Print this page
Code review comments from jeffpc
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/test/os-tests/tests/secflags/secflags_psecflags.sh
+++ new/usr/src/test/os-tests/tests/secflags/secflags_psecflags.sh
1 1 #! /usr/bin/ksh
2 2 #
3 3 #
4 4 # This file and its contents are supplied under the terms of the
5 5 # Common Development and Distribution License ("CDDL"), version 1.0.
6 6 # You may only use this file in accordance with the terms of version
7 7 # 1.0 of the CDDL.
8 8 #
9 9 # A full copy of the text of the CDDL should have accompanied this
10 10 # source. A copy of the CDDL is also available via the Internet at
11 11 # http://www.illumos.org/license/CDDL.
12 12 #
13 13
14 14 #
15 15 # Copyright 2015, Richard Lowe.
16 16 #
17 17
18 18 mkdir /tmp/$$-secflags-test
19 19 cd /tmp/$$-secflags-test
20 20
21 21 /usr/bin/psecflags -s none $$ # Clear ourselves out
22 22 cat > expected <<EOF
23 23 I: none
24 24 EOF
25 25
26 26 /usr/bin/psecflags $$ | grep I: > output
27 27 diff -u expected output || exit 1 # Make sure the setting of 'none' worked
28 28
29 29 cleanup() {
30 30 cd /
31 31 rm -fr /tmp/$$-secflags-test
32 32 }
33 33 trap cleanup EXIT
34 34
35 35 ## Tests of manipulating a running process (ourselves)
36 36
37 37 self_set() {
38 38 echo "Set (self)"
39 39 /usr/bin/psecflags -s aslr $$
40 40
41 41 cat > expected <<EOF
42 42 I: aslr
|
↓ open down ↓ |
42 lines elided |
↑ open up ↑ |
43 43 EOF
44 44
45 45 /usr/bin/psecflags $$ | grep I: > output
46 46 diff -u expected output || exit 1
47 47 }
48 48
49 49 self_add() {
50 50 echo "Add (self)"
51 51 /usr/bin/psecflags -s current,noexecstack $$
52 52 cat > expected <<EOF
53 - I: aslr, noexecstack
53 + I: aslr,noexecstack
54 54 EOF
55 55
56 56 /usr/bin/psecflags $$ | grep I: > output
57 57 diff -u expected output || exit 1
58 58 }
59 59
60 60 self_remove() {
61 61 echo "Remove (self)"
62 62 /usr/bin/psecflags -s current,-aslr $$
63 63 cat > expected <<EOF
64 64 I: noexecstack
65 65 EOF
66 66
67 67 /usr/bin/psecflags $$ | grep I: > output
68 68 diff -u expected output || exit 1
69 69 }
70 70
71 71 self_all() {
72 72 echo "All (self)"
73 73 /usr/bin/psecflags -s all $$
74 74 /usr/bin/psecflags $$ | grep -q 'I:.*,.*,' || exit 1 # This is lame, but functional
75 75 }
76 76
77 77 self_none() {
78 78 echo "None (self)"
79 79 /usr/bin/psecflags -s all $$
80 80 /usr/bin/psecflags -s none $$
81 81 cat > expected <<EOF
82 82 I: none
83 83 EOF
84 84 /usr/bin/psecflags $$ | grep I: > output
85 85 diff -u expected output || exit 1
86 86 }
87 87
88 88 child_set() {
89 89 echo "Set (child)"
90 90
91 91 typeset pid;
92 92
93 93 /usr/bin/psecflags -s aslr -e sleep 10000 &
94 94 pid=$!
95 95 cat > expected <<EOF
96 96 E: aslr
97 97 I: aslr
98 98 EOF
99 99 /usr/bin/psecflags $pid | grep '[IE]:' > output
100 100 kill $pid
101 101 diff -u expected output || exit 1
102 102 }
|
↓ open down ↓ |
39 lines elided |
↑ open up ↑ |
103 103
104 104 child_add() {
105 105 echo "Add (child)"
106 106
107 107 typeset pid;
108 108
109 109 /usr/bin/psecflags -s aslr $$
110 110 /usr/bin/psecflags -s current,noexecstack -e sleep 10000 &
111 111 pid=$!
112 112 cat > expected <<EOF
113 - E: aslr, noexecstack
114 - I: aslr, noexecstack
113 + E: aslr,noexecstack
114 + I: aslr,noexecstack
115 115 EOF
116 116 /usr/bin/psecflags $pid | grep '[IE]:' > output
117 117 kill $pid
118 118 /usr/bin/psecflags -s none $$
119 119 diff -u expected output || exit 1
120 120 }
121 121
122 122 child_remove() {
123 123 echo "Remove (child)"
124 124
125 125 typeset pid;
126 126
127 127 /usr/bin/psecflags -s aslr $$
128 128 /usr/bin/psecflags -s current,-aslr -e sleep 10000 &
129 129 pid=$!
130 130 cat > expected <<EOF
131 131 E: none
132 132 I: none
133 133 EOF
134 134 /usr/bin/psecflags $pid | grep '[IE]:' > output
135 135 kill $pid
136 136 /usr/bin/psecflags -s none $$
137 137 diff -u expected output || exit 1
138 138 }
139 139
140 140 child_all() {
141 141 echo "All (child)"
142 142
143 143 typeset pid ret
144 144
145 145 /usr/bin/psecflags -s all -e sleep 10000 &
146 146 pid=$!
147 147 /usr/bin/psecflags $pid | grep -q 'E:.*,.*,' # This is lame, but functional
148 148 ret=$?
149 149 kill $pid
150 150 (( $ret != 0 )) && exit $ret
151 151 }
152 152
153 153 child_none() {
154 154 echo "None (child)"
155 155
156 156 typeset pid
157 157
158 158 /usr/bin/psecflags -s all $$
159 159
160 160 /usr/bin/psecflags -s none -e sleep 10000 &
161 161 pid=$!
162 162 cat > expected <<EOF
163 163 E: none
164 164 I: none
165 165 EOF
166 166 /usr/bin/psecflags $pid | grep '[IE]:' > output
167 167 kill $pid
168 168 diff -u expected output || exit 1
169 169 }
170 170
171 171 list() {
172 172 echo "List"
173 173 cat > expected<<EOF
174 174 aslr
175 175 forbidnullmap
176 176 noexecstack
177 177 EOF
178 178
179 179 /usr/bin/psecflags -l > output
180 180 diff -u expected output || exit 1
181 181 }
182 182
183 183 self_set
184 184 self_add
185 185 self_remove
186 186 self_all
187 187 self_none
188 188 child_set
189 189 child_add
190 190 child_remove
191 191 child_all
192 192 child_none
193 193 list
194 194
195 195 exit 0
|
↓ open down ↓ |
71 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX