1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (c) 2017 FUJITSU LIMITED
4 * Author: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
5 */
6
7 /*\
8 * [Description]
9 *
10 * Test for CVE-2017-2618, which was fixed in kernel v4.10:
11 * 0c461cb727d1 ("selinux: fix off-by-one in setprocattr").
12 *
13 * Test may crash the kernel.
14 */
15
16 #include <errno.h>
17 #include <stdlib.h>
18 #include <unistd.h>
19 #include "tst_test.h"
20
21 #define LOOPS 100
22 #define PATH_ATTRFS "/proc/self/attr/fscreate"
23
setup(void)24 static void setup(void)
25 {
26 if (access(PATH_ATTRFS, F_OK))
27 tst_brk(TCONF, "%s does not exist", PATH_ATTRFS);
28 }
29
do_test(void)30 static void do_test(void)
31 {
32 int i, fd;
33
34 for (i = 0; i < LOOPS; i++) {
35 if (!SAFE_FORK()) {
36 fd = SAFE_OPEN(PATH_ATTRFS, O_WRONLY);
37 write(fd, "\n", 1);
38 SAFE_CLOSE(fd);
39 exit(0);
40 }
41
42 tst_reap_children();
43 }
44
45 tst_res(TPASS, "Bug not reproduced");
46 }
47
48 static struct tst_test test = {
49 .forks_child = 1,
50 .setup = setup,
51 .test_all = do_test,
52 .tags = (const struct tst_tag[]) {
53 {"linux-git", "0c461cb727d1"},
54 {"CVE", "2017-2618"},
55 {}
56 }
57 };
58