[v3,2/3] init_module: To handle kernel module signature enforcement

Message ID	20240317093901.3212684-3-liwang@redhat.com
State	Accepted
Headers	show Return-Path: <ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it> From: Li Wang <liwang@redhat.com> To: ltp@lists.linux.it Date: Sun, 17 Mar 2024 17:39:00 +0800 Message-Id: <20240317093901.3212684-3-liwang@redhat.com> In-Reply-To: <20240317093901.3212684-1-liwang@redhat.com> References: <20240317093901.3212684-1-liwang@redhat.com> MIME-Version: 1.0 Subject: [LTP] [PATCH v3 2/3] init_module: To handle kernel module signature enforcement Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it Sender: "ltp" <ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>
Series	provide a unified way to parse /proc/cmdline \| expand [v3,0/3] provide a unified way to parse /proc/cmdline [v3,1/3] kconfig: add funtion to parse /proc/cmdline [v3,2/3] init_module: To handle kernel module signature enforcement [v3,3/3] stack_clash: make use of tst_kcmdline_parse

diff --git a/testcases/kernel/syscalls/delete_module/delete_module01.c b/testcases/kernel/syscalls/delete_module/delete_module01.c index 90d8b5289..11c4eae58 100644 --- a/testcases/kernel/syscalls/delete_module/delete_module01.c +++ b/testcases/kernel/syscalls/delete_module/delete_module01.c @@ -14,8 +14,10 @@ * Install dummy_del_mod.ko and delete it with delete_module(2). */ +#include <stdlib.h> #include "tst_test.h" #include "tst_module.h" +#include "tst_kconfig.h" #include "lapi/syscalls.h" #define MODULE_NAME "dummy_del_mod" @@ -25,6 +27,12 @@ static int module_loaded; static void do_delete_module(void) { + struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce"); + + tst_kcmdline_parse(&params, 1); + if (atoi(params.value) == 1) + tst_brk(TCONF, "module signature is enforced, skip test"); + if (!module_loaded) { tst_module_load(MODULE_NAME_KO, NULL); module_loaded = 1; diff --git a/testcases/kernel/syscalls/delete_module/delete_module03.c b/testcases/kernel/syscalls/delete_module/delete_module03.c index 7e92fc2af..fdf0c293d 100644 --- a/testcases/kernel/syscalls/delete_module/delete_module03.c +++ b/testcases/kernel/syscalls/delete_module/delete_module03.c @@ -12,9 +12,11 @@ * if tried to remove a module while other modules depend on this module. */ +#include <stdlib.h> #include <errno.h> #include "tst_test.h" #include "tst_module.h" +#include "tst_kconfig.h" #include "lapi/syscalls.h" #define DUMMY_MOD "dummy_del_mod" @@ -50,6 +52,12 @@ static void do_delete_module(void) static void setup(void) { + struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce"); + + tst_kcmdline_parse(&params, 1); + if (atoi(params.value) == 1) + tst_brk(TCONF, "module signature is enforced, skip test"); + /* Load first kernel module */ tst_module_load(DUMMY_MOD_KO, NULL); dummy_mod_loaded = 1; diff --git a/testcases/kernel/syscalls/finit_module/finit_module01.c b/testcases/kernel/syscalls/finit_module/finit_module01.c index 1929c30fa..1546d4fb7 100644 --- a/testcases/kernel/syscalls/finit_module/finit_module01.c +++ b/testcases/kernel/syscalls/finit_module/finit_module01.c @@ -13,18 +13,26 @@ * Inserts a simple module after opening and mmaping the module file. */ +#include <stdlib.h> #include <errno.h> #include "lapi/init_module.h" #include "tst_module.h" +#include "tst_kconfig.h" #define MODULE_NAME "finit_module.ko" -static int fd; +static int fd, sig_enforce; static char *mod_path; static void setup(void) { + struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce"); + + tst_kcmdline_parse(&params, 1); + if (params.found) + sig_enforce = atoi(params.value); + tst_module_exists(MODULE_NAME, &mod_path); fd = SAFE_OPEN(mod_path, O_RDONLY|O_CLOEXEC); @@ -32,6 +40,12 @@ static void setup(void) static void run(void) { + if (sig_enforce == 1) { + tst_res(TINFO, "module signature is enforced"); + TST_EXP_FAIL(finit_module(fd, "status=valid", 0), EKEYREJECTED); + return; + } + TST_EXP_PASS(finit_module(fd, "status=valid", 0)); if (!TST_PASS) return; diff --git a/testcases/kernel/syscalls/finit_module/finit_module02.c b/testcases/kernel/syscalls/finit_module/finit_module02.c index 223d9b388..2fe70af4d 100644 --- a/testcases/kernel/syscalls/finit_module/finit_module02.c +++ b/testcases/kernel/syscalls/finit_module/finit_module02.c @@ -14,9 +14,11 @@ */ #include <linux/capability.h> +#include <stdlib.h> #include <errno.h> #include "lapi/init_module.h" #include "tst_module.h" +#include "tst_kconfig.h" #include "tst_capability.h" #define MODULE_NAME "finit_module.ko" @@ -25,7 +27,7 @@ static char *mod_path; static int fd, fd_zero, fd_invalid = -1, fd_dir; -static int kernel_lockdown, secure_boot; +static int kernel_lockdown, secure_boot, sig_enforce; static struct tst_cap cap_req = TST_CAP(TST_CAP_REQ, CAP_SYS_MODULE); static struct tst_cap cap_drop = TST_CAP(TST_CAP_DROP, CAP_SYS_MODULE); @@ -59,27 +61,27 @@ static void dir_setup(struct tcase *tc) } static struct tcase tcases[] = { - {"invalid-fd", &fd_invalid, "", O_RDONLY | O_CLOEXEC, 0, 0, 0, 0, - bad_fd_setup}, + {"invalid-fd", &fd_invalid, "", O_RDONLY | O_CLOEXEC, 0, 0, 0, 0, bad_fd_setup}, {"zero-fd", &fd_zero, "", O_RDONLY | O_CLOEXEC, 0, 0, EINVAL, 0, NULL}, {"null-param", &fd, NULL, O_RDONLY | O_CLOEXEC, 0, 0, EFAULT, 1, NULL}, - {"invalid-param", &fd, "status=invalid", O_RDONLY | O_CLOEXEC, 0, 0, - EINVAL, 1, NULL}, - {"invalid-flags", &fd, "", O_RDONLY | O_CLOEXEC, -1, 0, EINVAL, 0, - NULL}, + {"invalid-param", &fd, "status=invalid", O_RDONLY | O_CLOEXEC, 0, 0, EINVAL, 1, NULL}, + {"invalid-flags", &fd, "", O_RDONLY | O_CLOEXEC, -1, 0, EINVAL, 0, NULL}, {"no-perm", &fd, "", O_RDONLY | O_CLOEXEC, 0, 1, EPERM, 0, NULL}, - {"module-exists", &fd, "", O_RDONLY | O_CLOEXEC, 0, 0, EEXIST, 1, - NULL}, - {"file-not-readable", &fd, "", O_WRONLY | O_CLOEXEC, 0, 0, EBADF, 0, - NULL}, - {"file-readwrite", &fd, "", O_RDWR | O_CLOEXEC, 0, 0, ETXTBSY, 0, - NULL}, + {"module-exists", &fd, "", O_RDONLY | O_CLOEXEC, 0, 0, EEXIST, 1, NULL}, + {"module-unsigned", &fd, "", O_RDONLY | O_CLOEXEC, 0, 0, EKEYREJECTED, 1, NULL}, + {"file-not-readable", &fd, "", O_WRONLY | O_CLOEXEC, 0, 0, EBADF, 0, NULL}, + {"file-readwrite", &fd, "", O_RDWR | O_CLOEXEC, 0, 0, ETXTBSY, 0, NULL}, {"directory", &fd_dir, "", O_RDONLY | O_CLOEXEC, 0, 0, 0, 0, dir_setup}, }; static void setup(void) { unsigned long int i; + struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce"); + + tst_kcmdline_parse(&params, 1); + if (params.found) + sig_enforce = atoi(params.value); tst_module_exists(MODULE_NAME, &mod_path); @@ -109,6 +111,16 @@ static void run(unsigned int n) return; } + if ((sig_enforce == 1) && (tc->exp_errno != EKEYREJECTED)) { + tst_res(TCONF, "module signature is enforced, skipping %s", tc->name); + return; + } + + if ((sig_enforce != 1) && (tc->exp_errno == EKEYREJECTED)) { + tst_res(TCONF, "module signature is not enforced, skipping %s", tc->name); + return; + } + fd = SAFE_OPEN(mod_path, tc->open_flags); if (tc->cap) diff --git a/testcases/kernel/syscalls/init_module/init_module01.c b/testcases/kernel/syscalls/init_module/init_module01.c index 26ff0b93b..27a1fc627 100644 --- a/testcases/kernel/syscalls/init_module/init_module01.c +++ b/testcases/kernel/syscalls/init_module/init_module01.c @@ -13,18 +13,26 @@ * Inserts a simple module after opening and mmaping the module file. */ +#include <stdlib.h> #include <errno.h> #include "lapi/init_module.h" #include "tst_module.h" +#include "tst_kconfig.h" #define MODULE_NAME "init_module.ko" static struct stat sb; static void *buf; +static int sig_enforce; static void setup(void) { int fd; + struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce"); + + tst_kcmdline_parse(&params, 1); + if (params.found) + sig_enforce = atoi(params.value); tst_module_exists(MODULE_NAME, NULL); @@ -36,6 +44,12 @@ static void setup(void) static void run(void) { + if (sig_enforce == 1) { + tst_res(TINFO, "module signature is enforced"); + TST_EXP_FAIL(init_module(buf, sb.st_size, "status=valid"), EKEYREJECTED); + return; + } + TST_EXP_PASS(init_module(buf, sb.st_size, "status=valid")); if (!TST_PASS) return; diff --git a/testcases/kernel/syscalls/init_module/init_module02.c b/testcases/kernel/syscalls/init_module/init_module02.c index e6730e21c..68d9ff16b 100644 --- a/testcases/kernel/syscalls/init_module/init_module02.c +++ b/testcases/kernel/syscalls/init_module/init_module02.c @@ -14,15 +14,17 @@ */ #include <linux/capability.h> +#include <stdlib.h> #include <errno.h> #include "lapi/init_module.h" +#include "tst_kconfig.h" #include "tst_module.h" #include "tst_capability.h" #define MODULE_NAME "init_module.ko" static unsigned long size, zero_size; -static int kernel_lockdown, secure_boot; +static int kernel_lockdown, secure_boot, sig_enforce; static void *buf, *faulty_buf, *null_buf; static struct tst_cap cap_req = TST_CAP(TST_CAP_REQ, CAP_SYS_MODULE); @@ -44,12 +46,18 @@ static struct tcase { {"invalid_param", &buf, &size, "status=invalid", 0, 1, EINVAL}, {"no-perm", &buf, &size, "", 1, 0, EPERM}, {"module-exists", &buf, &size, "", 0, 1, EEXIST}, + {"module-unsigned", &buf, &size, "", 0, 1, EKEYREJECTED}, }; static void setup(void) { struct stat sb; int fd; + struct tst_kcmdline_var params = TST_KCMDLINE_INIT("module.sig_enforce"); + + tst_kcmdline_parse(&params, 1); + if (params.found) + sig_enforce = atoi(params.value); tst_module_exists(MODULE_NAME, NULL); @@ -73,6 +81,16 @@ static void run(unsigned int n) return; } + if ((sig_enforce == 1) && (tc->exp_errno != EKEYREJECTED)) { + tst_res(TCONF, "module signature is enforced, skipping %s", tc->name); + return; + } + + if ((sig_enforce != 1) && (tc->exp_errno == EKEYREJECTED)) { + tst_res(TCONF, "module signature is not enforced, skipping %s", tc->name); + return; + } + if (tc->cap) tst_cap_action(&cap_drop);

[v3,2/3] init_module: To handle kernel module signature enforcement

Commit Message

Patch