From nobody Tue Nov 26 19:41:04 2024 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C6C0A218336 for ; Wed, 16 Oct 2024 20:28:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729110512; cv=none; b=HDt/u/HRymTFaqqEivlp8LMpLJX0Kti+t9XuXeFnUVQvPMtqCdBEDDkuBm+ninPd1k3UwxgCZBhVESSUxX7Vj1X+Ro4RbTAeac6jcM1B7+Tdnz+oWwvmtJ8gEzgdhe4mwppVoGJfNme8hDpSxChOz20i7whkstToKa5Uhwuw7kU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729110512; c=relaxed/simple; bh=PxC5tkDZylcs6ZZ0cfqQyJOQ0Ag3geVK5qboHm2WPZs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fdEWfgjYRB0G5wfHYN3XSgg/L5s6UiptAR+KtmZ9neD64ht9xCaGOzFEaH4aGrmJ4uGEj8oWr1f4B5x2vesgGCyZ5/OLf6F5jdRWMCERAmbAGN+KlVL3DgRXH3/hMs0PlaFklWXVvb0fwesh3mcSddgebgNSQAkMk8D82oPmyJk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=sifive.com; spf=pass smtp.mailfrom=sifive.com; dkim=pass (2048-bit key) header.d=sifive.com header.i=@sifive.com header.b=aWmlBbcl; arc=none smtp.client-ip=209.85.214.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=sifive.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=sifive.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=sifive.com header.i=@sifive.com header.b="aWmlBbcl" Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-20cb89a4e4cso1651415ad.3 for ; Wed, 16 Oct 2024 13:28:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; t=1729110510; x=1729715310; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rv10ipSUZUspRTnhL9JfvW8gxx9UoZi8WAdsMyxYUqw=; b=aWmlBbcl3l+lLhxivfec6iEuU4lnJIA/KZjDs78MD4SrtzuLJ38CRy3GybDp3vDfIp iYdd7zZv/zNqGr53UH9PuPBmATaX/q5THcCohvGNGyNQa8NDclNxegmW8kEUFoeAd2P4 BkUoi+8hCSiHIX0DaIbnxXlWB+y5hJgADuQ3rAjmLyyxvuny8AQSjgLdnV2Cc36ybEq2 5S6mm5opsoB0Hh0BcqZSyjXGT7HKexPTCtdq26Yez8AbqutMxRZgfDjfYtg/6EXpKDOt +EAdLY6SYzvTixvPNrYBANLgEsz36boewbHscdkOYGRxdGu1WMAtBZMXGzlrCOG8vnxr 2HYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729110510; x=1729715310; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rv10ipSUZUspRTnhL9JfvW8gxx9UoZi8WAdsMyxYUqw=; b=AccSejyowE06bv1NHv7899A56mSg3FcrQSJ3BJaBumTqb8Rsf4pJPpXDFUVr7IJlB0 R1C86oYrP2Yp/2u0PfCv2cstKkqs02sEx+rCaNm57FwkeUo7pVNViOnTrSIpJjzFpp/Q aml5UAB+7e3/8/O3z8eg+s1y8XSJn9pSjSz5lgQ/74Ac8oAGs6yvH6lHhfZ3ufFbyS3r u3qToWkoiuS14d0vVb/Y0t9cNLO94QR/mPrUzmkzFfxblEA2rwNorjGkH9vqwn+IOjI+ OkXVsPVRPmMdF0AkuCH7Z7xM73D+RYf1hit3kpLXe7wIhLZueqeph2LpK8/oeKL1bdDy dbkA== X-Forwarded-Encrypted: i=1; AJvYcCWIrNHoJ6JhMs99Qrbor7aKsmPrhcs4W65quU+1GFLjY0aBqI3BawY3uZzMyNV5ODliwZ1Q99GgRbULOec=@vger.kernel.org X-Gm-Message-State: AOJu0YxM0PSz82YMudmFyGf7l66VSllPY2lc9BsoC8elgRofUGZxNbC5 DNlX/0y/u0+Wq6EW1aXpjjmWfJFRBaJBXdhfTkJzTULILsyc5m5oWZiZgQjmVk7c4gpk2ZlG+2L y X-Google-Smtp-Source: AGHT+IGaiYFJi4BfGAG9jrWM284vA5S4OqwgtBN43JGCqc62clhyQgvBW9PSUIVXg22ufDQI5d1qjQ== X-Received: by 2002:a17:90b:4c8c:b0:2e2:ad29:11a4 with SMTP id 98e67ed59e1d1-2e3ab8bc829mr5746417a91.25.1729110509973; Wed, 16 Oct 2024 13:28:29 -0700 (PDT) Received: from sw06.internal.sifive.com ([4.53.31.132]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2e3e08f8f89sm228613a91.38.2024.10.16.13.28.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Oct 2024 13:28:29 -0700 (PDT) From: Samuel Holland To: Palmer Dabbelt , linux-riscv@lists.infradead.org Cc: Catalin Marinas , Atish Patra , linux-kselftest@vger.kernel.org, Rob Herring , "Kirill A . Shutemov" , Shuah Khan , devicetree@vger.kernel.org, Anup Patel , linux-kernel@vger.kernel.org, Jonathan Corbet , kvm-riscv@lists.infradead.org, Conor Dooley , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, Evgenii Stepanov , Charlie Jenkins , Krzysztof Kozlowski , Samuel Holland Subject: [PATCH v5 07/10] riscv: selftests: Add a pointer masking test Date: Wed, 16 Oct 2024 13:27:48 -0700 Message-ID: <20241016202814.4061541-8-samuel.holland@sifive.com> X-Mailer: git-send-email 2.45.1 In-Reply-To: <20241016202814.4061541-1-samuel.holland@sifive.com> References: <20241016202814.4061541-1-samuel.holland@sifive.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This test covers the behavior of the PR_SET_TAGGED_ADDR_CTRL and PR_GET_TAGGED_ADDR_CTRL prctl() operations, their effects on the userspace ABI, and their effects on the system call ABI. Reviewed-by: Charlie Jenkins Tested-by: Charlie Jenkins Signed-off-by: Samuel Holland --- Changes in v5: - Rename "pm" selftests directory to "abi" to be more generic - Fix -Wparentheses warnings - Fix order of operations when writing via the tagged pointer Changes in v2: - Rename "tags" directory to "pm" to avoid .gitignore rules - Add .gitignore file to ignore the compiled selftest binary - Write to a pipe to force dereferencing the user pointer - Handle SIGSEGV in the child process to reduce dmesg noise tools/testing/selftests/riscv/Makefile | 2 +- tools/testing/selftests/riscv/abi/.gitignore | 1 + tools/testing/selftests/riscv/abi/Makefile | 10 + .../selftests/riscv/abi/pointer_masking.c | 332 ++++++++++++++++++ 4 files changed, 344 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/riscv/abi/.gitignore create mode 100644 tools/testing/selftests/riscv/abi/Makefile create mode 100644 tools/testing/selftests/riscv/abi/pointer_masking.c diff --git a/tools/testing/selftests/riscv/Makefile b/tools/testing/selftes= ts/riscv/Makefile index 7ce03d832b64..099b8c1f46f8 100644 --- a/tools/testing/selftests/riscv/Makefile +++ b/tools/testing/selftests/riscv/Makefile @@ -5,7 +5,7 @@ ARCH ?=3D $(shell uname -m 2>/dev/null || echo not) =20 ifneq (,$(filter $(ARCH),riscv)) -RISCV_SUBTARGETS ?=3D hwprobe vector mm sigreturn +RISCV_SUBTARGETS ?=3D abi hwprobe mm sigreturn vector else RISCV_SUBTARGETS :=3D endif diff --git a/tools/testing/selftests/riscv/abi/.gitignore b/tools/testing/s= elftests/riscv/abi/.gitignore new file mode 100644 index 000000000000..b38358f91c4d --- /dev/null +++ b/tools/testing/selftests/riscv/abi/.gitignore @@ -0,0 +1 @@ +pointer_masking diff --git a/tools/testing/selftests/riscv/abi/Makefile b/tools/testing/sel= ftests/riscv/abi/Makefile new file mode 100644 index 000000000000..ed82ff9c664e --- /dev/null +++ b/tools/testing/selftests/riscv/abi/Makefile @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: GPL-2.0 + +CFLAGS +=3D -I$(top_srcdir)/tools/include + +TEST_GEN_PROGS :=3D pointer_masking + +include ../../lib.mk + +$(OUTPUT)/pointer_masking: pointer_masking.c + $(CC) -static -o$@ $(CFLAGS) $(LDFLAGS) $^ diff --git a/tools/testing/selftests/riscv/abi/pointer_masking.c b/tools/te= sting/selftests/riscv/abi/pointer_masking.c new file mode 100644 index 000000000000..dee41b7ee3e3 --- /dev/null +++ b/tools/testing/selftests/riscv/abi/pointer_masking.c @@ -0,0 +1,332 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "../../kselftest.h" + +#ifndef PR_PMLEN_SHIFT +#define PR_PMLEN_SHIFT 24 +#endif +#ifndef PR_PMLEN_MASK +#define PR_PMLEN_MASK (0x7fUL << PR_PMLEN_SHIFT) +#endif + +static int dev_zero; + +static int pipefd[2]; + +static sigjmp_buf jmpbuf; + +static void sigsegv_handler(int sig) +{ + siglongjmp(jmpbuf, 1); +} + +static int min_pmlen; +static int max_pmlen; + +static inline bool valid_pmlen(int pmlen) +{ + return pmlen =3D=3D 0 || pmlen =3D=3D 7 || pmlen =3D=3D 16; +} + +static void test_pmlen(void) +{ + ksft_print_msg("Testing available PMLEN values\n"); + + for (int request =3D 0; request <=3D 16; request++) { + int pmlen, ret; + + ret =3D prctl(PR_SET_TAGGED_ADDR_CTRL, request << PR_PMLEN_SHIFT, 0, 0, = 0); + if (ret) + goto pr_set_error; + + ret =3D prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0); + ksft_test_result(ret >=3D 0, "PMLEN=3D%d PR_GET_TAGGED_ADDR_CTRL\n", req= uest); + if (ret < 0) + goto pr_get_error; + + pmlen =3D (ret & PR_PMLEN_MASK) >> PR_PMLEN_SHIFT; + ksft_test_result(pmlen >=3D request, "PMLEN=3D%d constraint\n", request); + ksft_test_result(valid_pmlen(pmlen), "PMLEN=3D%d validity\n", request); + + if (min_pmlen =3D=3D 0) + min_pmlen =3D pmlen; + if (max_pmlen < pmlen) + max_pmlen =3D pmlen; + + continue; + +pr_set_error: + ksft_test_result_skip("PMLEN=3D%d PR_GET_TAGGED_ADDR_CTRL\n", request); +pr_get_error: + ksft_test_result_skip("PMLEN=3D%d constraint\n", request); + ksft_test_result_skip("PMLEN=3D%d validity\n", request); + } + + if (max_pmlen =3D=3D 0) + ksft_exit_fail_msg("Failed to enable pointer masking\n"); +} + +static int set_tagged_addr_ctrl(int pmlen, bool tagged_addr_abi) +{ + int arg, ret; + + arg =3D pmlen << PR_PMLEN_SHIFT | tagged_addr_abi; + ret =3D prctl(PR_SET_TAGGED_ADDR_CTRL, arg, 0, 0, 0); + if (!ret) { + ret =3D prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0); + if (ret =3D=3D arg) + return 0; + } + + return ret < 0 ? -errno : -ENODATA; +} + +static void test_dereference_pmlen(int pmlen) +{ + static volatile int i; + volatile int *p; + int ret; + + ret =3D set_tagged_addr_ctrl(pmlen, false); + if (ret) + return ksft_test_result_error("PMLEN=3D%d setup (%d)\n", pmlen, ret); + + i =3D pmlen; + + if (pmlen) { + p =3D (volatile int *)((uintptr_t)&i | 1UL << (__riscv_xlen - pmlen)); + + /* These dereferences should succeed. */ + if (sigsetjmp(jmpbuf, 1)) + return ksft_test_result_fail("PMLEN=3D%d valid tag\n", pmlen); + if (*p !=3D pmlen) + return ksft_test_result_fail("PMLEN=3D%d bad value\n", pmlen); + ++*p; + } + + p =3D (volatile int *)((uintptr_t)&i | 1UL << (__riscv_xlen - pmlen - 1)); + + /* These dereferences should raise SIGSEGV. */ + if (sigsetjmp(jmpbuf, 1)) + return ksft_test_result_pass("PMLEN=3D%d dereference\n", pmlen); + ++*p; + ksft_test_result_fail("PMLEN=3D%d invalid tag\n", pmlen); +} + +static void test_dereference(void) +{ + ksft_print_msg("Testing userspace pointer dereference\n"); + + signal(SIGSEGV, sigsegv_handler); + + test_dereference_pmlen(0); + test_dereference_pmlen(min_pmlen); + test_dereference_pmlen(max_pmlen); + + signal(SIGSEGV, SIG_DFL); +} + +static void execve_child_sigsegv_handler(int sig) +{ + exit(42); +} + +static int execve_child(void) +{ + static volatile int i; + volatile int *p =3D (volatile int *)((uintptr_t)&i | 1UL << (__riscv_xlen= - 7)); + + signal(SIGSEGV, execve_child_sigsegv_handler); + + /* This dereference should raise SIGSEGV. */ + return *p; +} + +static void test_fork_exec(void) +{ + int ret, status; + + ksft_print_msg("Testing fork/exec behavior\n"); + + ret =3D set_tagged_addr_ctrl(min_pmlen, false); + if (ret) + return ksft_test_result_error("setup (%d)\n", ret); + + if (fork()) { + wait(&status); + ksft_test_result(WIFEXITED(status) && WEXITSTATUS(status) =3D=3D 42, + "dereference after fork\n"); + } else { + static volatile int i =3D 42; + volatile int *p; + + p =3D (volatile int *)((uintptr_t)&i | 1UL << (__riscv_xlen - min_pmlen)= ); + + /* This dereference should succeed. */ + exit(*p); + } + + if (fork()) { + wait(&status); + ksft_test_result(WIFEXITED(status) && WEXITSTATUS(status) =3D=3D 42, + "dereference after fork+exec\n"); + } else { + /* Will call execve_child(). */ + execve("/proc/self/exe", (char *const []) { "", NULL }, NULL); + } +} + +static void test_tagged_addr_abi_sysctl(void) +{ + char value; + int fd; + + ksft_print_msg("Testing tagged address ABI sysctl\n"); + + fd =3D open("/proc/sys/abi/tagged_addr_disabled", O_WRONLY); + if (fd < 0) { + ksft_test_result_skip("failed to open sysctl file\n"); + ksft_test_result_skip("failed to open sysctl file\n"); + return; + } + + value =3D '1'; + pwrite(fd, &value, 1, 0); + ksft_test_result(set_tagged_addr_ctrl(min_pmlen, true) =3D=3D -EINVAL, + "sysctl disabled\n"); + + value =3D '0'; + pwrite(fd, &value, 1, 0); + ksft_test_result(set_tagged_addr_ctrl(min_pmlen, true) =3D=3D 0, + "sysctl enabled\n"); + + set_tagged_addr_ctrl(0, false); + + close(fd); +} + +static void test_tagged_addr_abi_pmlen(int pmlen) +{ + int i, *p, ret; + + i =3D ~pmlen; + + if (pmlen) { + p =3D (int *)((uintptr_t)&i | 1UL << (__riscv_xlen - pmlen)); + + ret =3D set_tagged_addr_ctrl(pmlen, false); + if (ret) + return ksft_test_result_error("PMLEN=3D%d ABI disabled setup (%d)\n", + pmlen, ret); + + ret =3D write(pipefd[1], p, sizeof(*p)); + if (ret >=3D 0 || errno !=3D EFAULT) + return ksft_test_result_fail("PMLEN=3D%d ABI disabled write\n", pmlen); + + ret =3D read(dev_zero, p, sizeof(*p)); + if (ret >=3D 0 || errno !=3D EFAULT) + return ksft_test_result_fail("PMLEN=3D%d ABI disabled read\n", pmlen); + + if (i !=3D ~pmlen) + return ksft_test_result_fail("PMLEN=3D%d ABI disabled value\n", pmlen); + + ret =3D set_tagged_addr_ctrl(pmlen, true); + if (ret) + return ksft_test_result_error("PMLEN=3D%d ABI enabled setup (%d)\n", + pmlen, ret); + + ret =3D write(pipefd[1], p, sizeof(*p)); + if (ret !=3D sizeof(*p)) + return ksft_test_result_fail("PMLEN=3D%d ABI enabled write\n", pmlen); + + ret =3D read(dev_zero, p, sizeof(*p)); + if (ret !=3D sizeof(*p)) + return ksft_test_result_fail("PMLEN=3D%d ABI enabled read\n", pmlen); + + if (i) + return ksft_test_result_fail("PMLEN=3D%d ABI enabled value\n", pmlen); + + i =3D ~pmlen; + } else { + /* The tagged address ABI cannot be enabled when PMLEN =3D=3D 0. */ + ret =3D set_tagged_addr_ctrl(pmlen, true); + if (ret !=3D -EINVAL) + return ksft_test_result_error("PMLEN=3D%d ABI setup (%d)\n", + pmlen, ret); + } + + p =3D (int *)((uintptr_t)&i | 1UL << (__riscv_xlen - pmlen - 1)); + + ret =3D write(pipefd[1], p, sizeof(*p)); + if (ret >=3D 0 || errno !=3D EFAULT) + return ksft_test_result_fail("PMLEN=3D%d invalid tag write (%d)\n", pmle= n, errno); + + ret =3D read(dev_zero, p, sizeof(*p)); + if (ret >=3D 0 || errno !=3D EFAULT) + return ksft_test_result_fail("PMLEN=3D%d invalid tag read\n", pmlen); + + if (i !=3D ~pmlen) + return ksft_test_result_fail("PMLEN=3D%d invalid tag value\n", pmlen); + + ksft_test_result_pass("PMLEN=3D%d tagged address ABI\n", pmlen); +} + +static void test_tagged_addr_abi(void) +{ + ksft_print_msg("Testing tagged address ABI\n"); + + test_tagged_addr_abi_pmlen(0); + test_tagged_addr_abi_pmlen(min_pmlen); + test_tagged_addr_abi_pmlen(max_pmlen); +} + +static struct test_info { + unsigned int nr_tests; + void (*test_fn)(void); +} tests[] =3D { + { .nr_tests =3D 17 * 3, test_pmlen }, + { .nr_tests =3D 3, test_dereference }, + { .nr_tests =3D 2, test_fork_exec }, + { .nr_tests =3D 2, test_tagged_addr_abi_sysctl }, + { .nr_tests =3D 3, test_tagged_addr_abi }, +}; + +int main(int argc, char **argv) +{ + unsigned int plan =3D 0; + int ret; + + /* Check if this is the child process after execve(). */ + if (!argv[0][0]) + return execve_child(); + + dev_zero =3D open("/dev/zero", O_RDWR); + if (dev_zero < 0) + return 1; + + /* Write to a pipe so the kernel must dereference the buffer pointer. */ + ret =3D pipe(pipefd); + if (ret) + return 1; + + ksft_print_header(); + + for (int i =3D 0; i < ARRAY_SIZE(tests); i++) + plan +=3D tests[i].nr_tests; + + ksft_set_plan(plan); + + for (int i =3D 0; i < ARRAY_SIZE(tests); i++) + tests[i].test_fn(); + + ksft_finished(); +} --=20 2.45.1