1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (c) 2020 Viresh Kumar <viresh.kumar@linaro.org>
4 */
5
6 /*\
7 * [Description]
8 *
9 * Basic init_module() failure tests.
10 *
11 * [Algorithm]
12 *
13 * Tests various failure scenarios for init_module().
14 */
15
16 #include <linux/capability.h>
17 #include <stdlib.h>
18 #include <errno.h>
19 #include "lapi/init_module.h"
20 #include "tst_module.h"
21 #include "tst_capability.h"
22
23 #define MODULE_NAME "init_module.ko"
24
25 static unsigned long size, zero_size;
26 static int kernel_lockdown, secure_boot, sig_enforce;
27 static void *buf, *faulty_buf, *null_buf;
28
29 static struct tst_cap cap_req = TST_CAP(TST_CAP_REQ, CAP_SYS_MODULE);
30 static struct tst_cap cap_drop = TST_CAP(TST_CAP_DROP, CAP_SYS_MODULE);
31
32 static struct tcase {
33 const char *name;
34 void **buf;
35 unsigned long *size;
36 const char *param;
37 int cap;
38 int skip_in_lockdown;
39 int exp_errno;
40 } tcases[] = {
41 {"NULL-buffer", &null_buf, &size, "", 0, 0, EFAULT},
42 {"faulty-buffer", &faulty_buf, &size, "", 0, 0, EFAULT},
43 {"null-param", &buf, &size, NULL, 0, 1, EFAULT},
44 {"zero-size", &buf, &zero_size, "", 0, 0, ENOEXEC},
45 {"invalid_param", &buf, &size, "status=invalid", 0, 1, EINVAL},
46 {"no-perm", &buf, &size, "", 1, 0, EPERM},
47 {"module-exists", &buf, &size, "", 0, 1, EEXIST},
48 {"module-unsigned", &buf, &size, "", 0, 1, EKEYREJECTED},
49 };
50
setup(void)51 static void setup(void)
52 {
53 struct stat sb;
54 int fd;
55
56 if (tst_module_signature_enforced())
57 sig_enforce = 1;
58
59 tst_module_exists(MODULE_NAME, NULL);
60
61 kernel_lockdown = tst_lockdown_enabled() > 0;
62 secure_boot = tst_secureboot_enabled() > 0;
63 fd = SAFE_OPEN(MODULE_NAME, O_RDONLY|O_CLOEXEC);
64 SAFE_FSTAT(fd, &sb);
65 size = sb.st_size;
66 buf = SAFE_MMAP(0, size, PROT_READ|PROT_EXEC, MAP_PRIVATE, fd, 0);
67 SAFE_CLOSE(fd);
68
69 faulty_buf = tst_get_bad_addr(NULL);
70 }
71
run(unsigned int n)72 static void run(unsigned int n)
73 {
74 struct tcase *tc = &tcases[n];
75
76 if (tc->skip_in_lockdown && (kernel_lockdown || secure_boot)) {
77 tst_res(TCONF, "Cannot load unsigned modules, skipping %s", tc->name);
78 return;
79 }
80
81 if ((sig_enforce == 1) && (tc->exp_errno != EKEYREJECTED)) {
82 tst_res(TCONF, "module signature is enforced, skipping %s", tc->name);
83 return;
84 }
85
86 if ((sig_enforce != 1) && (tc->exp_errno == EKEYREJECTED)) {
87 tst_res(TCONF, "module signature is not enforced, skipping %s", tc->name);
88 return;
89 }
90
91 if (tc->cap)
92 tst_cap_action(&cap_drop);
93
94 /* Insert module twice */
95 if (tc->exp_errno == EEXIST)
96 tst_module_load(MODULE_NAME, NULL);
97
98 TST_EXP_FAIL(init_module(*tc->buf, *tc->size, tc->param),
99 tc->exp_errno, "TestName: %s", tc->name);
100
101 if (tc->exp_errno == EEXIST)
102 tst_module_unload(MODULE_NAME);
103
104 if (!TST_PASS && !TST_RET)
105 tst_module_unload(MODULE_NAME);
106
107 if (tc->cap)
108 tst_cap_action(&cap_req);
109 }
110
cleanup(void)111 static void cleanup(void)
112 {
113 munmap(buf, size);
114 }
115
116 static struct tst_test test = {
117 .test = run,
118 .tcnt = ARRAY_SIZE(tcases),
119 .setup = setup,
120 .cleanup = cleanup,
121 .needs_root = 1,
122 };
123