2018-11-16 22:15:23 +01:00
/*
2018-11-19 17:16:36 +01:00
* Copyright ( C ) 2018 Red Hat , Inc . All rights reserved .
*
* This file is part of LVM2 .
*
* This copyrighted material is made available to anyone wishing to use ,
* modify , copy , or redistribute it subject to the terms and conditions
* of the GNU General Public License v .2 .
*
* You should have received a copy of the GNU General Public License
* along with this program ; if not , write to the Free Software Foundation ,
* Inc . , 51 Franklin Street , Fifth Floor , Boston , MA 02110 - 1301 USA
*
2018-11-16 22:15:23 +01:00
* Test sample code to check for leftovers from secure table loading in
2018-11-19 17:16:36 +01:00
* userspace memory ( initial sample provided by Milan Broz ) .
2018-11-16 22:15:23 +01:00
*
* Compile with : gcc - O2 - g - o tst dmcrypt . c - ldevmapper
*
* Search for string in coredump ( needs ' raise ' , or using ' gcore ' tool )
*
* grep " 434e0cbab02ca68ffba9268222c3789d703fe62427b78b308518b3228f6a2122 " core
*
*/
2018-11-17 01:38:39 +01:00
# include "device_mapper/all.h"
2018-11-17 01:11:13 +01:00
2018-11-16 22:15:23 +01:00
# include <unistd.h>
# include <signal.h>
/* Comment out this define to get coredump instead of sleeping */
# define SLEEP 1
static void rot13 ( char * s )
{
unsigned i ;
for ( i = 0 ; s [ i ] ; i + + )
if ( s [ i ] > = ' a ' & & s [ i ] < = ' m ' )
s [ i ] + = 13 ;
else if ( s [ i ] > = ' n ' & & s [ i ] < = ' z ' )
s [ i ] - = 13 ;
}
int main ( int argc , char * argv [ ] )
{
const unsigned sz = 8192 ;
/* rot13: 434e0cbab02ca68ffba9268222c3789d703fe62427b78b308518b3228f6a2122 */
char aes [ ] = " 434r0pono02pn68sson9268222p3789q703sr62427o78o308518o3228s6n2122 " ;
const char * device = ( argc > 1 ) ? argv [ 1 ] : " /dev/loop0 " ; /* device for use */
const char * devname = ( argc > 2 ) ? argv [ 2 ] : " test-secure " ; /* name of dm device */
2019-12-10 13:40:56 +01:00
const char * cipher = ( argc > 3 ) ? argv [ 3 ] : " aes-xts-plain64 " ; /* name of dm device */
2018-11-16 22:15:23 +01:00
uint32_t cookie = 0 ;
char table [ 300 ] ;
struct dm_task * dmt ;
if ( geteuid ( ) ! = 0 ) {
fprintf ( stderr , " Needs root UID for execution! \n " ) ;
exit ( 1 ) ;
}
printf ( " Going to create %s dm device using backend device: %s \n " , devname , device ) ;
if ( ( dmt = dm_task_create ( DM_DEVICE_CREATE ) ) ) {
( void ) dm_task_set_name ( dmt , devname ) ;
( void ) dm_task_secure_data ( dmt ) ;
rot13 ( aes ) ;
2019-12-10 13:40:56 +01:00
snprintf ( table , sizeof ( table ) , " %s %s 0 %s %u " , cipher , aes , device , sz ) ;
2018-11-16 22:15:23 +01:00
memset ( aes , 0 , sizeof ( aes ) ) ;
( void ) dm_task_add_target ( dmt , 0 , sz , " crypt " , table ) ;
memset ( table , 0 , sizeof ( table ) ) ;
asm volatile ( " " : : : " memory " ) ; /* Compiler barrier. */
( void ) dm_task_set_cookie ( dmt , & cookie , DM_UDEV_DISABLE_LIBRARY_FALLBACK ) ;
( void ) dm_task_run ( dmt ) ;
( void ) dm_task_destroy ( dmt ) ;
2019-12-10 13:40:56 +01:00
( void ) dm_udev_wait ( cookie ) ; /* Finish udev processing */
2018-11-16 22:15:23 +01:00
}
/* At this point there should be no memory trace from a secure table line */
# ifdef SLEEP
sleep ( 4 ) ; /* Give time to other process to capture 'gcore pid' */
# else
raise ( SIGABRT ) ; /* Generate core for search of any forgotten traces of key */
# endif
return 0 ;
}