1 /* 2 * Check decoding of prctl PR_GET_SECUREBITS/PR_SET_SECUREBITS operations. 3 * 4 * Copyright (c) 2016 Eugene Syromyatnikov <evgsyr@gmail.com> 5 * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. The name of the author may not be used to endorse or promote products 17 * derived from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #include "tests.h" 32 #include <asm/unistd.h> 33 #include <linux/prctl.h> 34 35 #if defined __NR_prctl && defined PR_GET_SECUREBITS && defined PR_SET_SECUREBITS 36 37 # include <stdio.h> 38 # include <unistd.h> 39 40 # include "xlat.h" 41 # include "xlat/secbits.h" 42 43 static const char *errstr; 44 45 static long 46 prctl(kernel_ulong_t arg1, kernel_ulong_t arg2) 47 { 48 static const kernel_ulong_t bogus_arg = 49 (kernel_ulong_t) 0xdeadbeefbadc0dedULL; 50 long rc = syscall(__NR_prctl, arg1, arg2, bogus_arg); 51 errstr = sprintrc(rc); 52 return rc; 53 } 54 55 int 56 main(void) 57 { 58 static const kernel_ulong_t bits1 = 59 (kernel_ulong_t) 0xdeadc0defacebeefULL; 60 static const kernel_ulong_t bits2 = 61 (kernel_ulong_t) 0xbadc0ded00000000ULL; 62 static const kernel_ulong_t bits3 = 63 (kernel_ulong_t) 0xffULL; 64 65 prctl(PR_SET_SECUREBITS, 0); 66 printf("prctl(PR_SET_SECUREBITS, 0) = %s\n", errstr); 67 68 prctl(PR_SET_SECUREBITS, bits1); 69 printf("prctl(PR_SET_SECUREBITS, SECBIT_NOROOT|SECBIT_NOROOT_LOCKED|" 70 "SECBIT_NO_SETUID_FIXUP|SECBIT_NO_SETUID_FIXUP_LOCKED|" 71 "SECBIT_KEEP_CAPS_LOCKED|SECBIT_NO_CAP_AMBIENT_RAISE|" 72 "SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED|%#llx) = %s\n", 73 (unsigned long long) bits1 & ~0xffULL, errstr); 74 75 if (bits2) { 76 prctl(PR_SET_SECUREBITS, bits2); 77 printf("prctl(PR_SET_SECUREBITS, %#llx /* SECBIT_??? */)" 78 " = %s\n", (unsigned long long) bits2, errstr); 79 } 80 81 prctl(PR_SET_SECUREBITS, bits3); 82 printf("prctl(PR_SET_SECUREBITS, SECBIT_NOROOT|SECBIT_NOROOT_LOCKED|" 83 "SECBIT_NO_SETUID_FIXUP|SECBIT_NO_SETUID_FIXUP_LOCKED|" 84 "SECBIT_KEEP_CAPS|SECBIT_KEEP_CAPS_LOCKED|" 85 "SECBIT_NO_CAP_AMBIENT_RAISE|SECBIT_NO_CAP_AMBIENT_RAISE_LOCKED)" 86 " = %s\n", errstr); 87 88 long rc = prctl(PR_GET_SECUREBITS, bits1); 89 printf("prctl(PR_GET_SECUREBITS) = %s", errstr); 90 if (rc > 0) { 91 printf(" ("); 92 printflags(secbits, rc, NULL); 93 printf(")"); 94 } 95 96 puts(""); 97 98 puts("+++ exited with 0 +++"); 99 return 0; 100 } 101 102 #else 103 104 SKIP_MAIN_UNDEFINED("__NR_prctl && PR_GET_SECUREBITS && PR_SET_SECUREBITS") 105 106 #endif 107