Improve upon the new pledge command

test/libc/mem/pledge_test.c

@@ -46,6 +46,7 @@
 #include "libc/sysv/consts/sig.h"
 #include "libc/sysv/consts/sock.h"
 #include "libc/testlib/testlib.h"
+#include "libc/thread/spawn.h"
 
 char testlib_enable_tmp_setup_teardown;
 
@@ -60,15 +61,40 @@ void SetUp(void) {
 }
 
 TEST(pledge, default_allowsExit) {
+  int *job;
   int ws, pid;
-  ASSERT_NE(-1, (pid = fork()));
+  // create small shared memory region
+  ASSERT_NE(-1, (job = mmap(0, FRAMESIZE, PROT_READ | PROT_WRITE,
+                            MAP_SHARED | MAP_ANONYMOUS, -1, 0)));
+  job[0] = 2;  // create workload
+  job[1] = 2;
+  ASSERT_NE(-1, (pid = fork()));  // create enclaved worker
   if (!pid) {
     ASSERT_SYS(0, 0, pledge("", 0));
+    job[0] = job[0] + job[1];  // do work
     _Exit(0);
   }
-  EXPECT_NE(-1, wait(&ws));
+  EXPECT_NE(-1, wait(&ws));  // wait for worker
   EXPECT_TRUE(WIFEXITED(ws));
   EXPECT_EQ(0, WEXITSTATUS(ws));
+  EXPECT_EQ(4, job[0]);  // check result
+  EXPECT_SYS(0, 0, munmap(job, FRAMESIZE));
+}
+
+int Enclave(void *arg, int tid) {
+  ASSERT_SYS(0, 0, pledge("", 0));
+  int *job = arg;            // get job
+  job[0] = job[0] + job[1];  // do work
+  return 0;                  // exit
+}
+
+TEST(pledge, withThreadMemory) {
+  if (IsOpenbsd()) return;  // openbsd doesn't allow it, wisely
+  struct spawn worker;
+  int job[2] = {2, 2};                              // create workload
+  ASSERT_SYS(0, 0, _spawn(Enclave, job, &worker));  // create worker
+  ASSERT_SYS(0, 0, _join(&worker));                 // wait for exit
+  EXPECT_EQ(4, job[0]);                             // check result
 }
 
 TEST(pledge, stdio_forbidsOpeningPasswd1) {

test/libc/mem/test.mk

@@ -42,6 +42,7 @@ TEST_LIBC_MEM_DIRECTDEPS =					\
 	LIBC_STR						\
 	LIBC_STUBS						\
 	LIBC_SYSV						\
+	LIBC_THREAD						\
 	LIBC_TESTLIB						\
 	THIRD_PARTY_DLMALLOC					\
 	THIRD_PARTY_LIBCXX

test/libc/nexgen32e/stackrw_test.c

@@ -0,0 +1,59 @@
+/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
+│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8                                :vi│
+╞══════════════════════════════════════════════════════════════════════════════╡
+│ Copyright 2022 Justine Alexandra Roberts Tunney                              │
+│                                                                              │
+│ Permission to use, copy, modify, and/or distribute this software for         │
+│ any purpose with or without fee is hereby granted, provided that the         │
+│ above copyright notice and this permission notice appear in all copies.      │
+│                                                                              │
+│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL                │
+│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED                │
+│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE             │
+│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL         │
+│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR        │
+│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER               │
+│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
+│ PERFORMANCE OF THIS SOFTWARE.                                                │
+╚─────────────────────────────────────────────────────────────────────────────*/
+#include "libc/calls/struct/sigaction.h"
+#include "libc/intrin/kprintf.h"
+#include "libc/runtime/runtime.h"
+#include "libc/sysv/consts/sa.h"
+#include "libc/sysv/consts/sig.h"
+#include "libc/testlib/testlib.h"
+
+/**
+ * @fileoverview test non-executable stack is default
+ */
+
+jmp_buf jb;
+
+void EscapeSegfault(int sig) {
+  longjmp(jb, 666);
+}
+
+TEST(xstack, test) {
+  struct sigaction old[2];
+  struct sigaction sa = {
+      .sa_handler = EscapeSegfault,
+      .sa_flags = SA_NODEFER,
+  };
+  sigaction(SIGSEGV, &sa, old + 0);
+  sigaction(SIGBUS, &sa, old + 1);
+  char code[16] = {
+      0x55,                          // push %rbp
+      0xb8, 0007, 0x00, 0x00, 0x00,  // mov  $7,%eax
+      0x5d,                          // push %rbp
+      0xc3,                          // ret
+  };
+  int (*func)(void) = (void *)code;
+  int rc;
+  if (!(rc = setjmp(jb))) {
+    func();
+    abort();
+  }
+  ASSERT_EQ(666, rc);
+  sigaction(SIGBUS, old + 1, 0);
+  sigaction(SIGSEGV, old + 0, 0);
+}

test/libc/nexgen32e/stackrwx_test.c

@@ -0,0 +1,41 @@
+/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
+│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8                                :vi│
+╞══════════════════════════════════════════════════════════════════════════════╡
+│ Copyright 2022 Justine Alexandra Roberts Tunney                              │
+│                                                                              │
+│ Permission to use, copy, modify, and/or distribute this software for         │
+│ any purpose with or without fee is hereby granted, provided that the         │
+│ above copyright notice and this permission notice appear in all copies.      │
+│                                                                              │
+│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL                │
+│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED                │
+│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE             │
+│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL         │
+│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR        │
+│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER               │
+│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
+│ PERFORMANCE OF THIS SOFTWARE.                                                │
+╚─────────────────────────────────────────────────────────────────────────────*/
+#include "libc/runtime/runtime.h"
+#include "libc/runtime/stack.h"
+#include "libc/str/str.h"
+#include "libc/sysv/consts/map.h"
+#include "libc/sysv/consts/prot.h"
+#include "libc/testlib/testlib.h"
+
+/**
+ * @fileoverview tests executable stack
+ */
+
+STATIC_EXEC_STACK();
+
+TEST(xstack, test) {
+  char code[16] = {
+      0x55,                          // push %rbp
+      0xb8, 0007, 0x00, 0x00, 0x00,  // mov  $7,%eax
+      0x5d,                          // push %rbp
+      0xc3,                          // ret
+  };
+  int (*func)(void) = (void *)code;
+  ASSERT_EQ(7, func());
+}

test/libc/nexgen32e/test.mk

@@ -37,10 +37,12 @@ TEST_LIBC_NEXGEN32E_DIRECTDEPS =				\
 	LIBC_STDIO						\
 	LIBC_STR						\
 	LIBC_STUBS						\
+	LIBC_SYSV						\
 	LIBC_TESTLIB						\
 	LIBC_UNICODE						\
 	LIBC_X							\
-	TOOL_VIZ_LIB
+	TOOL_VIZ_LIB						\
+	THIRD_PARTY_XED
 
 TEST_LIBC_NEXGEN32E_DEPS :=					\
 	$(call uniq,$(foreach x,$(TEST_LIBC_NEXGEN32E_DIRECTDEPS),$($(x))))
@@ -58,6 +60,13 @@ o/$(MODE)/test/libc/nexgen32e/%.com.dbg:			\
 		$(APE_NO_MODIFY_SELF)
 	@$(APELINK)
 
+# we can't run this test on openbsd because rwx memory isn't allowed
+o/$(MODE)/test/libc/nexgen32e/stackrwx_test.com.ok:		\
+		o/$(MODE)/tool/build/runit.com			\
+		o/$(MODE)/tool/build/runitd.com			\
+		o/$(MODE)/test/libc/nexgen32e/stackrwx_test.com
+	@$(COMPILE) -ATEST -tT$@ $^ $(filter-out openbsd,$(HOSTS))
+
 $(TEST_LIBC_NEXGEN32E_OBJS):					\
 	DEFAULT_CCFLAGS +=					\
 		-fno-builtin