socsvn commit: r268696 - in soc2014/op/tests/smap-tester: kmod smap-test

op at FreeBSD.org op at FreeBSD.org
Tue May 27 10:06:33 UTC 2014 

Author: op
Date: Tue May 27 10:06:32 2014
New Revision: 268696
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=268696

Log:
  added read and write test cases, with and without SMAP
  
  Signed-off-by: Oliver Pinter <oliver.pntr at gmail.com>
  
  

Modified:
  soc2014/op/tests/smap-tester/kmod/smap-tester-vuln-kld.c
  soc2014/op/tests/smap-tester/smap-test/smap-test.c

Modified: soc2014/op/tests/smap-tester/kmod/smap-tester-vuln-kld.c
==============================================================================
--- soc2014/op/tests/smap-tester/kmod/smap-tester-vuln-kld.c	Tue May 27 09:42:07 2014	(r268695)
+++ soc2014/op/tests/smap-tester/kmod/smap-tester-vuln-kld.c	Tue May 27 10:06:32 2014	(r268696)
@@ -11,6 +11,7 @@
 #include <sys/malloc.h>
 #include <vm/vm.h>
 
+#define TEST_STRING	"Write from kernel to user-space. De ha mar sikerul, akkor: http://www.youtube.com/watch?v=wT8NO5FDS7E"
 
 const char *agreement = "shoot my foot!!!11oneone!!";
 static bool allow_tests = false;
@@ -79,6 +80,9 @@
 	int error=0;
 	long val;
 
+	printf("{#} TEST: not allowed read address from kernel to user-space\n");
+	uprintf("\n{#} TEST: not allowed read address from kernel to user-space\n");
+
 	if(!allow_tests) {
 		printf("{-} tests are disabled\n");
 		uprintf("\n{-} tests are disabled\n");
@@ -94,8 +98,8 @@
 	case	0:
 		break;
 	case	1:
-		printf("{#}derefable user-space memory region from kernel\n");
-		uprintf("\n{#}derefable user-space memory region from kernel\n");
+		printf("{#} derefable user-space memory region from kernel\n");
+		uprintf("\n{#} derefable user-space memory region from kernel\n");
 
 		uprintf("{-} %p\n", us_addr);
 		val = 0;
@@ -108,12 +112,194 @@
 
 	return (error);
 }
-
 SYSCTL_PROC(_debug_smap, OID_AUTO, test0,
     CTLTYPE_LONG | CTLFLAG_RW | CTLFLAG_ANYBODY,
     0, 0, sysctl_debug_smap_test0,
     "L", "print out the userspace buffer address");
 
+static int
+sysctl_debug_smap_not_allowed_read(SYSCTL_HANDLER_ARGS)
+{
+	int error=0;
+	long val;
+
+	printf("{#} TEST: not allowed read from kernel to user-space\n");
+	uprintf("\n{#} TEST: not allowed read from kernel to user-space\n");
+
+	if(!allow_tests) {
+		printf("{-} tests are disabled\n");
+		uprintf("\n{-} tests are disabled\n");
+		return (ENOSYS);
+	}
+
+	error = sysctl_handle_long(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL) {
+		return (error);
+	}
+
+	switch (val) {
+	case	0:
+		break;
+	case	1:
+		printf("{#} read user-space memory region from kernel\n");
+		uprintf("\n{#} read user-space memory region from kernel\n");
+
+		uprintf("{+} us_buf: %s\n", us_addr);
+
+		val = 0;
+		break;
+	default:
+		val = 0;
+		return (EINVAL);
+		break;
+	}
+
+	return (error);
+}
+SYSCTL_PROC(_debug_smap, OID_AUTO, test_not_allowed_read,
+    CTLTYPE_LONG | CTLFLAG_RW | CTLFLAG_ANYBODY,
+    0, 0, sysctl_debug_smap_not_allowed_read,
+    "L", "read from userspace buffer");
+
+static int
+sysctl_debug_smap_not_allowed_write(SYSCTL_HANDLER_ARGS)
+{
+	int error=0;
+	long val;
+
+	printf("{#} TEST: not allowed write from kernel to user-space\n");
+	uprintf("\n{#} TEST: not allowed write from kernel to user-space\n");
+
+	if(!allow_tests) {
+		printf("{-} tests are disabled\n");
+		uprintf("\n{-} tests are disabled\n");
+		return (ENOSYS);
+	}
+
+	error = sysctl_handle_long(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL) {
+		return (error);
+	}
+
+	switch (val) {
+	case	0:
+		break;
+	case	1:
+		printf("{#} write user-space memory region from kernel\n");
+		uprintf("\n{#} write user-space memory region from kernel\n");
+
+		uprintf("{#} write \"%s\" from kernel to user-space buffer\n", TEST_STRING);
+		strcpy(us_addr, TEST_STRING);
+
+		val = 0;
+		break;
+	default:
+		val = 0;
+		return (EINVAL);
+		break;
+	}
+
+	return (error);
+}
+SYSCTL_PROC(_debug_smap, OID_AUTO, test_not_allowed_write,
+    CTLTYPE_LONG | CTLFLAG_RW | CTLFLAG_ANYBODY,
+    0, 0, sysctl_debug_smap_not_allowed_write,
+    "L", "write to userspace buffer");
+
+static int
+sysctl_debug_smap_allowed_read(SYSCTL_HANDLER_ARGS)
+{
+	int error=0;
+	long val;
+
+	printf("{#} TEST: allowed read from kernel to user-space\n");
+	uprintf("\n{#} TEST: allowed read from kernel to user-space\n");
+
+	if(!allow_tests) {
+		printf("{-} tests are disabled\n");
+		uprintf("\n{-} tests are disabled\n");
+		return (ENOSYS);
+	}
+
+	error = sysctl_handle_long(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL) {
+		return (error);
+	}
+
+	switch (val) {
+	case	0:
+		break;
+	case	2:
+		printf("{#} read user-space memory region from kernel\n");
+		uprintf("\n{#} read user-space memory region from kernel\n");
+
+		stac();
+		uprintf("{+} us_buf: %s\n", us_addr);
+		clac();
+
+		val = 0;
+		break;
+	default:
+		val = 0;
+		return (EINVAL);
+		break;
+	}
+
+	return (error);
+}
+SYSCTL_PROC(_debug_smap, OID_AUTO, test_allowed_read,
+    CTLTYPE_LONG | CTLFLAG_RW | CTLFLAG_ANYBODY,
+    0, 0, sysctl_debug_smap_allowed_read,
+    "L", "allowed read from userspace buffer");
+
+static int
+sysctl_debug_smap_allowed_write(SYSCTL_HANDLER_ARGS)
+{
+	int error=0;
+	long val;
+
+	printf("{#} TEST: allowed write from kernel to user-space\n");
+	uprintf("\n{#} TEST: allowed write from kernel to user-space\n");
+
+	if(!allow_tests) {
+		printf("{-} tests are disabled\n");
+		uprintf("\n{-} tests are disabled\n");
+		return (ENOSYS);
+	}
+
+	error = sysctl_handle_long(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL) {
+		return (error);
+	}
+
+	switch (val) {
+	case	0:
+		break;
+	case	2:
+		printf("{#} write user-space memory region from kernel\n");
+		uprintf("\n{#} write user-space memory region from kernel\n");
+
+		uprintf("{#} write \"%s\" from kernel to user-space buffer\n", TEST_STRING);
+		stac();
+		strcpy(us_addr, TEST_STRING);
+		clac();
+
+		val = 0;
+		break;
+	default:
+		val = 0;
+		return (EINVAL);
+		break;
+	}
+
+	return (error);
+}
+SYSCTL_PROC(_debug_smap, OID_AUTO, test_allowed_write,
+    CTLTYPE_LONG | CTLFLAG_RW | CTLFLAG_ANYBODY,
+    0, 0, sysctl_debug_smap_allowed_write,
+    "L", "allowed write to userspace buffer");
+
+
 
 static int
 smap_tester_vuln_kld_loader(struct module *m __unused, int what, void *arg __unused)

Modified: soc2014/op/tests/smap-tester/smap-test/smap-test.c
==============================================================================
--- soc2014/op/tests/smap-tester/smap-test/smap-test.c	Tue May 27 09:42:07 2014	(r268695)
+++ soc2014/op/tests/smap-tester/smap-test/smap-test.c	Tue May 27 10:06:32 2014	(r268696)
@@ -4,9 +4,15 @@
 #include <sys/types.h>
 #include <sys/sysctl.h>
 
+#define TEST_STR	"Ezt itt jo lenne nem kiolvasni..."
+
 void test_prepare(void);
 void test_allow(void);
 void test_0(void);
+void test_allowed_read(void);
+void test_allowed_write(void);
+void test_not_allowed_read(void);
+void test_not_allowed_write(void);
 
 void test_destroy(void);
 
@@ -19,6 +25,16 @@
 	test_allow();
 
 	test_0();
+#if 0
+	test_allowed_read();
+	test_allowed_write();
+	test_destroy();
+
+	test_prepare();
+	test_0();
+#endif
+	test_not_allowed_read();
+	test_not_allowed_write();
 
 	test_destroy();
 
@@ -34,7 +50,7 @@
 	int error=0;
 
 	/* prepare the user-space memory region */
-	us_buf = strdup("Ez itt jo lenne nem kiolvasni!\n");
+	us_buf = strdup(TEST_STR);
 	if (us_buf == NULL) {
 		printf("[-] failed to prepare SMAP test\n");
 		exit(1);
@@ -105,10 +121,87 @@
 	long val=1;
 	int error;
 
+	printf("\n[#] %s\n", __func__);
+
 	sysctlbyname("debug.smap.test0", NULL, 0, &val, sizeof(val));
 	if (error != 0) {
 		printf("[-] sysctl error - unable to set test0\n");
 		exit(5);
 	}
-	printf("[+] debug.smap.test0 done\n");
+	printf("[+] debug.smap.test0 done\n\n");
+}
+
+
+void
+test_not_allowed_read(void)
+{
+	long val=1;
+	int error;
+
+	printf("\n[#] %s\n", __func__);
+
+	printf("[+] us_buf: %s\n", us_buf);
+
+	sysctlbyname("debug.smap.test_not_allowed_read", NULL, 0, &val, sizeof(val));
+	if (error != 0) {
+		printf("[-] sysctl error - unable to set test_not_allowed_read\n");
+		exit(6);
+	}
+	printf("[+] debug.smap.test_not_allowed_read done\n\n");
+}
+
+void
+test_not_allowed_write(void)
+{
+	long val=1;
+	int error;
+
+	printf("\n[#] %s\n", __func__);
+
+	printf("[+] us_buf: %s\n", us_buf);
+
+	sysctlbyname("debug.smap.test_not_allowed_write", NULL, 0, &val, sizeof(val));
+	if (error != 0) {
+		printf("[-] sysctl error - unable to set test_not_allowed_write\n");
+		exit(6);
+	}
+	printf("[+] us_buf: %s\n", us_buf);
+	printf("[+] debug.smap.test_not_allowed_write done\n\n");
+}
+
+void
+test_allowed_read(void)
+{
+	long val=2;
+	int error;
+
+	printf("\n[#] %s\n", __func__);
+
+	printf("[+] us_buf: %s\n", us_buf);
+
+	sysctlbyname("debug.smap.test_allowed_read", NULL, 0, &val, sizeof(val));
+	if (error != 0) {
+		printf("[-] sysctl error - unable to set test_allowed_read\n");
+		exit(6);
+	}
+	printf("[+] debug.smap.test_allowed_read done\n\n");
+}
+
+void
+test_allowed_write(void)
+{
+	long val=2;
+	int error;
+
+	printf("\n[#] %s\n", __func__);
+
+	printf("[+] us_buf: %s\n", us_buf);
+
+	sysctlbyname("debug.smap.test_allowed_write", NULL, 0, &val, sizeof(val));
+	if (error != 0) {
+		printf("[-] sysctl error - unable to set test_allowed_write\n");
+		exit(6);
+	}
+	printf("[+] us_buf: %s\n", us_buf);
+	printf("[+] debug.smap.test_allowed_write done\n\n");
 }

More information about the svn-soc-all mailing list