diff options
| author | Christophe Leroy <christophe.leroy@csgroup.eu> | 2022-02-15 15:41:08 +0300 |
|---|---|---|
| committer | Michael Ellerman <mpe@ellerman.id.au> | 2022-02-16 15:25:12 +0300 |
| commit | 5e5a6c5441654d1b9e576ce4ca8a1759e701079e (patch) | |
| tree | d99c9937f48ccec679d26db730a591410f1e2297 /tools/testing/selftests/lkdtm | |
| parent | 72a86433049dcfe918886645ac3d19c1eaaa67ab (diff) | |
| download | linux-5e5a6c5441654d1b9e576ce4ca8a1759e701079e.tar.xz | |
lkdtm: Add a test for function descriptors protection
Add WRITE_OPD to check that you can't modify function
descriptors.
Gives the following result when function descriptors are
not protected:
lkdtm: Performing direct entry WRITE_OPD
lkdtm: attempting bad 16 bytes write at c00000000269b358
lkdtm: FAIL: survived bad write
lkdtm: do_nothing was hijacked!
Looks like a standard compiler barrier() is not enough to force
GCC to use the modified function descriptor. Had to add a fake empty
inline assembly to force GCC to reload the function descriptor.
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/7eeba50d16a35e9d799820e43304150225f20197.1644928018.git.christophe.leroy@csgroup.eu
Diffstat (limited to 'tools/testing/selftests/lkdtm')
| -rw-r--r-- | tools/testing/selftests/lkdtm/tests.txt | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/testing/selftests/lkdtm/tests.txt b/tools/testing/selftests/lkdtm/tests.txt index 6b36b7f5dcf9..243c781f0780 100644 --- a/tools/testing/selftests/lkdtm/tests.txt +++ b/tools/testing/selftests/lkdtm/tests.txt @@ -44,6 +44,7 @@ ACCESS_NULL WRITE_RO WRITE_RO_AFTER_INIT WRITE_KERN +WRITE_OPD REFCOUNT_INC_OVERFLOW REFCOUNT_ADD_OVERFLOW REFCOUNT_INC_NOT_ZERO_OVERFLOW |