From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
To: linux-kernel@vger.kernel.org
Cc: kernel-team@android.com,
"Joel Fernandes (Google)" <joel@joelfernandes.org>,
dancol@google.com, minchan@google.com,
Andrew Morton <akpm@linux-foundation.org>,
gregkh@linuxfoundation.org,
"J. Bruce Fields" <bfields@fieldses.org>,
Jeff Layton <jlayton@kernel.org>,
john.stultz@linaro.org, jreck@google.com,
Khalid Aziz <khalid.aziz@oracle.com>,
linux-fsdevel@vger.kernel.org, linux-kselftest@vger.kernel.org,
linux-mm@kvack.org, Mike Kravetz <mike.kravetz@oracle.com>,
Shuah Khan <shuah@kernel.org>,
tkjos@google.com
Subject: [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Tue, 9 Oct 2018 15:20:42 -0700 [thread overview]
Message-ID: <20181009222042.9781-2-joel@joelfernandes.org> (raw)
In-Reply-To: <20181009222042.9781-1-joel@joelfernandes.org>
Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
expected.
Cc: dancol@google.com
Cc: minchan@google.com
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
---
tools/testing/selftests/memfd/memfd_test.c | 51 +++++++++++++++++++++-
1 file changed, 50 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
index 10baa1652fc2..4bd2b6c87bb4 100644
--- a/tools/testing/selftests/memfd/memfd_test.c
+++ b/tools/testing/selftests/memfd/memfd_test.c
@@ -27,7 +27,7 @@
#define MFD_DEF_SIZE 8192
#define STACK_SIZE 65536
-
+#define F_SEAL_FS_WRITE 0x0010
/*
* Default is not to test hugetlbfs
*/
@@ -170,6 +170,24 @@ static void *mfd_assert_mmap_shared(int fd)
return p;
}
+static void *mfd_fail_mmap_shared(int fd)
+{
+ void *p;
+
+ p = mmap(NULL,
+ mfd_def_size,
+ PROT_READ | PROT_WRITE,
+ MAP_SHARED,
+ fd,
+ 0);
+ if (p != MAP_FAILED) {
+ printf("mmap() didn't fail as expected\n");
+ abort();
+ }
+
+ return p;
+}
+
static void *mfd_assert_mmap_private(int fd)
{
void *p;
@@ -692,6 +710,36 @@ static void test_seal_write(void)
close(fd);
}
+/*
+ * Test SEAL_WRITE
+ * Test whether SEAL_WRITE actually prevents modifications.
+ */
+static void test_seal_fs_write(void)
+{
+ int fd;
+ void *p;
+
+ printf("%s SEAL-FS-WRITE\n", memfd_str);
+
+ fd = mfd_assert_new("kern_memfd_seal_fs_write",
+ mfd_def_size,
+ MFD_CLOEXEC | MFD_ALLOW_SEALING);
+
+ p = mfd_assert_mmap_shared(fd);
+
+ /* FS_WRITE seal can be added even with existing
+ * writeable mappings */
+ mfd_assert_has_seals(fd, 0);
+ mfd_assert_add_seals(fd, F_SEAL_FS_WRITE);
+ mfd_assert_has_seals(fd, F_SEAL_FS_WRITE);
+
+ mfd_assert_read(fd);
+ mfd_fail_write(fd);
+
+ munmap(p, mfd_def_size);
+ close(fd);
+}
+
/*
* Test SEAL_SHRINK
* Test whether SEAL_SHRINK actually prevents shrinking
@@ -945,6 +993,7 @@ int main(int argc, char **argv)
test_basic();
test_seal_write();
+ test_seal_fs_write();
test_seal_shrink();
test_seal_grow();
test_seal_resize();
--
2.19.0.605.g01d371f741-goog
WARNING: multiple messages have this Message-ID
From: joel at joelfernandes.org (Joel Fernandes (Google))
Subject: [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Tue, 9 Oct 2018 15:20:42 -0700 [thread overview]
Message-ID: <20181009222042.9781-2-joel@joelfernandes.org> (raw)
In-Reply-To: <20181009222042.9781-1-joel@joelfernandes.org>
Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
expected.
Cc: dancol at google.com
Cc: minchan at google.com
Signed-off-by: Joel Fernandes (Google) <joel at joelfernandes.org>
---
tools/testing/selftests/memfd/memfd_test.c | 51 +++++++++++++++++++++-
1 file changed, 50 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
index 10baa1652fc2..4bd2b6c87bb4 100644
--- a/tools/testing/selftests/memfd/memfd_test.c
+++ b/tools/testing/selftests/memfd/memfd_test.c
@@ -27,7 +27,7 @@
#define MFD_DEF_SIZE 8192
#define STACK_SIZE 65536
-
+#define F_SEAL_FS_WRITE 0x0010
/*
* Default is not to test hugetlbfs
*/
@@ -170,6 +170,24 @@ static void *mfd_assert_mmap_shared(int fd)
return p;
}
+static void *mfd_fail_mmap_shared(int fd)
+{
+ void *p;
+
+ p = mmap(NULL,
+ mfd_def_size,
+ PROT_READ | PROT_WRITE,
+ MAP_SHARED,
+ fd,
+ 0);
+ if (p != MAP_FAILED) {
+ printf("mmap() didn't fail as expected\n");
+ abort();
+ }
+
+ return p;
+}
+
static void *mfd_assert_mmap_private(int fd)
{
void *p;
@@ -692,6 +710,36 @@ static void test_seal_write(void)
close(fd);
}
+/*
+ * Test SEAL_WRITE
+ * Test whether SEAL_WRITE actually prevents modifications.
+ */
+static void test_seal_fs_write(void)
+{
+ int fd;
+ void *p;
+
+ printf("%s SEAL-FS-WRITE\n", memfd_str);
+
+ fd = mfd_assert_new("kern_memfd_seal_fs_write",
+ mfd_def_size,
+ MFD_CLOEXEC | MFD_ALLOW_SEALING);
+
+ p = mfd_assert_mmap_shared(fd);
+
+ /* FS_WRITE seal can be added even with existing
+ * writeable mappings */
+ mfd_assert_has_seals(fd, 0);
+ mfd_assert_add_seals(fd, F_SEAL_FS_WRITE);
+ mfd_assert_has_seals(fd, F_SEAL_FS_WRITE);
+
+ mfd_assert_read(fd);
+ mfd_fail_write(fd);
+
+ munmap(p, mfd_def_size);
+ close(fd);
+}
+
/*
* Test SEAL_SHRINK
* Test whether SEAL_SHRINK actually prevents shrinking
@@ -945,6 +993,7 @@ int main(int argc, char **argv)
test_basic();
test_seal_write();
+ test_seal_fs_write();
test_seal_shrink();
test_seal_grow();
test_seal_resize();
--
2.19.0.605.g01d371f741-goog
WARNING: multiple messages have this Message-ID
From: joel@joelfernandes.org (Joel Fernandes (Google))
Subject: [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Tue, 9 Oct 2018 15:20:42 -0700 [thread overview]
Message-ID: <20181009222042.9781-2-joel@joelfernandes.org> (raw)
Message-ID: <20181009222042.Z2Q4L-AAl_xU3n-HnwakJSAqKngejljaq6LN5PCBfe0@z> (raw)
In-Reply-To: <20181009222042.9781-1-joel@joelfernandes.org>
Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
expected.
Cc: dancol at google.com
Cc: minchan at google.com
Signed-off-by: Joel Fernandes (Google) <joel at joelfernandes.org>
---
tools/testing/selftests/memfd/memfd_test.c | 51 +++++++++++++++++++++-
1 file changed, 50 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
index 10baa1652fc2..4bd2b6c87bb4 100644
--- a/tools/testing/selftests/memfd/memfd_test.c
+++ b/tools/testing/selftests/memfd/memfd_test.c
@@ -27,7 +27,7 @@
#define MFD_DEF_SIZE 8192
#define STACK_SIZE 65536
-
+#define F_SEAL_FS_WRITE 0x0010
/*
* Default is not to test hugetlbfs
*/
@@ -170,6 +170,24 @@ static void *mfd_assert_mmap_shared(int fd)
return p;
}
+static void *mfd_fail_mmap_shared(int fd)
+{
+ void *p;
+
+ p = mmap(NULL,
+ mfd_def_size,
+ PROT_READ | PROT_WRITE,
+ MAP_SHARED,
+ fd,
+ 0);
+ if (p != MAP_FAILED) {
+ printf("mmap() didn't fail as expected\n");
+ abort();
+ }
+
+ return p;
+}
+
static void *mfd_assert_mmap_private(int fd)
{
void *p;
@@ -692,6 +710,36 @@ static void test_seal_write(void)
close(fd);
}
+/*
+ * Test SEAL_WRITE
+ * Test whether SEAL_WRITE actually prevents modifications.
+ */
+static void test_seal_fs_write(void)
+{
+ int fd;
+ void *p;
+
+ printf("%s SEAL-FS-WRITE\n", memfd_str);
+
+ fd = mfd_assert_new("kern_memfd_seal_fs_write",
+ mfd_def_size,
+ MFD_CLOEXEC | MFD_ALLOW_SEALING);
+
+ p = mfd_assert_mmap_shared(fd);
+
+ /* FS_WRITE seal can be added even with existing
+ * writeable mappings */
+ mfd_assert_has_seals(fd, 0);
+ mfd_assert_add_seals(fd, F_SEAL_FS_WRITE);
+ mfd_assert_has_seals(fd, F_SEAL_FS_WRITE);
+
+ mfd_assert_read(fd);
+ mfd_fail_write(fd);
+
+ munmap(p, mfd_def_size);
+ close(fd);
+}
+
/*
* Test SEAL_SHRINK
* Test whether SEAL_SHRINK actually prevents shrinking
@@ -945,6 +993,7 @@ int main(int argc, char **argv)
test_basic();
test_seal_write();
+ test_seal_fs_write();
test_seal_shrink();
test_seal_grow();
test_seal_resize();
--
2.19.0.605.g01d371f741-goog
next prev parent reply other threads:[~2018-10-09 22:21 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-09 22:20 [PATCH v2 1/2] mm: Add an F_SEAL_FS_WRITE seal to memfd Joel Fernandes (Google)
2018-10-09 22:20 ` Joel Fernandes (Google)
2018-10-09 22:20 ` joel
2018-10-09 22:20 ` Joel Fernandes (Google) [this message]
2018-10-09 22:20 ` [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal Joel Fernandes (Google)
2018-10-09 22:20 ` joel
2018-10-09 22:34 ` Joel Fernandes
2018-10-09 22:34 ` Joel Fernandes
2018-10-09 22:34 ` joel
2018-10-16 21:57 ` [PATCH v2 1/2] mm: Add an F_SEAL_FS_WRITE seal to memfd John Stultz
2018-10-16 21:57 ` John Stultz
2018-10-16 21:57 ` john.stultz
2018-10-17 9:51 ` Christoph Hellwig
2018-10-17 9:51 ` Christoph Hellwig
2018-10-17 9:51 ` hch
2018-10-17 10:39 ` Joel Fernandes
2018-10-17 10:39 ` Joel Fernandes
2018-10-17 10:39 ` joel
2018-10-17 12:08 ` Christoph Hellwig
2018-10-17 12:08 ` Christoph Hellwig
2018-10-17 12:08 ` hch
2018-10-17 15:44 ` Daniel Colascione
2018-10-17 15:44 ` Daniel Colascione
2018-10-17 15:44 ` dancol
2018-10-17 16:19 ` Christoph Hellwig
2018-10-17 16:19 ` Christoph Hellwig
2018-10-17 16:19 ` hch
2018-10-17 17:45 ` Joel Fernandes
2018-10-17 17:45 ` Joel Fernandes
2018-10-17 17:45 ` joel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181009222042.9781-2-joel@joelfernandes.org \
--to=joel@joelfernandes.org \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=dancol@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=jlayton@kernel.org \
--cc=john.stultz@linaro.org \
--cc=jreck@google.com \
--cc=kernel-team@android.com \
--cc=khalid.aziz@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mike.kravetz@oracle.com \
--cc=minchan@google.com \
--cc=shuah@kernel.org \
--cc=tkjos@google.com \
--subject='Re: [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.