run.sh raw

   1  #!/bin/bash
   2  # Milestone-3.2 verification: SecureRotate primitive.
   3  #
   4  # Builds tests/secalloc-rotate/main.go and runs the binary. The program
   5  # allocates a secret, rotates it to a fresh mapping, verifies contents
   6  # survived, then reads the old (now-unmapped) base to trigger a SIGSEGV.
   7  #
   8  # Verifies:
   9  #   - the program dies from SIGSEGV (not a clean exit)
  10  #   - stdout contains BEFORE_ROTATE and ROTATED_OK
  11  #   - stderr contains MOXIE_SECALLOC_LOCKDOWN (wipe+notify still works
  12  #     after rotation)
  13  #   - the raw secret pattern does NOT appear anywhere
  14  set -euo pipefail
  15  
  16  MOXIEROOT="${MOXIEROOT:-$(cd "$(dirname "$0")/../.." && pwd)}"
  17  MOXIE="${MOXIE:-$MOXIEROOT/moxie}"
  18  TMPDIR=$(mktemp -d)
  19  trap "rm -rf $TMPDIR" EXIT
  20  
  21  export PATH="/usr/lib/llvm19/bin:$PATH"
  22  export MOXIEROOT
  23  
  24  BIN="$TMPDIR/secalloc_rotate_test"
  25  
  26  cd "$MOXIEROOT"
  27  
  28  if ! "$MOXIE" build -o "$BIN" ./tests/secalloc-rotate 2>"$TMPDIR/build.err"; then
  29      echo "FAIL secalloc-rotate: compilation failed"
  30      cat "$TMPDIR/build.err"
  31      exit 1
  32  fi
  33  
  34  set +e
  35  "$BIN" >"$TMPDIR/stdout" 2>"$TMPDIR/stderr"
  36  rc=$?
  37  set -e
  38  
  39  stdout=$(cat "$TMPDIR/stdout")
  40  stderr=$(cat "$TMPDIR/stderr")
  41  
  42  fail=0
  43  
  44  # 139 = 128 + 11 (SIGSEGV). Any signalled death (128+) is acceptable —
  45  # some shells deliver the signal via a wrapper.
  46  if [ "$rc" -lt 128 ]; then
  47      echo "FAIL secalloc-rotate: expected signalled death, got rc=$rc"
  48      fail=1
  49  fi
  50  
  51  if ! echo "$stdout" | grep -q "BEFORE_ROTATE"; then
  52      echo "FAIL secalloc-rotate: missing BEFORE_ROTATE marker"
  53      fail=1
  54  fi
  55  
  56  if ! echo "$stdout" | grep -q "ROTATED_OK"; then
  57      echo "FAIL secalloc-rotate: missing ROTATED_OK marker"
  58      fail=1
  59  fi
  60  
  61  if ! echo "$stdout" | grep -q "MULTI_ROTATED_OK"; then
  62      echo "FAIL secalloc-rotate: multi-rotate did not complete (slot reuse?)"
  63      fail=1
  64  fi
  65  
  66  if echo "$stdout" | grep -q "UNREACHABLE"; then
  67      echo "FAIL secalloc-rotate: reached UNREACHABLE (read of unmapped base did not fault)"
  68      fail=1
  69  fi
  70  
  71  if ! echo "$stderr" | grep -q "MOXIE_SECALLOC_LOCKDOWN"; then
  72      echo "FAIL secalloc-rotate: missing lockdown marker on stderr"
  73      fail=1
  74  fi
  75  
  76  if echo "$stdout$stderr" | grep -q "MOXIE_SECRET_PAYLOAD"; then
  77      echo "FAIL secalloc-rotate: raw secret pattern leaked"
  78      fail=1
  79  fi
  80  
  81  if [ "$fail" -eq 0 ]; then
  82      echo "OK   secalloc-rotate (fresh mapping, old arena unmapped)"
  83      exit 0
  84  fi
  85  
  86  echo "--- stdout ---"
  87  echo "$stdout"
  88  echo "--- stderr ---"
  89  echo "$stderr"
  90  exit 1
  91