xnu-11417.140.69/tests/sr_entitlement.c

*43a90889SApple OSS Distributions#include <stdlib.h>
*43a90889SApple OSS Distributions#include <unistd.h>
*43a90889SApple OSS Distributions#include <sys/sysctl.h>
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions#include <darwintest.h>
*43a90889SApple OSS Distributions#include <darwintest_utils.h>
*43a90889SApple OSS Distributions
*43a90889SApple OSS DistributionsT_GLOBAL_META(T_META_RUN_CONCURRENTLY(false));
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributionsstatic int after_regions = 0;
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions/*
*43a90889SApple OSS Distributions * No system(3c) on watchOS, so provide our own.
*43a90889SApple OSS Distributions */
*43a90889SApple OSS Distributionsstatic int
*43a90889SApple OSS Distributionsmy_system(const char *command)
*43a90889SApple OSS Distributions{
*43a90889SApple OSS Distributions	pid_t pid;
*43a90889SApple OSS Distributions	int status = 0;
*43a90889SApple OSS Distributions	const char *argv[] = {
*43a90889SApple OSS Distributions		"/bin/sh",
*43a90889SApple OSS Distributions		"-c",
*43a90889SApple OSS Distributions		command,
*43a90889SApple OSS Distributions		NULL
*43a90889SApple OSS Distributions	};
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	if (dt_launch_tool(&pid, (char **)(void *)argv, FALSE, NULL, NULL)) {
*43a90889SApple OSS Distributions		return -1;
*43a90889SApple OSS Distributions	}
*43a90889SApple OSS Distributions	sleep(2); /* let the child start running */
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	size_t size = sizeof(after_regions);
*43a90889SApple OSS Distributions	int ret = sysctlbyname("vm.shared_region_pager_count", &after_regions, &size, NULL, 0);
*43a90889SApple OSS Distributions	T_QUIET; T_EXPECT_POSIX_SUCCESS(ret, "get shared_region_pager_count after");
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	if (!dt_waitpid(pid, &status, NULL, 30)) {
*43a90889SApple OSS Distributions		if (status != 0) {
*43a90889SApple OSS Distributions			return status;
*43a90889SApple OSS Distributions		}
*43a90889SApple OSS Distributions		return -1;
*43a90889SApple OSS Distributions	}
*43a90889SApple OSS Distributions	return status;
*43a90889SApple OSS Distributions}
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions/*
*43a90889SApple OSS Distributions * If shared regions by entitlement was not originally active, turn it back off.
*43a90889SApple OSS Distributions */
*43a90889SApple OSS Distributionsstatic int orig_setting = 0;
*43a90889SApple OSS Distributionsstatic void
*43a90889SApple OSS Distributionscleanup(void)
*43a90889SApple OSS Distributions{
*43a90889SApple OSS Distributions	int ret;
*43a90889SApple OSS Distributions	int off = 0;
*43a90889SApple OSS Distributions	size_t size_off = sizeof(off);
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	if (orig_setting == 0) {
*43a90889SApple OSS Distributions		ret = sysctlbyname("vm.vm_shared_region_by_entitlement", NULL, NULL, &off, size_off);
*43a90889SApple OSS Distributions		T_QUIET; T_EXPECT_POSIX_SUCCESS(ret, "turning sysctl back off");
*43a90889SApple OSS Distributions	}
*43a90889SApple OSS Distributions}
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions/*
*43a90889SApple OSS Distributions * This test:
*43a90889SApple OSS Distributions * - looks at the number of shared region pagers,
*43a90889SApple OSS Distributions * - launches a helper app that has entitlement for unique signing
*43a90889SApple OSS Distributions * - gets the number of shared region pagers again.
*43a90889SApple OSS Distributions * It expects to see additional shared region pager(s) to exist.
*43a90889SApple OSS Distributions *
*43a90889SApple OSS Distributions */
*43a90889SApple OSS DistributionsT_DECL(sr_entitlement, "shared region by entitlement test")
*43a90889SApple OSS Distributions{
*43a90889SApple OSS Distributions	int ret;
*43a90889SApple OSS Distributions	size_t size;
*43a90889SApple OSS Distributions	int before_regions = 0;
*43a90889SApple OSS Distributions	int on = 1;
*43a90889SApple OSS Distributions	size_t size_on = sizeof(on);
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions#if !__arm64e__
*43a90889SApple OSS Distributions	T_SKIP("No pointer authentication support");
*43a90889SApple OSS Distributions#endif
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	/*
*43a90889SApple OSS Distributions	 * Check if the sysctl vm_shared_region_by_entitlement exists and if so make
*43a90889SApple OSS Distributions	 * sure it is set.
*43a90889SApple OSS Distributions	 */
*43a90889SApple OSS Distributions	size = sizeof(orig_setting);
*43a90889SApple OSS Distributions	ret = sysctlbyname("vm.vm_shared_region_by_entitlement", &orig_setting, &size, &on, size_on);
*43a90889SApple OSS Distributions	if (ret != 0) {
*43a90889SApple OSS Distributions		T_SKIP("No pointer authentication support");
*43a90889SApple OSS Distributions	}
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	T_ATEND(cleanup);
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	size = sizeof(before_regions);
*43a90889SApple OSS Distributions	ret = sysctlbyname("vm.shared_region_pager_count", &before_regions, &size, NULL, 0);
*43a90889SApple OSS Distributions	T_QUIET; T_EXPECT_POSIX_SUCCESS(ret, "get shared_region_pager_count before");
*43a90889SApple OSS Distributions	T_QUIET; T_EXPECT_GE_INT(before_regions, 1, "invalid before number of regions");
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	ret = my_system("./sr_entitlement_helper");
*43a90889SApple OSS Distributions	if (ret != 0) {
*43a90889SApple OSS Distributions		T_ASSERT_FAIL("Couldn't run helper first time ret = %d", ret);
*43a90889SApple OSS Distributions	}
*43a90889SApple OSS Distributions
*43a90889SApple OSS Distributions	T_EXPECT_GT_INT(after_regions, before_regions, "expected additional SR pagers after running helper");
*43a90889SApple OSS Distributions}