1*49a6e16fSderaadt /* $OpenBSD: t_mlock.c,v 1.3 2021/12/13 16:56:48 deraadt Exp $ */
27496d4e5Sbluhm /* $NetBSD: t_mlock.c,v 1.8 2020/01/24 08:45:16 skrll Exp $ */
3a545a52cSbluhm
4a545a52cSbluhm /*-
5a545a52cSbluhm * Copyright (c) 2012 The NetBSD Foundation, Inc.
6a545a52cSbluhm * All rights reserved.
7a545a52cSbluhm *
8a545a52cSbluhm * This code is derived from software contributed to The NetBSD Foundation
9a545a52cSbluhm * by Jukka Ruohonen.
10a545a52cSbluhm *
11a545a52cSbluhm * Redistribution and use in source and binary forms, with or without
12a545a52cSbluhm * modification, are permitted provided that the following conditions
13a545a52cSbluhm * are met:
14a545a52cSbluhm * 1. Redistributions of source code must retain the above copyright
15a545a52cSbluhm * notice, this list of conditions and the following disclaimer.
16a545a52cSbluhm * 2. Redistributions in binary form must reproduce the above copyright
17a545a52cSbluhm * notice, this list of conditions and the following disclaimer in the
18a545a52cSbluhm * documentation and/or other materials provided with the distribution.
19a545a52cSbluhm *
20a545a52cSbluhm * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21a545a52cSbluhm * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22a545a52cSbluhm * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23a545a52cSbluhm * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24a545a52cSbluhm * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25a545a52cSbluhm * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26a545a52cSbluhm * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27a545a52cSbluhm * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28a545a52cSbluhm * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29a545a52cSbluhm * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30a545a52cSbluhm * POSSIBILITY OF SUCH DAMAGE.
31a545a52cSbluhm */
32a545a52cSbluhm
33a545a52cSbluhm #include "macros.h"
34a545a52cSbluhm
35a545a52cSbluhm #include <sys/mman.h>
36a545a52cSbluhm #include <sys/resource.h>
37a545a52cSbluhm #include <sys/sysctl.h>
38a545a52cSbluhm #include <sys/wait.h>
39a545a52cSbluhm
40a545a52cSbluhm #include <errno.h>
41a545a52cSbluhm #include "atf-c.h"
42a545a52cSbluhm #include <stdint.h>
43a545a52cSbluhm #include <stdio.h>
44a545a52cSbluhm #include <stdlib.h>
45a545a52cSbluhm #include <string.h>
46a545a52cSbluhm #include <unistd.h>
47a545a52cSbluhm
48a545a52cSbluhm static long page = 0;
49a545a52cSbluhm
50a545a52cSbluhm ATF_TC(mlock_clip);
ATF_TC_HEAD(mlock_clip,tc)51a545a52cSbluhm ATF_TC_HEAD(mlock_clip, tc)
52a545a52cSbluhm {
53a545a52cSbluhm atf_tc_set_md_var(tc, "descr", "Test with mlock(2) that UVM only "
54a545a52cSbluhm "clips if the clip address is within the entry (PR kern/44788)");
55a545a52cSbluhm }
56a545a52cSbluhm
ATF_TC_BODY(mlock_clip,tc)57a545a52cSbluhm ATF_TC_BODY(mlock_clip, tc)
58a545a52cSbluhm {
59a545a52cSbluhm void *buf;
60a545a52cSbluhm int err1, err2;
61a545a52cSbluhm
62a545a52cSbluhm buf = malloc(page);
63a545a52cSbluhm ATF_REQUIRE(buf != NULL);
64a545a52cSbluhm fprintf(stderr, "mlock_clip: buf = %p (page=%ld)\n", buf, page);
65a545a52cSbluhm
66a545a52cSbluhm if (page < 1024)
67a545a52cSbluhm atf_tc_skip("page size too small");
68a545a52cSbluhm
69a545a52cSbluhm for (size_t i = page; i >= 1; i = i - 1024) {
70a545a52cSbluhm err1 = mlock(buf, page - i);
71a545a52cSbluhm if (err1 != 0)
72a545a52cSbluhm fprintf(stderr, "mlock_clip: page=%ld i=%zu,"
73a545a52cSbluhm " mlock(%p, %ld): %s\n", page, i, buf, page - i,
74a545a52cSbluhm strerror(errno));
75a545a52cSbluhm err2 = munlock(buf, page - i);
76a545a52cSbluhm if (err2 != 0)
77a545a52cSbluhm fprintf(stderr, "mlock_clip: page=%ld i=%zu,"
78a545a52cSbluhm " munlock(%p, %ld): %s (mlock %s)\n", page, i,
79a545a52cSbluhm buf, page - i, strerror(errno), err1?"failed":"ok");
80a545a52cSbluhm }
81a545a52cSbluhm
82a545a52cSbluhm free(buf);
83a545a52cSbluhm }
84a545a52cSbluhm
85a545a52cSbluhm ATF_TC(mlock_err);
ATF_TC_HEAD(mlock_err,tc)86a545a52cSbluhm ATF_TC_HEAD(mlock_err, tc)
87a545a52cSbluhm {
88a545a52cSbluhm atf_tc_set_md_var(tc, "descr",
89a545a52cSbluhm "Test error conditions in mlock(2) and munlock(2)");
90a545a52cSbluhm }
91a545a52cSbluhm
ATF_TC_BODY(mlock_err,tc)92a545a52cSbluhm ATF_TC_BODY(mlock_err, tc)
93a545a52cSbluhm {
94a545a52cSbluhm void *invalid_ptr;
95a545a52cSbluhm void *buf;
96a545a52cSbluhm int mlock_err, munlock_err;
97a545a52cSbluhm
98a545a52cSbluhm /*
99a545a52cSbluhm * Any bad address must return ENOMEM (for lock & unlock)
100a545a52cSbluhm */
101a545a52cSbluhm errno = 0;
102a545a52cSbluhm ATF_REQUIRE_ERRNO(ENOMEM, mlock(NULL, page) == -1);
103a545a52cSbluhm
104a545a52cSbluhm errno = 0;
105a545a52cSbluhm ATF_REQUIRE_ERRNO(ENOMEM, mlock((char *)0, page) == -1);
106a545a52cSbluhm
107a545a52cSbluhm errno = 0;
1087496d4e5Sbluhm #ifdef __OpenBSD__
109a545a52cSbluhm ATF_REQUIRE_ERRNO(EINVAL, mlock((char *)-1, page) == -1);
1107496d4e5Sbluhm #else
1117496d4e5Sbluhm ATF_REQUIRE_ERRNO(ENOMEM, mlock((char *)-1, page) == -1);
1127496d4e5Sbluhm #endif
113a545a52cSbluhm
114a545a52cSbluhm errno = 0;
115a545a52cSbluhm ATF_REQUIRE_ERRNO(ENOMEM, munlock(NULL, page) == -1);
116a545a52cSbluhm
117a545a52cSbluhm errno = 0;
118a545a52cSbluhm ATF_REQUIRE_ERRNO(ENOMEM, munlock((char *)0, page) == -1);
119a545a52cSbluhm
120a545a52cSbluhm errno = 0;
1217496d4e5Sbluhm #ifdef __OpenBSD__
122a545a52cSbluhm ATF_REQUIRE_ERRNO(EINVAL, munlock((char *)-1, page) == -1);
1237496d4e5Sbluhm #else
1247496d4e5Sbluhm ATF_REQUIRE_ERRNO(ENOMEM, munlock((char *)-1, page) == -1);
1257496d4e5Sbluhm #endif
126a545a52cSbluhm
127a545a52cSbluhm buf = malloc(page);
128a545a52cSbluhm ATF_REQUIRE(buf != NULL);
129a545a52cSbluhm fprintf(stderr, "mlock_err: buf = %p (page=%ld)\n", buf, page);
130a545a52cSbluhm
131a545a52cSbluhm /*
132a545a52cSbluhm * unlocking memory that is not locked is an error...
133a545a52cSbluhm */
134a545a52cSbluhm
1357496d4e5Sbluhm #ifndef __OpenBSD__
1367496d4e5Sbluhm errno = 0;
1377496d4e5Sbluhm ATF_REQUIRE_ERRNO(ENOMEM, munlock(buf, page) == -1);
1387496d4e5Sbluhm #endif
139a545a52cSbluhm
140a545a52cSbluhm /*
141a545a52cSbluhm * These are permitted to fail (EINVAL) but do not on NetBSD
142a545a52cSbluhm */
143a545a52cSbluhm mlock_err = mlock((void *)(((uintptr_t)buf) + page/3), page/5);
144a545a52cSbluhm if (mlock_err != 0)
145a545a52cSbluhm fprintf(stderr, "mlock_err: mlock(%p, %ld): %d [%d] %s\n",
146a545a52cSbluhm (void *)(((uintptr_t)buf) + page/3), page/5, mlock_err,
147a545a52cSbluhm errno, strerror(errno));
148a545a52cSbluhm ATF_REQUIRE(mlock_err == 0);
149a545a52cSbluhm munlock_err= munlock((void *)(((uintptr_t)buf) + page/3), page/5);
150a545a52cSbluhm if (munlock_err != 0)
151a545a52cSbluhm fprintf(stderr, "mlock_err: munlock(%p, %ld): %d [%d] %s\n",
152a545a52cSbluhm (void *)(((uintptr_t)buf) + page/3), page/5, munlock_err,
153a545a52cSbluhm errno, strerror(errno));
154a545a52cSbluhm ATF_REQUIRE(munlock_err == 0);
155a545a52cSbluhm
156a545a52cSbluhm (void)free(buf);
157a545a52cSbluhm
158a545a52cSbluhm /*
159a545a52cSbluhm * Try to create a pointer to an unmapped page - first after current
160a545a52cSbluhm * brk will likely do.
161a545a52cSbluhm */
162a545a52cSbluhm invalid_ptr = (void*)(((uintptr_t)sbrk(0)+page) & ~(page-1));
163a545a52cSbluhm printf("testing with (hopefully) invalid pointer %p\n", invalid_ptr);
164a545a52cSbluhm
165a545a52cSbluhm errno = 0;
166a545a52cSbluhm ATF_REQUIRE_ERRNO(ENOMEM, mlock(invalid_ptr, page) == -1);
167a545a52cSbluhm
168a545a52cSbluhm errno = 0;
169a545a52cSbluhm ATF_REQUIRE_ERRNO(ENOMEM, munlock(invalid_ptr, page) == -1);
170a545a52cSbluhm }
171a545a52cSbluhm
172a545a52cSbluhm ATF_TC(mlock_limits);
ATF_TC_HEAD(mlock_limits,tc)173a545a52cSbluhm ATF_TC_HEAD(mlock_limits, tc)
174a545a52cSbluhm {
175a545a52cSbluhm atf_tc_set_md_var(tc, "descr", "Test system limits with mlock(2)");
176a545a52cSbluhm }
177a545a52cSbluhm
ATF_TC_BODY(mlock_limits,tc)178a545a52cSbluhm ATF_TC_BODY(mlock_limits, tc)
179a545a52cSbluhm {
180a545a52cSbluhm struct rlimit res;
181a545a52cSbluhm void *buf;
182a545a52cSbluhm pid_t pid;
183a545a52cSbluhm int sta;
184a545a52cSbluhm
185a545a52cSbluhm buf = malloc(page);
186a545a52cSbluhm ATF_REQUIRE(buf != NULL);
187a545a52cSbluhm fprintf(stderr, "mlock_limits: buf = %p (page=%ld)\n", buf, page);
188a545a52cSbluhm
189a545a52cSbluhm pid = fork();
190a545a52cSbluhm ATF_REQUIRE(pid >= 0);
191a545a52cSbluhm
192a545a52cSbluhm if (pid == 0) {
193a545a52cSbluhm
194a545a52cSbluhm for (ssize_t i = page; i >= 2; i -= 100) {
195a545a52cSbluhm
196a545a52cSbluhm res.rlim_cur = i - 1;
197a545a52cSbluhm res.rlim_max = i - 1;
198a545a52cSbluhm
199a545a52cSbluhm (void)fprintf(stderr, "trying to lock %zu bytes "
200a545a52cSbluhm "with %zu byte limit\n", i, (size_t)res.rlim_cur);
201a545a52cSbluhm
202a545a52cSbluhm if (setrlimit(RLIMIT_MEMLOCK, &res) != 0)
203a545a52cSbluhm _exit(EXIT_FAILURE);
204a545a52cSbluhm
205a545a52cSbluhm errno = 0;
206a545a52cSbluhm
207a545a52cSbluhm if ((sta = mlock(buf, i)) != -1 || errno != EAGAIN) {
208a545a52cSbluhm fprintf(stderr, "mlock(%p, %zu): %d [%d] %s\n",
209a545a52cSbluhm buf, i, sta, errno, strerror(errno));
210a545a52cSbluhm (void)munlock(buf, i);
211a545a52cSbluhm _exit(EXIT_FAILURE);
212a545a52cSbluhm }
213a545a52cSbluhm }
214a545a52cSbluhm
215a545a52cSbluhm _exit(EXIT_SUCCESS);
216a545a52cSbluhm }
217a545a52cSbluhm
218a545a52cSbluhm (void)wait(&sta);
219a545a52cSbluhm
220a545a52cSbluhm if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
221a545a52cSbluhm atf_tc_fail("mlock(2) locked beyond system limits");
222a545a52cSbluhm
223a545a52cSbluhm free(buf);
224a545a52cSbluhm }
225a545a52cSbluhm
226a545a52cSbluhm ATF_TC(mlock_mmap);
ATF_TC_HEAD(mlock_mmap,tc)227a545a52cSbluhm ATF_TC_HEAD(mlock_mmap, tc)
228a545a52cSbluhm {
229a545a52cSbluhm atf_tc_set_md_var(tc, "descr", "Test mlock(2)-mmap(2) interaction");
230a545a52cSbluhm }
231a545a52cSbluhm
ATF_TC_BODY(mlock_mmap,tc)232a545a52cSbluhm ATF_TC_BODY(mlock_mmap, tc)
233a545a52cSbluhm {
2347496d4e5Sbluhm #ifdef __OpenBSD__
235a545a52cSbluhm static const int flags = MAP_ANON | MAP_PRIVATE;
2367496d4e5Sbluhm #else
2377496d4e5Sbluhm static const int flags = MAP_ANON | MAP_PRIVATE | MAP_WIRED;
2387496d4e5Sbluhm #endif
239a545a52cSbluhm void *buf;
240a545a52cSbluhm
241a545a52cSbluhm /*
242a545a52cSbluhm * Make a wired RW mapping and check that mlock(2)
243a545a52cSbluhm * does not fail for the (already locked) mapping.
244a545a52cSbluhm */
245a545a52cSbluhm buf = mmap(NULL, page, PROT_READ | PROT_WRITE, flags, -1, 0);
246a545a52cSbluhm
247a545a52cSbluhm if (buf == MAP_FAILED)
248a545a52cSbluhm fprintf(stderr,
249a545a52cSbluhm "mlock_mmap: mmap(NULL, %ld, %#x, %#x, -1, 0): MAP_FAILED"
250a545a52cSbluhm " [%d] %s\n", page, PROT_READ | PROT_WRITE, flags, errno,
251a545a52cSbluhm strerror(errno));
252a545a52cSbluhm
253a545a52cSbluhm ATF_REQUIRE(buf != MAP_FAILED);
254a545a52cSbluhm
255a545a52cSbluhm fprintf(stderr, "mlock_mmap: buf=%p, page=%ld\n", buf, page);
256a545a52cSbluhm
257a545a52cSbluhm ATF_REQUIRE(mlock(buf, page) == 0);
258a545a52cSbluhm ATF_REQUIRE(munlock(buf, page) == 0);
259a545a52cSbluhm ATF_REQUIRE(munmap(buf, page) == 0);
260a545a52cSbluhm ATF_REQUIRE(munlock(buf, page) != 0);
261a545a52cSbluhm
262a545a52cSbluhm fprintf(stderr, "mlock_mmap: first test succeeded\n");
263a545a52cSbluhm
264a545a52cSbluhm /*
265a545a52cSbluhm * But it should be impossible to mlock(2) a PROT_NONE mapping.
266a545a52cSbluhm */
267a545a52cSbluhm buf = mmap(NULL, page, PROT_NONE, flags, -1, 0);
268a545a52cSbluhm
269a545a52cSbluhm if (buf == MAP_FAILED)
270a545a52cSbluhm fprintf(stderr,
271a545a52cSbluhm "mlock_mmap: mmap(NULL, %ld, %#x, %#x, -1, 0): MAP_FAILED"
272a545a52cSbluhm " [%d] %s\n", page, PROT_NONE, flags, errno,
273a545a52cSbluhm strerror(errno));
274a545a52cSbluhm
275a545a52cSbluhm ATF_REQUIRE(buf != MAP_FAILED);
276a545a52cSbluhm ATF_REQUIRE(mlock(buf, page) != 0);
277a545a52cSbluhm ATF_REQUIRE(munmap(buf, page) == 0);
278a545a52cSbluhm
279a545a52cSbluhm fprintf(stderr, "mlock_mmap: second test succeeded\n");
280a545a52cSbluhm }
281a545a52cSbluhm
282a545a52cSbluhm ATF_TC(mlock_nested);
ATF_TC_HEAD(mlock_nested,tc)283a545a52cSbluhm ATF_TC_HEAD(mlock_nested, tc)
284a545a52cSbluhm {
285a545a52cSbluhm atf_tc_set_md_var(tc, "descr",
286a545a52cSbluhm "Test that consecutive mlock(2) calls succeed");
287a545a52cSbluhm }
288a545a52cSbluhm
ATF_TC_BODY(mlock_nested,tc)289a545a52cSbluhm ATF_TC_BODY(mlock_nested, tc)
290a545a52cSbluhm {
291a545a52cSbluhm const size_t maxiter = 100;
292a545a52cSbluhm void *buf;
293a545a52cSbluhm int err;
294a545a52cSbluhm
295a545a52cSbluhm buf = malloc(page);
296a545a52cSbluhm ATF_REQUIRE(buf != NULL);
297a545a52cSbluhm fprintf(stderr, "mlock_nested: buf = %p (page=%ld)\n", buf, page);
298a545a52cSbluhm
299a545a52cSbluhm for (size_t i = 0; i < maxiter; i++) {
300a545a52cSbluhm err = mlock(buf, page);
301a545a52cSbluhm if (err != 0)
302a545a52cSbluhm fprintf(stderr,
303a545a52cSbluhm "mlock_nested: i=%zu (of %zu) mlock(%p, %ld): %d [%d] %s\n",
304a545a52cSbluhm i, maxiter, buf, page, err, errno, strerror(errno));
305a545a52cSbluhm ATF_REQUIRE(err == 0);
306a545a52cSbluhm }
307a545a52cSbluhm
308a545a52cSbluhm err = munlock(buf, page);
309a545a52cSbluhm if (err != 0)
310a545a52cSbluhm fprintf(stderr, "mlock_nested: munlock(%p, %ld): %d [%d] %s\n",
311a545a52cSbluhm buf, page, err, errno, strerror(errno));
312a545a52cSbluhm ATF_REQUIRE(err == 0);
313a545a52cSbluhm free(buf);
314a545a52cSbluhm }
315a545a52cSbluhm
ATF_TP_ADD_TCS(tp)316a545a52cSbluhm ATF_TP_ADD_TCS(tp)
317a545a52cSbluhm {
318a545a52cSbluhm
319a545a52cSbluhm page = sysconf(_SC_PAGESIZE);
320a545a52cSbluhm ATF_REQUIRE(page >= 0);
321a545a52cSbluhm
322a545a52cSbluhm ATF_TP_ADD_TC(tp, mlock_clip);
323a545a52cSbluhm ATF_TP_ADD_TC(tp, mlock_err);
324a545a52cSbluhm ATF_TP_ADD_TC(tp, mlock_limits);
325a545a52cSbluhm ATF_TP_ADD_TC(tp, mlock_mmap);
326a545a52cSbluhm ATF_TP_ADD_TC(tp, mlock_nested);
327a545a52cSbluhm
328a545a52cSbluhm return atf_no_error();
329a545a52cSbluhm }
330