xref: /freebsd/tests/sys/kern/kern_copyin.c (revision 18054d0220cfc8df9c9568c437bd6fbb59d53c3c) 
1 /*-
2  * Copyright (c) 2015, 2020 The FreeBSD Foundation
3  * All rights reserved.
4  *
5  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
6  * under sponsorship from the FreeBSD Foundation.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
32 
33 #include <sys/param.h>
34 #include <sys/exec.h>
35 #include <sys/sysctl.h>
36 #include <sys/user.h>
37 
38 #include <errno.h>
39 #include <fcntl.h>
40 #include <limits.h>
41 #include <stdio.h>
42 #include <stdlib.h>
43 #include <unistd.h>
44 #include <atf-c.h>
45 #include <vm/vm.h>
46 #include <vm/pmap.h>
47 #include <machine/vmparam.h>
48 
49 static int scratch_file;
50 
51 static int
52 copyin_checker(uintptr_t uaddr, size_t len)
53 {
54 	ssize_t ret;
55 
56 	ret = write(scratch_file, (const void *)uaddr, len);
57 	return (ret == -1 ? errno : 0);
58 }
59 
60 #if __SIZEOF_POINTER__ == 8
61 /*
62  * A slightly more direct path to calling copyin(), but without the ability
63  * to specify a length.
64  */
65 static int
66 copyin_checker2(uintptr_t uaddr)
67 {
68 	int ret;
69 
70 	ret = fcntl(scratch_file, F_GETLK, (const void *)uaddr);
71 	return (ret == -1 ? errno : 0);
72 }
73 #endif
74 
75 #ifdef __amd64__
76 static uintptr_t
77 get_maxuser_address(void)
78 {
79 	struct kinfo_vm_layout kvm;
80 	size_t len;
81 	int error, mib[4];
82 
83 	mib[0] = CTL_KERN;
84 	mib[1] = KERN_PROC;
85 	mib[2] = KERN_PROC_VM_LAYOUT;
86 	mib[3] = getpid();
87 	len = sizeof(kvm);
88 	error = sysctl(mib, nitems(mib), &kvm, &len, NULL, 0);
89 	if (error != 0)
90 		return (0);
91 
92 	return (kvm.kvm_max_user_addr);
93 }
94 #endif
95 
96 #define	FMAX	ULONG_MAX
97 #if __SIZEOF_POINTER__ == 8
98 /* PR 257193 */
99 #define	ADDR_SIGNED	0x800000c000000000
100 #endif
101 
102 ATF_TC_WITHOUT_HEAD(kern_copyin);
103 ATF_TC_BODY(kern_copyin, tc)
104 {
105 	char template[] = "copyin.XXXXXX";
106 	uintptr_t maxuser;
107 
108 #if defined(__mips__)
109 	/*
110 	 * MIPS has different VM layout: the UVA map on mips ends the
111 	 * highest mapped entry at the VM_MAXUSER_ADDRESS - PAGE_SIZE,
112 	 * while all other arches map either stack or shared page up
113 	 * to the VM_MAXUSER_ADDRESS.
114 	 */
115 	maxuser = VM_MAXUSER_ADDRESS - PAGE_SIZE;
116 #elif defined(__amd64__)
117 	maxuser = get_maxuser_address();
118 	ATF_REQUIRE(maxuser != 0);
119 #else
120 	maxuser = VM_MAXUSER_ADDRESS;
121 #endif
122 
123 	scratch_file = mkstemp(template);
124 	ATF_REQUIRE(scratch_file != -1);
125 	unlink(template);
126 
127 	ATF_CHECK(copyin_checker(0, 0) == 0);
128 	ATF_CHECK(copyin_checker(maxuser - 10, 9) == 0);
129 	ATF_CHECK(copyin_checker(maxuser - 10, 10) == 0);
130 	ATF_CHECK(copyin_checker(maxuser - 10, 11) == EFAULT);
131 	ATF_CHECK(copyin_checker(maxuser - 1, 1) == 0);
132 	ATF_CHECK(copyin_checker(maxuser, 0) == 0);
133 	ATF_CHECK(copyin_checker(maxuser, 1) == EFAULT);
134 	ATF_CHECK(copyin_checker(maxuser, 2) == EFAULT);
135 	ATF_CHECK(copyin_checker(maxuser + 1, 0) == 0);
136 	ATF_CHECK(copyin_checker(maxuser + 1, 2) == EFAULT);
137 	ATF_CHECK(copyin_checker(FMAX - 10, 9) == EFAULT);
138 	ATF_CHECK(copyin_checker(FMAX - 10, 10) == EFAULT);
139 	ATF_CHECK(copyin_checker(FMAX - 10, 11) == EFAULT);
140 #if __SIZEOF_POINTER__ == 8
141 	ATF_CHECK(copyin_checker(ADDR_SIGNED, 1) == EFAULT);
142 	ATF_CHECK(copyin_checker2(ADDR_SIGNED) == EFAULT);
143 #endif
144 }
145 
146 ATF_TP_ADD_TCS(tp)
147 {
148 
149 	ATF_TP_ADD_TC(tp, kern_copyin);
150 	return (atf_no_error());
151 }
152