]>
Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
0eb1d0fa AL |
2 | /* |
3 | * ioperm.c - Test case for ioperm(2) | |
4 | * Copyright (c) 2015 Andrew Lutomirski | |
5 | */ | |
6 | ||
7 | #define _GNU_SOURCE | |
8 | #include <err.h> | |
9 | #include <stdio.h> | |
10 | #include <stdint.h> | |
11 | #include <signal.h> | |
12 | #include <setjmp.h> | |
13 | #include <stdlib.h> | |
14 | #include <string.h> | |
15 | #include <errno.h> | |
16 | #include <unistd.h> | |
17 | #include <sys/types.h> | |
18 | #include <sys/wait.h> | |
19 | #include <stdbool.h> | |
20 | #include <sched.h> | |
21 | #include <sys/io.h> | |
22 | ||
23 | static int nerrs = 0; | |
24 | ||
25 | static void sethandler(int sig, void (*handler)(int, siginfo_t *, void *), | |
26 | int flags) | |
27 | { | |
28 | struct sigaction sa; | |
29 | memset(&sa, 0, sizeof(sa)); | |
30 | sa.sa_sigaction = handler; | |
31 | sa.sa_flags = SA_SIGINFO | flags; | |
32 | sigemptyset(&sa.sa_mask); | |
33 | if (sigaction(sig, &sa, 0)) | |
34 | err(1, "sigaction"); | |
35 | ||
36 | } | |
37 | ||
38 | static void clearhandler(int sig) | |
39 | { | |
40 | struct sigaction sa; | |
41 | memset(&sa, 0, sizeof(sa)); | |
42 | sa.sa_handler = SIG_DFL; | |
43 | sigemptyset(&sa.sa_mask); | |
44 | if (sigaction(sig, &sa, 0)) | |
45 | err(1, "sigaction"); | |
46 | } | |
47 | ||
48 | static jmp_buf jmpbuf; | |
49 | ||
50 | static void sigsegv(int sig, siginfo_t *si, void *ctx_void) | |
51 | { | |
52 | siglongjmp(jmpbuf, 1); | |
53 | } | |
54 | ||
55 | static bool try_outb(unsigned short port) | |
56 | { | |
57 | sethandler(SIGSEGV, sigsegv, SA_RESETHAND); | |
58 | if (sigsetjmp(jmpbuf, 1) != 0) { | |
59 | return false; | |
60 | } else { | |
61 | asm volatile ("outb %%al, %w[port]" | |
62 | : : [port] "Nd" (port), "a" (0)); | |
63 | return true; | |
64 | } | |
65 | clearhandler(SIGSEGV); | |
66 | } | |
67 | ||
68 | static void expect_ok(unsigned short port) | |
69 | { | |
70 | if (!try_outb(port)) { | |
71 | printf("[FAIL]\toutb to 0x%02hx failed\n", port); | |
72 | exit(1); | |
73 | } | |
74 | ||
75 | printf("[OK]\toutb to 0x%02hx worked\n", port); | |
76 | } | |
77 | ||
78 | static void expect_gp(unsigned short port) | |
79 | { | |
80 | if (try_outb(port)) { | |
81 | printf("[FAIL]\toutb to 0x%02hx worked\n", port); | |
82 | exit(1); | |
83 | } | |
84 | ||
85 | printf("[OK]\toutb to 0x%02hx failed\n", port); | |
86 | } | |
87 | ||
88 | int main(void) | |
89 | { | |
90 | cpu_set_t cpuset; | |
91 | CPU_ZERO(&cpuset); | |
92 | CPU_SET(0, &cpuset); | |
93 | if (sched_setaffinity(0, sizeof(cpuset), &cpuset) != 0) | |
94 | err(1, "sched_setaffinity to CPU 0"); | |
95 | ||
96 | expect_gp(0x80); | |
97 | expect_gp(0xed); | |
98 | ||
99 | /* | |
100 | * Probe for ioperm support. Note that clearing ioperm bits | |
101 | * works even as nonroot. | |
102 | */ | |
103 | printf("[RUN]\tenable 0x80\n"); | |
104 | if (ioperm(0x80, 1, 1) != 0) { | |
105 | printf("[OK]\tioperm(0x80, 1, 1) failed (%d) -- try running as root\n", | |
106 | errno); | |
107 | return 0; | |
108 | } | |
109 | expect_ok(0x80); | |
110 | expect_gp(0xed); | |
111 | ||
112 | printf("[RUN]\tdisable 0x80\n"); | |
113 | if (ioperm(0x80, 1, 0) != 0) { | |
114 | printf("[FAIL]\tioperm(0x80, 1, 0) failed (%d)", errno); | |
115 | return 1; | |
116 | } | |
117 | expect_gp(0x80); | |
118 | expect_gp(0xed); | |
119 | ||
120 | /* Make sure that fork() preserves ioperm. */ | |
121 | if (ioperm(0x80, 1, 1) != 0) { | |
122 | printf("[FAIL]\tioperm(0x80, 1, 0) failed (%d)", errno); | |
123 | return 1; | |
124 | } | |
125 | ||
126 | pid_t child = fork(); | |
127 | if (child == -1) | |
128 | err(1, "fork"); | |
129 | ||
130 | if (child == 0) { | |
131 | printf("[RUN]\tchild: check that we inherited permissions\n"); | |
132 | expect_ok(0x80); | |
133 | expect_gp(0xed); | |
134 | return 0; | |
135 | } else { | |
136 | int status; | |
137 | if (waitpid(child, &status, 0) != child || | |
138 | !WIFEXITED(status)) { | |
139 | printf("[FAIL]\tChild died\n"); | |
140 | nerrs++; | |
141 | } else if (WEXITSTATUS(status) != 0) { | |
142 | printf("[FAIL]\tChild failed\n"); | |
143 | nerrs++; | |
144 | } else { | |
145 | printf("[OK]\tChild succeeded\n"); | |
146 | } | |
147 | } | |
148 | ||
149 | /* Test the capability checks. */ | |
150 | ||
151 | printf("\tDrop privileges\n"); | |
152 | if (setresuid(1, 1, 1) != 0) { | |
153 | printf("[WARN]\tDropping privileges failed\n"); | |
154 | return 0; | |
155 | } | |
156 | ||
157 | printf("[RUN]\tdisable 0x80\n"); | |
158 | if (ioperm(0x80, 1, 0) != 0) { | |
159 | printf("[FAIL]\tioperm(0x80, 1, 0) failed (%d)", errno); | |
160 | return 1; | |
161 | } | |
162 | printf("[OK]\tit worked\n"); | |
163 | ||
164 | printf("[RUN]\tenable 0x80 again\n"); | |
165 | if (ioperm(0x80, 1, 1) == 0) { | |
166 | printf("[FAIL]\tit succeeded but should have failed.\n"); | |
167 | return 1; | |
168 | } | |
169 | printf("[OK]\tit failed\n"); | |
170 | return 0; | |
171 | } |