1 #!/bin/bash
2 # Milestone-1 verification for the secure allocator.
3 #
4 # Builds tests/secalloc/main.go, runs the binary, and verifies:
5 # - the process was killed by SIGSEGV (not a clean exit)
6 # - "WROTE_SECRET" appeared on stdout (so the write-the-pattern step ran)
7 # - "MOXIE_SECALLOC_LOCKDOWN" appeared on stderr (the signal-handler notify ran)
8 # - "UNREACHABLE" did NOT appear (the faulting load did not resume)
9 # - the raw secret pattern does NOT appear anywhere in stdout/stderr
10 set -euo pipefail
11 12 MOXIEROOT="${MOXIEROOT:-$(cd "$(dirname "$0")/../.." && pwd)}"
13 MOXIE="${MOXIE:-$MOXIEROOT/moxie}"
14 TMPDIR=$(mktemp -d)
15 trap "rm -rf $TMPDIR" EXIT
16 17 export PATH="/usr/lib/llvm19/bin:$PATH"
18 export MOXIEROOT
19 20 BIN="$TMPDIR/secalloc_test"
21 22 # moxie's package resolver requires the source path to be a relative
23 # `./...` path from the current directory. Build from MOXIEROOT.
24 cd "$MOXIEROOT"
25 26 if ! "$MOXIE" build -o "$BIN" ./tests/secalloc 2>"$TMPDIR/build.err"; then
27 echo "FAIL secalloc: compilation failed"
28 cat "$TMPDIR/build.err"
29 exit 1
30 fi
31 32 # Run the test binary, capturing stdout, stderr, and exit status separately.
33 # bash prints "Segmentation fault" to its own stderr when a child dies on
34 # a signal; we wrap the run in a child bash so we can swallow that one
35 # line via the wrapper's own stderr redirection. Don't let bash -e trip
36 # on the expected non-zero exit.
37 set +e
38 bash -c "\"$BIN\" >\"$TMPDIR/stdout\" 2>\"$TMPDIR/stderr\"" 2>/dev/null
39 rc=$?
40 set -e
41 42 stdout=$(cat "$TMPDIR/stdout")
43 stderr=$(cat "$TMPDIR/stderr")
44 45 fail=0
46 47 # 139 = 128 + SIGSEGV(11). Bash reports signalled deaths via 128+sig.
48 if [ "$rc" -ne 139 ]; then
49 echo "FAIL secalloc: expected exit 139 (SIGSEGV), got $rc"
50 fail=1
51 fi
52 53 if ! echo "$stdout" | grep -q "WROTE_SECRET"; then
54 echo "FAIL secalloc: expected WROTE_SECRET on stdout"
55 fail=1
56 fi
57 58 if echo "$stdout" | grep -q "UNREACHABLE"; then
59 echo "FAIL secalloc: UNREACHABLE appeared on stdout (guard page did not fire)"
60 fail=1
61 fi
62 63 if ! echo "$stderr" | grep -q "MOXIE_SECALLOC_LOCKDOWN"; then
64 echo "FAIL secalloc: expected MOXIE_SECALLOC_LOCKDOWN on stderr"
65 fail=1
66 fi
67 68 # The raw secret must never leak to either stream.
69 if echo "$stdout$stderr" | grep -q "MOXIE_SECRET_PAYLOAD"; then
70 echo "FAIL secalloc: raw secret pattern leaked into stdout/stderr"
71 fail=1
72 fi
73 74 if [ "$fail" -eq 0 ]; then
75 echo "OK secalloc (SIGSEGV + lockdown notify, secret sealed)"
76 exit 0
77 fi
78 79 echo "--- stdout ---"
80 echo "$stdout"
81 echo "--- stderr ---"
82 echo "$stderr"
83 exit 1
84