A test for W|X ^ syscall prevention, which is difficult to incorporate

properly into regress, because the wxneeded binary must be executed
from a wxallowed filesystem..

2 files changed, 36 insertions, 0 deletions

diff --git a/regress/sys/uvm/wx_syscall/Makefile b/regress/sys/uvm/wx_syscall/Makefile
new file mode 100644
index 00000000000..e1b51c3ccda
--- /dev/null
+++ b/regress/sys/uvm/wx_syscall/Makefile
@@ -0,0 +1,11 @@
+#	$OpenBSD: Makefile,v 1.1 2019/05/30 18:11:06 deraadt Exp $
+
+# The regression test binary must be run on a wxallowed filesystem
+# to verify correct behaviour (it should crash)
+# Doing that isn't simple.  Place the binary temporarily in /usr/local
+# if it has wxneeded?  Maybe make a vnd with a filesystem, and mount that?
+
+LDFLAGS+=-z wxneeded
+PROG=	wx_syscall
+
+.include <bsd.regress.mk>
diff --git a/regress/sys/uvm/wx_syscall/wx_syscall.c b/regress/sys/uvm/wx_syscall/wx_syscall.c
new file mode 100644
index 00000000000..a0fa7bbdc44
--- /dev/null
+++ b/regress/sys/uvm/wx_syscall/wx_syscall.c
@@ -0,0 +1,25 @@
+#include <sys/param.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <errno.h>
+
+int
+main()
+{
+	vaddr_t o = (vaddr_t)flock;
+	int psz = getpagesize();
+
+	printf("%llx\n", (long long)flock);
+	if (mprotect((void *)(o & ~(psz-1)), psz,
+	    PROT_EXEC|PROT_WRITE|PROT_READ) == -1 &&
+	    errno == ENOTSUP) {
+		printf("mprotect -> ENOTSUP?  Please run from wxallowed filesystem\n");
+		exit(0);
+	}
+	flock(0, 0);
+
+	printf("performing syscall succeeded.  Should have been killed.\n");
+}