diff options
Diffstat (limited to 'testcases/kernel/syscalls/keyctl')
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl01.c | 13 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl02.c | 40 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl03.c | 16 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl04.c | 5 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl05.c | 20 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl06.c | 14 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl07.c | 5 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl08.c | 10 | ||||
-rw-r--r-- | testcases/kernel/syscalls/keyctl/keyctl09.c | 1 |
9 files changed, 85 insertions, 39 deletions
diff --git a/testcases/kernel/syscalls/keyctl/keyctl01.c b/testcases/kernel/syscalls/keyctl/keyctl01.c index 55e069c68..674094eec 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl01.c +++ b/testcases/kernel/syscalls/keyctl/keyctl01.c @@ -2,14 +2,17 @@ /* * Copyright (c) Crackerjack Project., 2007 * Copyright (c) 2017 Fujitsu Ltd. + * Copyright (c) Linux Test Project, 2009-2024 + * Ported by Manas Kumar Nayak maknayak@in.ibm.com> + * Modified by Guangwen Feng <fenggw-fnst@cn.fujitsu.com> */ -/* - * Description: This tests the keyctl() syscall - * Manipulate the kernel's key management facility +/*\ + * [Description] * - * Ported by Manas Kumar Nayak maknayak@in.ibm.com> - * Modified by Guangwen Feng <fenggw-fnst@cn.fujitsu.com> + * Tests the keyctl(2) syscall. + * + * Manipulate the kernel's key management facility. */ #include <errno.h> diff --git a/testcases/kernel/syscalls/keyctl/keyctl02.c b/testcases/kernel/syscalls/keyctl/keyctl02.c index 35cc2838d..fd3f86bbc 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl02.c +++ b/testcases/kernel/syscalls/keyctl/keyctl02.c @@ -1,11 +1,14 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Fujitsu Ltd. - * Ported: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> + * Copyright (c) Linux Test Project, 2017-2024 + * Ported: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> */ -/* - * This is a regression test for the race between keyctl_read() and +/*\ + * [Description] + * + * Regression test for the race between keyctl_read() and * keyctl_revoke(), if the revoke happens between keyctl_read() * checking the validity of a key and the key's semaphore being taken, * then the key type read method will see a revoked key. @@ -14,13 +17,8 @@ * assumes in its read method that there will always be a payload * in a non-revoked key and doesn't check for a NULL pointer. * - * This test can crash the buggy kernel, and the bug was fixed in: - * - * commit b4a1b4f5047e4f54e194681125c74c0aa64d637d - * Author: David Howells <dhowells@redhat.com> - * Date: Fri Dec 18 01:34:26 2015 +0000 - * - * KEYS: Fix race between read and revoke + * Bug was fixed in commit + * b4a1b4f5047e ("KEYS: Fix race between read and revoke") */ #include <errno.h> @@ -29,6 +27,7 @@ #include "tst_safe_pthread.h" #include "tst_test.h" +#include "tst_kconfig.h" #include "lapi/keyctl.h" #define LOOPS 20000 @@ -36,6 +35,7 @@ #define PATH_KEY_COUNT_QUOTA "/proc/sys/kernel/keys/root_maxkeys" static int orig_maxkeys; +static int realtime_kernel; static void *do_read(void *arg) { @@ -86,6 +86,15 @@ static void do_test(void) tst_res(TINFO, "Runtime exhausted, exiting after %d loops", i); break; } + + /* + * Realtime kernel has deferred post-join thread cleanup which + * may result in exhaustion of cgroup thread limit. Add delay + * to limit the maximum number of stale threads to 4000 + * even with CONFIG_HZ=100. + */ + if (realtime_kernel) + usleep(100); } /* @@ -126,8 +135,19 @@ static void do_test(void) static void setup(void) { + unsigned int i; + struct tst_kconfig_var rt_kconfigs[] = { + TST_KCONFIG_INIT("CONFIG_PREEMPT_RT"), + TST_KCONFIG_INIT("CONFIG_PREEMPT_RT_FULL") + }; + SAFE_FILE_SCANF(PATH_KEY_COUNT_QUOTA, "%d", &orig_maxkeys); SAFE_FILE_PRINTF(PATH_KEY_COUNT_QUOTA, "%d", orig_maxkeys + LOOPS + 1); + + tst_kconfig_read(rt_kconfigs, ARRAY_SIZE(rt_kconfigs)); + + for (i = 0; i < ARRAY_SIZE(rt_kconfigs); i++) + realtime_kernel |= rt_kconfigs[i].choice == 'y'; } static void cleanup(void) diff --git a/testcases/kernel/syscalls/keyctl/keyctl03.c b/testcases/kernel/syscalls/keyctl/keyctl03.c index 9d7b9a0b5..563ee96a9 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl03.c +++ b/testcases/kernel/syscalls/keyctl/keyctl03.c @@ -1,19 +1,15 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Fujitsu Ltd. - * Ported: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> + * Copyright (c) Linux Test Project, 2017-2024 + * Ported: Guangwen Feng <fenggw-fnst@cn.fujitsu.com> */ -/* - * This regression test can crash the buggy kernel, - * and the bug was fixed in: - * - * commit f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61 - * Author: David Howells <dhowells@redhat.com> - * Date: Thu Oct 15 17:21:37 2015 +0100 +/*\ + * [Description] * - * KEYS: Fix crash when attempt to garbage collect - * an uninstantiated keyring + * Regression test for commit + * f05819df10d7 ("KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring") */ #include <errno.h> diff --git a/testcases/kernel/syscalls/keyctl/keyctl04.c b/testcases/kernel/syscalls/keyctl/keyctl04.c index 1fed23ca6..50c9244de 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl04.c +++ b/testcases/kernel/syscalls/keyctl/keyctl04.c @@ -1,9 +1,12 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Google, Inc. + * Copyright (c) Linux Test Project, 2017-2024 */ -/* +/*\ + * [Description] + * * Regression test for commit c9f838d104fe ("KEYS: fix * keyctl_set_reqkey_keyring() to not leak thread keyrings"), a.k.a. * CVE-2017-7472. This bug could be used to exhaust kernel memory, though it diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c index 7d7c076c0..0ad106774 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl05.c +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c @@ -1,9 +1,12 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Google, Inc. + * Copyright (c) Linux Test Project, 2017-2024 */ -/* +/*\ + * [Description] + * * Regression test for commit 63a0b0509e70 ("KEYS: fix freeing uninitialized * memory in key_update()"). Try to reproduce the crash in two different ways: * @@ -31,6 +34,8 @@ #include "tst_test.h" #include "lapi/keyctl.h" +#define MODULE "dns_resolver" + /* * A valid payload for the "asymmetric" key type. This is an x509 certificate * in DER format, generated using: @@ -190,6 +195,9 @@ static void test_update_setperm_race(void) static void setup(void) { + /* There is no way to trigger automatic dns_resolver module loading. */ + tst_cmd((const char*[]){"modprobe", MODULE, NULL}, NULL, NULL, 0); + fips_enabled = tst_fips_enabled(); } @@ -198,8 +206,12 @@ static void do_test(unsigned int i) /* * We need to pass check in dns_resolver_preparse(), * give it dummy server list request. + * From v6.8-rc1 commit acc657692aed438e9931438f8c923b2b107aebf9: + * the incoming data for add_key() sysdall should be not less than 6 + * bytes, because struct dns_server_list_v1_header is 6 bytes. + * The minimum payload will be tested here for boundary testing. */ - static char dns_res_payload[] = { 0x00, 0x00, 0x01, 0xff, 0x00 }; + static char dns_res_payload[] = { 0x00, 0x00, 0x01, 0xff, 0x00, 0x00 }; switch (i) { case 0: @@ -207,7 +219,7 @@ static void do_test(unsigned int i) x509_cert, sizeof(x509_cert)); break; case 1: - test_update_nonupdatable("dns_resolver", dns_res_payload, + test_update_nonupdatable(MODULE, dns_res_payload, sizeof(dns_res_payload)); break; case 2: @@ -217,12 +229,14 @@ static void do_test(unsigned int i) } static struct tst_test test = { + .needs_root = 1, .tcnt = 3, .setup = setup, .test = do_test, .forks_child = 1, .tags = (const struct tst_tag[]) { {"linux-git", "63a0b0509e70"}, + {"linux-git", "acc657692aed"}, {} } }; diff --git a/testcases/kernel/syscalls/keyctl/keyctl06.c b/testcases/kernel/syscalls/keyctl/keyctl06.c index f76a85ff2..4564601d1 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl06.c +++ b/testcases/kernel/syscalls/keyctl/keyctl06.c @@ -1,19 +1,19 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Google, Inc. + * Copyright (c) Linux Test Project, 2017-2024 */ -/* - * Regression test for: +/*\ + * [Description] * - * commit e645016abc80 ("KEYS: fix writing past end of user-supplied buffer - * in keyring_read()"). + * Regression test for commit: * - * as well as its follow-on fix: + * e645016abc80 ("KEYS: fix writing past end of user-supplied buffer in keyring_read()") * - * commit 3239b6f29bdf ("KEYS: return full count in keyring_read() if - * buffer is too small") + * as well as its follow-on fix: * + * commit 3239b6f29bdf ("KEYS: return full count in keyring_read() if buffer is too small") */ #include <errno.h> diff --git a/testcases/kernel/syscalls/keyctl/keyctl07.c b/testcases/kernel/syscalls/keyctl/keyctl07.c index d9e20db5f..8b10ee803 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl07.c +++ b/testcases/kernel/syscalls/keyctl/keyctl07.c @@ -1,9 +1,12 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Google, Inc. + * Copyright (c) Linux Test Project, 2018-2024 */ -/* +/*\ + * [Description] + * * Regression test for commit 37863c43b2c6 ("KEYS: prevent KEYCTL_READ on * negative key"). This is CVE-2017-12192. */ diff --git a/testcases/kernel/syscalls/keyctl/keyctl08.c b/testcases/kernel/syscalls/keyctl/keyctl08.c index be4b23b14..30e077c50 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl08.c +++ b/testcases/kernel/syscalls/keyctl/keyctl08.c @@ -1,10 +1,16 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2017 Richard Palethorpe <rpalethorpe@suse.com> + * Copyright (c) Linux Test Project, 2019-2024 */ -/* Check for CVE-2016-9604; that keys beginning with "." are disallowed. + +/*\ + * [Description] + * + * Test for CVE-2016-9604, checks that keys beginning with "." are disallowed. * - * See commit ee8f844e3c5a73b999edf733df1c529d6503ec2f + * See commit + * ee8f844e3c5a ("KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings") */ #include <errno.h> diff --git a/testcases/kernel/syscalls/keyctl/keyctl09.c b/testcases/kernel/syscalls/keyctl/keyctl09.c index cfd5f7e5f..1f24f804a 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl09.c +++ b/testcases/kernel/syscalls/keyctl/keyctl09.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (c) 2022 Google, Inc. + * Copyright (c) Linux Test Project, 2023 */ /*\ |