git: a94eacb13977 - stable/14 - tests: Add ktrace regression test for shm_open
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 12 May 2024 00:08:37 UTC
The branch stable/14 has been updated by jfree: URL: https://cgit.FreeBSD.org/src/commit/?id=a94eacb139772114a68030ca8987d6bd8e67a4ab commit a94eacb139772114a68030ca8987d6bd8e67a4ab Author: Jake Freeland <jfree@FreeBSD.org> AuthorDate: 2024-04-10 02:18:11 +0000 Commit: Jake Freeland <jfree@FreeBSD.org> CommitDate: 2024-05-11 23:57:44 +0000 tests: Add ktrace regression test for shm_open Verify that a capability violation is recorded when shm_open(2) is called with a non-anonymous path. Approved by: markj (mentor) Reviewed by: markj MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D44733 (cherry picked from commit 054a4720591f0c98579bccef2751fd458ee4f71f) --- tests/sys/kern/ktrace_test.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/tests/sys/kern/ktrace_test.c b/tests/sys/kern/ktrace_test.c index 49e2ed05fed9..21868441c687 100644 --- a/tests/sys/kern/ktrace_test.c +++ b/tests/sys/kern/ktrace_test.c @@ -31,6 +31,7 @@ #include <sys/capsicum.h> #include <sys/cpuset.h> #include <sys/ktrace.h> +#include <sys/mman.h> #include <sys/socket.h> #include <sys/sysent.h> #include <sys/time.h> @@ -474,6 +475,38 @@ ATF_TC_BODY(ktrace__cap_cpuset, tc) "cpuset_setaffinity"); } +ATF_TC_WITHOUT_HEAD(ktrace__cap_shm_open); +ATF_TC_BODY(ktrace__cap_shm_open, tc) +{ + struct ktr_cap_fail violation; + sigset_t set = { }; + pid_t pid; + int error; + + /* Block SIGUSR1 so child does not terminate. */ + ATF_REQUIRE(sigaddset(&set, SIGUSR1) != -1); + ATF_REQUIRE(sigprocmask(SIG_BLOCK, &set, NULL) != -1); + + ATF_REQUIRE((pid = fork()) != -1); + if (pid == 0) { + /* Wait until ktrace has started. */ + CHILD_REQUIRE(sigwait(&set, &error) != -1); + CHILD_REQUIRE_EQ(error, SIGUSR1); + + CHILD_REQUIRE(shm_open("/ktrace_shm", O_RDWR | O_CREAT, + 0600) != -1); + CHILD_REQUIRE(shm_unlink("/ktrace_shm") != -1); + exit(0); + } + + cap_trace_child(pid, &violation, 1); + ATF_REQUIRE_EQ(violation.cap_type, CAPFAIL_NAMEI); + error = syscallabi(violation.cap_svflags); + ATF_REQUIRE_STREQ(sysdecode_syscallname(error, violation.cap_code), + "shm_open2"); + ATF_REQUIRE_STREQ(violation.cap_data.cap_path, "/ktrace_shm"); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, ktrace__cap_not_capable); @@ -484,5 +517,6 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, ktrace__cap_sockaddr); ATF_TP_ADD_TC(tp, ktrace__cap_namei); ATF_TP_ADD_TC(tp, ktrace__cap_cpuset); + ATF_TP_ADD_TC(tp, ktrace__cap_shm_open); return (atf_no_error()); }