All of lore.kernel.org
 help / color / mirror / Atom feed
From: joel@joelfernandes.org (Joel Fernandes (Google))
Subject: [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Tue,  9 Oct 2018 15:20:42 -0700	[thread overview]
Message-ID: <20181009222042.9781-2-joel@joelfernandes.org> (raw)
Message-ID: <20181009222042.Z2Q4L-AAl_xU3n-HnwakJSAqKngejljaq6LN5PCBfe0@z> (raw)
In-Reply-To: <20181009222042.9781-1-joel@joelfernandes.org>

Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
expected.

Cc: dancol at google.com
Cc: minchan at google.com
Signed-off-by: Joel Fernandes (Google) <joel at joelfernandes.org>
---
 tools/testing/selftests/memfd/memfd_test.c | 51 +++++++++++++++++++++-
 1 file changed, 50 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
index 10baa1652fc2..4bd2b6c87bb4 100644
--- a/tools/testing/selftests/memfd/memfd_test.c
+++ b/tools/testing/selftests/memfd/memfd_test.c
@@ -27,7 +27,7 @@
 
 #define MFD_DEF_SIZE 8192
 #define STACK_SIZE 65536
-
+#define F_SEAL_FS_WRITE         0x0010
 /*
  * Default is not to test hugetlbfs
  */
@@ -170,6 +170,24 @@ static void *mfd_assert_mmap_shared(int fd)
 	return p;
 }
 
+static void *mfd_fail_mmap_shared(int fd)
+{
+	void *p;
+
+	p = mmap(NULL,
+		 mfd_def_size,
+		 PROT_READ | PROT_WRITE,
+		 MAP_SHARED,
+		 fd,
+		 0);
+	if (p != MAP_FAILED) {
+		printf("mmap() didn't fail as expected\n");
+		abort();
+	}
+
+	return p;
+}
+
 static void *mfd_assert_mmap_private(int fd)
 {
 	void *p;
@@ -692,6 +710,36 @@ static void test_seal_write(void)
 	close(fd);
 }
 
+/*
+ * Test SEAL_WRITE
+ * Test whether SEAL_WRITE actually prevents modifications.
+ */
+static void test_seal_fs_write(void)
+{
+	int fd;
+	void *p;
+
+	printf("%s SEAL-FS-WRITE\n", memfd_str);
+
+	fd = mfd_assert_new("kern_memfd_seal_fs_write",
+			    mfd_def_size,
+			    MFD_CLOEXEC | MFD_ALLOW_SEALING);
+
+	p = mfd_assert_mmap_shared(fd);
+
+	/* FS_WRITE seal can be added even with existing
+	 * writeable mappings */
+	mfd_assert_has_seals(fd, 0);
+	mfd_assert_add_seals(fd, F_SEAL_FS_WRITE);
+	mfd_assert_has_seals(fd, F_SEAL_FS_WRITE);
+
+	mfd_assert_read(fd);
+	mfd_fail_write(fd);
+
+	munmap(p, mfd_def_size);
+	close(fd);
+}
+
 /*
  * Test SEAL_SHRINK
  * Test whether SEAL_SHRINK actually prevents shrinking
@@ -945,6 +993,7 @@ int main(int argc, char **argv)
 	test_basic();
 
 	test_seal_write();
+	test_seal_fs_write();
 	test_seal_shrink();
 	test_seal_grow();
 	test_seal_resize();
-- 
2.19.0.605.g01d371f741-goog

  reply	other threads:[~2018-10-09 22:20 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-09 22:20 [PATCH v2 1/2] mm: Add an F_SEAL_FS_WRITE seal to memfd Joel Fernandes (Google)
2018-10-09 22:20 ` Joel Fernandes (Google)
2018-10-09 22:20 ` joel
2018-10-09 22:20 ` Joel Fernandes (Google) [this message]
2018-10-09 22:20   ` [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal Joel Fernandes (Google)
2018-10-09 22:20   ` joel
2018-10-09 22:34   ` Joel Fernandes
2018-10-09 22:34     ` Joel Fernandes
2018-10-09 22:34     ` joel
2018-10-16 21:57 ` [PATCH v2 1/2] mm: Add an F_SEAL_FS_WRITE seal to memfd John Stultz
2018-10-16 21:57   ` John Stultz
2018-10-16 21:57   ` john.stultz
2018-10-17  9:51 ` Christoph Hellwig
2018-10-17  9:51   ` Christoph Hellwig
2018-10-17  9:51   ` hch
2018-10-17 10:39   ` Joel Fernandes
2018-10-17 10:39     ` Joel Fernandes
2018-10-17 10:39     ` joel
2018-10-17 12:08     ` Christoph Hellwig
2018-10-17 12:08       ` Christoph Hellwig
2018-10-17 12:08       ` hch
2018-10-17 15:44       ` Daniel Colascione
2018-10-17 15:44         ` Daniel Colascione
2018-10-17 15:44         ` dancol
2018-10-17 16:19         ` Christoph Hellwig
2018-10-17 16:19           ` Christoph Hellwig
2018-10-17 16:19           ` hch
2018-10-17 17:45       ` Joel Fernandes
2018-10-17 17:45         ` Joel Fernandes
2018-10-17 17:45         ` joel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181009222042.9781-2-joel@joelfernandes.org \
    --to=joel@joelfernandes.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.