GNOME.org
 

[gnome-continuous-yocto/gnomeostree-3.28-rocko: 6616/8267] ltp: syscalls/add_key02: fix for nonempty NULL payload

commit b18a0f56edbb61e78d6c71722233aaa50970a9bd
Author: Fathi Boudra <fathi boudra linaro org>
Date:   Mon Jul 3 14:45:34 2017 +0300

    ltp: syscalls/add_key02: fix for nonempty NULL payload
    
    Add upstream patch to fix syscalls/add_key02 test for nonempty
    NULL payload:
    https://github.com/linux-test-project/ltp/commit/25045624e941ee76a13febd36187e23c6c435507
    
    (From OE-Core rev: c7c72b73a841c6eadf88428db643e77deb0c0e65)
    
    Signed-off-by: Milosz Wasilewski <milosz wasilewski linaro org>
    Signed-off-by: Fathi Boudra <fathi boudra linaro org>
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 ...d_key02-update-to-test-fix-for-nonempty-N.patch |  136 ++++++++++++++++++++
 meta/recipes-extended/ltp/ltp_20170516.bb          |    1 +
 2 files changed, 137 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-extended/ltp/ltp/0038-syscalls-add_key02-update-to-test-fix-for-nonempty-N.patch 
b/meta/recipes-extended/ltp/ltp/0038-syscalls-add_key02-update-to-test-fix-for-nonempty-N.patch
new file mode 100644
index 0000000..3759e1f
--- /dev/null
+++ b/meta/recipes-extended/ltp/ltp/0038-syscalls-add_key02-update-to-test-fix-for-nonempty-N.patch
@@ -0,0 +1,136 @@
+From 25045624e941ee76a13febd36187e23c6c435507 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers google com>
+Date: Mon, 12 Jun 2017 11:55:21 -0700
+Subject: [PATCH 01/39] syscalls/add_key02: update to test fix for nonempty
+ NULL payload
+
+add_key02 was supposed to be a "Basic test for the add_key() syscall",
+but it actually happened to test the obscure case of passing a NULL
+payload with nonzero length.  This case was mishandled by the kernel,
+which either returned EINVAL or crashed with a NULL pointer dereference,
+depending on the key type.  (The former applied to the test, as it used
+the "user" key type.)  The expected behavior in this case is that the
+syscall fail with EFAULT.
+
+Update the test to expect the fixed behavior from v4.12-rc5, and make
+the test more thorough by testing additional key types, including ones
+that caused a NULL pointer dereference in unfixed kernels.
+
+Signed-off-by: Eric Biggers <ebiggers google com>
+Upstream-Status: Accepted 
[https://github.com/linux-test-project/ltp/commit/25045624e941ee76a13febd36187e23c6c435507]
+---
+ testcases/kernel/syscalls/add_key/add_key02.c | 69 ++++++++++++++++++++-------
+ 1 file changed, 51 insertions(+), 18 deletions(-)
+
+diff --git a/testcases/kernel/syscalls/add_key/add_key02.c b/testcases/kernel/syscalls/add_key/add_key02.c
+index 866800d6f..2e3308dcd 100644
+--- a/testcases/kernel/syscalls/add_key/add_key02.c
++++ b/testcases/kernel/syscalls/add_key/add_key02.c
+@@ -1,5 +1,6 @@
+ /******************************************************************************
+  * Copyright (c) Crackerjack Project., 2007                                 *
++ * Copyright (c) 2017 Google, Inc.                                            *
+  *                                                                          *
+  * This program is free software;  you can redistribute it and/or modify      *
+  * it under the terms of the GNU General Public License as published by       *
+@@ -18,10 +19,17 @@
+  ******************************************************************************/
+ 
+ /*
+- * Basic test for the add_key() syscall.
++ * Test that the add_key() syscall correctly handles a NULL payload with nonzero
++ * length.  Specifically, it should fail with EFAULT rather than oopsing the
++ * kernel with a NULL pointer dereference or failing with EINVAL, as it did
++ * before (depending on the key type).  This is a regression test for commit
++ * 5649645d725c ("KEYS: fix dereferencing NULL payload with nonzero length").
+  *
+- * History:   Porting from Crackerjack to LTP is done by
+- *          Manas Kumar Nayak maknayak in ibm com>
++ * Note that none of the key types that exhibited the NULL pointer dereference
++ * are guaranteed to be built into the kernel, so we just test as many as we
++ * can, in the hope of catching one.  We also test with the "user" key type for
++ * good measure, although it was one of the types that failed with EINVAL rather
++ * than dereferencing NULL.
+  */
+ 
+ #include "config.h"
+@@ -33,36 +41,61 @@
+ 
+ #ifdef HAVE_LINUX_KEYCTL_H
+ struct tcase {
+-      char *type;
+-      char *desc;
+-      void *payload;
+-      int plen;
+-      int exp_errno;
++      const char *type;
++      size_t plen;
+ } tcases[] = {
+-      {"user", "firstkey", NULL, 1, EINVAL}
++      /*
++       * The payload length we test for each key type needs to pass initial
++       * validation but is otherwise arbitrary.  Note: the "rxrpc_s" key type
++       * requires a payload of exactly 8 bytes.
++       */
++      { "asymmetric",         64 },
++      { "cifs.idmap",         64 },
++      { "cifs.spnego",        64 },
++      { "pkcs7_test",         64 },
++      { "rxrpc",              64 },
++      { "rxrpc_s",             8 },
++      { "user",               64 },
+ };
+ #endif /* HAVE_LINUX_KEYCTL_H */
+ 
+ static void verify_add_key(unsigned int i)
+ {
+ #ifdef HAVE_LINUX_KEYCTL_H
+-      TEST(tst_syscall(__NR_add_key, tcases[i].type, tcases[i].desc,
+-                       tcases[i].payload, tcases[i].plen,
+-                       KEY_SPEC_USER_KEYRING));
++      TEST(tst_syscall(__NR_add_key, tcases[i].type, "abc:def",
++                       NULL, tcases[i].plen, KEY_SPEC_PROCESS_KEYRING));
+ 
+       if (TEST_RETURN != -1) {
+-              tst_res(TFAIL, "add_key() passed unexpectedly");
++              tst_res(TFAIL,
++                      "add_key() with key type '%s' unexpectedly succeeded",
++                      tcases[i].type);
+               return;
+       }
+ 
+-      if (TEST_ERRNO == tcases[i].exp_errno) {
+-              tst_res(TPASS | TTERRNO, "add_key() failed expectedly");
++      if (TEST_ERRNO == EFAULT) {
++              tst_res(TPASS, "received expected EFAULT with key type '%s'",
++                      tcases[i].type);
+               return;
+       }
+ 
+-      tst_res(TFAIL | TTERRNO,
+-              "add_key() failed unexpectedly, expected %s",
+-              tst_strerrno(tcases[i].exp_errno));
++      if (TEST_ERRNO == ENODEV) {
++              tst_res(TCONF, "kernel doesn't support key type '%s'",
++                      tcases[i].type);
++              return;
++      }
++
++      /*
++       * It's possible for the "asymmetric" key type to be supported, but with
++       * no asymmetric key parsers registered.  In that case, attempting to
++       * add a key of type asymmetric will fail with EBADMSG.
++       */
++      if (TEST_ERRNO == EBADMSG && !strcmp(tcases[i].type, "asymmetric")) {
++              tst_res(TCONF, "no asymmetric key parsers are registered");
++              return;
++      }
++
++      tst_res(TFAIL | TTERRNO, "unexpected error with key type '%s'",
++              tcases[i].type);
+ #else
+       tst_brk(TCONF, "linux/keyctl.h was missing upon compilation.");
+ #endif /* HAVE_LINUX_KEYCTL_H */
+-- 
+2.13.0
+
diff --git a/meta/recipes-extended/ltp/ltp_20170516.bb b/meta/recipes-extended/ltp/ltp_20170516.bb
index f537d60..ac66b09 100644
--- a/meta/recipes-extended/ltp/ltp_20170516.bb
+++ b/meta/recipes-extended/ltp/ltp_20170516.bb
@@ -51,6 +51,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
            file://0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch \
            file://0001-dirtyc0w-Include-stdint.h.patch \
            file://0037-faccessat-and-fchmodat-Fix-build-warnings.patch \
+           file://0038-syscalls-add_key02-update-to-test-fix-for-nonempty-N.patch \
            "
 
 S = "${WORKDIR}/git"
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]