Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cheribsdtest: shm hoarding tests #2210

Merged
merged 3 commits into from
Sep 3, 2024
Merged

cheribsdtest: shm hoarding tests #2210

merged 3 commits into from
Sep 3, 2024

Conversation

brooksdavis
Copy link
Member

Add a couple tests for hoarding of capabilities in shared memory segments

  • cheri_revoke_shm_anon_hoard_unmapped demonstrates hoarding by an unmapped shared memory object
  • cheri_revoke_shm_anon_hoard_closed takes this a step further and removes the object from the file descriptor table by sending it to a child process while revocation runs

@brooksdavis brooksdavis requested a review from nwf August 28, 2024 20:41
nwf
nwf reviewed Aug 28, 2024
View reviewed changes
Copy link
Member

@nwf nwf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good demonstrators. Thanks!

bsdjhb
bsdjhb reviewed Aug 29, 2024
View reviewed changes
bin/cheribsdtest/cheribsdtest_vm.c Outdated Show resolved Hide resolved
bin/cheribsdtest/cheribsdtest_vm.c Outdated Show resolved Hide resolved
@brooksdavis
cheribsdtest: style in vm_shm_open_anon_unix_surprise
af89dfd
@brooksdavis
cheribsdtest: hoarding by unmapped shm object
071b76c 
Add cheri_revoke_shm_anon_hoard_unmapped which:
 - creates and maps a shared memory object
 - stores a pointer to malloced memory in the mapped object
 - unmaps the object
 - frees the pointer and triggers revocation
 - remaps the object
 - checks that the stored pointer was revoked (it is not)
@brooksdavis
cheribsdtest: hoarding by closed shm object
a9235c1 
Add cheri_revoke_shm_anon_hoard_closed which:
 - creates and maps a shared memory object
 - stores a pointer to malloced memory in the mapped object
 - unmaps the object
 - send the shared object file descriptor to a child process
 - closes the file descriptor
 - frees the pointer and triggers revocation
 - receives the file descriptor back from the child process
 - remaps the object
 - checks that the stored pointer was revoked (it is not)

This demostrates the futility of scanning the descriptor table for
shared memory objects during revocation and the necessity to bind them
to an address space.  (Lest one think it's possible to walk the graph
of sockets to find the graph of processes that might have a shared
memory object to search, the child could be replaced by a completely
independent hoarder daemon running on a unix domain socket in the file
system.)
@bsdjhb bsdjhb merged commit 37d2591 into dev Sep 3, 2024
29 checks passed
@bsdjhb bsdjhb deleted the cheribsdtest-shm-hording branch September 3, 2024 16:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nwf nwf nwf left review comments

@bsdjhb bsdjhb bsdjhb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@brooksdavis @nwf @bsdjhb