[LTP] [PATCH 2/2] Add test for ASLRn't bug

Tue Jan 30 13:19:12 CET 2024

On 30. 01. 24 12:29, Petr Vorel wrote:
> Hi Martin,
> 
> Very nice work.
> Reviewed-by: Petr Vorel <pvorel@suse.cz>
> 
> ...
>> +++ b/runtest/kernel_misc
>> @@ -15,3 +15,4 @@ zram01 zram01.sh
>>   zram02 zram02.sh
>>   zram03 zram03
>>   umip_basic_test umip_basic_test
>> +aslr01 aslr01
> 
> I wonder, don't we want to run also with strict mode?
> Do you want to avoid failure:
> aslr01.c:241: TFAIL: Large lib base address has less than 28 random bits

The distro developers' decision so far seems to be to mitigate the issue 
by increasing ASLR random bit count to maximum instead of fixing the 
bug. That's enough to make the test pass in normal mode but strict mode 
will keep failing, possibly forever.

>> +static void find_large_lib(void)
>> +{
>> +	size_t hpsize, libsize = 0;
>> +
>> +	read_shared_libraries(find_large_lib_callback, &libsize);
>> +
>> +	if (!libsize) {
>> +		tst_brk(TCONF,
>> +			"No dynamic libraries loaded, please use LD_PRELOAD");
>> +	}
>> +
>> +	hpsize = tst_get_hugepage_size();
>> +	tst_res(TINFO, "Largest loaded library: %s (%zu bytes)", lib_path,
>> +		libsize);
>> +
>> +	if (!hpsize) {
>> +		tst_res(TCONF, "Hugepage support appears to be missing");
>> +	} else if (libsize < hpsize) {
>> +		tst_res(TCONF, "The largest dynamic library is smaller than "
>> +			"hugepage size");
> 
> very nit: I would not split the string (better for grep).

Feel free to join the string during merge.

> 
>> +		tst_res(TCONF, "Please use LD_PRELOAD to add larger library");
>> +	}
>> +}
> 
> ...
>> +	if (strict_check) {
>> +		if (compat) {
>> +			kconf_minbits = aslr_kconfigs[ASLR_COMPAT_MINBITS].val;
>> +			minbits_path = "/proc/sys/vm/mmap_rnd_compat_bits";
>> +		} else {
>> +			kconf_minbits = aslr_kconfigs[ASLR_MINBITS].val;
>> +			minbits_path = "/proc/sys/vm/mmap_rnd_bits";
>> +		}
>> +
>> +		/*
>> +		 * Reading mmap_rnd_bits usually requires root privileges.
>> +		 * Fall back to kernel config values if unprivileged.
>> +		 */
> +1. So this require either only root or working kconfig.
> 
>> +		if (!access(minbits_path, R_OK))
>> +			SAFE_FILE_SCANF(minbits_path, "%d", &minbits);
>> +		else if (!kconf_minbits)
>> +			tst_brk(TBROK, "Cannot determine kernel ASLR min bits");
>> +		else if (tst_parse_int(kconf_minbits, &minbits, 1, 64))
>> +			tst_brk(TBROK, "Invalid kernel ASLR min bits value");
>> +	}
>> +
>> +	find_large_lib();
>> +}
> 
> Kind regards,
> Petr

-- 
Martin Doucha   mdoucha@suse.cz
SW Quality Engineer
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic