003 File Manager
Current Path:
/usr/src/contrib/netbsd-tests/lib/libc/sys
usr
/
src
/
contrib
/
netbsd-tests
/
lib
/
libc
/
sys
/
📁
..
📄
t_access.c
(5.03 KB)
📄
t_bind.c
(2.37 KB)
📄
t_chroot.c
(6.75 KB)
📄
t_clock_gettime.c
(6.4 KB)
📄
t_clock_nanosleep.c
(2.38 KB)
📄
t_clone.c
(5.97 KB)
📄
t_connect.c
(3.88 KB)
📄
t_dup.c
(8.19 KB)
📄
t_fsync.c
(3.05 KB)
📄
t_getcontext.c
(4.02 KB)
📄
t_getgroups.c
(4.17 KB)
📄
t_getitimer.c
(5.41 KB)
📄
t_getlogin.c
(5.03 KB)
📄
t_getpid.c
(3.13 KB)
📄
t_getrusage.c
(4.92 KB)
📄
t_getsid.c
(2.96 KB)
📄
t_getsockname.c
(2.56 KB)
📄
t_gettimeofday.c
(2.64 KB)
📄
t_issetugid.c
(3.73 KB)
📄
t_kevent.c
(5.15 KB)
📄
t_kill.c
(6.3 KB)
📄
t_link.c
(5.49 KB)
📄
t_listen.c
(3.84 KB)
📄
t_lwp_create.c
(7.14 KB)
📄
t_lwp_ctl.c
(2.34 KB)
📄
t_mincore.c
(9.69 KB)
📄
t_minherit.c
(4.68 KB)
📄
t_mkdir.c
(5.12 KB)
📄
t_mkfifo.c
(5.8 KB)
📄
t_mknod.c
(4.95 KB)
📄
t_mlock.c
(10.41 KB)
📄
t_mmap.c
(14.12 KB)
📄
t_mprotect.c
(8.41 KB)
📄
t_msgctl.c
(8.06 KB)
📄
t_msgget.c
(6.71 KB)
📄
t_msgrcv.c
(7.68 KB)
📄
t_msgsnd.c
(7.64 KB)
📄
t_msync.c
(5.11 KB)
📄
t_nanosleep.c
(6.24 KB)
📄
t_pipe.c
(4.37 KB)
📄
t_pipe2.c
(5.45 KB)
📄
t_poll.c
(9.35 KB)
📄
t_posix_fadvise.c
(5.82 KB)
📄
t_posix_fallocate.c
(2.3 KB)
📄
t_recvmmsg.c
(4.88 KB)
📄
t_revoke.c
(4.55 KB)
📄
t_select.c
(4.88 KB)
📄
t_setrlimit.c
(11.54 KB)
📄
t_setuid.c
(3.08 KB)
📄
t_sigaction.c
(3.91 KB)
📄
t_sigqueue.c
(6.02 KB)
📄
t_sigtimedwait.c
(3.57 KB)
📄
t_socketpair.c
(5.18 KB)
📄
t_stat.c
(9.39 KB)
📄
t_swapcontext.c
(3.44 KB)
📄
t_timer_create.c
(7.47 KB)
📄
t_truncate.c
(4.51 KB)
📄
t_ucontext.c
(2.17 KB)
📄
t_umask.c
(4.18 KB)
📄
t_unlink.c
(3.95 KB)
📄
t_wait.c
(8.99 KB)
📄
t_wait_noproc.c
(7.43 KB)
📄
t_wait_noproc_wnohang.c
(1.49 KB)
📄
t_write.c
(5.22 KB)
Editing: t_mprotect.c
/* $NetBSD: t_mprotect.c,v 1.4 2016/05/28 14:34:49 christos Exp $ */ /*- * Copyright (c) 2011 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation * by Jukka Ruohonen. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #include <sys/cdefs.h> __RCSID("$NetBSD: t_mprotect.c,v 1.4 2016/05/28 14:34:49 christos Exp $"); #include <sys/param.h> #include <sys/mman.h> #include <sys/sysctl.h> #include <sys/wait.h> #include <errno.h> #include <fcntl.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <atf-c.h> #ifdef __NetBSD__ #include "../common/exec_prot.h" #endif static long page = 0; static int pax_global = -1; static int pax_enabled = -1; static char path[] = "mmap"; static void sighandler(int); static bool paxinit(void); static bool paxset(int, int); static void sighandler(int signo) { _exit(signo); } static bool paxinit(void) { size_t len = sizeof(int); int rv; rv = sysctlbyname("security.pax.mprotect.global", &pax_global, &len, NULL, 0); if (rv != 0) return false; rv = sysctlbyname("security.pax.mprotect.enabled", &pax_enabled, &len, NULL, 0); return rv == 0; } static bool paxset(int global, int enabled) { size_t len = sizeof(int); int rv; rv = sysctlbyname("security.pax.mprotect.global", NULL, NULL, &global, len); if (rv != 0) return false; rv = sysctlbyname("security.pax.mprotect.enabled", NULL, NULL, &enabled, len); if (rv != 0) return false; return true; } ATF_TC_WITH_CLEANUP(mprotect_access); ATF_TC_HEAD(mprotect_access, tc) { atf_tc_set_md_var(tc, "descr", "Test for EACCES from mprotect(2)"); } ATF_TC_BODY(mprotect_access, tc) { int prot[2] = { PROT_NONE, PROT_READ }; void *map; size_t i; int fd; fd = open(path, O_RDONLY | O_CREAT, 0600); ATF_REQUIRE(fd >= 0); /* * The call should fail with EACCES if we try to mark * a PROT_NONE or PROT_READ file/section as PROT_WRITE. */ for (i = 0; i < __arraycount(prot); i++) { map = mmap(NULL, page, prot[i], MAP_SHARED, fd, 0); if (map == MAP_FAILED) continue; errno = 0; ATF_REQUIRE(mprotect(map, page, PROT_WRITE) != 0); ATF_REQUIRE(errno == EACCES); ATF_REQUIRE(munmap(map, page) == 0); } ATF_REQUIRE(close(fd) == 0); } ATF_TC_CLEANUP(mprotect_access, tc) { (void)unlink(path); } ATF_TC(mprotect_err); ATF_TC_HEAD(mprotect_err, tc) { atf_tc_set_md_var(tc, "descr", "Test error conditions of mprotect(2)"); } ATF_TC_BODY(mprotect_err, tc) { errno = 0; ATF_REQUIRE(mprotect((char *)-1, 1, PROT_READ) != 0); ATF_REQUIRE(errno == EINVAL); } #ifdef __NetBSD__ ATF_TC(mprotect_exec); ATF_TC_HEAD(mprotect_exec, tc) { atf_tc_set_md_var(tc, "descr", "Test mprotect(2) executable space protections"); } /* * Trivial function -- should fit into a page */ ATF_TC_BODY(mprotect_exec, tc) { pid_t pid; void *map; int sta, xp_support; xp_support = exec_prot_support(); switch (xp_support) { case NOTIMPL: atf_tc_skip( "Execute protection callback check not implemented"); break; case NO_XP: atf_tc_skip( "Host does not support executable space protection"); break; case PARTIAL_XP: case PERPAGE_XP: default: break; } if (!paxinit()) return; if (pax_enabled == 1 && pax_global == 1) atf_tc_skip("PaX MPROTECT restrictions enabled"); /* * Map a page read/write and copy a trivial assembly function inside. * We will then change the mapping rights: * - first by setting the execution right, and check that we can * call the code found in the allocated page. * - second by removing the execution right. This should generate * a SIGSEGV on architectures that can enforce --x permissions. */ map = mmap(NULL, page, PROT_WRITE|PROT_READ, MAP_ANON, -1, 0); ATF_REQUIRE(map != MAP_FAILED); memcpy(map, (void *)return_one, (uintptr_t)return_one_end - (uintptr_t)return_one); /* give r-x rights then call code in page */ ATF_REQUIRE(mprotect(map, page, PROT_EXEC|PROT_READ) == 0); ATF_REQUIRE(((int (*)(void))map)() == 1); /* remove --x right */ ATF_REQUIRE(mprotect(map, page, PROT_READ) == 0); pid = fork(); ATF_REQUIRE(pid >= 0); if (pid == 0) { ATF_REQUIRE(signal(SIGSEGV, sighandler) != SIG_ERR); ATF_CHECK(((int (*)(void))map)() == 1); _exit(0); } (void)wait(&sta); ATF_REQUIRE(munmap(map, page) == 0); ATF_REQUIRE(WIFEXITED(sta) != 0); switch (xp_support) { case PARTIAL_XP: /* Partial protection might fail; skip the test when it does */ if (WEXITSTATUS(sta) != SIGSEGV) { atf_tc_skip("Host only supports " "partial executable space protection"); } break; case PERPAGE_XP: default: /* Per-page --x protection should not fail */ ATF_REQUIRE(WEXITSTATUS(sta) == SIGSEGV); break; } } #endif ATF_TC(mprotect_pax); ATF_TC_HEAD(mprotect_pax, tc) { atf_tc_set_md_var(tc, "descr", "PaX restrictions and mprotect(2)"); atf_tc_set_md_var(tc, "require.user", "root"); } ATF_TC_BODY(mprotect_pax, tc) { const int prot[4] = { PROT_NONE, PROT_READ, PROT_WRITE }; const char *str = NULL; void *map; size_t i; int rv; if (!paxinit() || !paxset(1, 1)) return; /* * As noted in the original PaX documentation [1], * the following restrictions should apply: * * (1) creating executable anonymous mappings * * (2) creating executable/writable file mappings * * (3) making a non-executable mapping executable * * (4) making an executable/read-only file mapping * writable except for performing relocations * on an ET_DYN ELF file (non-PIC shared library) * * The following will test only the case (3). * * [1] http://pax.grsecurity.net/docs/mprotect.txt * * (Sun Apr 3 11:06:53 EEST 2011.) */ for (i = 0; i < __arraycount(prot); i++) { map = mmap(NULL, page, prot[i], MAP_ANON, -1, 0); if (map == MAP_FAILED) continue; rv = mprotect(map, 1, prot[i] | PROT_EXEC); (void)munmap(map, page); if (rv == 0) { str = "non-executable mapping made executable"; goto out; } } out: if (pax_global != -1 && pax_enabled != -1) (void)paxset(pax_global, pax_enabled); if (str != NULL) atf_tc_fail("%s", str); } ATF_TC(mprotect_write); ATF_TC_HEAD(mprotect_write, tc) { atf_tc_set_md_var(tc, "descr", "Test mprotect(2) write protections"); } ATF_TC_BODY(mprotect_write, tc) { pid_t pid; void *map; int sta; /* * Map a page read/write, change the protection * to read-only with mprotect(2), and try to write * to the page. This should generate a SIGSEGV. */ map = mmap(NULL, page, PROT_WRITE|PROT_READ, MAP_ANON, -1, 0); ATF_REQUIRE(map != MAP_FAILED); ATF_REQUIRE(strlcpy(map, "XXX", 3) == 3); ATF_REQUIRE(mprotect(map, page, PROT_READ) == 0); pid = fork(); ATF_REQUIRE(pid >= 0); if (pid == 0) { ATF_REQUIRE(signal(SIGSEGV, sighandler) != SIG_ERR); ATF_REQUIRE(strlcpy(map, "XXX", 3) == 0); } (void)wait(&sta); ATF_REQUIRE(WIFEXITED(sta) != 0); ATF_REQUIRE(WEXITSTATUS(sta) == SIGSEGV); ATF_REQUIRE(munmap(map, page) == 0); } ATF_TP_ADD_TCS(tp) { page = sysconf(_SC_PAGESIZE); ATF_REQUIRE(page >= 0); ATF_TP_ADD_TC(tp, mprotect_access); ATF_TP_ADD_TC(tp, mprotect_err); #ifdef __NetBSD__ ATF_TP_ADD_TC(tp, mprotect_exec); #endif ATF_TP_ADD_TC(tp, mprotect_pax); ATF_TP_ADD_TC(tp, mprotect_write); return atf_no_error(); }
Upload File
Create Folder