Back to home page

OSCL-LXR
 
 

     

0001 // SPDX-License-Identifier: GPL-2.0
0002 
0003 /*
0004  * Copyright (C) 2020 Google LLC.
0005  */
0006 
0007 #include <test_progs.h>
0008 #include <sys/mman.h>
0009 #include <sys/wait.h>
0010 #include <unistd.h>
0011 #include <malloc.h>
0012 #include <stdlib.h>
0013 
0014 #include "lsm.skel.h"
0015 
0016 char *CMD_ARGS[] = {"true", NULL};
0017 
0018 #define GET_PAGE_ADDR(ADDR, PAGE_SIZE)                  \
0019     (char *)(((unsigned long) (ADDR + PAGE_SIZE)) & ~(PAGE_SIZE-1))
0020 
0021 int stack_mprotect(void)
0022 {
0023     void *buf;
0024     long sz;
0025     int ret;
0026 
0027     sz = sysconf(_SC_PAGESIZE);
0028     if (sz < 0)
0029         return sz;
0030 
0031     buf = alloca(sz * 3);
0032     ret = mprotect(GET_PAGE_ADDR(buf, sz), sz,
0033                PROT_READ | PROT_WRITE | PROT_EXEC);
0034     return ret;
0035 }
0036 
0037 int exec_cmd(int *monitored_pid)
0038 {
0039     int child_pid, child_status;
0040 
0041     child_pid = fork();
0042     if (child_pid == 0) {
0043         *monitored_pid = getpid();
0044         execvp(CMD_ARGS[0], CMD_ARGS);
0045         return -EINVAL;
0046     } else if (child_pid > 0) {
0047         waitpid(child_pid, &child_status, 0);
0048         return child_status;
0049     }
0050 
0051     return -EINVAL;
0052 }
0053 
0054 static int test_lsm(struct lsm *skel)
0055 {
0056     struct bpf_link *link;
0057     int buf = 1234;
0058     int err;
0059 
0060     err = lsm__attach(skel);
0061     if (!ASSERT_OK(err, "attach"))
0062         return err;
0063 
0064     /* Check that already linked program can't be attached again. */
0065     link = bpf_program__attach(skel->progs.test_int_hook);
0066     if (!ASSERT_ERR_PTR(link, "attach_link"))
0067         return -1;
0068 
0069     err = exec_cmd(&skel->bss->monitored_pid);
0070     if (!ASSERT_OK(err, "exec_cmd"))
0071         return err;
0072 
0073     ASSERT_EQ(skel->bss->bprm_count, 1, "bprm_count");
0074 
0075     skel->bss->monitored_pid = getpid();
0076 
0077     err = stack_mprotect();
0078     if (!ASSERT_EQ(errno, EPERM, "stack_mprotect"))
0079         return err;
0080 
0081     ASSERT_EQ(skel->bss->mprotect_count, 1, "mprotect_count");
0082 
0083     syscall(__NR_setdomainname, &buf, -2L);
0084     syscall(__NR_setdomainname, 0, -3L);
0085     syscall(__NR_setdomainname, ~0L, -4L);
0086 
0087     ASSERT_EQ(skel->bss->copy_test, 3, "copy_test");
0088 
0089     lsm__detach(skel);
0090 
0091     skel->bss->copy_test = 0;
0092     skel->bss->bprm_count = 0;
0093     skel->bss->mprotect_count = 0;
0094     return 0;
0095 }
0096 
0097 void test_test_lsm(void)
0098 {
0099     struct lsm *skel = NULL;
0100     int err;
0101 
0102     skel = lsm__open_and_load();
0103     if (!ASSERT_OK_PTR(skel, "lsm_skel_load"))
0104         goto close_prog;
0105 
0106     err = test_lsm(skel);
0107     if (!ASSERT_OK(err, "test_lsm_first_attach"))
0108         goto close_prog;
0109 
0110     err = test_lsm(skel);
0111     ASSERT_OK(err, "test_lsm_second_attach");
0112 
0113 close_prog:
0114     lsm__destroy(skel);
0115 }
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!