1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <inttypes.h> 18#include <limits.h> 19#include <stdio.h> 20#include <sys/capability.h> 21#include <sys/mman.h> 22#include <sys/prctl.h> 23#include <unistd.h> 24 25#include <string> 26#include <vector> 27 28#include <gtest/gtest.h> 29 30#include "android-base/file.h" 31#include "android-base/strings.h" 32#include "private/bionic_prctl.h" 33 34// http://b/20017123. 35TEST(sys_prctl, bug_20017123) { 36#if defined(__ANDROID__) // PR_SET_VMA is only available in Android kernels. 37 size_t page_size = static_cast<size_t>(sysconf(_SC_PAGESIZE)); 38 void* p = mmap(NULL, page_size * 3, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 39 ASSERT_NE(MAP_FAILED, p); 40 ASSERT_EQ(0, mprotect(p, page_size, PROT_NONE)); 41 ASSERT_NE(-1, prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, p, page_size * 3, "anonymous map space")); 42 // Now read the maps and verify that there are no overlapped maps. 43 std::string file_data; 44 ASSERT_TRUE(android::base::ReadFileToString("/proc/self/maps", &file_data)); 45 46 uintptr_t last_end = 0; 47 std::vector<std::string> lines = android::base::Split(file_data, "\n"); 48 for (size_t i = 0; i < lines.size(); i++) { 49 if (lines[i].empty()) { 50 continue; 51 } 52 uintptr_t start; 53 uintptr_t end; 54 ASSERT_EQ(2, sscanf(lines[i].c_str(), "%" SCNxPTR "-%" SCNxPTR " ", &start, &end)) 55 << "Failed to parse line: " << lines[i]; 56 // This will never fail on the first line, so no need to do any special checking. 57 ASSERT_GE(start, last_end) 58 << "Overlapping map detected:\n" << lines[i -1] << '\n' << lines[i] << '\n'; 59 last_end = end; 60 } 61 62 ASSERT_EQ(0, munmap(p, page_size * 3)); 63#else 64 GTEST_LOG_(INFO) << "This test does nothing as it tests an Android specific kernel feature."; 65#endif 66} 67 68TEST(sys_prctl, pr_cap_ambient) { 69// PR_CAP_AMBIENT was introduced in v4.3. Android devices should always 70// have a backport, but we can't guarantee it's available on the host. 71#if defined(__ANDROID__) || defined(PR_CAP_AMBIENT) 72 const std::string caps_sha = 73 "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/" 74 "?id=58319057b7847667f0c9585b9de0e8932b0fdb08"; 75 const std::string caps_typo_sha = 76 "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/" 77 "?id=b7f76ea2ef6739ee484a165ffbac98deb855d3d3"; 78 79 auto err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0); 80 EXPECT_EQ(0, err); 81 // EINVAL -> unrecognized prctl option 82 ASSERT_NE(EINVAL, errno) << "kernel missing required commits:\n" 83 << caps_sha << "\n" 84 << caps_typo_sha << "\n"; 85 86 // Unprivileged processes shouldn't be able to raise CAP_SYS_ADMIN, 87 // but they can check or lower it 88 err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, CAP_SYS_ADMIN, 0, 0); 89 EXPECT_EQ(-1, err); 90 EXPECT_EQ(EPERM, errno); 91 92 err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_SYS_ADMIN, 0, 0); 93 EXPECT_EQ(0, err); 94 95 err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_LOWER, CAP_SYS_ADMIN, 0, 0); 96 EXPECT_EQ(0, err); 97 98 // ULONG_MAX isn't a legal cap 99 err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, ULONG_MAX, 0, 0); 100 EXPECT_EQ(-1, err); 101 EXPECT_EQ(EINVAL, errno); 102 103 err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, ULONG_MAX, 0, 0); 104 EXPECT_EQ(-1, err); 105 EXPECT_EQ(EINVAL, errno); 106 107 err = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_LOWER, ULONG_MAX, 0, 0); 108 EXPECT_EQ(-1, err); 109 EXPECT_EQ(EINVAL, errno); 110#else 111 GTEST_LOG_(INFO) 112 << "Skipping test that requires host support for PR_CAP_AMBIENT."; 113#endif 114} 115