Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp2894508pxv; Sun, 4 Jul 2021 01:15:00 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzAckXpL8eXBONGIFTLQvP2FU1f6Oaz+//GAHxo1W/lHN0DEMC+Y3hG9QHt/KMUbVn6ENuS X-Received: by 2002:a05:6402:2047:: with SMTP id bc7mr9345188edb.247.1625386500089; Sun, 04 Jul 2021 01:15:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625386500; cv=none; d=google.com; s=arc-20160816; b=YUObIeUu6YsE1HSj/vUXIsOMpGBHEJXm+MMV1HGVnkbK3dm1jZ/BwLUrvX2prNQUiR phPZgaHWdORbtLF6yykgnS0bLj3nLh83GD8nd7hQBIOGNpMW/1au+ixD6x7U3Ly7kNXj 5OWNQ4buHw8K4fqChZCIP4263YfcEsm3/wwVJqZhDsNMZeh7ef41YndYXhHiryOwbpTc KS2WM/b/3wh3JdHF8TfuEaKDRZjl8/5ynzjWQ1npaLPHYKKBldxDFvZzvBXwQRD/ZUwS gv+efB62PDd7IiPsfHxaKDNf1YRXU8i894DSu6DQMDGRbLUA+hrTxk4KSRT62G2HsC1x +Fig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=5x5/eutDlDBy7csgIRAOiBd8x+Qpc2SvlIIL2kYZolI=; b=KkrH7DXr4zCSTqDurOLpGCCqsIXSbx6iQUUW+zp1I1O2hqTwmOyo9oaEmw4uu2LvmM n1vgnVZYJeoEXtHoq0Ei6w57OW6et4/Qlbvm1JP1lPOQT4gVG57vVRn/RwW9p/vZIV9z wFl5DSZlEqkNP7LII/1wbRJ5AroU/dm5/9OZssIySKyIomiq5AdSqIL4y4bqVTdamMyb pKHo3Hunu+86cDu5+MhBzj1hEsTgocSyaF3LUpvTzCGIJxeUS9KCmnhhXzOD24GasVdO zROP9mkx7hvsjgTqJePdAuTxBHT8ekJivDsDwpkLg8HD+f58fcPX4jfLF8SdNY8dIf/Z Abdg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kaspersky.com header.s=mail202102 header.b=cn3KnGHz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=kaspersky.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id yc26si8689287ejb.508.2021.07.04.01.14.36; Sun, 04 Jul 2021 01:15:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kaspersky.com header.s=mail202102 header.b=cn3KnGHz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=kaspersky.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229963AbhGDIN5 (ORCPT + 99 others); Sun, 4 Jul 2021 04:13:57 -0400 Received: from mx13.kaspersky-labs.com ([91.103.66.164]:33766 "EHLO mx13.kaspersky-labs.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229649AbhGDIN5 (ORCPT ); Sun, 4 Jul 2021 04:13:57 -0400 Received: from relay13.kaspersky-labs.com (unknown [127.0.0.10]) by relay13.kaspersky-labs.com (Postfix) with ESMTP id 9A4575213BA; Sun, 4 Jul 2021 11:11:20 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kaspersky.com; s=mail202102; t=1625386280; bh=5x5/eutDlDBy7csgIRAOiBd8x+Qpc2SvlIIL2kYZolI=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; b=cn3KnGHzQA6eSAwijkOwiwtuoYRq0E35QHNm3iORuwdBM2X7R2O+IcMyu+Es9IZj/ Q0v4Wi0rR6pzclew4kqZ+A+WDGxdUXVPR7KKISXo9yWwS+chrtz4jEOrAUawX+duaY JqQs+fFJz/fdJJlGroonyTSc0a59Bt8hGImjLDGMPHoI8IZXVm5+8YnbCuts0tdVOt fPbcpvUDQCd0EfozIssyrtyVoZ+eykvbtml2p5ap3yzF1GZpYAFPPO93PfjjpzqQN7 2sDFfDNOKHHZ46AYa2yFN4PuSWogBjgIr+eyFXLWYeD9Ifcm+9zdAmoTuV1H+subgj mmu/x2res/OLw== Received: from mail-hq2.kaspersky.com (unknown [91.103.66.206]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client CN "mail-hq2.kaspersky.com", Issuer "Kaspersky MailRelays CA G3" (verified OK)) by mailhub13.kaspersky-labs.com (Postfix) with ESMTPS id 4A3055213EA; Sun, 4 Jul 2021 11:11:20 +0300 (MSK) Received: from arseniy-pc.avp.ru (10.64.64.121) by hqmailmbx3.avp.ru (10.64.67.243) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2176.14; Sun, 4 Jul 2021 11:11:19 +0300 From: Arseny Krasnov To: Stefan Hajnoczi , Stefano Garzarella , "Michael S. Tsirkin" , Jason Wang , "David S. Miller" , Jakub Kicinski , Arseny Krasnov , Colin Ian King , Norbert Slusarek , Andra Paraschiv CC: , , , , Subject: [RFC PATCH v2 6/6] vsock_test: SEQPACKET read to broken buffer Date: Sun, 4 Jul 2021 11:11:11 +0300 Message-ID: <20210704081114.89811-1-arseny.krasnov@kaspersky.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210704080820.88746-1-arseny.krasnov@kaspersky.com> References: <20210704080820.88746-1-arseny.krasnov@kaspersky.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.64.64.121] X-ClientProxiedBy: hqmailmbx2.avp.ru (10.64.67.242) To hqmailmbx3.avp.ru (10.64.67.243) X-KSE-ServerInfo: hqmailmbx3.avp.ru, 9 X-KSE-AntiSpam-Interceptor-Info: scan successful X-KSE-AntiSpam-Version: 5.9.20, Database issued on: 07/04/2021 07:43:44 X-KSE-AntiSpam-Status: KAS_STATUS_NOT_DETECTED X-KSE-AntiSpam-Method: none X-KSE-AntiSpam-Rate: 0 X-KSE-AntiSpam-Info: Lua profiles 164820 [Jul 03 2021] X-KSE-AntiSpam-Info: Version: 5.9.20.0 X-KSE-AntiSpam-Info: Envelope from: arseny.krasnov@kaspersky.com X-KSE-AntiSpam-Info: LuaCore: 448 448 71fb1b37213ce9a885768d4012c46ac449c77b17 X-KSE-AntiSpam-Info: {Tracking_from_exist} X-KSE-AntiSpam-Info: {Tracking_from_domain_doesnt_match_to} X-KSE-AntiSpam-Info: kaspersky.com:7.1.1;127.0.0.199:7.1.2;d41d8cd98f00b204e9800998ecf8427e.com:7.1.1;arseniy-pc.avp.ru:7.1.1 X-KSE-AntiSpam-Info: Rate: 0 X-KSE-AntiSpam-Info: Status: not_detected X-KSE-AntiSpam-Info: Method: none X-KSE-Antiphishing-Info: Clean X-KSE-Antiphishing-ScanningType: Deterministic X-KSE-Antiphishing-Method: None X-KSE-Antiphishing-Bases: 07/04/2021 07:45:00 X-KSE-AttachmentFiltering-Interceptor-Info: no applicable attachment filtering rules found X-KSE-Antivirus-Interceptor-Info: scan successful X-KSE-Antivirus-Info: Clean, bases: 04.07.2021 5:50:00 X-KSE-BulkMessagesFiltering-Scan-Result: InTheLimit X-KSE-AttachmentFiltering-Interceptor-Info: no applicable attachment filtering rules found X-KSE-BulkMessagesFiltering-Scan-Result: InTheLimit X-KLMS-Rule-ID: 52 X-KLMS-Message-Action: clean X-KLMS-AntiSpam-Status: not scanned, disabled by settings X-KLMS-AntiSpam-Interceptor-Info: not scanned X-KLMS-AntiPhishing: Clean, bases: 2021/07/04 06:12:00 X-KLMS-AntiVirus: Kaspersky Security for Linux Mail Server, version 8.0.3.30, bases: 2021/07/04 01:03:00 #16855183 X-KLMS-AntiVirus-Status: Clean, skipped Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add test where sender sends two message, each with own data pattern. Reader tries to read first to broken buffer: it has three pages size, but middle page is unmapped. Then, reader tries to read second message to valid buffer. Test checks, that uncopied part of first message was dropped and thus not copied as part of second message. Signed-off-by: Arseny Krasnov --- tools/testing/vsock/vsock_test.c | 120 +++++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) diff --git a/tools/testing/vsock/vsock_test.c b/tools/testing/vsock/vsock_test.c index 67766bfe176f..cdaa154fc3a9 100644 --- a/tools/testing/vsock/vsock_test.c +++ b/tools/testing/vsock/vsock_test.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "timeout.h" #include "control.h" @@ -385,6 +386,120 @@ static void test_seqpacket_msg_trunc_server(const struct test_opts *opts) close(fd); } +#define BUF_PATTERN_1 'a' +#define BUF_PATTERN_2 'b' + +static void test_seqpacket_invalid_rec_buffer_client(const struct test_opts *opts) +{ + int fd; + unsigned char *buf1; + unsigned char *buf2; + int buf_size = getpagesize() * 3; + + fd = vsock_seqpacket_connect(opts->peer_cid, 1234); + if (fd < 0) { + perror("connect"); + exit(EXIT_FAILURE); + } + + buf1 = malloc(buf_size); + if (!buf1) { + perror("'malloc()' for 'buf1'"); + exit(EXIT_FAILURE); + } + + buf2 = malloc(buf_size); + if (!buf2) { + perror("'malloc()' for 'buf2'"); + exit(EXIT_FAILURE); + } + + memset(buf1, BUF_PATTERN_1, buf_size); + memset(buf2, BUF_PATTERN_2, buf_size); + + if (send(fd, buf1, buf_size, 0) != buf_size) { + perror("send failed"); + exit(EXIT_FAILURE); + } + + if (send(fd, buf2, buf_size, 0) != buf_size) { + perror("send failed"); + exit(EXIT_FAILURE); + } + + close(fd); +} + +static void test_seqpacket_invalid_rec_buffer_server(const struct test_opts *opts) +{ + int fd; + unsigned char *broken_buf; + unsigned char *valid_buf; + int page_size = getpagesize(); + int buf_size = page_size * 3; + ssize_t res; + int prot = PROT_READ | PROT_WRITE; + int flags = MAP_PRIVATE | MAP_ANONYMOUS; + int i; + + fd = vsock_seqpacket_accept(VMADDR_CID_ANY, 1234, NULL); + if (fd < 0) { + perror("accept"); + exit(EXIT_FAILURE); + } + + /* Setup first buffer. */ + broken_buf = mmap(NULL, buf_size, prot, flags, -1, 0); + if (broken_buf == MAP_FAILED) { + perror("mmap for 'broken_buf'"); + exit(EXIT_FAILURE); + } + + /* Unmap "hole" in buffer. */ + if (munmap(broken_buf + page_size, page_size)) { + perror("'broken_buf' setup"); + exit(EXIT_FAILURE); + } + + valid_buf = mmap(NULL, buf_size, prot, flags, -1, 0); + if (valid_buf == MAP_FAILED) { + perror("mmap for 'valid_buf'"); + exit(EXIT_FAILURE); + } + + /* Try to fill buffer with unmapped middle. */ + res = read(fd, broken_buf, buf_size); + if (res != -1) { + perror("invalid read result of 'broken_buf'"); + exit(EXIT_FAILURE); + } + + if (errno != ENOMEM) { + perror("invalid errno of 'broken_buf'"); + exit(EXIT_FAILURE); + } + + /* Try to fill valid buffer. */ + res = read(fd, valid_buf, buf_size); + if (res != buf_size) { + perror("invalid read result of 'valid_buf'"); + exit(EXIT_FAILURE); + } + + for (i = 0; i < buf_size; i++) { + if (valid_buf[i] != BUF_PATTERN_2) { + perror("invalid pattern for valid buf"); + exit(EXIT_FAILURE); + } + } + + /* Unmap buffers. */ + munmap(broken_buf, page_size); + munmap(broken_buf + page_size * 2, page_size); + munmap(valid_buf, buf_size); + close(fd); +} + static struct test_case test_cases[] = { { .name = "SOCK_STREAM connection reset", @@ -425,6 +540,11 @@ static struct test_case test_cases[] = { .run_client = test_seqpacket_msg_trunc_client, .run_server = test_seqpacket_msg_trunc_server, }, + { + .name = "SOCK_SEQPACKET invalid receive buffer", + .run_client = test_seqpacket_invalid_rec_buffer_client, + .run_server = test_seqpacket_invalid_rec_buffer_server, + }, {}, }; -- 2.25.1