From: Jeff Xu <jeffxu@chromium.org>
To: Kees Cook <kees@kernel.org>
Cc: "Thomas Weißschuh" <thomas.weissschuh@linutronix.de>,
akpm@linux-foundation.org, keescook@chromium.org,
jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz,
lorenzo.stoakes@oracle.com, Liam.Howlett@oracle.com,
adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com,
benjamin@sipsolutions.net, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org, linux-mm@kvack.org,
jorgelo@chromium.org, sroettger@google.com, hch@lst.de,
ojeda@kernel.org, adobriyan@gmail.com, johannes@sipsolutions.net,
pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org,
anna-maria@linutronix.de, mark.rutland@arm.com,
linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de,
rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com,
f.fainelli@gmail.com, gerg@kernel.org,
dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org,
mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org,
ardb@google.com, enh@google.com, rientjes@google.com,
groeck@chromium.org, mpe@ellerman.id.au,
aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com
Subject: Re: [RFC PATCH v5 2/7] selftests: x86: test_mremap_vdso: skip if vdso is msealed
Date: Thu, 13 Feb 2025 14:20:01 -0800 [thread overview]
Message-ID: <CABi2SkU0kW8yAoucxLjkqXpFJMJzGDmKZZhgMJGobaALNVTGvA@mail.gmail.com> (raw)
In-Reply-To: <35C0FD0B-0483-4663-AD60-701AB8D9247A@kernel.org>
On Thu, Feb 13, 2025 at 11:28 AM Kees Cook <kees@kernel.org> wrote:
>
>
>
> On February 13, 2025 6:14:00 AM PST, Jeff Xu <jeffxu@chromium.org> wrote:
> >On Wed, Feb 12, 2025 at 5:04 AM Thomas Weißschuh
> ><thomas.weissschuh@linutronix.de> wrote:
> >>
> >> On Wed, Feb 12, 2025 at 03:21:50AM +0000, jeffxu@chromium.org wrote:
> >> > From: Jeff Xu <jeffxu@chromium.org>
> >> >
> >> > Add code to detect if the vdso is memory sealed, skip the test
> >> > if it is.
> >> >
> >> > Signed-off-by: Jeff Xu <jeffxu@chromium.org>
> >> > ---
> >> > .../testing/selftests/x86/test_mremap_vdso.c | 38 +++++++++++++++++++
> >> > 1 file changed, 38 insertions(+)
> >> >
> >> > diff --git a/tools/testing/selftests/x86/test_mremap_vdso.c b/tools/testing/selftests/x86/test_mremap_vdso.c
> >> > index d53959e03593..c68077c56b22 100644
> >> > --- a/tools/testing/selftests/x86/test_mremap_vdso.c
> >> > +++ b/tools/testing/selftests/x86/test_mremap_vdso.c
> >> > @@ -14,6 +14,7 @@
> >> > #include <errno.h>
> >> > #include <unistd.h>
> >> > #include <string.h>
> >> > +#include <stdbool.h>
> >> >
> >> > #include <sys/mman.h>
> >> > #include <sys/auxv.h>
> >> > @@ -55,13 +56,50 @@ static int try_to_remap(void *vdso_addr, unsigned long size)
> >> >
> >> > }
> >> >
> >> > +#define VDSO_NAME "[vdso]"
> >> > +#define VMFLAGS "VmFlags:"
> >> > +#define MSEAL_FLAGS "sl"
> >> > +#define MAX_LINE_LEN 512
> >> > +
> >> > +bool vdso_sealed(FILE *maps)
> >> > +{
> >> > + char line[MAX_LINE_LEN];
> >> > + bool has_vdso = false;
> >> > +
> >> > + while (fgets(line, sizeof(line), maps)) {
> >> > + if (strstr(line, VDSO_NAME))
> >> > + has_vdso = true;
> >> > +
> >> > + if (has_vdso && !strncmp(line, VMFLAGS, strlen(VMFLAGS))) {
> >> > + if (strstr(line, MSEAL_FLAGS))
> >> > + return true;
> >> > +
> >> > + return false;
> >>
> >> This only tests that any mapping after the vdso is sealed.
> >
> >The code above begins by searching for the "[vdso]" string, then looks
> >for the first line that starts with "VmFlags:", and looks for the "sl"
> >substring within that line. We're assuming the format of smaps won't
> >change from release to release.
>
> Oh, I missed this in my reviews: nothing _resets_ has_vdso to false, so if any other mapping follows vdso that happens to be sealed, this will return true...
>
It won't return the next mapping's sealing flag.
After finding the "[vdso]", if the next line that contains VMFLAGS
doesn't have the "sl" flag, the function returns false immediately.
> >
> >> There is a real parser for /proc/self/smaps in
> >> tools/testing/selftests/mm/vm_util.[ch], see check_vmflag_io().
> >>
> >This test is in selftest/x86, which makes it hard to include the
> >vm_util from selftest/mm, if that's what you're asking.
>
> Hm, we have done these kinds of inter-tests dependencies before. (E.g. seccomp includes stuff from the clone tests.) I think it should be possible if it can just be a header include. Linking across tests would be more frustrating.
>
I can switch to vm_util, I will need to add a new parsing function in
vm_util, the existing __get_smap_entry() only searches for vm's
starting address, not name.
Thanks
-Jeff
> -Kees
>
> --
> Kees Cook
next prev parent reply other threads:[~2025-02-13 22:20 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-12 3:21 [RFC PATCH v5 0/7] mseal system mappings jeffxu
2025-02-12 3:21 ` [RFC PATCH v5 1/7] mseal, system mappings: kernel config and header change jeffxu
2025-02-12 3:31 ` Randy Dunlap
2025-02-12 3:40 ` Jeff Xu
2025-02-12 15:05 ` Liam R. Howlett
2025-02-13 17:15 ` Jeff Xu
2025-02-13 18:29 ` Liam R. Howlett
2025-02-13 20:11 ` Kees Cook
2025-02-13 20:54 ` Liam R. Howlett
2025-02-13 22:00 ` Jeff Xu
2025-02-14 0:14 ` Liam R. Howlett
2025-02-14 1:10 ` Liam R. Howlett
2025-02-14 14:39 ` Jeff Xu
2025-02-14 14:59 ` Lorenzo Stoakes
2025-02-14 15:18 ` Jeff Xu
2025-02-12 3:21 ` [RFC PATCH v5 2/7] selftests: x86: test_mremap_vdso: skip if vdso is msealed jeffxu
2025-02-12 13:03 ` Thomas Weißschuh
2025-02-13 14:14 ` Jeff Xu
2025-02-13 19:28 ` Kees Cook
2025-02-13 22:20 ` Jeff Xu [this message]
2025-02-14 2:52 ` Kees Cook
2025-02-14 14:15 ` Jeff Xu
2025-02-12 3:21 ` [RFC PATCH v5 3/7] mseal, system mappings: enable x86-64 jeffxu
2025-02-12 3:21 ` [RFC PATCH v5 4/7] mseal, system mappings: enable arm64 jeffxu
2025-02-12 3:21 ` [RFC PATCH v5 5/7] mseal, system mappings: enable uml architecture jeffxu
2025-02-12 3:21 ` [RFC PATCH v5 6/7] mseal, system mappings: uprobe mapping jeffxu
2025-02-12 3:21 ` [RFC PATCH v5 7/7] mseal, system mappings: update mseal.rst jeffxu
2025-02-12 11:24 ` [RFC PATCH v5 0/7] mseal system mappings Lorenzo Stoakes
2025-02-12 12:37 ` Pedro Falcato
2025-02-12 14:01 ` Lorenzo Stoakes
2025-02-12 14:08 ` Johannes Berg
2025-02-13 19:59 ` Pedro Falcato
2025-02-13 20:47 ` Kees Cook
2025-02-18 23:18 ` Pedro Falcato
2025-02-19 13:46 ` Adhemerval Zanella Netto
2025-02-19 17:17 ` enh
2025-02-23 2:05 ` Jeff Xu
2025-02-12 22:05 ` Kees Cook
2025-02-13 14:20 ` Jeff Xu
2025-02-13 18:35 ` Liam R. Howlett
2025-02-13 19:34 ` Kees Cook
2025-02-13 20:10 ` Liam R. Howlett
2025-02-13 14:19 ` Jeff Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CABi2SkU0kW8yAoucxLjkqXpFJMJzGDmKZZhgMJGobaALNVTGvA@mail.gmail.com \
--to=jeffxu@chromium.org \
--cc=42.hyeyoo@gmail.com \
--cc=Jason@zx2c4.com \
--cc=Liam.Howlett@oracle.com \
--cc=adhemerval.zanella@linaro.org \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=aleksandr.mikhalitsyn@canonical.com \
--cc=anna-maria@linutronix.de \
--cc=ardb@google.com \
--cc=ardb@kernel.org \
--cc=avagin@gmail.com \
--cc=benjamin@sipsolutions.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=deller@gmx.de \
--cc=enh@google.com \
--cc=f.fainelli@gmail.com \
--cc=gerg@kernel.org \
--cc=groeck@chromium.org \
--cc=hca@linux.ibm.com \
--cc=hch@lst.de \
--cc=jannh@google.com \
--cc=johannes@sipsolutions.net \
--cc=jorgelo@chromium.org \
--cc=kees@kernel.org \
--cc=keescook@chromium.org \
--cc=linus.walleij@linaro.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mark.rutland@arm.com \
--cc=mhocko@suse.com \
--cc=mike.rapoport@gmail.com \
--cc=mingo@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=ojeda@kernel.org \
--cc=oleg@redhat.com \
--cc=pedro.falcato@gmail.com \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
--cc=rientjes@google.com \
--cc=sroettger@google.com \
--cc=thomas.weissschuh@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vbabka@suse.cz \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox