mfd_assert_shrink(int fd) 57162306a36Sopenharmony_ci{ 57262306a36Sopenharmony_ci int r, fd2; 57362306a36Sopenharmony_ci 57462306a36Sopenharmony_ci r = ftruncate(fd, mfd_def_size / 2); 57562306a36Sopenharmony_ci if (r < 0) { 57662306a36Sopenharmony_ci printf("ftruncate(SHRINK) failed: %m\n"); 57762306a36Sopenharmony_ci abort(); 57862306a36Sopenharmony_ci } 57962306a36Sopenharmony_ci 58062306a36Sopenharmony_ci mfd_assert_size(fd, mfd_def_size / 2); 58162306a36Sopenharmony_ci 58262306a36Sopenharmony_ci fd2 = mfd_assert_open(fd, 58362306a36Sopenharmony_ci O_RDWR | O_CREAT | O_TRUNC, 58462306a36Sopenharmony_ci S_IRUSR | S_IWUSR); 58562306a36Sopenharmony_ci close(fd2); 58662306a36Sopenharmony_ci 58762306a36Sopenharmony_ci mfd_assert_size(fd, 0); 58862306a36Sopenharmony_ci} 58962306a36Sopenharmony_ci 59062306a36Sopenharmony_cistatic void mfd_fail_shrink(int fd) 59162306a36Sopenharmony_ci{ 59262306a36Sopenharmony_ci int r; 59362306a36Sopenharmony_ci 59462306a36Sopenharmony_ci r = ftruncate(fd, mfd_def_size / 2); 59562306a36Sopenharmony_ci if (r >= 0) { 59662306a36Sopenharmony_ci printf("ftruncate(SHRINK) didn't fail as expected\n"); 59762306a36Sopenharmony_ci abort(); 59862306a36Sopenharmony_ci } 59962306a36Sopenharmony_ci 60062306a36Sopenharmony_ci mfd_fail_open(fd, 60162306a36Sopenharmony_ci O_RDWR | O_CREAT | O_TRUNC, 60262306a36Sopenharmony_ci S_IRUSR | S_IWUSR); 60362306a36Sopenharmony_ci} 60462306a36Sopenharmony_ci 60562306a36Sopenharmony_cistatic void mfd_assert_grow(int fd) 60662306a36Sopenharmony_ci{ 60762306a36Sopenharmony_ci int r; 60862306a36Sopenharmony_ci 60962306a36Sopenharmony_ci r = ftruncate(fd, mfd_def_size * 2); 61062306a36Sopenharmony_ci if (r < 0) { 61162306a36Sopenharmony_ci printf("ftruncate(GROW) failed: %m\n"); 61262306a36Sopenharmony_ci abort(); 61362306a36Sopenharmony_ci } 61462306a36Sopenharmony_ci 61562306a36Sopenharmony_ci mfd_assert_size(fd, mfd_def_size * 2); 61662306a36Sopenharmony_ci 61762306a36Sopenharmony_ci r = fallocate(fd, 61862306a36Sopenharmony_ci 0, 61962306a36Sopenharmony_ci 0, 62062306a36Sopenharmony_ci mfd_def_size * 4); 62162306a36Sopenharmony_ci if (r < 0) { 62262306a36Sopenharmony_ci printf("fallocate(ALLOC) failed: %m\n"); 62362306a36Sopenharmony_ci abort(); 62462306a36Sopenharmony_ci } 62562306a36Sopenharmony_ci 62662306a36Sopenharmony_ci mfd_assert_size(fd, mfd_def_size * 4); 62762306a36Sopenharmony_ci} 62862306a36Sopenharmony_ci 62962306a36Sopenharmony_cistatic void mfd_fail_grow(int fd) 63062306a36Sopenharmony_ci{ 63162306a36Sopenharmony_ci int r; 63262306a36Sopenharmony_ci 63362306a36Sopenharmony_ci r = ftruncate(fd, mfd_def_size * 2); 63462306a36Sopenharmony_ci if (r >= 0) { 63562306a36Sopenharmony_ci printf("ftruncate(GROW) didn't fail as expected\n"); 63662306a36Sopenharmony_ci abort(); 63762306a36Sopenharmony_ci } 63862306a36Sopenharmony_ci 63962306a36Sopenharmony_ci r = fallocate(fd, 64062306a36Sopenharmony_ci 0, 64162306a36Sopenharmony_ci 0, 64262306a36Sopenharmony_ci mfd_def_size * 4); 64362306a36Sopenharmony_ci if (r >= 0) { 64462306a36Sopenharmony_ci printf("fallocate(ALLOC) didn't fail as expected\n"); 64562306a36Sopenharmony_ci abort(); 64662306a36Sopenharmony_ci } 64762306a36Sopenharmony_ci} 64862306a36Sopenharmony_ci 64962306a36Sopenharmony_cistatic void mfd_assert_grow_write(int fd) 65062306a36Sopenharmony_ci{ 65162306a36Sopenharmony_ci static char *buf; 65262306a36Sopenharmony_ci ssize_t l; 65362306a36Sopenharmony_ci 65462306a36Sopenharmony_ci /* hugetlbfs does not support write */ 65562306a36Sopenharmony_ci if (hugetlbfs_test) 65662306a36Sopenharmony_ci return; 65762306a36Sopenharmony_ci 65862306a36Sopenharmony_ci buf = malloc(mfd_def_size * 8); 65962306a36Sopenharmony_ci if (!buf) { 66062306a36Sopenharmony_ci printf("malloc(%zu) failed: %m\n", mfd_def_size * 8); 66162306a36Sopenharmony_ci abort(); 66262306a36Sopenharmony_ci } 66362306a36Sopenharmony_ci 66462306a36Sopenharmony_ci l = pwrite(fd, buf, mfd_def_size * 8, 0); 66562306a36Sopenharmony_ci if (l != (mfd_def_size * 8)) { 66662306a36Sopenharmony_ci printf("pwrite() failed: %m\n"); 66762306a36Sopenharmony_ci abort(); 66862306a36Sopenharmony_ci } 66962306a36Sopenharmony_ci 67062306a36Sopenharmony_ci mfd_assert_size(fd, mfd_def_size * 8); 67162306a36Sopenharmony_ci} 67262306a36Sopenharmony_ci 67362306a36Sopenharmony_cistatic void mfd_fail_grow_write(int fd) 67462306a36Sopenharmony_ci{ 67562306a36Sopenharmony_ci static char *buf; 67662306a36Sopenharmony_ci ssize_t l; 67762306a36Sopenharmony_ci 67862306a36Sopenharmony_ci /* hugetlbfs does not support write */ 67962306a36Sopenharmony_ci if (hugetlbfs_test) 68062306a36Sopenharmony_ci return; 68162306a36Sopenharmony_ci 68262306a36Sopenharmony_ci buf = malloc(mfd_def_size * 8); 68362306a36Sopenharmony_ci if (!buf) { 68462306a36Sopenharmony_ci printf("malloc(%zu) failed: %m\n", mfd_def_size * 8); 68562306a36Sopenharmony_ci abort(); 68662306a36Sopenharmony_ci } 68762306a36Sopenharmony_ci 68862306a36Sopenharmony_ci l = pwrite(fd, buf, mfd_def_size * 8, 0); 68962306a36Sopenharmony_ci if (l == (mfd_def_size * 8)) { 69062306a36Sopenharmony_ci printf("pwrite() didn't fail as expected\n"); 69162306a36Sopenharmony_ci abort(); 69262306a36Sopenharmony_ci } 69362306a36Sopenharmony_ci} 69462306a36Sopenharmony_ci 69562306a36Sopenharmony_cistatic void mfd_assert_mode(int fd, int mode) 69662306a36Sopenharmony_ci{ 69762306a36Sopenharmony_ci struct stat st; 69862306a36Sopenharmony_ci char buf[PATH_MAX]; 69962306a36Sopenharmony_ci int nbytes; 70062306a36Sopenharmony_ci 70162306a36Sopenharmony_ci fd2name(fd, buf, PATH_MAX); 70262306a36Sopenharmony_ci 70362306a36Sopenharmony_ci if (fstat(fd, &st) < 0) { 70462306a36Sopenharmony_ci printf("fstat(%s) failed: %m\n", buf); 70562306a36Sopenharmony_ci abort(); 70662306a36Sopenharmony_ci } 70762306a36Sopenharmony_ci 70862306a36Sopenharmony_ci if ((st.st_mode & 07777) != mode) { 70962306a36Sopenharmony_ci printf("fstat(%s) wrong file mode 0%04o, but expected 0%04o\n", 71062306a36Sopenharmony_ci buf, (int)st.st_mode & 07777, mode); 71162306a36Sopenharmony_ci abort(); 71262306a36Sopenharmony_ci } 71362306a36Sopenharmony_ci} 71462306a36Sopenharmony_ci 71562306a36Sopenharmony_cistatic void mfd_assert_chmod(int fd, int mode) 71662306a36Sopenharmony_ci{ 71762306a36Sopenharmony_ci char buf[PATH_MAX]; 71862306a36Sopenharmony_ci int nbytes; 71962306a36Sopenharmony_ci 72062306a36Sopenharmony_ci fd2name(fd, buf, PATH_MAX); 72162306a36Sopenharmony_ci 72262306a36Sopenharmony_ci if (fchmod(fd, mode) < 0) { 72362306a36Sopenharmony_ci printf("fchmod(%s, 0%04o) failed: %m\n", buf, mode); 72462306a36Sopenharmony_ci abort(); 72562306a36Sopenharmony_ci } 72662306a36Sopenharmony_ci 72762306a36Sopenharmony_ci mfd_assert_mode(fd, mode); 72862306a36Sopenharmony_ci} 72962306a36Sopenharmony_ci 73062306a36Sopenharmony_cistatic void mfd_fail_chmod(int fd, int mode) 73162306a36Sopenharmony_ci{ 73262306a36Sopenharmony_ci struct stat st; 73362306a36Sopenharmony_ci char buf[PATH_MAX]; 73462306a36Sopenharmony_ci int nbytes; 73562306a36Sopenharmony_ci 73662306a36Sopenharmony_ci fd2name(fd, buf, PATH_MAX); 73762306a36Sopenharmony_ci 73862306a36Sopenharmony_ci if (fstat(fd, &st) < 0) { 73962306a36Sopenharmony_ci printf("fstat(%s) failed: %m\n", buf); 74062306a36Sopenharmony_ci abort(); 74162306a36Sopenharmony_ci } 74262306a36Sopenharmony_ci 74362306a36Sopenharmony_ci if (fchmod(fd, mode) == 0) { 74462306a36Sopenharmony_ci printf("fchmod(%s, 0%04o) didn't fail as expected\n", 74562306a36Sopenharmony_ci buf, mode); 74662306a36Sopenharmony_ci abort(); 74762306a36Sopenharmony_ci } 74862306a36Sopenharmony_ci 74962306a36Sopenharmony_ci /* verify that file mode bits did not change */ 75062306a36Sopenharmony_ci mfd_assert_mode(fd, st.st_mode & 07777); 75162306a36Sopenharmony_ci} 75262306a36Sopenharmony_ci 75362306a36Sopenharmony_cistatic int idle_thread_fn(void *arg) 75462306a36Sopenharmony_ci{ 75562306a36Sopenharmony_ci sigset_t set; 75662306a36Sopenharmony_ci int sig; 75762306a36Sopenharmony_ci 75862306a36Sopenharmony_ci /* dummy waiter; SIGTERM terminates us anyway */ 75962306a36Sopenharmony_ci sigemptyset(&set); 76062306a36Sopenharmony_ci sigaddset(&set, SIGTERM); 76162306a36Sopenharmony_ci sigwait(&set, &sig); 76262306a36Sopenharmony_ci 76362306a36Sopenharmony_ci return 0; 76462306a36Sopenharmony_ci} 76562306a36Sopenharmony_ci 76662306a36Sopenharmony_cistatic pid_t spawn_thread(unsigned int flags, int (*fn)(void *), void *arg) 76762306a36Sopenharmony_ci{ 76862306a36Sopenharmony_ci uint8_t *stack; 76962306a36Sopenharmony_ci pid_t pid; 77062306a36Sopenharmony_ci 77162306a36Sopenharmony_ci stack = malloc(STACK_SIZE); 77262306a36Sopenharmony_ci if (!stack) { 77362306a36Sopenharmony_ci printf("malloc(STACK_SIZE) failed: %m\n"); 77462306a36Sopenharmony_ci abort(); 77562306a36Sopenharmony_ci } 77662306a36Sopenharmony_ci 77762306a36Sopenharmony_ci pid = clone(fn, stack + STACK_SIZE, SIGCHLD | flags, arg); 77862306a36Sopenharmony_ci if (pid < 0) { 77962306a36Sopenharmony_ci printf("clone() failed: %m\n"); 78062306a36Sopenharmony_ci abort(); 78162306a36Sopenharmony_ci } 78262306a36Sopenharmony_ci 78362306a36Sopenharmony_ci return pid; 78462306a36Sopenharmony_ci} 78562306a36Sopenharmony_ci 78662306a36Sopenharmony_cistatic void join_thread(pid_t pid) 78762306a36Sopenharmony_ci{ 78862306a36Sopenharmony_ci int wstatus; 78962306a36Sopenharmony_ci 79062306a36Sopenharmony_ci if (waitpid(pid, &wstatus, 0) < 0) { 79162306a36Sopenharmony_ci printf("newpid thread: waitpid() failed: %m\n"); 79262306a36Sopenharmony_ci abort(); 79362306a36Sopenharmony_ci } 79462306a36Sopenharmony_ci 79562306a36Sopenharmony_ci if (WIFEXITED(wstatus) && WEXITSTATUS(wstatus) != 0) { 79662306a36Sopenharmony_ci printf("newpid thread: exited with non-zero error code %d\n", 79762306a36Sopenharmony_ci WEXITSTATUS(wstatus)); 79862306a36Sopenharmony_ci abort(); 79962306a36Sopenharmony_ci } 80062306a36Sopenharmony_ci 80162306a36Sopenharmony_ci if (WIFSIGNALED(wstatus)) { 80262306a36Sopenharmony_ci printf("newpid thread: killed by signal %d\n", 80362306a36Sopenharmony_ci WTERMSIG(wstatus)); 80462306a36Sopenharmony_ci abort(); 80562306a36Sopenharmony_ci } 80662306a36Sopenharmony_ci} 80762306a36Sopenharmony_ci 80862306a36Sopenharmony_cistatic pid_t spawn_idle_thread(unsigned int flags) 80962306a36Sopenharmony_ci{ 81062306a36Sopenharmony_ci return spawn_thread(flags, idle_thread_fn, NULL); 81162306a36Sopenharmony_ci} 81262306a36Sopenharmony_ci 81362306a36Sopenharmony_cistatic void join_idle_thread(pid_t pid) 81462306a36Sopenharmony_ci{ 81562306a36Sopenharmony_ci kill(pid, SIGTERM); 81662306a36Sopenharmony_ci waitpid(pid, NULL, 0); 81762306a36Sopenharmony_ci} 81862306a36Sopenharmony_ci 81962306a36Sopenharmony_ci/* 82062306a36Sopenharmony_ci * Test memfd_create() syscall 82162306a36Sopenharmony_ci * Verify syscall-argument validation, including name checks, flag validation 82262306a36Sopenharmony_ci * and more. 82362306a36Sopenharmony_ci */ 82462306a36Sopenharmony_cistatic void test_create(void) 82562306a36Sopenharmony_ci{ 82662306a36Sopenharmony_ci char buf[2048]; 82762306a36Sopenharmony_ci int fd; 82862306a36Sopenharmony_ci 82962306a36Sopenharmony_ci printf("%s CREATE\n", memfd_str); 83062306a36Sopenharmony_ci 83162306a36Sopenharmony_ci /* test NULL name */ 83262306a36Sopenharmony_ci mfd_fail_new(NULL, 0); 83362306a36Sopenharmony_ci 83462306a36Sopenharmony_ci /* test over-long name (not zero-terminated) */ 83562306a36Sopenharmony_ci memset(buf, 0xff, sizeof(buf)); 83662306a36Sopenharmony_ci mfd_fail_new(buf, 0); 83762306a36Sopenharmony_ci 83862306a36Sopenharmony_ci /* test over-long zero-terminated name */ 83962306a36Sopenharmony_ci memset(buf, 0xff, sizeof(buf)); 84062306a36Sopenharmony_ci buf[sizeof(buf) - 1] = 0; 84162306a36Sopenharmony_ci mfd_fail_new(buf, 0); 84262306a36Sopenharmony_ci 84362306a36Sopenharmony_ci /* verify "" is a valid name */ 84462306a36Sopenharmony_ci fd = mfd_assert_new("", 0, 0); 84562306a36Sopenharmony_ci close(fd); 84662306a36Sopenharmony_ci 84762306a36Sopenharmony_ci /* verify invalid O_* open flags */ 84862306a36Sopenharmony_ci mfd_fail_new("", 0x0100); 84962306a36Sopenharmony_ci mfd_fail_new("", ~MFD_CLOEXEC); 85062306a36Sopenharmony_ci mfd_fail_new("", ~MFD_ALLOW_SEALING); 85162306a36Sopenharmony_ci mfd_fail_new("", ~0); 85262306a36Sopenharmony_ci mfd_fail_new("", 0x80000000U); 85362306a36Sopenharmony_ci 85462306a36Sopenharmony_ci /* verify EXEC and NOEXEC_SEAL can't both be set */ 85562306a36Sopenharmony_ci mfd_fail_new("", MFD_EXEC | MFD_NOEXEC_SEAL); 85662306a36Sopenharmony_ci 85762306a36Sopenharmony_ci /* verify MFD_CLOEXEC is allowed */ 85862306a36Sopenharmony_ci fd = mfd_assert_new("", 0, MFD_CLOEXEC); 85962306a36Sopenharmony_ci close(fd); 86062306a36Sopenharmony_ci 86162306a36Sopenharmony_ci /* verify MFD_ALLOW_SEALING is allowed */ 86262306a36Sopenharmony_ci fd = mfd_assert_new("", 0, MFD_ALLOW_SEALING); 86362306a36Sopenharmony_ci close(fd); 86462306a36Sopenharmony_ci 86562306a36Sopenharmony_ci /* verify MFD_ALLOW_SEALING | MFD_CLOEXEC is allowed */ 86662306a36Sopenharmony_ci fd = mfd_assert_new("", 0, MFD_ALLOW_SEALING | MFD_CLOEXEC); 86762306a36Sopenharmony_ci close(fd); 86862306a36Sopenharmony_ci} 86962306a36Sopenharmony_ci 87062306a36Sopenharmony_ci/* 87162306a36Sopenharmony_ci * Test basic sealing 87262306a36Sopenharmony_ci * A very basic sealing test to see whether setting/retrieving seals works. 87362306a36Sopenharmony_ci */ 87462306a36Sopenharmony_cistatic void test_basic(void) 87562306a36Sopenharmony_ci{ 87662306a36Sopenharmony_ci int fd; 87762306a36Sopenharmony_ci 87862306a36Sopenharmony_ci printf("%s BASIC\n", memfd_str); 87962306a36Sopenharmony_ci 88062306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_basic", 88162306a36Sopenharmony_ci mfd_def_size, 88262306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 88362306a36Sopenharmony_ci 88462306a36Sopenharmony_ci /* add basic seals */ 88562306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 88662306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SHRINK | 88762306a36Sopenharmony_ci F_SEAL_WRITE); 88862306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SHRINK | 88962306a36Sopenharmony_ci F_SEAL_WRITE); 89062306a36Sopenharmony_ci 89162306a36Sopenharmony_ci /* add them again */ 89262306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SHRINK | 89362306a36Sopenharmony_ci F_SEAL_WRITE); 89462306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SHRINK | 89562306a36Sopenharmony_ci F_SEAL_WRITE); 89662306a36Sopenharmony_ci 89762306a36Sopenharmony_ci /* add more seals and seal against sealing */ 89862306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_GROW | F_SEAL_SEAL); 89962306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SHRINK | 90062306a36Sopenharmony_ci F_SEAL_GROW | 90162306a36Sopenharmony_ci F_SEAL_WRITE | 90262306a36Sopenharmony_ci F_SEAL_SEAL); 90362306a36Sopenharmony_ci 90462306a36Sopenharmony_ci /* verify that sealing no longer works */ 90562306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_GROW); 90662306a36Sopenharmony_ci mfd_fail_add_seals(fd, 0); 90762306a36Sopenharmony_ci 90862306a36Sopenharmony_ci close(fd); 90962306a36Sopenharmony_ci 91062306a36Sopenharmony_ci /* verify sealing does not work without MFD_ALLOW_SEALING */ 91162306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_basic", 91262306a36Sopenharmony_ci mfd_def_size, 91362306a36Sopenharmony_ci MFD_CLOEXEC); 91462306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SEAL); 91562306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_SHRINK | 91662306a36Sopenharmony_ci F_SEAL_GROW | 91762306a36Sopenharmony_ci F_SEAL_WRITE); 91862306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SEAL); 91962306a36Sopenharmony_ci close(fd); 92062306a36Sopenharmony_ci} 92162306a36Sopenharmony_ci 92262306a36Sopenharmony_ci/* 92362306a36Sopenharmony_ci * Test SEAL_WRITE 92462306a36Sopenharmony_ci * Test whether SEAL_WRITE actually prevents modifications. 92562306a36Sopenharmony_ci */ 92662306a36Sopenharmony_cistatic void test_seal_write(void) 92762306a36Sopenharmony_ci{ 92862306a36Sopenharmony_ci int fd; 92962306a36Sopenharmony_ci 93062306a36Sopenharmony_ci printf("%s SEAL-WRITE\n", memfd_str); 93162306a36Sopenharmony_ci 93262306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_write", 93362306a36Sopenharmony_ci mfd_def_size, 93462306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 93562306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 93662306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_WRITE); 93762306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE); 93862306a36Sopenharmony_ci 93962306a36Sopenharmony_ci mfd_assert_read(fd); 94062306a36Sopenharmony_ci mfd_fail_write(fd); 94162306a36Sopenharmony_ci mfd_assert_shrink(fd); 94262306a36Sopenharmony_ci mfd_assert_grow(fd); 94362306a36Sopenharmony_ci mfd_fail_grow_write(fd); 94462306a36Sopenharmony_ci 94562306a36Sopenharmony_ci close(fd); 94662306a36Sopenharmony_ci} 94762306a36Sopenharmony_ci 94862306a36Sopenharmony_ci/* 94962306a36Sopenharmony_ci * Test SEAL_FUTURE_WRITE 95062306a36Sopenharmony_ci * Test whether SEAL_FUTURE_WRITE actually prevents modifications. 95162306a36Sopenharmony_ci */ 95262306a36Sopenharmony_cistatic void test_seal_future_write(void) 95362306a36Sopenharmony_ci{ 95462306a36Sopenharmony_ci int fd, fd2; 95562306a36Sopenharmony_ci void *p; 95662306a36Sopenharmony_ci 95762306a36Sopenharmony_ci printf("%s SEAL-FUTURE-WRITE\n", memfd_str); 95862306a36Sopenharmony_ci 95962306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_future_write", 96062306a36Sopenharmony_ci mfd_def_size, 96162306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 96262306a36Sopenharmony_ci 96362306a36Sopenharmony_ci p = mfd_assert_mmap_shared(fd); 96462306a36Sopenharmony_ci 96562306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 96662306a36Sopenharmony_ci 96762306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_FUTURE_WRITE); 96862306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_FUTURE_WRITE); 96962306a36Sopenharmony_ci 97062306a36Sopenharmony_ci /* read should pass, writes should fail */ 97162306a36Sopenharmony_ci mfd_assert_read(fd); 97262306a36Sopenharmony_ci mfd_assert_read_shared(fd); 97362306a36Sopenharmony_ci mfd_fail_write(fd); 97462306a36Sopenharmony_ci 97562306a36Sopenharmony_ci fd2 = mfd_assert_reopen_fd(fd); 97662306a36Sopenharmony_ci /* read should pass, writes should still fail */ 97762306a36Sopenharmony_ci mfd_assert_read(fd2); 97862306a36Sopenharmony_ci mfd_assert_read_shared(fd2); 97962306a36Sopenharmony_ci mfd_fail_write(fd2); 98062306a36Sopenharmony_ci 98162306a36Sopenharmony_ci mfd_assert_fork_private_write(fd); 98262306a36Sopenharmony_ci 98362306a36Sopenharmony_ci munmap(p, mfd_def_size); 98462306a36Sopenharmony_ci close(fd2); 98562306a36Sopenharmony_ci close(fd); 98662306a36Sopenharmony_ci} 98762306a36Sopenharmony_ci 98862306a36Sopenharmony_ci/* 98962306a36Sopenharmony_ci * Test SEAL_SHRINK 99062306a36Sopenharmony_ci * Test whether SEAL_SHRINK actually prevents shrinking 99162306a36Sopenharmony_ci */ 99262306a36Sopenharmony_cistatic void test_seal_shrink(void) 99362306a36Sopenharmony_ci{ 99462306a36Sopenharmony_ci int fd; 99562306a36Sopenharmony_ci 99662306a36Sopenharmony_ci printf("%s SEAL-SHRINK\n", memfd_str); 99762306a36Sopenharmony_ci 99862306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_shrink", 99962306a36Sopenharmony_ci mfd_def_size, 100062306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 100162306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 100262306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SHRINK); 100362306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SHRINK); 100462306a36Sopenharmony_ci 100562306a36Sopenharmony_ci mfd_assert_read(fd); 100662306a36Sopenharmony_ci mfd_assert_write(fd); 100762306a36Sopenharmony_ci mfd_fail_shrink(fd); 100862306a36Sopenharmony_ci mfd_assert_grow(fd); 100962306a36Sopenharmony_ci mfd_assert_grow_write(fd); 101062306a36Sopenharmony_ci 101162306a36Sopenharmony_ci close(fd); 101262306a36Sopenharmony_ci} 101362306a36Sopenharmony_ci 101462306a36Sopenharmony_ci/* 101562306a36Sopenharmony_ci * Test SEAL_GROW 101662306a36Sopenharmony_ci * Test whether SEAL_GROW actually prevents growing 101762306a36Sopenharmony_ci */ 101862306a36Sopenharmony_cistatic void test_seal_grow(void) 101962306a36Sopenharmony_ci{ 102062306a36Sopenharmony_ci int fd; 102162306a36Sopenharmony_ci 102262306a36Sopenharmony_ci printf("%s SEAL-GROW\n", memfd_str); 102362306a36Sopenharmony_ci 102462306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_grow", 102562306a36Sopenharmony_ci mfd_def_size, 102662306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 102762306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 102862306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_GROW); 102962306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_GROW); 103062306a36Sopenharmony_ci 103162306a36Sopenharmony_ci mfd_assert_read(fd); 103262306a36Sopenharmony_ci mfd_assert_write(fd); 103362306a36Sopenharmony_ci mfd_assert_shrink(fd); 103462306a36Sopenharmony_ci mfd_fail_grow(fd); 103562306a36Sopenharmony_ci mfd_fail_grow_write(fd); 103662306a36Sopenharmony_ci 103762306a36Sopenharmony_ci close(fd); 103862306a36Sopenharmony_ci} 103962306a36Sopenharmony_ci 104062306a36Sopenharmony_ci/* 104162306a36Sopenharmony_ci * Test SEAL_SHRINK | SEAL_GROW 104262306a36Sopenharmony_ci * Test whether SEAL_SHRINK | SEAL_GROW actually prevents resizing 104362306a36Sopenharmony_ci */ 104462306a36Sopenharmony_cistatic void test_seal_resize(void) 104562306a36Sopenharmony_ci{ 104662306a36Sopenharmony_ci int fd; 104762306a36Sopenharmony_ci 104862306a36Sopenharmony_ci printf("%s SEAL-RESIZE\n", memfd_str); 104962306a36Sopenharmony_ci 105062306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_resize", 105162306a36Sopenharmony_ci mfd_def_size, 105262306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 105362306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 105462306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SHRINK | F_SEAL_GROW); 105562306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SHRINK | F_SEAL_GROW); 105662306a36Sopenharmony_ci 105762306a36Sopenharmony_ci mfd_assert_read(fd); 105862306a36Sopenharmony_ci mfd_assert_write(fd); 105962306a36Sopenharmony_ci mfd_fail_shrink(fd); 106062306a36Sopenharmony_ci mfd_fail_grow(fd); 106162306a36Sopenharmony_ci mfd_fail_grow_write(fd); 106262306a36Sopenharmony_ci 106362306a36Sopenharmony_ci close(fd); 106462306a36Sopenharmony_ci} 106562306a36Sopenharmony_ci 106662306a36Sopenharmony_ci/* 106762306a36Sopenharmony_ci * Test SEAL_EXEC 106862306a36Sopenharmony_ci * Test fd is created with exec and allow sealing. 106962306a36Sopenharmony_ci * chmod() cannot change x bits after sealing. 107062306a36Sopenharmony_ci */ 107162306a36Sopenharmony_cistatic void test_exec_seal(void) 107262306a36Sopenharmony_ci{ 107362306a36Sopenharmony_ci int fd; 107462306a36Sopenharmony_ci 107562306a36Sopenharmony_ci printf("%s SEAL-EXEC\n", memfd_str); 107662306a36Sopenharmony_ci 107762306a36Sopenharmony_ci printf("%s Apply SEAL_EXEC\n", memfd_str); 107862306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_exec", 107962306a36Sopenharmony_ci mfd_def_size, 108062306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_EXEC); 108162306a36Sopenharmony_ci 108262306a36Sopenharmony_ci mfd_assert_mode(fd, 0777); 108362306a36Sopenharmony_ci mfd_assert_chmod(fd, 0644); 108462306a36Sopenharmony_ci 108562306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 108662306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_EXEC); 108762306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 108862306a36Sopenharmony_ci 108962306a36Sopenharmony_ci mfd_assert_chmod(fd, 0600); 109062306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 109162306a36Sopenharmony_ci mfd_fail_chmod(fd, 0670); 109262306a36Sopenharmony_ci mfd_fail_chmod(fd, 0605); 109362306a36Sopenharmony_ci mfd_fail_chmod(fd, 0700); 109462306a36Sopenharmony_ci mfd_fail_chmod(fd, 0100); 109562306a36Sopenharmony_ci mfd_assert_chmod(fd, 0666); 109662306a36Sopenharmony_ci mfd_assert_write(fd); 109762306a36Sopenharmony_ci close(fd); 109862306a36Sopenharmony_ci 109962306a36Sopenharmony_ci printf("%s Apply ALL_SEALS\n", memfd_str); 110062306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_seal_exec", 110162306a36Sopenharmony_ci mfd_def_size, 110262306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_EXEC); 110362306a36Sopenharmony_ci 110462306a36Sopenharmony_ci mfd_assert_mode(fd, 0777); 110562306a36Sopenharmony_ci mfd_assert_chmod(fd, 0700); 110662306a36Sopenharmony_ci 110762306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 110862306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_EXEC); 110962306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_WX_SEALS); 111062306a36Sopenharmony_ci 111162306a36Sopenharmony_ci mfd_fail_chmod(fd, 0711); 111262306a36Sopenharmony_ci mfd_fail_chmod(fd, 0600); 111362306a36Sopenharmony_ci mfd_fail_write(fd); 111462306a36Sopenharmony_ci close(fd); 111562306a36Sopenharmony_ci} 111662306a36Sopenharmony_ci 111762306a36Sopenharmony_ci/* 111862306a36Sopenharmony_ci * Test EXEC_NO_SEAL 111962306a36Sopenharmony_ci * Test fd is created with exec and not allow sealing. 112062306a36Sopenharmony_ci */ 112162306a36Sopenharmony_cistatic void test_exec_no_seal(void) 112262306a36Sopenharmony_ci{ 112362306a36Sopenharmony_ci int fd; 112462306a36Sopenharmony_ci 112562306a36Sopenharmony_ci printf("%s EXEC_NO_SEAL\n", memfd_str); 112662306a36Sopenharmony_ci 112762306a36Sopenharmony_ci /* Create with EXEC but without ALLOW_SEALING */ 112862306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_exec_no_sealing", 112962306a36Sopenharmony_ci mfd_def_size, 113062306a36Sopenharmony_ci MFD_CLOEXEC | MFD_EXEC); 113162306a36Sopenharmony_ci mfd_assert_mode(fd, 0777); 113262306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SEAL); 113362306a36Sopenharmony_ci mfd_assert_chmod(fd, 0666); 113462306a36Sopenharmony_ci close(fd); 113562306a36Sopenharmony_ci} 113662306a36Sopenharmony_ci 113762306a36Sopenharmony_ci/* 113862306a36Sopenharmony_ci * Test memfd_create with MFD_NOEXEC flag 113962306a36Sopenharmony_ci */ 114062306a36Sopenharmony_cistatic void test_noexec_seal(void) 114162306a36Sopenharmony_ci{ 114262306a36Sopenharmony_ci int fd; 114362306a36Sopenharmony_ci 114462306a36Sopenharmony_ci printf("%s NOEXEC_SEAL\n", memfd_str); 114562306a36Sopenharmony_ci 114662306a36Sopenharmony_ci /* Create with NOEXEC and ALLOW_SEALING */ 114762306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_noexec", 114862306a36Sopenharmony_ci mfd_def_size, 114962306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_NOEXEC_SEAL); 115062306a36Sopenharmony_ci mfd_assert_mode(fd, 0666); 115162306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 115262306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 115362306a36Sopenharmony_ci close(fd); 115462306a36Sopenharmony_ci 115562306a36Sopenharmony_ci /* Create with NOEXEC but without ALLOW_SEALING */ 115662306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_noexec", 115762306a36Sopenharmony_ci mfd_def_size, 115862306a36Sopenharmony_ci MFD_CLOEXEC | MFD_NOEXEC_SEAL); 115962306a36Sopenharmony_ci mfd_assert_mode(fd, 0666); 116062306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 116162306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 116262306a36Sopenharmony_ci close(fd); 116362306a36Sopenharmony_ci} 116462306a36Sopenharmony_ci 116562306a36Sopenharmony_cistatic void test_sysctl_sysctl0(void) 116662306a36Sopenharmony_ci{ 116762306a36Sopenharmony_ci int fd; 116862306a36Sopenharmony_ci 116962306a36Sopenharmony_ci sysctl_assert_equal("0"); 117062306a36Sopenharmony_ci 117162306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_sysctl_0_dfl", 117262306a36Sopenharmony_ci mfd_def_size, 117362306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 117462306a36Sopenharmony_ci mfd_assert_mode(fd, 0777); 117562306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 117662306a36Sopenharmony_ci mfd_assert_chmod(fd, 0644); 117762306a36Sopenharmony_ci close(fd); 117862306a36Sopenharmony_ci} 117962306a36Sopenharmony_ci 118062306a36Sopenharmony_cistatic void test_sysctl_set_sysctl0(void) 118162306a36Sopenharmony_ci{ 118262306a36Sopenharmony_ci sysctl_assert_write("0"); 118362306a36Sopenharmony_ci test_sysctl_sysctl0(); 118462306a36Sopenharmony_ci} 118562306a36Sopenharmony_ci 118662306a36Sopenharmony_cistatic void test_sysctl_sysctl1(void) 118762306a36Sopenharmony_ci{ 118862306a36Sopenharmony_ci int fd; 118962306a36Sopenharmony_ci 119062306a36Sopenharmony_ci sysctl_assert_equal("1"); 119162306a36Sopenharmony_ci 119262306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_sysctl_1_dfl", 119362306a36Sopenharmony_ci mfd_def_size, 119462306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 119562306a36Sopenharmony_ci mfd_assert_mode(fd, 0666); 119662306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 119762306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 119862306a36Sopenharmony_ci close(fd); 119962306a36Sopenharmony_ci 120062306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_sysctl_1_exec", 120162306a36Sopenharmony_ci mfd_def_size, 120262306a36Sopenharmony_ci MFD_CLOEXEC | MFD_EXEC | MFD_ALLOW_SEALING); 120362306a36Sopenharmony_ci mfd_assert_mode(fd, 0777); 120462306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 120562306a36Sopenharmony_ci mfd_assert_chmod(fd, 0644); 120662306a36Sopenharmony_ci close(fd); 120762306a36Sopenharmony_ci 120862306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_sysctl_1_noexec", 120962306a36Sopenharmony_ci mfd_def_size, 121062306a36Sopenharmony_ci MFD_CLOEXEC | MFD_NOEXEC_SEAL | MFD_ALLOW_SEALING); 121162306a36Sopenharmony_ci mfd_assert_mode(fd, 0666); 121262306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 121362306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 121462306a36Sopenharmony_ci close(fd); 121562306a36Sopenharmony_ci} 121662306a36Sopenharmony_ci 121762306a36Sopenharmony_cistatic void test_sysctl_set_sysctl1(void) 121862306a36Sopenharmony_ci{ 121962306a36Sopenharmony_ci sysctl_assert_write("1"); 122062306a36Sopenharmony_ci test_sysctl_sysctl1(); 122162306a36Sopenharmony_ci} 122262306a36Sopenharmony_ci 122362306a36Sopenharmony_cistatic void test_sysctl_sysctl2(void) 122462306a36Sopenharmony_ci{ 122562306a36Sopenharmony_ci int fd; 122662306a36Sopenharmony_ci 122762306a36Sopenharmony_ci sysctl_assert_equal("2"); 122862306a36Sopenharmony_ci 122962306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_sysctl_2_dfl", 123062306a36Sopenharmony_ci mfd_def_size, 123162306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 123262306a36Sopenharmony_ci mfd_assert_mode(fd, 0666); 123362306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 123462306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 123562306a36Sopenharmony_ci close(fd); 123662306a36Sopenharmony_ci 123762306a36Sopenharmony_ci mfd_fail_new("kern_memfd_sysctl_2_exec", 123862306a36Sopenharmony_ci MFD_CLOEXEC | MFD_EXEC | MFD_ALLOW_SEALING); 123962306a36Sopenharmony_ci 124062306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_sysctl_2_noexec", 124162306a36Sopenharmony_ci mfd_def_size, 124262306a36Sopenharmony_ci MFD_CLOEXEC | MFD_NOEXEC_SEAL | MFD_ALLOW_SEALING); 124362306a36Sopenharmony_ci mfd_assert_mode(fd, 0666); 124462306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_EXEC); 124562306a36Sopenharmony_ci mfd_fail_chmod(fd, 0777); 124662306a36Sopenharmony_ci close(fd); 124762306a36Sopenharmony_ci} 124862306a36Sopenharmony_ci 124962306a36Sopenharmony_cistatic void test_sysctl_set_sysctl2(void) 125062306a36Sopenharmony_ci{ 125162306a36Sopenharmony_ci sysctl_assert_write("2"); 125262306a36Sopenharmony_ci test_sysctl_sysctl2(); 125362306a36Sopenharmony_ci} 125462306a36Sopenharmony_ci 125562306a36Sopenharmony_cistatic int sysctl_simple_child(void *arg) 125662306a36Sopenharmony_ci{ 125762306a36Sopenharmony_ci int fd; 125862306a36Sopenharmony_ci int pid; 125962306a36Sopenharmony_ci 126062306a36Sopenharmony_ci printf("%s sysctl 0\n", memfd_str); 126162306a36Sopenharmony_ci test_sysctl_set_sysctl0(); 126262306a36Sopenharmony_ci 126362306a36Sopenharmony_ci printf("%s sysctl 1\n", memfd_str); 126462306a36Sopenharmony_ci test_sysctl_set_sysctl1(); 126562306a36Sopenharmony_ci 126662306a36Sopenharmony_ci printf("%s sysctl 0\n", memfd_str); 126762306a36Sopenharmony_ci test_sysctl_set_sysctl0(); 126862306a36Sopenharmony_ci 126962306a36Sopenharmony_ci printf("%s sysctl 2\n", memfd_str); 127062306a36Sopenharmony_ci test_sysctl_set_sysctl2(); 127162306a36Sopenharmony_ci 127262306a36Sopenharmony_ci printf("%s sysctl 1\n", memfd_str); 127362306a36Sopenharmony_ci test_sysctl_set_sysctl1(); 127462306a36Sopenharmony_ci 127562306a36Sopenharmony_ci printf("%s sysctl 0\n", memfd_str); 127662306a36Sopenharmony_ci test_sysctl_set_sysctl0(); 127762306a36Sopenharmony_ci 127862306a36Sopenharmony_ci return 0; 127962306a36Sopenharmony_ci} 128062306a36Sopenharmony_ci 128162306a36Sopenharmony_ci/* 128262306a36Sopenharmony_ci * Test sysctl 128362306a36Sopenharmony_ci * A very basic test to make sure the core sysctl semantics work. 128462306a36Sopenharmony_ci */ 128562306a36Sopenharmony_cistatic void test_sysctl_simple(void) 128662306a36Sopenharmony_ci{ 128762306a36Sopenharmony_ci int pid = spawn_thread(CLONE_NEWPID, sysctl_simple_child, NULL); 128862306a36Sopenharmony_ci 128962306a36Sopenharmony_ci join_thread(pid); 129062306a36Sopenharmony_ci} 129162306a36Sopenharmony_ci 129262306a36Sopenharmony_cistatic int sysctl_nested(void *arg) 129362306a36Sopenharmony_ci{ 129462306a36Sopenharmony_ci void (*fn)(void) = arg; 129562306a36Sopenharmony_ci 129662306a36Sopenharmony_ci fn(); 129762306a36Sopenharmony_ci return 0; 129862306a36Sopenharmony_ci} 129962306a36Sopenharmony_ci 130062306a36Sopenharmony_cistatic int sysctl_nested_wait(void *arg) 130162306a36Sopenharmony_ci{ 130262306a36Sopenharmony_ci /* Wait for a SIGCONT. */ 130362306a36Sopenharmony_ci kill(getpid(), SIGSTOP); 130462306a36Sopenharmony_ci return sysctl_nested(arg); 130562306a36Sopenharmony_ci} 130662306a36Sopenharmony_ci 130762306a36Sopenharmony_cistatic void test_sysctl_sysctl1_failset(void) 130862306a36Sopenharmony_ci{ 130962306a36Sopenharmony_ci sysctl_fail_write("0"); 131062306a36Sopenharmony_ci test_sysctl_sysctl1(); 131162306a36Sopenharmony_ci} 131262306a36Sopenharmony_ci 131362306a36Sopenharmony_cistatic void test_sysctl_sysctl2_failset(void) 131462306a36Sopenharmony_ci{ 131562306a36Sopenharmony_ci sysctl_fail_write("1"); 131662306a36Sopenharmony_ci test_sysctl_sysctl2(); 131762306a36Sopenharmony_ci 131862306a36Sopenharmony_ci sysctl_fail_write("0"); 131962306a36Sopenharmony_ci test_sysctl_sysctl2(); 132062306a36Sopenharmony_ci} 132162306a36Sopenharmony_ci 132262306a36Sopenharmony_cistatic int sysctl_nested_child(void *arg) 132362306a36Sopenharmony_ci{ 132462306a36Sopenharmony_ci int fd; 132562306a36Sopenharmony_ci int pid; 132662306a36Sopenharmony_ci 132762306a36Sopenharmony_ci printf("%s nested sysctl 0\n", memfd_str); 132862306a36Sopenharmony_ci sysctl_assert_write("0"); 132962306a36Sopenharmony_ci /* A further nested pidns works the same. */ 133062306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_simple_child, NULL); 133162306a36Sopenharmony_ci join_thread(pid); 133262306a36Sopenharmony_ci 133362306a36Sopenharmony_ci printf("%s nested sysctl 1\n", memfd_str); 133462306a36Sopenharmony_ci sysctl_assert_write("1"); 133562306a36Sopenharmony_ci /* Child inherits our setting. */ 133662306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested, test_sysctl_sysctl1); 133762306a36Sopenharmony_ci join_thread(pid); 133862306a36Sopenharmony_ci /* Child cannot raise the setting. */ 133962306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested, 134062306a36Sopenharmony_ci test_sysctl_sysctl1_failset); 134162306a36Sopenharmony_ci join_thread(pid); 134262306a36Sopenharmony_ci /* Child can lower the setting. */ 134362306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested, 134462306a36Sopenharmony_ci test_sysctl_set_sysctl2); 134562306a36Sopenharmony_ci join_thread(pid); 134662306a36Sopenharmony_ci /* Child lowering the setting has no effect on our setting. */ 134762306a36Sopenharmony_ci test_sysctl_sysctl1(); 134862306a36Sopenharmony_ci 134962306a36Sopenharmony_ci printf("%s nested sysctl 2\n", memfd_str); 135062306a36Sopenharmony_ci sysctl_assert_write("2"); 135162306a36Sopenharmony_ci /* Child inherits our setting. */ 135262306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested, test_sysctl_sysctl2); 135362306a36Sopenharmony_ci join_thread(pid); 135462306a36Sopenharmony_ci /* Child cannot raise the setting. */ 135562306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested, 135662306a36Sopenharmony_ci test_sysctl_sysctl2_failset); 135762306a36Sopenharmony_ci join_thread(pid); 135862306a36Sopenharmony_ci 135962306a36Sopenharmony_ci /* Verify that the rules are actually inherited after fork. */ 136062306a36Sopenharmony_ci printf("%s nested sysctl 0 -> 1 after fork\n", memfd_str); 136162306a36Sopenharmony_ci sysctl_assert_write("0"); 136262306a36Sopenharmony_ci 136362306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested_wait, 136462306a36Sopenharmony_ci test_sysctl_sysctl1_failset); 136562306a36Sopenharmony_ci sysctl_assert_write("1"); 136662306a36Sopenharmony_ci kill(pid, SIGCONT); 136762306a36Sopenharmony_ci join_thread(pid); 136862306a36Sopenharmony_ci 136962306a36Sopenharmony_ci printf("%s nested sysctl 0 -> 2 after fork\n", memfd_str); 137062306a36Sopenharmony_ci sysctl_assert_write("0"); 137162306a36Sopenharmony_ci 137262306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested_wait, 137362306a36Sopenharmony_ci test_sysctl_sysctl2_failset); 137462306a36Sopenharmony_ci sysctl_assert_write("2"); 137562306a36Sopenharmony_ci kill(pid, SIGCONT); 137662306a36Sopenharmony_ci join_thread(pid); 137762306a36Sopenharmony_ci 137862306a36Sopenharmony_ci /* 137962306a36Sopenharmony_ci * Verify that the current effective setting is saved on fork, meaning 138062306a36Sopenharmony_ci * that the parent lowering the sysctl doesn't affect already-forked 138162306a36Sopenharmony_ci * children. 138262306a36Sopenharmony_ci */ 138362306a36Sopenharmony_ci printf("%s nested sysctl 2 -> 1 after fork\n", memfd_str); 138462306a36Sopenharmony_ci sysctl_assert_write("2"); 138562306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested_wait, 138662306a36Sopenharmony_ci test_sysctl_sysctl2); 138762306a36Sopenharmony_ci sysctl_assert_write("1"); 138862306a36Sopenharmony_ci kill(pid, SIGCONT); 138962306a36Sopenharmony_ci join_thread(pid); 139062306a36Sopenharmony_ci 139162306a36Sopenharmony_ci printf("%s nested sysctl 2 -> 0 after fork\n", memfd_str); 139262306a36Sopenharmony_ci sysctl_assert_write("2"); 139362306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested_wait, 139462306a36Sopenharmony_ci test_sysctl_sysctl2); 139562306a36Sopenharmony_ci sysctl_assert_write("0"); 139662306a36Sopenharmony_ci kill(pid, SIGCONT); 139762306a36Sopenharmony_ci join_thread(pid); 139862306a36Sopenharmony_ci 139962306a36Sopenharmony_ci printf("%s nested sysctl 1 -> 0 after fork\n", memfd_str); 140062306a36Sopenharmony_ci sysctl_assert_write("1"); 140162306a36Sopenharmony_ci pid = spawn_thread(CLONE_NEWPID, sysctl_nested_wait, 140262306a36Sopenharmony_ci test_sysctl_sysctl1); 140362306a36Sopenharmony_ci sysctl_assert_write("0"); 140462306a36Sopenharmony_ci kill(pid, SIGCONT); 140562306a36Sopenharmony_ci join_thread(pid); 140662306a36Sopenharmony_ci 140762306a36Sopenharmony_ci return 0; 140862306a36Sopenharmony_ci} 140962306a36Sopenharmony_ci 141062306a36Sopenharmony_ci/* 141162306a36Sopenharmony_ci * Test sysctl with nested pid namespaces 141262306a36Sopenharmony_ci * Make sure that the sysctl nesting semantics work correctly. 141362306a36Sopenharmony_ci */ 141462306a36Sopenharmony_cistatic void test_sysctl_nested(void) 141562306a36Sopenharmony_ci{ 141662306a36Sopenharmony_ci int pid = spawn_thread(CLONE_NEWPID, sysctl_nested_child, NULL); 141762306a36Sopenharmony_ci 141862306a36Sopenharmony_ci join_thread(pid); 141962306a36Sopenharmony_ci} 142062306a36Sopenharmony_ci 142162306a36Sopenharmony_ci/* 142262306a36Sopenharmony_ci * Test sharing via dup() 142362306a36Sopenharmony_ci * Test that seals are shared between dupped FDs and they're all equal. 142462306a36Sopenharmony_ci */ 142562306a36Sopenharmony_cistatic void test_share_dup(char *banner, char *b_suffix) 142662306a36Sopenharmony_ci{ 142762306a36Sopenharmony_ci int fd, fd2; 142862306a36Sopenharmony_ci 142962306a36Sopenharmony_ci printf("%s %s %s\n", memfd_str, banner, b_suffix); 143062306a36Sopenharmony_ci 143162306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_share_dup", 143262306a36Sopenharmony_ci mfd_def_size, 143362306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 143462306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 143562306a36Sopenharmony_ci 143662306a36Sopenharmony_ci fd2 = mfd_assert_dup(fd); 143762306a36Sopenharmony_ci mfd_assert_has_seals(fd2, 0); 143862306a36Sopenharmony_ci 143962306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_WRITE); 144062306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE); 144162306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE); 144262306a36Sopenharmony_ci 144362306a36Sopenharmony_ci mfd_assert_add_seals(fd2, F_SEAL_SHRINK); 144462306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK); 144562306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK); 144662306a36Sopenharmony_ci 144762306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SEAL); 144862306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_SEAL); 144962306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_SEAL); 145062306a36Sopenharmony_ci 145162306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_GROW); 145262306a36Sopenharmony_ci mfd_fail_add_seals(fd2, F_SEAL_GROW); 145362306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_SEAL); 145462306a36Sopenharmony_ci mfd_fail_add_seals(fd2, F_SEAL_SEAL); 145562306a36Sopenharmony_ci 145662306a36Sopenharmony_ci close(fd2); 145762306a36Sopenharmony_ci 145862306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_GROW); 145962306a36Sopenharmony_ci close(fd); 146062306a36Sopenharmony_ci} 146162306a36Sopenharmony_ci 146262306a36Sopenharmony_ci/* 146362306a36Sopenharmony_ci * Test sealing with active mmap()s 146462306a36Sopenharmony_ci * Modifying seals is only allowed if no other mmap() refs exist. 146562306a36Sopenharmony_ci */ 146662306a36Sopenharmony_cistatic void test_share_mmap(char *banner, char *b_suffix) 146762306a36Sopenharmony_ci{ 146862306a36Sopenharmony_ci int fd; 146962306a36Sopenharmony_ci void *p; 147062306a36Sopenharmony_ci 147162306a36Sopenharmony_ci printf("%s %s %s\n", memfd_str, banner, b_suffix); 147262306a36Sopenharmony_ci 147362306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_share_mmap", 147462306a36Sopenharmony_ci mfd_def_size, 147562306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 147662306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 147762306a36Sopenharmony_ci 147862306a36Sopenharmony_ci /* shared/writable ref prevents sealing WRITE, but allows others */ 147962306a36Sopenharmony_ci p = mfd_assert_mmap_shared(fd); 148062306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_WRITE); 148162306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 148262306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SHRINK); 148362306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SHRINK); 148462306a36Sopenharmony_ci munmap(p, mfd_def_size); 148562306a36Sopenharmony_ci 148662306a36Sopenharmony_ci /* readable ref allows sealing */ 148762306a36Sopenharmony_ci p = mfd_assert_mmap_private(fd); 148862306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_WRITE); 148962306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK); 149062306a36Sopenharmony_ci munmap(p, mfd_def_size); 149162306a36Sopenharmony_ci 149262306a36Sopenharmony_ci close(fd); 149362306a36Sopenharmony_ci} 149462306a36Sopenharmony_ci 149562306a36Sopenharmony_ci/* 149662306a36Sopenharmony_ci * Test sealing with open(/proc/self/fd/%d) 149762306a36Sopenharmony_ci * Via /proc we can get access to a separate file-context for the same memfd. 149862306a36Sopenharmony_ci * This is *not* like dup(), but like a real separate open(). Make sure the 149962306a36Sopenharmony_ci * semantics are as expected and we correctly check for RDONLY / WRONLY / RDWR. 150062306a36Sopenharmony_ci */ 150162306a36Sopenharmony_cistatic void test_share_open(char *banner, char *b_suffix) 150262306a36Sopenharmony_ci{ 150362306a36Sopenharmony_ci int fd, fd2; 150462306a36Sopenharmony_ci 150562306a36Sopenharmony_ci printf("%s %s %s\n", memfd_str, banner, b_suffix); 150662306a36Sopenharmony_ci 150762306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_share_open", 150862306a36Sopenharmony_ci mfd_def_size, 150962306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 151062306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 151162306a36Sopenharmony_ci 151262306a36Sopenharmony_ci fd2 = mfd_assert_open(fd, O_RDWR, 0); 151362306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_WRITE); 151462306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE); 151562306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE); 151662306a36Sopenharmony_ci 151762306a36Sopenharmony_ci mfd_assert_add_seals(fd2, F_SEAL_SHRINK); 151862306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK); 151962306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK); 152062306a36Sopenharmony_ci 152162306a36Sopenharmony_ci close(fd); 152262306a36Sopenharmony_ci fd = mfd_assert_open(fd2, O_RDONLY, 0); 152362306a36Sopenharmony_ci 152462306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_SEAL); 152562306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK); 152662306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK); 152762306a36Sopenharmony_ci 152862306a36Sopenharmony_ci close(fd2); 152962306a36Sopenharmony_ci fd2 = mfd_assert_open(fd, O_RDWR, 0); 153062306a36Sopenharmony_ci 153162306a36Sopenharmony_ci mfd_assert_add_seals(fd2, F_SEAL_SEAL); 153262306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_SEAL); 153362306a36Sopenharmony_ci mfd_assert_has_seals(fd2, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_SEAL); 153462306a36Sopenharmony_ci 153562306a36Sopenharmony_ci close(fd2); 153662306a36Sopenharmony_ci close(fd); 153762306a36Sopenharmony_ci} 153862306a36Sopenharmony_ci 153962306a36Sopenharmony_ci/* 154062306a36Sopenharmony_ci * Test sharing via fork() 154162306a36Sopenharmony_ci * Test whether seal-modifications work as expected with forked childs. 154262306a36Sopenharmony_ci */ 154362306a36Sopenharmony_cistatic void test_share_fork(char *banner, char *b_suffix) 154462306a36Sopenharmony_ci{ 154562306a36Sopenharmony_ci int fd; 154662306a36Sopenharmony_ci pid_t pid; 154762306a36Sopenharmony_ci 154862306a36Sopenharmony_ci printf("%s %s %s\n", memfd_str, banner, b_suffix); 154962306a36Sopenharmony_ci 155062306a36Sopenharmony_ci fd = mfd_assert_new("kern_memfd_share_fork", 155162306a36Sopenharmony_ci mfd_def_size, 155262306a36Sopenharmony_ci MFD_CLOEXEC | MFD_ALLOW_SEALING); 155362306a36Sopenharmony_ci mfd_assert_has_seals(fd, 0); 155462306a36Sopenharmony_ci 155562306a36Sopenharmony_ci pid = spawn_idle_thread(0); 155662306a36Sopenharmony_ci mfd_assert_add_seals(fd, F_SEAL_SEAL); 155762306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SEAL); 155862306a36Sopenharmony_ci 155962306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_WRITE); 156062306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SEAL); 156162306a36Sopenharmony_ci 156262306a36Sopenharmony_ci join_idle_thread(pid); 156362306a36Sopenharmony_ci 156462306a36Sopenharmony_ci mfd_fail_add_seals(fd, F_SEAL_WRITE); 156562306a36Sopenharmony_ci mfd_assert_has_seals(fd, F_SEAL_SEAL); 156662306a36Sopenharmony_ci 156762306a36Sopenharmony_ci close(fd); 156862306a36Sopenharmony_ci} 156962306a36Sopenharmony_ci 157062306a36Sopenharmony_ciint main(int argc, char **argv) 157162306a36Sopenharmony_ci{ 157262306a36Sopenharmony_ci pid_t pid; 157362306a36Sopenharmony_ci 157462306a36Sopenharmony_ci if (argc == 2) { 157562306a36Sopenharmony_ci if (!strcmp(argv[1], "hugetlbfs")) { 157662306a36Sopenharmony_ci unsigned long hpage_size = default_huge_page_size(); 157762306a36Sopenharmony_ci 157862306a36Sopenharmony_ci if (!hpage_size) { 157962306a36Sopenharmony_ci printf("Unable to determine huge page size\n"); 158062306a36Sopenharmony_ci abort(); 158162306a36Sopenharmony_ci } 158262306a36Sopenharmony_ci 158362306a36Sopenharmony_ci hugetlbfs_test = 1; 158462306a36Sopenharmony_ci memfd_str = MEMFD_HUGE_STR; 158562306a36Sopenharmony_ci mfd_def_size = hpage_size * 2; 158662306a36Sopenharmony_ci } else { 158762306a36Sopenharmony_ci printf("Unknown option: %s\n", argv[1]); 158862306a36Sopenharmony_ci abort(); 158962306a36Sopenharmony_ci } 159062306a36Sopenharmony_ci } 159162306a36Sopenharmony_ci 159262306a36Sopenharmony_ci test_create(); 159362306a36Sopenharmony_ci test_basic(); 159462306a36Sopenharmony_ci test_exec_seal(); 159562306a36Sopenharmony_ci test_exec_no_seal(); 159662306a36Sopenharmony_ci test_noexec_seal(); 159762306a36Sopenharmony_ci 159862306a36Sopenharmony_ci test_seal_write(); 159962306a36Sopenharmony_ci test_seal_future_write(); 160062306a36Sopenharmony_ci test_seal_shrink(); 160162306a36Sopenharmony_ci test_seal_grow(); 160262306a36Sopenharmony_ci test_seal_resize(); 160362306a36Sopenharmony_ci 160462306a36Sopenharmony_ci test_sysctl_simple(); 160562306a36Sopenharmony_ci test_sysctl_nested(); 160662306a36Sopenharmony_ci 160762306a36Sopenharmony_ci test_share_dup("SHARE-DUP", ""); 160862306a36Sopenharmony_ci test_share_mmap("SHARE-MMAP", ""); 160962306a36Sopenharmony_ci test_share_open("SHARE-OPEN", ""); 161062306a36Sopenharmony_ci test_share_fork("SHARE-FORK", ""); 161162306a36Sopenharmony_ci 161262306a36Sopenharmony_ci /* Run test-suite in a multi-threaded environment with a shared 161362306a36Sopenharmony_ci * file-table. */ 161462306a36Sopenharmony_ci pid = spawn_idle_thread(CLONE_FILES | CLONE_FS | CLONE_VM); 161562306a36Sopenharmony_ci test_share_dup("SHARE-DUP", SHARED_FT_STR); 161662306a36Sopenharmony_ci test_share_mmap("SHARE-MMAP", SHARED_FT_STR); 161762306a36Sopenharmony_ci test_share_open("SHARE-OPEN", SHARED_FT_STR); 161862306a36Sopenharmony_ci test_share_fork("SHARE-FORK", SHARED_FT_STR); 161962306a36Sopenharmony_ci join_idle_thread(pid); 162062306a36Sopenharmony_ci 162162306a36Sopenharmony_ci printf("memfd: DONE\n"); 162262306a36Sopenharmony_ci 162362306a36Sopenharmony_ci return 0; 162462306a36Sopenharmony_ci} 1625