From: joel@joelfernandes.org (Joel Fernandes (Google))
Subject: [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Tue, 9 Oct 2018 15:20:42 -0700 [thread overview]
Message-ID: <20181009222042.9781-2-joel@joelfernandes.org> (raw)
Message-ID: <20181009222042.Z2Q4L-AAl_xU3n-HnwakJSAqKngejljaq6LN5PCBfe0@z> (raw)
In-Reply-To: <20181009222042.9781-1-joel@joelfernandes.org>
Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
expected.
Cc: dancol at google.com
Cc: minchan at google.com
Signed-off-by: Joel Fernandes (Google) <joel at joelfernandes.org>
---
tools/testing/selftests/memfd/memfd_test.c | 51 +++++++++++++++++++++-
1 file changed, 50 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
index 10baa1652fc2..4bd2b6c87bb4 100644
--- a/tools/testing/selftests/memfd/memfd_test.c
+++ b/tools/testing/selftests/memfd/memfd_test.c
@@ -27,7 +27,7 @@
#define MFD_DEF_SIZE 8192
#define STACK_SIZE 65536
-
+#define F_SEAL_FS_WRITE 0x0010
/*
* Default is not to test hugetlbfs
*/
@@ -170,6 +170,24 @@ static void *mfd_assert_mmap_shared(int fd)
return p;
}
+static void *mfd_fail_mmap_shared(int fd)
+{
+ void *p;
+
+ p = mmap(NULL,
+ mfd_def_size,
+ PROT_READ | PROT_WRITE,
+ MAP_SHARED,
+ fd,
+ 0);
+ if (p != MAP_FAILED) {
+ printf("mmap() didn't fail as expected\n");
+ abort();
+ }
+
+ return p;
+}
+
static void *mfd_assert_mmap_private(int fd)
{
void *p;
@@ -692,6 +710,36 @@ static void test_seal_write(void)
close(fd);
}
+/*
+ * Test SEAL_WRITE
+ * Test whether SEAL_WRITE actually prevents modifications.
+ */
+static void test_seal_fs_write(void)
+{
+ int fd;
+ void *p;
+
+ printf("%s SEAL-FS-WRITE\n", memfd_str);
+
+ fd = mfd_assert_new("kern_memfd_seal_fs_write",
+ mfd_def_size,
+ MFD_CLOEXEC | MFD_ALLOW_SEALING);
+
+ p = mfd_assert_mmap_shared(fd);
+
+ /* FS_WRITE seal can be added even with existing
+ * writeable mappings */
+ mfd_assert_has_seals(fd, 0);
+ mfd_assert_add_seals(fd, F_SEAL_FS_WRITE);
+ mfd_assert_has_seals(fd, F_SEAL_FS_WRITE);
+
+ mfd_assert_read(fd);
+ mfd_fail_write(fd);
+
+ munmap(p, mfd_def_size);
+ close(fd);
+}
+
/*
* Test SEAL_SHRINK
* Test whether SEAL_SHRINK actually prevents shrinking
@@ -945,6 +993,7 @@ int main(int argc, char **argv)
test_basic();
test_seal_write();
+ test_seal_fs_write();
test_seal_shrink();
test_seal_grow();
test_seal_resize();
--
2.19.0.605.g01d371f741-goog
next prev parent reply other threads:[~2018-10-09 22:20 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-09 22:20 [PATCH v2 1/2] mm: Add an F_SEAL_FS_WRITE seal to memfd Joel Fernandes (Google)
2018-10-09 22:20 ` Joel Fernandes (Google)
2018-10-09 22:20 ` joel
2018-10-09 22:20 ` Joel Fernandes (Google) [this message]
2018-10-09 22:20 ` [PATCH v2 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal Joel Fernandes (Google)
2018-10-09 22:20 ` joel
2018-10-09 22:34 ` Joel Fernandes
2018-10-09 22:34 ` Joel Fernandes
2018-10-09 22:34 ` joel
2018-10-16 21:57 ` [PATCH v2 1/2] mm: Add an F_SEAL_FS_WRITE seal to memfd John Stultz
2018-10-16 21:57 ` John Stultz
2018-10-16 21:57 ` john.stultz
2018-10-17 9:51 ` Christoph Hellwig
2018-10-17 9:51 ` Christoph Hellwig
2018-10-17 9:51 ` hch
2018-10-17 10:39 ` Joel Fernandes
2018-10-17 10:39 ` Joel Fernandes
2018-10-17 10:39 ` joel
2018-10-17 12:08 ` Christoph Hellwig
2018-10-17 12:08 ` Christoph Hellwig
2018-10-17 12:08 ` hch
2018-10-17 15:44 ` Daniel Colascione
2018-10-17 15:44 ` Daniel Colascione
2018-10-17 15:44 ` dancol
2018-10-17 16:19 ` Christoph Hellwig
2018-10-17 16:19 ` Christoph Hellwig
2018-10-17 16:19 ` hch
2018-10-17 17:45 ` Joel Fernandes
2018-10-17 17:45 ` Joel Fernandes
2018-10-17 17:45 ` joel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181009222042.9781-2-joel@joelfernandes.org \
--to=joel@joelfernandes.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.