1f08c3bdfSopenharmony_ci#!/bin/sh 2f08c3bdfSopenharmony_ci# SPDX-License-Identifier: GPL-2.0-or-later 3f08c3bdfSopenharmony_ci# Copyright (c) 2019 FUJITSU LIMITED. All rights reserved. 4f08c3bdfSopenharmony_ci# Copyright (c) 2019 Petr Vorel <pvorel@suse.cz> 5f08c3bdfSopenharmony_ci# Author: Yang Xu<xuyang2018.jy@cn.fujitsu.com> 6f08c3bdfSopenharmony_ci# 7f08c3bdfSopenharmony_ci# Test for these regressions causing buffer overflow when writing into 8f08c3bdfSopenharmony_ci# /proc/sys/fs/file-max: 9f08c3bdfSopenharmony_ci# 7f2923c4f73f ("sysctl: handle overflow in proc_get_long") 10f08c3bdfSopenharmony_ci# 32a5ad9c2285 ("sysctl: handle overflow for file-max") 11f08c3bdfSopenharmony_ci# 12f08c3bdfSopenharmony_ci# This bug has been fixed in 9002b21465fa ("kernel/sysctl.c: fix 13f08c3bdfSopenharmony_ci# out-of-bounds access when setting file-max") 14f08c3bdfSopenharmony_ci# 15f08c3bdfSopenharmony_ci# We test in sysctl02.sh setting 2^64, 2^64-1, 2^63 and 0. 16f08c3bdfSopenharmony_ci 17f08c3bdfSopenharmony_ciTST_TESTFUNC=do_test 18f08c3bdfSopenharmony_ciTST_SETUP=setup 19f08c3bdfSopenharmony_ciTST_CLEANUP=cleanup 20f08c3bdfSopenharmony_ciTST_CNT=4 21f08c3bdfSopenharmony_ciTST_NEEDS_ROOT=1 22f08c3bdfSopenharmony_ciTST_NEEDS_CMDS="sysctl" 23f08c3bdfSopenharmony_ciTST_NEEDS_KCONFIGS="CONFIG_SYSCTL=y, CONFIG_PROC_FS=y" 24f08c3bdfSopenharmony_ci 25f08c3bdfSopenharmony_cisys_name="fs.file-max" 26f08c3bdfSopenharmony_cisys_file="/proc/sys/fs/file-max" 27f08c3bdfSopenharmony_ci 28f08c3bdfSopenharmony_cisetup() 29f08c3bdfSopenharmony_ci{ 30f08c3bdfSopenharmony_ci orig_value=$(cat "$sys_file") 31f08c3bdfSopenharmony_ci} 32f08c3bdfSopenharmony_ci 33f08c3bdfSopenharmony_cido_test() 34f08c3bdfSopenharmony_ci{ 35f08c3bdfSopenharmony_ci case $1 in 36f08c3bdfSopenharmony_ci 1) sysctl_test_overflow 18446744073709551616 ;; 37f08c3bdfSopenharmony_ci 2) sysctl_test_overflow 18446744073709551615 ;; 38f08c3bdfSopenharmony_ci 3) sysctl_test_overflow 9223372036854775808 ;; 39f08c3bdfSopenharmony_ci 4) sysctl_test_zero ;; 40f08c3bdfSopenharmony_ci esac 41f08c3bdfSopenharmony_ci} 42f08c3bdfSopenharmony_ci 43f08c3bdfSopenharmony_cisysctl_test_overflow() 44f08c3bdfSopenharmony_ci{ 45f08c3bdfSopenharmony_ci local test_value="$1" 46f08c3bdfSopenharmony_ci local old_value="$(cat $sys_file)" 47f08c3bdfSopenharmony_ci 48f08c3bdfSopenharmony_ci tst_res TINFO "trying to set $sys_name=$test_value" 49f08c3bdfSopenharmony_ci sysctl -w -q $sys_name=$test_value 2>/dev/null 50f08c3bdfSopenharmony_ci local new_value="$(cat $sys_file)" 51f08c3bdfSopenharmony_ci 52f08c3bdfSopenharmony_ci if [ "$new_value" = "$old_value" ]; then 53f08c3bdfSopenharmony_ci tst_res TPASS "$sys_file keeps old value ($old_value)" 54f08c3bdfSopenharmony_ci else 55f08c3bdfSopenharmony_ci tst_res TFAIL "$sys_file overflows and is set to $new_value" 56f08c3bdfSopenharmony_ci fi 57f08c3bdfSopenharmony_ci cleanup 58f08c3bdfSopenharmony_ci} 59f08c3bdfSopenharmony_ci 60f08c3bdfSopenharmony_cisysctl_test_zero() 61f08c3bdfSopenharmony_ci{ 62f08c3bdfSopenharmony_ci tst_check_kconfigs "CONFIG_KALLSYMS=y,CONFIG_KALLSYMS_ALL=y,CONFIG_KASAN=y" \ 63f08c3bdfSopenharmony_ci || tst_brk TCONF "kconfig doesn't meet test's requirement!" 64f08c3bdfSopenharmony_ci 65f08c3bdfSopenharmony_ci ROD sysctl -w -q $sys_name=0 66f08c3bdfSopenharmony_ci 67f08c3bdfSopenharmony_ci if dmesg | grep -q "KASAN: global-out-of-bounds in __do_proc_doulongvec_minmax"; then 68f08c3bdfSopenharmony_ci tst_res TFAIL "$sys_file is set 0 and trigger a KASAN error" 69f08c3bdfSopenharmony_ci else 70f08c3bdfSopenharmony_ci tst_res TPASS "$sys_file is set 0 and doesn't trigger a KASAN error" 71f08c3bdfSopenharmony_ci fi 72f08c3bdfSopenharmony_ci} 73f08c3bdfSopenharmony_ci 74f08c3bdfSopenharmony_cicleanup() 75f08c3bdfSopenharmony_ci{ 76f08c3bdfSopenharmony_ci [ -n "$orig_value" ] && sysctl -w -q $sys_name=$orig_value 77f08c3bdfSopenharmony_ci} 78f08c3bdfSopenharmony_ci 79f08c3bdfSopenharmony_ci. tst_test.sh 80f08c3bdfSopenharmony_citst_run 81