From nobody Mon Feb 21 16:09:34 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id E1F7819DA405 for ; Mon, 21 Feb 2022 16:09:42 +0000 (UTC) (envelope-from jrtc27@jrtc27.com) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4K2S1K6lKBz4dbd for ; Mon, 21 Feb 2022 16:09:41 +0000 (UTC) (envelope-from jrtc27@jrtc27.com) Received: by mail-wr1-f50.google.com with SMTP id h6so27929276wrb.9 for ; Mon, 21 Feb 2022 08:09:41 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vG7B8hGMRUj/t5S9c+dzWOF4+Gnhiiun6XS1UMa1sQ0=; b=SxgLN083gKRzPfmuPpHHeKb3+cMh/DNshmjztSBESt6lR2lq4t82FpogEPGeRCYp+V shaK2rYrOhiKEpXGvP/nhwR85f4wT6GKm+VUedT6zSW9rUDC+oe1pOZYbVXBnJBNHU32 5Sq/MboBBcWdILAQRuShZ1XJmmdDQEKk5n7pqxZWRgsIgueYawY5Un6WsaFSe1RIS/L2 87sXQnRWnRqWnJ5RZ7IP5Qrq78jINcC0O18Usoo2/0i3jhIglJspvQFIt2Z17U03t1bC s9XcxxipJVmJ9fiQ1rZ9ShASE31H3kjQtB4QiWvpf4c8nqaaGue8WvhFsxc5KCWwPUj6 WyAQ== X-Gm-Message-State: AOAM533M3j6d9EedB+3gfs6eFlkq5L6gyBnJDHMTpSsKzNusZzoX5LtO q9RZ2JoRzQUI0/himj4YSfcfSc06imjzSQ== X-Google-Smtp-Source: ABdhPJy+xdBbgf/lP25PDSj/REtGeicOEEsZg1Ld+5XfT26SUzsjXL6Wh4PPtWunulAqYMvIxTtTZA== X-Received: by 2002:adf:c407:0:b0:1e3:3367:bf71 with SMTP id v7-20020adfc407000000b001e33367bf71mr16033531wrf.483.1645459775613; Mon, 21 Feb 2022 08:09:35 -0800 (PST) Received: from smtpclient.apple (global-5-143.nat-2.net.cam.ac.uk. [131.111.5.143]) by smtp.gmail.com with ESMTPSA id 20sm7910261wmk.26.2022.02.21.08.09.34 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 21 Feb 2022 08:09:35 -0800 (PST) Content-Type: text/plain; charset=utf-8 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.40.0.1.81\)) Subject: Re: git: 766c2466ff46 - main - mmap map_at_zero test: handle W^X From: Jessica Clarke In-Reply-To: <202202211546.21LFkKhX053274@gitrepo.freebsd.org> Date: Mon, 21 Feb 2022 16:09:34 +0000 Cc: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <5DF1CA02-6AF7-4588-A342-29F769CD5F23@freebsd.org> References: <202202211546.21LFkKhX053274@gitrepo.freebsd.org> To: Eric van Gyzen X-Mailer: Apple Mail (2.3693.40.0.1.81) X-Rspamd-Queue-Id: 4K2S1K6lKBz4dbd X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jrtc27@jrtc27.com designates 209.85.221.50 as permitted sender) smtp.mailfrom=jrtc27@jrtc27.com X-Spamd-Result: default: False [-2.50 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; MV_CASE(0.50)[]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-1.00)[-0.999]; FORGED_SENDER(0.30)[jrtc27@freebsd.org,jrtc27@jrtc27.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MID_RHS_MATCH_FROM(0.00)[]; FROM_NEQ_ENVFROM(0.00)[jrtc27@freebsd.org,jrtc27@jrtc27.com]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEFALL_USER(0.00)[jrtc27]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[dev-commits-src-all@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[209.85.221.50:from]; MLMMJ_DEST(0.00)[dev-commits-src-all]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.221.50:from]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N On 21 Feb 2022, at 15:46, Eric van Gyzen wrote: >=20 > The branch main has been updated by vangyzen: >=20 > URL: = https://cgit.FreeBSD.org/src/commit/?id=3D766c2466ff465b3c7c1a46be729b42a6= da47de03 >=20 > commit 766c2466ff465b3c7c1a46be729b42a6da47de03 > Author: Arka Sharma > AuthorDate: 2022-02-18 15:34:15 +0000 > Commit: Eric van Gyzen > CommitDate: 2022-02-21 15:43:42 +0000 >=20 > mmap map_at_zero test: handle W^X >=20 > Use kern.elfXX.allow_wx to decide whether to map W+X or W-only = memory. >=20 > Future work could expand this test to add an "allow_wx" axis to the > test matrix, but I would argue that a separate test should be = written, > since that's orthogonal to map_at_zero. >=20 > MFC after: 1 week > Sponsored by: Dell EMC Isilon > --- > tests/sys/vm/mmap_test.c | 27 +++++++++++++++++++++++++-- > 1 file changed, 25 insertions(+), 2 deletions(-) >=20 > diff --git a/tests/sys/vm/mmap_test.c b/tests/sys/vm/mmap_test.c > index 61ede96fc49b..dc01a23fff21 100644 > --- a/tests/sys/vm/mmap_test.c > +++ b/tests/sys/vm/mmap_test.c > @@ -34,6 +34,7 @@ > #include > #include > #include > +#include > #include > #include >=20 > @@ -54,6 +55,12 @@ static const struct { >=20 > #define MAP_AT_ZERO "security.bsd.map_at_zero" >=20 > +#ifdef __LP64__ > +#define ALLOW_WX "kern.elf64.allow_wx" > +#else > +#define ALLOW_WX "kern.elf32.allow_wx" > +#endif > + > ATF_TC_WITHOUT_HEAD(mmap__map_at_zero); > ATF_TC_BODY(mmap__map_at_zero, tc) > { > @@ -61,6 +68,8 @@ ATF_TC_BODY(mmap__map_at_zero, tc) > size_t len; > unsigned int i; > int map_at_zero; > + bool allow_wx; > + int prot_flags; >=20 > len =3D sizeof(map_at_zero); > if (sysctlbyname(MAP_AT_ZERO, &map_at_zero, &len, NULL, 0) =3D=3D = -1) { > @@ -69,13 +78,27 @@ ATF_TC_BODY(mmap__map_at_zero, tc) > return; > } >=20 > + len =3D sizeof(allow_wx); > + if (sysctlbyname(ALLOW_WX, &allow_wx, &len, NULL, 0) =3D=3D -1) = { > + if (errno =3D=3D ENOENT) { > + /* Allow W+X if sysctl isn't present */ > + allow_wx =3D true; > + } else { > + atf_tc_skip("sysctl for %s failed: %s\n", = ALLOW_WX, > + strerror(errno)); > + return; > + } > + } > + > /* Normalize to 0 or 1 for array access. */ > map_at_zero =3D !!map_at_zero; >=20 > for (i =3D 0; i < nitems(map_at_zero_tests); i++) { > + prot_flags =3D PROT_READ | PROT_WRITE; > + if (allow_wx) > + prot_flags |=3D PROT_EXEC; > p =3D mmap((void *)map_at_zero_tests[i].addr, PAGE_SIZE, > - PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | = MAP_FIXED, > - -1, 0); > + prot_flags, MAP_ANON | MAP_FIXED, -1, 0); > if (p =3D=3D MAP_FAILED) { > = ATF_CHECK_MSG(map_at_zero_tests[i].ok[map_at_zero] =3D=3D 0, > "mmap(%p, ...) failed", = map_at_zero_tests[i].addr); If the test is just as legitimate without PROT_EXEC, what=E2=80=99s the justification for not just removing PROT_EXEC entirely rather than making its behaviour depend on the sysctl, which could become confusing (and complicates the test)? IMO either the test should be skipped for !allow_wx or it should always just make a RW mapping; this choice is rather odd. Jess