From patchwork Mon Feb 26 19:09:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Edgecombe, Rick P" X-Patchwork-Id: 206875 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2281755dyb; Mon, 26 Feb 2024 11:14:40 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXvIihsrhFL45QMNb6SYKdT24afclX8Qem5l4RlcPs1I//YXQbyMyoaPxjZ9p/a8wwfN1i4ZViOvrEk5GL3/pRLqI84wQ== X-Google-Smtp-Source: AGHT+IGkzbmYAHo/JLZuG4z5iQj+V6MWJQItWQd2GjBB2hIcHZ3w+N8hXg0Ki5njQLTA1TXlInpA X-Received: by 2002:a05:6808:20a5:b0:3c1:784b:d67e with SMTP id s37-20020a05680820a500b003c1784bd67emr92962oiw.10.1708974879881; Mon, 26 Feb 2024 11:14:39 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708974879; cv=pass; d=google.com; s=arc-20160816; b=m9T3g91YjRswcig2g0YXgScRlkP6W8NxjUSpP78G40PmZDD1Kto1vo3aR5TlK8PFzU loxumDh/TTOiFe1HwQ6fnZr6I7Qb+19yiBnjicRSHA5Tdkgg2uwPcco5FxJRXq7ZBizW x1dOFBKRdVFKgbra3xL97yL4CCQF3m1sIduFs/0oByR37R2LFUEhQnB7GmYKQxXql5xd RetRjcBtfTrx/Dts2Pw4pWq1bDq/O9mqVQFifpf1TcKxOZNYV6rtX+lVduus9+KXHu/Y oJ4Vc4JRnUy/Siwnej0c+LhVsoqWLPfhDuq6fFdwgha5IdGXGEAh6KM7jA0SGW9J2bRG ogrQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=NFCSdAhrunIzMrgwpPIPHm0AfcuiyWMeHA0mu0m/29Q=; fh=2Dp8by8JJdNpTt06R8k7jaI1v/L8CiIOfGced6Kg60c=; b=d+Ui+PS9Wl/2fgNbzwKf6/Lpe9aH99Czp5Gw4rPHW+WfHoNRIL82etoYHDjWBufpHx Nh4zHjmyBEIQ86XUC5BiMrZkmeXS3tG5IDTzsMCRj/Np+iLqF66VuAJubhSzJMatzp6a JwywcXHDV8IdF36vTCDZ4dbMOb/AkTnJghhKDovUVSlU3KG2VmdHaQ7xqRLDIzDo49Uq 23BwNl4IjJEstSFaU4ydoolN4n9QVAYcA5dIWc7IwJfpXqpMNK8paqiPo1Tm3LiBZwiY wCwbu9j9EwFENEHHxmgxKfYavKagIgk3d9686YER1oq5kLKlxdO3ZEC5itffIVhhvVF6 7RPQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=jOT4lAGg; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-82212-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82212-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id wm8-20020a05620a580800b00787adf4ceccsi5690125qkn.574.2024.02.26.11.14.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 11:14:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-82212-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=jOT4lAGg; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-82212-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-82212-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id A66CF1C28A6C for ; Mon, 26 Feb 2024 19:14:39 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 658F513398D; Mon, 26 Feb 2024 19:10:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="jOT4lAGg" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7E05F132496 for ; Mon, 26 Feb 2024 19:10:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708974607; cv=none; b=Bv9GsQsXNQOJWG6Y7mtcxJ4Q6juubHsE4xaX/TWiLDWIgUWG9jcGdAv/oyYgyfsu457LF74ENZJxbBZZvTpSyHsLC9UNLlP4qR3hmAC3btcM0RS29sdBZJYvfDSvOOi1++4Aq2Bax8KkTrMSrEd5hNOqpKHxGLw4TBX/Mqg81xE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708974607; c=relaxed/simple; bh=9Kz1B1g9YBWVQVBA7u5n8sBfRhBddgPHEWEy/INdrdY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Dikgc8YGooM1yMflyIaCpxnHE22e4TczU+1MHhu0GWoGr6afsQOj730HXxP37nYg3T9o65q2YasiNmU7qORD0fBtatmk2bSD1GrtRXDHoaHVjXFiFM1PKoI8Npv9TKVUXcfnXJpn6iaVJljgRI5GuEI4USpM5YxXti8A3+tvQbc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=jOT4lAGg; arc=none smtp.client-ip=198.175.65.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1708974606; x=1740510606; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=9Kz1B1g9YBWVQVBA7u5n8sBfRhBddgPHEWEy/INdrdY=; b=jOT4lAGgGPJSBIobtFG6DfkeDJDgCH9S1EcXTIpJpCTFNDri0NJf14+l oPC5sVR5E5RLLYfdmLBOiYsmoyATTvnh96egcmJn1rs4CtG+HqLkL9LoI Ew0vQAn5R+LW7AZiyn3e+uS9d4p7Bodw01OY/SLZuZpC8ri/rTx2b/UQw CFhhdD6iMng2Q3j8kVxc3owxbgRLoZAv0834YLBEKOyz6Jbb74JZd5e4X uZRyrmcC/iC5QP/JwpQwR6pArw9vHT0u5acncF0VipYu1mBU4qGSLnMmr YNfkH2UkDydNgcScAwHoZLJRs2P5DKVzMu115buy2CjIZWaBV75v5NJJ7 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10996"; a="14721432" X-IronPort-AV: E=Sophos;i="6.06,186,1705392000"; d="scan'208";a="14721432" Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Feb 2024 11:10:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,186,1705392000"; d="scan'208";a="6911475" Received: from bdmirand-mobl.amr.corp.intel.com (HELO rpedgeco-desk4.intel.com) ([10.251.3.213]) by fmviesa008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Feb 2024 11:10:04 -0800 From: Rick Edgecombe To: Liam.Howlett@oracle.com, akpm@linux-foundation.org, debug@rivosinc.com, broonie@kernel.org, kirill.shutemov@linux.intel.com, keescook@chromium.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, luto@kernel.org, peterz@infradead.org, hpa@zytor.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Cc: rick.p.edgecombe@intel.com Subject: [PATCH v2 9/9] selftests/x86: Add placement guard gap test for shstk Date: Mon, 26 Feb 2024 11:09:51 -0800 Message-Id: <20240226190951.3240433-10-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240226190951.3240433-1-rick.p.edgecombe@intel.com> References: <20240226190951.3240433-1-rick.p.edgecombe@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791990043869824815 X-GMAIL-MSGID: 1791990043869824815 The existing shadow stack test for guard gaps just checks that new mappings are not placed in an existing mapping's guard gap. Add one that checks that new mappings are not placed such that preexisting mappings are in the new mappings guard gap. Signed-off-by: Rick Edgecombe --- .../testing/selftests/x86/test_shadow_stack.c | 67 +++++++++++++++++-- 1 file changed, 63 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/x86/test_shadow_stack.c b/tools/testing/selftests/x86/test_shadow_stack.c index 757e6527f67e..ee909a7927f9 100644 --- a/tools/testing/selftests/x86/test_shadow_stack.c +++ b/tools/testing/selftests/x86/test_shadow_stack.c @@ -556,7 +556,7 @@ struct node { * looked at the shadow stack gaps. * 5. See if it landed in the gap. */ -int test_guard_gap(void) +int test_guard_gap_other_gaps(void) { void *free_area, *shstk, *test_map = (void *)0xFFFFFFFFFFFFFFFF; struct node *head = NULL, *cur; @@ -593,11 +593,64 @@ int test_guard_gap(void) if (shstk - test_map - PAGE_SIZE != PAGE_SIZE) return 1; - printf("[OK]\tGuard gap test\n"); + printf("[OK]\tGuard gap test, other mapping's gaps\n"); return 0; } +/* Tests respecting the guard gap of the mapping getting placed */ +int test_guard_gap_new_mappings_gaps(void) +{ + void *free_area, *shstk_start, *test_map = (void *)0xFFFFFFFFFFFFFFFF; + struct node *head = NULL, *cur; + int ret = 0; + + free_area = mmap(0, PAGE_SIZE * 4, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + munmap(free_area, PAGE_SIZE * 4); + + /* Test letting map_shadow_stack find a free space */ + shstk_start = mmap(free_area, PAGE_SIZE, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + if (shstk_start == MAP_FAILED || shstk_start != free_area) + return 1; + + while (test_map > shstk_start) { + test_map = (void *)syscall(__NR_map_shadow_stack, 0, PAGE_SIZE, 0); + if (test_map == MAP_FAILED) { + printf("[INFO]\tmap_shadow_stack MAP_FAILED\n"); + ret = 1; + break; + } + + cur = malloc(sizeof(*cur)); + cur->mapping = test_map; + + cur->next = head; + head = cur; + + if (test_map == free_area + PAGE_SIZE) { + printf("[INFO]\tNew mapping has other mapping in guard gap!\n"); + ret = 1; + break; + } + } + + while (head) { + cur = head; + head = cur->next; + munmap(cur->mapping, PAGE_SIZE); + free(cur); + } + + munmap(shstk_start, PAGE_SIZE); + + if (!ret) + printf("[OK]\tGuard gap test, placement mapping's gaps\n"); + + return ret; +} + /* * Too complicated to pull it out of the 32 bit header, but also get the * 64 bit one needed above. Just define a copy here. @@ -850,9 +903,15 @@ int main(int argc, char *argv[]) goto out; } - if (test_guard_gap()) { + if (test_guard_gap_other_gaps()) { ret = 1; - printf("[FAIL]\tGuard gap test\n"); + printf("[FAIL]\tGuard gap test, other mappings' gaps\n"); + goto out; + } + + if (test_guard_gap_new_mappings_gaps()) { + ret = 1; + printf("[FAIL]\tGuard gap test, placement mapping's gaps\n"); goto out; }