diff options
| author |   Kees Cook <keescook@chromium.org> | 2017-03-24 10:51:25 -0700 |
|---|---|---|
| committer |   Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-04-08 17:56:02 +0200 |
| commit | e22aa9d781a27a961581c57442911309fb86a48e (patch) | |
| tree | 96f46cc8f24081f40bdbd41c1a4457258cb75e3b /drivers/misc/lkdtm.h | |
| parent | drivers: char: misc: Replace printk with pr_err. (diff) | |
| download | wireguard-linux-e22aa9d781a27a961581c57442911309fb86a48e.tar.xz wireguard-linux-e22aa9d781a27a961581c57442911309fb86a48e.zip | |
lkdtm: add bad USER_DS test
This adds CORRUPT_USER_DS to check that the get_fs() test on syscall
return (via __VERIFY_PRE_USERMODE_STATE) still sees USER_DS. Since
trying to deal with values other than USER_DS and KERNEL_DS across all
architectures in a safe way is not sensible, this sets KERNEL_DS, but
since that could be extremely dangerous if the protection is not present,
it also raises SIGKILL for current, so that no matter what, the process
will die. A successful test will be visible with a BUG(), like all the
other LKDTM tests.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/misc/lkdtm.h')
| -rw-r--r-- | drivers/misc/lkdtm.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/misc/lkdtm.h b/drivers/misc/lkdtm.h index 67d27be60405..3b4976396ec4 100644 --- a/drivers/misc/lkdtm.h +++ b/drivers/misc/lkdtm.h @@ -27,6 +27,7 @@ void lkdtm_REFCOUNT_ZERO_SUB(void); void lkdtm_REFCOUNT_ZERO_ADD(void); void lkdtm_CORRUPT_LIST_ADD(void); void lkdtm_CORRUPT_LIST_DEL(void); +void lkdtm_CORRUPT_USER_DS(void); /* lkdtm_heap.c */ void lkdtm_OVERWRITE_ALLOCATION(void); |