[thirdparty/linux.git] / tools / testing / selftests / bpf / prog_tests / test_lsm.c

// SPDX-License-Identifier: GPL-2.0

/*
 * Copyright (C) 2020 Google LLC.
 */

#include <test_progs.h>
#include <sys/mman.h>
#include <sys/wait.h>
#include <unistd.h>
#include <malloc.h>
#include <stdlib.h>

#include "lsm.skel.h"

char *CMD_ARGS[] = {"true", NULL};

#define GET_PAGE_ADDR(ADDR, PAGE_SIZE)					\
	(char *)(((unsigned long) (ADDR + PAGE_SIZE)) & ~(PAGE_SIZE-1))

int stack_mprotect(void)
{
	void *buf;
	long sz;
	int ret;

	sz = sysconf(_SC_PAGESIZE);
	if (sz < 0)
		return sz;

	buf = alloca(sz * 3);
	ret = mprotect(GET_PAGE_ADDR(buf, sz), sz,
		       PROT_READ | PROT_WRITE | PROT_EXEC);
	return ret;
}

int exec_cmd(int *monitored_pid)
{
	int child_pid, child_status;

	child_pid = fork();
	if (child_pid == 0) {
		*monitored_pid = getpid();
		execvp(CMD_ARGS[0], CMD_ARGS);
		return -EINVAL;
	} else if (child_pid > 0) {
		waitpid(child_pid, &child_status, 0);
		return child_status;
	}

	return -EINVAL;
}

void test_test_lsm(void)
{
	struct lsm *skel = NULL;
	int err, duration = 0;

	skel = lsm__open_and_load();
	if (CHECK(!skel, "skel_load", "lsm skeleton failed\n"))
		goto close_prog;

	err = lsm__attach(skel);
	if (CHECK(err, "attach", "lsm attach failed: %d\n", err))
		goto close_prog;

	err = exec_cmd(&skel->bss->monitored_pid);
	if (CHECK(err < 0, "exec_cmd", "err %d errno %d\n", err, errno))
		goto close_prog;

	CHECK(skel->bss->bprm_count != 1, "bprm_count", "bprm_count = %d\n",
	      skel->bss->bprm_count);

	skel->bss->monitored_pid = getpid();

	err = stack_mprotect();
	if (CHECK(errno != EPERM, "stack_mprotect", "want err=EPERM, got %d\n",
		  errno))
		goto close_prog;

	CHECK(skel->bss->mprotect_count != 1, "mprotect_count",
	      "mprotect_count = %d\n", skel->bss->mprotect_count);

close_prog:
	lsm__destroy(skel);
}
Commit	Line	Data
03e54f10 KS	1	// SPDX-License-Identifier: GPL-2.0
	2
	3	/*
	4	* Copyright (C) 2020 Google LLC.
	5	*/
	6
	7	#include <test_progs.h>
	8	#include <sys/mman.h>
	9	#include <sys/wait.h>
	10	#include <unistd.h>
	11	#include <malloc.h>
	12	#include <stdlib.h>
	13
	14	#include "lsm.skel.h"
	15
	16	char *CMD_ARGS[] = {"true", NULL};
	17
5222d696 KS	18	#define GET_PAGE_ADDR(ADDR, PAGE_SIZE) \
	19	(char *)(((unsigned long) (ADDR + PAGE_SIZE)) & ~(PAGE_SIZE-1))
	20
	21	int stack_mprotect(void)
03e54f10 KS	22	{
	23	void *buf;
	24	long sz;
	25	int ret;
	26
	27	sz = sysconf(_SC_PAGESIZE);
	28	if (sz < 0)
	29	return sz;
	30
5222d696 KS	31	buf = alloca(sz * 3);
	32	ret = mprotect(GET_PAGE_ADDR(buf, sz), sz,
	33	PROT_READ \| PROT_WRITE \| PROT_EXEC);
03e54f10 KS	34	return ret;
	35	}
	36
	37	int exec_cmd(int *monitored_pid)
	38	{
	39	int child_pid, child_status;
	40
	41	child_pid = fork();
	42	if (child_pid == 0) {
	43	*monitored_pid = getpid();
	44	execvp(CMD_ARGS[0], CMD_ARGS);
	45	return -EINVAL;
	46	} else if (child_pid > 0) {
	47	waitpid(child_pid, &child_status, 0);
	48	return child_status;
	49	}
	50
	51	return -EINVAL;
	52	}
	53
	54	void test_test_lsm(void)
	55	{
	56	struct lsm *skel = NULL;
	57	int err, duration = 0;
	58
	59	skel = lsm__open_and_load();
	60	if (CHECK(!skel, "skel_load", "lsm skeleton failed\n"))
	61	goto close_prog;
	62
	63	err = lsm__attach(skel);
	64	if (CHECK(err, "attach", "lsm attach failed: %d\n", err))
	65	goto close_prog;
	66
	67	err = exec_cmd(&skel->bss->monitored_pid);
	68	if (CHECK(err < 0, "exec_cmd", "err %d errno %d\n", err, errno))
	69	goto close_prog;
	70
	71	CHECK(skel->bss->bprm_count != 1, "bprm_count", "bprm_count = %d\n",
	72	skel->bss->bprm_count);
	73
	74	skel->bss->monitored_pid = getpid();
	75
5222d696 KS	76	err = stack_mprotect();
5222d696 KS	77	if (CHECK(errno != EPERM, "stack_mprotect", "want err=EPERM, got %d\n",
03e54f10 KS	78	errno))
	79	goto close_prog;
	80
	81	CHECK(skel->bss->mprotect_count != 1, "mprotect_count",
	82	"mprotect_count = %d\n", skel->bss->mprotect_count);
	83
	84	close_prog:
	85	lsm__destroy(skel);
	86	}