mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-12 13:55:32 +00:00
8bfdbddd68
When you don't select CONFIG_UBSAN_TRAP, you get:
# echo ARRAY_BOUNDS > /sys/kernel/debug/provoke-crash/DIRECT
[ 102.265827] ================================================================================
[ 102.278433] UBSAN: array-index-out-of-bounds in drivers/misc/lkdtm/bugs.c:342:16
[ 102.287207] index 8 is out of range for type 'char [8]'
[ 102.298722] ================================================================================
[ 102.313712] lkdtm: FAIL: survived array bounds overflow!
[ 102.318770] lkdtm: Unexpected! This kernel (5.16.0-rc1-s3k-dev-01884-g720dcf79314a ppc) was built with CONFIG_UBSAN_BOUNDS=y
It is not correct because when CONFIG_UBSAN_TRAP is not selected
you can't expect array bounds overflow to kill the thread.
Modify the logic so that when the kernel is built with
CONFIG_UBSAN_BOUNDS but without CONFIG_UBSAN_TRAP, you get a warning
about CONFIG_UBSAN_TRAP not been selected instead.
This also require a fix of pr_expected_config(), otherwise the
following error is encountered.
CC drivers/misc/lkdtm/bugs.o
drivers/misc/lkdtm/bugs.c: In function 'lkdtm_ARRAY_BOUNDS':
drivers/misc/lkdtm/bugs.c:351:2: error: 'else' without a previous 'if'
351 | else
| ^~~~
Fixes: c75be56e35 ("lkdtm/bugs: Add ARRAY_BOUNDS to selftests")
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/363b58690e907c677252467a94fe49444c80ea76.1649704381.git.christophe.leroy@csgroup.eu
170 lines
5.3 KiB
C
170 lines
5.3 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef __LKDTM_H
|
|
#define __LKDTM_H
|
|
|
|
#define pr_fmt(fmt) "lkdtm: " fmt
|
|
|
|
#include <linux/kernel.h>
|
|
|
|
extern char *lkdtm_kernel_info;
|
|
|
|
#define pr_expected_config(kconfig) \
|
|
do { \
|
|
if (IS_ENABLED(kconfig)) \
|
|
pr_err("Unexpected! This %s was built with " #kconfig "=y\n", \
|
|
lkdtm_kernel_info); \
|
|
else \
|
|
pr_warn("This is probably expected, since this %s was built *without* " #kconfig "=y\n", \
|
|
lkdtm_kernel_info); \
|
|
} while (0)
|
|
|
|
#ifndef MODULE
|
|
int lkdtm_check_bool_cmdline(const char *param);
|
|
#define pr_expected_config_param(kconfig, param) \
|
|
do { \
|
|
if (IS_ENABLED(kconfig)) { \
|
|
switch (lkdtm_check_bool_cmdline(param)) { \
|
|
case 0: \
|
|
pr_warn("This is probably expected, since this %s was built with " #kconfig "=y but booted with '" param "=N'\n", \
|
|
lkdtm_kernel_info); \
|
|
break; \
|
|
case 1: \
|
|
pr_err("Unexpected! This %s was built with " #kconfig "=y and booted with '" param "=Y'\n", \
|
|
lkdtm_kernel_info); \
|
|
break; \
|
|
default: \
|
|
pr_err("Unexpected! This %s was built with " #kconfig "=y (and booted without '" param "' specified)\n", \
|
|
lkdtm_kernel_info); \
|
|
} \
|
|
} else { \
|
|
switch (lkdtm_check_bool_cmdline(param)) { \
|
|
case 0: \
|
|
pr_warn("This is probably expected, as this %s was built *without* " #kconfig "=y and booted with '" param "=N'\n", \
|
|
lkdtm_kernel_info); \
|
|
break; \
|
|
case 1: \
|
|
pr_err("Unexpected! This %s was built *without* " #kconfig "=y but booted with '" param "=Y'\n", \
|
|
lkdtm_kernel_info); \
|
|
break; \
|
|
default: \
|
|
pr_err("This is probably expected, since this %s was built *without* " #kconfig "=y (and booted without '" param "' specified)\n", \
|
|
lkdtm_kernel_info); \
|
|
break; \
|
|
} \
|
|
} \
|
|
} while (0)
|
|
#else
|
|
#define pr_expected_config_param(kconfig, param) pr_expected_config(kconfig)
|
|
#endif
|
|
|
|
/* bugs.c */
|
|
void __init lkdtm_bugs_init(int *recur_param);
|
|
void lkdtm_PANIC(void);
|
|
void lkdtm_BUG(void);
|
|
void lkdtm_WARNING(void);
|
|
void lkdtm_WARNING_MESSAGE(void);
|
|
void lkdtm_EXCEPTION(void);
|
|
void lkdtm_LOOP(void);
|
|
void lkdtm_EXHAUST_STACK(void);
|
|
void lkdtm_CORRUPT_STACK(void);
|
|
void lkdtm_CORRUPT_STACK_STRONG(void);
|
|
void lkdtm_REPORT_STACK(void);
|
|
void lkdtm_REPORT_STACK_CANARY(void);
|
|
void lkdtm_UNALIGNED_LOAD_STORE_WRITE(void);
|
|
void lkdtm_SOFTLOCKUP(void);
|
|
void lkdtm_HARDLOCKUP(void);
|
|
void lkdtm_SPINLOCKUP(void);
|
|
void lkdtm_HUNG_TASK(void);
|
|
void lkdtm_OVERFLOW_SIGNED(void);
|
|
void lkdtm_OVERFLOW_UNSIGNED(void);
|
|
void lkdtm_ARRAY_BOUNDS(void);
|
|
void lkdtm_CORRUPT_LIST_ADD(void);
|
|
void lkdtm_CORRUPT_LIST_DEL(void);
|
|
void lkdtm_STACK_GUARD_PAGE_LEADING(void);
|
|
void lkdtm_STACK_GUARD_PAGE_TRAILING(void);
|
|
void lkdtm_UNSET_SMEP(void);
|
|
void lkdtm_DOUBLE_FAULT(void);
|
|
void lkdtm_CORRUPT_PAC(void);
|
|
|
|
/* heap.c */
|
|
void __init lkdtm_heap_init(void);
|
|
void __exit lkdtm_heap_exit(void);
|
|
void lkdtm_VMALLOC_LINEAR_OVERFLOW(void);
|
|
void lkdtm_SLAB_LINEAR_OVERFLOW(void);
|
|
void lkdtm_WRITE_AFTER_FREE(void);
|
|
void lkdtm_READ_AFTER_FREE(void);
|
|
void lkdtm_WRITE_BUDDY_AFTER_FREE(void);
|
|
void lkdtm_READ_BUDDY_AFTER_FREE(void);
|
|
void lkdtm_SLAB_INIT_ON_ALLOC(void);
|
|
void lkdtm_BUDDY_INIT_ON_ALLOC(void);
|
|
void lkdtm_SLAB_FREE_DOUBLE(void);
|
|
void lkdtm_SLAB_FREE_CROSS(void);
|
|
void lkdtm_SLAB_FREE_PAGE(void);
|
|
|
|
/* perms.c */
|
|
void __init lkdtm_perms_init(void);
|
|
void lkdtm_WRITE_RO(void);
|
|
void lkdtm_WRITE_RO_AFTER_INIT(void);
|
|
void lkdtm_WRITE_KERN(void);
|
|
void lkdtm_WRITE_OPD(void);
|
|
void lkdtm_EXEC_DATA(void);
|
|
void lkdtm_EXEC_STACK(void);
|
|
void lkdtm_EXEC_KMALLOC(void);
|
|
void lkdtm_EXEC_VMALLOC(void);
|
|
void lkdtm_EXEC_RODATA(void);
|
|
void lkdtm_EXEC_USERSPACE(void);
|
|
void lkdtm_EXEC_NULL(void);
|
|
void lkdtm_ACCESS_USERSPACE(void);
|
|
void lkdtm_ACCESS_NULL(void);
|
|
|
|
/* refcount.c */
|
|
void lkdtm_REFCOUNT_INC_OVERFLOW(void);
|
|
void lkdtm_REFCOUNT_ADD_OVERFLOW(void);
|
|
void lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW(void);
|
|
void lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW(void);
|
|
void lkdtm_REFCOUNT_DEC_ZERO(void);
|
|
void lkdtm_REFCOUNT_DEC_NEGATIVE(void);
|
|
void lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE(void);
|
|
void lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE(void);
|
|
void lkdtm_REFCOUNT_INC_ZERO(void);
|
|
void lkdtm_REFCOUNT_ADD_ZERO(void);
|
|
void lkdtm_REFCOUNT_INC_SATURATED(void);
|
|
void lkdtm_REFCOUNT_DEC_SATURATED(void);
|
|
void lkdtm_REFCOUNT_ADD_SATURATED(void);
|
|
void lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED(void);
|
|
void lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED(void);
|
|
void lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED(void);
|
|
void lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED(void);
|
|
void lkdtm_REFCOUNT_TIMING(void);
|
|
void lkdtm_ATOMIC_TIMING(void);
|
|
|
|
/* rodata.c */
|
|
void lkdtm_rodata_do_nothing(void);
|
|
|
|
/* usercopy.c */
|
|
void __init lkdtm_usercopy_init(void);
|
|
void __exit lkdtm_usercopy_exit(void);
|
|
void lkdtm_USERCOPY_HEAP_SIZE_TO(void);
|
|
void lkdtm_USERCOPY_HEAP_SIZE_FROM(void);
|
|
void lkdtm_USERCOPY_HEAP_WHITELIST_TO(void);
|
|
void lkdtm_USERCOPY_HEAP_WHITELIST_FROM(void);
|
|
void lkdtm_USERCOPY_STACK_FRAME_TO(void);
|
|
void lkdtm_USERCOPY_STACK_FRAME_FROM(void);
|
|
void lkdtm_USERCOPY_STACK_BEYOND(void);
|
|
void lkdtm_USERCOPY_KERNEL(void);
|
|
|
|
/* stackleak.c */
|
|
void lkdtm_STACKLEAK_ERASING(void);
|
|
|
|
/* cfi.c */
|
|
void lkdtm_CFI_FORWARD_PROTO(void);
|
|
|
|
/* fortify.c */
|
|
void lkdtm_FORTIFIED_OBJECT(void);
|
|
void lkdtm_FORTIFIED_SUBOBJECT(void);
|
|
void lkdtm_FORTIFIED_STRSCPY(void);
|
|
|
|
/* powerpc.c */
|
|
void lkdtm_PPC_SLB_MULTIHIT(void);
|
|
|
|
#endif
|