1 /*
2 * Copyright (c) 2014 Fujitsu Ltd.
3 * Author: Xing Gu <gux.fnst@cn.fujitsu.com>
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
16 */
17 /*
18 * Description:
19 * Verify that,
20 * 1) mprotect() succeeds to set a region of memory with no access,
21 * when 'prot' is set to PROT_NONE. An attempt to access the contents
22 * of the region gives rise to the signal SIGSEGV.
23 * 2) mprotect() succeeds to set a region of memory to be executed, when
24 * 'prot' is set to PROT_EXEC.
25 */
26
27 #include "config.h"
28 #include <signal.h>
29 #include <setjmp.h>
30 #include <sys/types.h>
31 #include <sys/stat.h>
32 #include <fcntl.h>
33 #include <unistd.h>
34 #include <errno.h>
35 #include <string.h>
36 #include <sys/mman.h>
37 #include <stdlib.h>
38
39 #include "test.h"
40 #include "safe_macros.h"
41
42 static void sighandler(int sig);
43
44 static void setup(void);
45 static void cleanup(void);
46
47 static void testfunc_protnone(void);
48
49 static void testfunc_protexec(void);
50
51 static void (*testfunc[])(void) = { testfunc_protnone, testfunc_protexec };
52
53 char *TCID = "mprotect04";
54 int TST_TOTAL = ARRAY_SIZE(testfunc);
55
56 static volatile int sig_caught;
57 static sigjmp_buf env;
58 static unsigned int page_sz;
59 typedef void (*func_ptr_t)(void);
60
main(int ac,char ** av)61 int main(int ac, char **av)
62 {
63 int lc;
64 int i;
65
66 tst_parse_opts(ac, av, NULL, NULL);
67
68 setup();
69
70 for (lc = 0; TEST_LOOPING(lc); lc++) {
71 tst_count = 0;
72
73 for (i = 0; i < TST_TOTAL; i++)
74 (*testfunc[i])();
75 }
76
77 cleanup();
78 tst_exit();
79 }
80
sighandler(int sig)81 static void sighandler(int sig)
82 {
83 sig_caught = sig;
84 siglongjmp(env, 1);
85 }
86
setup(void)87 static void setup(void)
88 {
89 tst_tmpdir();
90 tst_sig(NOFORK, sighandler, cleanup);
91 page_sz = getpagesize();
92
93 TEST_PAUSE;
94 }
95
testfunc_protnone(void)96 static void testfunc_protnone(void)
97 {
98 char *addr;
99
100 sig_caught = 0;
101
102 addr = SAFE_MMAP(cleanup, 0, page_sz, PROT_READ | PROT_WRITE,
103 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
104
105 /* Change the protection to PROT_NONE. */
106 TEST(mprotect(addr, page_sz, PROT_NONE));
107
108 if (TEST_RETURN == -1) {
109 tst_resm(TFAIL | TTERRNO, "mprotect failed");
110 } else {
111 if (sigsetjmp(env, 1) == 0)
112 addr[0] = 1;
113
114 switch (sig_caught) {
115 case SIGSEGV:
116 tst_resm(TPASS, "test PROT_NONE for mprotect success");
117 break;
118 case 0:
119 tst_resm(TFAIL, "test PROT_NONE for mprotect failed");
120 break;
121 default:
122 tst_brkm(TBROK, cleanup,
123 "received an unexpected signal: %d",
124 sig_caught);
125 }
126 }
127
128 SAFE_MUNMAP(cleanup, addr, page_sz);
129 }
130
exec_func(void)131 static void exec_func(void)
132 {
133 return;
134 }
135
page_present(void * p)136 static int page_present(void *p)
137 {
138 int fd;
139
140 fd = SAFE_OPEN(cleanup, "page_present", O_WRONLY|O_CREAT, 0644);
141 TEST(write(fd, p, 1));
142 SAFE_CLOSE(cleanup, fd);
143
144 if (TEST_RETURN >= 0)
145 return 1;
146
147 if (TEST_ERRNO != EFAULT)
148 tst_brkm(TBROK | TTERRNO, cleanup, "page_present write");
149
150 return 0;
151 }
152
clear_cache(void * start,int len)153 static void clear_cache(void *start, int len)
154 {
155 #if HAVE_BUILTIN_CLEAR_CACHE == 1
156 __builtin___clear_cache(start, start + len);
157 #else
158 tst_brkm(TCONF, cleanup,
159 "compiler doesn't have __builtin___clear_cache()");
160 #endif
161 }
162
163 /*
164 * To check for the ABI version, because ppc64le can technically use
165 * function descriptors.
166 */
167 #if defined(__powerpc64__) && (!defined(_CALL_ELF) || _CALL_ELF < 2)
168 #define USE_FUNCTION_DESCRIPTORS
169 #endif
170
171 #ifdef USE_FUNCTION_DESCRIPTORS
172 typedef struct {
173 uintptr_t entry;
174 uintptr_t toc;
175 uintptr_t env;
176 } func_descr_t;
177 #endif
178
179 /*
180 * Copy page where &exec_func resides. Also try to copy subsequent page
181 * in case exec_func is close to page boundary.
182 */
get_func(void * mem,uintptr_t * func_page_offset)183 static void *get_func(void *mem, uintptr_t *func_page_offset)
184 {
185 uintptr_t page_sz = getpagesize();
186 uintptr_t page_mask = ~(page_sz - 1);
187 void *func_copy_start, *page_to_copy;
188 void *mem_start = mem;
189
190 #ifdef USE_FUNCTION_DESCRIPTORS
191 func_descr_t *opd = (func_descr_t *)&exec_func;
192 *func_page_offset = (uintptr_t)opd->entry & (page_sz - 1);
193 func_copy_start = mem + *func_page_offset;
194 page_to_copy = (void *)((uintptr_t)opd->entry & page_mask);
195 #else
196 *func_page_offset = (uintptr_t)&exec_func & (page_sz - 1);
197 func_copy_start = mem + *func_page_offset;
198 page_to_copy = (void *)((uintptr_t)&exec_func & page_mask);
199 #endif
200 tst_resm(TINFO, "exec_func: %p, page_to_copy: %p",
201 &exec_func, page_to_copy);
202
203 /* Copy 1st page. If it's not accessible, we might be running on a
204 * platform that supports execute-only page access permissions, in which
205 * case we have to explicitly change access protections to allow the
206 * memory to be read. */
207 if (!page_present(page_to_copy)) {
208 TEST(mprotect(page_to_copy, page_sz, PROT_READ | PROT_EXEC));
209 if (TEST_RETURN == -1) {
210 tst_resm(TFAIL | TTERRNO,
211 "mprotect(PROT_READ|PROT_EXEC) failed");
212 return NULL;
213 }
214 /* If the memory is still not accessible, then something must be
215 * wrong. */
216 if (!page_present(page_to_copy))
217 tst_brkm(TBROK, cleanup, "page_to_copy not present");
218 }
219 memcpy(mem, page_to_copy, page_sz);
220
221 clear_cache(mem_start, page_sz);
222
223 /* return pointer to area where copy of exec_func resides */
224 return func_copy_start;
225 }
226
testfunc_protexec(void)227 static void testfunc_protexec(void)
228 {
229 func_ptr_t func;
230 uintptr_t func_page_offset;
231 void *p;
232
233 sig_caught = 0;
234
235 p = SAFE_MMAP(cleanup, 0, page_sz, PROT_READ | PROT_WRITE,
236 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
237
238 #ifdef USE_FUNCTION_DESCRIPTORS
239 func_descr_t opd;
240 opd.entry = (uintptr_t)get_func(p, &func_page_offset);
241 func = (func_ptr_t)&opd;
242 #else
243 func = get_func(p, &func_page_offset);
244 #endif
245
246 if (!func)
247 goto out;
248
249 if (func_page_offset + 64 > page_sz) {
250 SAFE_MUNMAP(cleanup, p, page_sz);
251 tst_brkm(TCONF, cleanup, "func too close to page boundary, "
252 "maybe your compiler ignores -falign-functions?");
253 }
254
255 /* Change the protection to PROT_EXEC. */
256 TEST(mprotect(p, page_sz, PROT_EXEC));
257
258 if (TEST_RETURN == -1) {
259 tst_resm(TFAIL | TTERRNO, "mprotect failed");
260 } else {
261 if (sigsetjmp(env, 1) == 0)
262 (*func)();
263
264 switch (sig_caught) {
265 case SIGSEGV:
266 tst_resm(TFAIL, "test PROT_EXEC for mprotect failed");
267 break;
268 case 0:
269 tst_resm(TPASS, "test PROT_EXEC for mprotect success");
270 break;
271 default:
272 tst_brkm(TBROK, cleanup,
273 "received an unexpected signal: %d",
274 sig_caught);
275 }
276 }
277
278 out:
279 SAFE_MUNMAP(cleanup, p, page_sz);
280 }
281
cleanup(void)282 static void cleanup(void)
283 {
284 tst_rmdir();
285 }
286