tech-toolchain archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Tests requiring MD hooks



On Mon, Jul 11, 2011 at 03:18:03AM +0200, Jean-Yves Migeon wrote:
 > We already have some tests covering read/write permission under
 > lib/libc/sys/t_mprotect, so I started to write code for the --x counterpart.
 > 
 > That seems to be a bit tricky to write in a portable way: testing --x
 > right in memory pages requires to put/copy some payload in a page and
 > call it. [...]

How about something like this:

void testme(void) {
   char buf[32768];
   uintptr_t addr = (uintptr_t)&buf;
   int fd;

   system("gcc -c victim.c");
   system("ld -mumble -static -Ttext %lu victim.o -o victim", addr);

   fd = open("victim");
   /* read elf headers, get offset and size of text and entrypoint */
   lseek(fd, text_offset, SEEK_SET);
   read(fd, buf, text_size);
   close(fd);
   mprotect(buf, sizeof(buf), whatever);
   entrypoint(argc, argv);
}

This requires some elf-specific code but not very much, and there
might be issues with linker scripts, but it should all be fairly
manageable.

(victim.o could also be built in advance, it's only the link that matters)

-- 
David A. Holland
dholland%netbsd.org@localhost


Home | Main Index | Thread Index | Old Index