linux-toradex.git/drivers/misc/lkdtm.c, branch v4.4.80 Linux kernel for Apalis and Colibri modules lkdtm: fix ACCESS_USERSPACE test 2015-10-29T00:02:16+00:00 Stephen Smalley sds@tycho.nsa.gov 2015-10-27T20:47:53+00:00 2cb202c1886ca363305fba82e340bdbd71387079 Add a copy_to_user() call to the ACCESS_USERSPACE test prior to attempting direct dereferencing of the user address to ensure the page is present. Otherwise, a fault occurs on arm kernels even prior to the introduction of CONFIG_CPU_SW_DOMAIN_PAN, and there is no difference in behavior for CONFIG_CPU_SW_DOMAIN_PAN=n vs CONFIG_CPU_SW_DOMAIN_PAN=y. Before this change, for any value of CONFIG_CPU_SW_DOMAIN_PAN: lkdtm: Performing direct entry ACCESS_USERSPACE lkdtm: attempting bad read at b6fe8000 Unable to handle kernel paging request at virtual address b6fe8000 After this change, for CONFIG_CPU_SW_DOMAIN_PAN=n: lkdtm: Performing direct entry ACCESS_USERSPACE lkdtm: attempting bad read at b6efc000 lkdtm: attempting bad write at b6efc000 After this change, for CONFIG_CPU_SW_DOMAIN_PAN=y: lkdtm: Performing direct entry ACCESS_USERSPACE lkdtm: attempting bad read at b6f7d000 Unhandled fault: page domain fault (0x01b) at 0xb6f7d000 ... Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Add a copy_to_user() call to the ACCESS_USERSPACE test
prior to attempting direct dereferencing of the user
address to ensure the page is present.  Otherwise,
a fault occurs on arm kernels even prior to the introduction
of CONFIG_CPU_SW_DOMAIN_PAN, and there is no difference in
behavior for CONFIG_CPU_SW_DOMAIN_PAN=n vs CONFIG_CPU_SW_DOMAIN_PAN=y.

Before this change, for any value of CONFIG_CPU_SW_DOMAIN_PAN:
lkdtm: Performing direct entry ACCESS_USERSPACE
lkdtm: attempting bad read at b6fe8000
Unable to handle kernel paging request at virtual address b6fe8000

After this change, for CONFIG_CPU_SW_DOMAIN_PAN=n:
lkdtm: Performing direct entry ACCESS_USERSPACE
lkdtm: attempting bad read at b6efc000
lkdtm: attempting bad write at b6efc000

After this change, for CONFIG_CPU_SW_DOMAIN_PAN=y:
lkdtm: Performing direct entry ACCESS_USERSPACE
lkdtm: attempting bad read at b6f7d000
Unhandled fault: page domain fault (0x01b) at 0xb6f7d000
...

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Add MODULE_DESCRIPTION to dummy-irq.c and lkdtm.c in drivers/misc 2014-07-09T21:19:34+00:00 Terry Chia terrycwk1994@gmail.com 2014-07-02T13:02:25+00:00 da86920f4a193c8d55cfcb006e2e74b4bfab21d0 This starts to address https://bugzilla.kernel.org/show_bug.cgi?id=10770 Signed-off-by: Terry Chia <terrycwk1994@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
This starts to address
https://bugzilla.kernel.org/show_bug.cgi?id=10770

Signed-off-by: Terry Chia <terrycwk1994@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: include cacheflush.h 2014-02-15T02:53:58+00:00 Kees Cook keescook@chromium.org 2014-02-14T23:58:50+00:00 1bc9fac3da9aa7569e70e9fda605281ef7e42b9f Some architectures need cacheflush.h explicitly included (mips) for use of flush_icache_range(): config: make ARCH=mips allmodconfig All error/warnings: >> ERROR: "flush_icache_range" undefined! Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Some architectures need cacheflush.h explicitly included (mips) for
use of flush_icache_range():

    config: make ARCH=mips allmodconfig
    All error/warnings:
    >> ERROR: "flush_icache_range" undefined!

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: add "WRITE_KERN" test 2014-02-14T20:30:20+00:00 Kees Cook keescook@chromium.org 2014-02-09T21:48:48+00:00 dc2b9e9069780774c01a06e0ea8dce0c705f1812 Add "WRITE_KERN" crash target to validate that kernel executable memory is not writable. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Add "WRITE_KERN" crash target to validate that kernel executable memory
is not writable.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: flush icache and report actions 2014-02-14T20:30:20+00:00 Kees Cook keescook@chromium.org 2014-02-09T21:48:47+00:00 aac416fc38cdfd45139a6917eb3f6b77cd00a24f Some CPUs explicitly need to have their icache flushed after making executable code copies for the memory region execution tests. Additionally, report the specific address targets being used so that debugging non-crash failures is easier. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Some CPUs explicitly need to have their icache flushed after making
executable code copies for the memory region execution tests.
Additionally, report the specific address targets being used so that
debugging non-crash failures is easier.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: convert to using pr_* for reports 2014-02-14T20:30:20+00:00 Kees Cook keescook@chromium.org 2014-02-09T21:48:46+00:00 feac6e2146ddc04626d7c1b32b33ff3acb26feee Move to using pr_* calls instead of printk calls for reporting. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Move to using pr_* calls instead of printk calls for reporting.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers: misc: Mark function jp_generic_ide_ioctl() as static in lkdtm.c 2013-12-19T00:41:52+00:00 Rashika Kheria rashika.kheria@gmail.com 2013-12-13T06:59:42+00:00 44629432670ce297f53702a0316a0e7bff0bd28d This patch marks the function jp_generic_ide_ioctl() as static in lkdtm.c because it is not used outside this file. Thus, it also eliminates the following warnings in lkdtm.c: drivers/misc/lkdtm.c:227:5: warning: no previous prototype for ‘jp_generic_ide_ioctl’ [-Wmissing-prototypes] Signed-off-by: Rashika Kheria <rashika.kheria@gmail.com> Reviewed-by: Josh Triplett <josh@joshtriplett.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
This patch marks the function jp_generic_ide_ioctl() as static in
lkdtm.c because it is not used outside this file.

Thus, it also eliminates the following warnings in lkdtm.c:
drivers/misc/lkdtm.c:227:5: warning: no previous prototype for ‘jp_generic_ide_ioctl’ [-Wmissing-prototypes]

Signed-off-by: Rashika Kheria <rashika.kheria@gmail.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: clean up sparse warnings 2013-12-09T06:39:51+00:00 Kees Cook keescook@chromium.org 2013-11-11T19:23:49+00:00 5123662adc873f9a37d7898fe3c285a1f1af59c8 Since lkdtm intentionally does "bad" things, we need to convince sparse that we're doing these things on purpose. This adds an explicit cast to the call to copy_to_user() and marks the spin lock as expecting to dead-lock. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Since lkdtm intentionally does "bad" things, we need to convince sparse
that we're doing these things on purpose. This adds an explicit cast
to the call to copy_to_user() and marks the spin lock as expecting
to dead-lock.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: add tests for additional page permissions 2013-10-29T23:13:39+00:00 Kees Cook keescook@chromium.org 2013-10-24T16:25:57+00:00 9ae113ce5faf1c74af1ee71b5ef7d04b6b06b063 Testing execution and access of userspace from the kernel is needed for validating things like Intel's SMEP and SMAP protections. Additionally, add an explicit test for validating that RO page permissions have been set for the RO data area. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Testing execution and access of userspace from the kernel is needed for
validating things like Intel's SMEP and SMAP protections. Additionally,
add an explicit test for validating that RO page permissions have been
set for the RO data area.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lkdtm: adjust recursion size to avoid warnings 2013-10-29T23:13:39+00:00 Kees Cook keescook@chromium.org 2013-10-24T16:25:39+00:00 7d196ac303652588c60350f0a581d71e2e7b1a50 When CONFIG_FRAME_WARN is set low (e.g. some ARM builds), the hard-coded stack buffer size used for kernel stack over run testing triggers build warnings. Instead, avoid the warning by recalcuating the buffer size and recursion count needed to trigger the test. Also uses the recursion counter indirectly to avoid changing the parameter during the test. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
When CONFIG_FRAME_WARN is set low (e.g. some ARM builds), the hard-coded
stack buffer size used for kernel stack over run testing triggers build
warnings. Instead, avoid the warning by recalcuating the buffer size and
recursion count needed to trigger the test. Also uses the recursion counter
indirectly to avoid changing the parameter during the test.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>