1# Copyright (c) 2018 The NetBSD Foundation, Inc.
2# All rights reserved.
3#
4# This code is derived from software contributed to The NetBSD Foundation
5# by Yang Zheng.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
17# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
20# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26# POSSIBILITY OF SUCH DAMAGE.
27#
28
29test_target()
30{
31          SUPPORT='n'
32          if uname -m | grep -q "amd64" && command -v cc >/dev/null 2>&1 && \
33                       ! echo __clang__ | cc -E - | grep -q __clang__; then
34                    # only clang with major version newer than 7 is supported
35                    CLANG_MAJOR=`echo __clang_major__ | cc -E - | grep -o '^[[:digit:]]'`
36                    if [ "$CLANG_MAJOR" -ge "7" ]; then
37                              SUPPORT='y'
38                    fi
39          fi
40}
41
42atf_test_case poison
43poison_head() {
44          atf_set "descr" "Test memory sanitizer for __msan_poison interface"
45          atf_set "require.progs" "cc paxctl"
46}
47
48atf_test_case poison_profile
49poison_profile_head() {
50          atf_set "descr" "Test memory sanitizer for __msan_poison with profiling option"
51          atf_set "require.progs" "cc paxctl"
52}
53atf_test_case poison_pic
54poison_pic_head() {
55          atf_set "descr" "Test memory sanitizer for __msan_poison with position independent code (PIC) flag"
56          atf_set "require.progs" "cc paxctl"
57}
58atf_test_case poison_pie
59poison_pie_head() {
60          atf_set "descr" "Test memory sanitizer for __msan_poison with position independent execution (PIE) flag"
61          atf_set "require.progs" "cc paxctl"
62}
63
64poison_body(){
65          cat > test.c << EOF
66#include <sanitizer/msan_interface.h>
67
68int main(void) {
69  char p[32] = {};
70  __msan_poison(p + 10, 2);
71
72  __msan_check_mem_is_initialized(p + 5, 20);
73  return 0;
74}
75EOF
76
77          cc -fsanitize=memory -o test test.c
78          paxctl +a test
79          atf_check -s ignore -o ignore -e match:"Uninitialized bytes in __msan_check_mem_is_initialized at offset 5 inside" ./test
80}
81
82poison_profile_body(){
83          cat > test.c << EOF
84#include <sanitizer/msan_interface.h>
85
86int main(void) {
87  char p[32] = {};
88  __msan_poison(p + 10, 2);
89
90  __msan_check_mem_is_initialized(p + 5, 20);
91  return 0;
92}
93EOF
94
95          cc -fsanitize=memory -static -o test -pg test.c
96          paxctl +a test
97          atf_check -s ignore -o ignore -e match:"Uninitialized bytes in __msan_check_mem_is_initialized at offset 5 inside" ./test
98}
99
100poison_pic_body(){
101          cat > test.c << EOF
102#include <stdio.h>
103#include <stdlib.h>
104int help(int);
105int main(int argc, char **argv) {return help(argc);}
106EOF
107
108          cat > pic.c << EOF
109#include <sanitizer/msan_interface.h>
110
111int help(int argc) {
112  char p[32] = {};
113  __msan_poison(p + 10, 2);
114
115  __msan_check_mem_is_initialized(p + 5, 20);
116  return 0;
117}
118EOF
119
120          cc -fsanitize=memory -fPIC -shared -o libtest.so pic.c
121          cc -o test test.c -fsanitize=memory -L. -ltest
122          paxctl +a test
123
124          export LD_LIBRARY_PATH=.
125          atf_check -s ignore -o ignore -e match:"Uninitialized bytes in __msan_check_mem_is_initialized at offset 5 inside" ./test
126}
127poison_pie_body(){
128
129          #check whether -pie flag is supported on this architecture
130          if ! cc -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then
131                    atf_set_skip "cc -pie not supported on this architecture"
132          fi
133          cat > test.c << EOF
134#include <sanitizer/msan_interface.h>
135
136int main(void) {
137  char p[32] = {};
138  __msan_poison(p + 10, 2);
139
140  __msan_check_mem_is_initialized(p + 5, 20);
141  return 0;
142}
143EOF
144
145          cc -fsanitize=memory -o test -fpie -pie test.c
146          paxctl +a test
147          atf_check -s ignore -o ignore -e match:"Uninitialized bytes in __msan_check_mem_is_initialized at offset 5 inside" ./test
148}
149
150atf_test_case target_not_supported
151target_not_supported_head()
152{
153          atf_set "descr" "Test forced skip"
154}
155
156target_not_supported_body()
157{
158          atf_skip "Target is not supported"
159}
160
161atf_init_test_cases()
162{
163          test_target
164          test $SUPPORT = 'n' && {
165                    atf_add_test_case target_not_supported
166                    return 0
167          }
168          atf_add_test_case poison
169          atf_add_test_case poison_profile
170          atf_add_test_case poison_pie
171          atf_add_test_case poison_pic
172}
173