From: Michael Ellerman <mpe@ellerman.id.au>
To: Sandipan Das <sandipan@linux.ibm.com>
Cc: linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-mm@kvack.org, linuxram@us.ibm.com,
aneesh.kumar@linux.ibm.com, bauerman@linux.ibm.com,
fweimer@redhat.com, ruscur@russell.cc
Subject: Re: [PATCH] selftests: powerpc: Add test for execute-disabled pkeys
Date: Tue, 26 May 2020 22:35:19 +1000 [thread overview]
Message-ID: <87367mg9h4.fsf@mpe.ellerman.id.au> (raw)
In-Reply-To: <20200508162332.65316-1-sandipan@linux.ibm.com>
Hi Sandipan,
Sandipan Das <sandipan@linux.ibm.com> writes:
> diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> new file mode 100644
> index 000000000000..b346ad205e68
> --- /dev/null
> +++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> @@ -0,0 +1,326 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +
> +/*
> + * Copyright 2020, Sandipan Das, IBM Corp.
> + *
> + * Test if applying execute protection on pages using memory
> + * protection keys works as expected.
> + */
> +
> +#define _GNU_SOURCE
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +#include <signal.h>
> +
> +#include <time.h>
> +#include <unistd.h>
> +#include <sys/mman.h>
> +
> +#include "utils.h"
> +
> +/* Override definitions as they might be inconsistent */
> +#undef PKEY_DISABLE_ACCESS
> +#define PKEY_DISABLE_ACCESS 0x3
Why would they be inconsistent?
> +/* Older distros might not define this */
> +#ifndef SEGV_PKUERR
> +#define SEGV_PKUERR 4
> +#endif
...
> +
> + /* Restore permissions in order to continue */
> + switch (fcode) {
> + case SEGV_ACCERR:
> + if (mprotect(insns, pgsize, PROT_READ | PROT_WRITE)) {
> + perror("mprotect");
> + goto fail;
> + }
> + break;
> + case SEGV_PKUERR:
> + if (sinfo->si_pkey != fpkey)
> + goto fail;
This doesn't compile on older distros, eg Ubuntu 16.04:
pkey_exec_prot.c: In function 'segv_handler':
pkey_exec_prot.c:121:12: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
if (sinfo->si_pkey != fpkey)
^
pkey_exec_prot.c:151:24: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
pkey_set_rights(sinfo->si_pkey, 0);
^
../../lib.mk:142: recipe for target '/output/kselftest/powerpc/mm/pkey_exec_prot' failed
I think a reasonable solution is to use the absence of SEGV_PKUERR to
basically turn the whole test into a nop at build time, eg:
diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
index b346ad205e68..218257b89fbb 100644
--- a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
+++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
@@ -30,9 +30,7 @@
#define PKEY_DISABLE_EXECUTE 0x4
/* Older distros might not define this */
-#ifndef SEGV_PKUERR
-#define SEGV_PKUERR 4
-#endif
+#ifdef SEGV_PKUERR
#define SYS_pkey_mprotect 386
#define SYS_pkey_alloc 384
@@ -319,6 +317,13 @@ static int test(void)
return 0;
}
+#else
+static int test(void)
+{
+ printf("Test built with old libc lacking pkey support.\n");
+ SKIP_IF(true);
+}
+#endif /* SEGV_PKUERR */
int main(void)
{
cheers
WARNING: multiple messages have this Message-ID (diff)
From: Michael Ellerman <mpe@ellerman.id.au>
To: Sandipan Das <sandipan@linux.ibm.com>
Cc: fweimer@redhat.com, aneesh.kumar@linux.ibm.com,
linuxram@us.ibm.com, linux-mm@kvack.org,
linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
bauerman@linux.ibm.com
Subject: Re: [PATCH] selftests: powerpc: Add test for execute-disabled pkeys
Date: Tue, 26 May 2020 22:35:19 +1000 [thread overview]
Message-ID: <87367mg9h4.fsf@mpe.ellerman.id.au> (raw)
In-Reply-To: <20200508162332.65316-1-sandipan@linux.ibm.com>
Hi Sandipan,
Sandipan Das <sandipan@linux.ibm.com> writes:
> diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> new file mode 100644
> index 000000000000..b346ad205e68
> --- /dev/null
> +++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> @@ -0,0 +1,326 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +
> +/*
> + * Copyright 2020, Sandipan Das, IBM Corp.
> + *
> + * Test if applying execute protection on pages using memory
> + * protection keys works as expected.
> + */
> +
> +#define _GNU_SOURCE
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +#include <signal.h>
> +
> +#include <time.h>
> +#include <unistd.h>
> +#include <sys/mman.h>
> +
> +#include "utils.h"
> +
> +/* Override definitions as they might be inconsistent */
> +#undef PKEY_DISABLE_ACCESS
> +#define PKEY_DISABLE_ACCESS 0x3
Why would they be inconsistent?
> +/* Older distros might not define this */
> +#ifndef SEGV_PKUERR
> +#define SEGV_PKUERR 4
> +#endif
...
> +
> + /* Restore permissions in order to continue */
> + switch (fcode) {
> + case SEGV_ACCERR:
> + if (mprotect(insns, pgsize, PROT_READ | PROT_WRITE)) {
> + perror("mprotect");
> + goto fail;
> + }
> + break;
> + case SEGV_PKUERR:
> + if (sinfo->si_pkey != fpkey)
> + goto fail;
This doesn't compile on older distros, eg Ubuntu 16.04:
pkey_exec_prot.c: In function 'segv_handler':
pkey_exec_prot.c:121:12: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
if (sinfo->si_pkey != fpkey)
^
pkey_exec_prot.c:151:24: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
pkey_set_rights(sinfo->si_pkey, 0);
^
../../lib.mk:142: recipe for target '/output/kselftest/powerpc/mm/pkey_exec_prot' failed
I think a reasonable solution is to use the absence of SEGV_PKUERR to
basically turn the whole test into a nop at build time, eg:
diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
index b346ad205e68..218257b89fbb 100644
--- a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
+++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
@@ -30,9 +30,7 @@
#define PKEY_DISABLE_EXECUTE 0x4
/* Older distros might not define this */
-#ifndef SEGV_PKUERR
-#define SEGV_PKUERR 4
-#endif
+#ifdef SEGV_PKUERR
#define SYS_pkey_mprotect 386
#define SYS_pkey_alloc 384
@@ -319,6 +317,13 @@ static int test(void)
return 0;
}
+#else
+static int test(void)
+{
+ printf("Test built with old libc lacking pkey support.\n");
+ SKIP_IF(true);
+}
+#endif /* SEGV_PKUERR */
int main(void)
{
cheers
next prev parent reply other threads:[~2020-05-26 12:35 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-08 16:23 [PATCH] selftests: powerpc: Add test for execute-disabled pkeys Sandipan Das
2020-05-08 16:23 ` Sandipan Das
2020-05-26 12:35 ` Michael Ellerman [this message]
2020-05-26 12:35 ` Michael Ellerman
2020-05-26 14:03 ` Sandipan Das
2020-05-26 14:03 ` Sandipan Das
2020-05-27 0:17 ` Michael Ellerman
2020-05-27 0:17 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87367mg9h4.fsf@mpe.ellerman.id.au \
--to=mpe@ellerman.id.au \
--cc=aneesh.kumar@linux.ibm.com \
--cc=bauerman@linux.ibm.com \
--cc=fweimer@redhat.com \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=ruscur@russell.cc \
--cc=sandipan@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.