diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2023-01-20 11:25:12 +0100 |
---|---|---|
committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2023-01-27 11:08:23 +0100 |
commit | 2372745ea25a5139a5f0d071f0b9fc7fc51822e7 (patch) | |
tree | 6a0787b2c8c1f588e0e814f6ec85e222cac943aa | |
parent | 966eb1ba050db12b4f9a01c3ebadaa1b24701e8b (diff) | |
download | linux-prctl.pr_hide_self_exe.tar.gz |
selftests: add tests for prctl(SET_HIDE_SELF_EXE)prctl.pr_hide_self_exe
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Reviewed-by: Brian Masney <bmasney@redhat.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
-rw-r--r-- | tools/testing/selftests/prctl/Makefile | 2 | ||||
-rw-r--r-- | tools/testing/selftests/prctl/hide-self-exe.c | 114 |
2 files changed, 115 insertions, 1 deletions
diff --git a/tools/testing/selftests/prctl/Makefile b/tools/testing/selftests/prctl/Makefile index c7923b205222dd..024e107b26ec70 100644 --- a/tools/testing/selftests/prctl/Makefile +++ b/tools/testing/selftests/prctl/Makefile @@ -5,7 +5,7 @@ ARCH ?= $(shell echo $(uname_M) | sed -e s/i.86/x86/ -e s/x86_64/x86/) ifeq ($(ARCH),x86) TEST_PROGS := disable-tsc-ctxt-sw-stress-test disable-tsc-on-off-stress-test \ - disable-tsc-test + disable-tsc-test hide-self-exe all: $(TEST_PROGS) include ../lib.mk diff --git a/tools/testing/selftests/prctl/hide-self-exe.c b/tools/testing/selftests/prctl/hide-self-exe.c new file mode 100644 index 00000000000000..4727c77bd867ec --- /dev/null +++ b/tools/testing/selftests/prctl/hide-self-exe.c @@ -0,0 +1,114 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Tests for prctl(PR_GET_HIDE_SELF_EXE, ...) / prctl(PR_SET_HIDE_SELF_EXE, ...) + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <signal.h> +#include <inttypes.h> +#include <errno.h> +#include <fcntl.h> +#include <sys/wait.h> + +#include <sys/prctl.h> +#include <linux/prctl.h> + +#ifndef PR_SET_HIDE_SELF_EXE +# define PR_SET_HIDE_SELF_EXE 65 +# define PR_GET_HIDE_SELF_EXE 66 +#endif + +int main(void) +{ + int status; + pid_t pid; + int ret; + + ret = open("/proc/self/exe", O_RDONLY); + if (ret < 0) { + perror("open /proc/self/exe"); + exit(EXIT_FAILURE); + } + close(ret); + + ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0); + if (ret != 0) { + perror("prctl(PR_GET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0); + if (ret != 0) { + perror("prctl(PR_SET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + /* check it doesn't fail a second time. */ + ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0); + if (ret != 0) { + perror("prctl(PR_SET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0); + if (ret != 1) { + perror("prctl(PR_GET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + ret = open("/proc/self/exe", O_RDONLY); + if (ret >= 0 || errno != EPERM) { + perror("open /proc/self/exe succeeded"); + exit(EXIT_FAILURE); + } + + pid = fork(); + if (pid < 0) { + perror("fork"); + exit(EXIT_FAILURE); + } + if (pid == 0) { + /* It cannot be unset after a fork(). */ + ret = prctl(PR_SET_HIDE_SELF_EXE, 0, 0, 0, 0); + if (ret == 0) { + perror("prctl(PR_SET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + /* The getter still return the correct value. */ + ret = prctl(PR_GET_HIDE_SELF_EXE, 0, 0, 0, 0); + if (ret != 1) { + perror("prctl(PR_GET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + /* It must be unreachable after fork(). */ + ret = open("/proc/self/exe", O_RDONLY); + if (ret >= 0 || errno != EPERM) + exit(EXIT_FAILURE); + close(ret); + + /* It can be set again. */ + ret = prctl(PR_SET_HIDE_SELF_EXE, 1, 0, 0, 0); + if (ret != 0) { + perror("prctl(PR_SET_HIDE_SELF_EXE)"); + exit(EXIT_FAILURE); + } + + /* HIDE_SELF_EXE is cleared after execve. */ + ret = system("cat /proc/self/exe > /dev/null"); + exit(ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE); + } + if (waitpid(pid, &status, 0) != pid) { + perror("waitpid"); + exit(EXIT_FAILURE); + } + if (status != 0) { + perror("child failed"); + exit(EXIT_FAILURE); + } + exit(EXIT_SUCCESS); +} |