blob: d1a5c0705be39587fe537103da8a22a7e128a2db (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
// SPDX-License-Identifier: GPL-2.0
/*
* This code tests that the current task stack is properly erased (filled
* with STACKLEAK_POISON).
*
* Authors:
* Alexander Popov <alex.popov@linux.com>
* Tycho Andersen <tycho@tycho.ws>
*/
#include "lkdtm.h"
#include <linux/stackleak.h>
void lkdtm_STACKLEAK_ERASING(void)
{
unsigned long *sp, left, found, i;
const unsigned long check_depth =
STACKLEAK_SEARCH_DEPTH / sizeof(unsigned long);
bool test_failed = false;
/*
* For the details about the alignment of the poison values, see
* the comment in stackleak_track_stack().
*/
sp = PTR_ALIGN(&i, sizeof(unsigned long));
left = ((unsigned long)sp & (THREAD_SIZE - 1)) / sizeof(unsigned long);
sp--;
/*
* One 'long int' at the bottom of the thread stack is reserved
* and not poisoned.
*/
if (left > 1) {
left--;
} else {
pr_err("FAIL: not enough stack space for the test\n");
test_failed = true;
goto end;
}
pr_info("checking unused part of the thread stack (%lu bytes)...\n",
left * sizeof(unsigned long));
/*
* Search for 'check_depth' poison values in a row (just like
* stackleak_erase() does).
*/
for (i = 0, found = 0; i < left && found <= check_depth; i++) {
if (*(sp - i) == STACKLEAK_POISON)
found++;
else
found = 0;
}
if (found <= check_depth) {
pr_err("FAIL: the erased part is not found (checked %lu bytes)\n",
i * sizeof(unsigned long));
test_failed = true;
goto end;
}
pr_info("the erased part begins after %lu not poisoned bytes\n",
(i - found) * sizeof(unsigned long));
/* The rest of thread stack should be erased */
for (; i < left; i++) {
if (*(sp - i) != STACKLEAK_POISON) {
pr_err("FAIL: bad value number %lu in the erased part: 0x%lx\n",
i, *(sp - i));
test_failed = true;
}
}
end:
if (test_failed) {
pr_err("FAIL: the thread stack is NOT properly erased\n");
dump_stack();
} else {
pr_info("OK: the rest of the thread stack is properly erased\n");
}
}
|
