| commit | 2bc778addba9057817fa8c7ebd79848f5cd8388a | [log] [tgz] |
|---|---|---|
| author | Mattias Nissler <mnissler@chromium.org> | Mon May 28 14:35:51 2018 +0200 |
| committer | chrome-bot <chrome-bot@chromium.org> | Tue May 29 17:15:21 2018 -0700 |
| tree | 21b0b6b9fca80b4983e964802b48ff29cfe51482 | |
| parent | ad847b7159572f880e7394b9979c209e842e7299 [diff] |
security_ASLR: Stop using ps' -C flag in favor of pidof invocation
ps grabs the command name from /proc/${pid}/{comm,stat,status}, backed
by the task struct's comm buffer maintained in the kernel. This buffer
has been limited to 16 characters for a long time, but has been
enlarged recently.
Newer procps versions have followed suit and enlarged their buffers,
however in a backwards-incompatible way: If a new procps is running
against an old kernel, it'll receive only 16 bytes worth of comm.
Commands that overflow the comm buffer thus no longer match the larger
strings user space may compare against, e.g. somewhatlongercmd would
be returned by an old kernel as "somewhatlongercm", but ps -C
somewhatlongercmd wouldn't see it since comparison differs at the
final 'd' character, which the larger userspace buffer will now
detect.
Furthermore, note that the -C flag to ps has always been fragile since
ps would consider every process with a matching comm buffer a match,
but this only takes into account the 16 (now 64) character prefix of
the actual command (i.e. ps -C "somewhatlongercmd123" would have
matched "somewhatlongercmd" processes as well).
Given all this, switch the code to avoid ps' -C flag in favor of a
separate pidof invocation. pidof will consult /proc/${pid}/cmdline
instead, which hopefully will provide more robust results.
BUG=chromium:846262
TEST=Builds and passes tests.
Change-Id: I5c361b5659b1f2128138af6f6aa9d5fb2bb7a9d6
Reviewed-on: https://chromium-review.googlesource.com/1075187
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Autotest is a framework for fully automated testing. It was originally designed to test the Linux kernel, and expanded by the Chrome OS team to validate complete system images of Chrome OS and Android.
Autotest is composed of a number of modules that will help you to do stand alone tests or setup a fully automated test grid, depending on what you are up to. A non extensive list of functionality is:
A body of code to run tests on the device under test. In this setup, test logic executes on the machine being tested, and results are written to files for later collection from a development machine or lab infrastructure.
A body of code to run tests against a remote device under test. In this setup, test logic executes on a development machine or piece of lab infrastructure, and the device under test is controlled remotely via SSH/adb/some combination of the above.
Developer tools to execute one or more tests. test_that for Chrome OS and test_droid for Android allow developers to run tests against a device connected to their development machine on their desk. These tools are written so that the same test logic that runs in the lab will run at their desk, reducing the number of configurations under which tests are run.
Lab infrastructure to automate the running of tests. This infrastructure is capable of managing and running tests against thousands of devices in various lab environments. This includes code for both synchronous and asynchronous scheduling of tests. Tests are run against this hardware daily to validate every build of Chrome OS.
Infrastructure to set up miniature replicas of a full lab. A full lab does entail a certain amount of administrative work which isn't appropriate for a work group interested in automated tests against a small set of devices. Since this scale is common during device bringup, a special setup, called Moblab, allows a natural progressing from desk -> mini lab -> full lab.
See the guides to test_that and test_droid:
See the best practices guide, existing tests, and comments in the code.
git clone https://chromium.googlesource.com/chromiumos/third_party/autotest
See the coding style guide for guidance on submitting patches.
You need to run utils/build_externals.py to set up the dependencies for pre-upload hook tests.