mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 14:14:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/misc
History
Amit Daniel Kachhap 6cb6982f42 lkdtm: arm64: test kernel pointer authentication 
This test is specific for arm64. When in-kernel Pointer Authentication
config is enabled, the return address stored in the stack is signed.
This feature helps in ROP kind of attack. If any parameters used to
generate the pac (<key, sp, lr>) is modified then this will fail in
the authentication stage and will lead to abort.

This test changes the input parameter APIA kernel keys to cause abort.
The pac computed from the new key can be same as last due to hash
collision so this is retried for few times as there is no reliable way
to compare the pacs. Even though this test may fail even after retries
but this may cause authentication failure at a later stage in earlier
function returns.

This test can be invoked as,
echo CORRUPT_PAC > /sys/kernel/debug/provoke-crash/DIRECT

or as below if inserted as a module,
insmod lkdtm.ko cpoint_name=DIRECT cpoint_type=CORRUPT_PAC cpoint_count=1

[   13.118166] lkdtm: Performing direct entry CORRUPT_PAC
[   13.118298] lkdtm: Clearing PAC from the return address
[   13.118466] Unable to handle kernel paging request at virtual address bfff8000108648ec
[   13.118626] Mem abort info:
[   13.118666]   ESR = 0x86000004
[   13.118866]   EC = 0x21: IABT (current EL), IL = 32 bits
[   13.118966]   SET = 0, FnV = 0
[   13.119117]   EA = 0, S1PTW = 0

Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2020-03-18 09:50:21 +00:00
..
altera-stapl
c2port
cardreader Char/Misc driver changes for 5.6-rc1 2020-01-29 10:35:54 -08:00
cb710
cxl misc: cxl: use mmgrab 2020-01-16 14:59:36 +10:00
echo
eeprom misc: eeprom: at24: support pm_runtime control 2020-01-23 12:52:57 +01:00
genwqe misc: genwqe: fix compile warnings 2020-01-14 15:06:06 +01:00
habanalabs habanalabs: patched cb equals user cb in device memset 2020-02-11 11:12:47 +02:00
ibmasm
lis3lv02d lis3lv02d: switch to using input device polling mode 2019-10-10 15:24:19 +02:00
lkdtm lkdtm: arm64: test kernel pointer authentication 2020-03-18 09:50:21 +00:00
mei mei: me: add jasper point DID 2020-01-24 09:33:58 +01:00
mic Char/Misc driver changes for 5.6-rc1 2020-01-29 10:35:54 -08:00
ocxl ocxl: Add PCI hotplug dependency to Kconfig 2020-01-23 21:31:18 +11:00
sgi-gru proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
sgi-xp netdev: pass the stuck queue to the timeout handler 2019-12-12 21:38:57 -08:00
ti-st drivers/misc: ti-st: remove redundant assignment to variables i and flags 2020-01-14 15:16:51 +01:00
vmw_vmci compat_ioctl: remove most of fs/compat_ioctl.c 2019-12-01 13:46:15 -08:00
ad525x_dpot-i2c.c
ad525x_dpot-spi.c
ad525x_dpot.c
ad525x_dpot.h
apds990x.c
apds9802als.c
atmel-ssc.c
atmel_tclib.c misc: atmel_tclib: use devm_platform_ioremap_resource() to simplify code 2019-10-10 15:24:19 +02:00
bh1770glc.c
cs5535-mfgpt.c
ds1682.c
dummy-irq.c
enclosure.c scsi: enclosure: Fix stale device oops with hot replug 2020-01-10 01:38:40 -05:00
fastrpc.c drm-misc-next for v5.6: 2019-12-17 13:57:54 +01:00
hmc6352.c
hpilo.c
hpilo.h misc: Use the correct style for SPDX License Identifier 2019-10-10 15:34:40 +02:00
ibmvmc.c
ibmvmc.h misc: Use the correct style for SPDX License Identifier 2019-10-10 15:34:40 +02:00
ics932s401.c
isl29003.c
isl29020.c misc: isl29020: add missed pm_runtime_disable 2020-01-14 15:06:07 +01:00
Kconfig misc: Fix Kconfig indentation 2019-11-20 15:09:49 +01:00
kgdbts.c
lattice-ecp3-config.c
Makefile
pch_phub.c
pci_endpoint_test.c PCI: Add PCI_STD_NUM_BARS for the number of standard BARs 2019-10-14 10:22:26 -05:00
phantom.c
pti.c Char/Misc driver changes for 5.6-rc1 2020-01-29 10:35:54 -08:00
pvpanic.c misc: pvpanic: add crash loaded event 2020-01-14 15:07:37 +01:00
qcom-coincell.c
sram-exec.c drivers/misc: sram-exec: have the callers of set_memory_*() check the return value 2020-01-14 15:06:06 +01:00
sram.c misc: sram: use devm_platform_ioremap_resource_wc() 2019-11-05 18:32:47 +01:00
sram.h
tifm_7xx1.c
tifm_core.c
tsl2550.c misc: tsl2550: remove redundant initialization to variable r 2020-01-14 15:16:51 +01:00
vexpress-syscfg.c
vmw_balloon.c vmw_balloon: Explicitly include linux/io.h for virt_to_phys() 2019-12-10 10:15:48 +01:00
xilinx_sdfec.c misc: xilinx_sdfec: fix xsdfec_poll()'s return type 2020-01-14 15:16:51 +01:00