procfs: Make /proc/<PID>/mem unwritable

refs: #1177 Change-Id: Ibb319221155547febf9126e05a9e322bd9f140cc
2018-09-25 10:05:41 +09:00
parent cc1d39e55d
commit 6f9fef2b13
6 changed files with 22 additions and 152 deletions
--- a/executer/kernel/mcctrl/procfs.c
+++ b/executer/kernel/mcctrl/procfs.c
@ -1109,7 +1109,7 @@ static const struct procfs_entry pid_entry_stuff[] = {
 //	PROC_LNK("exe",        mckernel_readlink),
 //	PROC_REG("limits",     S_IRUSR|S_IWUSR, NULL),
 	PROC_REG("maps",       0444, &mckernel_buff_io),
-	PROC_REG("mem",        0600, NULL),
+	PROC_REG("mem",        0400, NULL),
 	PROC_REG("pagemap",    0444, NULL),
 //	PROC_REG("smaps",      S_IRUGO, NULL),
 //	PROC_REG("stat",       0444, &mckernel_buff_io),
--- a/test/issues/1018/C1018.sh
+++ b/test/issues/1018/C1018.sh
@ -1,52 +1,12 @@
 #!/bin/sh
 if [ -f $HOME/mck_test_config ]; then
 	. $HOME/mck_test_config
 else
 	BIN=
 	SBIN=
 	OSTEST=
 fi
 BOOTPARAM="-c 1-7,9-15,17-23,25-31 -m 10G@0,10G@1 -r 1-7:0+9-15:8+17-23:16+25-31:24"
-if [ "x$BINDIR" = x ];then
+USELTP=0
-	BINDIR="$BIN"
+USEOSTEST=1
 fi
-if [ "x$SBINDIR" = x ];then
+. ../../common.sh
 	SBINDIR="$SBIN"
 fi
-if [ "x$OSTESTDIR" = x ]; then
+${MCEXEC} ./CT_001
-	OSTESTDIR="$OSTEST"
+${MCEXEC} ./CT_002
 fi
 if [ "x$LTPDIR" = x ]; then
 	LTPDIR="$LTP"
 fi
 if [ ! -x $SBINDIR/mcstop+release.sh ]; then
 	echo mcstop+release: not found >&2
 	exit 1
 fi
 echo -n "mcstop+release.sh ... "
 sudo $SBINDIR/mcstop+release.sh
 echo "done"
 if [ ! -x $SBINDIR/mcreboot.sh ]; then
 	echo mcreboot: not found >&2
 	exit 1
 fi
 echo -n "mcreboot.sh $BOOTPARAM ... "
 sudo $SBINDIR/mcreboot.sh $BOOTPARAM
 echo "done"
 if [ ! -x $BINDIR/mcexec ]; then
 	echo mcexec: not found >&2
 	exit 1
 fi
 $BINDIR/mcexec ./CT_001
 $BINDIR/mcexec ./CT_002
 tid=001
 echo "*** RT_$tid start *******************************"
--- a/test/issues/1018/CT_001.c
+++ b/test/issues/1018/CT_001.c
@ -23,9 +23,9 @@ int main(int argc, char *argv[])
 	char pfname[PROCFILE_LEN];
 	unsigned long *anon_map = NULL;
 	unsigned long *tmp_buf = NULL;
-	int data_pos[3] = {1 * MEGA / sizeof(unsigned long),
+	int data_pos[3] = {0 * MEGA / sizeof(unsigned long),
-			2 * MEGA / sizeof(unsigned long),
+			4 * MEGA / sizeof(unsigned long) - 1,
-			4 * MEGA / sizeof(unsigned long)};
+			8 * MEGA / sizeof(unsigned long) - 1};
 	off_t ret = 0;
 	printf("*** %s start *******************************\n", TEST_NAME);
@ -51,7 +51,7 @@ int main(int argc, char *argv[])
 	sprintf(pfname, "/proc/%d/mem", pid);
 	/* open proc_mem */
-	fd = open(pfname, O_RDWR);
+	fd = open(pfname, O_RDONLY);
 	CHKANDJUMP(fd < 0, "open proc_mem");
 	/* pread 2MB */
--- a/test/issues/1018/CT_002.c
+++ b/test/issues/1018/CT_002.c
@ -19,58 +19,21 @@
 int main(int argc, char *argv[])
 {
-	int fd = 0, i = 0;
+	int fd = 0;
 	pid_t pid = getpid();
 	char pfname[PROCFILE_LEN];
 	unsigned long *anon_map = NULL;
 	unsigned long *tmp_buf = NULL;
 	int data_pos[3] = {0 * MEGA / sizeof(unsigned long),
 			1 * MEGA / sizeof(unsigned long),
 			4 * MEGA / sizeof(unsigned long)};
 	off_t ret = 0;
 	printf("*** %s start *******************************\n", TEST_NAME);
 	/* anonymous mmap */
 	anon_map = (unsigned long *)mmap(NULL, MAP_LEN, PROT_READ | PROT_WRITE,
 			MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
 	OKNG(anon_map == MAP_FAILED, "anonymous map");
 	printf("  anonymous map to %p, size:%.2f MB\n",
 	       anon_map, (double)MAP_LEN / MEGA);
 	/* allocate tmp_buf */
 	tmp_buf = (unsigned long *)mmap(NULL, MAP_LEN, PROT_READ | PROT_WRITE,
 			MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
 	CHKANDJUMP(tmp_buf == MAP_FAILED, "alloc tmp_buf");
 	/* set magic_number */
 	tmp_buf[data_pos[0]] = 0x1111;
 	tmp_buf[data_pos[1]] = 0x2222;
 	tmp_buf[data_pos[2]] = 0x3333;
 	/* generate proc_mem path */
 	sprintf(pfname, "/proc/%d/mem", pid);
 	/* open proc_mem */
-	fd = open(pfname, O_RDWR);
+	fd = open(pfname, O_WRONLY);
-	CHKANDJUMP(fd < 0, "open proc_mem");
+	OKNG(fd != -1, "open /proc/<PID>/mem is failed");
-	/* pwrite 2MB */
+	OKNG(errno != EACCES, "errno is EACCES");
 	errno = 0;
 	ret = pwrite(fd, tmp_buf, 2 * MEGA, (off_t)anon_map);
 	OKNG(ret != 2 * MEGA || errno != 0, "2MB pwrite");
 	/* pwrite 4MB */
 	errno = 0;
 	ret = pwrite(fd, tmp_buf, 4 * MEGA, (off_t)anon_map);
 	OKNG(ret != 4 * MEGA || errno != 0, "4MB pwrite");
 	/* pwrite 8MB */
 	errno = 0;
 	ret = pwrite(fd, tmp_buf, 8 * MEGA, (off_t)anon_map);
 	OKNG(ret != 8 * MEGA || errno != 0, "8MB pwrite");
 	close(fd);
 	printf("*** %s PASSED\n\n", TEST_NAME);
--- a/test/issues/1018/README
+++ b/test/issues/1018/README
@ -6,8 +6,8 @@ CT_001: /proc/<PID>/mem に対するpread
 	preadが成功することと、読み取ったデータが正しいことを確認
 CT_002: /proc/<PID>/mem に対するpwrite
-	/proc/<PID>/mem に対して、2MB, 4MB, 8MB でそれぞれpwriteを実行し、
+	/proc/<PID>/mem に対して、書き込み権限のあるopenを実行し、
-	pwriteが成功することを確認
+	openが失敗することと、errnoにEACCESが設定されることを確認
 2. 既存のprocfs機能に影響がないことをOSTESTを用いて確認
 RT_001: ostest_procfs.000
@ -20,18 +20,12 @@ RT_003: ostest_procfs.003
 	/proc/<PID>/stat の内容を取得できることを確認
 □ 実行手順
 McKernelのインストール先や、OSTEST, LTPの配置場所は、
 $HOME/mck_test_config を参照している
 mck_test_config は、McKernelをビルドした際に生成される
 mck_test_config.sample ファイルを$HOMEにコピーし、適宜編集する
 $ make test
-実行できない場合は、C1018.shの以下の行を適切に書き換えた後に実行。
+McKernelのインストール先や、OSTEST, LTPの配置場所は、
-BIN=          mcexec が存在するパス
+$HOME/.mck_test_config を参照している
-SBIN=         mcreboot.sh が存在するパス
+.mck_test_config は、McKernelをビルドした際に生成されるmck_test_config.sample ファイルを
-OSTEST=       OSTESTが存在するパス
+$HOMEにコピーし、適宜編集する
 LTP=          LTPが存在するパス
 □ 実行結果
 result.log 参照。
--- a/test/issues/1018/result.log
+++ b/test/issues/1018/result.log
@ -10,53 +10,6 @@
 *** CT_001 PASSED
 *** CT_002 start *******************************
- [OK] anonymous map
+ [OK] open /proc/<PID>/mem is failed
-  anonymous map to 0x2aaaab200000, size:8.00 MB
+ [OK] errno is EACCES
 [OK] 2MB pwrite
 [OK] 4MB pwrite
 [OK] 8MB pwrite
 *** CT_002 PASSED
 *** RT_001 start *******************************
 TEST_SUITE: procfs
 TEST_NUMBER: 0
 ARGS:
 dump /proc/5267/auxv:
  0x00000000000021 0x002aaaaac24000 (AT_SYSINFO_EHDR)
  0x00000000000019 0x00547fffffffe0 (AT_RANDOM)
  0x00000000000011 0x00000000000064 (AT_CLKTCK)
  0x00000000000006 0x00000000001000 (AT_PAGESZ)
  0x00000000000003 0x00000000400040 (AT_PHDR)
  0x00000000000004 0x00000000000038 (AT_PHENT)
  0x00000000000005 0x0000000000000a (AT_PHNUM)
  0x00000000000009 0x00000000403430 (AT_ENTRY)
  0000000000000000 0000000000000000 (AT_NULL)
 RESULT: you need check AUXV value
 *** RT_001: PASSED
 *** RT_002 start *******************************
 TEST_SUITE: procfs
 TEST_NUMBER: 1
 ARGS:
 allocated: 0x00000000800010
 dump /proc/5301/mem(offset:0x00000000800010):
  0x00000000800010: 0000000000000000 0000000000000001 0000000000000002 0000000000000003
  0x00000000800030: 0000000000000004 0000000000000005 0000000000000006 0000000000000007
  0x00000000800050: 0000000000000008 0000000000000009 000000000000000a 000000000000000b
  0x00000000800070: 000000000000000c 000000000000000d 000000000000000e 000000000000000f
  0x00000000800090: 0000000000000010 0000000000000011 0000000000000012 0000000000000013
  0x000000008000b0: 0000000000000014 0000000000000015 0000000000000016 0000000000000017
  0x000000008000d0: 0000000000000018 0000000000000019 000000000000001a 000000000000001b
  0x000000008000f0: 000000000000001c 000000000000001d 000000000000001e 000000000000001f
 RESULT: you need check MEM value
 *** RT_002: PASSED
 *** RT_003 start *******************************
 TEST_SUITE: procfs
 TEST_NUMBER: 3
 ARGS:
 output /proc/5335/task/5366/stat
 0 (exe) R 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0
 RESULT: you need check STAT value
 *** RT_003: PASSED