From: Joel Fernandes <joel@joelfernandes.org>
To: LKML <linux-kernel@vger.kernel.org>
Cc: kernel-team <kernel-team@android.com>,
"Joel Fernandes (Google)" <joel@joelfernandes.org>,
Daniel Colascione <dancol@google.com>,
Minchan Kim <minchan@kernel.org>,
Al Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"J. Bruce Fields" <bfields@fieldses.org>,
Jeff Layton <jlayton@kernel.org>,
John Stultz <john.stultz@linaro.org>,
John Reck <jreck@google.com>,
linux-fsdevel@vger.kernel.org,
linux-kselftest <linux-kselftest@vger.kernel.org>,
linux-mm <linux-mm@kvack.org>,
marcandre.lureau@redhat.com,
Mike Kravetz <mike.kravetz@oracle.com>,
Shuah Khan <shuah@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Todd Kjos <tkjos@google.com>
Subject: Re: [PATCH v3 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Thu, 18 Oct 2018 00:08:58 -0700 [thread overview]
Message-ID: <CAEXW_YTDWgY3JAeiY0Ti0BBL=iJMcSkR5V7USJYv6UxHiCpN-g@mail.gmail.com> (raw)
In-Reply-To: <20181018065908.254389-2-joel@joelfernandes.org>
On Wed, Oct 17, 2018 at 11:59 PM, Joel Fernandes (Google)
<joel@joelfernandes.org> wrote:
> Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
> expected.
I messed the commit message it should be "F_SEAL_FUTURE_WRITE", but
otherwise this
patch itself is good and I'll resend it with the corrected commit
message after further review.
thanks,
- Joel
> Cc: dancol@google.com
> Cc: minchan@kernel.org
> Reviewed-by: John Stultz <john.stultz@linaro.org>
> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
> ---
> tools/testing/selftests/memfd/memfd_test.c | 74 ++++++++++++++++++++++
> 1 file changed, 74 insertions(+)
>
> diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
> index 10baa1652fc2..32b207ca7372 100644
> --- a/tools/testing/selftests/memfd/memfd_test.c
> +++ b/tools/testing/selftests/memfd/memfd_test.c
> @@ -692,6 +692,79 @@ static void test_seal_write(void)
> close(fd);
> }
>
> +/*
> + * Test SEAL_FUTURE_WRITE
> + * Test whether SEAL_FUTURE_WRITE actually prevents modifications.
> + */
> +static void test_seal_future_write(void)
> +{
> + int fd;
> + void *p;
> +
> + printf("%s SEAL-FUTURE-WRITE\n", memfd_str);
> +
> + fd = mfd_assert_new("kern_memfd_seal_future_write",
> + mfd_def_size,
> + MFD_CLOEXEC | MFD_ALLOW_SEALING);
> +
> + p = mfd_assert_mmap_shared(fd);
> +
> + mfd_assert_has_seals(fd, 0);
> + /* Not adding grow/shrink seals makes the future write
> + * seal fail to get added
> + */
> + mfd_fail_add_seals(fd, F_SEAL_FUTURE_WRITE);
> +
> + mfd_assert_add_seals(fd, F_SEAL_GROW);
> + mfd_assert_has_seals(fd, F_SEAL_GROW);
> +
> + /* Should still fail since shrink seal has
> + * not yet been added
> + */
> + mfd_fail_add_seals(fd, F_SEAL_FUTURE_WRITE);
> +
> + mfd_assert_add_seals(fd, F_SEAL_SHRINK);
> + mfd_assert_has_seals(fd, F_SEAL_GROW |
> + F_SEAL_SHRINK);
> +
> + /* Now should succeed, also verifies that the seal
> + * could be added with an existing writable mmap
> + */
> + mfd_assert_add_seals(fd, F_SEAL_FUTURE_WRITE);
> + mfd_assert_has_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> +
> + /* read should pass, writes should fail */
> + mfd_assert_read(fd);
> + mfd_fail_write(fd);
> +
> + munmap(p, mfd_def_size);
> + close(fd);
> +
> + /* Test adding all seals (grow, shrink, future write) at once */
> + fd = mfd_assert_new("kern_memfd_seal_future_write2",
> + mfd_def_size,
> + MFD_CLOEXEC | MFD_ALLOW_SEALING);
> +
> + p = mfd_assert_mmap_shared(fd);
> +
> + mfd_assert_has_seals(fd, 0);
> + mfd_assert_add_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> + mfd_assert_has_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> +
> + /* read should pass, writes should fail */
> + mfd_assert_read(fd);
> + mfd_fail_write(fd);
> +
> + munmap(p, mfd_def_size);
> + close(fd);
> +}
> +
> /*
> * Test SEAL_SHRINK
> * Test whether SEAL_SHRINK actually prevents shrinking
> @@ -945,6 +1018,7 @@ int main(int argc, char **argv)
> test_basic();
>
> test_seal_write();
> + test_seal_future_write();
> test_seal_shrink();
> test_seal_grow();
> test_seal_resize();
> --
> 2.19.1.331.ge82ca0e54c-goog
>
WARNING: multiple messages have this Message-ID (diff)
From: joel at joelfernandes.org (Joel Fernandes)
Subject: [PATCH v3 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Thu, 18 Oct 2018 00:08:58 -0700 [thread overview]
Message-ID: <CAEXW_YTDWgY3JAeiY0Ti0BBL=iJMcSkR5V7USJYv6UxHiCpN-g@mail.gmail.com> (raw)
In-Reply-To: <20181018065908.254389-2-joel@joelfernandes.org>
On Wed, Oct 17, 2018 at 11:59 PM, Joel Fernandes (Google)
<joel at joelfernandes.org> wrote:
> Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
> expected.
I messed the commit message it should be "F_SEAL_FUTURE_WRITE", but
otherwise this
patch itself is good and I'll resend it with the corrected commit
message after further review.
thanks,
- Joel
> Cc: dancol at google.com
> Cc: minchan at kernel.org
> Reviewed-by: John Stultz <john.stultz at linaro.org>
> Signed-off-by: Joel Fernandes (Google) <joel at joelfernandes.org>
> ---
> tools/testing/selftests/memfd/memfd_test.c | 74 ++++++++++++++++++++++
> 1 file changed, 74 insertions(+)
>
> diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
> index 10baa1652fc2..32b207ca7372 100644
> --- a/tools/testing/selftests/memfd/memfd_test.c
> +++ b/tools/testing/selftests/memfd/memfd_test.c
> @@ -692,6 +692,79 @@ static void test_seal_write(void)
> close(fd);
> }
>
> +/*
> + * Test SEAL_FUTURE_WRITE
> + * Test whether SEAL_FUTURE_WRITE actually prevents modifications.
> + */
> +static void test_seal_future_write(void)
> +{
> + int fd;
> + void *p;
> +
> + printf("%s SEAL-FUTURE-WRITE\n", memfd_str);
> +
> + fd = mfd_assert_new("kern_memfd_seal_future_write",
> + mfd_def_size,
> + MFD_CLOEXEC | MFD_ALLOW_SEALING);
> +
> + p = mfd_assert_mmap_shared(fd);
> +
> + mfd_assert_has_seals(fd, 0);
> + /* Not adding grow/shrink seals makes the future write
> + * seal fail to get added
> + */
> + mfd_fail_add_seals(fd, F_SEAL_FUTURE_WRITE);
> +
> + mfd_assert_add_seals(fd, F_SEAL_GROW);
> + mfd_assert_has_seals(fd, F_SEAL_GROW);
> +
> + /* Should still fail since shrink seal has
> + * not yet been added
> + */
> + mfd_fail_add_seals(fd, F_SEAL_FUTURE_WRITE);
> +
> + mfd_assert_add_seals(fd, F_SEAL_SHRINK);
> + mfd_assert_has_seals(fd, F_SEAL_GROW |
> + F_SEAL_SHRINK);
> +
> + /* Now should succeed, also verifies that the seal
> + * could be added with an existing writable mmap
> + */
> + mfd_assert_add_seals(fd, F_SEAL_FUTURE_WRITE);
> + mfd_assert_has_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> +
> + /* read should pass, writes should fail */
> + mfd_assert_read(fd);
> + mfd_fail_write(fd);
> +
> + munmap(p, mfd_def_size);
> + close(fd);
> +
> + /* Test adding all seals (grow, shrink, future write) at once */
> + fd = mfd_assert_new("kern_memfd_seal_future_write2",
> + mfd_def_size,
> + MFD_CLOEXEC | MFD_ALLOW_SEALING);
> +
> + p = mfd_assert_mmap_shared(fd);
> +
> + mfd_assert_has_seals(fd, 0);
> + mfd_assert_add_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> + mfd_assert_has_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> +
> + /* read should pass, writes should fail */
> + mfd_assert_read(fd);
> + mfd_fail_write(fd);
> +
> + munmap(p, mfd_def_size);
> + close(fd);
> +}
> +
> /*
> * Test SEAL_SHRINK
> * Test whether SEAL_SHRINK actually prevents shrinking
> @@ -945,6 +1018,7 @@ int main(int argc, char **argv)
> test_basic();
>
> test_seal_write();
> + test_seal_future_write();
> test_seal_shrink();
> test_seal_grow();
> test_seal_resize();
> --
> 2.19.1.331.ge82ca0e54c-goog
>
WARNING: multiple messages have this Message-ID (diff)
From: joel@joelfernandes.org (Joel Fernandes)
Subject: [PATCH v3 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal
Date: Thu, 18 Oct 2018 00:08:58 -0700 [thread overview]
Message-ID: <CAEXW_YTDWgY3JAeiY0Ti0BBL=iJMcSkR5V7USJYv6UxHiCpN-g@mail.gmail.com> (raw)
Message-ID: <20181018070858._IBg4dJjtg2X2zGFGpVQ4ujN_opCxCURCMj7VDM4GRk@z> (raw)
In-Reply-To: <20181018065908.254389-2-joel@joelfernandes.org>
On Wed, Oct 17, 2018 at 11:59 PM, Joel Fernandes (Google)
<joel@joelfernandes.org> wrote:
> Add tests to verify sealing memfds with the F_SEAL_FS_WRITE works as
> expected.
I messed the commit message it should be "F_SEAL_FUTURE_WRITE", but
otherwise this
patch itself is good and I'll resend it with the corrected commit
message after further review.
thanks,
- Joel
> Cc: dancol at google.com
> Cc: minchan at kernel.org
> Reviewed-by: John Stultz <john.stultz at linaro.org>
> Signed-off-by: Joel Fernandes (Google) <joel at joelfernandes.org>
> ---
> tools/testing/selftests/memfd/memfd_test.c | 74 ++++++++++++++++++++++
> 1 file changed, 74 insertions(+)
>
> diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c
> index 10baa1652fc2..32b207ca7372 100644
> --- a/tools/testing/selftests/memfd/memfd_test.c
> +++ b/tools/testing/selftests/memfd/memfd_test.c
> @@ -692,6 +692,79 @@ static void test_seal_write(void)
> close(fd);
> }
>
> +/*
> + * Test SEAL_FUTURE_WRITE
> + * Test whether SEAL_FUTURE_WRITE actually prevents modifications.
> + */
> +static void test_seal_future_write(void)
> +{
> + int fd;
> + void *p;
> +
> + printf("%s SEAL-FUTURE-WRITE\n", memfd_str);
> +
> + fd = mfd_assert_new("kern_memfd_seal_future_write",
> + mfd_def_size,
> + MFD_CLOEXEC | MFD_ALLOW_SEALING);
> +
> + p = mfd_assert_mmap_shared(fd);
> +
> + mfd_assert_has_seals(fd, 0);
> + /* Not adding grow/shrink seals makes the future write
> + * seal fail to get added
> + */
> + mfd_fail_add_seals(fd, F_SEAL_FUTURE_WRITE);
> +
> + mfd_assert_add_seals(fd, F_SEAL_GROW);
> + mfd_assert_has_seals(fd, F_SEAL_GROW);
> +
> + /* Should still fail since shrink seal has
> + * not yet been added
> + */
> + mfd_fail_add_seals(fd, F_SEAL_FUTURE_WRITE);
> +
> + mfd_assert_add_seals(fd, F_SEAL_SHRINK);
> + mfd_assert_has_seals(fd, F_SEAL_GROW |
> + F_SEAL_SHRINK);
> +
> + /* Now should succeed, also verifies that the seal
> + * could be added with an existing writable mmap
> + */
> + mfd_assert_add_seals(fd, F_SEAL_FUTURE_WRITE);
> + mfd_assert_has_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> +
> + /* read should pass, writes should fail */
> + mfd_assert_read(fd);
> + mfd_fail_write(fd);
> +
> + munmap(p, mfd_def_size);
> + close(fd);
> +
> + /* Test adding all seals (grow, shrink, future write) at once */
> + fd = mfd_assert_new("kern_memfd_seal_future_write2",
> + mfd_def_size,
> + MFD_CLOEXEC | MFD_ALLOW_SEALING);
> +
> + p = mfd_assert_mmap_shared(fd);
> +
> + mfd_assert_has_seals(fd, 0);
> + mfd_assert_add_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> + mfd_assert_has_seals(fd, F_SEAL_SHRINK |
> + F_SEAL_GROW |
> + F_SEAL_FUTURE_WRITE);
> +
> + /* read should pass, writes should fail */
> + mfd_assert_read(fd);
> + mfd_fail_write(fd);
> +
> + munmap(p, mfd_def_size);
> + close(fd);
> +}
> +
> /*
> * Test SEAL_SHRINK
> * Test whether SEAL_SHRINK actually prevents shrinking
> @@ -945,6 +1018,7 @@ int main(int argc, char **argv)
> test_basic();
>
> test_seal_write();
> + test_seal_future_write();
> test_seal_shrink();
> test_seal_grow();
> test_seal_resize();
> --
> 2.19.1.331.ge82ca0e54c-goog
>
next prev parent reply other threads:[~2018-10-18 7:09 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-18 6:59 [PATCH v3 1/2] mm: Add an F_SEAL_FUTURE_WRITE seal to memfd Joel Fernandes (Google)
2018-10-18 6:59 ` Joel Fernandes (Google)
2018-10-18 6:59 ` joel
2018-10-18 6:59 ` [PATCH v3 2/2] selftests/memfd: Add tests for F_SEAL_FS_WRITE seal Joel Fernandes (Google)
2018-10-18 6:59 ` Joel Fernandes (Google)
2018-10-18 6:59 ` joel
2018-10-18 7:08 ` Joel Fernandes [this message]
2018-10-18 7:08 ` Joel Fernandes
2018-10-18 7:08 ` joel
2018-10-19 17:32 ` [PATCH v3 1/2] mm: Add an F_SEAL_FUTURE_WRITE seal to memfd valdis.kletnieks
2018-10-19 17:32 ` valdis.kletnieks
2018-10-19 17:32 ` valdis.kletnieks
2018-10-19 17:57 ` Joel Fernandes
2018-10-19 17:57 ` Joel Fernandes
2018-10-19 17:57 ` joel
2018-10-19 18:49 ` valdis.kletnieks
2018-10-19 18:49 ` valdis.kletnieks
2018-10-19 18:49 ` valdis.kletnieks
2018-10-19 19:32 ` Joel Fernandes
2018-10-19 19:32 ` Joel Fernandes
2018-10-19 19:32 ` joel
2018-10-22 23:49 ` Joel Fernandes
2018-10-22 23:49 ` Joel Fernandes
2018-10-22 23:49 ` joel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAEXW_YTDWgY3JAeiY0Ti0BBL=iJMcSkR5V7USJYv6UxHiCpN-g@mail.gmail.com' \
--to=joel@joelfernandes.org \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=dancol@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=jlayton@kernel.org \
--cc=john.stultz@linaro.org \
--cc=jreck@google.com \
--cc=kernel-team@android.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=marcandre.lureau@redhat.com \
--cc=mike.kravetz@oracle.com \
--cc=minchan@kernel.org \
--cc=shuah@kernel.org \
--cc=tglx@linutronix.de \
--cc=tkjos@google.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.