Module Name: src Committed By: christos Date: Sat Jul 29 12:16:34 UTC 2023
Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/sys/kern: sys_memfd.c src/tests/kernel: Makefile t_fcntl.c Added Files: src/tests/kernel: t_memfd_create.c Log Message: Add tests for t_memfd_create and fix bug found by tests To generate a diff of this commit: cvs rdiff -u -r1.407 -r1.408 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.1278 -r1.1279 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.4 -r1.5 src/sys/kern/sys_memfd.c cvs rdiff -u -r1.73 -r1.74 src/tests/kernel/Makefile cvs rdiff -u -r1.2 -r1.3 src/tests/kernel/t_fcntl.c cvs rdiff -u -r0 -r1.1 src/tests/kernel/t_memfd_create.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/distrib/sets/lists/debug/mi diff -u src/distrib/sets/lists/debug/mi:1.407 src/distrib/sets/lists/debug/mi:1.408 --- src/distrib/sets/lists/debug/mi:1.407 Fri Jul 28 14:18:59 2023 +++ src/distrib/sets/lists/debug/mi Sat Jul 29 08:16:34 2023 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.407 2023/07/28 18:18:59 christos Exp $ +# $NetBSD: mi,v 1.408 2023/07/29 12:16:34 christos Exp $ ./etc/mtree/set.debug comp-sys-root ./usr/lib comp-sys-usr compatdir ./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile @@ -1800,6 +1800,7 @@ ./usr/libdata/debug/usr/tests/kernel/t_lock.debug tests-kernel-tests debug,atf,compattestfile ./usr/libdata/debug/usr/tests/kernel/t_lockf.debug tests-kernel-tests debug,atf,compattestfile ./usr/libdata/debug/usr/tests/kernel/t_lwpctl.debug tests-obsolete obsolete,compattestfile +./usr/libdata/debug/usr/tests/kernel/t_memfd_create.debug tests-kernel-tests debug,atf,compattestfile ./usr/libdata/debug/usr/tests/kernel/t_mkdir.debug tests-obsolete obsolete,compattestfile ./usr/libdata/debug/usr/tests/kernel/t_mqueue.debug tests-kernel-tests debug,atf,compattestfile ./usr/libdata/debug/usr/tests/kernel/t_open_pr_57260.debug tests-kernel-tests debug,atf,compattestfile Index: src/distrib/sets/lists/tests/mi diff -u src/distrib/sets/lists/tests/mi:1.1278 src/distrib/sets/lists/tests/mi:1.1279 --- src/distrib/sets/lists/tests/mi:1.1278 Fri Jul 28 14:19:00 2023 +++ src/distrib/sets/lists/tests/mi Sat Jul 29 08:16:34 2023 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1278 2023/07/28 18:19:00 christos Exp $ +# $NetBSD: mi,v 1.1279 2023/07/29 12:16:34 christos Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -2310,6 +2310,7 @@ ./usr/tests/kernel/t_lockf tests-kernel-tests compattestfile,atf ./usr/tests/kernel/t_lwpctl tests-obsolete obsolete ./usr/tests/kernel/t_magic_symlinks tests-kernel-tests compattestfile,atf +./usr/tests/kernel/t_memfd_create tests-kernel-tests compattestfile,atf ./usr/tests/kernel/t_mkdir tests-obsolete obsolete ./usr/tests/kernel/t_mqueue tests-kernel-tests compattestfile,atf ./usr/tests/kernel/t_nointerpreter tests-kernel-tests atf Index: src/sys/kern/sys_memfd.c diff -u src/sys/kern/sys_memfd.c:1.4 src/sys/kern/sys_memfd.c:1.5 --- src/sys/kern/sys_memfd.c:1.4 Sat Jul 29 04:46:47 2023 +++ src/sys/kern/sys_memfd.c Sat Jul 29 08:16:34 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_memfd.c,v 1.4 2023/07/29 08:46:47 riastradh Exp $ */ +/* $NetBSD: sys_memfd.c,v 1.5 2023/07/29 12:16:34 christos Exp $ */ /*- * Copyright (c) 2023 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: sys_memfd.c,v 1.4 2023/07/29 08:46:47 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sys_memfd.c,v 1.5 2023/07/29 12:16:34 christos Exp $"); #include <sys/param.h> #include <sys/types.h> @@ -165,6 +165,7 @@ memfd_read(file_t *fp, off_t *offp, stru todo = MIN(uio->uio_resid, mfd->mfd_size - *offp); error = ubc_uiomove(mfd->mfd_uobj, uio, todo, UVM_ADV_SEQUENTIAL, UBC_READ|UBC_PARTIALOK); + *offp = uio->uio_offset; leave: if (offp == &fp->f_offset) @@ -215,6 +216,7 @@ memfd_write(file_t *fp, off_t *offp, str error = ubc_uiomove(mfd->mfd_uobj, uio, todo, UVM_ADV_SEQUENTIAL, UBC_WRITE|UBC_PARTIALOK); + *offp = uio->uio_offset; getnanotime(&mfd->mfd_mtime); Index: src/tests/kernel/Makefile diff -u src/tests/kernel/Makefile:1.73 src/tests/kernel/Makefile:1.74 --- src/tests/kernel/Makefile:1.73 Fri Jul 28 14:19:01 2023 +++ src/tests/kernel/Makefile Sat Jul 29 08:16:34 2023 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.73 2023/07/28 18:19:01 christos Exp $ +# $NetBSD: Makefile,v 1.74 2023/07/29 12:16:34 christos Exp $ NOMAN= # defined @@ -12,6 +12,7 @@ TESTS_C+= t_fcntl TESTS_C+= t_lock TESTS_C+= t_lockf TESTS_C+= t_pty +TESTS_C+= t_memfd_create TESTS_C+= t_mqueue TESTS_C+= t_proccwd TESTS_C+= t_sysv Index: src/tests/kernel/t_fcntl.c diff -u src/tests/kernel/t_fcntl.c:1.2 src/tests/kernel/t_fcntl.c:1.3 --- src/tests/kernel/t_fcntl.c:1.2 Sun Oct 20 12:02:11 2019 +++ src/tests/kernel/t_fcntl.c Sat Jul 29 08:16:34 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: t_fcntl.c,v 1.2 2019/10/20 16:02:11 christos Exp $ */ +/* $NetBSD: t_fcntl.c,v 1.3 2023/07/29 12:16:34 christos Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -31,6 +31,7 @@ #include <sys/param.h> #include <sys/types.h> +#include <sys/mman.h> #include <atf-c.h> #include <fcntl.h> #include <errno.h> @@ -38,11 +39,11 @@ #include <string.h> #include <unistd.h> -ATF_TC(getpath); -ATF_TC_HEAD(getpath, tc) +ATF_TC(getpath_vnode); +ATF_TC_HEAD(getpath_vnode, tc) { - atf_tc_set_md_var(tc, "descr", "Checks fcntl(2) F_GETPATH"); + atf_tc_set_md_var(tc, "descr", "Checks fcntl(2) F_GETPATH for vnodes"); } static const struct { @@ -57,7 +58,7 @@ static const struct { { "/", ENOENT }, }; -ATF_TC_BODY(getpath, tc) +ATF_TC_BODY(getpath_vnode, tc) { char path[MAXPATHLEN]; int fd, rv; @@ -81,9 +82,47 @@ ATF_TC_BODY(getpath, tc) } } +ATF_TC(getpath_memfd); +ATF_TC_HEAD(getpath_memfd, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks fcntl(2) F_GETPATH for fds created by memfd_create"); +} + +#define MEMFD_NAME(name) { name, "memfd:" name } +static const struct { + const char *bare; + const char *prefixed; +} memfd_names[] = { + MEMFD_NAME(""), + MEMFD_NAME("some text"), + MEMFD_NAME("memfd:"), + MEMFD_NAME("../\\"), +}; + +ATF_TC_BODY(getpath_memfd, tc) +{ + char path[MAXPATHLEN]; + int fd, rv; + + for (size_t i = 0; i < __arraycount(memfd_names); i++) { + fd = memfd_create(memfd_names[i].bare, 0); + ATF_REQUIRE_MSG(fd != -1, "Failed to create memfd (%s)", + strerror(errno)); + rv = fcntl(fd, F_GETPATH, path); + ATF_REQUIRE_MSG(rv != -1, "Can't get path `%s' (%s)", + memfd_names[i].bare, strerror(errno)); + ATF_REQUIRE_MSG(strcmp(memfd_names[i].prefixed, path) == 0, + "Bad name `%s' != `%s'", path, memfd_names[i].prefixed); + close(fd); + } +} + ATF_TP_ADD_TCS(tp) { - ATF_TP_ADD_TC(tp, getpath); + ATF_TP_ADD_TC(tp, getpath_vnode); + ATF_TP_ADD_TC(tp, getpath_memfd); return atf_no_error(); } Added files: Index: src/tests/kernel/t_memfd_create.c diff -u /dev/null src/tests/kernel/t_memfd_create.c:1.1 --- /dev/null Sat Jul 29 08:16:35 2023 +++ src/tests/kernel/t_memfd_create.c Sat Jul 29 08:16:34 2023 @@ -0,0 +1,455 @@ +/* $NetBSD: t_memfd_create.c,v 1.1 2023/07/29 12:16:34 christos Exp $ */ + +/*- + * Copyright (c) 2023 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Theodore Preduta. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include <sys/cdefs.h> +__RCSID("$NetBSD: t_memfd_create.c,v 1.1 2023/07/29 12:16:34 christos Exp $"); + +#include <sys/param.h> +#include <sys/types.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <errno.h> +#include <fcntl.h> + +#include <atf-c.h> + +#include "h_macros.h" + +char name_buf[NAME_MAX]; +char write_buf[8192]; +char read_buf[8192]; + +ATF_TC(create_null_name); +ATF_TC_HEAD(create_null_name, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks memfd_create fails with EFAULT when invalid memory" + " is provided"); +} +ATF_TC_BODY(create_null_name, tc) +{ + int fd; + + ATF_REQUIRE_EQ_MSG(fd = memfd_create(NULL, 0), -1, + "Unexpected success"); + ATF_REQUIRE_ERRNO(EFAULT, true); +} + +ATF_TC(create_long_name); +ATF_TC_HEAD(create_long_name, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks memfd_create fails for names longer than NAME_MAX-6"); +} +ATF_TC_BODY(create_long_name, tc) +{ + int fd; + + memset(name_buf, 'A', sizeof(name_buf)); + name_buf[NAME_MAX-6] = '\0'; + + ATF_REQUIRE_EQ_MSG(fd = memfd_create(name_buf, 0), -1, + "Unexpected success"); + ATF_REQUIRE_ERRNO(ENAMETOOLONG, true); + + name_buf[NAME_MAX-7] = '\0'; + + RL(fd = memfd_create(name_buf, 0)); +} + +ATF_TC(read_write); +ATF_TC_HEAD(read_write, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks that data can be written to/read from a memfd"); +} +ATF_TC_BODY(read_write, tc) +{ + int fd; + off_t offset; + + RL(fd = memfd_create("", 0)); + + tests_makegarbage(write_buf, sizeof(write_buf)); + memset(read_buf, 0, sizeof(read_buf)); + + RL(write(fd, write_buf, sizeof(write_buf))); + offset = lseek(fd, 0, SEEK_CUR); + ATF_REQUIRE_EQ_MSG(offset, sizeof(write_buf), + "File offset not set after write (%ld != %ld)", offset, + sizeof(write_buf)); + + RZ(lseek(fd, 0, SEEK_SET)); + + RL(read(fd, read_buf, sizeof(read_buf))); + offset = lseek(fd, 0, SEEK_CUR); + ATF_REQUIRE_EQ_MSG(offset, sizeof(read_buf), + "File offset not set after read (%ld != %ld)", offset, + sizeof(read_buf)); + + for (size_t i = 0; i < sizeof(read_buf); i++) + ATF_REQUIRE_EQ_MSG(read_buf[i], write_buf[i], + "Data read does not match data written"); +} + +ATF_TC(truncate); +ATF_TC_HEAD(truncate, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks that truncation does result in data removal"); +} +ATF_TC_BODY(truncate, tc) +{ + int fd; + struct stat st; + + RL(fd = memfd_create("", 0)); + + tests_makegarbage(write_buf, sizeof(write_buf)); + tests_makegarbage(read_buf, sizeof(read_buf)); + + RL(write(fd, write_buf, sizeof(write_buf))); + + RL(fstat(fd, &st)); + ATF_REQUIRE_EQ_MSG(st.st_size, sizeof(write_buf), + "Write did not grow size to %ld (is %ld)", sizeof(write_buf), + st.st_size); + + RL(ftruncate(fd, sizeof(write_buf)/2)); + RL(fstat(fd, &st)); + ATF_REQUIRE_EQ_MSG(st.st_size, sizeof(write_buf)/2, + "Truncate did not shrink size to %ld (is %ld)", + sizeof(write_buf)/2, st.st_size); + + RL(ftruncate(fd, sizeof(read_buf))); + RL(fstat(fd, &st)); + ATF_REQUIRE_EQ_MSG(st.st_size, sizeof(read_buf), + "Truncate did not grow size to %ld (is %ld)", sizeof(read_buf), + st.st_size); + + RZ(lseek(fd, 0, SEEK_SET)); + RL(read(fd, read_buf, sizeof(read_buf))); + + for (size_t i = 0; i < sizeof(read_buf)/2; i++) + ATF_REQUIRE_EQ_MSG(read_buf[i], write_buf[i], + "Data read does not match data written"); + for (size_t i = sizeof(read_buf)/2; i < sizeof(read_buf); i++) + ATF_REQUIRE_EQ_MSG(read_buf[i], 0, + "Data read on growed region is not zeroed"); +} + +ATF_TC(mmap); +ATF_TC_HEAD(mmap, tc) +{ + + atf_tc_set_md_var(tc, "descr", "Check that mmap succeeds"); +} +ATF_TC_BODY(mmap, tc) +{ + int fd; + void *addr; + + RL(fd = memfd_create("", 0)); + RL(ftruncate(fd, sizeof(read_buf))); + + addr = mmap(NULL, sizeof(read_buf), PROT_READ|PROT_WRITE, MAP_SHARED, + fd, 0); + ATF_REQUIRE_MSG(addr != MAP_FAILED, "Mmap failed unexpectedly (%s)", + strerror(errno)); +} + +ATF_TC(create_no_sealing); +ATF_TC_HEAD(create_no_sealing, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks that seals cannot be added if MFD_ALLOW_SEALING is" + " not specified to memfd_create"); +} +ATF_TC_BODY(create_no_sealing, tc) +{ + int fd; + + RL(fd = memfd_create("", 0)); + + ATF_REQUIRE_EQ_MSG(fcntl(fd, F_ADD_SEALS, F_SEAL_WRITE), -1, + "fcntl succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); +} + +ATF_TC(seal_seal); +ATF_TC_HEAD(seal_seal, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks adding F_SEAL_SEAL prevents adding other seals"); +} +ATF_TC_BODY(seal_seal, tc) +{ + int fd; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(fcntl(fd, F_ADD_SEALS, F_SEAL_SEAL)); + + ATF_REQUIRE_EQ_MSG(fcntl(fd, F_ADD_SEALS, F_SEAL_WRITE), -1, + "fcntl succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); +} + +/* + * Tests that the seals provided in except to not also prevent some + * other operation. + * + * Note: fd must have a positive size. + */ +static void +test_all_seals_except(int fd, int except) +{ + int rv; + struct stat st; + void *addr; + + RL(fstat(fd, &st)); + ATF_REQUIRE(st.st_size > 0); + + if (except & ~F_SEAL_SEAL) { + rv = fcntl(fd, F_ADD_SEALS, F_SEAL_SEAL); + if (rv == -1) { + ATF_REQUIRE_MSG(errno != EPERM, + "Seal %x prevented F_ADD_SEALS", except); + ATF_REQUIRE_MSG(errno == EPERM, + "F_ADD_SEALS failed unexpectedly (%s)", + strerror(errno)); + } + } + + if (except & ~(F_SEAL_WRITE|F_SEAL_FUTURE_WRITE)) { + RZ(lseek(fd, 0, SEEK_SET)); + rv = write(fd, write_buf, sizeof(write_buf)); + if (rv == -1) { + ATF_REQUIRE_MSG(errno != EPERM, + "Seal %x prevented write", except); + ATF_REQUIRE_MSG(errno == EPERM, + "Write failed unexpectedly (%s)", + strerror(errno)); + } + + addr = mmap(NULL, st.st_size, PROT_READ|PROT_WRITE, + MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(addr != MAP_FAILED, + "Mmap failed unexpectedly (%s)", strerror(errno)); + } + + if (except & ~F_SEAL_SHRINK) { + rv = ftruncate(fd, st.st_size - 1); + if (rv == -1) { + ATF_REQUIRE_MSG(errno != EPERM, + "Seal %x prevented truncate to shrink", except); + ATF_REQUIRE_MSG(errno == EPERM, + "Truncate failed unexpectedly (%s)", + strerror(errno)); + } + } + + if (except & ~F_SEAL_GROW) { + rv = ftruncate(fd, st.st_size + 1); + if (rv == -1) { + ATF_REQUIRE_MSG(errno != EPERM, + "Seal %x prevented truncate to shrink", except); + ATF_REQUIRE_MSG(errno == EPERM, + "Truncate failed unexpectedly (%s)", + strerror(errno)); + } + } +} + +ATF_TC(seal_shrink); +ATF_TC_HEAD(seal_shrink, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks F_SEAL_SHRINK prevents shrinking the file"); +} +ATF_TC_BODY(seal_shrink, tc) +{ + int fd; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(ftruncate(fd, sizeof(write_buf))); + RL(fcntl(fd, F_ADD_SEALS, F_SEAL_SHRINK)); + + ATF_REQUIRE_EQ_MSG(ftruncate(fd, sizeof(write_buf)/2), -1, + "Truncate succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); + + test_all_seals_except(fd, F_SEAL_SHRINK); +} + +ATF_TC(seal_grow); +ATF_TC_HEAD(seal_grow, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks F_SEAL_SHRINK prevents growing the file"); +} +ATF_TC_BODY(seal_grow, tc) +{ + int fd; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(ftruncate(fd, sizeof(write_buf)/2)); + RL(fcntl(fd, F_ADD_SEALS, F_SEAL_GROW)); + + ATF_REQUIRE_EQ_MSG(ftruncate(fd, sizeof(write_buf)), -1, + "Truncate succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); + + test_all_seals_except(fd, F_SEAL_GROW); +} + +ATF_TC(seal_write); +ATF_TC_HEAD(seal_write, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks F_SEAL_WRITE prevents writing"); +} +ATF_TC_BODY(seal_write, tc) +{ + int fd; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(ftruncate(fd, sizeof(write_buf)/2)); + RL(fcntl(fd, F_ADD_SEALS, F_SEAL_WRITE)); + + ATF_REQUIRE_EQ_MSG(write(fd, write_buf, sizeof(write_buf)), -1, + "Write succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); + + test_all_seals_except(fd, F_SEAL_WRITE); +} + +ATF_TC(seal_write_mmap); +ATF_TC_HEAD(seal_write_mmap, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks that F_SEAL_WRITE cannot be added with open mmaps"); +} +ATF_TC_BODY(seal_write_mmap, tc) +{ + int fd; + void *addr; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(ftruncate(fd, sizeof(read_buf))); + + addr = mmap(NULL, sizeof(read_buf), PROT_READ|PROT_WRITE, MAP_SHARED, + fd, 0); + ATF_REQUIRE_MSG(addr != MAP_FAILED, "Mmap failed unexpectedly (%s)", + strerror(errno)); + + ATF_REQUIRE_EQ_MSG(fcntl(fd, F_ADD_SEALS, F_SEAL_WRITE), -1, + "fcntl succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EBUSY, true); +} + +ATF_TC(seal_future_write); +ATF_TC_HEAD(seal_future_write, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks F_SEAL_FUTURE_WRITE prevents writing"); +} +ATF_TC_BODY(seal_future_write, tc) +{ + int fd; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(ftruncate(fd, sizeof(write_buf)/2)); + RL(fcntl(fd, F_ADD_SEALS, F_SEAL_FUTURE_WRITE)); + + ATF_REQUIRE_EQ_MSG(write(fd, write_buf, sizeof(write_buf)), -1, + "Write succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); + + test_all_seals_except(fd, F_SEAL_FUTURE_WRITE); +} + +ATF_TC(seal_future_write_mmap); +ATF_TC_HEAD(seal_future_write_mmap, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Checks that F_SEAL_WRITE can be added with open mmaps but" + " prevents creating new ones"); +} +ATF_TC_BODY(seal_future_write_mmap, tc) +{ + int fd; + void *addr; + + RL(fd = memfd_create("", MFD_ALLOW_SEALING)); + RL(ftruncate(fd, sizeof(read_buf))); + addr = mmap(NULL, sizeof(read_buf), PROT_READ|PROT_WRITE, MAP_SHARED, + fd, 0); + ATF_REQUIRE_MSG(addr != MAP_FAILED, "Mmap failed unexpectedly (%s)", + strerror(errno)); + + RL(fcntl(fd, F_ADD_SEALS, F_SEAL_FUTURE_WRITE)); + + ATF_REQUIRE_EQ_MSG(mmap(NULL, sizeof(read_buf), PROT_READ|PROT_WRITE, + MAP_SHARED, fd, 0), MAP_FAILED, "Mmap succeeded unexpectedly"); + ATF_REQUIRE_ERRNO(EPERM, true); +} + + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, create_null_name); + ATF_TP_ADD_TC(tp, create_long_name); + ATF_TP_ADD_TC(tp, read_write); + ATF_TP_ADD_TC(tp, truncate); + ATF_TP_ADD_TC(tp, mmap); + ATF_TP_ADD_TC(tp, create_no_sealing); + ATF_TP_ADD_TC(tp, seal_seal); + ATF_TP_ADD_TC(tp, seal_shrink); + ATF_TP_ADD_TC(tp, seal_grow); + ATF_TP_ADD_TC(tp, seal_write); + ATF_TP_ADD_TC(tp, seal_write_mmap); + ATF_TP_ADD_TC(tp, seal_future_write); + ATF_TP_ADD_TC(tp, seal_future_write_mmap); + + return atf_no_error(); +}